Jump to content

I can't win this war...

slavaxy

By slavaxy
in Resolved Malware Removal Logs

 Share

Recommended Posts

slavaxy

slavaxy

Posted
Posted

About 2 weeks ago I downloaded Victoria - program for HDD test. Thought, that first link in Google is safe, it was mistake. My browser will never been the same again :( 

Now, ads everywhere.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 05-12-2016
Ran by slava (administrator) on DESKTOP-BK2OODH (07-12-2016 15:21:55)
Running from C:\Users\slava\Downloads
Loaded Profiles: slava (Available Profiles: defaultuser0 & slava)
Platform: Windows 10 Pro Version 1607 (X64) Language: Russian (Russia)
Internet Explorer Version 11 (Default browser: "C:\Program Files (x86)\Standoor\Application\chrome.exe" "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SafeNet Inc.) C:\Windows\System32\hasplms.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
() C:\Users\slava\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe
(Mega Limited) C:\Users\slava\AppData\Local\MEGAsync\MEGAsync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.winxp\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SndVol.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [558496 2014-02-27] (Adobe Systems Incorporated)
HKLM\...\Run: [DateOption] => C:\Users\slava\AppData\Local\DateOption\regCheck.vbs www.syschecksync.com/?rnd=141 0 0
HKLM\...\Run: [WindowsDefender] => C:\Program Files\Windows Defender\MSASCuiL.exe [631808 2016-09-15] (Microsoft Corporation)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2016-09-22] (Oracle Corporation)
HKLM-x32\...\Run: [FilterOptions] => C:\Users\slava\AppData\Local\FilterOptions\regCheck.vbs www.regtestproc.com/?rnd=141 0 600000
HKLM\...\Policies\Explorer\Run: [TestMenu] => C:\Users\slava\AppData\Local\TestMenu\regCheck.vbs www.testmenu.xyz
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [2860832 2016-10-13] (Valve Corporation)
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27004544 2016-10-17] (Skype Technologies S.A.)
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\...\Run: [MiPhoneManager] => C:\Users\slava\AppData\Local\MiPhoneManager\main\MiPhoneHelper.exe [157624 2016-03-11] ()
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\...\Run: [FileSystemOptions] => C:\Users\slava\AppData\Local\FileSystemOptions\regCheck.vbs www.minipigping.com/?rnd=141 0 1200000
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\...\MountPoints2: {cc0b7216-9dd6-11e6-9062-d43d7ed60e0d} - "F:\setup.exe" 
ShellExecuteHooks:  - {E61BD264-A5BC-11E6-BDC9-64006A5CFC23} - C:\Users\slava\AppData\Roaming\Caduph\Climutholoty.dll No File [ ]
ShellExecuteHooks:  - {BA8D6EE8-AB32-11E6-BE5E-64006A5CFC23} - C:\Users\slava\AppData\Roaming\Lvockcolk\Pjichshowick.dll No File [ ]
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX64.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
ShellIconOverlayIdentifiers-x32: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\slava\AppData\Local\MEGAsync\ShellExtX32.dll [2016-11-14] ()
Startup: C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MEGAsync.lnk [2016-12-06]
ShortcutTarget: MEGAsync.lnk -> C:\Users\slava\AppData\Local\MEGAsync\MEGAsync.exe (Mega Limited)
Startup: C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\regCheck.lnk [2016-12-06]
ShortcutTarget: regCheck.lnk -> C:\Users\slava\AppData\Local\rightchose\regCheck.vbs (No File)
GroupPolicy: Restriction - Chrome <======= ATTENTION
GroupPolicy\User: Restriction <======= ATTENTION
GroupPolicyScripts: Restriction <======= ATTENTION
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{c62ea1aa-5de5-463d-bdef-65296c2de629}: [DhcpNameServer] 192.168.0.1
ManualProxies: 

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131254786337945592&GUID=E9593FC4-93B9-47E1-B683-03874A1E1AE1
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131254786337946809&GUID=E9593FC4-93B9-47E1-B683-03874A1E1AE1
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-1932908965-3883119740-80306019-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131254786337949312&GUID=E9593FC4-93B9-47E1-B683-03874A1E1AE1
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1932908965-3883119740-80306019-1001 -> DefaultScope {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1932908965-3883119740-80306019-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-1932908965-3883119740-80306019-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll [2016-10-30] (Oracle Corporation)
BHO-x32: Поиск@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\slava\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2016-12-04] (Mail.Ru)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2015-07-31] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll [2016-10-30] (Oracle Corporation)
Toolbar: HKLM-x32 - Searchgo - {2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC} - C:\Users\slava\AppData\LocalLow\SearchGo\searchgo.dll No File
Handler-x32: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2015-07-31] (Microsoft Corporation)

Edge: 
======
Edge HomeButtonPage: HKU\S-1-5-21-1932908965-3883119740-80306019-1001 -> hxxp://www.google.com

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2014-04-28] (Adobe Systems)
FF Plugin-x32: @java.com/DTPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\dtplugin\npDeployJava1.dll [2016-10-30] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.111.2 -> C:\Program Files (x86)\Java\jre1.8.0_111\bin\plugin2\npjp2.dll [2016-10-30] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2016-11-17] (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-20] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-11-20] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-10-01] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2014-04-28] (Adobe Systems)
FF Plugin HKU\S-1-5-21-1932908965-3883119740-80306019-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\slava\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-05-09] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2015-07-31] (Microsoft Corporation)

Chrome: 
=======
CHR DefaultProfile: ChromeDefaultData
CHR HomePage: ChromeDefaultData -> mail.ru/cnt/11956636?rciguc__PARAM__
CHR StartupUrls: ChromeDefaultData -> "hxxp://www.luckysearch123.com?type=hp&ts=1480940570&from=86011205&uid=st1000dm003-1ch162_z1d7aslkxxxxz1d7aslk&z=c3cb53044eea4e5222f22fdg0zebde7t6zeefw3m0g"
CHR DefaultSearchURL: ChromeDefaultData -> hxxp://www.google.com/search?hl=en&q={searchTerms}
CHR DefaultSearchKeyword: ChromeDefaultData -> google.com_
CHR Profile: C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData [2016-12-07] <==== ATTENTION
CHR Extension: (Google Slides) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-12-04]
CHR Extension: (Google Docs) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\aohghmighlieiainnegkcijnfilokake [2016-12-04]
CHR Extension: (Google Drive) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-12-04]
CHR Extension: (Adguard AdBlocker) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-12-04]
CHR Extension: (YouTube) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-12-04]
CHR Extension: (Galaxy-View) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-12-04]
CHR Extension: (Google Sheets) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-12-04]
CHR Extension: (Google Docs Offline) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-12-04]
CHR Extension: (A Journey through Middle-earth) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2016-12-04]
CHR Extension: (Instant Translate: Select and Translate) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-12-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-12-04]
CHR Extension: (Gmail) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-12-04]
CHR Extension: (Chrome Media Router) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\ChromeDefaultData\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-12-04]
CHR Profile: C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default [2016-12-04]
CHR Extension: (Google Slides) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-11-20]
CHR Extension: (Pricify) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aipnpjihnnfdmbhpgkhlocbniphkjaod [2016-12-05]
CHR Extension: (Google Docs) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-11-20]
CHR Extension: (Google Drive) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-20]
CHR Extension: (Adguard AdBlocker) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgnkhhnnamicmpeenaelnjfhikgbkllg [2016-11-20]
CHR Extension: (YouTube) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-20]
CHR Extension: (Galaxy-View) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcbeddldohkakodfncjnkkjfojggbahp [2016-11-20]
CHR Extension: (Google Sheets) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-11-20]
CHR Extension: (Google Docs Offline) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-11-20]
CHR Extension: (A Journey through Middle-earth) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjgkjeheegjnnmheaflhdocglkiegoni [2016-11-20]
CHR Extension: (Бесплатные стикеры Вконтакте) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\hfmkikgdalneahcmhpbpfnehplngkimo [2016-12-05]
CHR Extension: (Instant Translate: Select and Translate) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihmgiclibbndffejedjimfjmfoabpcke [2016-11-20]
CHR Extension: (Доступ к Рутрекеру) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmegamngmdjnmkcmemfpidoaoiinoaak [2016-12-05]
CHR Extension: (friGate CDN -uninterrupted access to websites) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbacbcfdfaapbcnlnbmciiaakomhkbkb [2016-11-20]
CHR Extension: (Chrome Web Store Payments) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-11-20]
CHR Extension: (Gmail) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-11-20]
CHR Extension: (Chrome Media Router) - C:\Users\slava\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-11-20]
CHR Profile: C:\Users\slava\AppData\Local\Google\Chrome\User Data\System Profile [2016-12-04]
CHR HKLM-x32\...\Chrome\Extension: [ccfifbojenkenpkmnbnndeadpfdiffof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [icanjjkadceebmhanpekkofdhclnoijl] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [ojlcebdkbpjdpiligkdbbkdkfjmchbfd] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 hasplms; C:\Windows\system32\hasplms.exe [4608320 2014-11-27] (SafeNet Inc.)
R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-11-17] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [458176 2016-11-17] (NVIDIA Corporation)
R2 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-11-17] (NVIDIA Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-16] (Microsoft Corporation)
S2 Themes; C:\Windows\system32\themeservice.dll [70656 2016-07-16] (Microsoft Corporation) [DependOnService: iThemes5]<==== ATTENTION
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
S2 Bulerty; C:\Program Files (x86)\Mitutainceters\AtzCld.dll [X]
S2 ed2kidle; "C:\Program Files (x86)\amuleC1\ed2k.exe" -downloadwhenidle [X]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [131712 2016-09-05] (Samsung Electronics Co., Ltd.)
R2 hardlock; C:\Windows\system32\drivers\hardlock.sys [331608 2014-11-27] (SafeNet Inc.)
R2 IntelHaxm; C:\Windows\system32\DRIVERS\IntelHaxm.sys [91256 2016-11-11] (Intel  Corporation)
S3 NetAdapterCx; C:\Windows\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_410e5247be0e5f00\nvlddmkm.sys [14174256 2016-11-18] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-11-17] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [46016 2016-11-17] (NVIDIA Corporation)
S3 PortTalk; C:\Windows\SysWOW64\Drivers\PortTalk.sys [3567 2002-01-12] (Beyond Logic hxxp://www.beyondlogic.org) [File not signed]
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [589824 2016-07-16] (Realtek                                            )
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [12352 2010-07-02] ()
S0 WdBoot; C:\Windows\System32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [159936 2016-08-16] (MBB)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
S1 aqdqglmw; \??\C:\Windows\system32\drivers\aqdqglmw.sys [X]
S1 baeckqyi; \??\C:\Windows\system32\drivers\baeckqyi.sys [X]
S1 bajqrpbu; \??\C:\Windows\system32\drivers\bajqrpbu.sys [X]
S1 cfpsgxkr; \??\C:\Windows\system32\drivers\cfpsgxkr.sys [X]
S1 doqbxdqs; \??\C:\Windows\system32\drivers\doqbxdqs.sys [X]
S1 fetmikps; \??\C:\Windows\system32\drivers\fetmikps.sys [X]
S1 fpjsylmh; \??\C:\Windows\system32\drivers\fpjsylmh.sys [X]
S1 grqfwhkh; \??\C:\Windows\system32\drivers\grqfwhkh.sys [X]
S1 ipiipbpn; \??\C:\Windows\system32\drivers\ipiipbpn.sys [X]
S1 kykcsbvt; \??\C:\Windows\system32\drivers\kykcsbvt.sys [X]
S1 lssrykvu; \??\C:\Windows\system32\drivers\lssrykvu.sys [X]
S1 lwzkvaeh; \??\C:\Windows\system32\drivers\lwzkvaeh.sys [X]
S1 mkhmugww; \??\C:\Windows\system32\drivers\mkhmugww.sys [X]
S1 muialetx; \??\C:\Windows\system32\drivers\muialetx.sys [X]
S1 nrrscumo; \??\C:\Windows\system32\drivers\nrrscumo.sys [X]
S1 olhttvoz; \??\C:\Windows\system32\drivers\olhttvoz.sys [X]
S1 pxmgurfg; \??\C:\Windows\system32\drivers\pxmgurfg.sys [X]
S1 ServiceMgr; system32\drivers\ServiceMgr.sys [X]
S1 vijzxkdl; \??\C:\Windows\system32\drivers\vijzxkdl.sys [X]
S1 vzizpsda; \??\C:\Windows\system32\drivers\vzizpsda.sys [X]
S1 wxtryvxo; \??\C:\Windows\system32\drivers\wxtryvxo.sys [X]
S1 xloohkee; \??\C:\Windows\system32\drivers\xloohkee.sys [X]
S1 ysrjjact; \??\C:\Windows\system32\drivers\ysrjjact.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 15:21 - 2016-12-07 15:23 - 00024314 _____ C:\Users\slava\Downloads\FRST.txt
2016-12-07 15:21 - 2016-12-07 15:21 - 00000000 ____D C:\FRST
2016-12-07 15:20 - 2016-12-07 15:20 - 02419712 _____ (Farbar) C:\Users\slava\Downloads\FRST64.exe
2016-12-06 22:19 - 2016-12-06 22:19 - 00000000 ____D C:\Windows\%LOCALAPPDATA%
2016-12-06 21:42 - 2016-12-06 22:47 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-12-06 21:41 - 2016-12-06 22:17 - 00001191 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-12-06 21:41 - 2016-12-06 21:41 - 22851472 _____ (Malwarebytes ) C:\Users\slava\Downloads\mbam-setup-2.2.1.1043 (3).exe
2016-12-06 21:41 - 2016-12-06 21:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-12-06 21:41 - 2016-12-06 21:41 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-12-06 21:41 - 2016-03-10 14:09 - 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-12-06 21:41 - 2016-03-10 14:08 - 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-12-06 21:41 - 2016-03-10 14:08 - 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-12-06 21:40 - 2016-12-06 21:40 - 00000040 _____ C:\Program Files (x86)\settings.dat
2016-12-06 21:40 - 2016-12-06 21:40 - 00000000 ____D C:\Program Files (x86)\reports
2016-12-06 21:40 - 2016-12-06 21:40 - 00000000 _____ C:\Program Files (x86)\metadata
2016-12-06 18:36 - 2016-12-06 18:36 - 00485653 _____ C:\Users\slava\Desktop\Новая папка.rar
2016-12-06 18:35 - 2016-12-06 18:35 - 02179856 _____ C:\Users\slava\Downloads\winrar-x64-540.exe
2016-12-06 18:35 - 2016-12-06 18:35 - 00000000 ____D C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-06 18:35 - 2016-12-06 18:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2016-12-06 18:35 - 2016-12-06 18:35 - 00000000 ____D C:\Program Files\WinRAR
2016-12-05 22:22 - 2016-12-05 22:22 - 00000000 _____ C:\Users\Public\Documents\report.dat
2016-12-05 22:19 - 2016-12-05 22:19 - 00000000 ____D C:\Users\slava\AppData\Local\Standoor
2016-12-05 22:18 - 2016-12-06 22:09 - 00000000 _____ C:\Users\Public\Documents\temp.dat
2016-12-05 22:18 - 2016-12-05 22:19 - 00000000 ____D C:\Program Files (x86)\Standoor
2016-12-05 22:18 - 2016-12-05 22:18 - 00000000 ____D C:\Windows\system32\log
2016-12-05 20:41 - 2016-12-05 20:41 - 00014514 _____ C:\Windows\System32\Tasks\WinTOOL
2016-12-05 16:44 - 2016-12-06 22:17 - 00001311 _____ C:\Users\slava\Desktop\Google Chrome.lnk
2016-12-05 00:44 - 2016-12-05 00:51 - 00000384 _____ C:\Users\slava\Desktop\План.txt
2016-12-04 21:26 - 2016-12-04 21:26 - 00000000 ____D C:\Windows\SysWOW64\Drivers\350c988d54b8ededcb1025c1d19d434b.sys
2016-12-04 21:26 - 2016-12-04 21:26 - 00000000 ____D C:\Users\slava\AppData\LocalLow\VK OK AdBlock
2016-12-04 21:26 - 2016-12-04 21:26 - 00000000 ____D C:\Users\defaultuser0\AppData\LocalLow\VK OK AdBlock
2016-12-04 21:26 - 2016-12-04 21:26 - 00000000 ____D C:\Program Files\899e13a22d896316361fbdfad29ccae7
2016-12-04 18:26 - 2016-12-04 18:26 - 00000000 ____D C:\Users\slava\Downloads\Windows 10 x86-x64 Pro vl 1607 Ru by OVGorskiy 10.2016
2016-12-04 18:02 - 2016-12-04 18:03 - 01065376 _____ (Google Inc.) C:\Users\slava\Downloads\ChromeSetup (3).exe
2016-12-04 17:49 - 2016-12-06 16:21 - 00000512 _____ C:\Windows\Tasks\phoenix.engine.v01.212711.job
2016-12-04 17:49 - 2016-12-04 17:49 - 00003342 _____ C:\Windows\System32\Tasks\phoenix.engine.v01.212711
2016-12-04 17:34 - 2016-12-06 17:10 - 00000000 ____D C:\Users\slava\AppData\Local\Mail.Ru
2016-12-04 17:34 - 2016-12-06 17:10 - 00000000 ____D C:\Program Files (x86)\Mail.Ru
2016-12-04 17:26 - 2016-12-04 17:26 - 00006136 _____ C:\Windows\System32\Tasks\Qologh Schedule
2016-12-04 17:26 - 2016-12-04 17:26 - 00003676 _____ C:\Windows\System32\Tasks\e6d411c8db67403bbe9194683a37edb0
2016-12-04 17:25 - 2016-12-06 17:10 - 00000000 ____D C:\Users\slava\AppData\Roaming\Lvockcolk
2016-12-04 17:25 - 2016-12-04 17:26 - 00000000 ____D C:\Users\slava\AppData\Local\Zederpyaterlesy
2016-12-04 15:02 - 2016-12-04 15:02 - 02933474 _____ (Andrew Zhezherun) C:\Users\slava\Downloads\WinDjView-2.1-Setup (1).exe
2016-12-04 15:02 - 2016-12-04 15:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinDjView
2016-12-04 15:02 - 2016-12-04 15:02 - 00000000 ____D C:\Program Files\WinDjView
2016-12-03 22:55 - 2016-12-03 22:56 - 03593775 _____ C:\Users\slava\Downloads\videoplayback.m4a
2016-12-03 21:38 - 2016-12-04 00:35 - 00001310 _____ C:\Users\slava\Desktop\New Text Document (4).txt
2016-12-03 16:22 - 2016-12-03 16:22 - 00000000 ____D C:\Users\slava\Documents\build-Olimp1-Desktop_Qt_5_7_0_MinGW_32bit-Debug
2016-12-03 16:20 - 2016-12-03 17:00 - 00000000 ____D C:\Users\slava\Documents\Olimp1
2016-12-03 15:15 - 2016-12-03 15:51 - 00002187 _____ C:\Users\slava\Desktop\кислота.txt
2016-12-02 17:35 - 2016-12-06 21:57 - 00000000 ____D C:\Program Files\Unlocker
2016-12-02 17:35 - 2016-12-02 17:35 - 00000000 ____D C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Unlocker
2016-12-02 17:34 - 2016-12-02 17:35 - 00402911 _____ C:\Users\slava\Downloads\Unlocker1.9.2.exe
2016-12-02 17:26 - 2016-12-06 22:18 - 00001243 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DeadLock.lnk
2016-12-02 17:26 - 2016-12-04 17:26 - 00000000 ____D C:\Program Files (x86)\CodeDead
2016-12-02 17:26 - 2016-12-02 17:26 - 00000000 ____D C:\Users\slava\AppData\Local\IsolatedStorage
2016-12-02 17:26 - 2016-12-02 17:26 - 00000000 ____D C:\Users\slava\AppData\Local\CodeDead
2016-12-02 17:25 - 2016-12-02 17:25 - 05648447 _____ (CodeDead ) C:\Users\slava\Downloads\dl_setup.exe
2016-12-02 16:11 - 2016-12-02 16:11 - 00000000 _____ C:\Users\slava\Desktop\New Text Document (3).txt
2016-12-02 13:06 - 2016-12-02 13:06 - 00000000 ____D C:\Users\slava\Documents\build-Lab_3-Desktop_Qt_5_7_0_MinGW_32bit-Debug
2016-12-02 13:03 - 2016-12-02 17:37 - 00000000 ____D C:\Users\slava\Documents\Lab_3
2016-12-02 10:48 - 2016-12-02 10:50 - 00000000 ____D C:\Users\slava\Desktop\Clickermann v4.12
2016-12-02 10:47 - 2016-12-02 10:47 - 02008780 _____ C:\Users\slava\Downloads\clickermann_last.zip
2016-12-02 07:52 - 2016-12-02 07:52 - 00000000 ____D C:\Users\slava\Desktop\Coding
2016-12-01 00:31 - 2016-12-01 00:31 - 00000000 ____D C:\Program Files\Intel
2016-12-01 00:31 - 2016-11-11 16:34 - 00091256 _____ (Intel Corporation) C:\Windows\system32\Drivers\IntelHaxm.sys
2016-12-01 00:24 - 2016-12-01 00:24 - 00000000 ____D C:\Users\slava\AndroidStudioProjects
2016-12-01 00:24 - 2016-12-01 00:24 - 00000000 ____D C:\Users\slava\.gradle
2016-11-30 22:50 - 2016-12-06 22:17 - 00001505 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
2016-11-30 22:49 - 2016-11-17 23:45 - 00101824 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
2016-11-30 22:49 - 2016-11-17 23:45 - 00091584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
2016-11-30 18:46 - 2016-11-30 18:47 - 00000000 ____D C:\Users\slava\.AndroidStudio2.2
2016-11-30 18:18 - 2016-11-30 18:18 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Android Studio
2016-11-30 18:04 - 2016-11-30 18:04 - 00000000 ____D C:\Users\slava\Documents\build-Test-Desktop_Qt_5_7_0_MinGW_32bit-Debug
2016-11-30 18:04 - 2016-11-30 18:04 - 00000000 ____D C:\Users\slava\AppData\Local\Android
2016-11-30 18:03 - 2016-11-30 18:27 - 00000000 ____D C:\Users\slava\Documents\Test
2016-11-30 18:00 - 2016-11-30 18:24 - 2243964514 _____ C:\Users\slava\Downloads\Katastr0fa.mkv
2016-11-30 18:00 - 2016-11-30 18:00 - 00000000 ____D C:\Program Files\Android
2016-11-30 17:28 - 2016-11-30 17:34 - 1721650280 _____ (Google Inc.) C:\Users\slava\Downloads\android-studio-bundle-145.3360264-windows.exe
2016-11-29 18:50 - 2016-11-29 18:52 - 00000000 ____D C:\Users\slava\Downloads\Bessonnica.2002.DUAL.BDRip.XviD.AC3.-HQCLUB
2016-11-29 18:09 - 2016-11-29 18:09 - 01932769 _____ C:\Users\slava\Downloads\ProcessExplorer.zip
2016-11-29 18:09 - 2016-11-29 18:09 - 00000000 ____D C:\Users\slava\Desktop\New folder
2016-11-29 17:53 - 2016-11-30 10:00 - 00001550 _____ C:\Users\slava\Desktop\Паста для двача.txt
2016-11-28 23:32 - 2016-11-28 23:32 - 07186992 _____ (Microsoft Corporation) C:\Users\slava\Downloads\vcredist_x64.exe
2016-11-28 23:28 - 2016-11-28 23:28 - 00000000 ____D C:\usb_driver
2016-11-28 23:13 - 2016-11-28 23:54 - 00000000 ____D C:\Users\slava\Desktop\прошивка
2016-11-28 23:13 - 2016-11-28 23:17 - 17612802 _____ C:\Users\slava\Downloads\heimdall-suite-1.4.0-win32.zip
2016-11-28 22:55 - 2016-11-30 22:49 - 00000000 ____D C:\Windows\LastGood
2016-11-28 22:55 - 2016-11-28 22:55 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUSB_01007.Wdf
2016-11-28 22:50 - 2016-11-28 22:50 - 07383040 _____ C:\Users\slava\Desktop\twrp-2.8.5.0-p5100.tar
2016-11-28 22:46 - 2016-11-28 22:46 - 00000000 ____D C:\Users\slava\Desktop\Odin307
2016-11-28 22:42 - 2016-11-28 22:42 - 07380992 _____ C:\Users\slava\Downloads\twrp-2.8.5.0-p5100.img
2016-11-28 22:40 - 2016-11-28 22:40 - 00000000 ____D C:\Program Files\SAMSUNG
2016-11-28 22:40 - 2016-09-05 05:47 - 01499408 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01007.dll
2016-11-28 22:40 - 2016-09-05 05:47 - 00716920 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller.dll
2016-11-28 22:38 - 2016-11-28 22:38 - 16007072 _____ (SAMSUNG Electronics Co., Ltd.) C:\Users\slava\Downloads\SAMSUNG_USB_Driver_for_Mobile_Phones_v1.5.45.00.exe
2016-11-28 22:38 - 2016-11-28 22:38 - 00002623 _____ C:\Users\slava\Downloads\P5100+-+P5110+Pit+Files.zip
2016-11-28 22:37 - 2016-11-28 22:37 - 00464072 _____ C:\Users\slava\Downloads\Odin307.zip
2016-11-27 21:09 - 2016-11-27 21:09 - 03715203 _____ C:\Users\slava\Desktop\14802407663853.webm
2016-11-26 16:47 - 2016-11-26 16:47 - 00000000 ____H C:\Users\Все пользователи\DP45977C.lfl
2016-11-26 16:47 - 2016-11-26 16:47 - 00000000 ____H C:\ProgramData\DP45977C.lfl
2016-11-26 16:47 - 2016-11-26 16:47 - 00000000 ____D C:\Windows\SysWOW64\RTCOM
2016-11-26 16:47 - 2016-11-26 16:47 - 00000000 ____D C:\Windows\system32\DAX2
2016-11-26 16:47 - 2016-11-26 16:47 - 00000000 ____D C:\Program Files\Realtek
2016-11-26 15:30 - 2016-11-26 15:30 - 00190851 _____ C:\Users\slava\Desktop\2017-blank-yearly-calendar-template.pdf
2016-11-25 19:23 - 2016-11-25 19:23 - 00000000 ____D C:\Users\slava\AppData\Local\Tempzxpsignec6faff5f5731130
2016-11-25 19:22 - 2016-11-25 19:22 - 00000000 ____D C:\Users\slava\AppData\Local\Tempzxpsign3a618fce6976329d
2016-11-25 18:37 - 2016-11-26 16:50 - 00000000 ____D C:\Users\slava\AppData\Roaming\ibeib
2016-11-25 16:18 - 2016-11-25 18:44 - 00000509 _____ C:\Users\slava\Desktop\New Text Document (2).txt
2016-11-25 16:03 - 2016-11-25 16:03 - 00000000 _____ C:\Users\slava\Desktop\New Text Document.txt
2016-11-22 20:33 - 2016-12-05 18:56 - 00034328 _____ (Sysinternals - www.sysinternals.com) C:\Windows\system32\Drivers\PROCEXP152.SYS
2016-11-22 17:05 - 2016-11-22 17:05 - 00000000 ____D C:\Users\slava\AppData\Local\Apple Computer
2016-11-21 19:54 - 2016-11-21 19:59 - 00000000 ____D C:\Users\slava\Downloads\Terminator.1984.DUAL.BDRip.XviD.AC3.-HQCLUB
2016-11-21 19:47 - 2016-11-22 18:30 - 00000267 _____ C:\Users\slava\Desktop\АКСИОМЫ ГЛУПОСТИ.txt
2016-11-20 18:46 - 2016-11-20 18:46 - 00892416 _____ (Farbar) C:\Users\slava\Downloads\MiniToolBox.exe
2016-11-20 18:33 - 2016-11-20 18:33 - 11646112 _____ (ESET) C:\Users\slava\Downloads\avremover_nt64_enu.exe
2016-11-20 18:19 - 2016-12-06 22:18 - 00002273 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-11-20 18:18 - 2016-11-26 23:49 - 00000928 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-11-20 18:18 - 2016-11-26 23:49 - 00000924 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-11-20 18:18 - 2016-11-20 18:18 - 01065376 _____ (Google Inc.) C:\Users\slava\Downloads\ChromeSetup (2).exe
2016-11-20 18:18 - 2016-11-20 18:18 - 00003986 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-11-20 18:18 - 2016-11-20 18:18 - 00003754 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-11-20 17:59 - 2016-11-20 17:59 - 22851472 _____ (Malwarebytes ) C:\Users\slava\Downloads\mbam-setup-2.2.1.1043 (2).exe
2016-11-20 17:55 - 2016-11-20 17:55 - 01065376 _____ (Google Inc.) C:\Users\slava\Downloads\ChromeSetup (1).exe
2016-11-20 17:40 - 2016-11-20 17:40 - 22851472 _____ (Malwarebytes ) C:\Users\slava\Downloads\mbam-setup-2.2.1.1043 (1).exe
2016-11-20 17:35 - 2016-11-20 17:46 - 00000000 ____D C:\Users\slava\Doctor Web
2016-11-20 17:28 - 2016-11-20 17:27 - 00485032 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2016-11-20 17:22 - 2016-11-20 17:22 - 144871512 _____ C:\Users\slava\Downloads\eut3rzo3.exe
2016-11-20 17:04 - 2016-11-20 17:04 - 01065376 _____ (Google Inc.) C:\Users\slava\Downloads\ChromeSetup.exe
2016-11-20 16:35 - 2016-12-04 18:15 - 00000000 ____D C:\Windows\system32\SSL
2016-11-20 16:33 - 2016-11-20 16:33 - 00006088 _____ C:\Windows\System32\Tasks\Stumuied Client
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\Users\Все пользователи\Avira
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\Users\Все пользователи\Avg
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\Users\Все пользователи\AVAST Software
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\ProgramData\Avira
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\ProgramData\Avg
2016-11-20 16:33 - 2016-11-20 16:33 - 00000000 ____D C:\ProgramData\AVAST Software
2016-11-20 16:32 - 2016-11-20 17:51 - 00000000 ____D C:\Users\slava\AppData\Roaming\Caduph
2016-11-20 16:32 - 2016-11-20 16:33 - 00000000 ____D C:\Users\slava\AppData\Local\Nolash
2016-11-20 12:20 - 2016-11-20 12:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\emu8086
2016-11-20 12:20 - 2016-11-20 12:20 - 00000000 ____D C:\emu8086
2016-11-20 12:20 - 2004-01-21 17:49 - 00389120 _____ (WinMain Software (hxxp://www.winmain.com)) C:\Windows\SysWOW64\cmax20.ocx
2016-11-20 11:35 - 2016-11-20 11:36 - 02933474 _____ (Andrew Zhezherun) C:\Users\slava\Downloads\WinDjView-2.1-Setup.exe
2016-11-20 11:09 - 2016-11-20 11:33 - 97001038 _____ C:\Users\slava\Downloads\KOMPGRAF.rar
2016-11-20 11:06 - 2016-11-20 11:06 - 00240001 _____ C:\Users\slava\Downloads\lr2_OOP_2015.pdf
2016-11-20 10:08 - 2016-11-20 10:08 - 00000000 ____D C:\Program Files\CKAN
2016-11-20 09:58 - 2016-12-06 22:17 - 00001115 _____ C:\Users\slava\Desktop\STUDY.lnk
2016-11-20 09:56 - 2016-11-17 10:46 - 00133056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
2016-11-20 09:54 - 2016-11-17 12:06 - 40123840 _____ C:\Windows\system32\nvcompiler.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 35224632 _____ C:\Windows\SysWOW64\nvcompiler.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 34711096 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 10912232 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 10803880 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 10354800 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 09158432 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 08913328 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 08761376 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 02953152 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 02586048 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 01953336 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6437595.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 01585088 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6437595.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 01038904 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00975296 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00943552 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00897080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00802768 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncMFTH264.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00683640 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00644112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncMFTH264.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00572888 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00438208 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00394888 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00390200 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00384448 _____ (NVIDIA Corporation) C:\Windows\system32\nvDecMFTMjpeg.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00347072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvDecMFTMjpeg.dll
2016-11-20 09:54 - 2016-11-17 12:06 - 00327408 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
2016-11-18 10:27 - 2016-11-20 09:55 - 00000000 ____D C:\Windows\LastGood.Tmp
2016-11-17 18:17 - 2016-11-17 18:17 - 03299816 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE2.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 02190976 _____ (Yamaha Corporation) C:\Windows\system32\YamahaAE.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 01382232 _____ (TOSHIBA Corporation) C:\Windows\system32\tosade.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 01337632 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaeapo64.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 00962120 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tosasfapo64.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 00601136 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\tossaemaxapo64.dll
2016-11-17 18:17 - 2016-11-17 18:17 - 00447176 _____ (Toshiba Client Solutions Co., Ltd.) C:\Windows\system32\toseaeapo64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 02706856 _____ (DTS, Inc.) C:\Windows\system32\sltech64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 01435136 _____ (Synopsys, Inc.) C:\Windows\system32\SRRPTR64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00873456 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo264.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00532376 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00467152 _____ (Synopsys, Inc.) C:\Windows\system32\SRAPO64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00381408 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00341144 _____ (Synopsys, Inc.) C:\Windows\SysWOW64\SRCOM.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00341144 _____ (Synopsys, Inc.) C:\Windows\system32\SRCOM.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00221960 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00209528 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00166200 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00158688 _____ (TOSHIBA Corporation) C:\Windows\system32\tadefxapo.dll
2016-11-17 18:16 - 2016-11-17 18:16 - 00075536 _____ (TOSHIBA CORPORATION.) C:\Windows\system32\tepeqapo64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 03283240 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 02995000 _____ (DTS, Inc.) C:\Windows\system32\slcnt64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 01360512 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 01003328 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDHF64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00984904 _____ (DTS, Inc.) C:\Windows\system32\sl3apo64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00965024 _____ (Sony Corporation) C:\Windows\system32\SFSS_APO.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00865912 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SEHDHF32.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00859216 _____ (Sound Research, Corp.) C:\Windows\system32\SEHDRA64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00850408 _____ (Sound Research, Corp.) C:\Windows\system32\SECOMN64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00721800 _____ (Sound Research, Corp.) C:\Windows\SysWOW64\SECOMN32.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00689880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00499152 _____ (Sound Research, Corp.) C:\Windows\system32\SEAPO64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00387312 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00343704 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00231912 _____ (Synopsys, Inc.) C:\Windows\system32\SFNHK64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00214832 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00192976 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00110984 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00090912 _____ (Synopsys, Inc.) C:\Windows\system32\SFCOM64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00088344 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00088312 _____ (Synopsys, Inc.) C:\Windows\system32\SFAPO64.dll
2016-11-17 18:15 - 2016-11-17 18:15 - 00083624 _____ (Virage Logic Corporation / Sonic Focus) C:\Windows\SysWOW64\SFCOM.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 13122576 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO3064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 12988336 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO4064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 06198136 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV3apo.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 05793520 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICV2apo.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 05593608 _____ (Nahimic Inc) C:\Windows\system32\NAHIMICAPOlfx.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 03200864 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 02828432 _____ (Realtek Semiconductor Corp.) C:\Windows\SysWOW64\RltkAPO.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 02825096 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO7064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 01422920 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO6064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 01334376 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxSpeechAPO64.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 01213656 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO5064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 01166152 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO4064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00999848 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVoiceAPO2064.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00923736 _____ (Sony Corporation) C:\Windows\system32\MISS_APO.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00678176 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO30.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00677664 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxVolumeSDAPO.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00447720 _____ (Dolby Laboratories) C:\Windows\system32\R4EED64A.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00330552 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00321712 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00151784 _____ (Dolby Laboratories) C:\Windows\system32\R4EEL64A.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00134200 _____ (Dolby Laboratories) C:\Windows\system32\R4EEA64A.dll
2016-11-17 18:14 - 2016-11-17 18:14 - 00084616 _____ (Dolby Laboratories) C:\Windows\system32\R4EEG64A.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 10532040 _____ (Intel Corporation) C:\Windows\system32\IntelSSTAPO.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 05347000 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv211.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 03295064 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 02444688 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOv201.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 02110584 _____ (Waves Audio Ltd.) C:\Windows\system32\WavesGUILib64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 01965808 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64A.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 01959592 _____ (Dolby Laboratories) C:\Windows\system32\DDPD64AF3.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 01780616 _____ (DTS) C:\Windows\system32\DTSS2SpeakerDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 01591056 _____ (DTS) C:\Windows\system32\DTSS2HeadphoneDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 01508928 _____ (DTS) C:\Windows\system32\DTSBoostDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00743960 _____ (DTS) C:\Windows\system32\DTSBassEnhancementDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00727432 _____ (DTS) C:\Windows\system32\DTSSymmetryDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00708304 _____ (DTS) C:\Windows\system32\DTSVoiceClarityDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00618176 _____ (Knowles Acoustics ) C:\Windows\system32\KAAPORT64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00514520 _____ (DTS) C:\Windows\system32\DTSU2PLFX64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00504304 _____ (DTS) C:\Windows\system32\DTSNeoPCDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00500552 _____ (DTS) C:\Windows\system32\DTSU2PGFX64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00472304 _____ (ICEpower a/s) C:\Windows\system32\ICEsoundAPO64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00445392 _____ (DTS) C:\Windows\system32\DTSLimiterDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00441264 _____ (DTS) C:\Windows\system32\DTSGainCompensatorDLL64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00428224 _____ (DTS) C:\Windows\system32\DTSU2PREC64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00366120 _____ (Windows (R) Win 7 DDK provider) C:\Windows\system32\HMAPO.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00362048 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64AF3.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00360344 _____ (Harman) C:\Windows\system32\HMClariFi.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00327448 _____ (Dolby Laboratories) C:\Windows\system32\DDPO64A.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00310416 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64F3.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00258856 _____ (TODO: <Company name>) C:\Windows\system32\slprp64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00253896 _____ (DTS) C:\Windows\system32\DTSGFXAPO64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00253856 _____ (DTS) C:\Windows\system32\DTSLFXAPO64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00252872 _____ (DTS) C:\Windows\system32\DTSGFXAPONS64.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00203832 _____ (Harman) C:\Windows\system32\HMHVS.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00190928 _____ (Harman) C:\Windows\system32\HMEQ_Voice.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00190928 _____ (Harman) C:\Windows\system32\HMEQ.dll
2016-11-17 18:13 - 2016-11-17 18:13 - 00179592 _____ (Harman) C:\Windows\system32\HMLimiter.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 72520712 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoRes64.dat
2016-11-17 18:12 - 2016-11-17 18:12 - 07172912 _____ (Dolby Laboratories) C:\Windows\system32\R4EEP64A.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 05463552 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys
2016-11-17 18:12 - 2016-11-17 18:12 - 03204096 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 03014144 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl
2016-11-17 18:12 - 2016-11-17 18:12 - 02201088 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 01618768 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64APO.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 01529136 _____ (Conexant Systems Inc.) C:\Windows\system32\CX64Proxy.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 01003856 _____ (Nahimic Inc) C:\Windows\system32\NahimicAPONSControl.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 00574752 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 00272712 _____ (Dolby Laboratories) C:\Windows\system32\DDPA64.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 00118592 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll
2016-11-17 18:12 - 2016-11-17 18:12 - 00023688 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 14057248 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioRealtek64.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 07096184 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64A.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 06264632 _____ (Dolby Laboratories) C:\Windows\system32\DDPP64AF3.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 02050168 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 01186816 _____ (Intel Corporation) C:\Windows\system32\IntelSstCApoPropPage.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 01133584 _____ (Dolby Laboratories) C:\Windows\system32\DolbyDAX2APOProp.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00931616 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPOShell64.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00416504 _____ (Harman) C:\Windows\system32\HMUI.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00378384 _____ (Dolby Laboratories) C:\Windows\system32\HiFiDAX2API.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00154360 _____ (Harman) C:\Windows\system32\HarmanAudioInterface.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00122312 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll
2016-11-17 18:11 - 2016-11-17 18:11 - 00105304 _____ C:\Windows\system32\audioLibVc.dll
2016-11-17 18:10 - 2016-11-17 18:10 - 00118584 _____ C:\Windows\system32\AcpiServiceVnA64.dll
2016-11-17 14:27 - 2016-11-20 17:46 - 00000000 ____D C:\Users\slava\AppData\Local\ValidateLife
2016-11-17 14:27 - 2016-11-20 17:46 - 00000000 ____D C:\Users\slava\AppData\Local\LastNews
2016-11-17 14:27 - 2016-11-20 17:46 - 00000000 ____D C:\Users\slava\AppData\Local\ImmediateHelp
2016-11-17 07:41 - 2016-11-17 07:41 - 07474044 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT
2016-11-17 07:41 - 2016-11-17 07:41 - 05804772 _____ C:\Windows\system32\Drivers\rtvienna.dat
2016-11-17 07:41 - 2016-11-17 07:41 - 01921016 _____ C:\Windows\system32\Drivers\rtkSSTsetting.dat
2016-11-14 17:52 - 2016-11-14 17:54 - 00000000 ____D C:\Users\slava\Downloads\Однажды в Ирландии_2.18
2016-11-14 17:48 - 2016-11-14 17:52 - 2441084928 _____ C:\Users\slava\Downloads\Training.Day.2001.BDRip-AVC.2xRus.Eng.Sub.mkv
2016-11-14 16:17 - 2016-11-14 16:17 - 00000000 __RSH C:\Users\Все пользователи\Doctor Web
2016-11-14 16:17 - 2016-11-14 16:17 - 00000000 __RSH C:\ProgramData\Doctor Web
2016-11-14 16:17 - 2016-11-14 16:17 - 00000000 __RSH C:\Program Files\360
2016-11-12 21:45 - 2016-11-12 21:45 - 00000000 ____D C:\Users\Все пользователи\Malwarebytes
2016-11-12 21:45 - 2016-11-12 21:45 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-11-12 20:49 - 2016-11-12 20:50 - 22851472 _____ (Malwarebytes ) C:\Users\slava\Downloads\mbam-setup-2.2.1.1043.exe
2016-11-12 12:43 - 2016-11-26 22:03 - 00000000 ____D C:\Windows\system32\appmgmt
2016-11-12 12:33 - 2016-11-20 17:51 - 00000000 ____D C:\Users\slava\AppData\Local\Unity
2016-11-12 12:33 - 2016-11-20 16:42 - 00000000 ____D C:\Users\slava\AppData\LocalLow\Unity
2016-11-12 12:33 - 2016-11-20 16:31 - 00000000 ____D C:\Users\Все пользователи\vCore
2016-11-12 12:33 - 2016-11-20 16:31 - 00000000 ____D C:\ProgramData\vCore
2016-11-12 12:32 - 2016-11-12 12:32 - 00000314 _____ C:\Users\slava\AppData\Local\expand.ini
2016-11-12 12:31 - 2016-11-20 17:46 - 00000000 ____D C:\Users\slava\AppData\LocalLow\SearchGo
2016-11-12 12:31 - 2016-11-12 22:04 - 00000000 ____D C:\Users\slava\AppData\Local\fupdate
2016-11-12 12:31 - 2016-11-12 12:31 - 00003482 _____ C:\Windows\System32\Tasks\fupdate
2016-11-12 12:30 - 2016-12-06 16:21 - 00000258 __RSH C:\Users\slava\ntuser.pol
2016-11-12 12:29 - 2016-11-12 22:04 - 00000000 ____D C:\Users\slava\AppData\Local\FileSystemDriver
2016-11-12 12:29 - 2016-11-12 12:29 - 00003602 _____ C:\Windows\System32\Tasks\FileSystemDriver
2016-11-12 12:27 - 2016-11-12 20:46 - 00000000 ____D C:\Users\slava\AppData\Roaming\AkelPadApp
2016-11-12 12:25 - 2016-11-12 12:25 - 00519768 _____ C:\Users\slava\Downloads\vcr446free.rar
2016-11-12 12:25 - 2002-01-12 16:30 - 00003567 _____ (Beyond Logic hxxp://www.beyondlogic.org) C:\Windows\SysWOW64\Drivers\PortTalk.sys
2016-11-12 12:24 - 2016-11-12 12:24 - 00359478 _____ C:\Users\slava\Downloads\vcr446free.zip
2016-11-11 16:41 - 2016-12-04 17:26 - 00000000 ____D C:\Program Files (x86)\ICCup
2016-11-11 16:41 - 2016-11-11 16:41 - 14230602 _____ (ICCup ) C:\Users\slava\Downloads\iccup_launcher_setup.exe
2016-11-11 16:41 - 2016-11-11 16:41 - 00000000 ____D C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ICCup Launcher
2016-11-11 16:39 - 2016-11-11 16:40 - 415393386 _____ (iCCup Team ) C:\Users\slava\Downloads\iccup_war3_win32_ru (1).exe
2016-11-11 14:57 - 2016-11-11 14:57 - 00000000 ___HD C:\Windows\msdownld.tmp
2016-11-11 14:57 - 2016-11-11 14:57 - 00000000 ____D C:\Windows\SysWOW64\directx
2016-11-11 14:17 - 2016-11-11 14:36 - 3170369536 _____ C:\Users\slava\Downloads\Gothic III. GOLD (Multi3) [Lossless RePack].iso
2016-11-11 14:16 - 2016-11-11 14:16 - 00018646 _____ C:\Users\slava\Downloads\[NNM-Club.me]_Gothic III. GOLD (Multi3) [Lossless RePack].iso.torrent
2016-11-09 20:02 - 2016-11-02 22:01 - 00484584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2016-11-09 20:02 - 2016-11-02 22:01 - 00315744 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-11-09 20:02 - 2016-11-02 21:22 - 01570672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2016-11-09 20:02 - 2016-11-02 21:22 - 00601712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2016-11-09 20:02 - 2016-11-02 21:20 - 00590960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2016-11-09 20:02 - 2016-11-02 21:13 - 01883784 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2016-11-09 20:02 - 2016-11-02 21:13 - 00773720 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2016-11-09 20:02 - 2016-11-02 21:13 - 00423776 _____ (Microsoft Corporation) C:\Windows\system32\wifitask.exe
2016-11-09 20:02 - 2016-11-02 21:12 - 02255712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2016-11-09 20:02 - 2016-11-02 21:12 - 00376672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2016-11-09 20:02 - 2016-11-02 21:12 - 00341344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2016-11-09 20:02 - 2016-11-02 21:10 - 02323728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-11-09 20:02 - 2016-11-02 21:09 - 02257104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-11-09 20:02 - 2016-11-02 21:08 - 00602464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-11-09 20:02 - 2016-11-02 21:08 - 00576408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2016-11-09 20:02 - 2016-11-02 21:08 - 00186424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\weretw.dll
2016-11-09 20:02 - 2016-11-02 21:08 - 00111968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-11-09 20:02 - 2016-11-02 21:05 - 06657176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-11-09 20:02 - 2016-11-02 21:05 - 03892352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2016-11-09 20:02 - 2016-11-02 21:05 - 00959112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-11-09 20:02 - 2016-11-02 21:05 - 00951904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2016-11-09 20:02 - 2016-11-02 21:05 - 00405856 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2016-11-09 20:02 - 2016-11-02 21:04 - 04312248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-11-09 20:02 - 2016-11-02 21:03 - 02750936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-11-09 20:02 - 2016-11-02 21:03 - 00714592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\vhdmp.sys
2016-11-09 20:02 - 2016-11-02 21:02 - 00682816 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2016-11-09 20:02 - 2016-11-02 21:02 - 00238056 _____ (Microsoft Corporation) C:\Windows\system32\weretw.dll
2016-11-09 20:02 - 2016-11-02 21:01 - 01425000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2016-11-09 20:02 - 2016-11-02 21:01 - 01415744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32full.dll
2016-11-09 20:02 - 2016-11-02 21:01 - 01263856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2016-11-09 20:02 - 2016-11-02 21:01 - 00545936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-11-09 20:02 - 2016-11-02 21:01 - 00276832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\input.dll
2016-11-09 20:02 - 2016-11-02 21:00 - 22223968 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-11-09 20:02 - 2016-11-02 21:00 - 08156080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Protection.PlayReady.dll
2016-11-09 20:02 - 2016-11-02 21:00 - 01274712 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-11-09 20:02 - 2016-11-02 21:00 - 00534096 _____ (Microsoft Corporation) C:\Windows\system32\AudioEng.dll
2016-11-09 20:02 - 2016-11-02 20:59 - 04673304 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-11-09 20:02 - 2016-11-02 20:50 - 00034304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LaunchWinApp.exe
2016-11-09 20:02 - 2016-11-02 20:49 - 00147968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32k.sys
2016-11-09 20:02 - 2016-11-02 20:49 - 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-11-09 20:02 - 2016-11-02 20:48 - 00081408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2016-11-09 20:02 - 2016-11-02 20:47 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Shell.Search.UriHandler.dll
2016-11-09 20:02 - 2016-11-02 20:46 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininetlui.dll
2016-11-09 20:02 - 2016-11-02 20:44 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-11-09 20:02 - 2016-11-02 20:44 - 00089088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AuthExt.dll
2016-11-09 20:02 - 2016-11-02 20:43 - 00557568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-11-09 20:02 - 2016-11-02 20:43 - 00270336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2016-11-09 20:02 - 2016-11-02 20:42 - 00632832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sud.dll
2016-11-09 20:02 - 2016-11-02 20:42 - 00549376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActionCenterCPL.dll
2016-11-09 20:02 - 2016-11-02 20:42 - 00506880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DevicePairing.dll
2016-11-09 20:02 - 2016-11-02 20:42 - 00306176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieproxy.dll
2016-11-09 20:02 - 2016-11-02 20:42 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgentUserBroker.exe
2016-11-09 20:02 - 2016-11-02 20:40 - 00896512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontext.dll
2016-11-09 20:02 - 2016-11-02 20:40 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\indexeddbserver.dll
2016-11-09 20:02 - 2016-11-02 20:39 - 00465920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppBroker.dll
2016-11-09 20:02 - 2016-11-02 20:39 - 00348672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\zipfldr.dll
2016-11-09 20:02 - 2016-11-02 20:38 - 22563840 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-11-09 20:02 - 2016-11-02 20:38 - 00760832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appwiz.cpl
2016-11-09 20:02 - 2016-11-02 20:37 - 19415040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-11-09 20:02 - 2016-11-02 20:37 - 00299008 _____ (Microsoft Corporation) C:\Windows\system32\rdpinit.exe
2016-11-09 20:02 - 2016-11-02 20:36 - 19415552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-11-09 20:02 - 2016-11-02 20:36 - 07626752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-11-09 20:02 - 2016-11-02 20:36 - 00415744 _____ (Microsoft Corporation) C:\Windows\system32\rdpshell.exe
2016-11-09 20:02 - 2016-11-02 20:34 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\LaunchWinApp.exe
2016-11-09 20:02 - 2016-11-02 20:33 - 12349952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wmp.dll
2016-11-09 20:02 - 2016-11-02 20:33 - 03307520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-11-09 20:02 - 2016-11-02 20:32 - 00040448 _____ (Microsoft Corporation) C:\Windows\system32\efsext.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 03196416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cdp.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 01228288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\WpcTok.exe
2016-11-09 20:02 - 2016-11-02 20:31 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\ACPBackgroundManagerPolicy.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-11-09 20:02 - 2016-11-02 20:31 - 00090624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 12175360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 09131008 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 00567296 _____ (Microsoft Corporation) C:\Windows\system32\DevicePairing.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BioFeedback.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 00321536 _____ (Microsoft Corporation) C:\Windows\system32\PsmServiceExtHost.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\dab.dll
2016-11-09 20:02 - 2016-11-02 20:30 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Shell.Search.UriHandler.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 07469056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 03666432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 01247232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 00884224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 00336896 _____ (Microsoft Corporation) C:\Windows\system32\NetworkBindingEngineMigPlugin.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 00314880 _____ (Microsoft Corporation) C:\Windows\system32\FSClient.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\mfsensorgroup.dll
2016-11-09 20:02 - 2016-11-02 20:29 - 00122368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NPSM.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 06044160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 04423680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00807424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00690176 _____ (Microsoft Corporation) C:\Windows\system32\ieproxy.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenterCPL.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00432128 _____ (Microsoft Corporation) C:\Windows\system32\WpAXHolder.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00411136 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00324608 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00279552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00274432 _____ (Microsoft Corporation) C:\Windows\system32\ListSvc.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00252928 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00240640 _____ (Microsoft Corporation) C:\Windows\system32\NetworkDesktopSettings.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\IdCtrls.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00109568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\chartv.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00088576 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2016-11-09 20:02 - 2016-11-02 20:28 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\asycfilt.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 23677952 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 02458112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\themecpl.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 01388544 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Cred.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WlanMediaManager.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 00605184 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-11-09 20:02 - 2016-11-02 20:27 - 00580608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\hgcpl.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 00545792 _____ (Microsoft Corporation) C:\Windows\system32\timedate.cpl
2016-11-09 20:02 - 2016-11-02 20:27 - 00495104 _____ (Microsoft Corporation) C:\Windows\system32\DataSenseHandlers.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 00422400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2016-11-09 20:02 - 2016-11-02 20:27 - 00261632 _____ (Microsoft Corporation) C:\Windows\system32\indexeddbserver.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 02747392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpcore.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 02484736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gameux.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 01509376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00912896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00712192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\ddraw.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00388608 _____ (Microsoft Corporation) C:\Windows\system32\zipfldr.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00358912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\stobject.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00278016 _____ (Microsoft Corporation) C:\Windows\system32\netplwiz.dll
2016-11-09 20:02 - 2016-11-02 20:26 - 00049152 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-11-09 20:02 - 2016-11-02 20:25 - 02998272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32kfull.sys
2016-11-09 20:02 - 2016-11-02 20:25 - 01556480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-11-09 20:02 - 2016-11-02 20:25 - 00956416 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.desktop.dll
2016-11-09 20:02 - 2016-11-02 20:25 - 00655872 _____ (Microsoft Corporation) C:\Windows\system32\sud.dll
2016-11-09 20:02 - 2016-11-02 20:25 - 00496128 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettings.UserAccountsHandlers.dll
2016-11-09 20:02 - 2016-11-02 20:24 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\fontext.dll
2016-11-09 20:02 - 2016-11-02 20:23 - 03106304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstsc.exe
2016-11-09 20:02 - 2016-11-02 20:23 - 02104320 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2016-11-09 20:02 - 2016-11-02 20:23 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2016-11-09 20:02 - 2016-11-02 20:22 - 13441024 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2016-11-09 20:02 - 2016-11-02 20:22 - 13081600 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-11-09 20:02 - 2016-11-02 20:22 - 04749312 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-11-09 20:02 - 2016-11-02 20:22 - 00337920 _____ (Microsoft Corporation) C:\Windows\system32\AudioEndpointBuilder.dll
2016-11-09 20:02 - 2016-11-02 20:21 - 05111296 _____ (Microsoft Corporation) C:\Windows\system32\cdp.dll
2016-11-09 20:02 - 2016-11-02 20:21 - 00942080 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2016-11-09 20:02 - 2016-11-02 20:20 - 02273792 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-11-09 20:02 - 2016-11-02 20:20 - 00167936 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetails.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 08127488 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 08075776 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 01586176 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 00981504 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 00805888 _____ (Microsoft Corporation) C:\Windows\system32\FrameServer.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 00154112 _____ (Microsoft Corporation) C:\Windows\system32\NPSM.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 00130560 _____ (Microsoft Corporation) C:\Windows\system32\chartv.dll
2016-11-09 20:02 - 2016-11-02 20:19 - 00089088 _____ (Microsoft Corporation) C:\Windows\system32\asycfilt.dll
2016-11-09 20:02 - 2016-11-02 20:18 - 01690112 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.onecore.dll
2016-11-09 20:02 - 2016-11-02 20:18 - 00991232 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2016-11-09 20:02 - 2016-11-02 20:18 - 00836608 _____ (Microsoft Corporation) C:\Windows\system32\WpcRefreshTask.dll
2016-11-09 20:02 - 2016-11-02 20:18 - 00779776 _____ (Microsoft Corporation) C:\Windows\system32\cscui.dll
2016-11-09 20:02 - 2016-11-02 20:18 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
2016-11-09 20:02 - 2016-11-02 20:17 - 04746752 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-11-09 20:02 - 2016-11-02 20:17 - 01282048 _____ (Microsoft Corporation) C:\Windows\system32\wwansvc.dll
2016-11-09 20:02 - 2016-11-02 20:17 - 00982528 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2016-11-09 20:02 - 2016-11-02 20:17 - 00909824 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2016-11-09 20:02 - 2016-11-02 20:17 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\appwiz.cpl
2016-11-09 20:02 - 2016-11-02 20:17 - 00389632 _____ (Microsoft Corporation) C:\Windows\system32\stobject.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 03400192 _____ (Microsoft Corporation) C:\Windows\system32\SyncCenter.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 03133440 _____ (Microsoft Corporation) C:\Windows\system32\rdpcore.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 02688512 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 02669056 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 02512384 _____ (Microsoft Corporation) C:\Windows\system32\themecpl.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 01779712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 01637888 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 00881664 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 00770560 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 00629248 _____ (Microsoft Corporation) C:\Windows\system32\hgcpl.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 00579072 _____ (Microsoft Corporation) C:\Windows\system32\LockAppBroker.dll
2016-11-09 20:02 - 2016-11-02 20:16 - 00308736 _____ (Microsoft Corporation) C:\Windows\system32\ActionCenter.dll
2016-11-09 20:02 - 2016-11-02 20:15 - 04708864 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2016-11-09 20:02 - 2016-11-02 20:15 - 02611200 _____ (Microsoft Corporation) C:\Windows\system32\gameux.dll
2016-11-09 20:02 - 2016-11-02 20:15 - 01513472 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-11-09 20:02 - 2016-11-02 20:15 - 01348608 _____ (Microsoft Corporation) C:\Windows\system32\wifinetworkmanager.dll
2016-11-09 20:02 - 2016-11-02 20:15 - 00842240 _____ (Microsoft Corporation) C:\Windows\system32\ntshrui.dll
2016-11-09 20:02 - 2016-11-02 20:15 - 00483328 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2016-11-09 20:02 - 2016-11-02 20:14 - 01726976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-11-09 20:02 - 2016-11-02 20:13 - 03496960 _____ (Microsoft Corporation) C:\Windows\system32\MSVidCtl.dll
2016-11-09 20:02 - 2016-11-02 20:13 - 03299840 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe
2016-11-09 20:02 - 2016-11-02 18:20 - 00446896 _____ C:\Windows\system32\ApnDatabase.xml
2016-11-09 20:02 - 2016-08-02 14:30 - 00822784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakradiag.dll
2016-11-09 20:01 - 2016-11-02 21:20 - 00378720 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-11-09 20:01 - 2016-11-02 21:15 - 01051112 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2016-11-09 20:01 - 2016-11-02 21:15 - 00894096 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2016-11-09 20:01 - 2016-11-02 21:14 - 07816544 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-11-09 20:01 - 2016-11-02 21:13 - 01354320 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2016-11-09 20:01 - 2016-11-02 21:13 - 01173496 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2016-11-09 20:01 - 2016-11-02 21:05 - 20969928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2016-11-09 20:01 - 2016-11-02 21:04 - 02678056 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-11-09 20:01 - 2016-11-02 21:04 - 00596832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
2016-11-09 20:01 - 2016-11-02 21:02 - 00848736 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-11-09 20:01 - 2016-11-02 21:02 - 00148832 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-11-09 20:01 - 2016-11-02 21:01 - 00092512 _____ (Microsoft Corporation) C:\Windows\system32\rdpudd.dll
2016-11-09 20:01 - 2016-11-02 21:00 - 04130432 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2016-11-09 20:01 - 2016-11-02 21:00 - 01061968 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2016-11-09 20:01 - 2016-11-02 20:56 - 01609920 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2016-11-09 20:01 - 2016-11-02 20:56 - 01572768 _____ (Microsoft Corporation) C:\Windows\system32\gdi32full.dll
2016-11-09 20:01 - 2016-11-02 20:56 - 01418312 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2016-11-09 20:01 - 2016-11-02 20:56 - 00628552 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-11-09 20:01 - 2016-11-02 20:56 - 00322912 _____ (Microsoft Corporation) C:\Windows\system32\input.dll
2016-11-09 20:01 - 2016-11-02 20:55 - 00048992 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\iorate.sys
2016-11-09 20:01 - 2016-11-02 20:48 - 00095232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2016-11-09 20:01 - 2016-11-02 20:48 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efsext.dll
2016-11-09 20:01 - 2016-11-02 20:47 - 00285184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BlockedShutdown.dll
2016-11-09 20:01 - 2016-11-02 20:47 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BcastDVRHelper.dll
2016-11-09 20:01 - 2016-11-02 20:46 - 00140288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppCapture.dll
2016-11-09 20:01 - 2016-11-02 20:45 - 00492032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcastdvr.exe
2016-11-09 20:01 - 2016-11-02 20:45 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.BioFeedback.dll
2016-11-09 20:01 - 2016-11-02 20:45 - 00182784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsensorgroup.dll
2016-11-09 20:01 - 2016-11-02 20:44 - 00231936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-11-09 20:01 - 2016-11-02 20:43 - 00731136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d8.dll
2016-11-09 20:01 - 2016-11-02 20:43 - 00198144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FSClient.dll
2016-11-09 20:01 - 2016-11-02 20:43 - 00126464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
2016-11-09 20:01 - 2016-11-02 20:42 - 00866816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Cred.dll
2016-11-09 20:01 - 2016-11-02 20:42 - 00202752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2016-11-09 20:01 - 2016-11-02 20:41 - 00635904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2016-11-09 20:01 - 2016-11-02 20:40 - 00548352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ddraw.dll
2016-11-09 20:01 - 2016-11-02 20:39 - 00236544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAnimation.dll
2016-11-09 20:01 - 2016-11-02 20:36 - 00063488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetailsUpdate.dll
2016-11-09 20:01 - 2016-11-02 20:35 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2016-11-09 20:01 - 2016-11-02 20:34 - 00327168 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2016-11-09 20:01 - 2016-11-02 20:33 - 00206848 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2016-11-09 20:01 - 2016-11-02 20:32 - 00045056 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-11-09 20:01 - 2016-11-02 20:31 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\BcastDVRHelper.dll
2016-11-09 20:01 - 2016-11-02 20:31 - 00170496 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-11-09 20:01 - 2016-11-02 20:31 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\wininetlui.dll
2016-11-09 20:01 - 2016-11-02 20:30 - 00635904 _____ (Microsoft Corporation) C:\Windows\system32\FlightSettings.dll
2016-11-09 20:01 - 2016-11-02 20:30 - 00134144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ErrorDetails.dll
2016-11-09 20:01 - 2016-11-02 20:29 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.BlockedShutdown.dll
2016-11-09 20:01 - 2016-11-02 20:29 - 00276992 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2016-11-09 20:01 - 2016-11-02 20:29 - 00211968 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-11-09 20:01 - 2016-11-02 20:29 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
2016-11-09 20:01 - 2016-11-02 20:28 - 00748544 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-11-09 20:01 - 2016-11-02 20:28 - 00321024 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.dll
2016-11-09 20:01 - 2016-11-02 20:28 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgentUserBroker.exe
2016-11-09 20:01 - 2016-11-02 20:26 - 01880576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-11-09 20:01 - 2016-11-02 20:26 - 01595392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-11-09 20:01 - 2016-11-02 20:26 - 00798208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2016-11-09 20:01 - 2016-11-02 20:26 - 00273920 _____ (Microsoft Corporation) C:\Windows\system32\UIAnimation.dll
2016-11-09 20:01 - 2016-11-02 20:25 - 02256384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-11-09 20:01 - 2016-11-02 20:25 - 00772608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntshrui.dll
2016-11-09 20:01 - 2016-11-02 20:25 - 00541696 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2016-11-09 20:01 - 2016-11-02 20:24 - 03778560 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-11-09 20:01 - 2016-11-02 20:23 - 02356736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVidCtl.dll
2016-11-09 20:01 - 2016-11-02 20:23 - 00199680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GlobCollationHost.dll
2016-11-09 20:01 - 2016-11-02 20:23 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\ErrorDetailsUpdate.dll
2016-11-09 20:01 - 2016-11-02 20:22 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2016-11-09 20:01 - 2016-11-02 20:16 - 04148736 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2016-11-09 20:01 - 2016-11-02 20:16 - 01490944 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2016-11-09 20:01 - 2016-11-02 20:16 - 00265728 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-11-09 20:01 - 2016-11-02 20:15 - 03616768 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-11-09 20:01 - 2016-11-02 20:13 - 00322048 _____ (Microsoft Corporation) C:\Windows\system32\GlobCollationHost.dll
2016-11-09 20:01 - 2016-11-02 19:11 - 00788624 _____ C:\Windows\SysWOW64\locale.nls
2016-11-09 20:01 - 2016-11-02 19:11 - 00788624 _____ C:\Windows\system32\locale.nls
2016-11-08 21:43 - 2016-11-08 21:46 - 00004562 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2016-11-08 21:43 - 2016-11-08 21:43 - 00000000 ____D C:\Users\slava\AppData\LocalLow\Adobe
2016-11-08 21:42 - 2016-12-06 22:18 - 00002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2016-11-08 21:42 - 2016-12-04 17:26 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-11-08 21:19 - 2016-11-08 21:21 - 07967309 _____ C:\Users\slava\Downloads\OPSIS.7z

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-12-07 15:19 - 2016-09-29 21:31 - 00000000 ____D C:\Users\slava\AppData\Roaming\Skype
2016-12-07 15:14 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\AppReadiness
2016-12-07 15:13 - 2016-07-16 21:47 - 00000000 ___HD C:\Program Files\WindowsApps
2016-12-07 15:10 - 2016-09-29 12:48 - 00000000 ____D C:\Users\slava
2016-12-07 15:09 - 2016-09-29 15:50 - 00000000 ____D C:\Program Files (x86)\Steam
2016-12-07 15:09 - 2016-09-29 12:50 - 00000000 ____D C:\Users\Все пользователи\NVIDIA
2016-12-07 15:09 - 2016-09-29 12:50 - 00000000 ____D C:\ProgramData\NVIDIA
2016-12-07 15:07 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\LiveKernelReports
2016-12-06 22:20 - 2016-09-15 19:42 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-12-06 22:19 - 2016-07-16 16:04 - 00262144 _____ C:\Windows\system32\config\BBI
2016-12-06 22:18 - 2016-11-01 17:51 - 00001159 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.5.lnk
2016-12-06 22:18 - 2016-11-01 17:45 - 00001639 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Application Manager.lnk
2016-12-06 22:18 - 2016-10-21 04:15 - 00000985 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sublime Text 3.lnk
2016-12-06 22:18 - 2016-10-07 15:55 - 00001052 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LOOT.lnk
2016-12-06 22:18 - 2016-09-30 19:46 - 00001152 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\paint.net.lnk
2016-12-06 22:18 - 2016-09-29 12:45 - 00001897 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSAuto - Windows & Office Activator.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002741 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002674 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002668 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002660 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-12-06 22:18 - 2016-09-15 21:28 - 00002640 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-12-06 22:17 - 2016-10-05 14:30 - 00000991 _____ C:\Users\slava\Desktop\PHOTO.lnk
2016-12-06 22:17 - 2016-09-29 14:22 - 00002421 _____ C:\Users\slava\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-12-06 22:17 - 2016-09-29 12:51 - 00000620 _____ C:\ProgramData\Microsoft\Windows\Start Menu\O&O ShutUp10.lnk
2016-12-06 22:09 - 2016-07-16 21:47 - 00000000 __RSD C:\Windows\Media
2016-12-06 16:21 - 2016-07-16 21:47 - 00000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2016-12-06 16:17 - 2016-09-15 19:42 - 00000000 ____D C:\Windows\system32\SleepStudy
2016-12-06 16:11 - 2016-10-09 15:00 - 00002926 __RSH C:\Users\Все пользователи\ntuser.pol
2016-12-06 16:11 - 2016-10-09 15:00 - 00002926 __RSH C:\ProgramData\ntuser.pol
2016-12-05 01:17 - 2016-09-30 08:14 - 00000000 ____D C:\Users\slava\AppData\Roaming\qBittorrent
2016-12-04 21:26 - 2016-09-15 21:27 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-12-04 18:03 - 2016-09-29 15:26 - 00000000 ____D C:\Program Files (x86)\Google
2016-12-04 17:27 - 2016-10-31 22:38 - 00000000 ____D C:\Program Files (x86)\The Binding of Isaac
2016-12-04 17:27 - 2016-10-27 14:08 - 00000000 ____D C:\Program Files (x86)\QuickTime
2016-12-04 17:27 - 2016-10-21 03:51 - 00000000 ____D C:\MinGW
2016-12-04 17:27 - 2016-10-14 21:53 - 00000000 ____D C:\Dev-Cpp
2016-12-04 17:27 - 2016-10-03 13:34 - 00000000 ____D C:\Games
2016-12-04 17:27 - 2016-09-29 15:32 - 00000000 ____D C:\NVIDIA
2016-12-04 17:26 - 2016-10-27 14:03 - 00000000 ____D C:\Program Files (x86)\Sony
2016-12-04 17:26 - 2016-10-23 23:24 - 00000000 ____D C:\Program Files (x86)\ClockworkMod
2016-12-04 17:26 - 2016-10-22 18:59 - 00000000 ____D C:\Program Files (x86)\iCCup Warcraft III
2016-12-04 17:26 - 2016-10-07 15:55 - 00000000 ____D C:\Program Files (x86)\LOOT
2016-12-04 17:26 - 2016-10-02 21:46 - 00000000 ____D C:\Program Files (x86)\Rockstar Games
2016-12-04 17:26 - 2016-10-02 19:32 - 00000000 ____D C:\Program Files (x86)\R.G. Games
2016-12-04 17:26 - 2016-10-02 14:52 - 00000000 ____D C:\Program Files (x86)\BandiMPEG1
2016-12-04 17:26 - 2016-10-02 14:52 - 00000000 ____D C:\Program Files (x86)\Bandicam
2016-12-04 17:26 - 2016-10-01 22:28 - 00000000 ____D C:\Program Files (x86)\Mumble
2016-12-04 17:26 - 2016-10-01 13:28 - 00000000 ____D C:\Program Files (x86)\Tor Browser
2016-12-04 17:26 - 2016-09-30 08:18 - 00000000 ____D C:\Program Files (x86)\JetBrains
2016-12-04 17:26 - 2016-09-30 08:13 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2016-12-04 17:26 - 2016-09-30 00:00 - 00000000 ____D C:\Program Files (x86)\Java
2016-12-04 17:26 - 2016-09-29 23:53 - 00000000 ____D C:\Program Files (x86)\Minecraft
2016-12-04 17:26 - 2016-09-29 21:31 - 00000000 ___RD C:\Program Files (x86)\Skype
2016-12-04 17:26 - 2016-09-29 12:51 - 00000000 ____D C:\Program Files (x86)\StartIsBack
2016-12-04 17:26 - 2016-09-29 12:49 - 00000000 ____D C:\Program Files (x86)\NVIDIA Corporation
2016-12-04 17:26 - 2016-09-29 09:27 - 00000000 ____D C:\Program Files (x86)\CMAK
2016-12-04 17:26 - 2016-09-15 21:27 - 00000000 ____D C:\Program Files (x86)\Microsoft SQL Server
2016-12-04 17:26 - 2016-09-15 21:25 - 00000000 ____D C:\Program Files (x86)\Microsoft Analysis Services
2016-12-04 17:26 - 2016-09-15 21:24 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
2016-12-04 17:26 - 2016-09-15 17:20 - 00000000 ____D C:\Program Files (x86)\Reference Assemblies
2016-12-04 17:26 - 2016-09-15 17:20 - 00000000 ____D C:\Program Files (x86)\MSBuild
2016-12-04 17:26 - 2016-07-16 21:47 - 00000000 __SHD C:\Program Files (x86)\Windows Sidebar
2016-12-04 17:26 - 2016-07-16 21:47 - 00000000 ____D C:\Program Files (x86)\Windows Portable Devices
2016-12-04 17:26 - 2016-07-16 21:47 - 00000000 ____D C:\Program Files (x86)\Windows NT
2016-12-04 17:26 - 2016-07-16 21:47 - 00000000 ____D C:\Program Files (x86)\Windows Multimedia Platform
2016-12-03 17:00 - 2016-09-29 22:58 - 00000000 ____D C:\Users\slava\AppData\Roaming\QtProject
2016-12-03 16:56 - 2016-09-30 01:02 - 00000000 ____D C:\Users\slava\AppData\Local\CrashDumps
2016-12-02 11:16 - 2016-09-29 12:49 - 00000000 ____D C:\Users\slava\AppData\Local\Packages
2016-12-01 05:54 - 2016-09-30 01:09 - 00000000 ___RD C:\Users\slava\Documents\MEGA
2016-12-01 00:24 - 2016-10-23 22:01 - 00000000 ____D C:\Users\slava\.android
2016-11-30 22:50 - 2016-10-07 18:13 - 00003938 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:50 - 2016-09-29 12:49 - 00000000 ____D C:\Users\Все пользователи\NVIDIA Corporation
2016-11-30 22:50 - 2016-09-29 12:49 - 00000000 ____D C:\ProgramData\NVIDIA Corporation
2016-11-30 22:50 - 2016-07-16 21:45 - 00000000 ____D C:\Windows\INF
2016-11-30 22:49 - 2016-10-07 18:13 - 00004002 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:49 - 2016-10-07 18:13 - 00003974 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:49 - 2016-10-07 18:13 - 00003912 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:49 - 2016-10-07 18:13 - 00003750 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:49 - 2016-10-07 18:13 - 00003708 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-11-30 22:49 - 2016-09-29 12:49 - 00000000 ____D C:\Program Files\NVIDIA Corporation
2016-11-28 23:32 - 2016-09-15 19:49 - 00000000 ____D C:\Users\Все пользователи\Package Cache
2016-11-28 23:32 - 2016-09-15 19:49 - 00000000 ____D C:\ProgramData\Package Cache
2016-11-28 22:39 - 2016-09-29 12:50 - 00000000 ____D C:\Users\Все пользователи\Samsung
2016-11-28 22:39 - 2016-09-29 12:50 - 00000000 ____D C:\ProgramData\Samsung
2016-11-25 18:36 - 2016-07-16 16:04 - 00032768 _____ C:\Windows\system32\config\ELAM
2016-11-20 18:19 - 2016-09-29 15:25 - 00000000 ____D C:\Users\slava\AppData\Local\Google
2016-11-20 17:52 - 2016-09-29 15:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
2016-11-20 16:54 - 2016-11-05 19:36 - 00000000 ____D C:\Users\slava\AppData\Local\MicrosoftEdge
2016-11-20 16:33 - 2016-11-01 17:11 - 00000000 ____D C:\Xiaomi
2016-11-20 16:33 - 2016-07-16 21:47 - 00000000 ____D C:\Program Files (x86)\Windows Defender
2016-11-20 10:40 - 2016-09-29 21:30 - 00000000 ____D C:\Users\Все пользователи\Skype
2016-11-20 10:40 - 2016-09-29 21:30 - 00000000 ____D C:\ProgramData\Skype
2016-11-20 10:12 - 2016-10-02 14:52 - 00000000 ____D C:\Users\slava\Documents\Bandicam
2016-11-20 10:05 - 2016-10-02 22:54 - 00000000 ____D C:\Users\slava\Documents\My Games
2016-11-17 23:45 - 2016-10-07 18:13 - 01854400 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
2016-11-17 23:45 - 2016-10-07 18:13 - 01755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
2016-11-17 23:45 - 2016-10-07 18:13 - 01452480 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
2016-11-17 23:45 - 2016-10-07 18:13 - 01317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
2016-11-17 23:45 - 2016-10-07 18:13 - 00120256 _____ C:\Windows\system32\NvRtmpStreamer64.dll
2016-11-17 23:45 - 2016-10-07 18:13 - 00046016 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvvad64v.sys
2016-11-17 12:06 - 2016-09-29 15:36 - 28203576 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
2016-11-17 12:06 - 2016-09-29 15:36 - 03474064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
2016-11-17 12:06 - 2015-07-14 03:45 - 03934504 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
2016-11-17 12:06 - 2015-07-14 03:45 - 00042296 _____ C:\Windows\system32\nvinfo.pb
2016-11-17 11:03 - 2016-09-29 15:37 - 00546752 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
2016-11-17 11:03 - 2016-09-29 15:37 - 00083512 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
2016-11-17 11:03 - 2016-09-29 12:49 - 06384576 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
2016-11-17 11:03 - 2016-09-29 12:49 - 02477624 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
2016-11-17 11:03 - 2016-09-29 12:49 - 01762752 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
2016-11-17 11:03 - 2016-09-29 12:49 - 00392128 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
2016-11-17 11:03 - 2016-09-29 12:49 - 00069568 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
2016-11-16 19:52 - 2016-09-29 12:49 - 07529957 _____ C:\Windows\system32\nvcoproc.bin
2016-11-14 18:18 - 2016-09-30 01:09 - 00000000 ____D C:\Users\slava\AppData\Local\MEGAsync
2016-11-12 23:37 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\TAPI
2016-11-12 12:30 - 2016-07-16 21:47 - 00000000 ___HD C:\Windows\system32\GroupPolicy
2016-11-11 21:42 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\rescache
2016-11-11 16:41 - 2016-10-22 18:59 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCCup Warcraft III
2016-11-11 16:39 - 2016-09-29 12:49 - 00000000 ____D C:\Users\slava\AppData\Local\VirtualStore
2016-11-11 00:07 - 2016-10-23 23:30 - 00000000 ____D C:\Users\slava\AppData\Roaming\Notepad++
2016-11-10 04:41 - 2016-09-15 19:45 - 00000000 __RHD C:\Users\Public\AccountPictures
2016-11-10 04:40 - 2016-09-15 19:42 - 00340520 _____ C:\Windows\system32\FNTCACHE.DAT
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ___RD C:\Windows\ImmersiveControlPanel
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\system32\WinBioPlugIns
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\system32\oobe
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\system32\migwiz
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\ShellExperiences
2016-11-09 21:39 - 2016-07-16 21:47 - 00000000 ____D C:\Windows\bcastdvr
2016-11-09 20:56 - 2016-07-16 21:36 - 00000000 ____D C:\Windows\CbsTemp
2016-11-09 20:54 - 2016-09-29 16:21 - 00000000 ____D C:\Windows\system32\MRT
2016-11-08 21:43 - 2016-11-01 17:44 - 00000000 ____D C:\Users\Все пользователи\Adobe
2016-11-08 21:43 - 2016-11-01 17:44 - 00000000 ____D C:\Users\slava\AppData\Local\Adobe
2016-11-08 21:43 - 2016-11-01 17:44 - 00000000 ____D C:\ProgramData\Adobe
2016-11-08 21:43 - 2016-09-29 12:49 - 00000000 ____D C:\Users\slava\AppData\Roaming\Adobe

==================== Files in the root of some directories =======

2016-11-14 16:17 - 2016-11-14 16:17 - 0000000 __RSH () C:\Program Files\360
2016-12-06 21:40 - 2016-12-06 21:40 - 0000000 _____ () C:\Program Files (x86)\metadata
2016-12-06 21:40 - 2016-12-06 21:40 - 0000040 _____ () C:\Program Files (x86)\settings.dat
2016-11-12 12:32 - 2016-11-12 12:32 - 0000314 _____ () C:\Users\slava\AppData\Local\expand.ini
2016-11-14 16:17 - 2016-11-14 16:17 - 0000000 __RSH () C:\ProgramData\Doctor Web
2016-11-26 16:47 - 2016-11-26 16:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl

Some zero byte size files/folders:
==========================
C:\Windows\System32\setup-x86_64.exe
C:\Windows\SysWOW64\Drivers\350c988d54b8ededcb1025c1d19d434b.sys

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


testsigning: ==> 'testsigning' is set. Check for possible unsigned driver <===== ATTENTION

LastRegBack: 2016-11-27 21:46

==================== End of FRST.txt ============================

Addition.txt

Link to post
Share on other sites
kevinf80

kevinf80

Posted
Posted
Hello slavaxy and welcome to Malwarebytes,

My screen name is kevinf80, i`m here to help clean up your system. Make sure to run all scans from accounts with Administrator status, continue as follows please:

Anyone other than the original starter of this thread please DO NOT follow the instructions and advice posted as replies here, my help and advice is NOT related to your system and will probably cause more harm than good...

Lets continue:

Download attached fixlist.txt file (end of reply) and save it to the Desktop, or the folder you saved FRST into.
NOTE. It's important that both FRST and fixlist.txt are in the same location or the fix will not work.

Open FRST and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt) or the folder it was ran from. Please post it to your reply.

Next,

Please open Malwarebytes Anti-Malware.
 
  • On the Settings tab > Detection and Protection sub tab, Detection Options, tick the box "Scan for rootkits".
  • Under Non-Malware Protection sub tab Change PUP and PUM entries to Treat detections as Malware
  • Click on the Scan tab, then click on Scan Now >> . If an update is available, click the Update Now button.
  • A Threat Scan will begin.
  • When the Scan is complete Apply Actions to any found entries.
  • Wait for the prompt to restart the computer to appear (if applicable), then click on Yes.
  • After the restart once you are back at your desktop, open MBAM once more.


To get the log from Malwarebytes do the following:
 
  • Click on the History tab > Application Logs.
  • Double click on the Scan log which shows the Date and time of the scan just performed.
  • Click Export > From export you have three options:
    Copy to Clipboard - if seleted right click to your reply and select "Paste" log will be pasted to your reply
    Text file (*.txt) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
    XML file (*.xml) - if selected you will have to name the file and save to a place of choice, recommend "Desktop" then attach to reply
     
  • Please use "Copy to Clipboard, then Right click to your reply > select "Paste" that will copy the log to your reply…


Next,

Download AdwCleaner by Xplode onto your Desktop.
 
  • Double click on Adwcleaner.exe to run the tool.
  • Click on the Scan in the Actions box
  • Please wait fot the scan to finish..
  • When "Waiting for action.Please uncheck elements you want to keep" shows in top line..
  • Click on the Cleaning box.
  • Next click OK on the "Closing Programs" pop up box.
  • Click OK on the Information box & again OK to allow the necessary reboot
  • After restart the AdwCleaner(C*)-Notepad log will appear, please copy/paste it in your next reply. Where * is the number relative to list of scans completed...


Next,

Download Sophos Free Virus Removal Tool and save it to your desktop.

If your security alerts to this scan either accept the alert or turn off your security to allow Sophos to run and complete.....
 
  • Double click the icon and select Run
  • Click Next
  • Select I accept the terms in this license agreement, then click Next twice
  • Click Install
  • Click Finish to launch the program
  • Once the virus database has been updated click Start Scanning
  • If any threats are found click Details, then View log file... (bottom left hand corner)
  • Copy and paste the results in your reply
  • Close the Notepad document, close the Threat Details screen, then click Start cleanup
  • Click Exit to close the program
  • If no threats were found please confirm that result....


Let me see those logs in your reply, also tell me if there are any remaining issues or concerns....

Thank you,

Kevin....

Fixlist.txt

Link to post
Share on other sites
  • Root Admin
AdvancedSetup

AdvancedSetup

Posted
  • Root Admin
Posted

Due to the lack of feedback this topic is closed to prevent others from posting here. If you need this topic reopened, please send a Private Message to any one of the moderating team members. Please include a link to this thread with your request. This applies only to the originator of this thread.Other members who need assistance please start your own topic in a new thread. Thanks!

Link to post
Share on other sites
Guest
This topic is now closed to further replies.
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.