Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Ето това са моите кажете ми има ли проблем и как да го оправя че нещо ми се бъгна виндовса 

Addition.txt FRST.txt

Линк към този отговор
Сподели в други сайтове

Здраейте ..при вас наличието на кракнат софтуер и друг излишен е в изобилие:

 

  • Натиснете иконата на Windows на вашия работен плот, заедно с буквата R.
  • Въведете cmd и натиснете Ctrl + Shift + Enter, за да стартирате командния ред като администратор.
  • Копирайте и поставете следната команда и натиснете Enter:
slmgr /dli
  • След като изпълните командата, ще получите отчет. Моля, направете екранна снимка на това, което сте получили, и го прикачете в следващия си отговор. 

 

CKScanner

Изтеглете CKScanner от askey127 от тук:

Важно: Запазете го на работния плот.

  •     Щракнете двукратно върху CKScanner.exe и щракнете върху Search For Files .
  •     След много кратко време, когато часовникът на курсора изчезне, щракнете върху Save List To File .
  •     Съобщение ще потвърди, че файлът е запазен. Моля, стартирайте програмата само веднъж. 
  •     Щракнете двукратно върху иконата на CKFiles.txt на вашия работен плот и копирайте / поставете съдържанието в следващия си отговор.

 

 

Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с име SecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

  • Харесване 2
Линк към този отговор
Сподели в други сайтове

CKScanner 2.5 - Additional Security Risks - These are not necessarily bad
c:\users\ХубавДен\desktop\award keylogger pro 3.1\keygen.exe
c:\windows\kj\kmservice.exe
scanner sequence 3.AA.11.HDAPKZ
 ----- EOF ----- 
 

Линк към този отговор
Сподели в други сайтове

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 07.04.2021 16:52:37
Path starting: C:\Users\ХубавДен\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: ХубавДен
VersionXML: 4.73s-27.10.2017
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x64) Professional Lang: 0402
Installation date OS: 28.02.2021 00:46:51
LicenseStatus: Windows(R) 7, Professional edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Google\Chrome\Application\chrome.exe
SystemDrive: C: FS: [NTFS] Capacity: [97.6 Gb] Used: [70.6 Gb] Free: [27 Gb]
------------------------------- [ Windows ] -------------------------------
[color=red][b]Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats[/b][/color]
Internet Explorer 8.0.7601.17514 [color=red][b]Warning! [url=http://windows.microsoft.com/en-us/internet-explorer/ie-11-worldwide-languages]Download Update[/url][/b][/color]
[color=blue][b]Online installation. Last version available when Windows update is enabled throught the Internet.[/b][/color]
[color=red][b]User Account Control [b]disabled[/b] (Level 1)[/b][/color]
[color=blue][b]^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^[/b][/color]
Automatically download and schedule installation
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
World Wide Web Publishing Service (W3SVC) - The service is running
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
Avast Antivirus (enabled and up to date)
---------------------------- [ Firewall_WMI ] -----------------------------
Avast Antivirus (enabled)
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (disabled and up to date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Premium Security v.21.2.2455
--------------------------- [ OtherUtilities ] ----------------------------
WinRAR 6.00 (64-bit) v.6.00.0 [b][+][/b]
Microsoft Silverlight v.5.1.50918.0 [b][+][/b]
--------------------------------- [ P2P ] ---------------------------------
µTorrent v.3.5.5.45966 [b][color=red]Warning! P2P-client[/color][/b].
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 25 PPAPI v.25.0.0.148 [color=red][b]Warning! [url=http://download.macromedia.com/pub/flashplayer/latest/help/install_flash_player_ppapi.exe]Download Update[/url][/b][/color]
------------------------------- [ Browser ] -------------------------------
Google Chrome v.89.0.4389.114 [b][+][/b]
------------------ [ AntivirusFirewallProcessServices ] -------------------
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\Avast Software\Avast\AvastSvc.exe v.21.2.6096.0
aswbIDSAgent (aswbIDSAgent) - The service is running
C:\Program Files\Avast Software\Avast\aswidsagent.exe v.21.2.6096.645
C:\Program Files\Avast Software\Avast\AvastUI.exe v.21.2.6096.0
C:\Program Files\Avast Software\Avast\afwServ.exe v.21.2.6096.0
Avast Firewall Service (avast! Firewall) - The service is running
Windows Defender (WinDefend) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
DAEMON Tools Toolbar v.1.1.0.0283 [b]Warning! Browser's toolbar.[/b] It can slow down the working of your browser and have violation privacy problems.
Driver Booster 8 v.8.3.0 [b]Warning![/b] Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
IObit Software Updater v.3.6.0.2072 [b]Warning![/b] Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering.
----------------------------- [ End of Log ] ------------------------------
 


Линк към този отговор
Сподели в други сайтове

Деинсталиране на Adobe Flash Player

Забележка: Adobe Flash Player вече не се поддържа и представлява риск за сигурността.

  • Изтеглете Adobe Flash Player Uninstaller и го запазете на вашия работен плот
  • Щракнете с десния бутон върху иконата и изберете Изпълни като администратор
  • Щракнете върху Деинсталиране ( Uninstall)  и след това Готово (Done) , за да рестартирате компютъра си

 

Деинсталиране на нежелани / ненужни програми:

 

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Цитат

DAEMON Tools Toolbar

Driver Booster

Driver Easy

IObit Software Updater

SearcherBar

Web Companion

 

+

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

 

Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)
  • Харесване 1
Линк към този отговор
Сподели в други сайтове
  • B-boy/StyLe/ промени заглавието на Профилактична проверка на системата

Meрси според мене просто Microsoft са си взели наи хубавите неща от цялата работа и сега заради някакви отворковци които работят подобна работа няма интернет подръжка аз не съм я използвал никога и без това :)  :)  :) 

Единствено ако може да разбера дали някои може да ми следи монитора или клавиатурата има хора които са под голям стрес без причина но няма какво да се направи, всеки сам се лъже но лошо е като почне да се вманиачава и да блафира околните. Нали на моя компютър важното е да няма такива хакери, тех и да ги има те лъжат и блафират да ги помисли някои че са голяма работа и големи разбирачи ама нищо не разбират абе мерси мерси преди два месеца си купих оригинален Windows 7 и съм доволен само че имам трудности докато го направя да вървят игрите нормално.

Линк към този отговор
Сподели в други сайтове
преди 8 часа, Адриан Младенов написа:

...преди два месеца си купих оригинален Windows 7 и съм доволен само че имам трудности докато го направя да вървят игрите нормално

Цитат

Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats

 

Поддръжката за Windows 7 е прекратена на 14 януари 2020, но софтуерът ще продължи да функционира. След 14 януари 2020 г., ако компютърът ви работи с Windows 7, той вече няма да получава актуализации на защитата.Без непрекъснати актуализации на софтуера и защитата, той ще бъде изложен на по-голям риск за вируси и злонамерен софтуер. Следователно е важно да преминете към модерна операционна система  която може да осигури най-новите актуализации на защитата, за да запази безопасността на вас и вашите данни. В допълнение, обслужването на клиенти на Microsoft вече няма да бъде достъпно за предоставяне на техническа поддръжка за Windows 7.

https://www.microsoft.com/en-us/windows/windows-7-end-of-life-support-information

  • Харесване 5
Линк към този отговор
Сподели в други сайтове
на 8.04.2021 г. в 3:45, Адриан Младенов написа:

преди два месеца си купих оригинален Windows 7

Много ме озадачава това ..! В лиценза пише OEM_SLP (System Locked Pre-installation).
OEM SLP ключовете са предварително инсталирани от производителя в машината. Как активирахте такъв вид лиценз в компютъра си..? 

 

Както и да е ..! Ще продължим ли с процедурите или да заключа темата..? Това че не отговаряте за мен е знак че сте си решили проблема  или не е така ..? Малко ми е неприятно , защото аз съм доброволец и отделям от личното си време , безплатно , с дружни усилия да решим въпроса ..Но когато  няма обратна връзка е меко казано некоректно от ваша страна ..! 

  • Харесване 2
Линк към този отговор
Сподели в други сайтове
  • icotonev заключи тази тема
  • icotonev отключи тази тема

В шестия пост съм ви дал какво очаквам от вас ..!

 

на 7.04.2021 г. в 19:44, icotonev написа:

Деинсталиране на Adobe Flash Player

Забележка: Adobe Flash Player вече не се поддържа и представлява риск за сигурността.

  • Изтеглете Adobe Flash Player Uninstaller и го запазете на вашия работен плот
  • Щракнете с десния бутон върху иконата и изберете Изпълни като администратор
  • Щракнете върху Деинсталиране ( Uninstall)  и след това Готово (Done) , за да рестартирате компютъра си

 

Деинсталиране на нежелани / ненужни програми:

 

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:

 

+

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

 

Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)

 

  • Харесване 2
Линк към този отговор
Сподели в други сайтове

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by ХубавДен (11-04-2021 10:38:09)
Running from C:\Users\ХубавДен\Desktop
Windows 7 Professional Service Pack 1 (X64) (2021-02-28 00:46:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1642643817-1668024669-138335520-500 - Administrator - Disabled)
Guest (S-1-5-21-1642643817-1668024669-138335520-501 - Limited - Disabled)
ХубавДен (S-1-5-21-1642643817-1668024669-138335520-1000 - Administrator - Enabled) => C:\Users\ХубавДен

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«007 Legends» 1.0 (HKLM-x32\...\007 Legends_is1) (Version: 1.0 - R.G. Catalyst)
µTorrent (HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.0.0.12 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 89.1.8954.117 - Авторите на CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Counter-Strike1.6 2018 SteamRIP (HKLM-x32\...\Counter-Strike1.6 2018 SteamRIP) (Version: v2.1 - )
DAEMON Tools Toolbar (HKLM-x32\...\DAEMON Tools Toolbar) (Version: 1.1.0.0283 - DT Soft Ltd)
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 - ElAmigos version 1.39.4.17 (HKLM-x32\...\{9384C835-3AAB-4AEB-A190-765E3FB774E1}_is1) (Version: 1.39.4.17 - SCS Software)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.63.5327 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Grand Theft Auto San Andreas version 1.0.1 (HKLM-x32\...\Grand Theft Auto San Andreas_is1) (Version: 1.0.1 - Rockstar)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
IObit Software Updater (HKLM-x32\...\IObit Software Updater_is1) (Version: 3.6.0.2072 - IObit)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET SDK 5.0.200 (x64) (HKLM-x32\...\{93e8dee5-34f5-4d85-bb29-7d3525839d09}) (Version: 5.2.21.12102 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29910 (HKLM\...\{06F1FCFD-8F77-488A-A477-6CA8A783EDD7}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29910 (HKLM\...\{DE015560-04E3-4915-8F99-5B29289E3998}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29910 (HKLM-x32\...\{6D7D03AB-CC57-4350-9451-EF33BF17FBB4}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29910 (HKLM-x32\...\{1110E034-017D-48D8-83B9-AF2A2BFDD385}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.5.29 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 2.1.17.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{F5AFF327-9B52-4E96-B5A0-BD2488A8EEC9}) (Version: 1.3.23.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.18.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 5.02.02.6400 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Peak Shift Control (HKLM\...\{73F1BDB6-11E1-11D5-9DC6-00C04F2FC33B}) (Version: 3.00.07.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.39 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
VulkanSDK 1.2.170.0 (HKLM\...\VulkanSDK1.2.170.0) (Version: 1.2.170.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{a0b0e855-6c57-48f6-ae13-172b8cb70c69}) (Version: 7.0.2417.4248 - Lavasoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-01-20] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\ХубавДен\Desktop\Компютър.lnk -> [LFPO :i+00r1SPS0%G`%><[email protected]!8AB5<=0 ?0?:01SPSjc(=Oe)::{20D04FE0-3AEA-1069-A2D8-08002B30309D}] <==== Cyrillic
Shortcut: C:\Users\ХубавДен\Desktop\рисуване.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
ShortcutWithArgument: C:\Users\ХубавДен\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2021-04-03 09:06 - 2013-02-02 13:32 - 002805760 _____ () [File not signed] C:\Program Files (x86)\ProKAward\wap.dll
2012-01-20 05:11 - 2012-01-20 05:11 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-01-20 05:10 - 2012-01-20 05:10 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-01-20 05:11 - 2012-01-20 05:11 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-01-20 05:08 - 2012-01-20 05:08 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2021-03-06 16:35 - 2012-02-27 03:59 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000011928 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000011720 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000014488 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012432 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012440 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000015816 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000013768 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012952 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012464 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000021144 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000020120 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000016536 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000017864 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000018376 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000014280 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000590112 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\MSVCP140.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 001035720 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000101872 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000044528 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 005621024 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\mfc140u.dll
2009-08-18 12:24 - 2009-08-18 12:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2021-02-28 11:52 - 2021-02-28 11:52 - 000479232 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
2021-02-28 11:52 - 2021-02-28 11:52 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2021-02-28 11:52 - 2021-02-28 11:52 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\ucrtbase.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\VCRUNTIME140.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\MSVCP140.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\ucrtbase.DLL
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\VCRUNTIME140.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-02-28 10:32 - 2020-12-01 21:01 - 000567344 _____ (win.rar GmbH -> Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKU\.DEFAULT -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2021-03-20 22:28 - 000001760 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\VulkanSDK\1.2.170.0\Bin;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "TPwrMain"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9B2E32E1-AA61-494D-AB81-5D6787BBF89F}] => (Allow) C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{32B769D7-D242-4DF1-87A4-52020E4B3B2B}] => (Allow) C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{DDD5FF98-0004-41F6-A0E7-2F4BD4F740D4}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [TCP Query User{FAF89285-1D88-4D5B-8502-B83D15703F40}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [UDP Query User{29348295-BC0E-4C59-B354-8C84D9361D70}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [{CC4CB7D2-EAC5-4741-A2AA-AB00FC6D1EF5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{9B1130CD-3D9C-4FF0-9BED-41E31C791516}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C35946F3-AF29-40F0-901F-BE39114BB07A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9EA6AAF4-3FEC-454D-B6FF-E3AC2455B0AA}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [UDP Query User{16653EF5-AAA2-4589-9582-5750D113D2BF}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [{60B0662F-2A42-4EBF-B2F5-CB0111B4F448}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

07-04-2021 14:09:31 Removed Bluetooth Stack for Windows by Toshiba.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/11/2021 10:34:13 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:12 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:11 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 10:34:10 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.


System errors:
=============
Error: (04/11/2021 10:34:42 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 10:34:41 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 10:34:40 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 10:33:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (04/11/2021 10:33:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (04/11/2021 10:33:39 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.

Error: (04/11/2021 09:57:00 AM) (Source: SNMP) (EventID: 1500) (User: )
Description: The SNMP Service encountered an error while accessing the registry key SYSTEM\CurrentControlSet\Services\SNMP\Parameters\TrapConfiguration.

Error: (04/11/2021 09:38:50 AM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.


==================== Memory info =========================== 

BIOS: Insyde Corp. 6.80 10/01/2013
Motherboard: Type2 - Board Vendor Name1 Type2 - Board Product Name1
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 72%
Total physical RAM: 8151.8 MB
Available physical RAM: 2247.06 MB
Total Virtual: 16301.81 MB
Available Virtual: 10252.19 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:30.72 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:180.16 GB) NTFS
Drive g: (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (VIVICAM7340) (Removable) (Total:1.89 GB) (Free:0.66 GB) FAT


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5C08D6FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by ХубавДен (administrator) on KOMPUTER (TOSHIBA SATELLITE L850) (11-04-2021 10:34:08)
Running from C:\Users\ХубавДен\Desktop
Loaded Profiles: ХубавДен
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Български (България)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ProKAward\rsasws.exe
() [File not signed] C:\Program Files (x86)\ProKAward\wap.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(BitTorrent Inc -> BitTorrent Inc.) [File not signed] C:\Users\ХубавДен\AppData\Roaming\uTorrent\updates\3.5.5_45966\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) [File not signed] C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe
(DAEMON Tools Code Signing Services -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(PEGATRON CORPORATION -> ) C:\Windows\System32\GFNEXSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <16>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(SRS Labs, Inc. -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) [File not signed] C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TPHM\TosWififind.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHook.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2203888 2016-07-21] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2021-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [598448 2011-06-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft Inc. -> Nullsoft, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [uTorrent] => C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe [2133032 2021-03-20] (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DAEMON Tools Code Signing Services -> DT Soft Ltd)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [CCleanerBrowserAutoLaunch_AA3A62200D67D2EB261FC715575088DF] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {0a8e4f73-7ea2-11eb-a1c7-1cc63ca74361} - F:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {372d99f0-7e9e-11eb-b377-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {6721721a-92c1-11eb-9a67-1cc63ca74361} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [CCleanerBrowserAutoLaunch_97D22812892757E1B18B6C7E90D30B42] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\89.1.8954.117\Installer\chrmstp.exe [2021-04-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC95EC36-10E5-4e80-9A47-3A413963594C}] -> C:\Windows\system32\tosWirelessLANIndicatorCP.dll [2011-02-17] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2011-07-22] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1EA46089-0AD9-4EF1-AA77-CEBF589B0950} - System32\Tasks\{7A0ABD83-9CB4-4E8E-A2D6-2FD8531E8EDF} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {2178DA9B-D8BF-4340-AB15-58C985FB5897} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {2AB22143-80AF-4AB2-8B2A-17F5843F6F6B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {36663155-A107-4D87-A183-D431E259897F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2021-03-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed]
Task: {4B70B99C-C3F0-434B-BFFB-EA563A76C6D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6654F23B-76E2-48F4-A1E4-4791B7C3A602} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
Task: {6AD474DD-38C0-4C0A-879D-A50BB54B86FB} - System32\Tasks\{F98C031F-35C1-40C0-A4B8-5987359C06F3} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {74D39671-8AA6-41C0-BDA5-19B603A03905} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
Task: {7E62E71D-E515-49DD-B2D2-4354929C0CCB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-28] (Google LLC -> Google LLC)
Task: {9E079D95-745A-47CC-9E90-4F09FC99CF96} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
Task: {AD28578E-F449-4A8D-A6E8-1EDD2EE9A403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-03-04] (Avast Software s.r.o. -> Avast Software)
Task: {B4475AE8-26E5-4649-985D-C7F79690E350} - System32\Tasks\Software Updater SkipUAC(ХубавДен) => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit) <==== ATTENTION
Task: {B75CD2D8-D717-4F1C-A713-258752B79457} - System32\Tasks\Software Updater Scheduler => C:\Program Files (x86)\IObit\Software Updater\SUInit.exe [1789200 2020-06-30] (IObit Information Technology -> IObit Software updater) <==== ATTENTION
Task: {B8936DB6-95A9-4608-BA77-105454F3A68B} - System32\Tasks\{B146D00D-55AC-41DE-AED1-974030C3203D} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {BEF34503-D64D-4475-8F46-F8CBC89B955A} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [305080 2011-10-24] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Task: {C9031EEB-5D1A-4B66-9324-C7328FAF1576} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {CB4EB40C-174C-4BB5-B60C-5D6EE51AD4C6} - System32\Tasks\SU_AutoUpdate => C:\Program Files (x86)\IObit\Software Updater\SoftwareUpdater.exe [4513224 2021-01-19] (IObit Information Technology -> IObit)
Task: {CBEF4719-121C-4E4B-9C17-0095662DE19D} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
Task: {D236AFCE-2CD6-4CCF-ADAD-2291A41E8541} - System32\Tasks\{E015BB53-BF18-43E2-8BE9-304F38FF4418} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {FA8A6AE4-9FF6-41E9-A6B9-7E23D7F57E89} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1954DEB-390D-4770-B170-965565576D76}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-04-07] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-04-07] (Piriform Software Ltd -> Piriform Software)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-07]
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-09]
CHR Notifications: Profile 1 -> hxxps://24segodnya.ru; hxxps://bazar.bg; hxxps://bg.compbs.com; hxxps://bg.yeniakrep.org; hxxps://news.bg; hxxps://novini.bg; hxxps://opoznai.bg; hxxps://www.facebook.com; hxxps://www.filehorse.com; hxxps://www.reddit.com; hxxps://www.shopsector.com; hxxps://www.vbox7.com
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-05]
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2021-03-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1302184 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\89.1.8954.117\elevation_service.exe [1504864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] (PEGATRON CORPORATION -> )
R2 SKLProService; C:\Program Files (x86)\ProKAward\rsasws.exe [98304 2012-02-13] () [File not signed]
R3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [986032 2017-04-24] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) [File not signed]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-03-04] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2021-03-06] () [File not signed]
S3 Tosrfcom; no ImagePath
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2021-03-06] (Microsoft Windows Hardware Compatibility Publisher -> )
U3 a47933xx; C:\Windows\System32\Drivers\a47933xx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 09:49 - 2021-04-11 09:49 - 001503928 _____ (Adobe) C:\Users\ХубавДен\Downloads\uninstall_flash_player (1).exe
2021-04-08 03:39 - 2021-04-08 03:39 - 001503928 _____ (Adobe) C:\Users\ХубавДен\Desktop\uninstall_flash_player.exe
2021-04-08 00:03 - 2021-04-08 00:04 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\ItTakesTwo
2021-04-08 00:01 - 2021-04-08 00:01 - 000000000 ____D C:\ProgramData\Origin
2021-04-07 16:53 - 2021-04-07 16:53 - 000008894 _____ C:\Users\ХубавДен\Desktop\SecurityCheck.txt
2021-04-07 16:52 - 2021-04-07 16:52 - 000000000 ____D C:\SecurityCheck
2021-04-07 16:51 - 2021-04-07 16:51 - 000518860 _____ (glax24 (safezone.cc)) C:\Users\ХубавДен\Desktop\SecurityCheck.exe
2021-04-07 16:48 - 2021-04-07 16:49 - 000000218 _____ C:\Users\ХубавДен\Desktop\ckfiles.txt
2021-04-07 16:43 - 2021-04-07 16:44 - 000468480 _____ () C:\Users\ХубавДен\Desktop\CKScanner.exe
2021-04-07 16:00 - 2021-04-08 05:06 - 000000000 ____D C:\Users\ХубавДен\Documents\Euro Truck Simulator 2
2021-04-07 15:09 - 2021-04-07 15:09 - 000048345 _____ C:\Users\ХубавДен\Desktop\Addition.txt
2021-04-07 15:08 - 2021-04-11 10:35 - 000024417 _____ C:\Users\ХубавДен\Desktop\FRST.txt
2021-04-07 14:44 - 2021-04-07 15:07 - 000048342 _____ C:\Users\ХубавДен\Downloads\Addition.txt
2021-04-07 14:41 - 2021-04-07 15:08 - 000048694 _____ C:\Users\ХубавДен\Downloads\FRST.txt
2021-04-07 14:40 - 2021-04-11 10:34 - 000000000 ____D C:\FRST
2021-04-07 14:40 - 2021-04-07 14:40 - 002298368 _____ (Farbar) C:\Users\ХубавДен\Downloads\FRST64 (1).exe
2021-04-07 14:39 - 2021-04-07 14:40 - 002298368 _____ (Farbar) C:\Users\ХубавДен\Desktop\FRST64.exe
2021-04-07 14:15 - 2021-04-07 14:15 - 000000586 _____ C:\Users\ХубавДен\Desktop\cc_20210407_141503.reg
2021-04-07 14:09 - 2021-04-07 14:10 - 000045396 _____ C:\Users\ХубавДен\Desktop\cc_20210407_140954.reg
2021-04-07 14:07 - 2021-04-07 14:07 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\GRETECH
2021-04-07 14:07 - 2021-04-07 14:07 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-04-07 14:06 - 2021-04-09 08:51 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-04-07 14:06 - 2021-04-09 08:51 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-04-07 14:06 - 2021-04-09 08:51 - 000002277 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2021-04-07 14:06 - 2021-04-08 18:17 - 000003484 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-04-07 14:06 - 2021-04-08 18:17 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-04-07 14:06 - 2021-04-08 18:17 - 000003144 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-04-07 14:06 - 2021-04-07 14:06 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\CCleaner Browser
2021-04-07 14:05 - 2021-04-11 09:59 - 000000000 ____D C:\Program Files\CCleaner
2021-04-07 14:05 - 2021-04-09 22:23 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-04-07 14:05 - 2021-04-08 18:17 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-04-07 14:05 - 2021-04-08 18:17 - 000002814 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-04-07 14:05 - 2021-04-07 14:05 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-04-07 14:05 - 2021-04-07 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-07 14:04 - 2021-04-07 14:04 - 031273232 _____ (Piriform Software Ltd) C:\Users\ХубавДен\Downloads\ccsetup578.exe
2021-04-07 13:37 - 2021-04-07 13:37 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\FastStone
2021-04-07 13:01 - 2021-04-07 13:01 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\mxgp6
2021-04-07 12:39 - 2021-04-07 12:39 - 000000000 ____D C:\Users\ХубавДен\VulkanSDK
2021-04-07 12:39 - 2021-04-07 12:39 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\LunarG
2021-04-07 12:38 - 2021-04-07 15:45 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\DAEMON Tools Lite
2021-04-07 11:50 - 2021-04-07 11:50 - 000152574 _____ C:\Users\ХубавДен\Downloads\MXGP.2020.The.Official.Motocross.Videogame-CODEX.torrent
2021-04-07 11:50 - 2021-04-07 11:50 - 000152574 _____ C:\Users\ХубавДен\Downloads\MXGP.2020.The.Official.Motocross.Videogame-CODEX (1).torrent
2021-04-07 11:42 - 2021-04-07 14:06 - 000977282 _____ C:\Users\ХубавДен\Downloads\Непотвърдено 627.crdownload
2021-04-07 11:42 - 2021-04-07 11:42 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020 (2).torrent
2021-04-07 11:41 - 2021-04-07 11:41 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020 (1).torrent
2021-04-07 11:41 - 2021-04-07 11:41 - 000000000 ____D C:\Program Files (x86)\VulkanRT-1.2.170.0-Components
2021-04-07 11:39 - 2021-04-07 11:39 - 010122840 _____ C:\Users\ХубавДен\Downloads\vulkan-runtime-components.zip
2021-04-07 11:39 - 2021-04-07 11:39 - 001688424 _____ C:\Users\ХубавДен\Downloads\vulkan-runtime.exe
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\WinRAR
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Program Files\VulkanRT-1.2.170.0-Components
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-04-07 11:38 - 2021-04-07 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan SDK 1.2.170.0
2021-04-07 11:37 - 2021-04-07 11:37 - 000000000 ____D C:\VulkanSDK
2021-04-07 11:36 - 2021-04-07 11:37 - 280236184 _____ C:\Users\ХубавДен\Downloads\vulkan-sdk.exe
2021-04-07 11:30 - 2021-04-07 11:30 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020.torrent
2021-04-07 11:22 - 2021-04-07 11:22 - 026415464 _____ (IObit ) C:\Users\ХубавДен\Downloads\driver_booster_setup_cyri.exe
2021-04-07 11:22 - 2021-04-07 11:22 - 005186136 _____ (Husdawg, LLC) C:\Users\ХубавДен\Downloads\Detection.exe
2021-04-07 11:08 - 2021-04-07 11:08 - 000105907 _____ C:\Users\ХубавДен\Downloads\Subnautica Below Zero.torrent
2021-04-07 02:45 - 2021-04-07 17:00 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\IObit
2021-04-07 02:44 - 2021-04-07 02:44 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\ATI
2021-04-07 02:11 - 2021-04-07 02:11 - 000000000 ____D C:\ProgramData\Novosoft
2021-04-07 02:10 - 2021-04-07 02:11 - 116333680 _____ C:\Users\ХубавДен\Downloads\handybackup.exe
2021-04-07 01:27 - 2021-04-07 01:27 - 227693922 _____ C:\Users\ХубавДен\Desktop\registry backup.reg
2021-04-07 00:15 - 2021-03-25 05:33 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-04-07 00:13 - 2021-04-07 02:44 - 000002003 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2021-04-07 00:13 - 2021-04-07 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-04-06 19:35 - 2021-04-06 19:35 - 000001063 _____ C:\Users\ХубавДен\Downloads\проблем с кучето на съседите и дворни кучета.txt
2021-04-06 13:46 - 2021-04-06 13:46 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Origin
2021-04-06 09:49 - 2021-04-06 09:49 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2021-04-06 09:49 - 2021-04-06 09:49 - 000000000 ____D C:\Users\DefaultAppPool
2021-04-06 09:49 - 2010-11-21 10:16 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2021-04-06 09:15 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{F98C031F-35C1-40C0-A4B8-5987359C06F3}
2021-04-06 09:15 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{7A0ABD83-9CB4-4E8E-A2D6-2FD8531E8EDF}
2021-04-06 09:14 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{E015BB53-BF18-43E2-8BE9-304F38FF4418}
2021-04-06 09:14 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{B146D00D-55AC-41DE-AED1-974030C3203D}
2021-04-06 09:06 - 2021-04-11 09:58 - 000000000 ___SD C:\Users\ХубавДен\AppData\LocalLow\Temp
2021-04-06 00:13 - 2021-04-06 00:13 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2021-04-06 00:13 - 2021-04-06 00:13 - 000000000 ____D C:\Users\Classic .NET AppPool
2021-04-06 00:13 - 2010-11-21 10:16 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Media Center Programs
2021-04-06 00:11 - 2021-04-06 00:13 - 000085446 _____ C:\Windows\system32\perfh002.dat
2021-04-06 00:11 - 2021-04-06 00:13 - 000031054 _____ C:\Windows\system32\perfc002.dat
2021-04-06 00:10 - 2021-04-06 00:10 - 000000862 _____ C:\Windows\system32\termcap
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\SysWOW64\BestPractices
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\system32\msmq
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\system32\BestPractices
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Program Files\Microsoft Games
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\inetpub
2021-04-05 17:51 - 2021-04-05 20:48 - 000000000 ____D C:\ProgramData\MyPC Utilities
2021-04-05 10:11 - 2021-04-07 15:59 - 000001100 _____ C:\ProgramData\Desktop\Euro Truck Simulator 2.lnk
2021-04-05 10:11 - 2021-04-05 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2021-04-05 10:01 - 2021-04-05 10:01 - 000000890 _____ C:\Users\ХубавДен\Desktop\Cheat Engine.lnk
2021-04-05 10:01 - 2021-04-05 10:01 - 000000000 ____D C:\Users\ХубавДен\Documents\My Cheat Tables
2021-04-05 10:01 - 2021-04-05 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2021-04-05 10:00 - 2021-04-07 18:18 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-04-05 10:00 - 2021-04-05 10:00 - 003472384 _____ ( ) C:\Users\ХубавДен\Desktop\CheatEngine72.exe
2021-04-05 09:13 - 2021-04-05 09:13 - 000000000 _____ C:\Windows\NDSTray.INI
2021-04-05 09:05 - 2021-04-05 09:06 - 107332040 _____ (2010-2021 Viber Media S.a.r.l) C:\Users\ХубавДен\Desktop\ViberSetup.exe
2021-04-03 13:48 - 2021-04-03 13:48 - 000000000 ____D C:\Users\ХубавДен\Documents\League of Legends
2021-04-03 10:07 - 2021-04-03 10:07 - 000000017 _____ C:\Users\ХубавДен\AppData\Local\resmon.resmoncfg
2021-04-03 09:06 - 2021-04-11 09:57 - 000000047 _____ C:\Windows\SysWOW64\E302AF636FDE.ini
2021-04-03 09:06 - 2021-04-11 09:55 - 000000000 ___HD C:\ProgramData\kprologs
2021-04-03 09:06 - 2021-04-03 11:02 - 000000000 ___HD C:\Program Files (x86)\ProKAward
2021-04-03 09:06 - 2021-04-03 09:06 - 000000983 _____ C:\Users\ХубавДен\Desktop\Award Keylogger Pro.lnk
2021-04-03 09:06 - 2021-04-03 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Award Keylogger Pro
2021-04-03 09:06 - 2009-05-13 19:35 - 000050688 _____ (Stardock.Net, Inc) C:\Windows\SysWOW64\wbhelp2.dll
2021-04-03 09:06 - 2009-05-13 19:35 - 000028160 _____ (Neil Banfield) C:\Windows\SysWOW64\anim.dll
2021-04-03 09:05 - 2021-04-03 09:05 - 000000000 ____D C:\Users\ХубавДен\Desktop\Award Keylogger Pro 3.1
2021-04-03 05:22 - 2021-04-03 05:22 - 000000288 _____ C:\nsispromotion_log.txt
2021-04-03 05:20 - 2021-04-03 05:20 - 000000000 ____D C:\ProgramData\GRETECH
2021-04-03 05:17 - 2021-04-03 05:23 - 000001127 _____ C:\ProgramData\Desktop\GOM Player.lnk
2021-04-03 05:17 - 2021-04-03 05:17 - 000001209 _____ C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2021-04-03 05:17 - 2021-04-03 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2021-04-03 05:16 - 2021-04-03 05:16 - 000000000 ____D C:\Program Files (x86)\GRETECH
2021-04-03 05:15 - 2021-04-03 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\БГ за GOM Player 2.2.53.5169
2021-04-03 05:15 - 2021-04-03 05:15 - 000000000 ____D C:\Program Files\GRETECH
2021-04-02 07:29 - 2021-04-02 07:29 - 001127408 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2021-04-02 07:29 - 2021-04-02 07:29 - 000122768 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2021-04-01 11:32 - 2021-04-01 11:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2021-03-28 22:10 - 2021-04-03 04:54 - 000000000 ____D C:\Users\ХубавДен\Documents\Android Studio 2.0
2021-03-28 18:45 - 2021-03-28 18:45 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2021-03-28 18:44 - 2021-03-28 18:44 - 000000639 _____ C:\ProgramData\Desktop\gta_sa.lnk
2021-03-28 18:44 - 2021-03-28 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar
2021-03-25 05:34 - 2021-03-25 05:33 - 000216376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-03-22 20:56 - 2021-03-22 20:56 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Aiseesoft Studio
2021-03-21 02:37 - 2021-03-21 02:37 - 000000334 _____ C:\Users\ХубавДен\.vivaldi_reporting_data
2021-03-21 02:36 - 2021-04-07 14:13 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Vivaldi
2021-03-20 22:28 - 2021-03-20 22:28 - 000001688 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2021-03-20 22:28 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.backup
2021-03-20 20:40 - 2021-03-20 20:40 - 000000000 ____D C:\Windows\system32\appmgmt
2021-03-20 19:39 - 2021-04-05 10:36 - 000000000 ____D C:\ProgramData\Documents\Steam
2021-03-20 19:26 - 2021-03-20 19:26 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\supercross4
2021-03-16 11:54 - 2021-04-11 09:56 - 000000000 ____D C:\Windows\system32\Macromed
2021-03-16 11:54 - 2021-04-08 18:17 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-03-16 11:53 - 2021-04-11 09:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-03-15 00:22 - 2021-03-15 00:23 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Steam
2021-03-15 00:03 - 2021-03-15 00:03 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\NVIDIA Corporation
2021-03-15 00:00 - 2021-03-15 00:00 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\UnrealEngineLauncher
2021-03-12 05:16 - 2021-04-11 09:57 - 000000394 _____ C:\Windows\Tasks\update-sys.job
2021-03-12 05:16 - 2021-04-09 08:39 - 000003402 _____ C:\Windows\system32\Tasks\update-sys
2021-03-12 05:16 - 2021-04-02 07:30 - 000000059 _____ C:\Users\ХубавДен\AppData\Local\UserProducts.xml
2021-03-12 05:16 - 2021-04-02 07:30 - 000000000 ____D C:\Program Files (x86)\Skillbrains

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 10:37 - 2021-03-04 21:30 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\uTorrent
2021-04-11 10:04 - 2009-07-14 07:45 - 000037136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-04-11 10:04 - 2009-07-14 07:45 - 000037136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-04-11 09:59 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\inetsrv
2021-04-11 09:57 - 2021-03-04 21:42 - 000000000 ____D C:\Users\ХубавДен\AppData\LocalLow\uTorrent
2021-04-11 09:56 - 2021-03-04 21:31 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-11 09:56 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-10 22:52 - 2021-03-04 21:42 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\BitTorrentHelper
2021-04-10 19:41 - 2021-03-04 21:33 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-04-09 22:23 - 2021-03-06 18:15 - 000000412 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2021-04-09 08:39 - 2021-03-07 20:36 - 000003386 _____ C:\Windows\system32\Tasks\SU_AutoUpdate
2021-04-09 08:39 - 2021-03-07 20:36 - 000002850 _____ C:\Windows\system32\Tasks\Software Updater SkipUAC(ХубавДен)
2021-04-09 08:39 - 2021-03-04 21:33 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-04-08 18:17 - 2021-03-07 20:36 - 000003094 _____ C:\Windows\system32\Tasks\Software Updater Scheduler
2021-04-08 18:17 - 2021-03-06 18:15 - 000003822 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan
2021-04-08 18:17 - 2021-03-06 17:19 - 000003492 _____ C:\Windows\system32\Tasks\ConfigFree Startup Programs
2021-04-08 18:17 - 2021-02-28 16:43 - 000003304 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-08 00:03 - 2021-03-10 13:28 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\UnrealEngine
2021-04-07 17:00 - 2021-03-06 22:36 - 000000000 ____D C:\ProgramData\ProductData
2021-04-07 17:00 - 2021-03-06 22:35 - 000000000 ____D C:\Program Files (x86)\IObit
2021-04-07 14:15 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\NDF
2021-04-07 14:10 - 2021-03-06 14:01 - 000000000 ____D C:\Program Files (x86)\Toshiba
2021-04-07 14:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2021-04-07 12:39 - 2021-02-28 03:46 - 000000000 ____D C:\Users\ХубавДен
2021-04-06 00:13 - 2021-03-06 11:40 - 000899158 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-04-06 00:13 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-04-06 00:13 - 2009-07-14 08:13 - 000985940 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-06 00:13 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\Registration
2021-04-06 00:10 - 2010-11-21 10:06 - 000000000 ____D C:\Windows\system32\0409
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-04-05 20:49 - 2021-03-10 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2021-04-05 20:48 - 2021-02-28 12:39 - 000000000 ____D C:\Windows\Panther
2021-04-05 17:36 - 2021-03-06 22:38 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\ElevatedDiagnostics
2021-04-05 11:28 - 2021-02-28 16:44 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-05 11:28 - 2021-02-28 16:44 - 000002199 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-04 10:51 - 2021-03-06 20:49 - 000000000 ____D C:\ProgramData\Riot Games
2021-04-03 06:09 - 2021-03-10 15:43 - 000000000 ____D C:\Program Files (x86)\Winamp
2021-04-02 07:30 - 2021-03-06 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2021-04-02 07:29 - 2021-02-28 10:10 - 000118744 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2021-04-01 11:51 - 2021-02-28 03:47 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\VirtualStore
2021-03-25 05:34 - 2021-03-04 21:32 - 000326976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000850120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000524416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000466696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000365520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000250328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000208552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000177872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000107808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000083368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000041304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-03-20 20:41 - 2021-03-06 19:12 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Opera Software
2021-03-15 00:02 - 2021-02-28 11:55 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories ========

2021-04-03 10:07 - 2021-04-03 10:07 - 000000017 _____ () C:\Users\ХубавДен\AppData\Local\resmon.resmoncfg
2021-03-12 05:16 - 2021-03-12 05:16 - 000000003 _____ () C:\Users\ХубавДен\AppData\Local\updater.log
2021-03-12 05:16 - 2021-04-02 07:30 - 000000059 _____ () C:\Users\ХубавДен\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-02 12:00
==================== End of FRST.txt ========================

Линк към този отговор
Сподели в други сайтове
преди 1 час, Адриан Младенов написа:

Добре сега ще направя точка 6 и през това време ми излизат тези грешки: 

 

Ами не е изпълнена тази точка ...Няма никаква промяна в дневниците ви,....Тези програми продължават да са на компютъра ви ..За трети път:

 

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
DAEMON Tools Toolbar
Driver Booster
Driver Easy
IObit Software Updater
SearcherBar
Web Companion

 

Рестартирате компютъра си..и след това :

 

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

 

Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)
  • Харесване 1
Линк към този отговор
Сподели в други сайтове

Добре де като толкова си я искаш ...остави я ..но запомни от мен че драйвери  се теглят и инсталират директно от сайтовете на производителя ...А не с разни програми ..! Например

Intel® Driver & Support Assistant

 

  • Харесване 2
Линк към този отговор
Сподели в други сайтове
току-що, icotonev написа:

Добре де като толкова си я искаш ...остави я ..но запомни от мен че драйвери  се теглят и инсталират директно от сайтовете на производителя ...А не с разни програми ..! Например

Intel® Driver & Support Assistant

 

Ето я даже в момента има най новите драивъри за звуковата карта за обновяване.

driver easy pro.jpg

драйвър изи про инсталиране.jpg

Имам проблем с на екрана програмата която отваря снимки на цял екран в уиндолс не отговаря 

инсталиране драивър изи.jpg

Без имеГрешки.jpg

Линк към този отговор
Сподели в други сайтове
преди 14 минути, Адриан Младенов написа:

но запомни от мен че драйвери  се теглят и инсталират директно от сайтовете на производителя ...А не с разни програми ..!

Пак ви обръщам внимание за  помощните програми за актуализиране на драйвери  Повечето често са свързани с друг софтуер, който изтегляте от Интернет, и много от тях са класифицирани / открити като потенциално нежелани програми (PUP) от скенери за сигурност. ..Повече инфо :

  • Харесване 1
Линк към този отговор
Сподели в други сайтове

снимки.jpg

снимки.jpg

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 05-04-2021
Ran by ХубавДен (11-04-2021 12:04:50)
Running from C:\Users\ХубавДен\Desktop
Windows 7 Professional Service Pack 1 (X64) (2021-02-28 00:46:51)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1642643817-1668024669-138335520-500 - Administrator - Disabled)
Guest (S-1-5-21-1642643817-1668024669-138335520-501 - Limited - Disabled)
ХубавДен (S-1-5-21-1642643817-1668024669-138335520-1000 - Administrator - Enabled) => C:\Users\ХубавДен

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}
FW: Avast Antivirus (Enabled) {D322394B-73F7-C65E-BBB0-3B81E063D6D4}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«007 Legends» 1.0 (HKLM-x32\...\007 Legends_is1) (Version: 1.0 - R.G. Catalyst)
µTorrent (HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\uTorrent) (Version: 3.5.5.45966 - BitTorrent Inc.)
AMD Catalyst Install Manager (HKLM\...\{F856881A-D370-B1A7-2AFF-128F4AA93558}) (Version: 3.0.859.0 - Advanced Micro Devices, Inc.)
Atheros Bluetooth Filter Driver Package (HKLM\...\{65486209-5C54-439C-8383-8AC9BBE25932}) (Version: 1.0.0.12 - Atheros Communications)
Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 9.2 - Atheros)
Avast Premium Security (HKLM-x32\...\Avast Antivirus) (Version: 21.2.2455 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.78 - Piriform)
CCleaner Browser (HKLM-x32\...\CCleaner Browser) (Version: 89.1.8954.117 - Авторите на CCleaner Browser)
CCleaner Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.8.1067.0 - Piriform Software) Hidden
Cheat Engine 7.2 (HKLM\...\Cheat Engine_is1) (Version:  - Cheat Engine)
Counter-Strike1.6 2018 SteamRIP (HKLM-x32\...\Counter-Strike1.6 2018 SteamRIP) (Version: v2.1 - )
Driver Easy 5.6.15 (HKLM\...\DriverEasy_is1) (Version: 5.6.15 - Easeware)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{F9C5C994-F6B9-4D75-B3E7-AD01B84073E9}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Euro Truck Simulator 2 - ElAmigos version 1.39.4.17 (HKLM-x32\...\{9384C835-3AAB-4AEB-A190-765E3FB774E1}_is1) (Version: 1.39.4.17 - SCS Software)
GOM Player (HKLM-x32\...\GOM Player) (Version: 2.3.63.5327 - GOM & Company)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.114 - Google LLC)
Grand Theft Auto San Andreas version 1.0.1 (HKLM-x32\...\Grand Theft Auto San Andreas_is1) (Version: 1.0.1 - Rockstar)
Intel(R) Manageability Engine Firmware Recovery Agent (HKLM-x32\...\{A6C48A9F-694A-4234-B3AA-62590B668927}) (Version: 1.0.0.35342 - Intel Corporation)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.0.3.1427 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.0.0.1032 - Intel Corporation)
Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.4.220 - Intel Corporation)
Intel® Trusted Connect Service Client (HKLM\...\{09536BA1-E498-4CC3-B834-D884A67D7E34}) (Version: 1.23.605.1 - Intel Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{43a03b9c-4770-409c-a999-587b60700b63}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
League of Legends (HKLM-x32\...\{918A9082-6287-4D25-9002-5E5D5E4971CB}) (Version: 1.02.0000 - Riot Games)
League of Legends (HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Riot Game league_of_legends.live) (Version:  - Riot Games, Inc)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft .NET SDK 5.0.200 (x64) (HKLM-x32\...\{93e8dee5-34f5-4d85-bb29-7d3525839d09}) (Version: 5.2.21.12102 - Microsoft Corporation)
Microsoft Games for Windows - LIVE Redistributable (HKLM-x32\...\{F2508213-9989-4E85-A078-72BE483917EF}) (Version: 3.5.88.0 - Microsoft Corporation)
Microsoft Games for Windows Marketplace (HKLM-x32\...\{4CB0307C-565E-4441-86BE-0DF2E4FB828C}) (Version: 3.5.50.0 - Microsoft Corporation)
Microsoft Primary Interoperability Assemblies 2005 (HKLM-x32\...\{2C303EE0-A595-3543-A71A-931C7AC40EDE}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x64 8.0.61000 (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable - x86 8.0.61001 (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x64 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 Redistributable - x86 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{a2199617-3609-410f-a8e8-e8806c73545b}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{f0080ca2-80ae-4958-b6eb-e8fa916d744a}) (Version: 11.0.61030.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.40664 (HKLM-x32\...\{49e969a1-2990-464d-92b5-25f6f34573c6}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40664 (HKLM-x32\...\{d2c8df0e-f15d-4426-9e51-f13f329f9cb4}) (Version: 12.0.40664.0 - Корпорация Майкрософт)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.28.29910 (HKLM\...\{06F1FCFD-8F77-488A-A477-6CA8A783EDD7}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.28.29910 (HKLM\...\{DE015560-04E3-4915-8F99-5B29289E3998}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.28.29910 (HKLM-x32\...\{6D7D03AB-CC57-4350-9451-EF33BF17FBB4}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.28.29910 (HKLM-x32\...\{1110E034-017D-48D8-83B9-AF2A2BFDD385}) (Version: 14.28.29910 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.0 (HKLM-x32\...\{3898934B-05AE-41CD-96BE-70DA9BFBCE1F}) (Version: 3.0.11010.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
Premium Sound HD (HKLM\...\{3007FF9F-5B2C-41FF-8BFC-08BF25DB2681}) (Version: 1.12.1800 - SRS Labs, Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8746.1 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7601.30130 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.2.5.29 - Synaptics Incorporated)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.2.3.1 - TOSHIBA CORPORATION)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}) (Version: 2.1.17.64 - TOSHIBA Corporation)
TOSHIBA ConfigFree (HKLM-x32\...\{EAF55C99-A493-4373-A8C5-09ACC5DCD7EF}) (Version: 8.0.43 - TOSHIBA CORPORATION)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.11 for x64 - TOSHIBA Corporation)
TOSHIBA eco Utility (HKLM\...\{F5AFF327-9B52-4E96-B5A0-BD2488A8EEC9}) (Version: 1.3.23.64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.18.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{2FD5D2C5-A7A1-4065-89BA-90542BF7CCD3}) (Version: 2.00.0020 - TOSHIBA)
TOSHIBA HDD/SSD Alert (HKLM\...\{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.11 - TOSHIBA Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{B507386D-1F61-4E55-B05B-F56ACB0086B3}) (Version: 5.02.02.6400 - Toshiba Client Solutions Co., Ltd.)
TOSHIBA Peak Shift Control (HKLM\...\{73F1BDB6-11E1-11D5-9DC6-00C04F2FC33B}) (Version: 3.00.07.64 - TOSHIBA Corporation)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.21.64 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.6.0021.640203 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.3.39 - TOSHIBA Corporation)
TOSHIBA Wireless LAN Indicator (HKLM-x32\...\{5B01BCB7-A5D3-476F-AF11-E515BA206591}) (Version: 1.0.5 - TOSHIBA CORPORATION)
VulkanSDK 1.2.170.0 (HKLM\...\VulkanSDK1.2.170.0) (Version: 1.2.170.0 - LunarG, Inc.)
Web Companion (HKLM-x32\...\{a0b0e855-6c57-48f6-ae13-172b8cb70c69}) (Version: 7.0.2417.4248 - Lavasoft)
Winamp (HKLM-x32\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Windows Live ID Sign-in Assistant (HKLM\...\{9B48B0AC-C813-4174-9042-476A887592C7}) (Version: 6.500.3165.0 - Microsoft Corporation)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2012-01-20] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2021-03-25] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\ХубавДен\Desktop\Компютър.lnk -> [LFPO :i+00r1SPS0%G`%><[email protected]!8AB5<=0 ?0?:01SPSjc(=Oe)::{20D04FE0-3AEA-1069-A2D8-08002B30309D}] <==== Cyrillic
Shortcut: C:\Users\ХубавДен\Desktop\рисуване.lnk -> C:\Windows\System32\mspaint.exe (Microsoft Corporation) <==== Cyrillic
Shortcut: C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\SendTo\Прехвърляне на файлове с Bluetooth.LNK -> C:\Windows\System32\fsquirt.exe (Microsoft Corporation) <==== Cyrillic
ShortcutWithArgument: C:\Users\ХубавДен\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2021-04-03 09:06 - 2013-02-02 13:32 - 002805760 _____ () [File not signed] C:\Program Files (x86)\ProKAward\wap.dll
2012-01-20 05:11 - 2012-01-20 05:11 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2012-01-20 05:10 - 2012-01-20 05:10 - 000047104 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2012-01-20 05:11 - 2012-01-20 05:11 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2012-01-20 05:09 - 2012-01-20 05:09 - 000837632 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll
2012-01-20 05:08 - 2012-01-20 05:08 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2021-03-06 16:35 - 2012-02-27 03:59 - 000073728 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000011928 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000011720 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000014488 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012432 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012440 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000015816 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000013768 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012952 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012464 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000021144 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000020120 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000016536 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000017864 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000018376 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000014280 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000012232 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000590112 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\MSVCP140.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 001035720 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\ucrtbase.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000101872 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\VCRUNTIME140.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000044528 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 005621024 _____ (Microsoft Corporation -> Microsoft Corporation) [File not signed] C:\Program Files\Avast Software\Avast\mfc140u.dll
2009-08-18 12:24 - 2009-08-18 12:24 - 000167424 _____ (Microsoft Corporation) [File not signed] C:\Program Files\Common Files\Microsoft Shared\Windows Live\sqmapi.dll
2021-02-28 11:52 - 2021-02-28 11:52 - 000479232 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcm80.dll
2021-02-28 11:52 - 2021-02-28 11:52 - 001101824 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80.DLL
2021-02-28 11:52 - 2021-02-28 11:52 - 001093120 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\MFC80U.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\ucrtbase.DLL
2021-03-04 21:32 - 2021-03-04 21:32 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\1026\avast.local_vc142.crt\VCRUNTIME140.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-file-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-file-l2-1-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-localization-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-processthreads-l1-1-1.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-synch-l1-2-0.dll
2021-04-11 08:04 - 2021-04-11 08:04 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-core-timezone-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-convert-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-environment-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-filesystem-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-heap-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-locale-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-math-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-multibyte-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-runtime-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-stdio-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-string-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-time-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\api-ms-win-crt-utility-l1-1-0.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\MSVCP140.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\ucrtbase.DLL
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\VCRUNTIME140.dll
2021-04-11 08:05 - 2021-04-11 08:05 - 000000000 ____L (Microsoft Corporation) C:\Program Files\Avast Software\Avast\defs\21041010\avast.local_vc142.crt\VCRUNTIME140_1.dll
2021-02-28 10:32 - 2020-12-01 21:01 - 000567344 _____ (win.rar GmbH -> Alexander Roshal) [File not signed] C:\Program Files\WinRAR\rarext.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 8) (Whitelisted) ==========

HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://search.avast.com/AV772/
SearchScopes: HKLM-x32 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKLM-x32 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\.DEFAULT -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKU\.DEFAULT -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = 
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> DefaultScope {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> {8C31F27B-BE8A-4e4b-A478-17760AF1F5D9} URL = hxxps://search.avast.com/AV772/search/web?q={searchTerms}
SearchScopes: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> {AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} URL = hxxp://www.daemon-search.com/search?q={searchTerms}
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Toolbar: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\.DEFAULT\...\localhost -> localhost
IE trusted site: HKU\.DEFAULT\...\webcompanion.com -> hxxp://webcompanion.com
IE trusted site: HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\localhost -> localhost
IE trusted site: HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\webcompanion.com -> hxxp://webcompanion.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:34 - 2021-03-20 22:28 - 000001760 _____ C:\Windows\system32\drivers\etc\hosts
109.94.209.70      fitgirlrepacks.co               # Fake FitGirl site
109.94.209.70      fitgirl-repacks.cc              # Fake FitGirl site
109.94.209.70      fitgirl-repack.com              # Fake FitGirl site
109.94.209.70      fitgirl-repacks.website         # Fake FitGirl site
109.94.209.70      www.fitgirlrepacks.co           # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.cc          # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.com          # Fake FitGirl site
109.94.209.70      www.fitgirl-repacks.website     # Fake FitGirl site
109.94.209.70      ww9.fitgirl-repacks.xyz         # Fake FitGirl site
109.94.209.70      *.fitgirl-repacks.xyz           # Fake FitGirl site
109.94.209.70      fitgirl-repacks.xyz             # Fake FitGirl site
109.94.209.70      fitgirl-repack.net              # Fake FitGirl site
109.94.209.70      www.fitgirl-repack.net          # Fake FitGirl site

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\VulkanSDK\1.2.170.0\Bin;%CommonProgramFiles%\Microsoft Shared\Windows Live;C:\Program Files (x86)\Intel\iCLS Client\;C:\Program Files\Intel\iCLS Client\;C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\dotnet\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "TPwrMain"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{9B2E32E1-AA61-494D-AB81-5D6787BBF89F}] => (Allow) C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{32B769D7-D242-4DF1-87A4-52020E4B3B2B}] => (Allow) C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
FirewallRules: [{DDD5FF98-0004-41F6-A0E7-2F4BD4F740D4}] => (Allow) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe (Easeware Technology Limited -> Easeware)
FirewallRules: [TCP Query User{FAF89285-1D88-4D5B-8502-B83D15703F40}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [UDP Query User{29348295-BC0E-4C59-B354-8C84D9361D70}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [{CC4CB7D2-EAC5-4741-A2AA-AB00FC6D1EF5}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{9B1130CD-3D9C-4FF0-9BED-41E31C791516}] => (Allow) C:\Program Files (x86)\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{C35946F3-AF29-40F0-901F-BE39114BB07A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{9EA6AAF4-3FEC-454D-B6FF-E3AC2455B0AA}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [UDP Query User{16653EF5-AAA2-4589-9582-5750D113D2BF}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [{60B0662F-2A42-4EBF-B2F5-CB0111B4F448}] => (Allow) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe (Piriform Software Ltd -> Piriform Software)

==================== Restore Points =========================

07-04-2021 14:09:31 Removed Bluetooth Stack for Windows by Toshiba.

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (04/11/2021 12:04:44 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Име на приложение с грешки: DllHost.exe, версия: 6.1.7600.16385, времево клеймо: 0x4a5bca54
Име на модул с грешки: ntdll.dll, версия: 6.1.7601.17514, времево клеймо: 0x4ce7c8f9
Код на изключение: 0xc0000374
Отместване на грешка: 0x00000000000c40f2
ИД на процес на грешка: 0x28cc
Начален час на приложението с грешки: 0x01d72eb1b6f65dd6
Път на приложението с грешки: C:\Windows\system32\DllHost.exe
Път на модула с грешки: C:\Windows\SYSTEM32\ntdll.dll
ИД на доклад: f4c91e8e-9aa4-11eb-ab0c-1cc63ca74361

Error: (04/11/2021 12:04:20 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Име на приложение с грешки: DllHost.exe, версия: 6.1.7600.16385, времево клеймо: 0x4a5bca54
Име на модул с грешки: ntdll.dll, версия: 6.1.7601.17514, времево клеймо: 0x4ce7c8f9
Код на изключение: 0xc0000374
Отместване на грешка: 0x00000000000c40f2
ИД на процес на грешка: 0x2414
Начален час на приложението с грешки: 0x01d72eb1a894d20e
Път на приложението с грешки: C:\Windows\system32\DllHost.exe
Път на модула с грешки: C:\Windows\SYSTEM32\ntdll.dll
ИД на доклад: e668a43a-9aa4-11eb-ab0c-1cc63ca74361

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.

Error: (04/11/2021 12:03:34 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: )
Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност.
.


System errors:
=============
Error: (04/11/2021 12:04:41 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:04:40 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:04:39 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:03:56 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:03:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:03:55 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:03:54 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk1\DR1.

Error: (04/11/2021 12:03:23 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: The following fatal alert was received: 70.


==================== Memory info =========================== 

BIOS: Insyde Corp. 6.80 10/01/2013
Motherboard: Type2 - Board Vendor Name1 Type2 - Board Product Name1
Processor: Intel(R) Core(TM) i5-3210M CPU @ 2.50GHz
Percentage of memory in use: 75%
Total physical RAM: 8151.8 MB
Available physical RAM: 1983.57 MB
Total Virtual: 16301.81 MB
Available Virtual: 9995.72 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:97.56 GB) (Free:30.7 GB) NTFS
Drive d: () (Fixed) (Total:368.1 GB) (Free:180.16 GB) NTFS
Drive e: (New) (CDROM) (Total:2.05 GB) (Free:0 GB) CDFS
Drive g: (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.03 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive h: (VIVICAM7340) (Removable) (Total:1.89 GB) (Free:0.66 GB) FAT


==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 5C08D6FC)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=97.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=368.1 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Protective MBR) (Size: 1.9 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-04-2021
Ran by ХубавДен (administrator) on KOMPUTER (TOSHIBA SATELLITE L850) (11-04-2021 12:03:29)
Running from C:\Users\ХубавДен\Desktop
Loaded Profiles: ХубавДен & Classic .NET AppPool & DefaultAppPool
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Български (България)
Default browser: "C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe" --single-argument %1
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\ProKAward\rsasws.exe
() [File not signed] C:\Program Files (x86)\ProKAward\wap.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\afwServ.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\AvastUI.exe <3>
(BitTorrent Inc -> BitTorrent Inc.) [File not signed] C:\Users\ХубавДен\AppData\Roaming\uTorrent\updates\3.5.5_45966\utorrentie.exe <2>
(BitTorrent Inc -> BitTorrent Inc.) [File not signed] C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe
(DAEMON Tools Code Signing Services -> DT Soft Ltd) C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
(Easeware Technology Limited -> Easeware) C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.72\GoogleCrashHandler64.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation -> ) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(Intel® Upgrade Service -> Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\mspaint.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(Nullsoft Inc. -> Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
(PEGATRON CORPORATION -> ) C:\Windows\System32\GFNEXSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe <15>
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler.exe
(Piriform Software Ltd -> Piriform Software) C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\CCleanerBrowserCrashHandler64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(SRS Labs, Inc. -> SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) [File not signed] C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TPHM\TosWififind.exe
(Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFIWmxSvcs64.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSvcs.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\CFSwMgr.exe
(TOSHIBA CORPORATION -> TOSHIBA CORPORATION) C:\Program Files (x86)\Toshiba\ConfigFree\NDSTray.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoHook.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA CORPORATION -> TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [117472 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [710560 2011-11-25] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2165120 2012-03-22] (SRS Labs, Inc. -> SRS Labs, Inc.)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [590256 2011-09-22] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [2203888 2016-07-21] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [18390904 2021-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1562032 2012-02-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [598448 2011-06-28] (TOSHIBA CORPORATION -> TOSHIBA Corporation)
HKLM\...\Run: [MsmqIntCert] => regsvr32 /s mqrt.dll
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [343168 2012-01-20] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291608 2012-02-27] (Intel Corporation -> Intel Corporation)
HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [85600 2013-12-13] (Nullsoft Inc. -> Nullsoft, Inc.)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [uTorrent] => C:\Users\ХубавДен\AppData\Roaming\uTorrent\uTorrent.exe [2133032 2021-03-20] (BitTorrent Inc -> BitTorrent Inc.) [File not signed]
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [369200 2009-10-30] (DAEMON Tools Code Signing Services -> DT Soft Ltd)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [33169992 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\Run: [CCleanerBrowserAutoLaunch_AA3A62200D67D2EB261FC715575088DF] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {0a8e4f73-7ea2-11eb-a1c7-1cc63ca74361} - F:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {372d99f0-7e9e-11eb-b377-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {6721721a-92c1-11eb-9a67-1cc63ca74361} - I:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\Run: [CCleanerBrowserAutoLaunch_97D22812892757E1B18B6C7E90D30B42] => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{052EB454-9F19-CB42-7875-807F79F311C4}] -> C:\Program Files (x86)\CCleaner Browser\Application\89.1.8954.117\Installer\chrmstp.exe [2021-04-09] (Piriform Software Ltd -> Piriform Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\89.0.4389.114\Installer\chrmstp.exe [2021-04-05] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{AC95EC36-10E5-4e80-9A47-3A413963594C}] -> C:\Windows\system32\tosWirelessLANIndicatorCP.dll [2011-02-17] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
HKLM\Software\...\Authentication\Credential Providers: [{B65F237C-AAFF-4df7-8872-91B65663E41F}] -> C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll [2011-07-22] (TOSHIBA Corporation) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {1EA46089-0AD9-4EF1-AA77-CEBF589B0950} - System32\Tasks\{7A0ABD83-9CB4-4E8E-A2D6-2FD8531E8EDF} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {2178DA9B-D8BF-4340-AB15-58C985FB5897} - System32\Tasks\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [4686560 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
Task: {2AB22143-80AF-4AB2-8B2A-17F5843F6F6B} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-18] (Piriform Software Ltd -> Piriform)
Task: {36663155-A107-4D87-A183-D431E259897F} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2021-03-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed]
Task: {4B70B99C-C3F0-434B-BFFB-EA563A76C6D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27616328 2021-03-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {6654F23B-76E2-48F4-A1E4-4791B7C3A602} - System32\Tasks\CCleanerUpdateTaskMachineCore => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
Task: {6AD474DD-38C0-4C0A-879D-A50BB54B86FB} - System32\Tasks\{F98C031F-35C1-40C0-A4B8-5987359C06F3} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {74D39671-8AA6-41C0-BDA5-19B603A03905} - System32\Tasks\CCleaner Browser Heartbeat Task (Hourly) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
Task: {7E62E71D-E515-49DD-B2D2-4354929C0CCB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2021-02-28] (Google LLC -> Google LLC)
Task: {9E079D95-745A-47CC-9E90-4F09FC99CF96} - System32\Tasks\CCleaner Browser Heartbeat Task (Logon) => C:\Program Files (x86)\CCleaner Browser\Application\CCleanerBrowser.exe [2269864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
Task: {AD28578E-F449-4A8D-A6E8-1EDD2EE9A403} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1791712 2021-03-04] (Avast Software s.r.o. -> Avast Software)
Task: {B8936DB6-95A9-4608-BA77-105454F3A68B} - System32\Tasks\{B146D00D-55AC-41DE-AED1-974030C3203D} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {BEF34503-D64D-4475-8F46-F8CBC89B955A} - System32\Tasks\ConfigFree Startup Programs => C:\Program Files (x86)\TOSHIBA\ConfigFree\NDSTray.exe [305080 2011-10-24] (TOSHIBA CORPORATION -> TOSHIBA CORPORATION)
Task: {C9031EEB-5D1A-4B66-9324-C7328FAF1576} - System32\Tasks\Driver Easy Scheduled Scan => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe [3817392 2020-06-18] (Easeware Technology Limited -> Easeware)
Task: {CBEF4719-121C-4E4B-9C17-0095662DE19D} - System32\Tasks\CCleanerUpdateTaskMachineUA => C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
Task: {D236AFCE-2CD6-4CCF-ADAD-2291A41E8541} - System32\Tasks\{E015BB53-BF18-43E2-8BE9-304F38FF4418} => D:\игри\EuroTruckSimulator\Euro.Truck.Simulator.2.v1.39.4.17\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
Task: {FA8A6AE4-9FF6-41E9-A6B9-7E23D7F57E89} - System32\Tasks\update-sys => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe [414872 2017-04-12] (OOO Lightshot -> TODO: <Company name>)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\Driver Easy Scheduled Scan.job => C:\Program Files\Easeware\DriverEasy\DriverEasy.exe
Task: C:\Windows\Tasks\update-sys.job => C:\Program Files (x86)\Skillbrains\Updater\Updater.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [134528 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [168304 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{C1954DEB-390D-4770-B170-965565576D76}: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.0.59 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-01-06] (Intel® Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=3 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-04-07] (Piriform Software Ltd -> Piriform Software)
FF Plugin-x32: @update.ccleanerbrowser.com/CCleaner Browser;version=9 -> C:\Program Files (x86)\CCleaner Browser\Update\1.8.1067.0\npCCleanerBrowserUpdate3.dll [2021-04-07] (Piriform Software Ltd -> Piriform Software)

Chrome: 
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-04-07]
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-04-09]
CHR Notifications: Profile 1 -> hxxps://24segodnya.ru; hxxps://bazar.bg; hxxps://bg.compbs.com; hxxps://bg.yeniakrep.org; hxxps://news.bg; hxxps://novini.bg; hxxps://opoznai.bg; hxxps://www.facebook.com; hxxps://www.filehorse.com; hxxps://www.reddit.com; hxxps://www.shopsector.com; hxxps://www.vbox7.com
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-04-05]
CHR Extension: (Chrome Media Router) - C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-04-05]
CHR Profile: C:\Users\ХубавДен\AppData\Local\Google\Chrome\User Data\System Profile [2021-04-07]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [271448 2021-03-16] (Adobe Systems Incorporated -> Adobe Systems Incorporated) [File not signed]
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7888408 2021-04-07] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [623216 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Firewall; C:\Program Files\Avast Software\Avast\afwServ.exe [1302184 2021-04-06] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [353504 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
S2 ccleaner; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
S3 CCleanerBrowserElevationService; C:\Program Files (x86)\CCleaner Browser\Application\89.1.8954.117\elevation_service.exe [1504864 2021-03-31] (Piriform Software Ltd -> Piriform Software)
S3 ccleanerm; C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe [200928 2021-04-07] (Piriform Software Ltd -> Piriform Software)
R2 GFNEXSrv; C:\Windows\System32\GFNEXSrv.exe [162824 2010-09-09] (PEGATRON CORPORATION -> )
R2 SKLProService; C:\Program Files (x86)\ProKAward\rsasws.exe [98304 2012-02-13] () [File not signed]
R3 TPCHSrv; C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe [986032 2017-04-24] (Toshiba Client Solutions Co.,Ltd. -> Toshiba Client Solutions Co., Ltd.) [File not signed]
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-03-04] (LAVASOFT SOFTWARE CANADA INC -> )
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [2291568 2009-08-18] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [208552 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [365520 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [250328 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [99288 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [41304 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [177872 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [524416 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [38152 2021-03-04] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [107808 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [83368 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [850120 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [466696 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [216376 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [326976 2021-03-25] (Avast Software s.r.o. -> AVAST Software)
R0 sptd; C:\Windows\System32\Drivers\sptd.sys [834544 2021-03-06] () [File not signed]
S3 Tosrfcom; no ImagePath
R3 whfltr2k; C:\Windows\System32\DRIVERS\whfltr2k.sys [10368 2021-03-06] (Microsoft Windows Hardware Compatibility Publisher -> )
U3 a47933xx; C:\Windows\System32\Drivers\a47933xx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 12:03 - 2021-04-11 12:04 - 000023927 _____ C:\Users\ХубавДен\Desktop\FRST.txt
2021-04-11 11:47 - 2021-04-11 11:47 - 000000000 ____D C:\Windows\LastGood
2021-04-11 11:38 - 2013-10-14 01:53 - 000000315 _____ C:\Users\DefaultAppPool\AppData\Roaming\License.dat
2021-04-11 11:37 - 2013-10-14 01:53 - 000000315 _____ C:\Users\ХубавДен\Desktop\License.dat
2021-04-11 11:33 - 2021-04-11 11:42 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\Easeware
2021-04-11 09:49 - 2021-04-11 09:49 - 001503928 _____ (Adobe) C:\Users\ХубавДен\Downloads\uninstall_flash_player (1).exe
2021-04-08 03:39 - 2021-04-08 03:39 - 001503928 _____ (Adobe) C:\Users\ХубавДен\Desktop\uninstall_flash_player.exe
2021-04-08 00:03 - 2021-04-08 00:04 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\ItTakesTwo
2021-04-08 00:01 - 2021-04-08 00:01 - 000000000 ____D C:\ProgramData\Origin
2021-04-07 16:52 - 2021-04-11 11:23 - 000000000 ____D C:\SecurityCheck
2021-04-07 16:51 - 2021-04-07 16:51 - 000518860 _____ (glax24 (safezone.cc)) C:\Users\ХубавДен\Desktop\SecurityCheck.exe
2021-04-07 16:48 - 2021-04-07 16:49 - 000000218 _____ C:\Users\ХубавДен\Desktop\ckfiles.txt
2021-04-07 16:43 - 2021-04-07 16:44 - 000468480 _____ () C:\Users\ХубавДен\Desktop\CKScanner.exe
2021-04-07 16:00 - 2021-04-08 05:06 - 000000000 ____D C:\Users\ХубавДен\Documents\Euro Truck Simulator 2
2021-04-07 14:40 - 2021-04-11 12:03 - 000000000 ____D C:\FRST
2021-04-07 14:40 - 2021-04-07 14:40 - 002298368 _____ (Farbar) C:\Users\ХубавДен\Downloads\FRST64 (1).exe
2021-04-07 14:39 - 2021-04-07 14:40 - 002298368 _____ (Farbar) C:\Users\ХубавДен\Desktop\FRST64.exe
2021-04-07 14:15 - 2021-04-07 14:15 - 000000586 _____ C:\Users\ХубавДен\Desktop\cc_20210407_141503.reg
2021-04-07 14:07 - 2021-04-07 14:07 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\GRETECH
2021-04-07 14:07 - 2021-04-07 14:07 - 000000000 ____D C:\ProgramData\CCleaner Browser
2021-04-07 14:06 - 2021-04-09 08:51 - 000003726 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Hourly)
2021-04-07 14:06 - 2021-04-09 08:51 - 000002320 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner Browser.lnk
2021-04-07 14:06 - 2021-04-09 08:51 - 000002277 _____ C:\ProgramData\Desktop\CCleaner Browser.lnk
2021-04-07 14:06 - 2021-04-08 18:17 - 000003484 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineUA
2021-04-07 14:06 - 2021-04-08 18:17 - 000003356 _____ C:\Windows\system32\Tasks\CCleanerUpdateTaskMachineCore
2021-04-07 14:06 - 2021-04-08 18:17 - 000003144 _____ C:\Windows\system32\Tasks\CCleaner Browser Heartbeat Task (Logon)
2021-04-07 14:06 - 2021-04-07 14:06 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\CCleaner Browser
2021-04-07 14:05 - 2021-04-11 09:59 - 000000000 ____D C:\Program Files\CCleaner
2021-04-07 14:05 - 2021-04-09 22:23 - 000000000 ____D C:\Program Files (x86)\CCleaner Browser
2021-04-07 14:05 - 2021-04-08 18:17 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-04-07 14:05 - 2021-04-08 18:17 - 000002814 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-04-07 14:05 - 2021-04-07 14:05 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-04-07 14:05 - 2021-04-07 14:05 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-04-07 14:04 - 2021-04-07 14:04 - 031273232 _____ (Piriform Software Ltd) C:\Users\ХубавДен\Downloads\ccsetup578.exe
2021-04-07 13:37 - 2021-04-07 13:37 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\FastStone
2021-04-07 13:01 - 2021-04-07 13:01 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\mxgp6
2021-04-07 12:39 - 2021-04-07 12:39 - 000000000 ____D C:\Users\ХубавДен\VulkanSDK
2021-04-07 12:39 - 2021-04-07 12:39 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\LunarG
2021-04-07 12:38 - 2021-04-07 15:45 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\DAEMON Tools Lite
2021-04-07 11:50 - 2021-04-07 11:50 - 000152574 _____ C:\Users\ХубавДен\Downloads\MXGP.2020.The.Official.Motocross.Videogame-CODEX.torrent
2021-04-07 11:50 - 2021-04-07 11:50 - 000152574 _____ C:\Users\ХубавДен\Downloads\MXGP.2020.The.Official.Motocross.Videogame-CODEX (1).torrent
2021-04-07 11:42 - 2021-04-07 14:06 - 000977282 _____ C:\Users\ХубавДен\Downloads\Непотвърдено 627.crdownload
2021-04-07 11:42 - 2021-04-07 11:42 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020 (2).torrent
2021-04-07 11:41 - 2021-04-07 11:41 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020 (1).torrent
2021-04-07 11:41 - 2021-04-07 11:41 - 000000000 ____D C:\Program Files (x86)\VulkanRT-1.2.170.0-Components
2021-04-07 11:39 - 2021-04-07 11:39 - 010122840 _____ C:\Users\ХубавДен\Downloads\vulkan-runtime-components.zip
2021-04-07 11:39 - 2021-04-07 11:39 - 001688424 _____ C:\Users\ХубавДен\Downloads\vulkan-runtime.exe
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\WinRAR
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Program Files\VulkanRT-1.2.170.0-Components
2021-04-07 11:39 - 2021-04-07 11:39 - 000000000 ____D C:\Program Files (x86)\VulkanRT
2021-04-07 11:38 - 2021-04-07 11:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Vulkan SDK 1.2.170.0
2021-04-07 11:37 - 2021-04-07 11:37 - 000000000 ____D C:\VulkanSDK
2021-04-07 11:36 - 2021-04-07 11:37 - 280236184 _____ C:\Users\ХубавДен\Downloads\vulkan-sdk.exe
2021-04-07 11:30 - 2021-04-07 11:30 - 000180235 _____ C:\Users\ХубавДен\Downloads\MXGP 2020.torrent
2021-04-07 11:22 - 2021-04-07 11:22 - 005186136 _____ (Husdawg, LLC) C:\Users\ХубавДен\Downloads\Detection.exe
2021-04-07 11:08 - 2021-04-07 11:08 - 000105907 _____ C:\Users\ХубавДен\Downloads\Subnautica Below Zero.torrent
2021-04-07 02:45 - 2021-04-11 11:24 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\IObit
2021-04-07 02:44 - 2021-04-07 02:44 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\ATI
2021-04-07 02:11 - 2021-04-07 02:11 - 000000000 ____D C:\ProgramData\Novosoft
2021-04-07 02:10 - 2021-04-07 02:11 - 116333680 _____ C:\Users\ХубавДен\Downloads\handybackup.exe
2021-04-07 01:27 - 2021-04-07 01:27 - 227693922 _____ C:\Users\ХубавДен\Desktop\registry backup.reg
2021-04-07 00:15 - 2021-03-25 05:33 - 000339680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-04-07 00:13 - 2021-04-07 02:44 - 000002003 _____ C:\ProgramData\Desktop\Avast Premium Security.lnk
2021-04-07 00:13 - 2021-04-07 00:13 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-04-06 19:35 - 2021-04-06 19:35 - 000001063 _____ C:\Users\ХубавДен\Downloads\проблем с кучето на съседите и дворни кучета.txt
2021-04-06 13:46 - 2021-04-06 13:46 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Origin
2021-04-06 09:49 - 2021-04-06 09:49 - 000000020 ___SH C:\Users\DefaultAppPool\ntuser.ini
2021-04-06 09:49 - 2021-04-06 09:49 - 000000000 ____D C:\Users\DefaultAppPool
2021-04-06 09:49 - 2010-11-21 10:16 - 000000000 ____D C:\Users\DefaultAppPool\AppData\Roaming\Media Center Programs
2021-04-06 09:15 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{F98C031F-35C1-40C0-A4B8-5987359C06F3}
2021-04-06 09:15 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{7A0ABD83-9CB4-4E8E-A2D6-2FD8531E8EDF}
2021-04-06 09:14 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{E015BB53-BF18-43E2-8BE9-304F38FF4418}
2021-04-06 09:14 - 2021-04-09 08:39 - 000003094 _____ C:\Windows\system32\Tasks\{B146D00D-55AC-41DE-AED1-974030C3203D}
2021-04-06 09:06 - 2021-04-11 09:58 - 000000000 ___SD C:\Users\ХубавДен\AppData\LocalLow\Temp
2021-04-06 00:13 - 2021-04-06 00:13 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2021-04-06 00:13 - 2021-04-06 00:13 - 000000000 ____D C:\Users\Classic .NET AppPool
2021-04-06 00:13 - 2010-11-21 10:16 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Media Center Programs
2021-04-06 00:11 - 2021-04-06 00:13 - 000085446 _____ C:\Windows\system32\perfh002.dat
2021-04-06 00:11 - 2021-04-06 00:13 - 000031054 _____ C:\Windows\system32\perfc002.dat
2021-04-06 00:10 - 2021-04-06 00:10 - 000000862 _____ C:\Windows\system32\termcap
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\SysWOW64\BestPractices
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\system32\msmq
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Windows\system32\BestPractices
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\Program Files\Microsoft Games
2021-04-06 00:10 - 2021-04-06 00:10 - 000000000 ____D C:\inetpub
2021-04-05 17:51 - 2021-04-05 20:48 - 000000000 ____D C:\ProgramData\MyPC Utilities
2021-04-05 10:11 - 2021-04-07 15:59 - 000001100 _____ C:\ProgramData\Desktop\Euro Truck Simulator 2.lnk
2021-04-05 10:11 - 2021-04-05 10:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Euro Truck Simulator 2
2021-04-05 10:01 - 2021-04-05 10:01 - 000000890 _____ C:\Users\ХубавДен\Desktop\Cheat Engine.lnk
2021-04-05 10:01 - 2021-04-05 10:01 - 000000000 ____D C:\Users\ХубавДен\Documents\My Cheat Tables
2021-04-05 10:01 - 2021-04-05 10:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Cheat Engine 7.2
2021-04-05 10:00 - 2021-04-07 18:18 - 000000000 ____D C:\Program Files\Cheat Engine 7.2
2021-04-05 10:00 - 2021-04-05 10:00 - 003472384 _____ ( ) C:\Users\ХубавДен\Desktop\CheatEngine72.exe
2021-04-05 09:13 - 2021-04-05 09:13 - 000000000 _____ C:\Windows\NDSTray.INI
2021-04-05 09:05 - 2021-04-05 09:06 - 107332040 _____ (2010-2021 Viber Media S.a.r.l) C:\Users\ХубавДен\Desktop\ViberSetup.exe
2021-04-03 13:48 - 2021-04-03 13:48 - 000000000 ____D C:\Users\ХубавДен\Documents\League of Legends
2021-04-03 10:07 - 2021-04-03 10:07 - 000000017 _____ C:\Users\ХубавДен\AppData\Local\resmon.resmoncfg
2021-04-03 09:06 - 2021-04-11 09:57 - 000000047 _____ C:\Windows\SysWOW64\E302AF636FDE.ini
2021-04-03 09:06 - 2021-04-11 09:55 - 000000000 ___HD C:\ProgramData\kprologs
2021-04-03 09:06 - 2021-04-03 11:02 - 000000000 ___HD C:\Program Files (x86)\ProKAward
2021-04-03 09:06 - 2021-04-03 09:06 - 000000983 _____ C:\Users\ХубавДен\Desktop\Award Keylogger Pro.lnk
2021-04-03 09:06 - 2021-04-03 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Award Keylogger Pro
2021-04-03 09:06 - 2009-05-13 19:35 - 000050688 _____ (Stardock.Net, Inc) C:\Windows\SysWOW64\wbhelp2.dll
2021-04-03 09:06 - 2009-05-13 19:35 - 000028160 _____ (Neil Banfield) C:\Windows\SysWOW64\anim.dll
2021-04-03 09:05 - 2021-04-03 09:05 - 000000000 ____D C:\Users\ХубавДен\Desktop\Award Keylogger Pro 3.1
2021-04-03 05:22 - 2021-04-03 05:22 - 000000288 _____ C:\nsispromotion_log.txt
2021-04-03 05:20 - 2021-04-03 05:20 - 000000000 ____D C:\ProgramData\GRETECH
2021-04-03 05:17 - 2021-04-03 05:23 - 000001127 _____ C:\ProgramData\Desktop\GOM Player.lnk
2021-04-03 05:17 - 2021-04-03 05:17 - 000001209 _____ C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk
2021-04-03 05:17 - 2021-04-03 05:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\GOM Player
2021-04-03 05:16 - 2021-04-03 05:16 - 000000000 ____D C:\Program Files (x86)\GRETECH
2021-04-03 05:15 - 2021-04-03 05:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\БГ за GOM Player 2.2.53.5169
2021-04-03 05:15 - 2021-04-03 05:15 - 000000000 ____D C:\Program Files\GRETECH
2021-04-02 07:29 - 2021-04-02 07:29 - 001127408 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2021-04-02 07:29 - 2021-04-02 07:29 - 000122768 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RtNicProp64.dll
2021-04-01 11:32 - 2021-04-01 11:32 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_09_00.Wdf
2021-03-28 22:10 - 2021-04-03 04:54 - 000000000 ____D C:\Users\ХубавДен\Documents\Android Studio 2.0
2021-03-28 18:45 - 2021-03-28 18:45 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games
2021-03-28 18:44 - 2021-03-28 18:44 - 000000639 _____ C:\ProgramData\Desktop\gta_sa.lnk
2021-03-28 18:44 - 2021-03-28 18:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar
2021-03-25 05:34 - 2021-03-25 05:33 - 000216376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-03-22 20:56 - 2021-03-22 20:56 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Aiseesoft Studio
2021-03-21 02:37 - 2021-03-21 02:37 - 000000334 _____ C:\Users\ХубавДен\.vivaldi_reporting_data
2021-03-21 02:36 - 2021-04-07 14:13 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Vivaldi
2021-03-20 22:28 - 2021-03-20 22:28 - 000001688 _____ C:\Windows\system32\Drivers\etc\hosts.rollback
2021-03-20 22:28 - 2009-06-11 00:00 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts.backup
2021-03-20 20:40 - 2021-03-20 20:40 - 000000000 ____D C:\Windows\system32\appmgmt
2021-03-20 19:39 - 2021-04-05 10:36 - 000000000 ____D C:\ProgramData\Documents\Steam
2021-03-20 19:26 - 2021-03-20 19:26 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\supercross4
2021-03-16 11:54 - 2021-04-11 09:56 - 000000000 ____D C:\Windows\system32\Macromed
2021-03-16 11:54 - 2021-04-08 18:17 - 000004324 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-03-16 11:53 - 2021-04-11 09:56 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2021-03-15 00:22 - 2021-03-15 00:23 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Steam
2021-03-15 00:03 - 2021-03-15 00:03 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\NVIDIA Corporation
2021-03-15 00:00 - 2021-03-15 00:00 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\UnrealEngineLauncher
2021-03-12 05:16 - 2021-04-11 09:57 - 000000394 _____ C:\Windows\Tasks\update-sys.job
2021-03-12 05:16 - 2021-04-09 08:39 - 000003402 _____ C:\Windows\system32\Tasks\update-sys
2021-03-12 05:16 - 2021-04-02 07:30 - 000000059 _____ C:\Users\ХубавДен\AppData\Local\UserProducts.xml
2021-03-12 05:16 - 2021-04-02 07:30 - 000000000 ____D C:\Program Files (x86)\Skillbrains

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-04-11 12:03 - 2021-03-04 21:30 - 000000000 ____D C:\Users\ХубавДен\AppData\Roaming\uTorrent
2021-04-11 12:00 - 2021-03-09 20:43 - 000001125 _____ C:\ProgramData\Desktop\Counter-Strike 1.6.lnk
2021-04-11 11:29 - 2021-03-06 18:15 - 000001120 _____ C:\ProgramData\Desktop\Driver Easy.lnk
2021-04-11 11:24 - 2021-03-10 15:40 - 000000000 ____D C:\Users\ХубавДен\Documents\драйвъри ТOSHIBA Official за L850
2021-04-11 11:24 - 2021-03-06 22:35 - 000000000 ____D C:\Program Files (x86)\IObit
2021-04-11 10:04 - 2009-07-14 07:45 - 000037136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-04-11 10:04 - 2009-07-14 07:45 - 000037136 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-04-11 09:59 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\inetsrv
2021-04-11 09:57 - 2021-03-04 21:42 - 000000000 ____D C:\Users\ХубавДен\AppData\LocalLow\uTorrent
2021-04-11 09:56 - 2021-03-04 21:31 - 000000000 ____D C:\ProgramData\Avast Software
2021-04-11 09:56 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-04-10 22:52 - 2021-03-04 21:42 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\BitTorrentHelper
2021-04-10 19:41 - 2021-03-04 21:33 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-04-09 22:23 - 2021-03-06 18:15 - 000000412 _____ C:\Windows\Tasks\Driver Easy Scheduled Scan.job
2021-04-09 08:39 - 2021-03-04 21:33 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-04-08 18:17 - 2021-03-06 18:15 - 000003822 _____ C:\Windows\system32\Tasks\Driver Easy Scheduled Scan
2021-04-08 18:17 - 2021-03-06 17:19 - 000003492 _____ C:\Windows\system32\Tasks\ConfigFree Startup Programs
2021-04-08 18:17 - 2021-02-28 16:43 - 000003304 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-04-08 00:03 - 2021-03-10 13:28 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\UnrealEngine
2021-04-07 17:00 - 2021-03-06 22:36 - 000000000 ____D C:\ProgramData\ProductData
2021-04-07 14:15 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system32\NDF
2021-04-07 14:10 - 2021-03-06 14:01 - 000000000 ____D C:\Program Files (x86)\Toshiba
2021-04-07 14:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2021-04-07 12:39 - 2021-02-28 03:46 - 000000000 ____D C:\Users\ХубавДен
2021-04-06 00:13 - 2021-03-06 11:40 - 000899158 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2021-04-06 00:13 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2021-04-06 00:13 - 2009-07-14 08:13 - 000985940 _____ C:\Windows\system32\PerfStringBackup.INI
2021-04-06 00:13 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\Registration
2021-04-06 00:10 - 2010-11-21 10:06 - 000000000 ____D C:\Windows\system32\0409
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\SysWOW64\inetsrv
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-04-06 00:10 - 2009-07-14 06:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared
2021-04-05 20:49 - 2021-03-10 15:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Winamp
2021-04-05 20:48 - 2021-02-28 12:39 - 000000000 ____D C:\Windows\Panther
2021-04-05 17:36 - 2021-03-06 22:38 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\ElevatedDiagnostics
2021-04-05 11:28 - 2021-02-28 16:44 - 000002240 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-04-05 11:28 - 2021-02-28 16:44 - 000002199 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-04-04 10:51 - 2021-03-06 20:49 - 000000000 ____D C:\ProgramData\Riot Games
2021-04-03 06:09 - 2021-03-10 15:43 - 000000000 ____D C:\Program Files (x86)\Winamp
2021-04-02 07:30 - 2021-03-06 23:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Games for Windows Marketplace
2021-04-02 07:29 - 2021-02-28 10:10 - 000118744 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2021-04-01 11:51 - 2021-02-28 03:47 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\VirtualStore
2021-03-25 05:34 - 2021-03-04 21:32 - 000326976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000850120 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000524416 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000466696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000365520 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000250328 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000208552 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000177872 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000107808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000099288 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000083368 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-03-25 05:33 - 2021-03-04 21:32 - 000041304 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-03-20 20:41 - 2021-03-06 19:12 - 000000000 ____D C:\Users\ХубавДен\AppData\Local\Opera Software
2021-03-15 00:02 - 2021-02-28 11:55 - 000000000 ____D C:\ProgramData\Package Cache

==================== Files in the root of some directories ========

2021-04-03 10:07 - 2021-04-03 10:07 - 000000017 _____ () C:\Users\ХубавДен\AppData\Local\resmon.resmoncfg
2021-03-12 05:16 - 2021-03-12 05:16 - 000000003 _____ () C:\Users\ХубавДен\AppData\Local\updater.log
2021-03-12 05:16 - 2021-04-02 07:30 - 000000059 _____ () C:\Users\ХубавДен\AppData\Local\UserProducts.xml

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-04-02 12:00
==================== End of FRST.txt ========================

Линк към този отговор
Сподели в други сайтове
преди 10 минути, icotonev написа:

Пак ви обръщам внимание за  помощните програми за актуализиране на драйвери  Повечето често са свързани с друг софтуер, който изтегляте от Интернет, и много от тях са класифицирани / открити като потенциално нежелани програми (PUP) от скенери за сигурност. ..Повече инфо :

Тези линкове не ми ги отваря ето какво показва.
снимка: 
 

тези линкове не ми ги отваря.jpg

оо брат няма смисъл то тука всичко се е бъгнало мерси не мога да се занимавам ако имате сервиз ще го посетя

Линк към този отговор
Сподели в други сайтове

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Web Companion

Тази програма сте я пропуснали ..!  :) 

 

+ отново

 

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

 

Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)

 

 

преди 4 минути, Адриан Младенов написа:

оо брат няма смисъл то тука всичко се е бъгнало мерси не мога да се занимавам ако имате сервиз ще го посетя

Добре ..Мисля че така ще е най-добре..! :) 

  • Харесване 1
  • Ха-ха 1
Линк към този отговор
Сподели в други сайтове
преди 2 минути, icotonev написа:

Деинсталиране на нежелани / ненужни програми:

  • Натиснете клавишна комбинация   WindowsKey.png + R на клавиатурата си едновременно. Напишете (копирайте) в полето appwiz.cpl и кликнете върху OK.
  • В отворилия се списък с инсталирани програми,  деинсталирайте  програмите от карето по долу:
Web Companion

Тази програма сте я пропуснали ..!  :) 

 

+ отново

 

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете журналите в следващия си отговор.

 

 

Дневници 

В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (копирате цялото съдържание)

 

 

Добре ..Мисля че така ще е най-добре..! :) 

За момента не ми дава да я изтрия тази web companion

Линк към този отговор
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool

 

  • Щракнете с десния бутон върху иконата FRST и изберете Изпълнете като администратор
  • Маркирайте  информацията от карето по долу , след което натиснете клавишите Ctrl + C едновременно и текстът ще бъде копиран
  • Няма нужда да поставяте информацията , FRST ще я направи вместо вас.
Start::
CreateRestorePoint:
CloseProcesses:

() [File not signed] C:\Program Files (x86)\ProKAward\rsasws.exe
() [File not signed] C:\Program Files (x86)\ProKAward\wap.exe
(LAVASOFT SOFTWARE CANADA INC -> ) C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {0a8e4f73-7ea2-11eb-a1c7-1cc63ca74361} - F:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {372d99f0-7e9e-11eb-b377-806e6f6e6963} - E:\setup.exe
HKU\S-1-5-21-1642643817-1668024669-138335520-1000\...\MountPoints2: {6721721a-92c1-11eb-9a67-1cc63ca74361} - I:\HiSuiteDownLoader.exe                     HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
R2 WCAssistantService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.WCAssistant.WinService.exe [28136 2021-03-04] (LAVASOFT SOFTWARE CANADA INC -> )
S3 Tosrfcom; no ImagePath
U3 a47933xx; C:\Windows\System32\Drivers\a47933xx.sys [0 0000-00-00] (Microsoft Corporation) <==== ATTENTION (zero byte File/Folder)
S3 cpuz148; \??\C:\Windows\temp\cpuz148\cpuz148_x64.sys [X]
Toolbar: HKU\S-1-5-21-1642643817-1668024669-138335520-1000 -> No Name - {32099AAC-C132-4136-9E9A-4E364A424E17} -  No File
                                                                                                        
R2 SKLProService; C:\Program Files (x86)\ProKAward\rsasws.exe [98304 2012-02-13] () [File not signed]
2021-04-03 09:06 - 2021-04-03 11:02 - 000000000 ___HD C:\Program Files (x86)\ProKAward
2021-04-03 09:06 - 2021-04-03 09:06 - 000000983 _____ C:\Users\ХубавДен\Desktop\Award Keylogger Pro.lnk
2021-04-03 09:06 - 2021-04-03 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Award Keylogger Pro
2021-04-03 09:05 - 2021-04-03 09:05 - 000000000 ____D C:\Users\ХубавДен\Desktop\Award Keylogger Pro 3.1
FirewallRules: [TCP Query User{FAF89285-1D88-4D5B-8502-B83D15703F40}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [UDP Query User{29348295-BC0E-4C59-B354-8C84D9361D70}D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe] => (Allow) D:\игри\counter-strike 1.6\counter-strike1.6\half-life\hl.exe => No File
FirewallRules: [TCP Query User{9EA6AAF4-3FEC-454D-B6FF-E3AC2455B0AA}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
FirewallRules: [UDP Query User{16653EF5-AAA2-4589-9582-5750D113D2BF}F:\codex\nuts\binaries\win64\ittakestwo.exe] => (Allow) F:\codex\nuts\binaries\win64\ittakestwo.exe => No File
  
C:\Program Files (x86)\Lavasoft\Web Companion
C:\Program Files (x86)\ProKAward
  
Hosts:
EmptyTemp:
End::

ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

Натиснете бутона Fix само веднъж и изчакайте.
Забележка:    Не е необходимо да поставяте скрипта в FRST .
Рестартирайте компютъра, ако бъдете подканени.
Когато поправката е завършена, FRST ще генерира дневник на същото място, от което е стартиран (Fixlog.txt)
Моля, копирайте и поставете съдържанието му във вашия отговор.

  • Харесване 1
Линк към този отговор
Сподели в други сайтове
  • icotonev заключи тази тема
Гост
Тази тема е заключена за нови отговори.
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Подобни теми

    • от The_Nomad
      Здравейте,
      имах неблагоразумието да кликна на един от модерните линкове, дето разпращат във фейса, като мислех че Касперски ще го спре, но съм забравил че е изключен за малко 😁 Отвори се празна страница и седеше бяла. После включих Касперски и кликнах пак, като този път страницата беше блокирана. Съмнява ме, да не са източили пароли от Операта или нещо друго. В стартъпа нямам нови процеси. Прикачам логовете и снимка от Касперски, ще съм благодарен за помощ. (САМО ДА СПОМЕНА ЧЕ ЪПДЕЙТИТЕ НА УИН СА ИЗКЛЮЧЕНИ НАРОЧНО ОТ МЕН)
      FRST.txtAddition.txt

    • от StikiNetBG
      Здравейте,
      Наложи се да преинсталирам Windows-а си тъй като се получиха многожество проблеми. Установих че причината за това е някакъв wrui вирус, които добавя своето файлово разширение към всеки файл. За съжаление след това файловете не се отварят. Или може би са криптирани по някакъв начин.
      https://geeksadvice.com/remove-wrui-ransomware-virus/ - за този вирус става дума. Посочва се че с програмата RESTORO могат да се възстановят файловете.
      Изтеглих RESTORO, но за неговата пълна функционалност се изисква някакъв лицензен ключ.
       
      Въпроса ми е по какъв начин мога да възстановя отново файловете си. Имам много важни документи които са важни за моята работа.
    • от CaptainJord
      Здравейте, опитах се да подобря производителността на PC-то, за да може да подкара стабилно една игра. Тези .reg файлове са за играта, но уви не помогнаха. Добре, че си направих system restore point. Искам да проверя дали има някаква повреда по системата.
       
       
       
      Addition.txt
      Не ми разрешава да прикача FRST.txt счита го като опасност.. Какво да направя ?
      Наистина нещо става със системата, защото не съм отворил никакви програми и когато проверя task manager процесора ,,бачка" на 100%.
    • от aivanov1
      Здравейте! Спешно ми трябва помощ. Лаптопът ми прави каквото си иска. Курсорът се движи сам, отварят се програми, затварят се, маркират се разни файлове, въобще пълен хаос. Когато успея да спра уайфай връзката и рестартирам, всичко престава. Но свържа ли към интернет, всичко отново започва. Какво да правя?
    • от Николай Пильов
      Като цяло системата работи без проблеми.Правено е сканиране с Malwarebytes не намира проблеми.Единствено притеснително нещо е AlternateDataStreams: C:\Users\NightRider\AppData\Local\Temp:$DATA 
      Addition.txt FRST.txt
  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване