Премини към съдържанието

Препоръчан отговор


Здравейте на всички! Ще гледам да съм максимално кратък и ще карам направо. Както виждате от заглавието на темата имам проблем с Хромиум. Като цяло проблемът ми е доста сходен с този : https://www.kaldata.com/forums/topic/270658-след-зареждане-на-windows-се-стартира-chromium/ . Същата работа е при мен. Преди около седмица си изтеглих BS Player, и от тогава се появи и този Chromium. BS Player-ът го изтеглих баш от сайта им, не от някакво измислено място, но явно и от там няма гаранция. Както и да е. Всеки път като се включи компютъра, било то след рестарт, или обикновено включване (това е само след пълно изключване на компютъра, когато го включа след "режим на готовност", този проблем го няма) веднага ми отваря Chromium и по-точно раздела history. На пръв поглед е все едно гледам Chrome, но не е. Отначало когато за пръв път се появи имаше историята от Chrome + каквито видео файлове съм пускал. Примерно влизал съм в еди си кой сайт, гледал съм еди си кой филм. Помъчих се да го деинсталирам обаче не става (ще приложа снимки какво точно ми излиза). blob.thumb.png.642792b19fa97cf0449fb0e65aef86c4.png

След като щракна върху Промени/премахни, пък ми излиза това: blob.thumb.png.7c608508e35f2593b8ced2850cdcfdaa.png

 И така до безкрайност. Писах "Chromium" в търсачката на компютъра (едно кученце). То търси, търси, чете някакви книжки, гледа с една лупа и накрая ми показа къде стоят файловете на този ми ти Chromium. Изтрих ги, нямаше никакъв ефект. После с Ctrl+alt+del влязох в "Процеси" и от там изтрих редовете на които пишеше chromium.exe. Тук беше и най-големият ми напредък, щото историята от Chrome + видео файловете отваряни откакто този компютър е станал компютър ги нямаше. Обаче остана това, че всеки път като включа компютъра и ми изкача нов прозорец в Chromium, ами освен това усещам как ми бави и самият Chrome - той е браузърът ми по подразбиране. Само да вметна, деинсталирах BS Player, Google Chrome, Mozilla Firefox, Avast също махнах за малко, барем се оправи, но не постигнах желаният от мен ефект. В темата която постнах по-горе от човека със същия проблем, пробвах да изтегля препоръчаният му fixlist, обаче ми дава грешка в страницата. Аз даже първо мислех, да си постна проблема там като коментар, ама викам айде да не спамя на човека темата, по-добре сякаш да отворя нова. Пък ако модераторите решат, че темата ми нещо е извън правилата, моля да бъда извинен за невежеството си. Та общо взето това е, бих се радвал на всякаква помощ. Лека вечер от мен!

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 11 часа, Stoyannnov написа:

 

Благодаря Серьожка! Изтеглих това от темата която ми даде, само че не разбрах дали 32 или 64 да изтегля и заложих на 32. Пък ако е трябвало 64 ще повторя процедурата. Сега ще постна txt. файловете.
 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 4-02-2019
Ran by PC (administrator) on ACER-71A12AA9FA (06-02-2019 11:27:15)
Running from C:\Documents and Settings\PC\Desktop
Loaded Profiles: PC (Available Profiles: PC)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINXP\system32\smss.exe
(Microsoft Corporation) C:\WINXP\system32\csrss.exe
(Microsoft Corporation) C:\WINXP\system32\winlogon.exe
(Microsoft Corporation) C:\WINXP\system32\services.exe
(Microsoft Corporation) C:\WINXP\system32\lsass.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\explorer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINXP\system32\spoolsv.exe
(Intel Corporation) C:\WINXP\system32\igfxtray.exe
(Intel Corporation) C:\WINXP\system32\hkcmd.exe
(Intel Corporation) C:\WINXP\system32\igfxpers.exe
(Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINXP\system32\ctfmon.exe
(Intel Corporation) C:\WINXP\system32\igfxsrvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\WINXP\Datecs\Flex2K.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Intel Corporation) C:\WINXP\system32\igfxext.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\alg.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [142104 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [162584 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [138008 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Alcmtr] => C:\WINXP\ALCMTR.EXE [69632 2005-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BroadcomWireless] => C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.)
HKLM\...\Run: [UnlockerAssistant] => "C:\Documents and Settings\PC\Desktop\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2007-06-05] (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\WgaLogon: 
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [GameXN GO] => "C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [Chromium] => c:\documents and settings\pc\local settings\application data\chromium\application\chrome.exe [666624 2015-07-30] (The Chromium Authors)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\MountPoints2: {8af1a440-cebe-11e8-a2a8-0017c42222d8} - F:\HiSuiteDownLoader.exe
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\MountPoints2: {f7dcb9c5-cf36-11e6-9251-0017c42222d8} - G:\Lenovo_Suite.exe
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.trspch] => C:\WINXP\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.)
HKLM\...\Drivers32: [vidc.I420] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv32] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv41] => C:\WINXP\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.msg723] => C:\WINXP\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M263] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M261] => C:\WINXP\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINXP\system32\msaud32.acm [282654 2010-09-16] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINXP\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINXP\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINXP\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\WINXP\system32\l3codeca.acm [307260 2010-09-16] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINXP\system32\xvidvfw.dll [183808 2010-12-07] ()
HKLM\...\Drivers32: [VIDC.YV12] => C:\WINXP\system32\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINXP\system32\ac3acm.acm [151552 2010-01-17] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINXP\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINXP\system32\ff_vfw.dll [80896 2011-01-13] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINXP\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINXP\inf\unregmp2.exe [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINXP\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{99820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINXP\system32\themeui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\WINXP\system32\mscories.dll [2005-09-23] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-05] (Google Inc -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINXP\system32\fdeploy.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINXP\system32\dskquota.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINXP\system32\dot3gpclnt.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINXP\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\WINXP\system32\appmgmts.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
AppInit_DLLs: c:\progra~1\so_boo~1\assist~1.dll => No File
ShellServiceObjects: WebCheck -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => C:\WINXP\system32\webcheck.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2013-12-11]
ShortcutTarget: FlexType 2K.lnk -> C:\WINXP\Datecs\Flex2K.exe ()
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 18 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 19 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 20 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 46.55.211.4 8.8.8.8
Tcpip\..\Interfaces\{40B9406E-1E5B-4324-B5FA-96068190B82F}: [DhcpNameServer] 46.55.211.4 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURLs,Tabs: "about:newtab" <==== ATTENTION
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKLM -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=FCD4B607-CBC3-4CA3-89CD-782690F568F0&ind=2014010416&n=780b5c30&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {0D7562AE-8EF6-416d-A838-AB665251703A} URL = hxxp://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2405} URL = hxxp://dts.search-results.com/sr?src=ieb&appid=0&systemid=405&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {AFDBDDAA-5D3F-42EE-B79C-185A7020515B} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2233703
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^HJ^xdm174^YYA^bg&si=CD9418&ptb=FCD4B607-CBC3-4CA3-89CD-782690F568F0&ind=2014010416&n=780b5c30&psa=&st=sb&searchfor={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll => No File
BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll => No File
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\idfqm4x1.default-1522524320687 [2019-02-05]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-02-05] [Legacy]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-02-05] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-10] ()
FF Plugin: @divx.com/DivX Web Player Plug-In,version=1.0.0 -> C:\Program Files\DivX\DivX Web Player\npdivx32.dll [No File]
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @VideoDownloadConverter_4z.com/Plugin -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll [No File]
FF Plugin HKU\S-1-5-21-1060284298-842925246-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)
StartMenuInternet: FIREFOX.EXE - firefox.exe

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-02-06]
CHR Extension: (Google Диск) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
StartMenuInternet: chrome.exe - C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-10] (Adobe Systems Incorporated) [File not signed]
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [29896 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 HidServ; C:\WINXP\System32\hidserv.dll [21504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Irmon; C:\WINXP\System32\irmon.dll [28160 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{E83227BB-4CA0-4898-8450-CEB1E92BAB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 AR5211; C:\WINXP\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [34008 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [92256 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswRdr; C:\WINXP\system32\drivers\aswRdr.sys [64272 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [60424 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [735488 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [433768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\WINXP\system32\drivers\aswStmXP.sys [184592 2019-02-05] (AVAST Software a.s. -> AVAST Software)
S3 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [66688 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [224752 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 b57w2k; C:\WINXP\System32\DRIVERS\b57xp32.sys [160256 2007-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 btaudio; C:\WINXP\System32\drivers\btaudio.sys [539072 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTDriver; C:\WINXP\System32\DRIVERS\btport.sys [37424 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTKRNL; C:\WINXP\System32\DRIVERS\btkrnl.sys [876384 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWDNDIS; C:\WINXP\System32\DRIVERS\btwdndis.sys [149123 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S3 btwhid; C:\WINXP\System32\DRIVERS\btwhid.sys [55352 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwmodem; C:\WINXP\System32\DRIVERS\btwmodem.sys [37280 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWUSB; C:\WINXP\System32\Drivers\btwusb.sys [67960 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CCDECODE; C:\WINXP\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 DKbFltr; C:\WINXP\System32\DRIVERS\DKbFltr.sys [17408 2006-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Dritek System Inc.)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 dtsoftbus01; C:\WINXP\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINXP\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5761728 2007-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [4424192 2007-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 irda; C:\WINXP\System32\DRIVERS\irda.sys [88192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12160 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457216 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSTEE; C:\WINXP\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NABTSFEC; C:\WINXP\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NdisIP; C:\WINXP\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2010-12-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NSCIRDA; C:\WINXP\System32\DRIVERS\nscirda.sys [28672 2008-04-14] (Microsoft Windows Component Publisher -> National Semiconductor Corporation)
R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 prodrv06; C:\WINXP\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINXP\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\WINXP\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R0 PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions -> Sonic Solutions)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasirda; C:\WINXP\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 sdbus; C:\WINXP\System32\DRIVERS\sdbus.sys [79232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sfhlp01; C:\WINXP\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SLIP; C:\WINXP\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [324096 2013-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357248 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 streamip; C:\WINXP\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SynTP; C:\WINXP\System32\DRIVERS\SynTP.sys [215904 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 tifm21; C:\WINXP\System32\drivers\tifm21.sys [290816 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbvideo; C:\WINXP\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WSTCODEC; C:\WINXP\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
U3 aydqetub; C:\WINXP\system32\Drivers\aydqetub.sys [0 ] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 IntelIde; no ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 11:27 - 2019-02-06 11:29 - 000061313 _____ C:\Documents and Settings\PC\Desktop\FRST.txt
2019-02-06 11:27 - 2019-02-06 11:27 - 000000000 ____D C:\FRST
2019-02-06 11:26 - 2019-02-06 11:26 - 001790976 _____ (Farbar) C:\Documents and Settings\PC\Desktop\FRST.exe
2019-02-05 22:17 - 2019-02-05 22:17 - 000000000 ____D C:\Documents and Settings\PC\Application Data\AVAST Software
2019-02-05 22:13 - 2019-02-05 22:13 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2019-02-05 22:13 - 2019-02-05 22:13 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2019-02-05 22:10 - 2019-02-06 10:30 - 000000364 ____H C:\WINXP\Tasks\Avast Emergency Update.job
2019-02-05 22:09 - 2019-02-05 22:11 - 000224752 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswvmm.sys
2019-02-05 22:09 - 2019-02-05 22:10 - 000735488 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswsnx.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000184592 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000092256 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000060424 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000034008 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys
2019-02-05 22:08 - 2019-02-05 22:07 - 000319760 ____N (AVAST Software) C:\WINXP\system32\aswBoot.exe
2019-02-05 22:07 - 2019-02-05 22:07 - 000053208 _____ (AVAST Software) C:\WINXP\avastSS.scr
2019-02-05 22:07 - 2019-02-05 22:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-05 21:50 - 2019-02-05 21:50 - 000001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2019-02-05 21:50 - 2019-02-05 21:50 - 000001811 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2019-02-05 21:48 - 2019-02-06 11:00 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job
2019-02-05 21:48 - 2019-02-06 10:29 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job
2019-02-05 21:48 - 2019-02-05 21:50 - 000000000 ____D C:\Program Files\Google
2019-02-05 17:11 - 2019-02-05 17:11 - 000036533 _____ C:\Documents and Settings\PC\Desktop\Vikings.s05e18.(subs.sab.bz).zip
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Start Menu\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Desktop\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BS.Player
2019-01-30 15:56 - 2019-01-30 15:56 - 000000000 ____D C:\Program Files\Webteh
2019-01-30 13:14 - 2019-02-05 22:10 - 000433768 ____N (AVAST Software) C:\WINXP\system32\Drivers\aswsp.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000066688 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000064272 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys
2019-01-30 13:13 - 2019-01-30 13:13 - 000000000 ____D C:\Program Files\Alwil Software
2019-01-29 11:45 - 2019-02-06 10:45 - 000000066 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2019-01-28 12:47 - 2019-01-28 12:47 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\chromium
2019-01-28 12:45 - 2019-02-06 10:45 - 000000396 _____ C:\WINXP\Tasks\At1.job
2019-01-28 12:45 - 2019-01-29 19:45 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}
2019-01-28 12:45 - 2019-01-28 12:48 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}
2019-01-28 12:45 - 2019-01-28 12:45 - 000000000 ____D C:\Documents and Settings\PC\Application Data\4289652d7c94fcc7ae174ec1919b8b78

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-06 11:29 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Temp
2019-02-06 10:48 - 2018-06-30 09:43 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job
2019-02-06 10:48 - 2018-06-30 09:43 - 000001012 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job
2019-02-06 10:32 - 2018-03-20 19:03 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job
2019-02-06 10:31 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\Temp
2019-02-06 10:29 - 2011-02-05 12:04 - 000032568 _____ C:\WINXP\SchedLgU.Txt
2019-02-06 10:29 - 2011-02-05 12:04 - 000000006 ____H C:\WINXP\Tasks\SA.DAT
2019-02-06 00:17 - 2011-02-05 12:11 - 000000278 ___SH C:\Documents and Settings\PC\ntuser.ini
2019-02-06 00:17 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC
2019-02-05 22:19 - 2011-02-05 11:59 - 000002577 _____ C:\WINXP\system32\CONFIG.NT
2019-02-05 22:18 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\system32
2019-02-05 22:15 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP
2019-02-05 22:14 - 2018-07-21 09:26 - 000065536 _____ C:\WINXP\system32\config\Antivirus.Evt
2019-02-05 22:12 - 2011-02-05 13:22 - 000000000 ___HD C:\WINXP\inf
2019-02-05 22:07 - 2017-05-29 23:50 - 000011295 _____ C:\Documents and Settings\PC\Desktop\Нов Текстов документ.txt
2019-02-05 22:07 - 2014-01-05 10:18 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2019-02-05 20:49 - 2011-02-05 17:51 - 000064512 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-05 17:39 - 2014-08-25 12:31 - 000321570 _____ C:\Documents and Settings\PC\My Documents\Нов Текстов документ.txt
2019-02-05 17:22 - 2015-11-04 18:59 - 000000000 ____D C:\Documents and Settings\PC\Application Data\vlc
2019-02-05 17:21 - 2011-02-05 14:28 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BitComet
2019-02-05 12:23 - 2018-12-27 23:12 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Изтегляния
2019-02-05 11:09 - 2008-04-14 13:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl
2019-02-02 21:11 - 2018-03-20 19:03 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job
2019-01-31 19:20 - 2016-01-04 15:01 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Bluetooth Exchange Folder
2019-01-30 13:20 - 2012-03-09 15:57 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google
2019-01-30 12:56 - 2015-11-03 23:44 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BSplayer
2019-01-30 12:45 - 2018-01-26 10:54 - 000000000 _____ C:\Documents and Settings\PC\last.dump
2019-01-19 22:05 - 2015-01-07 13:41 - 000018432 ____H C:\Documents and Settings\PC\Desktop\photothumb.db
2019-01-10 12:32 - 2018-03-20 19:03 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2019-01-10 12:32 - 2018-03-20 19:03 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl
2019-01-07 17:50 - 2018-09-08 16:20 - 000000000 ____D C:\Documents and Settings\PC\Desktop\cs

==================== Files in the root of some directories =======

2011-02-05 17:51 - 2019-02-05 20:49 - 000064512 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

Some files in TEMP:
====================
2016-12-18 20:08 - 2016-12-18 20:08 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\32141687lavfilters.exe
2017-06-13 20:00 - 2017-06-13 20:00 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\32587812lavfilters.exe
2017-06-15 21:33 - 2017-06-15 21:33 - 007475309 _____ () C:\Documents and Settings\PC\Local Settings\Temp\40411078lavfilters.exe
2019-01-28 12:53 - 2019-01-28 12:53 - 004189001 _____ () C:\Documents and Settings\PC\Local Settings\Temp\4863640ac3filter.exe
2019-01-28 12:55 - 2019-01-28 12:55 - 004189001 _____ () C:\Documents and Settings\PC\Local Settings\Temp\4943546ac3filter.exe
2017-01-20 00:13 - 2017-01-20 00:13 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\50002250lavfilters.exe
2015-12-10 01:12 - 2015-12-10 01:12 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\52257250lavfilters.exe
2015-12-10 01:12 - 2015-12-10 01:12 - 006966974 _____ () C:\Documents and Settings\PC\Local Settings\Temp\52296984lavfilters.exe
2012-02-09 13:59 - 2004-10-26 02:40 - 000684032 _____ (Electronic Arts Inc.) C:\Documents and Settings\PC\Local Settings\Temp\AutoRun.exe
2012-02-09 13:59 - 2004-10-15 06:59 - 000577536 _____ (Electronic Arts Inc.) C:\Documents and Settings\PC\Local Settings\Temp\AutoRunGUI.dll
2011-02-05 14:30 - 2011-02-05 14:30 - 007958360 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit11.tmp.exe
2017-04-05 14:37 - 2017-04-05 14:37 - 016312432 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit147.tmp.exe
2017-08-04 12:50 - 2017-08-04 12:50 - 016742904 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Bit18A.tmp.exe
2011-02-05 18:20 - 2011-02-05 18:20 - 021499328 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitAF.tmp.exe
2011-06-10 08:13 - 2011-06-10 08:13 - 015428488 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitB1.tmp.exe
2013-05-11 20:57 - 2013-05-11 20:57 - 009526184 _____ () C:\Documents and Settings\PC\Local Settings\Temp\BitCA.tmp.exe
2013-03-28 10:38 - 2013-03-28 10:38 - 000773104 _____ () C:\Documents and Settings\PC\Local Settings\Temp\DeltaTB.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx1d9b.exe
2015-03-14 13:18 - 2015-03-14 13:18 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx5f15.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divx7cb8.exe
2015-03-14 13:20 - 2015-03-14 13:20 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divxd17d.exe
2015-03-14 13:19 - 2015-03-14 13:19 - 001058392 _____ (DivX, LLC) C:\Documents and Settings\PC\Local Settings\Temp\divxda5b.exe
2013-05-30 12:52 - 2013-09-27 16:42 - 000065536 _____ (Sony DADC Austria AG) C:\Documents and Settings\PC\Local Settings\Temp\drm_dialogs.dll
2013-05-30 12:52 - 2013-09-27 16:42 - 000208896 _____ (Sony DADC Austria AG) C:\Documents and Settings\PC\Local Settings\Temp\drm_dyndata_7360007.dll
2014-08-23 14:08 - 2014-08-23 14:08 - 000041984 _____ () C:\Documents and Settings\PC\Local Settings\Temp\dropbox_sqlite_ext.{5f3e3153-5bce-5766-8f84-3e3e7ecf0d81}.tmpxgycjm.dll
2007-09-18 13:58 - 2007-09-18 13:58 - 000077160 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\DSETUP.dll
2007-09-18 13:58 - 2007-09-18 13:58 - 001673576 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\dsetup32.dll
2011-08-19 08:48 - 2011-08-19 08:48 - 011527296 _____ (DT Soft Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4413-0173.exe
2012-04-22 08:52 - 2012-04-22 08:53 - 014229744 _____ (DT Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4454-0315.exe
2013-03-28 10:34 - 2013-03-28 10:36 - 013901152 _____ (Disc Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4471-0333.exe
2013-11-18 20:48 - 2013-11-18 20:49 - 013485616 _____ (Disc Soft Ltd) C:\Documents and Settings\PC\Local Settings\Temp\DTLite4481-0347.exe
2007-09-18 13:58 - 2007-09-18 13:58 - 000503144 _____ (Microsoft Corporation) C:\Documents and Settings\PC\Local Settings\Temp\DXSETUP.exe
2016-09-20 15:40 - 2002-11-08 18:54 - 000270336 _____ (Electronic Arts, Inc.) C:\Documents and Settings\PC\Local Settings\Temp\eauninstall.exe
2011-06-09 16:23 - 2011-03-14 17:22 - 000158048 _____ () C:\Documents and Settings\PC\Local Settings\Temp\GLF24.tmp.ConduitEngineSetup.exe
2011-02-06 11:31 - 2010-11-13 21:58 - 003913000 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\GLFCE.tmp.tbBS_P.dll
2011-02-11 23:16 - 2011-02-11 23:16 - 000048280 _____ () C:\Documents and Settings\PC\Local Settings\Temp\gtbcheck.exe
2015-11-06 00:31 - 2016-12-30 00:11 - 001290968 _____ (                                                            ) C:\Documents and Settings\PC\Local Settings\Temp\ICReinstall_gom_player.exe
2011-09-23 10:25 - 2011-05-30 17:14 - 001399808 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Installhelper.dll
2011-09-23 10:26 - 2011-09-23 10:26 - 017127200 _____ (Sun Microsystems, Inc.) C:\Documents and Settings\PC\Local Settings\Temp\jre-6u22-windows-i586-s.exe
2011-03-07 11:27 - 2011-03-07 11:27 - 001855120 _____ (mIRC Co. Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\mirc719.exe
2016-09-20 15:40 - 2002-11-08 18:54 - 000086016 _____ (EA) C:\Documents and Settings\PC\Local Settings\Temp\NBA Live 2003_uninst.exe
2008-03-11 04:53 - 2008-03-11 04:53 - 000090112 _____ () C:\Documents and Settings\PC\Local Settings\Temp\NSISGSearchCheck.dll
2017-02-15 18:35 - 2017-02-15 18:35 - 000734416 _____ (Opera Software) C:\Documents and Settings\PC\Local Settings\Temp\OperaSetup xp.exe
2011-06-09 16:23 - 2011-01-17 15:54 - 000175912 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\prxGLF24.tmp.tb4sha.dll
2011-11-23 22:13 - 2011-11-23 22:12 - 002719616 _____ (EasyBits Software AS) C:\Documents and Settings\PC\Local Settings\Temp\Refresh.exe
2018-06-30 09:52 - 2018-06-30 09:38 - 002765192 _____ () C:\Documents and Settings\PC\Local Settings\Temp\removeSZB.exe
2011-02-05 13:05 - 2011-02-05 13:05 - 000208896 _____ (Realtek Semiconductor Corp.) C:\Documents and Settings\PC\Local Settings\Temp\RtkBtMnt.exe
2011-09-23 10:25 - 2011-06-01 22:35 - 003493832 _____ () C:\Documents and Settings\PC\Local Settings\Temp\SetupDataMngr_searchqu.exe
2012-03-09 15:55 - 2012-03-09 15:55 - 000185616 _____ (Adobe Systems Inc.) C:\Documents and Settings\PC\Local Settings\Temp\Shockwave_Installer_FF.exe
2016-04-03 13:56 - 2016-10-12 09:24 - 041430144 _____ (Skype Technologies S.A.) C:\Documents and Settings\PC\Local Settings\Temp\SkypeSetup.exe
2019-01-01 11:49 - 2019-01-01 11:49 - 000488960 _____ () C:\Documents and Settings\PC\Local Settings\Temp\sqlite3.exe
2011-09-23 10:25 - 2011-05-26 15:39 - 001085952 _____ () C:\Documents and Settings\PC\Local Settings\Temp\SRAssetsHelper.dll
2011-06-09 16:28 - 2011-03-14 17:17 - 004216104 _____ (Conduit Ltd.) C:\Documents and Settings\PC\Local Settings\Temp\tb4sha.dll
2013-09-08 19:22 - 2013-03-12 10:59 - 000275552 ___RS (Tarma Software Research Pty Ltd) C:\Documents and Settings\PC\Local Settings\Temp\Tsu13E3A740.dll
2011-03-05 11:18 - 2012-03-26 19:11 - 000064444 _____ () C:\Documents and Settings\PC\Local Settings\Temp\Uninstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\dnsapi.dll => File is digitally signed
C:\WINXP\system32\dllhost.exe => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Изтеглете файла fixlist и го запазете там където е и FRST.exe

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране на windows, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt, който се намира на десктопа Ви.

Забележка: Текущия фикс да не се използва на други системи!

 

Стъпка 2

  • Деинсталирайте от контролния панел, следния софтуер:
Chromium
SO_Sustainer 1.80

 

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Направих това което ми казахте, ето го и файла Fixlog.txt  Само, че за стъпка 2 като се помъча да деинсталирам от контролния панел Chromium ми излизат същите неща, които публикувах в първия си пост. Като се помъча да деинсталирам пък това SO_Sustainer 1.80 ми излиза това blob.thumb.png.6caad7a408ba322aaa7898639b8f3b33.png

След което давам ОК и то продължава да си стои в списъка с програми. Иначе след този рестарт, не ми се отвори Chromium след като се включи компютъра, така че все пак има някакъв напредък.


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Изтеглете Geek Unistaller Free.

  • Разархивирайте файла.
  • Стартирайте изпълнимия файл като администратор(десен бутон на изпълнимия файл=>Run As Administrator(Стартирай като Администратор)).
  • От списъка намерете следния софтуер:
Chromium
SO_Sustainer 1.80
  • Десен бутон върху избрания софтуер => Force Removal.

 

Стъпка 2

  • Създайте нови логове с FRST.

 

Стъпка 3

Изтеглете SystemLook.

  • Стартирайте изпълнимия файл като администартор(десен бутон на изпълнимия файл=>Run As Administrator(Стартирай като Администратор)).
  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look.
  • След проверката, ще се генерира текстов файл с име SystemLook.txt, копирайте съдържанието му и го поставете тук.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Като го отворя като администратор ми излиза това : 
blob.thumb.png.6b406c6fe4c7217179bdaa2f5d3ad53b.pngblob.thumb.png.5c9efb3172dd166ca57c7e140075ecd1.png

Гледам пита за парола, макар и незадължителна. Писах парола "1" (просто си измислих число) и ми излиза това : 
blob.thumb.png.63462394172c982765588d12d63b7b1f.png

Не знам за каква парола става въпрос, аз нямам парола на компютъра (ако изобщо има общо де). Като го включвам след пълно изключване или рестарт ми изписва "добре дошли" и това е. Иначе като го включвам след "режим на готовност" ми излиза едно квадратче на син фон, където съм аз юзъра, щраквам върху него и влизам. Не ми иска парола. Пък за тоя Geek Uninstaller като го отворя нормално сякаш по-става работата, виж : 
blob.thumb.png.e51f9740caf6bc5c5ddc40f1808780b7.png

А пък като дам с дясното копче на мишката върху Chromium излиза това : 
blob.thumb.png.08afcc74719f1e825c85aa46d2a11f82.png

Ама нищо не съм правил де, само показвам. Ако не е проблем и по този начин, ще ги премахна както са тук на скрийншота. Обаче нали каза да е като администратор и не смея да пипам, че да не объркам нещо.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Избери "Премахване" и продължи напред със стъпките.

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пробвах, но ми излиза същото което ми излиза и когато се помъча да я махна от "добавяне или премахване на програми":
blob.thumb.png.fe0c1130ee86cc37e5012d30bf3c21da.png

Относно SO_Sustainer същата работа като преди: 
blob.thumb.png.2f4a2ce737841dab294baa056ce36752.png

Edit : 

Пробвам така : 
blob.thumb.png.9b96502ed93a5602b38dce7d8eb2e2b5.png

blob.thumb.png.5b82be2c6d5d20a405e08dec1d0fa836.png

А сега SO_Sustainer :
blob.thumb.png.cf3a7b5976f2346324e9b7240b673fb5.png

blob.thumb.png.5b964fe1c593edd634b2cae43749c549.png

Същото "Всички следи са премахнати" ми излезе като махнах и Chromium.

Малко скрийншотове от "добавяне или премахване на програми": 

blob.thumb.png.79167b4994035c38a2d5aafe662c7995.png

blob.thumb.png.946fd8502954382da43315b62a4e7f65.png

Няма и следа и от двете програми.  Надявам се и занапред да е така.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не бяхте инструктиран точно за тази операция. Аз така или иначе щях да ги премахна, затова бяха и стъпките след това. Както и да е. Направете проверка с Malwarebytes Anti-Malware:

 

Изтеглете: MKLLMRQ.png Malwarebytes Anti-Malware.

  • Стартирайте инсталационния файл и следвайте стъпките за инсталация.
  • След като инсталацията приключи програмата ще стартира автоматично.
  • Отидете до прозорец Settings => Protection => и под категорията Scan Options включете опцията Scan for rootkits.
  • Отидете до прозорец Scan и изберете Threat Scan и след това натиснете бутона Start Scan.
  • Ще започне проверка.
  • След като проверката приключи ще се появи списък с резултатите. Ако програмата е минимизирана докато сканира, ще се появи съобщение ако има открити заплахи. Натиснете бутона View Scan Results.
  • Натиснете бутона Quarantine Selected.
  • След няколко секунди ще се появи прозорец за рестартиране на Windows. Изберете Yes.
  • След като зареди Windows, стартирайте отново Malwarebytes Anti-Malware.
  • Отидете то прозорец Reports и отворете лог файла с името Scan Report.
  • Натиснете бутона Export и след това Copy to Clipboard.
  • Поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия Ви коментар.
  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 11 часа, Stoyannnov написа:

Не бяхте инструктиран точно за тази операция.

Аз затова си викам да не пипам много ама... Повече няма да правя такива своеволия. Иначе изтеглих го това, тръгвам да го инсталирам, давам "Run", то ме пита на какъв език искам да ползвам инсталатора и то си е зададено "български", след което аз давам "OK" и ми излиза следното нещо : 
blob.thumb.png.cc2a25892fef5c7ce243ee45ce8a7afb.png
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Malwarebytes
www.malwarebytes.com

-Детайли за регистъра-
Дата на сканиране: 8.02.19 г.
Час на сканиране: 13:13
Файл на регистъра: a051326a-2b92-11e9-8b74-0017c42222d8.json
Администратор: Да

-Информация за софтуера-
Версия: 3.5.1.2522
Версия на компонентите: 1.0.365
Актуализирай версията на пакета: 1.0.9172
Лиценз: Пробен период

-Системна информация-
OS: Windows XP Service Pack 3
CPU: x86
Файлова система: NTFS
Потребител: ACER-71A12AA9FA\PC

-Резюме на сканирането-
Тип сканиране: Threat Scan
Сканирането е стартирано от: Ръчно
Резултат: Завършено
Сканирани обекти: 172386
Открити заплахи: 257
Заплахи под карантина: 257
Изтекло време: 21 мин, 59 сек

-Опции за сканиране-
Памет: Разрешено
Стартиране: Разрешено
Файлова система: Разрешено
Архиви: Разрешено
руткитове: Забранено
Евристика: Разрешено
PUP: Открий
PUM: Открий

-Детайли за сканирането-
Процес: 0
(Не бяха открити зловредни елементи)

Модул: 0
(Не бяха открити зловредни елементи)

Ключ на регистъра: 35
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\Datamngr, Под карантина, [59], [253612],1.0.9172
PUP.Optional.Ividi, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\iVIDI Plugin, Под карантина, [1865], [239628],1.0.9172
PUP.Optional.PriceGong, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PriceGong, Под карантина, [1367], [241948],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240671],1.0.9172
PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR, Под карантина, [1869], [243128],1.0.9172
PUP.Optional.Booster, HKLM\SOFTWARE\SO_Booster, Под карантина, [819], [235944],1.0.9172
PUP.Optional.MindSpark, HKLM\SOFTWARE\VideoDownloadConverter_4z, Под карантина, [610], [240819],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MOZILLAPLUGINS\@VideoDownloadConverter_4z.com/Plugin, Под карантина, [1728], [443668],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\TYPELIB\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E9469AF-E866-4476-B767-810630F1F6E7}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\CLASSES\INTERFACE\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\CSASTATS\ic, Под карантина, [420], [586068],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP, Под карантина, [420], [481004],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr.1, Под карантина, [83], [238207],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\facemoods.facemoodsHlpr, Под карантина, [83], [238207],1.0.9172
PUP.Optional.Conduit.Generic, HKLM\SOFTWARE\CLASSES\Toolbar.CT2233703, Под карантина, [1559], [443525],1.0.9172
PUP.Optional.FaceMoods, HKLM\SOFTWARE\CLASSES\APPID\{5B1881D1-D9C7-46df-B041-1E593282C7D0}, Под карантина, [83], [392823],1.0.9172
PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172
PUP.Optional.FaceMoods, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{DB4E9724-F518-4DFD-9C7C-78B52103CAB9}, Под карантина, [83], [167952],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{48586425-6BB7-4F51-8DC6-38C88E3EBB58}, Под карантина, [610], [168291],1.0.9172
PUP.Optional.MultiSP, HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}, Под карантина, [7566], [167447],1.0.9172
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172
PUP.Optional.DataMngr.AppFlsh, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}, Под карантина, [59], [169666],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, Под карантина, [610], [168261],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{7041156A-0D2B-4DCD-A8EE-D0608BFCB2D0}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{9B41579A-1996-42F9-8F84-7B7786818CEF}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\INTERFACE\{EAF749DC-CD87-4B04-B22A-D4AC3FBCB2BC}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.MultiPlug, HKLM\SOFTWARE\CLASSES\TYPELIB\{E2343056-CC08-46AC-B898-BFC7ACF4E755}, Под карантина, [66], [169264],1.0.9172
PUP.Optional.Yontoo, HKLM\SOFTWARE\CLASSES\CLSID\{F83D1872-D9FF-47F8-B5A0-49CC51E24EE8}, Под карантина, [33], [160141],1.0.9172
PUP.Optional.MindSpark, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, Под карантина, [610], [168441],1.0.9172

Стойност на регистъра: 5
PUP.Optional.DataMngr.AppFlsh, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|APPINIT_DLLS, Под карантина, [59], [-1],0.0.0
PUP.Optional.SmartBar, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\SMARTBAR|GLOBALUSERID, Под карантина, [1869], [243128],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{3d429207-4689-492d-a0e5-cdc5dfbb5005}|APPPATH, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.MindSpark.Generic, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{8aadc8b2-562b-407b-88b3-916140226cbc}|APPPATH, Под карантина, [1728], [443670],1.0.9172
PUP.Optional.InstallCore, HKU\S-1-5-21-1060284298-842925246-1417001333-1003\SOFTWARE\PRODUCTSETUP|TB, Под карантина, [420], [481004],1.0.9172

Данни на регистъра: 4
PUP.Optional.FaceMoods, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|SEARCHASSISTANT, Сменен, [83], [293076],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|ANTIVIRUSDISABLENOTIFY, Сменен, [13145], [293294],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|FIREWALLDISABLENOTIFY, Сменен, [13145], [293295],1.0.9172
PUM.Optional.DisabledSecurityCenter, HKLM\SOFTWARE\MICROSOFT\SECURITY CENTER|UPDATESDISABLENOTIFY, Сменен, [13145], [293296],1.0.9172

Поток данни: 0
(Не бяха открити зловредни елементи)

Папка: 52
PUP.Optional.FaceMoods, C:\Documents and Settings\PC\Application Data\facemoods.com\facemoods, Под карантина, [83], [177074],1.0.9172
PUP.Optional.FaceMoods, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\FACEMOODS.COM, Под карантина, [83], [177074],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\PRICEGONG, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.SearchQu, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\SEARCHQUBAND, Под карантина, [1543], [179463],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z, Под карантина, [1728], [443674],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758, Под карантина, [816], [179939],1.0.9172
PUP.Optional.SWBooster, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\SUPERSOFTWARE APP\SO_Booster, Под карантина, [816], [179939],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}, Под карантина, [758], [484243],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\CHROMATIC BROWSER, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.DataMngr.AppFlsh, C:\DOCUMENTS AND SETTINGS\PC\APPDATA\LOCALLOW\DATAMNGR, Под карантина, [59], [181454],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Log, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\CONDUIT, Под карантина, [213], [182116],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}, Под карантина, [758], [542290],1.0.9172

Файл: 161
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\1.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\a.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\b.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\c.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\d.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\e.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\f.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\g.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\h.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\i.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\J.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\k.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\l.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\m.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\mru.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\n.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\o.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\p.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\q.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\r.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\s.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\t.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\u.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\v.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\w.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\x.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\y.xml, Под карантина, [1367], [178994],1.0.9172
PUP.Optional.PriceGong, C:\Documents and Settings\PC\Application Data\PriceGong\Data\z.xml, Под карантина, [1367], [178994],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172
PUP.Optional.MindSpark.Generic, C:\DOCUMENTS AND SETTINGS\PC\APPLICATION DATA\VideoDownloadConverter_4z\UrlFolderExtension.ufm, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.min.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.min.css, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.eot, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.ttf, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.woff, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayBttn.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\BlackBK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts_2.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_closed.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_open.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_ScrollHandle.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_handleAlt.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\favicon.ico, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_BK.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Break.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Thumb.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Selection_Break.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\SettingsBreak.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\StationBreak.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\temp_blue.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Background.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Player.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Widget.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\App.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Background.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\lang-en.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\manifest.json, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\705d46d8b2604edccc9306042209718003e77462\1.0.3\Player.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\bin\background.min.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.bmp, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\imgs\icon_active.png, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\anemone-1.2.7.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\background.html, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\manifest.json, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\7dfd6eaf9e844235122fb98d4924c85f061151da\1.1.0\widget-api-1.4.js, Под карантина, [1728], [443674],1.0.9172
PUP.Optional.MindSpark.Generic, C:\Documents and Settings\PC\Application Data\VideoDownloadConverter_4z\UrlFolderExtension.uf1, Под карантина, [1728], [443674],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\GOOGLE\CHROME SXS\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome SxS\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443156],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\PC\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.SWBooster, C:\Documents and Settings\All Users\Application Data\Supersoftware App\SO_Booster\2004261758.ini, Под карантина, [816], [179939],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\TORCH\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Torch\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443155],1.0.9172
Adware.MultiPlug.Generic, C:\DOCUMENTS AND SETTINGS\SUPPORT_388945A0\LOCAL SETTINGS\APPLICATION DATA\COMODO\DRAGON\USER DATA\DEFAULT\EXTENSIONS\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [4765], [443157],1.0.9172
Adware.MultiPlug.Generic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Comodo\Dragon\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [4765], [443157],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\ALL USERS\APPLICATION DATA\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\fomo, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\aowLC, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat1, Под карантина, [758], [484243],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\All Users\Application Data\{49188C7B-C35A-06BD-459C-98FFDFDE1331}\hdat2, Под карантина, [758], [484243],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\PC\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\background.html, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\content.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\L8NuB0FZR.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\lsdb.js, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.Chromatic, C:\Documents and Settings\SUPPORT_388945a0\Local Settings\Application Data\Chromatic Browser\User Data\Default\Extensions\llhkhpidikdackahommndhmbhcfgmagb\2.14\manifest.json, Под карантина, [2050], [180960],1.0.9172
PUP.Optional.DataMngr.AppFlsh, C:\Documents and Settings\PC\AppData\LocalLow\DataMngr\{7CA1F051-A4FB-4143-B263-02B41E571EED}, Под карантина, [59], [181454],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\close.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\like.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Next_hover.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\powered-by.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Prev_hover.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\settings.png, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\Images\Thumbs.db, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\AppNotification.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\initialNotification.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\main.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\AppNotificationDialog\sampleNotification.html, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\DialogsAPI.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\PIE.htc, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\settings.js, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Dialogs\version.txt, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_631527_627389_BG.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\Feeds\http___alerts_conduit-services_com_root_909619_905414_BG.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.Conduit, C:\Documents and Settings\PC\Local Settings\Application Data\Conduit\Community Alerts\LanguagePacks\en.xml, Под карантина, [213], [182116],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\DOCUMENTS AND SETTINGS\PC\LOCAL SETTINGS\APPLICATION DATA\{180D2E51-3CA5-42E9-513D-670175559B99}\HOWTOREMOVE\HOWTOREMOVE.HTML, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\chromium-min.jpg, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\control panel-min-min.JPG, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\down.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff menu.JPG, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\ff search engine-min.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ff.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\hp-min ie.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\search engine.gif, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\setup pages.gif, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\sp-min.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\start-min.jpg, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\HowToRemove\up.png, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\medefomet, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\ratera, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninst.exe, Под карантина, [758], [542290],1.0.9172
PUP.Optional.WinYahoo.TskLnk, C:\Documents and Settings\PC\Local Settings\Application Data\{180D2E51-3CA5-42E9-513D-670175559B99}\uninstp.dat, Под карантина, [758], [542290],1.0.9172

Физически сектор: 0
(Не бяха открити зловредни елементи)

WMI: 0
(Не бяха открити зловредни елементи)


(end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

  • Създайте нови логове с FRST.

 

Стъпка 2

Изтеглете SystemLook.

  • Стартирайте изпълнимия файл.
  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look.
  • След проверката, ще се генерира текстов файл с име SystemLook.txt, копирайте съдържанието му и го поставете тук.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1 я изпълних, създадох нови логове с FRST, обаче не ги копирах както направих първият път, понеже не си ми казал и да не объркам нещо пак... Иначе изтеглих SystemLook, след което давам "Run" и виж какво ми излиза
blob.thumb.png.b5e221cbdbc7c0c6a4f9b7e0fee4680b.png

Предполагам след това трябва да щракна върху "Look" и ми излиза това
blob.thumb.png.6610e408ea14460ad4255e54b6a9ecdf.png

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Стъпка 1

Копирайте и поставете лога FRST.txt  тук, а Additional.txt го прикачете.

 

Стъпка 2

  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!
:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look, след като сте поставили кода в бялото каре.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 8-02-2019
Ran by PC (administrator) on ACER-71A12AA9FA (09-02-2019 01:30:12)
Running from C:\Documents and Settings\PC\Desktop\Нова папка (2)
Loaded Profiles: PC (Available Profiles: PC)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\WINXP\system32\smss.exe
(Microsoft Corporation) C:\WINXP\system32\csrss.exe
(Microsoft Corporation) C:\WINXP\system32\winlogon.exe
(Microsoft Corporation) C:\WINXP\system32\services.exe
(Microsoft Corporation) C:\WINXP\system32\lsass.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\bin\btwdins.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\explorer.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Microsoft Corporation) C:\WINXP\system32\spoolsv.exe
(Intel Corporation) C:\WINXP\system32\igfxtray.exe
(Intel Corporation) C:\WINXP\system32\hkcmd.exe
(Intel Corporation) C:\WINXP\system32\igfxsrvc.exe
(Intel Corporation) C:\WINXP\system32\igfxpers.exe
(Dritek System Inc.) C:\PROGRA~1\LAUNCH~1\LManager.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\WINXP\system32\ctfmon.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\WINXP\Datecs\Flex2K.exe
(Intel Corporation) C:\WINXP\system32\igfxext.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Microsoft Corporation) C:\WINXP\system32\svchost.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\WINXP\system32\alg.exe
(Microsoft Corporation) C:\WINXP\system32\wscntfy.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\WINXP\system32\wbem\wmiprvse.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IgfxTray] => C:\WINXP\system32\igfxtray.exe [142104 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [HotKeysCmds] => C:\WINXP\system32\hkcmd.exe [162584 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Persistence] => C:\WINXP\system32\igfxpers.exe [138008 2007-06-13] (Intel Corporation -> Intel Corporation)
HKLM\...\Run: [Alcmtr] => C:\WINXP\ALCMTR.EXE [69632 2005-05-04] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
HKLM\...\Run: [AzMixerSel] => C:\Program Files\Realtek\InstallShield\AzMixerSel.exe [53248 2005-06-12] (Realtek Semiconductor Corp.)
HKLM\...\Run: [BroadcomWireless] => C:\Program Files\Broadcom\Wireless\Utility\WlanUtil.exe
HKLM\...\Run: [SynTPStart] => C:\Program Files\Synaptics\SynTP\SynTPStart.exe [102400 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [858632 2007-10-17] (Dritek System Inc. -> Dritek System Inc.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.)
HKLM\...\Run: [UnlockerAssistant] => "C:\Documents and Settings\PC\Desktop\Unlocker\UnlockerAssistant.exe"
HKLM\...\Run: [DivXMediaServer] => C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [9080768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
HKLM\...\Winlogon: [Userinit] C:\WINXP\system32\userinit.exe,
HKLM\...\Winlogon: [Shell] Explorer.exe [x ] ()
HKLM\...\Winlogon: [UIHost] C:\WINXP\system32\logonui.exe [514560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
Winlogon\Notify\crypt32chain: C:\WINXP\system32\crypt32.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cryptnet: C:\WINXP\system32\cryptnet.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\cscdll: C:\WINXP\system32\cscdll.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\dimsntfy: C:\WINXP\System32\dimsntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\igfxcui: C:\WINXP\system32\igfxdev.dll [2007-06-05] (Intel Corporation)
Winlogon\Notify\ScCertProp: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\Schedule: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\sclgntfy: C:\WINXP\system32\sclgntfy.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\SensLogn: C:\WINXP\system32\WlNotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\termsrv: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
Winlogon\Notify\WgaLogon: 
Winlogon\Notify\wlballoon: C:\WINXP\system32\wlnotify.dll [2008-04-14] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\System32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [ctfmon.exe] => C:\WINXP\system32\ctfmon.exe [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [GameXN GO] => "C:\Documents and Settings\All Users\Application Data\GameXN\GameXNGO.exe" /startup
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\...\Run: [AvastBrowserIsDefault] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowserProtector.exe" --force-protect
HKU\S-1-5-18\...\Run: [CTFMON.EXE] => C:\WINXP\system32\CTFMON.EXE [15360 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\WINXP\system32\logon.scr [220672 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\Internet Print Provider: C:\WINXP\system32\inetpp.dll [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Providers\LanMan Print Services: C:\WINXP\system32\win32spl.dll [102400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\...\Drivers32: [msacm.trspch] => C:\WINXP\system32\tssoft32.acm [8192 2008-04-14] (DSP GROUP, INC.)
HKLM\...\Drivers32: [vidc.I420] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.iv31] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv32] => C:\WINXP\system32\ir32_32.dll [199168 2008-04-14] ()
HKLM\...\Drivers32: [vidc.iv41] => C:\WINXP\system32\ir41_32.ax [848384 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.msg723] => C:\WINXP\system32\msg723.acm [118784 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M263] => C:\WINXP\system32\msh263.drv [294912 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [vidc.M261] => C:\WINXP\system32\msh261.drv [188416 2008-04-14] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.msaudio1] => C:\WINXP\system32\msaud32.acm [282654 2010-09-16] (Microsoft Corporation)
HKLM\...\Drivers32: [msacm.sl_anet] => C:\WINXP\system32\sl_anet.acm [86016 2008-04-14] (Sipro Lab Telecom Inc.)
HKLM\...\Drivers32: [msacm.iac2] => C:\WINXP\system32\iac25_32.ax [199680 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [vidc.iv50] => C:\WINXP\system32\ir50_32.dll [755200 2008-04-14] (Intel Corporation)
HKLM\...\Drivers32: [msacm.l3acm] => C:\WINXP\system32\l3codeca.acm [307260 2010-09-16] (Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\WINXP\system32\xvidvfw.dll [183808 2010-12-07] ()
HKLM\...\Drivers32: [VIDC.YV12] => C:\WINXP\system32\yv12vfw.dll [237568 2010-11-03] (www.helixcommunity.org)
HKLM\...\Drivers32: [msacm.ac3acm] => C:\WINXP\system32\ac3acm.acm [151552 2010-01-17] (fccHandler)
HKLM\...\Drivers32: [msacm.lameacm] => C:\WINXP\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/)
HKLM\...\Drivers32: [VIDC.FFDS] => C:\WINXP\system32\ff_vfw.dll [80896 2011-01-13] ()
HKLM\Software\Microsoft\Active Setup\Installed Components: [<{12d0ed0d-0ee0-4f90-8827-78cefb8f4988}] -> C:\WINXP\system32\ieudinit.exe [2009-03-08] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> C:\WINXP\inf\unregmp2.exe [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{26923b43-4d38-484f-9b9e-de460746276c}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{60B49E34-C7CC-11D0-8953-00A0C90347FF}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{881dd1c5-3dcf-431b-b061-f3f88e8be88a}] -> C:\WINXP\system32\shmgrate.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [>{99820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2179C5D3-EBFF-11CF-B6FD-00AA00B4E220}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{22d6f312-b0f6-11d0-94ab-0080c74c7e95}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2C7339CF-2B09-4501-B3F3-F3508C9228ED}] -> C:\WINXP\system32\themeui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA840-CC51-11CF-AAFA-00AA00B6015C}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{44BBA842-CC51-11CF-AAFA-00AA00B6015B}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{5945c046-1e7d-11d1-bc44-00c04fd912be}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{6BF52A52-394A-11d3-B153-00C04F79FAA6}] -> C:\WINXP\system32\advpack.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] -> 
HKLM\Software\Microsoft\Active Setup\Installed Components: [{7790769C-0471-11d2-AF11-00C04FA35D02}] -> C:\Program Files\Outlook Express\setup50.exe [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4340}] -> C:\WINXP\system32\shell32.dll [2011-01-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89820200-ECBD-11cf-8B85-00AA005B4383}] -> C:\WINXP\system32\ie4uinit.exe [2010-12-20] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{89B4C1CD-B018-4511-B0A1-5476DBF70820}] -> C:\WINXP\system32\mscories.dll [2005-09-23] (Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe [2019-02-05] (Google Inc -> Google Inc.)
HKLM\Software\...\Winlogon\GPExtensions: [{0ACDD40C-75AC-47ab-BAA0-BF6DE7E7FE63}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{25537BA6-77A8-11D2-9B6C-0000F8080861}] -> C:\WINXP\system32\fdeploy.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{3610eda5-77ef-11d2-8dc5-00c04fa31a66}] -> C:\WINXP\system32\dskquota.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{426031c0-0b47-4852-b0ca-ac3d37bfcb39}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{42B5FAAE-6536-11d2-AE5A-0000F87571E3}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{4CFB60C1-FAA6-47f1-89AA-0B18730C9FD3}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{7B849a69-220F-451E-B3FE-2CB811AF94AE}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{827D319E-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{A2E30F80-D7DE-11d2-BBDE-00C04F86AE3B}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B1BE8D72-6EAC-11D2-A4EA-00C04F79F83A}] -> C:\WINXP\system32\scecli.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{B587E2B1-4D59-4e7e-AED9-22B9DF11D053}] -> C:\WINXP\system32\dot3gpclnt.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{C631DF4C-088F-4156-B058-4375F0853CD8}] -> C:\WINXP\System32\cscui.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{c6dc5466-785a-11d2-84d0-00c04fb169f7}] -> C:\WINXP\system32\appmgmts.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{CF7639F3-ABA2-41DB-97F2-81E2C5DBFC5D}] -> C:\WINXP\system32\iedkcs32.dll [2010-12-21] (Microsoft Windows Component Publisher -> Microsoft Corporation)
HKLM\Software\...\Winlogon\GPExtensions: [{e437bc1c-aa7d-11d2-a382-00c04f991e27}] -> C:\WINXP\system32\gptext.dll [2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
ShellServiceObjects: WebCheck -> {E6FB5E20-DE35-11CF-9C87-00AA005127ED} => C:\WINXP\system32\webcheck.dll [2010-09-16] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Bluetooth.lnk [2011-02-05]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\FlexType 2K.lnk [2013-12-11]
ShortcutTarget: FlexType 2K.lnk -> C:\WINXP\Datecs\Flex2K.exe ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog5 02 C:\WINXP\system32\winrnr.dll [16896 2008-04-14] (Microsoft Corporation)
Winsock: Catalog5 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 01 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 02 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 03 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 04 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 05 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 06 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 07 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 08 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 09 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 10 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 11 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 12 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 13 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 14 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 15 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 16 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 17 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 18 C:\WINXP\system32\mswsock.dll [245248 2010-09-16] (Microsoft Corporation)
Winsock: Catalog9 19 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Winsock: Catalog9 20 C:\WINXP\system32\rsvpsp.dll [92672 2008-04-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 46.55.211.4 8.8.8.8
Tcpip\..\Interfaces\{40B9406E-1E5B-4324-B5FA-96068190B82F}: [DhcpNameServer] 46.55.211.4 8.8.8.8

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?trackid=sp-016
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINXP\system32\blank.htm
HKU\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKLM -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
SearchScopes: HKU\S-1-5-21-1060284298-842925246-1417001333-1003 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?trackid=sp-016&q={searchTerms}
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} hxxp://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Documents and Settings\PC\Application Data\Mozilla\Firefox\Profiles\q63851us.default-1549495426250 [2019-02-08]
FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF
FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2019-02-05] [Legacy]
FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2019-02-05] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINXP\system32\Macromed\Flash\NPSWF32_32_0_0_114.dll [2019-01-10] ()
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.23\npGoogleUpdate3.dll [2019-02-05] (Google Inc.)
FF Plugin HKU\S-1-5-21-1060284298-842925246-1417001333-1003: @unity3d.com/UnityPlayer,version=1.0 -> C:\Documents and Settings\PC\Local Settings\Application Data\Unity\WebPlayer\loader\npUnity3D32.dll [2016-03-11] (Unity Technologies ApS)

Chrome: 
=======
CHR StartupUrls: Default -> "hxxps://www.google.bg/"
CHR Profile: C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default [2019-02-09]
CHR Extension: (Google Диск) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2019-01-30]
CHR Extension: (YouTube) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2019-01-30]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-01-30]
CHR Extension: (Gmail) - C:\Documents and Settings\PC\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-01-30]
StartMenuInternet: chrome.exe - C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINXP\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335872 2019-01-10] (Adobe Systems Incorporated) [File not signed]
S4 Alerter; C:\WINXP\system32\alrsvc.dll [17408 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ALG; C:\WINXP\System32\alg.exe [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 AppMgmt; C:\WINXP\System32\appmgmts.dll [167936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aspnet_state; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [29896 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
R2 AudioSrv; C:\WINXP\System32\audiosrv.dll [42496 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [197128 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R3 BITS; C:\WINXP\system32\qmgr.dll [409088 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 Browser; C:\WINXP\System32\browser.dll [77824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CiSvc; C:\WINXP\system32\cisvc.exe [5632 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 ClipSrv; C:\WINXP\system32\clipsrv.exe [33280 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 clr_optimization_v2.0.50727_32; C:\WINXP\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [66240 2005-09-23] (Microsoft Corporation -> Microsoft Corporation)
S3 COMSysApp; C:\WINXP\system32\dllhost.exe /Processid:{02D4B3F1-FD88-11D1-960D-00805FC79235} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 CryptSvc; C:\WINXP\System32\cryptsvc.dll [62464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 DcomLaunch; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Dhcp; C:\WINXP\System32\dhcpcsvc.dll [126976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 dmadmin; C:\WINXP\System32\dmadmin.exe [224768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R2 dmserver; C:\WINXP\System32\dmserver.dll [23552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp.)
R2 Dnscache; C:\WINXP\System32\dnsrslvr.dll [45568 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Dot3svc; C:\WINXP\System32\dot3svc.dll [132096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 EapHost; C:\WINXP\System32\eapsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ERSvc; C:\WINXP\System32\ersvc.dll [23040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Eventlog; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 EventSystem; C:\WINXP\system32\es.dll [253952 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 FastUserSwitchingCompatibility; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 helpsvc; C:\WINXP\PCHealth\HelpCtr\Binaries\pchsvc.dll [38400 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 HidServ; C:\WINXP\System32\hidserv.dll [21504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 hkmsvc; C:\WINXP\System32\kmsvc.dll [61440 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 HTTPFilter; C:\WINXP\System32\w3ssl.dll [15872 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 ImapiService; C:\WINXP\system32\imapi.exe [150528 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Irmon; C:\WINXP\System32\irmon.dll [28160 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LanmanServer; C:\WINXP\System32\srvsvc.dll [99840 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 lanmanworkstation; C:\WINXP\System32\wkssvc.dll [134144 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 LmHosts; C:\WINXP\System32\lmhsvc.dll [13824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4753104 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S4 Messenger; C:\WINXP\System32\msgsvc.dll [33792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 mnmsrvc; C:\WINXP\system32\mnmsrvc.exe [32768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSDTC; C:\WINXP\system32\msdtc.exe [6144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSIServer; C:\WINXP\System32\msiexec.exe [78848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 napagent; C:\WINXP\System32\qagentrt.dll [291328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDE; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 NetDDEdsdm; C:\WINXP\system32\netdde.exe [111104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Netlogon; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Netman; C:\WINXP\System32\netman.dll [198144 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Nla; C:\WINXP\System32\mswsock.dll [245248 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtLmSsp; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NtmsSvc; C:\WINXP\system32\ntmssvc.dll [435200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PlugPlay; C:\WINXP\system32\services.exe [110592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 PolicyAgent; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ProtectedStorage; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RasAuto; C:\WINXP\System32\rasauto.dll [88576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasMan; C:\WINXP\System32\rasmans.dll [186368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDSessMgr; C:\WINXP\system32\sessmgr.exe [141312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 RemoteAccess; C:\WINXP\System32\mprdim.dll [53248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RemoteRegistry; C:\WINXP\system32\regsvc.dll [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RpcLocator; C:\WINXP\system32\locator.exe [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 RpcSs; C:\WINXP\system32\rpcss.dll [401408 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RSVP; C:\WINXP\system32\rsvp.exe [132608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SamSs; C:\WINXP\system32\lsass.exe [13312 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SCardSvr; C:\WINXP\System32\SCardSvr.exe [95744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Schedule; C:\WINXP\system32\schedsvc.dll [192512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 seclogon; C:\WINXP\System32\seclogon.dll [18944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SENS; C:\WINXP\system32\sens.dll [39424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 SharedAccess; C:\WINXP\System32\ipnathlp.dll [331264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 ShellHWDetection; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Spooler; C:\WINXP\system32\spoolsv.exe [58880 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 srservice; C:\WINXP\system32\srsvc.dll [171008 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SSDPSRV; C:\WINXP\System32\ssdpsrv.dll [71680 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 stisvc; C:\WINXP\system32\wiaservc.dll [333824 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SwPrv; C:\WINXP\system32\dllhost.exe /Processid:{E83227BB-4CA0-4898-8450-CEB1E92BAB11} [5120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SysmonLog; C:\WINXP\system32\smlogsvc.exe [89600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TapiSrv; C:\WINXP\System32\tapisrv.dll [249856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 TermService; C:\WINXP\System32\termsrv.dll [295424 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 Themes; C:\WINXP\System32\shsvcs.dll [135168 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 TlntSvr; C:\WINXP\system32\tlntsvr.exe [73216 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 TrkWks; C:\WINXP\system32\trkwks.dll [90112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 upnphost; C:\WINXP\System32\upnphost.dll [185856 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 UPS; C:\WINXP\System32\ups.exe [18432 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 VSS; C:\WINXP\System32\vssvc.exe [289792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 W32Time; C:\WINXP\system32\w32time.dll [175104 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WebClient; C:\WINXP\System32\webclnt.dll [68096 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 winmgmt; C:\WINXP\system32\wbem\WMIsvc.dll [144896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmdmPmSN; C:\WINXP\system32\mspmsnsv.dll [27136 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 Wmi; C:\WINXP\System32\advapi32.dll [617472 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WmiApSrv; C:\WINXP\system32\wbem\wmiapsrv.exe [126464 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 wscsvc; C:\WINXP\system32\wscsvc.dll [80896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S4 wuauserv; C:\WINXP\system32\wuauserv.dll [6656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 WudfSvc; C:\WINXP\System32\WUDFSvc.dll [55808 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
R2 WZCSVC; C:\WINXP\System32\wzcsvc.dll [483840 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 xmlprov; C:\WINXP\System32\xmlprov.dll [129024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ACPI; C:\WINXP\System32\DRIVERS\ACPI.sys [187776 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ACPIEC; C:\WINXP\System32\DRIVERS\ACPIEC.sys [11648 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aec; C:\WINXP\System32\drivers\aec.sys [142592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 AFD; C:\WINXP\System32\drivers\afd.sys [138496 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 AR5211; C:\WINXP\System32\DRIVERS\ar5211.sys [546976 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Atheros Communications, Inc.)
R3 Arp1394; C:\WINXP\System32\DRIVERS\arp1394.sys [60800 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 aswHwid; C:\WINXP\system32\drivers\aswHwid.sys [34008 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R2 aswMonFlt; C:\WINXP\system32\drivers\aswMonFlt.sys [92256 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswRdr; C:\WINXP\system32\drivers\aswRdr.sys [64272 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswRvrt; C:\WINXP\system32\Drivers\aswRvrt.sys [60424 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R1 aswSnx; C:\WINXP\system32\drivers\aswSnx.sys [735488 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINXP\system32\drivers\aswSP.sys [433768 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
R3 aswStmXP; C:\WINXP\system32\drivers\aswStmXP.sys [184592 2019-02-05] (AVAST Software a.s. -> AVAST Software)
S3 aswTdi; C:\WINXP\system32\drivers\aswTdi.sys [66688 2019-02-05] (AVAST Software a.s. -> AVAST Software)
R0 aswVmm; C:\WINXP\system32\Drivers\aswVmm.sys [224752 2019-02-05] (AVAST Software s.r.o. -> AVAST Software)
S3 AsyncMac; C:\WINXP\System32\DRIVERS\asyncmac.sys [14336 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 atapi; C:\WINXP\System32\DRIVERS\atapi.sys [96512 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Atmarpc; C:\WINXP\System32\DRIVERS\atmarpc.sys [59904 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 audstub; C:\WINXP\System32\DRIVERS\audstub.sys [3072 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 b57w2k; C:\WINXP\System32\DRIVERS\b57xp32.sys [160256 2007-02-16] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation)
R1 Beep; C:\WINXP\system32\Drivers\Beep.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 btaudio; C:\WINXP\System32\drivers\btaudio.sys [539072 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTDriver; C:\WINXP\System32\DRIVERS\btport.sys [37424 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
R3 BTKRNL; C:\WINXP\System32\DRIVERS\btkrnl.sys [876384 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWDNDIS; C:\WINXP\System32\DRIVERS\btwdndis.sys [149123 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S3 btwhid; C:\WINXP\System32\DRIVERS\btwhid.sys [55352 2007-04-01] (Broadcom Corporation -> Broadcom Corporation.)
S3 btwmodem; C:\WINXP\System32\DRIVERS\btwmodem.sys [37280 2007-03-24] (Broadcom Corporation -> Broadcom Corporation.)
S3 BTWUSB; C:\WINXP\System32\Drivers\btwusb.sys [67960 2007-03-24] (Microsoft Windows Hardware Compatibility Publisher -> Broadcom Corporation.)
S4 cbidf2k; C:\WINXP\system32\Drivers\cbidf2k.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 CCDECODE; C:\WINXP\System32\DRIVERS\CCDECODE.sys [17024 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Cdaudio; C:\WINXP\system32\Drivers\Cdaudio.sys [18688 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R4 Cdfs; C:\WINXP\system32\Drivers\Cdfs.sys [63744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Cdrom; C:\WINXP\System32\DRIVERS\cdrom.sys [62976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 CmBatt; C:\WINXP\System32\DRIVERS\CmBatt.sys [13952 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Compbatt; C:\WINXP\System32\DRIVERS\compbatt.sys [10240 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Disk; C:\WINXP\System32\DRIVERS\disk.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 DKbFltr; C:\WINXP\System32\DRIVERS\DKbFltr.sys [17408 2006-01-20] (Microsoft Windows Hardware Compatibility Publisher -> Dritek System Inc.)
S4 dmboot; C:\WINXP\System32\drivers\dmboot.sys [799744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmio; C:\WINXP\System32\drivers\dmio.sys [153344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software)
R0 dmload; C:\WINXP\System32\drivers\dmload.sys [5888 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corp., Veritas Software.)
S3 DMusic; C:\WINXP\System32\drivers\DMusic.sys [52864 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 drmkaud; C:\WINXP\System32\drivers\drmkaud.sys [2944 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 dtsoftbus01; C:\WINXP\System32\DRIVERS\dtsoftbus01.sys [243128 2013-11-18] (Disc Soft Ltd -> Disc Soft Ltd)
R1 ESProtectionDriver; C:\WINXP\system32\drivers\mbae.sys [128736 2018-04-26] (Malwarebytes Corporation -> Malwarebytes)
S3 ew_usbccgpfilter; C:\WINXP\System32\DRIVERS\ew_usbccgpfilter.sys [15360 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S4 Fastfat; C:\WINXP\system32\Drivers\Fastfat.sys [143744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Fdc; C:\WINXP\system32\Drivers\Fdc.sys [27392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Fips; C:\WINXP\system32\Drivers\Fips.sys [44544 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 Flpydisk; C:\WINXP\system32\Drivers\Flpydisk.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 FltMgr; C:\WINXP\System32\DRIVERS\fltMgr.sys [129792 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
U1 Fs_Rec; C:\WINXP\system32\Drivers\Fs_Rec.sys [7936 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Ftdisk; C:\WINXP\System32\DRIVERS\ftdisk.sys [125056 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Gpc; C:\WINXP\System32\DRIVERS\msgpc.sys [35072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HDAudBus; C:\WINXP\System32\DRIVERS\HDAudBus.sys [144384 2008-04-14] (Microsoft Windows Component Publisher -> Windows (R) Server 2003 DDK provider)
R3 hidusb; C:\WINXP\System32\DRIVERS\hidusb.sys [10368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 HSFHWAZL; C:\WINXP\System32\DRIVERS\HSFHWAZL.sys [209664 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINXP\System32\DRIVERS\HSF_DPV.sys [988800 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R3 HTTP; C:\WINXP\System32\Drivers\HTTP.sys [265728 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 i8042prt; C:\WINXP\System32\DRIVERS\i8042prt.sys [52480 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 ialm; C:\WINXP\System32\DRIVERS\igxpmp32.sys [5761728 2007-06-05] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R1 Imapi; C:\WINXP\System32\DRIVERS\imapi.sys [42112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IntcAzAudAddService; C:\WINXP\System32\drivers\RtkHDAud.sys [4424192 2007-05-31] (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.)
R1 intelppm; C:\WINXP\System32\DRIVERS\intelppm.sys [36352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Ip6Fw; C:\WINXP\System32\DRIVERS\Ip6Fw.sys [36608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpFilterDriver; C:\WINXP\System32\DRIVERS\ipfltdrv.sys [32896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 IpInIp; C:\WINXP\System32\DRIVERS\ipinip.sys [20864 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IpNat; C:\WINXP\System32\DRIVERS\ipnat.sys [152832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 IPSec; C:\WINXP\System32\DRIVERS\ipsec.sys [75264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 irda; C:\WINXP\System32\DRIVERS\irda.sys [88192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 IRENUM; C:\WINXP\System32\DRIVERS\irenum.sys [11264 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 isapnp; C:\WINXP\System32\DRIVERS\isapnp.sys [37248 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Kbdclass; C:\WINXP\System32\DRIVERS\kbdclass.sys [24576 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S1 kbdhid; C:\WINXP\System32\DRIVERS\kbdhid.sys [14592 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 kmixer; C:\WINXP\System32\drivers\kmixer.sys [172416 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 KSecDD; C:\WINXP\system32\Drivers\KSecDD.sys [92928 2009-06-24] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R2 mbamchameleon; C:\WINXP\system32\drivers\mbamchameleon.sys [148600 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\WINXP\system32\drivers\mbam.sys [40160 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINXP\system32\drivers\MBAMSwissArmy.sys [220896 2019-02-08] (Malwarebytes Corporation -> Malwarebytes)
R2 mdmxsdk; C:\WINXP\System32\DRIVERS\mdmxsdk.sys [12672 2006-06-20] (Microsoft Windows Hardware Compatibility Publisher -> Conexant)
R1 mnmdd; C:\WINXP\system32\Drivers\mnmdd.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Modem; C:\WINXP\system32\Drivers\Modem.sys [30080 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Mouclass; C:\WINXP\System32\DRIVERS\mouclass.sys [23040 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mouhid; C:\WINXP\System32\DRIVERS\mouhid.sys [12160 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 MountMgr; C:\WINXP\system32\Drivers\MountMgr.sys [42368 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 MRxDAV; C:\WINXP\System32\DRIVERS\mrxdav.sys [180608 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 MRxSmb; C:\WINXP\System32\DRIVERS\mrxsmb.sys [457216 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Msfs; C:\WINXP\system32\Drivers\Msfs.sys [19072 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSKSSRV; C:\WINXP\System32\drivers\MSKSSRV.sys [7552 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPCLOCK; C:\WINXP\System32\drivers\MSPCLOCK.sys [5376 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSPQM; C:\WINXP\System32\drivers\MSPQM.sys [4992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 mssmbios; C:\WINXP\System32\DRIVERS\mssmbios.sys [15488 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 MSTEE; C:\WINXP\System32\drivers\MSTEE.sys [5504 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Mup; C:\WINXP\system32\Drivers\Mup.sys [105344 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NABTSFEC; C:\WINXP\System32\DRIVERS\NABTSFEC.sys [85248 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 NDIS; C:\WINXP\system32\Drivers\NDIS.sys [182656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NdisIP; C:\WINXP\System32\DRIVERS\NdisIP.sys [10880 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisTapi; C:\WINXP\System32\DRIVERS\ndistapi.sys [10112 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ndisuio; C:\WINXP\System32\DRIVERS\ndisuio.sys [14592 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NdisWan; C:\WINXP\System32\DRIVERS\ndiswan.sys [91520 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NDProxy; C:\WINXP\system32\Drivers\NDProxy.sys [40960 2010-12-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBIOS; C:\WINXP\System32\DRIVERS\netbios.sys [34688 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 NetBT; C:\WINXP\System32\DRIVERS\netbt.sys [162816 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NIC1394; C:\WINXP\System32\DRIVERS\nic1394.sys [61824 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Npfs; C:\WINXP\system32\Drivers\Npfs.sys [30848 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 NSCIRDA; C:\WINXP\System32\DRIVERS\nscirda.sys [28672 2008-04-14] (Microsoft Windows Component Publisher -> National Semiconductor Corporation)
R4 Ntfs; C:\WINXP\system32\Drivers\Ntfs.sys [574976 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Null; C:\WINXP\system32\Drivers\Null.sys [2944 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFlt; C:\WINXP\System32\DRIVERS\nwlnkflt.sys [12416 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 NwlnkFwd; C:\WINXP\System32\DRIVERS\nwlnkfwd.sys [32512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 ohci1394; C:\WINXP\System32\DRIVERS\ohci1394.sys [61696 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Parport; C:\WINXP\system32\Drivers\Parport.sys [80128 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PartMgr; C:\WINXP\system32\Drivers\PartMgr.sys [19712 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S2 ParVdm; C:\WINXP\system32\Drivers\ParVdm.sys [6784 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCI; C:\WINXP\System32\DRIVERS\pci.sys [68224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 PCIIde; C:\WINXP\System32\DRIVERS\pciide.sys [3328 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 Pcmcia; C:\WINXP\System32\DRIVERS\pcmcia.sys [120192 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 PptpMiniport; C:\WINXP\System32\DRIVERS\raspptp.sys [48384 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 prodrv06; C:\WINXP\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
R0 prohlp02; C:\WINXP\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
R0 prosync1; C:\WINXP\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R3 PSched; C:\WINXP\System32\DRIVERS\psched.sys [69120 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Ptilink; C:\WINXP\System32\DRIVERS\ptilink.sys [17792 2008-04-14] (Microsoft Windows Component Publisher -> Parallel Technologies, Inc.)
R0 PxHelp20; C:\WINXP\System32\Drivers\PxHelp20.sys [45648 2011-03-04] (Sonic Solutions -> Sonic Solutions)
R1 RasAcd; C:\WINXP\System32\DRIVERS\rasacd.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasirda; C:\WINXP\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Rasl2tp; C:\WINXP\System32\DRIVERS\rasl2tp.sys [51328 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 RasPppoe; C:\WINXP\System32\DRIVERS\raspppoe.sys [41472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Raspti; C:\WINXP\System32\DRIVERS\raspti.sys [16512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Rdbss; C:\WINXP\System32\DRIVERS\rdbss.sys [175744 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 RDPCDD; C:\WINXP\System32\DRIVERS\RDPCDD.sys [4224 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 rdpdr; C:\WINXP\System32\DRIVERS\rdpdr.sys [196224 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 RDPWD; C:\WINXP\system32\Drivers\RDPWD.sys [139656 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 redbook; C:\WINXP\System32\DRIVERS\redbook.sys [57600 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 sdbus; C:\WINXP\System32\DRIVERS\sdbus.sys [79232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 Secdrv; C:\WINXP\System32\DRIVERS\secdrv.sys [20480 2008-04-14] (Microsoft Windows Component Publisher -> Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.)
S2 Serial; C:\WINXP\system32\Drivers\Serial.sys [64512 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sfhlp01; C:\WINXP\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S1 Sfloppy; C:\WINXP\system32\Drivers\Sfloppy.sys [11392 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 SLIP; C:\WINXP\System32\DRIVERS\SLIP.sys [11136 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 splitter; C:\WINXP\System32\drivers\splitter.sys [6272 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 sptd; C:\WINXP\System32\Drivers\sptd.sys [324096 2013-11-18] (Disc Soft Ltd -> Duplex Secure Ltd.)
R0 sr; C:\WINXP\System32\DRIVERS\sr.sys [73472 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Srv; C:\WINXP\System32\DRIVERS\srv.sys [357248 2010-10-12] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 streamip; C:\WINXP\System32\DRIVERS\StreamIP.sys [15232 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 swenum; C:\WINXP\System32\DRIVERS\swenum.sys [4352 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 swmidi; C:\WINXP\System32\drivers\swmidi.sys [56576 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 SynTP; C:\WINXP\System32\DRIVERS\SynTP.sys [215904 2007-09-07] (Microsoft Windows Hardware Compatibility Publisher -> Synaptics, Inc.)
R3 sysaudio; C:\WINXP\System32\drivers\sysaudio.sys [60800 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 Tcpip; C:\WINXP\System32\DRIVERS\tcpip.sys [361600 2010-09-16] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDPIPE; C:\WINXP\system32\Drivers\TDPIPE.sys [12040 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 TDTCP; C:\WINXP\system32\Drivers\TDTCP.sys [21896 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 TermDD; C:\WINXP\System32\DRIVERS\termdd.sys [40840 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 tifm21; C:\WINXP\System32\drivers\tifm21.sys [290816 2007-05-02] (Microsoft Windows Hardware Compatibility Publisher -> Texas Instruments)
S4 Udfs; C:\WINXP\system32\Drivers\Udfs.sys [66048 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Update; C:\WINXP\System32\DRIVERS\update.sys [384768 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbccgp; C:\WINXP\System32\DRIVERS\usbccgp.sys [32128 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbehci; C:\WINXP\System32\DRIVERS\usbehci.sys [30208 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbhub; C:\WINXP\System32\DRIVERS\usbhub.sys [59520 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 USBSTOR; C:\WINXP\System32\DRIVERS\USBSTOR.SYS [26368 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbuhci; C:\WINXP\System32\DRIVERS\usbuhci.sys [20608 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 usbvideo; C:\WINXP\System32\Drivers\usbvideo.sys [121984 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R1 VgaSave; C:\WINXP\System32\drivers\vga.sys [20992 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 VolSnap; C:\WINXP\system32\Drivers\VolSnap.sys [52352 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wanarp; C:\WINXP\System32\DRIVERS\wanarp.sys [34560 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 Wdf01000; C:\WINXP\System32\Drivers\wdf01000.sys [444136 2009-07-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 wdmaud; C:\WINXP\System32\drivers\wdmaud.sys [83072 2008-04-13] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R3 winachsf; C:\WINXP\System32\DRIVERS\HSF_CNXT.sys [730112 2006-12-23] (Microsoft Windows Hardware Compatibility Publisher -> Conexant Systems, Inc.)
R1 WmiAcpi; C:\WINXP\System32\DRIVERS\wmiacpi.sys [8832 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
S3 WpdUsb; C:\WINXP\System32\DRIVERS\wpdusb.sys [38528 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WSTCODEC; C:\WINXP\System32\DRIVERS\WSTCODEC.SYS [19200 2008-04-14] (Microsoft Windows Component Publisher -> Microsoft Corporation)
R0 WudfPf; C:\WINXP\System32\DRIVERS\WudfPf.sys [77568 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 WudfRd; C:\WINXP\System32\DRIVERS\wudfrd.sys [82944 2010-09-16] (Microsoft Windows -> Microsoft Corporation)
U3 acqz17sd; C:\WINXP\system32\Drivers\acqz17sd.sys [0 ] (Microsoft Windows Component Publisher -> Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S4 IntelIde; no ImagePath
S3 UIUSys; system32\DRIVERS\UIUSYS.SYS [X]
U1 WS2IFSL; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-08 13:11 - 2019-02-08 13:52 - 000040160 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbam.sys
2019-02-08 13:11 - 2019-02-08 13:51 - 000220896 _____ (Malwarebytes) C:\WINXP\system32\Drivers\MBAMSwissArmy.sys
2019-02-08 13:11 - 2019-02-08 13:11 - 000148600 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbamchameleon.sys
2019-02-08 13:10 - 2019-02-08 13:10 - 000001715 _____ C:\Documents and Settings\All Users\Desktop\Malwarebytes.lnk
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes
2019-02-08 13:10 - 2019-02-08 13:10 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Malwarebytes
2019-02-08 13:10 - 2018-04-26 05:36 - 000128736 _____ (Malwarebytes) C:\WINXP\system32\Drivers\mbae.sys
2019-02-08 13:08 - 2019-02-09 01:30 - 000000000 ____D C:\Documents and Settings\PC\Desktop\Нова папка (2)
2019-02-07 17:04 - 2019-02-07 17:04 - 000000000 ____D C:\Documents and Settings\PC\Application Data\Geek Uninstaller
2019-02-07 01:19 - 2019-02-07 01:19 - 000000730 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Mozilla Firefox.lnk
2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2019-02-07 01:19 - 2019-02-07 01:19 - 000000000 ____D C:\Program Files\Mozilla Firefox
2019-02-06 23:33 - 2019-02-09 01:32 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Temp
2019-02-06 11:27 - 2019-02-09 01:30 - 000000000 ____D C:\FRST
2019-02-05 22:17 - 2019-02-05 22:17 - 000000000 ____D C:\Documents and Settings\PC\Application Data\AVAST Software
2019-02-05 22:13 - 2019-02-05 22:13 - 000001689 _____ C:\Documents and Settings\All Users\Desktop\Avast Free Antivirus.lnk
2019-02-05 22:13 - 2019-02-05 22:13 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVAST Software
2019-02-05 22:10 - 2019-02-08 13:51 - 000000364 ____H C:\WINXP\Tasks\Avast Emergency Update.job
2019-02-05 22:09 - 2019-02-05 22:11 - 000224752 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswvmm.sys
2019-02-05 22:09 - 2019-02-05 22:10 - 000735488 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswsnx.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000184592 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswStmXP.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000092256 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswMonFlt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000060424 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRvrt.sys
2019-02-05 22:09 - 2019-02-05 22:08 - 000034008 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswHwid.sys
2019-02-05 22:08 - 2019-02-05 22:07 - 000319760 ____N (AVAST Software) C:\WINXP\system32\aswBoot.exe
2019-02-05 22:07 - 2019-02-05 22:07 - 000053208 _____ (AVAST Software) C:\WINXP\avastSS.scr
2019-02-05 22:07 - 2019-02-05 22:07 - 000000000 ____D C:\Program Files\AVAST Software
2019-02-05 21:50 - 2019-02-05 21:50 - 000001817 _____ C:\Documents and Settings\All Users\Start Menu\Programs\Google Chrome.lnk
2019-02-05 21:50 - 2019-02-05 21:50 - 000001811 _____ C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk
2019-02-05 21:48 - 2019-02-08 15:59 - 000000986 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineUA.job
2019-02-05 21:48 - 2019-02-08 13:50 - 000000982 _____ C:\WINXP\Tasks\GoogleUpdateTaskMachineCore.job
2019-02-05 21:48 - 2019-02-05 21:50 - 000000000 ____D C:\Program Files\Google
2019-02-05 17:11 - 2019-02-05 17:11 - 000036533 _____ C:\Documents and Settings\PC\Desktop\Vikings.s05e18.(subs.sab.bz).zip
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Start Menu\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000775 _____ C:\Documents and Settings\PC\Desktop\BS.Player FREE.lnk
2019-01-30 15:58 - 2019-01-30 15:58 - 000000000 ____D C:\Documents and Settings\PC\Start Menu\Programs\BS.Player
2019-01-30 15:56 - 2019-01-30 15:56 - 000000000 ____D C:\Program Files\Webteh
2019-01-30 13:14 - 2019-02-05 22:10 - 000433768 ____N (AVAST Software) C:\WINXP\system32\Drivers\aswsp.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000066688 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswTdi.sys
2019-01-30 13:14 - 2019-02-05 22:08 - 000064272 _____ (AVAST Software) C:\WINXP\system32\Drivers\aswRdr.sys
2019-01-30 13:13 - 2019-01-30 13:13 - 000000000 ____D C:\Program Files\Alwil Software
2019-01-29 11:45 - 2019-02-06 10:45 - 000000066 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2019-01-28 12:47 - 2019-01-28 12:47 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\chromium
2019-01-28 12:45 - 2019-01-28 12:45 - 000000000 ____D C:\Documents and Settings\PC\Application Data\4289652d7c94fcc7ae174ec1919b8b78

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-02-09 01:32 - 2018-03-20 19:03 - 000000826 _____ C:\WINXP\Tasks\Adobe Flash Player Updater.job
2019-02-09 01:11 - 2018-03-20 19:03 - 000000876 _____ C:\WINXP\Tasks\Adobe Flash Player NPAPI Notifier.job
2019-02-08 16:31 - 2014-08-25 12:31 - 000322336 _____ C:\Documents and Settings\PC\My Documents\Нов Текстов документ.txt
2019-02-08 15:48 - 2018-06-30 09:43 - 000001016 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineUA.job
2019-02-08 13:53 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\Temp
2019-02-08 13:50 - 2018-06-30 09:43 - 000001012 _____ C:\WINXP\Tasks\AvastUpdateTaskMachineCore.job
2019-02-08 13:50 - 2011-02-05 12:04 - 000000006 ____H C:\WINXP\Tasks\SA.DAT
2019-02-08 13:48 - 2011-02-05 12:11 - 000000278 ___SH C:\Documents and Settings\PC\ntuser.ini
2019-02-08 13:48 - 2011-02-05 12:11 - 000000000 ____D C:\Documents and Settings\PC
2019-02-08 13:48 - 2011-02-05 12:04 - 000032546 _____ C:\WINXP\SchedLgU.Txt
2019-02-08 13:47 - 2014-06-10 13:20 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Supersoftware App
2019-02-08 13:10 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP
2019-02-08 01:36 - 2017-09-08 10:48 - 000000000 _____ C:\WINXP\system32\last.dump
2019-02-07 01:40 - 2011-02-05 14:28 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BitComet
2019-02-06 23:29 - 2011-02-05 12:04 - 000000000 ____D C:\Documents and Settings\LocalService\Local Settings\Temp
2019-02-06 23:27 - 2015-11-05 23:52 - 000000000 ___HD C:\WINXP\system32\GroupPolicy
2019-02-05 22:19 - 2011-02-05 11:59 - 000002577 _____ C:\WINXP\system32\CONFIG.NT
2019-02-05 22:18 - 2011-02-05 13:22 - 000000000 ____D C:\WINXP\system32
2019-02-05 22:14 - 2018-07-21 09:26 - 000065536 _____ C:\WINXP\system32\config\Antivirus.Evt
2019-02-05 22:12 - 2011-02-05 13:22 - 000000000 ___HD C:\WINXP\inf
2019-02-05 22:07 - 2017-05-29 23:50 - 000011295 _____ C:\Documents and Settings\PC\Desktop\Нов Текстов документ.txt
2019-02-05 22:07 - 2014-01-05 10:18 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\AVAST Software
2019-02-05 20:49 - 2011-02-05 17:51 - 000064512 _____ C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2019-02-05 17:22 - 2015-11-04 18:59 - 000000000 ____D C:\Documents and Settings\PC\Application Data\vlc
2019-02-05 12:23 - 2018-12-27 23:12 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Изтегляния
2019-02-05 11:09 - 2008-04-14 13:00 - 000002206 _____ C:\WINXP\system32\wpa.dbl
2019-01-31 19:20 - 2016-01-04 15:01 - 000000000 ____D C:\Documents and Settings\PC\My Documents\Bluetooth Exchange Folder
2019-01-30 13:20 - 2012-03-09 15:57 - 000000000 ____D C:\Documents and Settings\PC\Local Settings\Application Data\Google
2019-01-30 12:56 - 2015-11-03 23:44 - 000000000 ____D C:\Documents and Settings\PC\Application Data\BSplayer
2019-01-30 12:45 - 2018-01-26 10:54 - 000000000 _____ C:\Documents and Settings\PC\last.dump
2019-01-19 22:05 - 2015-01-07 13:41 - 000018432 ____H C:\Documents and Settings\PC\Desktop\photothumb.db
2019-01-10 12:32 - 2018-03-20 19:03 - 000842240 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerApp.exe
2019-01-10 12:32 - 2018-03-20 19:03 - 000175104 _____ (Adobe Systems Incorporated) C:\WINXP\system32\FlashPlayerCPLApp.cpl

==================== Files in the root of some directories =======

2011-02-05 17:51 - 2019-02-05 20:49 - 000064512 _____ () C:\Documents and Settings\PC\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINXP\explorer.exe => File is digitally signed
C:\WINXP\system32\winlogon.exe => File is digitally signed
C:\WINXP\system32\svchost.exe => File is digitally signed
C:\WINXP\system32\services.exe => File is digitally signed
C:\WINXP\system32\User32.dll => File is digitally signed
C:\WINXP\system32\userinit.exe => File is digitally signed
C:\WINXP\system32\rpcss.dll => File is digitally signed
C:\WINXP\system32\dnsapi.dll => File is digitally signed
C:\WINXP\system32\dllhost.exe => File is digitally signed
C:\WINXP\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================


Addition.txt


 

преди 6 часа, Stoyannnov написа:

Стъпка 2

  • В полето с copy/paste поставете следния сорс като копирате всичко, дори точките и разстоянията!

:filefind
Decehifo
chromium

:folderfind
Decehifo
chromium

:regfind
Decehifo
chromium
  • Натиснете бутона Look, след като сте поставили кода в бялото каре.

Ти хубаво си казал, ама мен хич ме няма.
 

SystemLook 30.07.11 by jpshortstuff
Log created at 20:34 on 09/02/2019 by PC
Administrator - Elevation successful

========== filefind ==========

Searching for "Decehifo"
No files found.

Searching for "chromium"
No files found.

========== folderfind ==========

Searching for "Decehifo"
No folders found.

Searching for "chromium"
C:\Documents and Settings\PC\Local Settings\Application Data\chromium    d------    [10:47 28/01/2019]

========== regfind ==========

Searching for "Decehifo"
No data found.

Searching for "chromium"
[HKEY_CURRENT_USER\Software\Microsoft\Search Assistant\ACMru\5603]
"001"="chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.htm\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.html\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.shtml\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.webp\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xht\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\.xhtml\OpenWithProgids]
"ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"=""
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM]
@="Chromium HTML Document"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon]
@="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" -- "%1""
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe]
"LocalizedString"="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\chrome.exe\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM]
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM]
@="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationDescription"="Chromium е уеб браузър, който зарежда уеб страници и изпълнява приложения със светкавична скорост. Той е бърз, стабилен и лесен за употреба. Сърфирайте в мрежата по-безопасно с вградената защита на Chromium срещу злонамерен софтуер и фишинг."
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationIcon"="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities]
"ApplicationName"="Chromium"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".htm"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".html"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".shtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".xht"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".xhtml"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\FileAssociations]
".webp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\Startmenu]
"StartMenuInternet"="Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"ftp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"http"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"https"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"irc"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"mailto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"mms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"news"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"nntp"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"sms"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"smsto"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"tel"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"urn"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities\URLAssociations]
"webcal"="ChromiumHTM.Z7STK6KXG4NHK4BMBDJCT6MHYM"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\DefaultIcon]
@="C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe,0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"ReinstallCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --make-default-browser"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"HideIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --hide-icons"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\InstallInfo]
"ShowIconsCommand"=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe" --show-icons"
[HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\shell\open\command]
@=""C:\Documents and Settings\PC\Local Settings\Application Data\Chromium\Application\chrome.exe""
[HKEY_LOCAL_MACHINE\SOFTWARE\RegisteredApplications]
"Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM"="Software\Clients\StartMenuInternet\Chromium.Z7STK6KXG4NHK4BMBDJCT6MHYM\Capabilities"
[HKEY_USERS\S-1-5-21-1060284298-842925246-1417001333-1003\Software\Microsoft\Search Assistant\ACMru\5603]
"001"="chromium"

-= EOF =-

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете файла fixlist и го запазете там където е и FRST.exe

  • Стартирайте FRST.exe и натиснете бутона FIX веднъж!
  • Почистването ще започне, не използвайте системата!
  • След като приключи, ако ви поиска рестартиране на windows, съгласете се.
  • След като зареди системата публикувайте лог файла с име fixlog.txt.

Забележка: Текущия фикс да не се използва на други системи!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Предполагам, че вече всичко е наред, но все пак ще попитам, как е системата сега?

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявай за бавният отговор, но просто не мога да намеря време да седна на компютъра. Иначе дa, наред е. Много ти благодаря, че ми помогна. Само, че имам питане. Tука отскоро мисля, че след като изтеглих този Malware всеки път като включа компютъра ми излиза това blob.thumb.png.e6a976a7645711b4ee9f627c03481089.png

И не знам как да го махна.Като го отворя пък ми излиза това : 
blob.thumb.png.d346d002a4c7da51be735966fb229dea.png

Не знам дали има общо с Malware, просто го свързвам с него понеже след като го инсталирах взе да ми излиза това нещо.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това балонче го игнорирайте, едно време показваше дупки в сигурността на XP. Сега Цялото XP си е дупка. Ако Ви пречи, има вариант, в който можете да го спрете:

Windows key + R => services.msc => намирате сървис с име Security Center => десен бутон на него => Properties => от startup type: падащото меню изберете Disabled. И отдолу на Service Status: изберете STOP.

 

От използваните програми, можете да си оставите Malwarebytes Anti-Malware, за да правите проверки на windows периодично.

Останалите ще ги премахнем:

За FRST:

  • Преименувайте файла от FRST.exe на Uninstall.exe  9502769v.png
  • Стартирайте Uninstall.exe
  • Ще излезе прозорче, което Ви казва, че след натискането на бутона OK windows ще бъде рестартиран.

 

Останалите програми:

Изтеглете: P6YS34D.png Delfix.

  • Стартирайте Delfix.exе.
  • По подразбиране трябва да има 2 отметки на "Remove disinfection tools" и "Purge system restore ". Ако липсват, ги сложете.
  • Натиснете бутона "Run". 
  • Инструмента ще се самоизтрие след като приключи работата си.
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Удължаване на поддръжката на Windows XP


Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не сте ми казвали, ама аз да кача : 
 

# DelFix v1.013 - Logfile created 12/02/2019 at 16:29:22
# Updated 17/04/2016 by Xplode
# Username : PC - ACER-71A12AA9FA
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)

~ Removing disinfection tools ...


~ Cleaning system restore ...

Deleted : RP #1752 [Контролна точка на системата | 02/10/2019 17:39:52]
Deleted : RP #1753 [Restore Point Created by FRST | 02/10/2019 18:50:16]
Deleted : RP #1754 [Контролна точка на системата | 02/11/2019 19:11:59]

New restore point created !

########## - EOF - ##########

Иначе Security Center като го спирах както ми каза чрез комбинацията Windows key + R, освен него ви
дях папки на програми и игри, които нямам отдавна и ги махнах и тях и сега в disc C ми се освободиха близо 3gb. 


 

преди 20 часа, DarkEdge написа:

Удължаване на поддръжката на Windows XP

  Затвори скритото съдържание


Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

 


Извинявай, ама не те разбрах. Трябва да си го изтегля този Windwos Registry Editor ли? Или това се въвежда някъде? Или нито едното.







 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
Цитат

Windows Registry Editor Version 5.00 
[HKEY_LOCAL_MACHINE\SYSTEM\WPA\PosReady] 
"Installed"=dword:00000001

копирай текста и го постави в notepad. Сега кликни File> Save as от падащото меню File type избери All files type, в полето за писане напиши pos.reg и запиши на десктопа примерно. Кликни сега двукратно на файла pos и потвърди добавянето.
Рестартирай машината.
Разреши актуализирането.

blob.thumb.png.d346d002a4c7da51be735966fb229dea.png

Редактирано от DarkEdge (преглед на промените)
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Иво Огнянов
      Здравейте, на майка ми компютъра спря да се включва преди месец. Едвам днес намерих време да й го преинсталирам, но при пускане запчва да пищи и да свети червено. Звуците са 4 на брой, еднакви. Качвам звука и параметрите на щайгата..Ако може да ме ориентирате от какво може да е, да знам дали да го хвърлям или да се прави някъде.  https://m.facebook.com/story.php?story_fbid=2082279315141235&id=100000775608299

    • от Fabry
      През няколко минути се появява странно съобщение от системата - на прикачената снимка е . Ако някой помогне, ще съм задължен !

    • от jega96
      Здр-те на всички от форома,можели да ми кажете заразен ли съм със някакъв вирус,защото преди няколко седмици ми излезе грешка на декстапа ми изтрих я и сега неми се явява вече общо казано,принципно не ползвам антивирусни програми,не влизам кой знае каде,за да хвана вирус,ама все пак да ми отговорите,как съм със ОС,като цяло мерси предварително.

      FRST.txt
      Addition.txt
    • от The Negative One
      Та пуснах вече една тема - хората ме пратиха тук.Ситуацията е следната - При всяко включване на компютъра Google Chrome автоматично се е пуснал и е отворил някакъв сайт с глупости на руски език."Получи предсказание от Ванга" и прочие простотии.Та опитах да изчистя кеша и да рестартирам настройките на браузъра, но не постигнах ефект.Ще се радвам ако някой може да помогне!
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
      Ran by SHANOVr (administrator) on DESKTOP-4AUH82I (13-12-2018 12:11:15)
      Running from D:\Camera\downloads D
      Loaded Profiles: SHANOVr (Available Profiles: defaultuser0 & SHANOVr)
      Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Hi-Rez Studios) D:\SteamGammEZ\HiPatchService.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (f.lux Software LLC) C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (ASUSTek) C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
      HKLM-x32\...\Run: [VirtualCloneDrive] => D:\CloneDrive\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [f.lux] => C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [EpicGamesLauncher] => D:\boiii\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803328 2018-09-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [SHANOVr] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\MountPoints2: {5911fcb2-a851-11e8-a4da-fcaa14184561} - "F:\EuroTruckSimulator2_setup.exe" 
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Tcpip\..\Interfaces\{b2172693-d883-4ed3-8b20-1cd27a17c8d4}: [DhcpNameServer] 192.168.42.129
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Internet Explorer:
      ==================
      SearchScopes: HKU\S-1-5-21-392342708-715023771-1080359625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      Chrome: 
      =======
      CHR Profile: C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default [2018-12-13]
      CHR Extension: (Slides) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Docs) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
      CHR Extension: (YouTube) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
      CHR Extension: (Adblock Plus) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-12]
      CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-11-19]
      CHR Extension: (Sheets) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Docs Offline) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
      CHR Extension: (AdBlock) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
      CHR Extension: (Chrome Media Router) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-07] ()
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-16] (EasyAntiCheat Ltd)
      U2 HiPatchService; D:\SteamGammEZ\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
      R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation)
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc.)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
      R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
      S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation)
      R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-12 15:59 - 2018-12-12 15:59 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\Google
      2018-11-28 00:07 - 2018-11-21 15:41 - 000715172 _____ C:\Users\SHANOVr\Desktop\Scan2.TIF
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-13 12:11 - 2017-04-22 22:42 - 000000000 ____D C:\FRST
      2018-12-13 12:10 - 2018-01-20 22:10 - 001425282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-12-13 12:07 - 2017-01-22 20:01 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-12-13 12:06 - 2018-01-20 22:09 - 000003098 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
      2018-12-13 12:05 - 2018-01-20 21:57 - 000000000 ____D C:\Users\SHANOVr
      2018-12-13 12:05 - 2017-01-22 20:15 - 000000000 __SHD C:\Users\SHANOVr\IntelGraphicsProfiles
      2018-12-13 12:05 - 2017-01-22 19:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2018-12-13 12:04 - 2018-01-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-12-13 12:04 - 2018-01-20 21:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-12-13 09:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
      2018-12-12 22:54 - 2017-01-22 20:18 - 000000000 ____D C:\Program Files\Steam
      2018-12-12 09:13 - 2017-02-28 08:33 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\AIMP3
      2018-12-12 08:46 - 2017-01-23 13:27 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2018-12-10 22:50 - 2018-02-04 12:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
      2018-12-06 09:16 - 2018-01-20 21:58 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\Packages
      2018-12-03 10:25 - 2018-01-20 22:09 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392342708-715023771-1080359625-1001
      2018-12-03 10:25 - 2017-01-22 19:50 - 000002369 _____ C:\Users\SHANOVr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-11-29 08:12 - 2017-01-27 15:27 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\CrashDumps
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-11-23 12:33 - 2018-10-19 09:15 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\ElevatedDiagnostics
      ==================== Files in the root of some directories =======
      2017-02-06 20:32 - 2017-02-06 20:32 - 000000017 _____ () C:\Users\SHANOVr\AppData\Local\resmon.resmoncfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-12-08 22:12
      ==================== End of FRST.txt ============================
       
      Addition.txt
    • от roggoto
      Здравейте!
      Ползвам Google Chrome, но от известно време, докато не ми стана трън в очите и не ми пречеше, се появиха едни и същи реклами/банери на руски, показващи някакви абсолютни глупости, понякога и порнографски снимки върху оригиналните реклами, за които е платено да се появят в интернет пространството! Който и сайт да отворя те веднага покриват местата за платените реклами върху оригиналните, които трябва да се появят там! Докато днес си пуснах видео в един сайт на БГ телевизия и видях, че се появяват върху самото видео като по този начин ми блокират и функциите на видеото за спиране , пускане, увеличаване на екрана (прикачил съм снимка)! Някой, ако знае как да спра/премахна тази досада, ще съм благодарен да сподели!

      Addition.txt
      FRST.txt
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.