Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Компютъра ми работи много бавно


Препоръчан отговор

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2021
Ran by Administrator (administrator) on GLBG1543PC04 (Hewlett-Packard HP Compaq 6005 Pro SFF PC) (16-09-2021 11:56:16)
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe
() [File not signed] C:\Windows\System32\xWD35bgnd.exe
() [File not signed] C:\Windows\Xerox\PanelMgr\SSMMgr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe <4>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\AvastBrowserCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <16>
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsService.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsSystray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files\Skype\Browser\SkypeBrowserHost.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IME JPN 2007 Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPKLMG.EXE [63856 2011-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Microsoft Pinyin IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [XeroxScanUtility] => C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe [430080 2008-04-15] (Xerox Corporation) [File not signed]
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xWD35bgnd.exe [80896 2008-04-14] () [File not signed]
HKLM\...\Run: [Xerox PanelMgr] => C:\Windows\Xerox\PanelMgr\SSMMgr.exe [626688 2010-01-26] () [File not signed]
HKLM\...\Run: [Stanley-H_XRX_S2P] => C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe [253952 2010-01-26] () [File not signed]
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [112920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [AvastBrowserAutoLaunch_8901C211194C0DFF277C9606C1448E31] => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Windows NT x86\Print Processors\sxs2mPC: C:\Windows\System32\spool\prtprocs\W32X86\sxs2mpc.dll [19968 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) 2000 DDK provider)
HKLM\...\Windows NT x86\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\W32X86\x5print.dll [10752 2008-05-09] (Xerox Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\xp3220: C:\Windows\System32\spool\prtprocs\W32X86\xp3220pp.dll [56320 2009-06-17] (Windows (R) Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\Language Monitor for Xerox Phaser 6125N: C:\Windows\SYSTEM32\XRZWSLBI.DLL [135284 2009-08-30] (Xerox Co., Ltd.) [File not signed]
HKLM\...\Print\Monitors\sxs2m Langmon: C:\Windows\SYSTEM32\sxs2ml3.dll [22723 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Xerox PC Fax Port: C:\Windows\SYSTEM32\XeroxFaxPort.dll [94208 2009-04-02] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe [2021-09-03] (Avast Software s.r.o. -> AVAST Software)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk [2013-09-20]
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08DF9C6D-7CB5-4684-B618-67D60F53BEA0} - System32\Tasks\Del Old File => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {30793A5D-DAF8-4DCF-9F2D-90350B4C812B} - System32\Tasks\BlueStacksHelper_nxt => C:\Program Files\BlueStacks_nxt\BlueStacksHelper.exe [275136 2021-09-07] (Bluestack Systems, Inc -> BlueStack Systems, Inc.)
Task: {3267B5BB-592E-4EB5-BABA-3B6CFF35A841} - System32\Tasks\Avast Secure Browser Heartbeat Task (Logon) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
Task: {3559AB34-18E1-482D-8F96-4536BA328936} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-06-25] (Avast Software s.r.o. -> Avast Software)
Task: {3910E168-A173-4EF4-A61E-E5D13CCE99DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {4E4163B2-2F9B-40BC-BCE1-8CA082945A05} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
Task: {5CC8CDED-13A6-4AB9-B10C-ADC7F2CE961B} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {5F353FD2-DAE7-4B61-B6D2-013DE73E0D84} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [4364056 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
Task: {67F3E56F-BF81-40A9-9B43-E0B8D326CF35} - System32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053} => C:\Program Files\Skype\\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {6D041990-9703-495B-922D-A29D1E951CF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {6D725850-4BEA-4C22-ADFF-0B008091ECAD} - System32\Tasks\delete => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
Task: {88F25EBE-0AD6-45B2-BB52-208CF5A62B03} - System32\Tasks\Log off => C:\Windows\Scripts\logoff.bat [16 2010-10-31] () [File not signed]
Task: {982A605B-F3AD-4C0D-8BBF-E7630ADB1F1E} - System32\Tasks\Avast Secure Browser Heartbeat Task (Hourly) => C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe [2049792 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
Task: {9F2A0AEF-F85F-4784-A1C3-68726ED402A0} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001UA -> No File <==== ATTENTION
Task: {A2DF1937-8BB7-429B-838F-9BB6B671ABA2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-15] (Adobe Inc. -> Adobe)
Task: {B1AE9B04-84F1-4831-8527-D76B753CBA2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)
Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {BD743956-DC62-4307-843F-D62CE84AD182} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C55964AC-A211-4B5D-B595-C77C191E72DB} - System32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB} => "C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
Task: {DDA3604F-53D8-4D74-AB76-64F76053088A} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
Task: {EF23F159-7109-499A-A25E-2BF8A8FE9116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A753DA6E-FE95-49B7-AA56-3DC81D3E4609}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\c21lr0at.default [2018-09-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @IPC/WebClient -> C:\windows\system32\SuperClient2\npSuperClient.dll [2013-09-26] (Chipspoint Electronics Co., Ltd -> )
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-11-26] (Nullsoft, Inc.) [File not signed]
FF Plugin: @update.avastbrowser.com/Avast Browser;version=3 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: @update.avastbrowser.com/Avast Browser;version=9 -> C:\Program Files\AVAST Software\Browser\Update\1.8.1065.0\npAvastBrowserUpdate3.dll [2021-06-25] (Avast Software s.r.o. -> AVAST Software)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Visitor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies SF -> Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-09-16]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Документи) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-27]
CHR Extension: (Google Диск) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-31]
CHR Extension: (Google Документи офлайн) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-01]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
CHR Extension: (Skype) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-09-27]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-31]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7466064 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
S2 avast; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [575768 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [357656 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
S3 avastm; C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [194200 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
S3 AvastSecureBrowserElevationService; C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\elevation_service.exe [1197032 2021-08-20] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8395776 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [247296 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [33600 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185776 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [309264 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206352 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [91664 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39312 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [153496 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [393016 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-06-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [92752 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [690128 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [161864 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [278184 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 BlueStacksDrv_nxt; C:\Program Files\BlueStacks_nxt\BstkDrv_nxt.sys [259800 2021-09-07] (Bluestack Systems, Inc -> Bluestack System Inc.)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
R3 MpKslc0e71772; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{5AEB6EB6-B91A-4C67-B3E5-99CBE32CCFF4}\MpKslDrv.sys [36072 2021-09-16] (Microsoft Windows -> Microsoft Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 qcusbser-forge; C:\Windows\System32\DRIVERS\qcusbser.sys [214080 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
S3 qcusbwwan-forge; C:\Windows\System32\DRIVERS\qcusbwwan.sys [422976 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI Corporation -> MCCI)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-16 11:55 - 2021-09-16 11:57 - 000000000 ____D C:\FRST
2021-09-16 11:39 - 2021-09-16 11:39 - 000003872 _____ C:\Windows\system32\Tasks\BlueStacksHelper_nxt
2021-09-16 11:39 - 2021-09-16 11:39 - 000002153 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5 Multi-Instance Manager.lnk
2021-09-16 11:39 - 2021-09-16 11:39 - 000002141 _____ C:\Users\Public\Desktop\BlueStacks 5 Multi-Instance Manager.lnk
2021-09-16 11:39 - 2021-09-16 11:39 - 000002005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BlueStacks 5.lnk
2021-09-16 11:39 - 2021-09-16 11:39 - 000001993 _____ C:\Users\Public\Desktop\BlueStacks 5.lnk
2021-09-16 11:38 - 2021-09-16 11:38 - 000006890 _____ C:\Users\Administrator\-1.14-windows.xml
2021-09-16 11:36 - 2021-09-16 11:49 - 000000000 ____D C:\ProgramData\BlueStacks_nxt
2021-09-16 11:36 - 2021-09-16 11:36 - 000000000 ____D C:\Program Files\BlueStacks_nxt
2021-09-16 11:33 - 2021-09-16 11:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\BlueStacksSetup
2021-09-16 11:33 - 2021-09-16 11:36 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-09-16 11:33 - 2021-09-16 11:33 - 000000000 ____D C:\Users\Public\BlueStacks
2021-09-16 08:54 - 2021-09-16 11:42 - 000000262 _____ C:\Users\Administrator\advanced_ip_scanner_MAC.bin
2021-09-16 08:54 - 2021-09-16 11:42 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Comments.bin
2021-09-16 08:54 - 2021-09-16 11:42 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Aliases.bin
2021-09-16 08:51 - 2013-09-26 14:21 - 000000000 ____D C:\Windows\system32\SuperClient2
2021-09-16 08:51 - 2013-09-26 14:07 - 000237568 _____ () C:\Windows\system32\SuperClient Save.exe
2021-09-16 08:48 - 2021-09-16 08:48 - 000000957 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\Program Files\Advanced IP Scanner
2021-09-08 12:11 - 2021-09-08 12:09 - 000287000 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-09-08 12:11 - 2021-09-08 12:09 - 000161864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-09-02 09:25 - 2021-09-13 09:22 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-08-31 14:56 - 2021-08-31 14:56 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-16 11:56 - 2010-10-25 14:45 - 000000000 ____D C:\Users\Visitor
2021-09-16 11:56 - 2010-10-25 14:24 - 000000000 ____D C:\Users\Librarian
2021-09-16 11:52 - 2010-10-31 18:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2021-09-16 11:45 - 2011-04-04 16:21 - 000000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2021-09-16 11:39 - 2010-10-25 14:50 - 000000000 ____D C:\Users\Administrator
2021-09-16 11:24 - 2013-09-25 11:17 - 000000000 ____D C:\Program Files\Google
2021-09-16 09:16 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-16 09:16 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-16 08:39 - 2017-07-18 16:04 - 000004168 _____ C:\Windows\system32\Tasks\Avast Emergency Update
2021-09-16 08:37 - 2017-07-18 16:00 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-16 08:37 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-15 15:07 - 2018-09-27 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVAST Software
2021-09-14 09:15 - 2017-06-20 14:26 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 09:15 - 2017-06-20 14:26 - 000002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-08 12:13 - 2017-07-18 16:03 - 000278184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-09-08 12:09 - 2020-07-30 09:14 - 000153496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-09-08 12:09 - 2020-06-18 16:34 - 000393016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-09-08 12:09 - 2019-03-21 12:06 - 000206352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-09-08 12:09 - 2019-03-21 12:06 - 000091664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-09-08 12:09 - 2017-07-18 16:06 - 000039312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000455920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000092752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000071920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-09-08 12:08 - 2019-03-21 12:06 - 000309264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-09-08 12:08 - 2019-03-21 12:06 - 000033600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-09-08 12:08 - 2017-11-17 09:11 - 000185776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-09-08 12:08 - 2017-07-18 16:03 - 000690128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-09-03 09:26 - 2019-04-12 09:35 - 000003720 _____ C:\Windows\system32\Tasks\Avast Secure Browser Heartbeat Task (Hourly)
2021-09-03 09:26 - 2018-09-27 09:29 - 000002381 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Secure Browser.lnk
2021-09-03 09:26 - 2018-09-27 09:29 - 000002338 _____ C:\Users\Public\Desktop\Avast Secure Browser.lnk
2021-09-03 09:16 - 2010-10-30 10:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2021-09-02 12:01 - 2011-04-04 16:21 - 000000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2021-09-02 09:04 - 2018-03-28 15:58 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-02 09:04 - 2017-06-20 14:25 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-02 09:04 - 2017-06-20 14:25 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-02 09:04 - 2017-06-20 10:51 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-09-02 09:04 - 2013-09-25 11:14 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-09-02 09:04 - 2012-07-26 12:09 - 000003068 _____ C:\Windows\system32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB}
2021-09-02 09:04 - 2012-03-30 10:56 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}
2021-09-02 09:04 - 2011-04-04 16:21 - 000003912 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA
2021-09-02 09:04 - 2011-04-04 16:21 - 000003516 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core
2021-09-02 09:04 - 2010-10-24 18:33 - 000002866 _____ C:\Windows\system32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053}
2021-09-01 12:43 - 2017-12-07 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-09-01 12:25 - 2010-10-24 19:51 - 000000000 ____D C:\ProgramData\Adobe
2021-08-31 14:56 - 2010-10-29 10:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-08-31 14:56 - 2010-10-24 19:26 - 003890712 _____ C:\Windows\system32\perfh01F.dat
2021-08-31 14:56 - 2010-10-24 19:26 - 003245800 _____ C:\Windows\system32\perfc01F.dat
2021-08-31 14:56 - 2010-10-24 18:25 - 000006252 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-30 23:45 - 2010-10-24 18:20 - 000652664 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2010-10-29 19:41 - 2010-10-30 10:58 - 000008049 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2010-10-26 17:33 - 2010-10-26 17:33 - 000000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-09 10:36
==================== End of FRST.txt ========================

Addition.txt

Линк към коментара
Сподели в други сайтове

Поддръжката на Windows 7 приключи на 14 януари 2020 г...!!!

Информация за края на поддръжката на Windows 7 – Microsoft

Това означава че аз лично не мога да ви гарантирам чистотата от зловреден софтуер на вашата система. Без актуализации на софтуера и защитата, тя ще бъде изложен на по-голям риск от вируси и злонамерен софтуер. Освен това вашите дневници не са пълни (визирам Addition.txt ). 

 

Въпрос:  Този компютър служебен ли е ..? TeamViewer - вие ли инсталирахте ..? 

 

CKScanner

Изтеглете CKScanner от askey127 от тук:

Важно: Запазете го на работния плот.

  •     Щракнете двукратно върху CKScanner.exe и щракнете върху Search For Files .
  •     След много кратко време, когато часовникът на курсора изчезне, щракнете върху Save List To File .
  •     Съобщение ще потвърди, че файлът е запазен. Моля, стартирайте програмата само веднъж. 
  •     Щракнете двукратно върху иконата на CKFiles.txt на вашия работен плот и копирайте / поставете съдържанието в следващия си отговор.

 

 

Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с име SecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

Линк към коментара
Сподели в други сайтове

Да компютъра е служебен,шефа за сега не мисли да сменя уиндоусите за сега ще е със уиндоус 7.Не не съм инсталирал теам виеуер там си беше.Ако трябва да повторя проверката за пълен лог не знам какво стана за да не е пълен.Ако не е проблем утре ще извърша сканирането с горните програми защото не съм на работа вече. 

Линк към коментара
Сподели в други сайтове

преди 2 часа, valyo_93 написа:

Да компютъра е служебен,шефа за сега не мисли да сменя уиндоусите за сега ще е със уиндоус 7

Е тука вече имаме проблем..! Системен администратор нямате  ли..? 

Линк към коментара
Сподели в други сайтове

Първата програма не ми изкара лог 

SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17]
WebSite: www.safezone.cc
DateLog: 17.09.2021 08:19:59
Path starting: C:\Users\Administrator\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe
Log directory: C:\SecurityCheck\
IsAdmin: True
User: Administrator
VersionXML: 9.14is-15.09.2021
___________________________________________________________________________

Windows 7(6.1.7601) Service Pack 1 (x86) Enterprise Lang: English(0409)
Installation date OS: 24.10.2010 19:54:29
LicenseStatus: Windows® 7, Enterprise edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files\Internet Explorer\iexplore.exe
SystemDrive: 😄 FS: [NTFS] Capacity: [95.1 Gb] Used: [74.5 Gb] Free: [20.6 Gb]
------------------------------- [ Windows ] -------------------------------
Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats
Internet Explorer 11.0.9600.19596
User Account Control enabled (Level 3)
Automatically download and schedule installation
Date install updates: 2021-09-17 05:18:08
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
TaskMgr Disable
------------------------------ [ MS Office ] ------------------------------
Microsoft Office 2007 v.12.0.6612.1000
Microsoft Office 2010 x86 v.14.0.7015.1000
---------------------------- [ Antivirus_WMI ] ----------------------------
System Center Endpoint Protection (enabled and up to date)
Avast Antivirus (enabled and up to date)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
System Center Endpoint Protection (enabled and up to date)
Windows Defender (disabled and up to date)
Avast Antivirus (enabled and up to date)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
Avast Free Antivirus v.21.7.2481
--------------------------- [ OtherUtilities ] ----------------------------
Microsoft Office Professional Plus 2007 v.12.0.6612.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
TeamViewer 7 v.7.0.17271 Warning! Download Update
Microsoft .NET Framework 4.8 (TRK) v.4.8.03761
TeamViewer 7 (MSI Wrapper) v.7.0.17271 Warning! Download Update
Microsoft Silverlight v.5.1.50918.0
Microsoft Office 2007 Service Pack 3 (SP3) Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office IME (Chinese (Traditional)) 2007 v.12.0.6612.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office IME (Japanese) 2007 v.12.0.6612.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office IME (Korean) 2007 v.12.0.6612.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office IME (Chinese (Simplified)) 2007 v.12.0.6612.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office Project Professional 2010 v.14.0.7015.1000 Warning! This software is no longer supported. Please use latest Microsift Office, Office Online or LibreOffice
Microsoft Office Visio 2010 v.14.0.7015.1000 Warning! This software is no longer supported.
Microsoft .NET Framework 4.8 v.4.8.03761
Microsoft .NET Framework 4.8 (Türkçe) v.4.8.03761
------------------------------ [ ArchAndFM ] ------------------------------
7-Zip 4.65 Warning! This software is no longer supported. Uninstall old version, download and install new one.
-------------------------- [ IMAndCollaborate ] ---------------------------
Skype™ 7.38 v.7.38.101 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe AIR v.3.8.0.870 Warning! Download Update
Adobe Flash Player 32 ActiveX v.32.0.0.433 Warning! This software is no longer supported. Please uninstall it.
Adobe Flash Player 32 NPAPI v.32.0.0.433 Warning! This software is no longer supported. Please uninstall it.
Adobe Flash Player 32 PPAPI v.32.0.0.433 Warning! This software is no longer supported. Please uninstall it.
Adobe Reader XI v.11.0.00 Warning! This software is no longer supported. Please uninstall it and use Adobe Acrobat Reader DC.
------------------------------- [ Browser ] -------------------------------
Avast Secure Browser v.92.2.11575.159 Warning! Download Update
Google Chrome v.93.0.4577.82
Mozilla Firefox (en-US) v.23.0.0.0 Warning! Download Update
----------------------------- [ EmailClient ] -----------------------------
Windows Live Essentials v.15.4.3555.0308 Warning! This software is no longer supported.
Windows Live Mesh ActiveX Control for Remote Connections v.15.4.5722.2 Warning! This software is no longer supported.
Windows Live Mesh v.15.4.3502.0922 Warning! This software is no longer supported.
Windows Live Mail v.15.4.3502.0922 Warning! This software is no longer supported.
------------------ [ AntivirusFirewallProcessServices ] -------------------
aswbIDSAgent (aswbIDSAgent) - The service is running
C:\Program Files\AVAST Software\Avast\aswidsagent.exe v.21.7.6523.687
C:\Program Files\AVAST Software\Avast\aswEngSrv.exe v.21.7.6523.0
C:\Program Files\AVAST Software\Avast\AvastUI.exe v.21.7.6523.689
C:\Program Files\AVAST Software\Avast\AvBugReport.exe v.21.7.6523.0
AvastWscReporter (AvastWscReporter) - The service is running
C:\Program Files\AVAST Software\Avast\wsc_proxy.exe v.21.4.6162.0
aswbIDSAgent (aswbIDSAgent) - The service is running
Avast Antivirus (avast! Antivirus) - The service is running
C:\Program Files\AVAST Software\Avast\AvastSvc.exe v.21.7.6523.0
Microsoft Antimalware Service (MsMpSvc) - The service is running
C:\Program Files\Microsoft Security Client\MsMpEng.exe v.4.10.209.0
C:\Program Files\Microsoft Security Client\msseces.exe v.4.10.209.0
Microsoft Network Inspection (NisSrv) - The service is running
C:\Program Files\Microsoft Security Client\NisSrv.exe v.4.10.209.0
Windows Defender (WinDefend) - The service has stopped
---------------------------- [ UnwantedApps ] -----------------------------
Skype Click to Call v.8.5.0.9167 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems.
----------------------------- [ End of Log ] ------------------------------

 

Untitled.jpg

Линк към коментара
Сподели в други сайтове

Мазало , голямо ...!!! :) Ще ви върна отговор скоро но видимо само от този резултат на SecurityCheck  , този компютър не е пипан с години..!!! 

Линк към коментара
Сподели в други сайтове

Не знам въобще от къде да започна ..като за начало:

Виждат се две антивирусни програми които работят в реално време :

Цитат

System Center Endpoint Protection (enabled and up to date)
Avast Antivirus (enabled and up to date)

Чували сме за конфликт и защо не трябва две антивирусни да работят едновременно на един компютър ..! 

Цитат

AV: System Center Endpoint Protection (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

Мисля че от тук трябва да се започне ...и Avast e програмата която трябва да се деинсталира за сега временно първо..! 

 

Деинсталиране на програми с помощта на Revo Uninstaller Free Portable

  • Изтеглете Revo Uninstaller Free Portable и го запазете на вашия работен плот
  • Щракнете с десния бутон върху папката и изберете Extract All ..., след което щракнете върху Extract
  • Щракнете двукратно върху папката RevoUninstaller-Portable
  • Щракнете с десния бутон върху RevoUPort и изберете Изпълни като администратор (Run as administrator)
  • Щракнете върху OK върху лицензионното споразумение
  • От списъка с програми щракнете двукратно върху изброените програми или други подобни, за да го премахнете (ако съществува):
Цитат

Avast Free Antivirus

TeamViewer 7

TeamViewer 7 (MSI Wrapper) 

Adobe Flash Player 32 ActiveX v.32.0.0.433 
Adobe Flash Player 32 NPAPI v.32.0.0.433 
Adobe Flash Player 32 PPAPI v.32.0.0.433

Avast Secure Browser

Windows Live Essentials v.15.4.3555.0308 
Windows Live Mesh ActiveX Control for Remote Connections v.15.4.5722.2 
Windows Live Mesh v.15.4.3502.0922 
Windows Live Mail v.15.4.3502.0922 

Skype Click to Call v.8.5.0.9167

  • Ако се появи деинсталаторът на програмата, изпълнете стъпките за премахване на програмата (ите)
  • Уверете се, че е избрана опцията Разширени (Advanced), след което щракнете върху Сканиране (Scan)
  • За всеки прозорец, който може да се появи, идентифициращ останалите елементи, щракнете върху Избери всички, Изтрий (Select All, Delete), след което потвърдете изтриването
  • След като приключите, щракнете върху Готово (Finish)
  • Рестартирайте компютъра

 

FRST сканиране

    Щракнете двукратно върху FRST.exe / FRST64.exe, за да го стартирате.
    Натиснете бутона за image.png.e4ea07ecfc9acbc1a7ac79c624db8810.png сканиране.
    Когато приключи, той ще създаде  два лог файла с името FRST.txt и Addition.txt, в същата директория, от която е стартиран инструментът.
    Моля, копирайте и поставете двата файла в следващия си отговор.

Линк към коментара
Сподели в други сайтове

 

Aваста се изтри от втория път след това сканиране ако трябва да повторя сканирането

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2021
Ran by Administrator (administrator) on GLBG1543PC04 (Hewlett-Packard HP Compaq 6005 Pro SFF PC) (17-09-2021 14:27:34)
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Librarian & Visitor & Administrator
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe
() [File not signed] C:\Windows\System32\xWD35bgnd.exe
() [File not signed] C:\Windows\Xerox\PanelMgr\SSMMgr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\setup\instup.exe <2>
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(Google Inc -> Google Inc.) C:\Program Files\Google\Update\GoogleUpdate.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corporation -> Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsService.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsSystray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Skype Software Sarl -> Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files\Skype\Browser\SkypeBrowserHost.exe
(Skype Software Sarl -> Skype Technologies) C:\Program Files\Skype\Updater\Updater.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe
(TeamViewer -> TeamViewer GmbH) C:\Program Files\TeamViewer\Version7\tv_w32.exe
(Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IME JPN 2007 Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPKLMG.EXE [63856 2011-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Microsoft Pinyin IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [XeroxScanUtility] => C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe [430080 2008-04-15] (Xerox Corporation) [File not signed]
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xWD35bgnd.exe [80896 2008-04-14] () [File not signed]
HKLM\...\Run: [Xerox PanelMgr] => C:\Windows\Xerox\PanelMgr\SSMMgr.exe [626688 2010-01-26] () [File not signed]
HKLM\...\Run: [Stanley-H_XRX_S2P] => C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe [253952 2010-01-26] () [File not signed]
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [884584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [112920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-18\...\Run: [Skype] => C:\Program Files\Skype\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
HKLM\...\Windows NT x86\Print Processors\sxs2mPC: C:\Windows\System32\spool\prtprocs\W32X86\sxs2mpc.dll [19968 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) 2000 DDK provider)
HKLM\...\Windows NT x86\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\W32X86\x5print.dll [10752 2008-05-09] (Xerox Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\xp3220: C:\Windows\System32\spool\prtprocs\W32X86\xp3220pp.dll [56320 2009-06-17] (Windows (R) Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\Language Monitor for Xerox Phaser 6125N: C:\Windows\SYSTEM32\XRZWSLBI.DLL [135284 2009-08-30] (Xerox Co., Ltd.) [File not signed]
HKLM\...\Print\Monitors\sxs2m Langmon: C:\Windows\SYSTEM32\sxs2ml3.dll [22723 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Xerox PC Fax Port: C:\Windows\SYSTEM32\XeroxFaxPort.dll [94208 2009-04-02] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{F8A0B131-5F68-486c-8040-7E8FC3C85BB6}] -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk [2013-09-20]
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG) [File not signed]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08DF9C6D-7CB5-4684-B618-67D60F53BEA0} - System32\Tasks\Del Old File => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {3559AB34-18E1-482D-8F96-4536BA328936} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [1546480 2021-06-25] (Avast Software s.r.o. -> Avast Software)
Task: {3910E168-A173-4EF4-A61E-E5D13CCE99DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {4E4163B2-2F9B-40BC-BCE1-8CA082945A05} - \AvastUpdateTaskMachineUA -> No File <==== ATTENTION
Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
Task: {5F353FD2-DAE7-4B61-B6D2-013DE73E0D84} - \Avast Emergency Update -> No File <==== ATTENTION
Task: {67F3E56F-BF81-40A9-9B43-E0B8D326CF35} - System32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053} => C:\Program Files\Skype\\Phone\Skype.exe [27784672 2017-06-27] (Skype Software Sarl -> Skype Technologies S.A.)
Task: {6D041990-9703-495B-922D-A29D1E951CF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {6D725850-4BEA-4C22-ADFF-0B008091ECAD} - System32\Tasks\delete => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
Task: {88F25EBE-0AD6-45B2-BB52-208CF5A62B03} - System32\Tasks\Log off => C:\Windows\Scripts\logoff.bat [16 2010-10-31] () [File not signed]
Task: {9F2A0AEF-F85F-4784-A1C3-68726ED402A0} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001UA -> No File <==== ATTENTION
Task: {A2DF1937-8BB7-429B-838F-9BB6B671ABA2} - System32\Tasks\Microsoft\Windows Live\SOXE\Extractor Definitions Update Task => {3519154C-227E-47F3-9CC9-12C3F05817F1} C:\Program Files\Windows Live\SOXE\wlsoxe.dll [179584 2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe [1497656 2020-09-15] (Adobe Inc. -> Adobe)
Task: {B1AE9B04-84F1-4831-8527-D76B753CBA2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)
Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe [1502264 2020-09-09] (Adobe Inc. -> Adobe)
Task: {BD743956-DC62-4307-843F-D62CE84AD182} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C55964AC-A211-4B5D-B595-C77C191E72DB} - System32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB} => "C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
Task: {DDA3604F-53D8-4D74-AB76-64F76053088A} - \AvastUpdateTaskMachineCore -> No File <==== ATTENTION
Task: {E6F7600D-6140-47CD-ABC1-EF14231C4445} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EF23F159-7109-499A-A25E-2BF8A8FE9116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Winsock: Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145280 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A753DA6E-FE95-49B7-AA56-3DC81D3E4609}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\c21lr0at.default [2018-09-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [2020-09-09] (Adobe Inc. -> )
FF Plugin: @IPC/WebClient -> C:\windows\system32\SuperClient2\npSuperClient.dll [2013-09-26] (Chipspoint Electronics Co., Ltd -> )
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-11-26] (Nullsoft, Inc.) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Visitor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies SF -> Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-09-17]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Документи) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-27]
CHR Extension: (Google Диск) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-31]
CHR Extension: (Google Документи офлайн) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-01]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
CHR Extension: (Skype) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-09-27]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-31]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-09-15] (Adobe Inc. -> Adobe)
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [7466064 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [575768 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Tools; C:\Program Files\AVAST Software\Avast\aswToolsSvc.exe [357656 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [56912 2021-06-25] (Avast Software s.r.o. -> AVAST Software)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
R2 wlidsvc; C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [1713536 2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8395776 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [247296 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [33600 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185776 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [309264 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [206352 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [91664 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [39312 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [153496 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [393016 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R3 aswNetNd6; C:\Windows\System32\DRIVERS\aswNetNd6.sys [36104 2020-06-18] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [92752 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [71920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [690128 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [455920 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [161864 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [278184 2021-09-08] (Avast Software s.r.o. -> AVAST Software)
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 MpKsl3ba7fc3a; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B186C32C-EB84-48A7-B9CE-5A4330899582}\MpKslDrv.sys [36072 2021-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 qcusbser-forge; C:\Windows\System32\DRIVERS\qcusbser.sys [214080 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
S3 qcusbwwan-forge; C:\Windows\System32\DRIVERS\qcusbwwan.sys [422976 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI Corporation -> MCCI)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 08:37 - 2021-09-17 08:37 - 000000000 ____D C:\Users\Administrator\vmlogs
2021-09-17 08:33 - 2021-09-17 08:48 - 000000000 ____D C:\Users\Administrator\AppData\Local\Nox
2021-09-17 08:19 - 2021-09-17 08:19 - 000000000 ____D C:\SecurityCheck
2021-09-16 11:55 - 2021-09-17 14:30 - 000000000 ____D C:\FRST
2021-09-16 11:38 - 2021-09-16 11:38 - 000006890 _____ C:\Users\Administrator\-1.14-windows.xml
2021-09-16 11:33 - 2021-09-17 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-09-16 11:33 - 2021-09-16 11:33 - 000000000 ____D C:\Users\Public\BlueStacks
2021-09-16 08:54 - 2021-09-17 10:14 - 000000262 _____ C:\Users\Administrator\advanced_ip_scanner_MAC.bin
2021-09-16 08:54 - 2021-09-17 10:14 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Comments.bin
2021-09-16 08:54 - 2021-09-17 10:14 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Aliases.bin
2021-09-16 08:51 - 2013-09-26 14:21 - 000000000 ____D C:\Windows\system32\SuperClient2
2021-09-16 08:51 - 2013-09-26 14:07 - 000237568 _____ () C:\Windows\system32\SuperClient Save.exe
2021-09-16 08:48 - 2021-09-16 08:48 - 000000957 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\Program Files\Advanced IP Scanner
2021-09-08 12:11 - 2021-09-08 12:09 - 000287000 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2021-09-08 12:11 - 2021-09-08 12:09 - 000161864 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2021-09-02 09:25 - 2021-09-13 09:22 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-08-31 14:56 - 2021-08-31 14:56 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 14:37 - 2017-07-18 16:04 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\AVAST Software
2021-09-17 14:37 - 2017-07-18 16:00 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-17 14:26 - 2013-09-25 11:17 - 000000000 ____D C:\Program Files\Google
2021-09-17 14:26 - 2010-10-31 18:37 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Skype
2021-09-17 14:23 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-17 14:20 - 2018-09-27 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVAST Software
2021-09-17 14:20 - 2017-07-18 16:01 - 000000000 ____D C:\Program Files\AVAST Software
2021-09-17 14:13 - 2017-07-18 16:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2021-09-17 12:45 - 2011-04-04 16:21 - 000000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2021-09-17 12:11 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-17 12:11 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-17 08:48 - 2010-10-25 14:50 - 000000000 ____D C:\Users\Administrator
2021-09-17 08:36 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\Registration
2021-09-17 08:36 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2021-09-16 11:56 - 2010-10-25 14:45 - 000000000 ____D C:\Users\Visitor
2021-09-16 11:56 - 2010-10-25 14:24 - 000000000 ____D C:\Users\Librarian
2021-09-14 09:15 - 2017-06-20 14:26 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 09:15 - 2017-06-20 14:26 - 000002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-08 12:13 - 2017-07-18 16:03 - 000278184 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2021-09-08 12:09 - 2020-07-30 09:14 - 000153496 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2021-09-08 12:09 - 2020-06-18 16:34 - 000393016 _____ (AVAST Software) C:\Windows\system32\Drivers\aswNetHub.sys
2021-09-08 12:09 - 2019-03-21 12:06 - 000206352 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsh.sys
2021-09-08 12:09 - 2019-03-21 12:06 - 000091664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniv.sys
2021-09-08 12:09 - 2017-07-18 16:06 - 000039312 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000455920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000092752 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2021-09-08 12:09 - 2017-07-18 16:03 - 000071920 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2021-09-08 12:08 - 2019-03-21 12:06 - 000309264 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdriver.sys
2021-09-08 12:08 - 2019-03-21 12:06 - 000033600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArDisk.sys
2021-09-08 12:08 - 2017-11-17 09:11 - 000185776 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
2021-09-08 12:08 - 2017-07-18 16:03 - 000690128 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2021-09-03 09:16 - 2010-10-30 10:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2021-09-02 12:01 - 2011-04-04 16:21 - 000000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2021-09-02 09:04 - 2018-03-28 15:58 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-02 09:04 - 2017-06-20 14:25 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-02 09:04 - 2017-06-20 14:25 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-02 09:04 - 2017-06-20 10:51 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-09-02 09:04 - 2013-09-25 11:14 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-09-02 09:04 - 2012-07-26 12:09 - 000003068 _____ C:\Windows\system32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB}
2021-09-02 09:04 - 2012-03-30 10:56 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}
2021-09-02 09:04 - 2011-04-04 16:21 - 000003912 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA
2021-09-02 09:04 - 2011-04-04 16:21 - 000003516 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core
2021-09-02 09:04 - 2010-10-24 18:33 - 000002866 _____ C:\Windows\system32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053}
2021-09-01 12:43 - 2017-12-07 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-09-01 12:25 - 2010-10-24 19:51 - 000000000 ____D C:\ProgramData\Adobe
2021-08-31 14:56 - 2010-10-29 10:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-08-31 14:56 - 2010-10-24 19:26 - 003890712 _____ C:\Windows\system32\perfh01F.dat
2021-08-31 14:56 - 2010-10-24 19:26 - 003245800 _____ C:\Windows\system32\perfc01F.dat
2021-08-31 14:56 - 2010-10-24 18:25 - 000006252 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-30 23:45 - 2010-10-24 18:20 - 000652664 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2010-10-29 19:41 - 2010-10-30 10:58 - 000008049 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2010-10-26 17:33 - 2010-10-26 17:33 - 000000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-09 10:36
==================== End of FRST.txt ========================

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-09-2021
Ran by Administrator (17-09-2021 14:39:29)
Running from D:\Users\Administrator\Desktop
Microsoft Windows 7 Enterprise  Service Pack 1 (X86) (2010-10-24 19:54:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-299244719-1399796724-3294634451-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-299244719-1399796724-3294634451-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-299244719-1399796724-3294634451-1002 - Limited - Enabled)
Librarian (S-1-5-21-299244719-1399796724-3294634451-1005 - Limited - Enabled) => C:\Users\Librarian
Visitor (S-1-5-21-299244719-1399796724-3294634451-1006 - Limited - Enabled) => C:\Users\Visitor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: System Center Endpoint Protection (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AV: Avast Antivirus (Disabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}
AS: System Center Endpoint Protection (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Disabled - Up to date) {5078598A-1FA2-C888-AA5F-A9C66537DB12}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Actualizare Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0418-0000-0000000FF1CE}_OMUI.ro-ro_{6195740F-0C89-4CDD-ACAD-67CCE1495348}) (Version:  - Microsoft)
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0418-0000-0000000FF1CE}_OMUI.ro-ro_{E78703E2-69D3-4204-B101-9D8B7B72585C}) (Version:  - Microsoft)
Actualizare Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0418-0000-0000000FF1CE}_OMUI.ro-ro_{1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}) (Version:  - Microsoft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 32.0.0.433 - Adobe)
Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM\...\{A1F30E8A-A6A5-4431-ADFD-3119EB6A28B4}) (Version: 2.5.3850 - Famatech)
AMD Catalyst Install Manager (HKLM\...\{EA8D489E-48F5-47E6-901A-C5BCD93B34DC}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 21.7.2481 - Avast Software)
D3DX10 (HKLM\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Google Chrome (HKLM\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
Google Chrome (HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Google Chrome) (Version: 10.0.648.204 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HydraVision (HKLM\...\{D09BF567-670F-3849-56C0-06EF96B353DF}) (Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden
Junk Mail filter update (HKLM\...\{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Mesh Runtime (HKLM\...\{8C6D6116-B724-4810-8F2D-D047E6B7D68E}) (Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Messenger Companion (HKLM\...\{50816F92-1652-4A7C-B9BC-48F682742C4B}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0402-0000-0000000FF1CE}_OMUI.bg-bg_{F396405D-7270-406B-B59C-CC36095EEFB3}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0418-0000-0000000FF1CE}_OMUI.ro-ro_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-041F-0000-0000000FF1CE}_OMUI.tr-tr_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Àêòóàëèçàöèÿ (KB963678) (HKLM\...\{90120000-0016-0402-0000-0000000FF1CE}_OMUI.bg-bg_{B3B0B5D0-371D-4211-A43A-B4E70B563756}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Güncelleþtirmesi (KB963678) (HKLM\...\{90120000-0016-041F-0000-0000000FF1CE}_OMUI.tr-tr_{E792E914-5172-48B2-A58A-65C3F311C4E2}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Bulgarian/български (HKLM\...\OMUI.bg-bg) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Romanian/Română (HKLM\...\OMUI.ro-ro) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Turkish/Türkçe (HKLM\...\OMUI.tr-tr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0402-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Àêòóàëèçàöèÿ (KB963669) (HKLM\...\{90120000-0018-0402-0000-0000000FF1CE}_OMUI.bg-bg_{C64A08BB-59AC-4ACE-AF1D-D5225DF9CE2D}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Güncelleþtirmesi (KB963669) (HKLM\...\{90120000-0018-041F-0000-0000000FF1CE}_OMUI.tr-tr_{8C762073-C6A4-4A11-A639-1C73014FAE00}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit 2007 (HKLM\...\PROOFKIT) (Version: 12.0.4518.1070 - Microsoft Corporation)
Microsoft Office Word 2007 Help Àêòóàëèçàöèÿ (KB963665) (HKLM\...\{90120000-001B-0402-0000-0000000FF1CE}_OMUI.bg-bg_{6BECE490-EB24-47FB-B6C9-91724C0B0E6E}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Güncelleþtirmesi (KB963665) (HKLM\...\{90120000-001B-041F-0000-0000000FF1CE}_OMUI.tr-tr_{96E44099-EB0F-45A3-8831-40412110810D}) (Version:  - Microsoft)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (en-US) (HKLM\...\{167441FD-6803-47BA-86CE-77CD30C8BDB0}) (Version: 23.0.0.0 - FrontMotion)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
OCS Inventory NG Agent 2.1.0.1 (HKLM\...\OCS Inventory NG Agent) (Version: 2.1.0.1 - OCS Inventory NG Team)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
Skype Click to Call (HKLM\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype™ 7.38 (HKLM\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.38.101 - Skype Technologies S.A.)
SuperClient (HKLM\...\SuperClient) (Version:  - )
System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
TeamViewer 7 (HKLM\...\TeamViewer 7) (Version: 7.0.17271 - TeamViewer)
TeamViewer 7 (MSI Wrapper) (HKLM\...\{74740C77-EF90-4AB4-A2F4-D9D7C2B3DFF0}) (Version: 7.0.17271 - TeamViewer)
Unity Web Player (HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Essentials (HKLM\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
Xerox Scan Driver (HKLM\...\Xerox_Scan_Utility) (Version:  - )
Xerox WorkCentre 3220 (HKLM\...\Xerox WorkCentre 3220) (Version:  - )
Помощник на Messenger (HKLM\...\{FEA0181F-3758-46DA-B7EC-F3CDFA7E0CE7}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Фотогалерия на Windows Live (HKLM\...\{4444F27C-B1A8-464E-9486-4C37BAB39A09}) (Version: 15.4.3502.0922 - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{039B2CA5-3B41-4D93-AD77-47D3293FC5CB}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{42481700-CF3C-4D05-8EC6-F9A1C57E8DC0}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{BB6410D8-F879-4184-9C5C-6A02D16AE0B3}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{CA1073A2-5F3F-4445-8E5E-7109BDCEDDBE}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{D0D38C6E-BF64-4C42-840D-3E0019D9F7A6}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{D5A55D2D-C59D-42C3-A5BF-4C08EEE74339}\InprocServer32 -> C:\Program Files\Skype\Plugin Manager\ezPMUtils.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2021-09-08] (Avast Software s.r.o. -> AVAST Software)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-04-11 17:20 - 2011-04-11 17:20 - 000098304 _____ () [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-01-20 14:51 - 2009-01-20 14:51 - 000007168 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000369152 _____ () [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2011-07-13 19:22 - 2011-07-13 19:22 - 000095232 _____ () [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2013-03-06 18:51 - 2013-03-06 18:51 - 000067584 _____ () [File not signed] C:\Program Files\OCS Inventory Agent\zlib1.dll
2010-10-29 19:40 - 2008-10-28 09:02 - 000184320 _____ () [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\IMFilter.dll
2010-10-29 19:40 - 2008-10-28 09:03 - 001384520 _____ () [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\ssole.dll
2010-10-29 19:20 - 2008-04-24 12:39 - 001310720 _____ () [File not signed] C:\Windows\system32\xeext.dll
2010-10-29 19:40 - 2009-04-02 09:58 - 000094208 _____ () [File not signed] C:\Windows\System32\XeroxFaxPort.dll
2010-10-29 19:20 - 2008-04-24 12:40 - 000151552 _____ () [File not signed] C:\Windows\system32\xesup.dll
2010-10-29 19:20 - 2008-04-24 12:40 - 000364544 _____ () [File not signed] C:\Windows\system32\xipinterp.dll
2010-10-29 19:20 - 2008-04-24 12:41 - 000274432 _____ () [File not signed] C:\Windows\system32\xiputil.dll
2010-10-29 19:20 - 2008-04-24 12:42 - 000909312 _____ () [File not signed] C:\Windows\system32\xrx_xml2.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000033280 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000040448 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000016896 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000253952 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000316416 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000120832 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000250368 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000096768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000172032 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 001003520 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000070144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 002041344 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.HydraVision.Aspects.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 001284096 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000417792 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000262144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-06-08 02:26 - 2011-06-08 02:26 - 000020992 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CoreAudioApi.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2011-06-23 11:51 - 2011-06-23 11:51 - 000094208 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000376832 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2007-08-09 17:58 - 2007-08-09 17:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 06:27 - 2009-06-17 06:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 17:29 - 2008-04-03 17:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 12:04 - 2008-12-30 12:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-12-08 07:49 - 2009-12-08 07:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2010-10-07 14:07 - 2010-10-07 14:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-05 15:18 - 2010-11-05 15:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000253952 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000373248 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000303104 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000180224 _____ (Advanced Mirco Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2011-07-13 19:22 - 2011-07-13 19:22 - 000037376 _____ (AMD) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2010-03-04 01:27 - 2010-03-04 01:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2013-04-03 11:02 - 2013-04-03 11:02 - 000282112 _____ (OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OCSInventory Front.dll
2013-04-02 11:48 - 2013-04-02 11:48 - 000036352 _____ (OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsWmi.dll
2013-04-02 11:49 - 2013-04-02 11:49 - 000696832 _____ (OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\SysInfo.dll
2010-10-29 19:40 - 2008-10-28 09:03 - 000065536 _____ (Samsung Electronics) [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\scantopc.dll
2010-10-29 19:40 - 2008-10-28 16:07 - 000081920 _____ (Samsung Electronics) [File not signed] C:\Windows\system32\ssdevm.dll
2013-03-06 18:54 - 2013-03-06 18:54 - 001097216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\OCS Inventory Agent\LIBEAY32.dll
2010-10-29 19:40 - 2009-06-17 16:57 - 000056320 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\xp3220pp.dll
2010-10-30 10:38 - 2009-08-30 16:00 - 000135284 _____ (Xerox Co., Ltd.) [File not signed] C:\Windows\System32\XRZWSLBI.DLL
2010-10-29 19:19 - 2008-04-24 12:37 - 000015360 _____ (Xerox Corp.) [File not signed] C:\Windows\system32\cpsimage2.DLL
2010-10-29 19:20 - 2008-04-15 00:05 - 000168960 _____ (Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipst.dll
2010-10-29 19:19 - 2008-05-09 15:39 - 000693760 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\x2upBC.dll
2010-10-29 19:19 - 2008-05-09 15:38 - 001017344 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\x2utilBC.dll
2010-10-29 19:19 - 2008-05-09 15:28 - 000010752 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\x5print.dll
2010-10-29 19:20 - 2007-12-05 01:14 - 000812544 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xntWD35u.dll
2010-10-29 19:20 - 2007-11-07 00:26 - 000189952 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xrxWD35u.dll
2010-10-29 19:20 - 2008-04-15 00:15 - 000301568 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35dev.dll
2010-10-29 19:20 - 2008-04-15 00:00 - 000015872 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35pb4.dll
2010-10-29 19:20 - 2008-04-15 00:16 - 000517120 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35usd.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-299244719-1399796724-3294634451-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://glbulgaria.bg/
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://glbulgaria.bg/
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006 -> {6E863BA6-C814-463A-976D-F1DFD9CF53A5} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corporation -> Microsoft Corp.)
BHO: Windows Live Messenger Companion Helper -> {9FDDE16B-836F-4806-AB1F-1455CBEFF289} -> C:\Program Files\Windows Live\Companion\companioncore.dll [2012-03-08] (Microsoft Corporation -> Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\microsoft.com -> hxxp://www.update.microsoft.com
IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\microsoft.com -> hxxp://www.update.microsoft.com
IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\microsoft.com -> hxxp://www.update.microsoft.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2019-03-05 10:55 - 000000830 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\PROGRAM FILES\AMD APP\BIN\X86;C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WINDOWS LIVE;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\WINDOWS LIVE\SHARED;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC;C:\PROGRAM FILES\SKYPE\PHONE\
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4B6A0928-1FFB-470F-8EE8-24C1AF418F05}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{0DD8DEA7-6914-4711-B7B5-4853E73EDA09}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{D71532F5-233D-43A7-B135-82C5882187C1}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{593772D5-2F1B-4E96-B44B-BBCBAC742553}] => (Allow) C:\Windows\twain_32\Xerox\WC3220\Sscan2io.exe (Microsoft Windows Hardware Compatibility Publisher -> )
FirewallRules: [{E0789624-7F5E-457D-908F-A25EACF8EC0C}] => (Allow) C:\Windows\twain_32\Xerox\WC3220\Sscan2io.exe (Microsoft Windows Hardware Compatibility Publisher -> )
FirewallRules: [TCP Query User{683B1C10-DAD7-416E-9CC5-82F733AB52C8}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [UDP Query User{E6952A14-9722-4D45-8853-262B2D34F7F3}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [{22C172C4-748E-4D76-9E04-92F9CFB85ADA}] => (Allow) C:\Program Files\Windows Live\Contacts\wlcomm.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{C297B403-A441-4F32-88B1-880A86CA65C0}] => (Allow) LPort=2869
FirewallRules: [{7FFDA6A6-AD9A-48F6-9B17-94E978633BD6}] => (Allow) LPort=1900
FirewallRules: [{D2EE789E-B165-477A-8C3B-5AB7C0FD6363}] => (Allow) C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7EFDC7C2-85F8-46B7-85B5-23D38CE4D864}] => (Allow) C:\Program Files\Skype\Plugin Manager\skypePM.exe => No File
FirewallRules: [{829289AC-7EEB-4EAE-B2A6-3BC48810F76F}] => (Allow) C:\Program Files\Windows Live\Mesh\MOE.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{89FC1343-F583-4CE1-AA03-BF98A64751DE}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [UDP Query User{5FDBBC3F-3347-47E5-84DF-D674073D80C8}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [{EA24F60D-AB3C-4E16-BCBB-7F8F3DC7C1F7}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{6AB3CA84-9832-4835-90A8-DF30591703ED}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{A282CFE2-603B-4D36-93D1-E7F94AC3B446}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{275FD1C2-E4AB-47D8-9F1A-D5F3E50AAA34}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{8C3BEDA4-6E61-4FB0-8F56-6DE346D8DC63}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{475EA84E-658F-4728-ABEB-0A033BA1596C}] => (Allow) C:\Program Files\TeamViewer\Version7\TeamViewer_Service.exe (TeamViewer -> TeamViewer GmbH)
FirewallRules: [{330CDFE1-7F88-4DED-BA99-7591B526DC93}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{80CBF977-FA92-4322-98FA-CF377FE45A81}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8C80F1EC-AC3A-41E8-9197-8FBAA448B1D7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{23BCBC4D-3097-46FA-AFF2-23EEAD329223}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6DD26E40-88A9-4DB9-9A2F-17DFF974124F}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BC40229B-75D0-4C66-B4C2-8446C85DB222}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6157ACE5-F245-4A5B-962D-AE0FC8554C3A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9C460051-FB8B-48F4-A192-AF46536808F1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{D9A3A6BD-4538-41C7-A2F8-EB0968FE05D0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{87740570-DDBB-4282-82FC-1341FB030DE6}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File

==================== Restore Points =========================

10-09-2021 09:53:47 Windows Update
14-09-2021 08:58:11 Windows Update
17-09-2021 14:03:37 Revo Uninstaller's restore point - Avast Free Antivirus
17-09-2021 14:05:54 Revo Uninstaller's restore point - Avast Free Antivirus
17-09-2021 14:18:28 Revo Uninstaller's restore point - Avast Secure Browser
17-09-2021 14:32:20 Revo Uninstaller's restore point - Avast Free Antivirus

==================== Faulty Device Manager Devices ============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 02:39:29 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:35:40 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:31:48 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {6da7b5de-7e79-409b-a1cb-d8fb8a320398}

Error: (09/17/2021 02:31:20 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:27:14 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:25:31 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:03:12 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {ac89944b-7655-4cc1-b24a-9ce491d2809d}

Error: (09/17/2021 01:17:09 PM) (Source: MsiInstaller) (EventID: 11316) (User: NT AUTHORITY)
Description: Product: Avast Update Helper -- Error 1316. The specified account already exists.


System errors:
=============
Error: (09/17/2021 02:26:23 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X86 service to connect.

Error: (09/17/2021 02:25:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга на %1!s! Актуализация (avast) service failed to start due to the following error: 
The system cannot find the file specified.

Error: (09/17/2021 02:23:53 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.

Error: (09/17/2021 02:23:43 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.

Error: (09/17/2021 02:23:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Global Library Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (09/17/2021 02:23:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Global Library Service service to connect.

Error: (09/17/2021 02:21:10 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {3FCB7074-EC9E-4AAF-9BE3-C0E356942366} did not register with DCOM within the required timeout.

Error: (09/17/2021 12:01:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.


Windows Defender:
================
Date: 2012-04-19 12:53:49.737
Description: 
Windows Defender scan has been stopped before completion.
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

==================== Memory info =========================== 

BIOS: Hewlett-Packard 786G6 v01.15 08/02/2011
Motherboard: Hewlett-Packard 3047h
Processor: AMD Athlon(tm) II X2 220 Processor
Percentage of memory in use: 75%
Total physical RAM: 2813.39 MB
Available physical RAM: 681.01 MB
Total Virtual: 5625.15 MB
Available Virtual: 3446.64 MB

==================== Drives ================================

Drive 😄 (System) (Fixed) (Total:95.14 GB) (Free:26.39 GB) NTFS
Drive d: (Data) (Fixed) (Total:84.57 GB) (Free:77.6 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:52.86 GB) (Free:19.5 GB) NTFS

\\?\Volume{6bba6ecb-5705-11e0-bc6e-806e6f6e6963}\ (BDEDrive) (Fixed) (Total:0.32 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 97BE5B6A)
Partition 1: (Not Active) - (Size=95.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=84.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52.9 GB) - (Type=07 NTFS)
Partition 4: (Active) - (Size=324 MB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

 

 

Линк към коментара
Сподели в други сайтове

преди 5 минути, valyo_93 написа:

Aваста се изтри от втория път след това сканиране ако трябва да повторя сканирането

 

Повторете отново сканирането но преди това вижте дали не сте пропуснали някоя програма  от карето в предния ми пост ...Всички тези програми се виждат в новите ви дневници ...Тъпчем на едно място .....!!! Безсмислено е да правим едни и същи неща няколко пъти..!

Линк към коментара
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-09-2021
Ran by Administrator (administrator) on GLBG1543PC04 (Hewlett-Packard HP Compaq 6005 Pro SFF PC) (17-09-2021 15:27:49)
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Administrator
Platform: Microsoft Windows 7 Enterprise  Service Pack 1 (X86) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe
() [File not signed] C:\Windows\System32\xWD35bgnd.exe
() [File not signed] C:\Windows\Xerox\PanelMgr\SSMMgr.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
(Advanced Micro Devices, Inc.) [File not signed] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Update\1.3.36.102\GoogleCrashHandler.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\lpksetup.exe <2>
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Windows Hardware Compatibility Publisher -> AMD) C:\Windows\System32\atiesrxx.exe
(OCS Inventory NG) [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\OCSInventory.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsService.exe
(OCS Inventory NG) [File not signed] C:\Program Files\OCS Inventory Agent\OcsSystray.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IME JPN 2007 Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEJP\IMJPKLMG.EXE [63856 2011-09-19] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Korean IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMEKR\IMKRMIG.EXE [26400 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Microsoft Pinyin IME Migration] => C:\Program Files\Common Files\microsoft shared\IME12\IMESC\IMSCMIG.EXE [32112 2011-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [XeroxScanUtility] => C:\Program Files\Xerox\Scan_Utility\xrxzipui.exe [430080 2008-04-15] (Xerox Corporation) [File not signed]
HKLM\...\Run: [XeroxEndeavorBackgroundTask] => C:\Windows\system32\xWD35bgnd.exe [80896 2008-04-14] () [File not signed]
HKLM\...\Run: [Xerox PanelMgr] => C:\Windows\Xerox\PanelMgr\SSMMgr.exe [626688 2010-01-26] () [File not signed]
HKLM\...\Run: [Stanley-H_XRX_S2P] => C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\Scan2pc.exe [253952 2010-01-26] () [File not signed]
HKLM\...\Run: [StartCCC] => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [336384 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10082920 2011-05-31] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1002984 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-19\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-20\...\Run: [Sidebar] => %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Run: [Google Update] => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [Skype] => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [LogonHoursAction] 2
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DontDisplayLogonHoursWarnings] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [DisableTaskMgr] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\system: [NoDispScrSavPage] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [DisablePersonalDirChange] 1
HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Policies\Explorer: [NoRun] 1
HKU\S-1-5-18\...\Run: [Skype] => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
HKLM\...\Windows NT x86\Print Processors\sxs2mPC: C:\Windows\System32\spool\prtprocs\W32X86\sxs2mpc.dll [19968 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) 2000 DDK provider)
HKLM\...\Windows NT x86\Print Processors\XeroxV5Print: C:\Windows\System32\spool\prtprocs\W32X86\x5print.dll [10752 2008-05-09] (Xerox Corporation) [File not signed]
HKLM\...\Windows NT x86\Print Processors\xp3220: C:\Windows\System32\spool\prtprocs\W32X86\xp3220pp.dll [56320 2009-06-17] (Windows (R) Codename Longhorn DDK provider) [File not signed]
HKLM\...\Print\Monitors\Language Monitor for Xerox Phaser 6125N: C:\Windows\SYSTEM32\XRZWSLBI.DLL [135284 2009-08-30] (Xerox Co., Ltd.) [File not signed]
HKLM\...\Print\Monitors\sxs2m Langmon: C:\Windows\SYSTEM32\sxs2ml3.dll [22723 2010-03-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Xerox PC Fax Port: C:\Windows\SYSTEM32\XeroxFaxPort.dll [94208 2009-04-02] () [File not signed]
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\93.0.4577.82\Installer\chrmstp.exe [2021-09-14] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\OCS Inventory NG Systray.lnk [2013-09-20]
ShortcutTarget: OCS Inventory NG Systray.lnk -> C:\Program Files\OCS Inventory Agent\OcsSystray.exe (OCS Inventory NG) [File not signed] [File is in use]
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {08DF9C6D-7CB5-4684-B618-67D60F53BEA0} - System32\Tasks\Del Old File => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {3910E168-A173-4EF4-A61E-E5D13CCE99DD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
Task: {67F3E56F-BF81-40A9-9B43-E0B8D326CF35} - System32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053} => C:\Program Files\Skype\\Phone\Skype.exe
Task: {6D041990-9703-495B-922D-A29D1E951CF5} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe [136176 2011-04-04] (Google Inc -> Google Inc.)
Task: {6D725850-4BEA-4C22-ADFF-0B008091ECAD} - System32\Tasks\delete => C:\Windows\Scripts\del.bat [1302 2010-10-30] () [File not signed]
Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {88F25EBE-0AD6-45B2-BB52-208CF5A62B03} - System32\Tasks\Log off => C:\Windows\Scripts\logoff.bat [16 2010-10-31] () [File not signed]
Task: {8D7865B2-94AB-4512-B090-9BD265D0A769} - System32\Tasks\Microsoft\Microsoft Antimalware\Microsoft Antimalware Scheduled Scan => C:\Program Files\Microsoft Security Client\\MpCmdRun.exe [345824 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {9F2A0AEF-F85F-4784-A1C3-68726ED402A0} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001UA -> No File <==== ATTENTION
Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe
Task: {B1AE9B04-84F1-4831-8527-D76B753CBA2C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)
Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe
Task: {BD743956-DC62-4307-843F-D62CE84AD182} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {C55964AC-A211-4B5D-B595-C77C191E72DB} - System32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB} => "C:\Program Files\Internet Explorer\iexplore.exe" http://ui.skype.com/ui/0/5.10.0.116/en/abandoninstall?page=tsMain
Task: {EF23F159-7109-499A-A25E-2BF8A8FE9116} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [153168 2017-06-20] (Google Inc -> Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job => C:\Users\Librarian\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001Core.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-421337976-2832419435-3520994213-1001UA.job => C:\Users\pc\AppData\Local\Google\Update\GoogleUpdate.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{A753DA6E-FE95-49B7-AA56-3DC81D3E4609}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

FireFox:
========
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\c21lr0at.default [2018-09-27]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [No File]
FF Plugin: @IPC/WebClient -> C:\windows\system32\SuperClient2\npSuperClient.dll [2013-09-26] (Chipspoint Electronics Co., Ltd -> )
FF Plugin: @java.com/DTPlugin,version=10.25.2 -> C:\Windows\system32\npDeployJava1.dll [2013-09-25] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation ->  Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @nullsoft.com/winampDetector;version=1 -> C:\Program Files\Winamp Detect\npwachk.dll [2013-11-26] (Nullsoft, Inc.) [File not signed]
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=3 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1005: @tools.google.com/Google Update;version=9 -> C:\Users\Librarian\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll [2011-11-14] (Google Inc -> Google Inc.)
FF Plugin HKU\S-1-5-21-299244719-1399796724-3294634451-1006: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Visitor\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-10] (Unity Technologies SF -> Unity Technologies ApS)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\services-sync.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-branding.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox-l10n.js [2010-01-01]
FF ExtraCheck: C:\Program Files\mozilla firefox\browser\defaults\preferences\firefox.js [2013-08-12]
FF ExtraCheck: C:\Program Files\mozilla firefox\mozilla.cfg [2007-04-03] <==== ATTENTION

Chrome: 
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-09-17]
CHR Notifications: Default -> hxxps://www.facebook.com
CHR Extension: (Документи) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-09-27]
CHR Extension: (Google Диск) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-08-31]
CHR Extension: (Google Документи офлайн) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-09-01]
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
CHR Extension: (Skype) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2018-09-27]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-08-31]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
S2 AgentService; C:\Program Files\LibraryClient\globalLibx32\service.exe [46592 2012-02-20] () [File not signed]
R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [176128 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> AMD)
R2 AMD FUEL Service; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [291840 2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [103696 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280864 2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
R2 OCS Inventory Service; C:\Program Files\OCS Inventory Agent\OcsService.exe [38912 2013-04-08] (OCS Inventory NG) [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Windows -> Microsoft Corporation)
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdiox86; C:\Windows\System32\DRIVERS\amdiox86.sys [37944 2010-02-18] (Advanced Micro Devices, Inc. -> Advanced Micro Devices)
R3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [8395776 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> ATI Technologies Inc.)
R3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [247296 2011-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AODDriver4.01; c:\Program Files\ATI Technologies\ATI.ACE\Fuel\i386\AODDriver2.sys [39424 2011-06-24] (Advanced Micro Devices) [File not signed]
S2 DgiVecp; C:\Windows\system32\Drivers\DgiVecp.sys [41984 2008-10-28] (Samsung Electronics Co., Ltd.) [File not signed]
S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [108032 2016-04-25] (Samsung Electronics CO., LTD. -> Samsung Electronics Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [252808 2016-08-25] (Microsoft Corporation -> Microsoft Corporation)
S3 MpKsl3ba7fc3a; C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{B186C32C-EB84-48A7-B9CE-5A4330899582}\MpKslDrv.sys [36072 2021-09-17] (Microsoft Windows -> Microsoft Corporation)
S3 nmwcd; C:\Windows\System32\drivers\ccdcmb.sys [18560 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 nmwcdc; C:\Windows\System32\drivers\ccdcmbo.sys [23168 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 qcusbser-forge; C:\Windows\System32\DRIVERS\qcusbser.sys [214080 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
S3 qcusbwwan-forge; C:\Windows\System32\DRIVERS\qcusbwwan.sys [422976 2015-06-08] (Microsoft Windows Hardware Compatibility Publisher -> FORGE Incorporated)
R2 SSPORT; C:\Windows\system32\Drivers\SSPORT.sys [5120 2008-10-27] (Samsung Electronics) [File not signed]
S3 ss_bbus; C:\Windows\System32\DRIVERS\ss_bbus.sys [98432 2009-09-19] (MCCI Corporation -> MCCI)
S3 upperdev; C:\Windows\System32\DRIVERS\usbser_lowerflt.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [15872 2013-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 UsbserFilt; C:\Windows\System32\DRIVERS\usbser_lowerfltj.sys [8192 2012-11-16] (Microsoft Windows Hardware Compatibility Publisher -> Nokia)
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 15:19 - 2021-09-17 15:19 - 000000020 _____ C:\Windows\xцВ
2021-09-17 08:37 - 2021-09-17 08:37 - 000000000 ____D C:\Users\Administrator\vmlogs
2021-09-17 08:33 - 2021-09-17 08:48 - 000000000 ____D C:\Users\Administrator\AppData\Local\Nox
2021-09-17 08:19 - 2021-09-17 08:19 - 000000000 ____D C:\SecurityCheck
2021-09-16 11:55 - 2021-09-17 15:30 - 000000000 ____D C:\FRST
2021-09-16 11:38 - 2021-09-16 11:38 - 000006890 _____ C:\Users\Administrator\-1.14-windows.xml
2021-09-16 11:33 - 2021-09-17 08:30 - 000000000 ____D C:\Users\Administrator\AppData\Local\Bluestacks
2021-09-16 11:33 - 2021-09-16 11:33 - 000000000 ____D C:\Users\Public\BlueStacks
2021-09-16 08:54 - 2021-09-17 10:14 - 000000262 _____ C:\Users\Administrator\advanced_ip_scanner_MAC.bin
2021-09-16 08:54 - 2021-09-17 10:14 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Comments.bin
2021-09-16 08:54 - 2021-09-17 10:14 - 000000015 _____ C:\Users\Administrator\advanced_ip_scanner_Aliases.bin
2021-09-16 08:51 - 2013-09-26 14:21 - 000000000 ____D C:\Windows\system32\SuperClient2
2021-09-16 08:51 - 2013-09-26 14:07 - 000237568 _____ () C:\Windows\system32\SuperClient Save.exe
2021-09-16 08:48 - 2021-09-16 08:48 - 000000957 _____ C:\Users\Public\Desktop\Advanced IP Scanner.lnk
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced IP Scanner v2
2021-09-16 08:48 - 2021-09-16 08:48 - 000000000 ____D C:\Program Files\Advanced IP Scanner
2021-09-02 09:25 - 2021-09-13 09:22 - 000004464 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-08-31 14:56 - 2021-08-31 14:56 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Adobe

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 15:30 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-09-17 15:30 - 2009-07-14 07:34 - 000024352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-09-17 15:29 - 2013-09-25 11:17 - 000000000 ____D C:\Program Files\Google
2021-09-17 15:27 - 2009-07-14 07:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-09-17 15:16 - 2009-07-14 05:37 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2021-09-17 14:52 - 2018-07-20 08:58 - 000000000 ____D C:\Users\Visitor\AppData\Local\AVAST Software
2021-09-17 14:52 - 2017-07-18 16:00 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-17 14:45 - 2011-04-04 16:21 - 000000924 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA.job
2021-09-17 14:44 - 2018-09-27 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVAST Software
2021-09-17 14:39 - 2017-12-07 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-09-17 14:39 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\inf
2021-09-17 08:48 - 2010-10-25 14:50 - 000000000 ____D C:\Users\Administrator
2021-09-17 08:36 - 2009-07-14 05:37 - 000000000 ____D C:\Windows\Registration
2021-09-16 11:56 - 2010-10-25 14:45 - 000000000 ____D C:\Users\Visitor
2021-09-16 11:56 - 2010-10-25 14:24 - 000000000 ____D C:\Users\Librarian
2021-09-14 09:15 - 2017-06-20 14:26 - 000002176 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-09-14 09:15 - 2017-06-20 14:26 - 000002135 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-09-03 09:16 - 2010-10-30 10:53 - 000000000 ____D C:\Users\Administrator\AppData\Local\Adobe
2021-09-02 12:01 - 2011-04-04 16:21 - 000000872 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core.job
2021-09-02 09:04 - 2018-03-28 15:58 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-02 09:04 - 2017-06-20 14:25 - 000003322 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-09-02 09:04 - 2017-06-20 14:25 - 000003194 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-09-02 09:04 - 2017-06-20 10:51 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-09-02 09:04 - 2013-09-25 11:14 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2021-09-02 09:04 - 2012-07-26 12:09 - 000003068 _____ C:\Windows\system32\Tasks\{B082BF56-1FC4-46B4-A49A-712889734CCB}
2021-09-02 09:04 - 2012-03-30 10:56 - 000003950 _____ C:\Windows\system32\Tasks\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}
2021-09-02 09:04 - 2011-04-04 16:21 - 000003912 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA
2021-09-02 09:04 - 2011-04-04 16:21 - 000003516 _____ C:\Windows\system32\Tasks\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core
2021-09-02 09:04 - 2010-10-24 18:33 - 000002866 _____ C:\Windows\system32\Tasks\{671B1A2E-C698-451F-BF5F-C59EABFF1053}
2021-09-01 12:25 - 2010-10-24 19:51 - 000000000 ____D C:\ProgramData\Adobe
2021-08-31 14:56 - 2010-10-29 10:05 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2021-08-31 14:56 - 2010-10-24 19:26 - 003890712 _____ C:\Windows\system32\perfh01F.dat
2021-08-31 14:56 - 2010-10-24 19:26 - 003245800 _____ C:\Windows\system32\perfc01F.dat
2021-08-31 14:56 - 2010-10-24 18:25 - 000006252 _____ C:\Windows\system32\PerfStringBackup.INI
2021-08-30 23:45 - 2010-10-24 18:20 - 000652664 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe

==================== Files in the root of some directories ========

2010-10-29 19:41 - 2010-10-30 10:58 - 000008049 _____ () C:\Users\Administrator\AppData\Roaming\XeroxFaxOptions.xml
2010-10-26 17:33 - 2010-10-26 17:33 - 000000017 _____ () C:\Users\Administrator\AppData\Local\resmon.resmoncfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-09-09 10:36
==================== End of FRST.txt ========================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 15-09-2021
Ran by Administrator (17-09-2021 15:32:56)
Running from D:\Users\Administrator\Desktop
Microsoft Windows 7 Enterprise  Service Pack 1 (X86) (2010-10-24 19:54:29)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-299244719-1399796724-3294634451-500 - Administrator - Enabled) => C:\Users\Administrator
Guest (S-1-5-21-299244719-1399796724-3294634451-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-299244719-1399796724-3294634451-1002 - Limited - Enabled)
Librarian (S-1-5-21-299244719-1399796724-3294634451-1005 - Limited - Enabled) => C:\Users\Librarian
Visitor (S-1-5-21-299244719-1399796724-3294634451-1006 - Limited - Enabled) => C:\Users\Visitor

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: System Center Endpoint Protection (Enabled - Up to date) {71A27EC9-3DA6-45FC-60A7-004F623C6189}
AS: System Center Endpoint Protection (Enabled - Up to date) {CAC39F2D-1B9C-4A72-5A17-3B3D19BB2B34}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 4.65 (HKLM\...\7-Zip) (Version:  - )
ActiveX контрола на Windows Live Mesh за отдалечени връзки (HKLM\...\{B3BA4D1C-23EF-4859-9C11-1B2CCB7FADBB}) (Version: 15.4.5722.2 - Microsoft Corporation)
Actualizare Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0418-0000-0000000FF1CE}_OMUI.ro-ro_{6195740F-0C89-4CDD-ACAD-67CCE1495348}) (Version:  - Microsoft)
Actualizare Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0418-0000-0000000FF1CE}_OMUI.ro-ro_{E78703E2-69D3-4204-B101-9D8B7B72585C}) (Version:  - Microsoft)
Actualizare Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0418-0000-0000000FF1CE}_OMUI.ro-ro_{1531AE8C-8271-4A8C-9ABA-86AE70B0DA82}) (Version:  - Microsoft)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 3.8.0.870 - Adobe Systems Incorporated)
Adobe Reader XI (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
Advanced IP Scanner 2.5 (HKLM\...\{A1F30E8A-A6A5-4431-ADFD-3119EB6A28B4}) (Version: 2.5.3850 - Famatech)
AMD Catalyst Install Manager (HKLM\...\{EA8D489E-48F5-47E6-901A-C5BCD93B34DC}) (Version: 3.0.838.0 - Advanced Micro Devices, Inc.)
Apple Application Support (HKLM\...\{DAEAFD68-BB4A-4507-A241-C8804D2EA66D}) (Version: 1.3.2 - Apple Inc.)
Apple Software Update (HKLM\...\{6956856F-B6B3-4BE0-BA0B-8F495BE32033}) (Version: 2.1.1.116 - Apple Inc.)
Google Chrome (HKLM\...\Google Chrome) (Version: 93.0.4577.82 - Google LLC)
Google Chrome (HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\Google Chrome) (Version: 10.0.648.204 - Google Inc.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.35.451 - Google LLC) Hidden
HydraVision (HKLM\...\{D09BF567-670F-3849-56C0-06EF96B353DF}) (Version: 4.2.210.0 - Advanced Micro Devices, Inc.) Hidden
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (Türkçe) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1055) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0402-0000-0000000FF1CE}_OMUI.bg-bg_{F396405D-7270-406B-B59C-CC36095EEFB3}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-0418-0000-0000000FF1CE}_OMUI.ro-ro_{13618660-2F11-4E8E-AD45-19D97C3FCF2B}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{90120000-0100-041F-0000-0000000FF1CE}_OMUI.tr-tr_{9B14E574-B6BD-48A8-B1C3-124ED5AAD01A}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Àêòóàëèçàöèÿ (KB963678) (HKLM\...\{90120000-0016-0402-0000-0000000FF1CE}_OMUI.bg-bg_{B3B0B5D0-371D-4211-A43A-B4E70B563756}) (Version:  - Microsoft)
Microsoft Office Excel 2007 Help Güncelleþtirmesi (KB963678) (HKLM\...\{90120000-0016-041F-0000-0000000FF1CE}_OMUI.tr-tr_{E792E914-5172-48B2-A58A-65C3F311C4E2}) (Version:  - Microsoft)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Bulgarian/български (HKLM\...\OMUI.bg-bg) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Romanian/Română (HKLM\...\OMUI.ro-ro) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Language Pack 2007 - Turkish/Türkçe (HKLM\...\OMUI.tr-tr) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0402-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM\...\{95140000-007A-0409-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft Office Powerpoint 2007 Help Àêòóàëèçàöèÿ (KB963669) (HKLM\...\{90120000-0018-0402-0000-0000000FF1CE}_OMUI.bg-bg_{C64A08BB-59AC-4ACE-AF1D-D5225DF9CE2D}) (Version:  - Microsoft)
Microsoft Office Powerpoint 2007 Help Güncelleþtirmesi (KB963669) (HKLM\...\{90120000-0018-041F-0000-0000000FF1CE}_OMUI.tr-tr_{8C762073-C6A4-4A11-A639-1C73014FAE00}) (Version:  - Microsoft)
Microsoft Office Professional Plus 2007 (HKLM\...\PROPLUS) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Proofing Tools Kit 2007 (HKLM\...\PROOFKIT) (Version: 12.0.4518.1070 - Microsoft Corporation)
Microsoft Office Word 2007 Help Àêòóàëèçàöèÿ (KB963665) (HKLM\...\{90120000-001B-0402-0000-0000000FF1CE}_OMUI.bg-bg_{6BECE490-EB24-47FB-B6C9-91724C0B0E6E}) (Version:  - Microsoft)
Microsoft Office Word 2007 Help Güncelleþtirmesi (KB963665) (HKLM\...\{90120000-001B-041F-0000-0000000FF1CE}_OMUI.tr-tr_{96E44099-EB0F-45A3-8831-40412110810D}) (Version:  - Microsoft)
Microsoft Project Professional 2010 (HKLM\...\Office14.PRJPRO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Visio Premium 2010 (HKLM\...\Office14.VISIO) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x86) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x86)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox (en-US) (HKLM\...\{167441FD-6803-47BA-86CE-77CD30C8BDB0}) (Version: 23.0.0.0 - FrontMotion)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Nokia Connectivity Cable Driver (HKLM\...\{BC4AE628-81A4-4FC6-863A-7A9BA2E2531F}) (Version: 7.1.32.69 - )
OCS Inventory NG Agent 2.1.0.1 (HKLM\...\OCS Inventory NG Agent) (Version: 2.1.0.1 - OCS Inventory NG Team)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6383 - Realtek Semiconductor Corp.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-003B-0000-0000-0000000FF1CE}_Office14.PRJPRO_{58FA40EF-ABA9-4FED-AD3D-318A6073934D}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM\...\{90140000-0057-0000-0000-0000000FF1CE}_Office14.VISIO_{359ADBEC-068A-4CC9-9174-77AB8EDB867A}) (Version:  - Microsoft)
SuperClient (HKLM\...\SuperClient) (Version:  - )
System Center Endpoint Protection (HKLM\...\Microsoft Security Client) (Version: 4.10.209.0 - Microsoft Corporation)
Unity Web Player (HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\UnityWebPlayer) (Version: 4.5.1f3 - Unity Technologies ApS)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Winamp (HKLM\...\Winamp) (Version: 5.666  - Nullsoft, Inc)
Winamp Detector Plug-in (HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Xerox Scan Driver (HKLM\...\Xerox_Scan_Utility) (Version:  - )
Xerox WorkCentre 3220 (HKLM\...\Xerox WorkCentre 3220) (Version:  - )

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020420-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020421-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020422-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020423-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020424-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{00020425-0000-0000-C000-000000000046}\InprocServer32 -> C:\Windows\system32\oleaut32.dll (Microsoft Windows -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2009-02-03] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [EPP] -> {09A47860-11B0-4DA5-AFA5-26D86198A780} => C:\Program Files\Microsoft Security Client\shellext.dll [2016-11-14] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll [2011-07-13] (Advanced Micro Devices, Inc.) [File not signed]

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2011-04-11 17:20 - 2011-04-11 17:20 - 000098304 _____ () [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll
2009-01-20 14:51 - 2009-01-20 14:51 - 000007168 _____ () [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atixclib.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000369152 _____ () [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2013-03-06 18:51 - 2013-03-06 18:51 - 000067584 _____ () [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\zlib1.dll
2011-07-13 19:22 - 2011-07-13 19:22 - 000095232 _____ () [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Proxy.Native.dll
2010-10-29 19:40 - 2008-10-28 09:02 - 000184320 _____ () [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\IMFilter.dll
2010-10-29 19:40 - 2008-10-28 09:03 - 001384520 _____ () [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\ssole.dll
2010-10-29 19:20 - 2008-04-24 12:39 - 001310720 _____ () [File not signed] C:\Windows\system32\xeext.dll
2010-10-29 19:40 - 2009-04-02 09:58 - 000094208 _____ () [File not signed] C:\Windows\System32\XeroxFaxPort.dll
2010-10-29 19:20 - 2008-04-24 12:40 - 000151552 _____ () [File not signed] C:\Windows\system32\xesup.dll
2010-10-29 19:20 - 2008-04-24 12:40 - 000364544 _____ () [File not signed] C:\Windows\system32\xipinterp.dll
2010-10-29 19:20 - 2008-04-24 12:41 - 000274432 _____ () [File not signed] C:\Windows\system32\xiputil.dll
2010-10-29 19:20 - 2008-04-24 12:42 - 000909312 _____ () [File not signed] C:\Windows\system32\xrx_xml2.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Actions.CCAA.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000006656 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.DPPE.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.EEU.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.GD.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Hotkeys.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.REG.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000044032 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.Source.Kit.Server.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Plugin.WinMessages.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000034816 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\AEM.Server.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ATICCCom.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000022016 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.Implementation.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000033280 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDOverDrive.Platform.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000040448 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000016896 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000018944 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUOverDrive.Fuel.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000013312 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CPUPStates.Fuel.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormats.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CustomFormatSelection.Graphics.Dashboard.Shared.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000253952 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeskMan.HydraVision.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCRT.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000040960 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceCV.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000053248 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceLCD.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000049152 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceTV.Graphics.shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000025088 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysColour2.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000316416 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysManager.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000028672 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DisplaysOptions.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000048128 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DPPE.Fuel.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000026112 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Fets.Fuel.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000094208 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Grid.HydraVision.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.HotkeysHandling.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000120832 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010240 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MDProp.HydraVision.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000774144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000106496 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000081920 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MMVideo.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 000250368 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000009728 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.MultiDesk.HydraVision.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000050688 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.OverDrive5.Graphics.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000077824 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Radeon3D.Graphics.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000096768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000014848 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.Settings.HydraVision.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000159744 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000013824 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.TransCode.Graphics.shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000033792 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000012288 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.UpdateNotification.Graphics.Shared.dll
2011-07-13 19:28 - 2011-07-13 19:28 - 001259520 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.User.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.WiFi.Fuel.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000019968 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000010752 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Fuel.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000172032 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 001003520 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.Shared.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008192 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Dashboard.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000011776 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.HydraVision.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000011264 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000008704 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Platform.Shared.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000070144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Fusion.Aspects.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 002041344 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects1.Dashboard.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000045056 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.HydraVision.Aspects.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007680 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.ProfileManager2.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000032768 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 001284096 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.Shared.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000007168 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Extension.EEU.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000037376 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.Shared.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000417792 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Systemtray.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000262144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Client.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000061440 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000029184 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000018432 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Foundation.XManifest.dll
2011-06-08 02:26 - 2011-06-08 02:26 - 000020992 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CoreAudioApi.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000006144 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000012800 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Fuel.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000021504 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000055808 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000020480 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Implementation.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000024576 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\LOG.Foundation.Private.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000005632 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Foundation.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000095744 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000015360 _____ (Advanced Micro Devices Inc.) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\NEWAEM.Foundation.dll
2011-06-23 11:51 - 2011-06-23 11:51 - 000094208 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ADL.Foundation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\APM.Server.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000065536 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceDFP.Graphics.Runtime.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000524288 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Dashboard.Shared.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000043520 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.DeviceProperty.Graphics.Runtime.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000240128 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Combined.Graphics.Aspects2.Runtime.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000036352 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Client.Shared.Private.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000376832 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Dashboard.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000057344 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Component.Runtime.dll
2007-08-09 17:58 - 2007-08-09 17:58 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0706.dll
2009-06-17 06:27 - 2009-06-17 06:27 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0709.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0712.dll
2008-04-03 17:29 - 2008-04-03 17:29 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0804.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0805.dll
2008-12-30 12:04 - 2008-12-30 12:04 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0812.dll
2009-06-17 11:24 - 2009-06-17 11:24 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0906.dll
2009-12-08 07:49 - 2009-12-08 07:49 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0912.dll
2010-10-07 14:07 - 2010-10-07 14:07 - 000020480 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1010.dll
2010-11-05 15:18 - 2010-11-05 15:18 - 000016384 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I1011.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000253952 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Implementation.default_Localization.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000373248 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\Localization.Foundation.Private.dll
2011-07-13 19:27 - 2011-07-13 19:27 - 000168960 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Implementation.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000008704 _____ (Advanced Micro Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ResourceManagement.Foundation.Private.dll
2011-07-13 19:24 - 2011-07-13 19:24 - 000654336 _____ (Advanced Micro Devices, Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiacmxx.dll
2011-07-13 19:24 - 2011-07-13 19:24 - 000004608 _____ (Advanced Micro Devices, Inc.) [File not signed] c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\atiamenu.dll
2011-07-13 19:29 - 2011-07-13 19:29 - 000027648 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.AMDHome.Graphics.Dashboard.dll
2011-07-13 19:26 - 2011-07-13 19:26 - 000303104 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Runtime.dll
2011-07-13 19:25 - 2011-07-13 19:25 - 000180224 _____ (Advanced Mirco Devices, Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLI.Caste.Graphics.Shared.dll
2011-07-13 19:22 - 2011-07-13 19:22 - 000037376 _____ (AMD) [File not signed] [File is in use] c:\Program Files\ATI Technologies\ATI.ACE\Fuel\FUEL.Implementation.dll
2010-03-04 01:27 - 2010-03-04 01:27 - 000016384 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Foundation.dll
2009-04-22 13:13 - 2009-04-22 13:13 - 000045056 _____ (ATI Technologies Inc.) [File not signed] [File is in use] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\DEM.Graphics.I0601.dll
2009-02-03 10:09 - 2009-02-03 10:09 - 000069632 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2013-04-03 11:02 - 2013-04-03 11:02 - 000282112 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\OCSInventory Front.dll
2013-04-02 11:48 - 2013-04-02 11:48 - 000036352 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\OcsWmi.dll
2013-04-02 11:49 - 2013-04-02 11:49 - 000696832 _____ (OCS Inventory NG) [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\SysInfo.dll
2010-10-29 19:40 - 2008-10-28 09:03 - 000065536 _____ (Samsung Electronics) [File not signed] C:\Program Files\Xerox\Xerox WorkCentre 3220\PSU\scantopc.dll
2010-10-29 19:40 - 2008-10-28 16:07 - 000081920 _____ (Samsung Electronics) [File not signed] C:\Windows\system32\ssdevm.dll
2013-03-06 18:54 - 2013-03-06 18:54 - 001097216 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] [File is in use] C:\Program Files\OCS Inventory Agent\LIBEAY32.dll
2010-10-29 19:40 - 2009-06-17 16:57 - 000056320 _____ (Windows (R) Codename Longhorn DDK provider) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\xp3220pp.dll
2010-10-30 10:38 - 2009-08-30 16:00 - 000135284 _____ (Xerox Co., Ltd.) [File not signed] C:\Windows\System32\XRZWSLBI.DLL
2010-10-29 19:19 - 2008-04-24 12:37 - 000015360 _____ (Xerox Corp.) [File not signed] C:\Windows\system32\cpsimage2.DLL
2010-10-29 19:20 - 2008-04-15 00:05 - 000168960 _____ (Xerox Corporation) [File not signed] C:\Program Files\Xerox\Scan_Utility\xrxzipst.dll
2010-10-29 19:19 - 2008-05-09 15:39 - 000693760 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\x2upBC.dll
2010-10-29 19:19 - 2008-05-09 15:38 - 001017344 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\DRIVERS\W32X86\3\x2utilBC.dll
2010-10-29 19:19 - 2008-05-09 15:28 - 000010752 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\x5print.dll
2010-10-29 19:20 - 2007-12-05 01:14 - 000812544 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xntWD35u.dll
2010-10-29 19:20 - 2007-11-07 00:26 - 000189952 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xrxWD35u.dll
2010-10-29 19:20 - 2008-04-15 00:15 - 000301568 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35dev.dll
2010-10-29 19:20 - 2008-04-15 00:00 - 000015872 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35pb4.dll
2010-10-29 19:20 - 2008-04-15 00:16 - 000517120 _____ (Xerox Corporation) [File not signed] C:\Windows\system32\xWD35usd.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKU\S-1-5-21-299244719-1399796724-3294634451-1005\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://glbulgaria.bg/
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://glbulgaria.bg/
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP
SearchScopes: HKU\S-1-5-21-299244719-1399796724-3294634451-1006 -> {6E863BA6-C814-463A-976D-F1DFD9CF53A5} URL = hxxps://www.google.com/search?q={searchTerms}
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-09-23] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation -> Microsoft Corporation)
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-1005\...\microsoft.com -> hxxp://www.update.microsoft.com
IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\microsoft.com -> hxxp://www.update.microsoft.com
IE trusted site: HKU\S-1-5-21-299244719-1399796724-3294634451-500\...\microsoft.com -> hxxp://www.update.microsoft.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 05:04 - 2019-03-05 10:55 - 000000830 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\PROGRAM FILES\AMD APP\BIN\X86;%SYSTEMROOT%\SYSTEM32;%SYSTEMROOT%;%SYSTEMROOT%\SYSTEM32\WBEM;%SYSTEMROOT%\SYSTEM32\WINDOWSPOWERSHELL\V1.0\;C:\PROGRAM FILES\ATI TECHNOLOGIES\ATI.ACE\CORE-STATIC
HKU\S-1-5-21-299244719-1399796724-3294634451-1005\Control Panel\Desktop\\Wallpaper -> C:\Users\Librarian\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\Control Panel\Desktop\\Wallpaper -> C:\Users\Visitor\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
HKU\S-1-5-21-299244719-1399796724-3294634451-500\Control Panel\Desktop\\Wallpaper -> 
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{4B6A0928-1FFB-470F-8EE8-24C1AF418F05}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{0DD8DEA7-6914-4711-B7B5-4853E73EDA09}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{593772D5-2F1B-4E96-B44B-BBCBAC742553}] => (Allow) C:\Windows\twain_32\Xerox\WC3220\Sscan2io.exe (Microsoft Windows Hardware Compatibility Publisher -> )
FirewallRules: [{E0789624-7F5E-457D-908F-A25EACF8EC0C}] => (Allow) C:\Windows\twain_32\Xerox\WC3220\Sscan2io.exe (Microsoft Windows Hardware Compatibility Publisher -> )
FirewallRules: [TCP Query User{683B1C10-DAD7-416E-9CC5-82F733AB52C8}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [UDP Query User{E6952A14-9722-4D45-8853-262B2D34F7F3}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [TCP Query User{89FC1343-F583-4CE1-AA03-BF98A64751DE}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [UDP Query User{5FDBBC3F-3347-47E5-84DF-D674073D80C8}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [{EA24F60D-AB3C-4E16-BCBB-7F8F3DC7C1F7}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{6AB3CA84-9832-4835-90A8-DF30591703ED}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{330CDFE1-7F88-4DED-BA99-7591B526DC93}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{80CBF977-FA92-4322-98FA-CF377FE45A81}] => (Allow) C:\Program Files\Winamp\winamp.exe (Nullsoft Inc. -> Nullsoft, Inc.)
FirewallRules: [{8C80F1EC-AC3A-41E8-9197-8FBAA448B1D7}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{23BCBC4D-3097-46FA-AFF2-23EEAD329223}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{6DD26E40-88A9-4DB9-9A2F-17DFF974124F}C:\program files\mozilla firefox\plugin-container.exe] => (Block) C:\program files\mozilla firefox\plugin-container.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BC40229B-75D0-4C66-B4C2-8446C85DB222}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{6157ACE5-F245-4A5B-962D-AE0FC8554C3A}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{9C460051-FB8B-48F4-A192-AF46536808F1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{D9A3A6BD-4538-41C7-A2F8-EB0968FE05D0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{87740570-DDBB-4282-82FC-1341FB030DE6}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File

==================== Restore Points =========================

10-09-2021 09:53:47 Windows Update
14-09-2021 08:58:11 Windows Update
17-09-2021 14:03:37 Revo Uninstaller's restore point - Avast Free Antivirus
17-09-2021 14:05:54 Revo Uninstaller's restore point - Avast Free Antivirus
17-09-2021 14:18:28 Revo Uninstaller's restore point - Avast Secure Browser
17-09-2021 14:32:20 Revo Uninstaller's restore point - Avast Free Antivirus
17-09-2021 15:06:32 Revo Uninstaller's restore point - TeamViewer 7
17-09-2021 15:10:24 Revo Uninstaller's restore point - Adobe Flash Player 32 ActiveX
17-09-2021 15:14:50 Revo Uninstaller's restore point - Windows Live Essentials
17-09-2021 15:16:07 Windows Live Essentials
17-09-2021 15:17:08 WLSetup
17-09-2021 15:22:54 Revo Uninstaller's restore point - Skype™ 7.38
17-09-2021 15:23:12 Removed Skype™ 7.38
17-09-2021 15:24:56 Revo Uninstaller's restore point - Skype Click to Call

==================== Faulty Device Manager Devices ============

Name: PS/2 Compatible Mouse
Description: PS/2 Compatible Mouse
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Standard PS/2 Keyboard
Description: Standard PS/2 Keyboard
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standard keyboards)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 03:31:10 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 03:29:16 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 03:28:10 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 03:16:34 PM) (Source: Microsoft-Windows-RestartManager) (EventID: 10006) (User: GLBG1543PC04)
Description: Application or service 'Windows Search' could not be shut down.

Error: (09/17/2021 03:15:08 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 03:06:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
   Gathering Writer Data

Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {f3a65a4a-ffa9-4035-9e21-0f061227a9ef}

Error: (09/17/2021 02:59:31 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.

Error: (09/17/2021 02:56:57 PM) (Source: OCS Inventory Service) (EventID: 20) (User: )
Description: Service encounter error <OCS Inventory NG Agent encounter an error (exit code is 4 => Failed to talk with Communication Server)>.


System errors:
=============
Error: (09/17/2021 03:29:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга на %1!s! Актуализация (avast) service failed to start due to the following error: 
The system cannot find the file specified.

Error: (09/17/2021 03:27:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.

Error: (09/17/2021 03:27:44 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.

Error: (09/17/2021 03:27:42 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Global Library Service service failed to start due to the following error: 
The service did not respond to the start or control request in a timely fashion.

Error: (09/17/2021 03:27:42 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Global Library Service service to connect.

Error: (09/17/2021 03:26:01 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (09/17/2021 02:55:25 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Услуга на %1!s! Актуализация (avast) service failed to start due to the following error: 
The system cannot find the file specified.

Error: (09/17/2021 02:53:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The DgiVecp service failed to start due to the following error: 
The system cannot find the device specified.


Windows Defender:
================
Date: 2012-04-19 12:53:49.737
Description: 
Windows Defender scan has been stopped before completion.
Scan Type:AntiSpyware
Scan Parameters:Quick Scan

==================== Memory info =========================== 

BIOS: Hewlett-Packard 786G6 v01.15 08/02/2011
Motherboard: Hewlett-Packard 3047h
Processor: AMD Athlon(tm) II X2 220 Processor
Percentage of memory in use: 83%
Total physical RAM: 2813.39 MB
Available physical RAM: 472.63 MB
Total Virtual: 5625.15 MB
Available Virtual: 3359.86 MB

==================== Drives ================================

Drive 😄 (System) (Fixed) (Total:95.14 GB) (Free:26.61 GB) NTFS
Drive d: (Data) (Fixed) (Total:84.57 GB) (Free:77.27 GB) NTFS
Drive e: (Recovery) (Fixed) (Total:52.86 GB) (Free:19.5 GB) NTFS

\\?\Volume{6bba6ecb-5705-11e0-bc6e-806e6f6e6963}\ (BDEDrive) (Fixed) (Total:0.32 GB) (Free:0.28 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 97BE5B6A)
Partition 1: (Not Active) - (Size=95.1 GB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=84.6 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=52.9 GB) - (Type=07 NTFS)
Partition 4: (Active) - (Size=324 MB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Линк към коментара
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool

 

  • Щракнете с десния бутон върху иконата FRST и изберете Изпълнете като администратор
  • Маркирайте  информацията от карето по долу , след което натиснете клавишите Ctrl + C едновременно и текстът ще бъде копиран
  • Няма нужда да поставяте информацията , FRST ще я направи вместо вас.
Start::
CreateRestorePoint:
CloseProcesses:

HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe
Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2021-09-17 14:52 - 2018-07-20 08:58 - 000000000 ____D C:\Users\Visitor\AppData\Local\AVAST Software
2021-09-17 14:52 - 2017-07-18 16:00 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-17 14:44 - 2018-09-27 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVAST Software
2021-09-17 14:39 - 2017-12-07 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-09-02 09:04 - 2018-03-28 15:58 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-02 09:04 - 2017-06-20 10:51 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-09-02 09:04 - 2013-09-25 11:14 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
FirewallRules: [{4B6A0928-1FFB-470F-8EE8-24C1AF418F05}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{0DD8DEA7-6914-4711-B7B5-4853E73EDA09}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [TCP Query User{683B1C10-DAD7-416E-9CC5-82F733AB52C8}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [UDP Query User{E6952A14-9722-4D45-8853-262B2D34F7F3}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [TCP Query User{89FC1343-F583-4CE1-AA03-BF98A64751DE}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [UDP Query User{5FDBBC3F-3347-47E5-84DF-D674073D80C8}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [{EA24F60D-AB3C-4E16-BCBB-7F8F3DC7C1F7}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{6AB3CA84-9832-4835-90A8-DF30591703ED}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{9C460051-FB8B-48F4-A192-AF46536808F1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{D9A3A6BD-4538-41C7-A2F8-EB0968FE05D0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{87740570-DDBB-4282-82FC-1341FB030DE6}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
C:\ProgramData\AVAST Software
VirusTotal: C:\Program Files\LibraryClient\globalLibx32\service.exe
cmd: ipconfig /flushdns

EmptyTemp:
End::

 

ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

Следните директории се изпразват:

  • Windows Temp
  • Users Temp folders
  • Edge, IE, FF, Chrome and Opera caches, HTML5 storages, Cookies and History
  • Recently opened files cache
  • Flash Player cache
  • Java cache
  • Steam HTML cache
  • Explorer thumbnail and icon cache
  • BITS transfer queue (qmgr*.dat files)
  • Recycle Bin

Натиснете бутона Fix само веднъж и изчакайте.


Забележка:    Не е необходимо да поставяте скрипта в FRST .
Рестартирайте компютъра, ако бъдете подканени.
Когато поправката е завършена, FRST ще генерира дневник на същото място, от което е стартиран (Fixlog.txt)
Моля, копирайте и поставете съдържанието му във вашия отговор.

След това:

  • Копирайте/поставете следното в полето Search:
SearchAll: Avast;TeamViewer;Adobe Flash Player
  • Щракнете върху бутона Search Files
  • Когато приключите, щракнете върху OK и на вашия работен плот ще се отвори документ Search.txt
  • Моля, копирайте и поставете съдържанието му във вашия отговор.

Забележка:  Ако файла е много голям и не може да се публикува във форума , архивирайте и качете отчета на външен сървър (например File Dropper , DOX.bg   и включете връзката за изтегляне във вашия следващ отговор.

Линк към коментара
Сподели в други сайтове

на 17.09.2021 г. в 8:24, valyo_93 написа:

Първата програма не ми изкара лог 

 

Аз го виждам на снимката която сте качили ..! 

 

InkedUntitled.jpg.4cf5211d44c776180a3e7500d71ff8b0_LI.jpg

Линк към коментара
Сподели в други сайтове

Fix result of Farbar Recovery Scan Tool (x86) Version: 15-09-2021
Ran by Administrator (20-09-2021 08:00:09) Run:1
Running from D:\Users\Administrator\Desktop
Loaded Profiles: Librarian & Visitor & Administrator
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
CloseProcesses:
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\Run: [AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4] => "C:\Program Files\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{30C521FB-255B-46C8-9F0D-EE5AE371C9AA}] -> "C:\Program Files\AVAST Software\Browser\Application\92.2.11575.159\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(1): schtasks.exe -> /Change /TN "\Adobe Flash Player NPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(2): schtasks.exe -> /Change /TN "\Adobe Flash Player PPAPI Notifier" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(3): schtasks.exe -> /Change /TN "\Adobe Flash Player Updater" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(4): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineCore" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(5): schtasks.exe -> /Change /TN "\GoogleUpdateTaskMachineUA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(6): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005Core" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(7): schtasks.exe -> /Change /TN "\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1005UA" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(8): schtasks.exe -> /Change /TN "\User_Feed_Synchronization-{40BCF64C-47D6-4908-90A6-7F9040AFF644}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(9): schtasks.exe -> /Change /TN "\{671B1A2E-C698-451F-BF5F-C59EABFF1053}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(10): schtasks.exe -> /Change /TN "\{B082BF56-1FC4-46B4-A49A-712889734CCB}" /ENABLE
Task: {4ACC36A1-6617-4B18-891A-78E59130F994} - System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => Command(11): schtasks.exe -> /Change /TN "\AVAST Software\Gaming mode Task Scheduler recovery" /DISABLE
Task: {59788F2F-057B-497D-AD10-26F6EBE7DD6E} - \GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core -> No File <==== ATTENTION
Task: {6E99A771-BE6E-4451-865F-6FB9DCBBDFCE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: {AED1AD05-FC83-4BAD-945F-721B4890EC84} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_pepper.exe
Task: {BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_433_Plugin.exe
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\...\MountPoints2: {6a2c2d8e-b410-11e3-9029-3cd92b632c53} - G:\Autorun.exe {D2D77DC2-8299-11D1-8949-444553540000} 5.2066.1.9B05 PID_0083
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User: Restriction <==== ATTENTION
GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User: Restriction <==== ATTENTION
Policies: C:\Users\Administrator\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Librarian\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\Visitor\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31]
CHR HKLM\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck]
CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki]
CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_433.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll [No File]
S2 avast; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc [X]
S3 avastm; "C:\Program Files\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc [X]
U1 aswbdisk; no ImagePath
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
2021-09-17 14:52 - 2018-07-20 08:58 - 000000000 ____D C:\Users\Visitor\AppData\Local\AVAST Software
2021-09-17 14:52 - 2017-07-18 16:00 - 000000000 ____D C:\ProgramData\AVAST Software
2021-09-17 14:44 - 2018-09-27 09:25 - 000000000 ____D C:\Users\Administrator\AppData\Local\AVAST Software
2021-09-17 14:39 - 2017-12-07 11:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-09-02 09:04 - 2018-03-28 15:58 - 000004474 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2021-09-02 09:04 - 2017-06-20 10:51 - 000004486 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier
2021-09-02 09:04 - 2013-09-25 11:14 - 000004312 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.27.5\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.2.183.39\goopdate.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.79\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.145\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.123\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.153\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.22.3\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.165\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.115\psuser.dll => No File
CustomCLSID: HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9}\InprocServer32 -> C:\Users\Administrator\AppData\Local\Google\Update\1.3.21.111\psuser.dll => No File
FirewallRules: [{4B6A0928-1FFB-470F-8EE8-24C1AF418F05}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{0DD8DEA7-6914-4711-B7B5-4853E73EDA09}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [TCP Query User{683B1C10-DAD7-416E-9CC5-82F733AB52C8}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [UDP Query User{E6952A14-9722-4D45-8853-262B2D34F7F3}F:\windows utilities\installer32\installationmanager.exe] => (Block) F:\windows utilities\installer32\installationmanager.exe => No File
FirewallRules: [TCP Query User{89FC1343-F583-4CE1-AA03-BF98A64751DE}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [UDP Query User{5FDBBC3F-3347-47E5-84DF-D674073D80C8}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe] => (Allow) C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe => No File
FirewallRules: [{EA24F60D-AB3C-4E16-BCBB-7F8F3DC7C1F7}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{6AB3CA84-9832-4835-90A8-DF30591703ED}] => (Allow) C:\Program Files\Opera\opera.exe => No File
FirewallRules: [{9C460051-FB8B-48F4-A192-AF46536808F1}] => (Allow) C:\Program Files\BlueStacks_nxt\HD-Player.exe => No File
FirewallRules: [{D9A3A6BD-4538-41C7-A2F8-EB0968FE05D0}] => (Allow) D:\Program Files\Nox\bin\Nox.exe => No File
FirewallRules: [{87740570-DDBB-4282-82FC-1341FB030DE6}] => (Allow) C:\Program Files\Bignox\BigNoxVM\RT\NoxVMHandle.exe => No File
C:\ProgramData\AVAST Software
VirusTotal: C:\Program Files\LibraryClient\globalLibx32\service.exe
cmd: ipconfig /flushdns
EmptyTemp:

*****************

Restore point was successfully created.
Processes closed successfully.
"HKU\S-1-5-21-299244719-1399796724-3294634451-1006\Software\Microsoft\Windows\CurrentVersion\Run\\AvastBrowserAutoLaunch_9E0AB01C37B94381383AE0CDA0DCCFE4" => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{30C521FB-255B-46C8-9F0D-EE5AE371C9AA} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4ACC36A1-6617-4B18-891A-78E59130F994}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994}" => removed successfully.
C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery" => removed successfully.
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4ACC36A1-6617-4B18-891A-78E59130F994} => not found
"C:\Windows\System32\Tasks\AVAST Software\Gaming mode Task Scheduler recovery" => not found
HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AVAST Software\Gaming mode Task Scheduler recovery => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{59788F2F-057B-497D-AD10-26F6EBE7DD6E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{59788F2F-057B-497D-AD10-26F6EBE7DD6E}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskUserS-1-5-21-299244719-1399796724-3294634451-1001Core" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E99A771-BE6E-4451-865F-6FB9DCBBDFCE}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E99A771-BE6E-4451-865F-6FB9DCBBDFCE}" => removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{AED1AD05-FC83-4BAD-945F-721B4890EC84}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{AED1AD05-FC83-4BAD-945F-721B4890EC84}" => removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player PPAPI Notifier" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBBB72F5-3A2B-4A01-A640-A5FF57FD1EB6}" => removed successfully.
C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player NPAPI Notifier" => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-1006\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{6a2c2d8e-b410-11e3-9029-3cd92b632c53} => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1006\User => moved successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-299244719-1399796724-3294634451-1005\User => moved successfully
C:\Users\Administrator\NTUSER.pol => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
C:\Users\Librarian\NTUSER.pol => moved successfully
C:\Users\Visitor\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer => removed successfully.
CHR Extension: (Avast Online Security) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2021-08-31] => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Google\Chrome\Extensions\eofcbnmajmjmplflapaojjnihcjkigck => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\gomekmidlodglbbmalcneegieacbdmki => removed successfully.
HKLM\SOFTWARE\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl => removed successfully.
HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109 => removed successfully.
HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513 => removed successfully.
HKLM\System\CurrentControlSet\Services\avast => removed successfully.
avast => service removed successfully.
HKLM\System\CurrentControlSet\Services\avastm => removed successfully.
avastm => service removed successfully.
HKLM\System\CurrentControlSet\Services\aswbdisk => removed successfully.
aswbdisk => service removed successfully.
HKLM\System\CurrentControlSet\Services\Synth3dVsc => removed successfully.
Synth3dVsc => service removed successfully.
HKLM\System\CurrentControlSet\Services\tsusbhub => removed successfully.
tsusbhub => service removed successfully.
HKLM\System\CurrentControlSet\Services\VGPU => removed successfully.
VGPU => service removed successfully.
C:\Users\Visitor\AppData\Local\AVAST Software => moved successfully
C:\ProgramData\AVAST Software => moved successfully
C:\Users\Administrator\AppData\Local\AVAST Software => moved successfully
C:\Windows\system32\Tasks\Avast Software => moved successfully
"C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier" => not found
"C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier" => not found
"C:\Windows\system32\Tasks\Adobe Flash Player Updater" => not found
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{1423F872-3F7F-4E57-B621-8B1A9D49B448} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{29A96789-9595-4947-BEDB-0FCC776F7DB8} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{320F0FDB-BE0A-4648-9D18-4A2C3448C007} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{62A0D750-DED9-448C-B693-406B34BB0892} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{634059C0-D264-4B2C-AE80-F73E48D33E5B} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{6D7374DE-63AA-473C-8C02-60D9CDCD84C5} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A45426FB-E444-42B2-AA56-419F8FBEEC61} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{A54D478D-4F70-4F72-9A74-17C9986E35AB} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{C5A2122B-A05B-4FD8-AE49-91990AE10998} => removed successfully.
HKU\S-1-5-21-299244719-1399796724-3294634451-500_Classes\CLSID\{FB994D36-B312-46CE-A40B-CF63980641F9} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{4B6A0928-1FFB-470F-8EE8-24C1AF418F05}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0DD8DEA7-6914-4711-B7B5-4853E73EDA09}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{683B1C10-DAD7-416E-9CC5-82F733AB52C8}F:\windows utilities\installer32\installationmanager.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E6952A14-9722-4D45-8853-262B2D34F7F3}F:\windows utilities\installer32\installationmanager.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{89FC1343-F583-4CE1-AA03-BF98A64751DE}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{5FDBBC3F-3347-47E5-84DF-D674073D80C8}C:\program files\panda security\panda antivirus pro 2012\apvxdwin.exe" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EA24F60D-AB3C-4E16-BCBB-7F8F3DC7C1F7}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{6AB3CA84-9832-4835-90A8-DF30591703ED}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C460051-FB8B-48F4-A192-AF46536808F1}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D9A3A6BD-4538-41C7-A2F8-EB0968FE05D0}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{87740570-DDBB-4282-82FC-1341FB030DE6}" => removed successfully.
"C:\ProgramData\AVAST Software" => not found
VirusTotal: C:\Program Files\LibraryClient\globalLibx32\service.exe => https://www.virustotal.com/gui/file/c6b0cb2d04b721726d5a975b2e190977556f398f53ef05c0d347727a9bc76229/detection/f-c6b0cb2d04b721726d5a975b2e190977556f398f53ef05c0d347727a9bc76229-1630691698

========= ipconfig /flushdns =========


Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========


=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 15312133 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1434790407 B
Edge => 0 B
Chrome => 261633559 B
Firefox => 22497090 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 66228 B
Public => 66228 B
ProgramData => 66228 B
systemprofile => 229997 B
LocalService => 362241 B
NetworkService => 1084473624 B
pc => 1084473624 B
ok => 1084473624 B
Librarian => 1099033498 B
Visitor => 1906198531 B
test => 1906198531 B
Administrator => 2254471503 B

RecycleBin => 2034722293 B
EmptyTemp: => 13.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 08:14:31 ====

 

 

Farbar Recovery Scan Tool (x86) Version: 15-09-2021
Ran by Administrator (20-09-2021 08:29:06)
Running from D:\Users\Administrator\Desktop
Boot Mode: Normal

================== Search Files: "Avast;TeamViewer;Adobe Flash Player" =============


====== End of Search ======

 

Линк към коментара
Сподели в други сайтове

Здравейте..! Фикса е сработил..! Кажете ми как се държи сега компютъра ,..? 

 

на 17.09.2021 г. в 15:42, valyo_93 написа:

Advanced IP Scanner

С каква цел в това читалище ( библиотека) използвате тази програма ...? Нужна ли ви е  или временно е инсталирана..? 

 

Линк към коментара
Сподели в други сайтове

System File Checker (SFC)

 

  • Натиснете клавишна комбинация Windows + R. Това ще отвори полето Run.
  • Напишете CMD и натиснете клавишна комбинация  Ctrl + Shift + Enter, за да отворите command prompt като администратор
  • В командния ред копирайте :
sfc /scannow

SFC ще започне да сканира вашата система за повредени системни файлове. Това може да отнеме известно време.

  • След като приключи, моля, отворете командния ред, като натиснете клавишна комбинация  Windows + R, въведете cmd и натиснете Enter, след което поставете съдържанието на полето  по-долу в Command Prompt.
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Натиснете Enter, след като го поставите в командния ред.

След като процедурата завърши, файлът, наречен sfcdetails.txt ще бъде запазен на работния ви плот. Моля, публикувайте го в следващия си отговор.

 

Check disk

 

  • Натиснете клавишна комбинация Windows + R. Това ще отвори полето Run.
  • Напишете CMD и натиснете клавишна комбинация  Ctrl + Shift + Enter, за да отворите command prompt като администратор
  • В командния ред копирайте :
chkdsk C: /r
  • Ще получите съобщение, че операцията не може да се извърши, докато системата се използва, и ще попитате дали искате да проверите, когато рестартирате компютъра. Изберете Да (Yes) и след това рестартирайте компютъра, позволявайки проверката на диска да се стартира при стартиране.
  • Процесът ще отнеме известно време, в зависимост от състоянието на диска.
  • Изтеглете ListChkdskResult от SleepyDude и го запазете на вашия работен плот.
  • Щракнете двукратно върху създадената икона.
  • Ще се отвори файл . Копирайте съдържанието му и го поставете в следващия си отговор.
Линк към коментара
Сподели в други сайтове

Много съжалявам но съм на погребение два дена няма да съм на работа.Много по добре работи.Ип скенера беше инсталиран временно да намеря ип адреса на камера за видео наблюдение ще го изтрия.

Линк към коментара
Сподели в други сайтове

на 24.09.2021 г. в 13:11, valyo_93 написа:

но вече работи добре проблема е решен

В такъв случай:

 

KpRm 
 
Изтеглете  KpRm от kernel-panik и го запишете на вашия работен плот. 

  • Щракнете с десния бутон върху kprm_ (версия) .exe и изберете Изпълни като администратор. 
  • Когато инструментът се отвори, уверете се, че всички квадратчета са отметнати и изберете Изпълни ( Run ).

image.png.ae380ba8b0c6aa27fc373965f56ef973.png

image.png.f90aaeac26b9e18c5ce5f79e34f88914.png

  • След като приключите, щракнете върху OK. 
  • В Notepad ще се отвори журнал, озаглавен kprm- (date) .txt
  • Моля, копирайте и поставете съдържанието му в следващия си отговор.
Линк към коментара
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
  • Горещи теми в мом