Jump to content

Изскачащи реклами и забавяне на лаптопа


Препоръчан пост

Здравейте,от няколко дни лаптопа стана много бавен и започнаха да ми изскачат разни реклами когато отворя интернет страница.Преди известно време ми помогнахте за подобен проблем и сега пак търся вашата помощ.

 

При инсталиране на Malwarebytes Anti-Malware се появи вътрешна грешка и не се инсталира програмата.

 

 

FIRST

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014

Ran by pc1 (administrator) on PC1123333 on 15-09-2014 22:05:05
Running from C:\Users\pc1\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
() C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Plex, Inc.) C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
() C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] => C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381584a-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381585b-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {40e522f1-30c1-11e2-a9c3-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {53dd3296-7831-11e2-aa98-e0ca94e19ff0} - G:\Inst.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8ca-10a0-11e2-be1c-e0ca94e19ff0} - G:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8dd-10a0-11e2-be1c-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81318-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81336-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81364-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {b017f233-e98d-11e2-b241-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e7868358-918e-11e2-ab1d-e0ca94e19ff0} - I:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e786836c-918e-11e2-ab1d-e0ca94e19ff0} - H:\AutoRun.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5F5A9E22169CCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKLM-x32 - DefaultScope value is missing.
SearchScopes: HKCU - {EDF963C7-D045-4A14-8944-E889E0E6CD25} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} ->  No File
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CGMFragment Class -> {0695F52A-89A2-4246-81B5-AFAD2D3B865F} -> C:\Program Files (x86)\Ematek\MetaWeb\MetaBHO.dll ()
BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68329BAA-58A1-41E8-82B3-0CD8FF13112A}: [NameServer] 212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{C105DB8B-578E-4900-8490-E7400F1B18D5}: [NameServer] 212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{FDA2D1B6-5B09-419F-A793-DE955FE1B9AE}: [NameServer] 212.39.90.42 212.39.90.43
 
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF Extension: {{EXT_NAME}} - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\siphon@siphon.ian-halpern.com [2014-09-12]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\VJKPXI46039420@JMZUIOB85844870.com [Not Found]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com [Not Found]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\warnerroberts@hotmail.com [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.bg/
CHR StartupUrls: Default -> "hxxp://www.google.bg/"
CHR DefaultSearchKeyword: Default -> search here
CHR DefaultSearchProvider: Default -> Search Here
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ciaaiedhdplbckgciamhkoejibpoegke) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaaiedhdplbckgciamhkoejibpoegke [2014-09-12]
CHR Extension: (Skype Click to Call) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-16]
CHR Extension: (Sense) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-05-11] (Autodata Limited) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2013-03-21] ()
S2 Update BrowseMark; "C:\Program Files (x86)\BrowseMark\updateBrowseMark.exe" [X]
S2 Util BrowseMark; "C:\Program Files (x86)\BrowseMark\bin\utilBrowseMark.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2013-03-21] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Tosrfcom; No ImagePath
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [285696 2007-06-17] (Jungo) [File not signed]
R1 {b99c8534-7800-48fa-bd71-519a46cdc7e1}w64; C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys [61120 2014-07-03] (StdLib)
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-15 22:05 - 2014-09-15 22:06 - 00018953 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-09-15 22:04 - 2014-09-15 22:05 - 00000000 ____D () C:\FRST
2014-09-15 22:02 - 2014-09-15 22:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc1\Desktop\Malwarebytes Anti-Malware 2.00.2.1012.exe
2014-09-15 21:57 - 2014-09-15 21:58 - 02105856 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-09-14 20:50 - 2014-09-14 20:59 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 00:50 - 2014-08-19 21:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 00:50 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 00:50 - 2014-08-19 01:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 00:50 - 2014-08-19 01:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 00:50 - 2014-08-19 01:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 00:50 - 2014-08-19 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 00:50 - 2014-08-19 01:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 00:50 - 2014-08-19 01:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 00:50 - 2014-08-19 01:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 00:50 - 2014-08-19 01:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 00:50 - 2014-08-19 01:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 00:50 - 2014-08-19 01:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 00:50 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 00:50 - 2014-08-19 00:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 00:50 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 00:50 - 2014-08-19 00:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 00:50 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 00:50 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 00:50 - 2014-08-19 00:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 00:50 - 2014-08-19 00:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 00:50 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 00:50 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 00:50 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 00:50 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 00:50 - 2014-08-19 00:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 00:50 - 2014-08-19 00:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 00:50 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 00:50 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 00:50 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 00:50 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 00:50 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 00:49 - 2014-08-19 02:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 00:49 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 00:49 - 2014-08-19 01:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 00:49 - 2014-08-19 01:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 00:49 - 2014-08-19 01:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 00:49 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 00:49 - 2014-08-19 01:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 00:49 - 2014-08-19 00:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 00:49 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 00:49 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 00:49 - 2014-08-19 00:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 00:49 - 2014-08-19 00:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 00:49 - 2014-08-19 00:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 00:49 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 00:49 - 2014-08-19 00:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 00:49 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 00:49 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 00:49 - 2014-08-18 23:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 00:49 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 00:49 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 00:49 - 2014-08-18 23:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 00:49 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 00:04 - 2014-06-27 05:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 00:04 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 22:27 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 22:27 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 22:27 - 2014-06-24 06:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 22:27 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 22:26 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 22:26 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 22:26 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 22:26 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 22:26 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 22:25 - 2014-09-05 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 22:25 - 2014-09-05 05:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-08 23:05 - 2014-09-09 22:30 - 00000000 ____D () C:\Program Files (x86)\Total Video Converter
2014-09-08 22:41 - 2014-09-08 22:41 - 00000094 _____ () C:\Users\pc1\AppData\Roaming\settings.xml
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\pc1\AppData\Local\SkinSoft
2014-09-08 22:36 - 2014-09-08 22:36 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\convertaudiofree
2014-09-08 22:35 - 2014-09-08 22:35 - 00003720 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-09-08 22:35 - 2014-09-08 22:35 - 00003580 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-09-08 22:35 - 2014-09-08 22:35 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-08 22:34 - 2014-09-08 22:34 - 00000000 ____D () C:\Users\pc1\AppData\Local\CrashRpt
2014-09-08 22:30 - 2014-09-14 22:44 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-08 22:30 - 2014-09-08 22:30 - 00000000 ____D () C:\Users\pc1\AppData\Local\globalUpdate
2014-09-08 22:23 - 2009-07-24 00:39 - 24451886 _____ () C:\Users\pc1\Desktop\Film za Kolio.wmv
2014-09-07 02:11 - 2014-09-07 02:11 - 00020058 _____ () C:\Users\pc1\Downloads\1BB864C8828F1D550C454AAF959C463EEA43988B.torrent
2014-09-07 01:53 - 2014-09-07 01:54 - 00099859 _____ () C:\Users\pc1\Downloads\0A682530D6C1230187608C9C912E6BAFE78D16CF.torrent
2014-09-07 01:45 - 2014-09-07 01:45 - 00015898 _____ () C:\Users\pc1\Downloads\C0EF016C3FD40852FA443B59ECD33681B19618FD.torrent
2014-09-07 01:41 - 2014-09-07 01:41 - 00081449 _____ () C:\Users\pc1\Downloads\BC99247A8F19DE9DC4D7CAC144A41F3EC868A1F6.torrent
2014-09-06 22:47 - 2014-09-06 22:47 - 00020098 _____ () C:\Users\pc1\Downloads\Anjelica and Michelle - The Fusion Of Two Bodies.mp4.torrent
2014-09-06 22:46 - 2014-09-06 22:46 - 00018130 _____ () C:\Users\pc1\Downloads\Hot_Cravings_HD.mp4.torrent
2014-09-06 22:43 - 2014-09-06 22:43 - 00014973 _____ () C:\Users\pc1\Downloads\Unexpectedly Cut_HD.mp4.torrent
2014-09-06 16:22 - 2014-09-06 16:22 - 00017070 _____ () C:\Users\pc1\Downloads\United.Passions.2014.720p.WEB-DL.x264.DD5.1.torrent
2014-08-27 21:50 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:50 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:50 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 22:18 - 2014-05-14 19:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-20 22:18 - 2014-05-14 19:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-20 22:18 - 2014-05-14 19:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-20 22:18 - 2014-05-14 19:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-20 22:18 - 2014-05-14 19:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-20 22:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-20 22:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-20 22:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 22:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2014-08-17 00:11 - 2014-09-10 23:32 - 00000000 ____D () C:\Users\pc1\Desktop\Revolucia.Z.S03.PDTV.XviD-SiSO
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-15 22:06 - 2014-09-15 22:05 - 00018953 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-09-15 22:05 - 2014-09-15 22:04 - 00000000 ____D () C:\FRST
2014-09-15 22:03 - 2014-09-15 22:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc1\Desktop\Malwarebytes Anti-Malware 2.00.2.1012.exe
2014-09-15 21:59 - 2012-10-06 19:59 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-15 21:58 - 2014-09-15 21:57 - 02105856 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-09-15 21:52 - 2012-09-28 23:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-15 21:50 - 2012-09-25 22:48 - 01973088 _____ () C:\Windows\WindowsUpdate.log
2014-09-15 21:48 - 2009-07-14 07:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-15 21:48 - 2009-07-14 07:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-15 21:40 - 2014-04-12 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-15 21:40 - 2012-10-06 19:59 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-15 21:39 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-15 21:39 - 2009-07-14 07:51 - 00157095 _____ () C:\Windows\setupact.log
2014-09-15 21:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-09-15 21:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-14 22:44 - 2014-09-08 22:30 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2014-09-14 21:19 - 2010-11-21 06:47 - 00200240 _____ () C:\Windows\PFRO.log
2014-09-14 21:06 - 2014-04-12 13:36 - 00000000 ____D () C:\Program Files (x86)\BrowseMark
2014-09-14 20:59 - 2014-09-14 20:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 20:52 - 2009-07-14 05:34 - 00000653 _____ () C:\Windows\win.ini
2014-09-14 00:42 - 2012-09-26 22:22 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-14 00:42 - 2012-09-26 22:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-14 00:42 - 2012-09-26 22:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-14 00:42 - 2012-09-26 22:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-14 00:41 - 2013-08-13 23:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 00:08 - 2012-09-26 21:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 00:03 - 2014-05-06 19:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-14 00:02 - 2009-07-14 08:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-10 23:32 - 2014-08-17 00:11 - 00000000 ____D () C:\Users\pc1\Desktop\Revolucia.Z.S03.PDTV.XviD-SiSO
2014-09-10 23:32 - 2013-01-12 18:27 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\vlc
2014-09-10 21:52 - 2012-09-28 23:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 21:52 - 2012-09-28 23:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 21:52 - 2012-09-28 23:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 22:30 - 2014-09-08 23:05 - 00000000 ____D () C:\Program Files (x86)\Total Video Converter
2014-09-09 19:50 - 2012-09-26 22:22 - 00109688 _____ () C:\Users\pc1\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-09 19:50 - 2009-07-14 07:45 - 00410312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 22:41 - 2014-09-08 22:41 - 00000094 _____ () C:\Users\pc1\AppData\Roaming\settings.xml
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\pc1\AppData\Local\SkinSoft
2014-09-08 22:36 - 2014-09-08 22:36 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\convertaudiofree
2014-09-08 22:35 - 2014-09-08 22:35 - 00003720 _____ () C:\Windows\System32\Tasks\SMupdate1
2014-09-08 22:35 - 2014-09-08 22:35 - 00003580 _____ () C:\Windows\System32\Tasks\YTDownloader
2014-09-08 22:35 - 2014-09-08 22:35 - 00000000 ____D () C:\Users\Public\Documents\ShopperPro
2014-09-08 22:35 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-08 22:34 - 2014-09-08 22:34 - 00000000 ____D () C:\Users\pc1\AppData\Local\CrashRpt
2014-09-08 22:31 - 2012-10-06 20:01 - 00002313 _____ () C:\Users\pc1\Desktop\Google Chrome.lnk
2014-09-08 22:30 - 2014-09-08 22:30 - 00000000 ____D () C:\Users\pc1\AppData\Local\globalUpdate
2014-09-07 23:04 - 2014-02-15 21:03 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\Skype
2014-09-07 13:45 - 2012-09-26 20:19 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\uTorrent
2014-09-07 02:11 - 2014-09-07 02:11 - 00020058 _____ () C:\Users\pc1\Downloads\1BB864C8828F1D550C454AAF959C463EEA43988B.torrent
2014-09-07 01:54 - 2014-09-07 01:53 - 00099859 _____ () C:\Users\pc1\Downloads\0A682530D6C1230187608C9C912E6BAFE78D16CF.torrent
2014-09-07 01:45 - 2014-09-07 01:45 - 00015898 _____ () C:\Users\pc1\Downloads\C0EF016C3FD40852FA443B59ECD33681B19618FD.torrent
2014-09-07 01:41 - 2014-09-07 01:41 - 00081449 _____ () C:\Users\pc1\Downloads\BC99247A8F19DE9DC4D7CAC144A41F3EC868A1F6.torrent
2014-09-06 22:47 - 2014-09-06 22:47 - 00020098 _____ () C:\Users\pc1\Downloads\Anjelica and Michelle - The Fusion Of Two Bodies.mp4.torrent
2014-09-06 22:46 - 2014-09-06 22:46 - 00018130 _____ () C:\Users\pc1\Downloads\Hot_Cravings_HD.mp4.torrent
2014-09-06 22:43 - 2014-09-06 22:43 - 00014973 _____ () C:\Users\pc1\Downloads\Unexpectedly Cut_HD.mp4.torrent
2014-09-06 16:22 - 2014-09-06 16:22 - 00017070 _____ () C:\Users\pc1\Downloads\United.Passions.2014.720p.WEB-DL.x264.DD5.1.torrent
2014-09-05 05:10 - 2014-09-12 22:25 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 05:05 - 2014-09-12 22:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 18:31 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-31 17:39 - 2013-05-11 09:31 - 00000000 ____D () C:\ADCDA2
2014-08-24 22:35 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-08-23 05:07 - 2014-08-27 21:50 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 04:45 - 2014-08-27 21:50 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 03:59 - 2014-08-27 21:50 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 21:05 - 2014-09-14 00:50 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 20:39 - 2014-09-14 00:50 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 02:01 - 2014-09-14 00:49 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 01:29 - 2014-09-14 00:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 01:29 - 2014-09-14 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 01:26 - 2014-09-14 00:49 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 01:20 - 2014-09-14 00:49 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 01:19 - 2014-09-14 00:49 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 01:15 - 2014-09-14 00:50 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 01:15 - 2014-09-14 00:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 01:14 - 2014-09-14 00:50 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 01:14 - 2014-09-14 00:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 01:08 - 2014-09-14 00:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 01:08 - 2014-09-14 00:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 01:08 - 2014-09-14 00:49 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 01:05 - 2014-09-14 00:50 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 01:03 - 2014-09-14 00:50 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 01:03 - 2014-09-14 00:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 01:03 - 2014-09-14 00:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 00:57 - 2014-09-14 00:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 00:56 - 2014-09-14 00:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 00:51 - 2014-09-14 00:50 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 00:46 - 2014-09-14 00:50 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 00:45 - 2014-09-14 00:50 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 00:45 - 2014-09-14 00:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 00:44 - 2014-09-14 00:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 00:44 - 2014-09-14 00:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 00:42 - 2014-09-14 00:49 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 00:40 - 2014-09-14 00:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 00:38 - 2014-09-14 00:50 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 00:37 - 2014-09-14 00:50 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 00:36 - 2014-09-14 00:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 00:35 - 2014-09-14 00:50 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 00:27 - 2014-09-14 00:50 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 00:25 - 2014-09-14 00:50 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 00:25 - 2014-09-14 00:50 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 00:23 - 2014-09-14 00:49 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 00:23 - 2014-09-14 00:49 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 00:22 - 2014-09-14 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 00:19 - 2014-09-14 00:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 00:17 - 2014-09-14 00:50 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 00:17 - 2014-09-14 00:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 00:16 - 2014-09-14 00:49 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 00:15 - 2014-09-14 00:49 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 00:15 - 2014-09-14 00:49 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 00:09 - 2014-09-14 00:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 00:08 - 2014-09-14 00:49 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 00:07 - 2014-09-14 00:49 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 23:55 - 2014-09-14 00:49 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 23:46 - 2014-09-14 00:49 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 23:38 - 2014-09-14 00:49 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 23:38 - 2014-09-14 00:49 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 23:36 - 2014-09-14 00:49 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-08-17 12:39 - 2009-07-14 08:08 - 00032552 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
 
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\BackupSetup.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
C:\Users\pc1\AppData\Local\Temp\Quarantine.exe
C:\Users\pc1\AppData\Local\Temp\tu17p84.exe
C:\Users\pc1\AppData\Local\Temp\utt4526.tmp.exe
C:\Users\pc1\AppData\Local\Temp\utt4FD0.tmp.exe
C:\Users\pc1\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-06 14:54
 
==================== End Of Log ============================

Addition.txt

Link to comment
Сподели другаде

Изтегли AdwCleaner и го запази на работния плот. Стартирай го, кликни бутон I Agree и послед бутон Scan. Изчакай да се сканира, след което кликни бутон Clean. Потвърди с OK на всички прозорци, което ще доведе до рестартиране на системата. След рестартирането ще се отвори текстов файл. Моля, копирай съдържанието му тук.

 

След това изготви нови дневници с FRST.

Link to comment
Сподели другаде

Изтегли AdwCleaner и го запази на работния плот. Стартирай го, кликни бутон I Agree и послед бутон Scan. Изчакай да се сканира, след което кликни бутон Clean. Потвърди с OK на всички прозорци, което ще доведе до рестартиране на системата. След рестартирането ще се отвори текстов файл. Моля, копирай съдържанието му тук.

 

След това изготви нови дневници с FRST.

AdwCleaner

 

# AdwCleaner v3.310 - Създаден отчет 17/09/2014 на 13:01:18
# Актуализиран 12/09/2014 от Xplode
# Операционна система : Windows 7 Ultimate Service Pack 1 (64 bits)
# Потребителско име : pc1 - PC1123333
# Стартиран от : C:\Users\pc1\Desktop\adwcleaner_3.310.exe
# Настройка : Почистване
 
***** [ Услуги ] *****
 
[#] Услуа Изтритa : Update BrowseMark
[#] Услуа Изтритa : Util BrowseMark
Услуа Изтритa : {b99c8534-7800-48fa-bd71-519a46cdc7e1}w64
 
***** [ Файлове / Папки ] *****
 
Папка Изтритa : C:\Program Files (x86)\BrowseMark
Папка Изтритa : C:\Program Files (x86)\globalUpdate
Папка Изтритa : C:\Program Files (x86)\Mobogenie
Папка Изтритa : C:\Users\pc1\AppData\Local\globalUpdate
Папка Изтритa : C:\Users\pc1\AppData\Local\Mobogenie
Папка Изтритa : C:\Users\pc1\Documents\Mobogenie
Папка Изтритa : C:\Users\Public\Documents\ShopperPro
Файл Изтритa : C:\Windows\System32\drivers\{b99c8534-7800-48fa-bd71-519a46cdc7e1}w64.sys
Файл Изтритa : C:\Users\pc1\daemonprocess.txt
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage\hxxp_www.qvo6.com_0.localstorage-
 
journal
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_www.superfish.com_0.localstorage
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxp_www.superfish.com_0.localstorage-journal
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxps_inst.shoppingate.info_0.localstorage
Файл Изтритa : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Local Storage
 
\hxxps_inst.shoppingate.info_0.localstorage-journal
 
***** [ задачи ] *****
 
задачa Изтрит : Desk 365 RunAsStdUser
задачa Изтрит : Omiga Plus RunAsStdUser
задачa Изтрит : SMupdate1
задачa Изтрит : YTDownloader
 
***** [ Преки пътища ] *****
 
 
***** [ Системен регистър ] *****
 
Ключ Изтрит : HKCU\Software\Classes\pokki
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\BabMaint_RASMANCS
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\biclient_RASMANCS
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\desk365_RASMANCS
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasapi32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\optimizerpro_rasmancs
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\Torntv Downloader_RASMANCS
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\updateBrowseMark_RASMANCS
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASAPI32
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Tracing\utilBrowseMark_RASMANCS
Стойност Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Ключ Изтрит : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\omigaplussvc
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{C007DADD-132A-624C-088E-59EE6CF0711F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{6D4506CE-F855-4657-AA38-DB6B1F733982}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{03771AEF-400D-4A13-B712-25878EC4A3F5}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{A2D733A7-73B0-4C6B-B0C7-06A432950B66}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\CLSID\{5A4E3A41-FA55-4BDA-AED7-CEBE6E7BCB52}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\CLSID\{A75BE48D-BF58-4A8B-B96C-F9A09DFB9844}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{1F8EDE97-36D5-422A-B8F0-9406E2D87C60}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9083CE-8758-4704-BA57-3C891D7452BD}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{3408AC0D-510E-4808-8F7B-6B70B1F88534}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{4E6354DE-9115-4AEE-BD21-C46C3E8A49DB}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{C66F0B7A-BD67-4982-AF71-C6CA6E7F016F}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Classes\Interface\{FC073BDA-C115-4A1D-9DF9-9B5C461482E5}
Ключ Изтрит : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A5A51D2A-505A-4D84-
 
AFC6-E0FA87E47B8C}
Ключ Изтрит : HKCU\Software\GlobalUpdate
Ключ Изтрит : HKCU\Software\UpdateStar
Ключ Изтрит : HKCU\Software\AppDataLow\Software\Crossrider
Ключ Изтрит : HKLM\SOFTWARE\BrowseMark
Ключ Изтрит : HKLM\SOFTWARE\Driver-Soft
Ключ Изтрит : HKLM\SOFTWARE\GlobalUpdate
Ключ Изтрит : HKLM\SOFTWARE\hdcode
 
***** [ Браузъри ] *****
 
-\\ Internet Explorer v11.0.9600.17280
 
 
-\\ Mozilla Firefox v28.0 (bg)
 
[ Файл : C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\prefs.js ]
 
Елемент изтрит : user_pref("extensions.crossrider.bic", "14856c4aab41973aa6f08abb8ad75ab1");
 
-\\ Google Chrome v37.0.2062.120
 
[ Файл : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
Изтрит [search Provider] : hxxp://websearch.youwillfind.info/?l=1&q={searchTerms}
 
&pid=512&r=2013/04/24&hid=199592637&lg=EN&cc=BG
Изтрит [search Provider] : hxxp://www.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=A4A8DC0EA14A510E
Изтрит [search Provider] : hxxp://search.babylon.com/?q={searchTerms}
 
&affID=119816&babsrc=SP_ss_din2g&mntrId=A4A8DC0EA14A510E
Изтрит [search Provider] : hxxp://search.qvo6.com/web/?
 
utm_source=b&utm_medium=ild&from=ild&uid=TOSHIBAXMK3275GSX_22N4CHHHTXX22N4CHHHT&ts=0&type=default&q={searchTerms}
Изтрит [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
Изтрит [search Provider] : hxxp://en.softonic.com/s/{searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [7555 octets] - [17/09/2014 12:57:49]
AdwCleaner[s0].txt - [7994 octets] - [17/09/2014 13:01:18]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [8054 octets] ##########
 
 
 
 
FRST - тук има само един дневник 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 12-09-2014
Ran by pc1 (administrator) on PC1123333 on 17-09-2014 13:08:18
Running from C:\Users\pc1\Desktop
Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: Български (България)
Internet Explorer Version 11
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
() C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [1331288 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [bCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKLM-x32\...\Run: [sunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [256896 2014-07-25] (Oracle Corporation)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20728480 2014-01-14] (Skype Technologies S.A.)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [Plex Media Server] => C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe [2699344 2011-11-26] (Plex, Inc.)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [YTDownloader] => "C:\Program Files (x86)\YTDownloader\YTDownloader.exe" /boot
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381584a-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381585b-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {40e522f1-30c1-11e2-a9c3-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {53dd3296-7831-11e2-aa98-e0ca94e19ff0} - G:\Inst.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8ca-10a0-11e2-be1c-e0ca94e19ff0} - G:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8dd-10a0-11e2-be1c-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81318-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81336-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81364-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {b017f233-e98d-11e2-b241-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e7868358-918e-11e2-ab1d-e0ca94e19ff0} - I:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e786836c-918e-11e2-ab1d-e0ca94e19ff0} - H:\AutoRun.exe
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5F5A9E22169CCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
SearchScopes: HKCU - {EDF963C7-D045-4A14-8944-E889E0E6CD25} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CGMFragment Class -> {0695F52A-89A2-4246-81B5-AFAD2D3B865F} -> C:\Program Files (x86)\Ematek\MetaWeb\MetaBHO.dll ()
BHO-x32: WebCGMHlprObj Class -> {56B38F40-4E70-11d4-A076-0080AD86BA2F} -> C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68329BAA-58A1-41E8-82B3-0CD8FF13112A}: [NameServer] 212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{C105DB8B-578E-4900-8490-E7400F1B18D5}: [NameServer] 212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{FDA2D1B6-5B09-419F-A793-DE955FE1B9AE}: [NameServer] 212.39.90.42 212.39.90.43
 
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_15_0_0_152.dll ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_152.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.67.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF Extension: {{EXT_NAME}} - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\siphon@siphon.ian-halpern.com [2014-09-12]
FF Extension: Firefox Old Version Update Hotfix - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\firefox-hotfix@mozilla.org.xpi [2014-07-28]
FF Extension: No Name - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\VJKPXI46039420@JMZUIOB85844870.com [Not Found]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\45633fba7e7d40fea9c29@9dc18447eea04021a325caf3.com [Not Found]
FF Extension: No Name - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\extensions\warnerroberts@hotmail.com [Not Found]
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.bg/
CHR StartupUrls: Default -> "hxxp://www.google.bg/"
CHR DefaultSearchKeyword: Default -> search here
CHR DefaultSearchProvider: Default -> Search Here
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\37.0.2062.120\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Profile: C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (ciaaiedhdplbckgciamhkoejibpoegke) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaaiedhdplbckgciamhkoejibpoegke [2014-09-12]
CHR Extension: (Skype Click to Call) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2014-02-16]
CHR Extension: (Sense) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-09-14]
CHR Extension: (Google Wallet) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-25]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-05-11] (Autodata Limited) [File not signed]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23784 2014-08-22] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [368624 2014-08-22] (Microsoft Corporation)
S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2013-03-21] ()
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2013-03-21] (Huawei Technologies Co., Ltd.)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [269008 2014-07-17] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [125584 2014-07-17] (Microsoft Corporation)
S3 Tosrfcom; No ImagePath
S3 WinDriver6; C:\Windows\System32\drivers\windrvr6.sys [285696 2007-06-17] (Jungo) [File not signed]
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 13:08 - 2014-09-17 13:08 - 00017957 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-09-17 13:05 - 2014-09-17 13:05 - 00008170 _____ () C:\Users\pc1\Desktop\AdwCleaner[s0].txt
2014-09-17 12:59 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\SysWOW64\sqlite3.dll
2014-09-17 12:57 - 2014-09-17 13:02 - 00000000 ____D () C:\AdwCleaner
2014-09-17 12:56 - 2014-09-17 12:56 - 01373475 _____ () C:\Users\pc1\Desktop\adwcleaner_3.310.exe
2014-09-17 10:18 - 2014-07-25 12:49 - 00272808 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
2014-09-17 10:17 - 2014-09-17 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-17 10:17 - 2014-07-25 12:55 - 00098216 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2014-09-17 10:17 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
2014-09-17 10:17 - 2014-07-25 12:49 - 00175528 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
2014-09-17 10:16 - 2014-09-17 10:17 - 00004578 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-15 22:12 - 2014-09-15 22:12 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 22:12 - 2014-09-15 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 22:11 - 2014-09-15 22:12 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 22:11 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2014-09-15 22:11 - 2014-05-12 07:26 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2014-09-15 22:11 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2014-09-15 22:04 - 2014-09-17 13:08 - 00000000 ____D () C:\FRST
2014-09-15 22:02 - 2014-09-15 22:03 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc1\Desktop\Malwarebytes Anti-Malware 2.00.2.1012.exe
2014-09-15 21:57 - 2014-09-15 21:58 - 02105856 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-09-14 20:50 - 2014-09-14 20:59 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 00:50 - 2014-08-19 21:05 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-09-14 00:50 - 2014-08-19 20:39 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-09-14 00:50 - 2014-08-19 01:29 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-09-14 00:50 - 2014-08-19 01:29 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-09-14 00:50 - 2014-08-19 01:15 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-09-14 00:50 - 2014-08-19 01:15 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-09-14 00:50 - 2014-08-19 01:14 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-09-14 00:50 - 2014-08-19 01:08 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-09-14 00:50 - 2014-08-19 01:08 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-09-14 00:50 - 2014-08-19 01:05 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-09-14 00:50 - 2014-08-19 01:03 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-09-14 00:50 - 2014-08-19 01:03 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-09-14 00:50 - 2014-08-19 00:57 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-09-14 00:50 - 2014-08-19 00:51 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-09-14 00:50 - 2014-08-19 00:46 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-09-14 00:50 - 2014-08-19 00:45 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-09-14 00:50 - 2014-08-19 00:45 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-09-14 00:50 - 2014-08-19 00:44 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-09-14 00:50 - 2014-08-19 00:40 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-09-14 00:50 - 2014-08-19 00:39 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-09-14 00:50 - 2014-08-19 00:38 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-09-14 00:50 - 2014-08-19 00:37 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-09-14 00:50 - 2014-08-19 00:36 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-09-14 00:50 - 2014-08-19 00:35 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-09-14 00:50 - 2014-08-19 00:27 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-09-14 00:50 - 2014-08-19 00:25 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-09-14 00:50 - 2014-08-19 00:25 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-09-14 00:50 - 2014-08-19 00:22 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-09-14 00:50 - 2014-08-19 00:19 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-09-14 00:50 - 2014-08-19 00:17 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-09-14 00:50 - 2014-08-19 00:17 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-09-14 00:50 - 2014-08-19 00:09 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-09-14 00:49 - 2014-08-19 02:01 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-09-14 00:49 - 2014-08-19 01:26 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-09-14 00:49 - 2014-08-19 01:20 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-09-14 00:49 - 2014-08-19 01:19 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-09-14 00:49 - 2014-08-19 01:14 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-09-14 00:49 - 2014-08-19 01:08 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-09-14 00:49 - 2014-08-19 01:03 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-09-14 00:49 - 2014-08-19 00:56 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-09-14 00:49 - 2014-08-19 00:44 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-09-14 00:49 - 2014-08-19 00:42 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-09-14 00:49 - 2014-08-19 00:23 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-09-14 00:49 - 2014-08-19 00:23 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-09-14 00:49 - 2014-08-19 00:16 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-09-14 00:49 - 2014-08-19 00:15 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-09-14 00:49 - 2014-08-19 00:15 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-09-14 00:49 - 2014-08-19 00:08 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-09-14 00:49 - 2014-08-19 00:07 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-09-14 00:49 - 2014-08-18 23:55 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-09-14 00:49 - 2014-08-18 23:46 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-09-14 00:49 - 2014-08-18 23:38 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-09-14 00:49 - 2014-08-18 23:38 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-09-14 00:49 - 2014-08-18 23:36 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-09-14 00:04 - 2014-06-27 05:08 - 02777088 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-09-14 00:04 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-09-12 22:27 - 2014-08-01 14:53 - 01031168 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-09-12 22:27 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-09-12 22:27 - 2014-06-24 06:29 - 02565120 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-09-12 22:27 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-09-12 22:26 - 2014-07-07 05:06 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-09-12 22:26 - 2014-07-07 05:06 - 00728064 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-09-12 22:26 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-09-12 22:26 - 2014-07-07 04:40 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2014-09-12 22:26 - 2014-07-07 04:39 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-09-12 22:25 - 2014-09-05 05:10 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-12 22:25 - 2014-09-05 05:05 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-08 23:05 - 2014-09-09 22:30 - 00000000 ____D () C:\Program Files (x86)\Total Video Converter
2014-09-08 22:41 - 2014-09-08 22:41 - 00000094 _____ () C:\Users\pc1\AppData\Roaming\settings.xml
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\pc1\AppData\Local\SkinSoft
2014-09-08 22:36 - 2014-09-08 22:36 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\convertaudiofree
2014-09-08 22:34 - 2014-09-08 22:34 - 00000000 ____D () C:\Users\pc1\AppData\Local\CrashRpt
2014-09-08 22:23 - 2009-07-24 00:39 - 24451886 _____ () C:\Users\pc1\Desktop\Film za Kolio.wmv
2014-09-07 02:11 - 2014-09-07 02:11 - 00020058 _____ () C:\Users\pc1\Downloads\1BB864C8828F1D550C454AAF959C463EEA43988B.torrent
2014-09-07 01:53 - 2014-09-07 01:54 - 00099859 _____ () C:\Users\pc1\Downloads\0A682530D6C1230187608C9C912E6BAFE78D16CF.torrent
2014-09-07 01:45 - 2014-09-07 01:45 - 00015898 _____ () C:\Users\pc1\Downloads\C0EF016C3FD40852FA443B59ECD33681B19618FD.torrent
2014-09-07 01:41 - 2014-09-07 01:41 - 00081449 _____ () C:\Users\pc1\Downloads\BC99247A8F19DE9DC4D7CAC144A41F3EC868A1F6.torrent
2014-09-06 22:47 - 2014-09-06 22:47 - 00020098 _____ () C:\Users\pc1\Downloads\Anjelica and Michelle - The Fusion Of Two Bodies.mp4.torrent
2014-09-06 22:46 - 2014-09-06 22:46 - 00018130 _____ () C:\Users\pc1\Downloads\Hot_Cravings_HD.mp4.torrent
2014-09-06 22:43 - 2014-09-06 22:43 - 00014973 _____ () C:\Users\pc1\Downloads\Unexpectedly Cut_HD.mp4.torrent
2014-09-06 16:22 - 2014-09-06 16:22 - 00017070 _____ () C:\Users\pc1\Downloads\United.Passions.2014.720p.WEB-DL.x264.DD5.1.torrent
2014-08-27 21:50 - 2014-08-23 05:07 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-27 21:50 - 2014-08-23 04:45 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-27 21:50 - 2014-08-23 03:59 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-20 22:18 - 2014-05-14 19:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-08-20 22:18 - 2014-05-14 19:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2014-08-20 22:18 - 2014-05-14 19:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2014-08-20 22:18 - 2014-05-14 19:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-08-20 22:18 - 2014-05-14 19:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2014-08-20 22:18 - 2014-05-14 19:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2014-08-20 22:17 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2014-08-20 22:17 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2014-08-20 22:17 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2014-08-20 22:17 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-09-17 13:09 - 2014-09-17 13:08 - 00017957 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-09-17 13:08 - 2014-09-15 22:04 - 00000000 ____D () C:\FRST
2014-09-17 13:05 - 2014-09-17 13:05 - 00008170 _____ () C:\Users\pc1\Desktop\AdwCleaner[s0].txt
2014-09-17 13:05 - 2014-04-12 13:39 - 00000000 ____D () C:\ProgramData\boost_interprocess
2014-09-17 13:04 - 2012-10-06 19:59 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-09-17 13:04 - 2009-07-14 08:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-09-17 13:04 - 2009-07-14 07:51 - 00157319 _____ () C:\Windows\setupact.log
2014-09-17 13:03 - 2012-09-25 22:48 - 01088734 _____ () C:\Windows\WindowsUpdate.log
2014-09-17 13:03 - 2010-11-21 06:47 - 00200968 _____ () C:\Windows\PFRO.log
2014-09-17 13:02 - 2014-09-17 12:57 - 00000000 ____D () C:\AdwCleaner
2014-09-17 13:01 - 2012-09-26 07:07 - 00000000 ____D () C:\Users\pc1
2014-09-17 12:59 - 2012-10-06 19:59 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-09-17 12:56 - 2014-09-17 12:56 - 01373475 _____ () C:\Users\pc1\Desktop\adwcleaner_3.310.exe
2014-09-17 12:52 - 2012-09-28 23:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-09-17 11:50 - 2009-07-14 08:13 - 00006222 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-09-17 10:18 - 2013-10-19 12:18 - 00000000 ____D () C:\ProgramData\Oracle
2014-09-17 10:17 - 2014-09-17 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2014-09-17 10:17 - 2014-09-17 10:16 - 00004578 _____ () C:\Windows\SysWOW64\jupdate-1.7.0_67-b01.log
2014-09-17 10:17 - 2013-07-07 21:24 - 00000000 ____D () C:\Program Files (x86)\Java
2014-09-17 09:45 - 2009-07-14 07:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-09-17 09:45 - 2009-07-14 07:45 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-09-16 17:19 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\rescache
2014-09-15 22:12 - 2014-09-15 22:12 - 00001062 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2014-09-15 22:12 - 2014-09-15 22:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-09-15 22:12 - 2014-09-15 22:11 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-09-15 22:03 - 2014-09-15 22:02 - 17292760 _____ (Malwarebytes Corporation ) C:\Users\pc1\Desktop\Malwarebytes Anti-Malware 2.00.2.1012.exe
2014-09-15 21:58 - 2014-09-15 21:57 - 02105856 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-09-15 21:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\SysWOW64\bg-BG
2014-09-15 21:37 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\system32\bg-BG
2014-09-14 20:59 - 2014-09-14 20:50 - 00000000 ____D () C:\Windows\system32\appmgmt
2014-09-14 20:52 - 2009-07-14 05:34 - 00000653 _____ () C:\Windows\win.ini
2014-09-14 00:42 - 2012-09-26 22:22 - 00002155 _____ () C:\Windows\epplauncher.mif
2014-09-14 00:42 - 2012-09-26 22:21 - 00002117 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2014-09-14 00:42 - 2012-09-26 22:21 - 00000000 ____D () C:\Program Files\Microsoft Security Client
2014-09-14 00:42 - 2012-09-26 22:21 - 00000000 ____D () C:\Program Files (x86)\Microsoft Security Client
2014-09-14 00:41 - 2013-08-13 23:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-09-14 00:08 - 2012-09-26 21:34 - 101694776 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-09-14 00:03 - 2014-05-06 19:46 - 00000000 ___SD () C:\Windows\system32\CompatTel
2014-09-10 23:32 - 2014-08-17 00:11 - 00000000 ____D () C:\Users\pc1\Desktop\Revolucia.Z.S03.PDTV.XviD-SiSO
2014-09-10 23:32 - 2013-01-12 18:27 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\vlc
2014-09-10 21:52 - 2012-09-28 23:00 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-09-10 21:52 - 2012-09-28 23:00 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-09-10 21:52 - 2012-09-28 23:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-09-09 22:30 - 2014-09-08 23:05 - 00000000 ____D () C:\Program Files (x86)\Total Video Converter
2014-09-09 19:50 - 2012-09-26 22:22 - 00109688 _____ () C:\Users\pc1\AppData\Local\GDIPFONTCACHEV1.DAT
2014-09-09 19:50 - 2009-07-14 07:45 - 00410312 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-09-08 22:41 - 2014-09-08 22:41 - 00000094 _____ () C:\Users\pc1\AppData\Roaming\settings.xml
2014-09-08 22:40 - 2014-09-08 22:40 - 00000000 ____D () C:\Users\pc1\AppData\Local\SkinSoft
2014-09-08 22:36 - 2014-09-08 22:36 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\convertaudiofree
2014-09-08 22:35 - 2009-07-14 06:20 - 00000000 ____D () C:\Program Files\Common Files\System
2014-09-08 22:34 - 2014-09-08 22:34 - 00000000 ____D () C:\Users\pc1\AppData\Local\CrashRpt
2014-09-08 22:31 - 2012-10-06 20:01 - 00002313 _____ () C:\Users\pc1\Desktop\Google Chrome.lnk
2014-09-07 23:04 - 2014-02-15 21:03 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\Skype
2014-09-07 13:45 - 2012-09-26 20:19 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\uTorrent
2014-09-07 02:11 - 2014-09-07 02:11 - 00020058 _____ () C:\Users\pc1\Downloads\1BB864C8828F1D550C454AAF959C463EEA43988B.torrent
2014-09-07 01:54 - 2014-09-07 01:53 - 00099859 _____ () C:\Users\pc1\Downloads\0A682530D6C1230187608C9C912E6BAFE78D16CF.torrent
2014-09-07 01:45 - 2014-09-07 01:45 - 00015898 _____ () C:\Users\pc1\Downloads\C0EF016C3FD40852FA443B59ECD33681B19618FD.torrent
2014-09-07 01:41 - 2014-09-07 01:41 - 00081449 _____ () C:\Users\pc1\Downloads\BC99247A8F19DE9DC4D7CAC144A41F3EC868A1F6.torrent
2014-09-06 22:47 - 2014-09-06 22:47 - 00020098 _____ () C:\Users\pc1\Downloads\Anjelica and Michelle - The Fusion Of Two Bodies.mp4.torrent
2014-09-06 22:46 - 2014-09-06 22:46 - 00018130 _____ () C:\Users\pc1\Downloads\Hot_Cravings_HD.mp4.torrent
2014-09-06 22:43 - 2014-09-06 22:43 - 00014973 _____ () C:\Users\pc1\Downloads\Unexpectedly Cut_HD.mp4.torrent
2014-09-06 16:22 - 2014-09-06 16:22 - 00017070 _____ () C:\Users\pc1\Downloads\United.Passions.2014.720p.WEB-DL.x264.DD5.1.torrent
2014-09-05 05:10 - 2014-09-12 22:25 - 00578048 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2014-09-05 05:05 - 2014-09-12 22:25 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2014-09-03 18:31 - 2009-07-14 06:20 - 00000000 ____D () C:\Windows\LiveKernelReports
2014-08-31 17:39 - 2013-05-11 09:31 - 00000000 ____D () C:\ADCDA2
2014-08-23 05:07 - 2014-08-27 21:50 - 00404480 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-08-23 04:45 - 2014-08-27 21:50 - 00311808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-08-23 03:59 - 2014-08-27 21:50 - 03163648 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-08-19 21:05 - 2014-09-14 00:50 - 00374968 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2014-08-19 20:39 - 2014-09-14 00:50 - 00327872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2014-08-19 02:01 - 2014-09-14 00:49 - 23591424 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-08-19 01:29 - 2014-09-14 00:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-08-19 01:29 - 2014-09-14 00:50 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-08-19 01:26 - 2014-09-14 00:49 - 17455104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-08-19 01:20 - 2014-09-14 00:49 - 02793984 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-08-19 01:19 - 2014-09-14 00:49 - 05833728 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-08-19 01:15 - 2014-09-14 00:50 - 00547328 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-08-19 01:15 - 2014-09-14 00:50 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-08-19 01:14 - 2014-09-14 00:50 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2014-08-19 01:14 - 2014-09-14 00:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-08-19 01:08 - 2014-09-14 00:50 - 00051200 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-08-19 01:08 - 2014-09-14 00:50 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-08-19 01:08 - 2014-09-14 00:49 - 04232704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-08-19 01:05 - 2014-09-14 00:50 - 00596480 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2014-08-19 01:03 - 2014-09-14 00:50 - 00758272 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-08-19 01:03 - 2014-09-14 00:50 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-08-19 01:03 - 2014-09-14 00:49 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-08-19 00:57 - 2014-09-14 00:50 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-08-19 00:56 - 2014-09-14 00:49 - 00940032 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2014-08-19 00:51 - 2014-09-14 00:50 - 00446464 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2014-08-19 00:46 - 2014-09-14 00:50 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-08-19 00:45 - 2014-09-14 00:50 - 00072704 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2014-08-19 00:45 - 2014-09-14 00:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-08-19 00:44 - 2014-09-14 00:50 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2014-08-19 00:44 - 2014-09-14 00:49 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-08-19 00:42 - 2014-09-14 00:49 - 02185728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-08-19 00:40 - 2014-09-14 00:50 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00085504 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-08-19 00:39 - 2014-09-14 00:50 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-08-19 00:38 - 2014-09-14 00:50 - 00289280 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2014-08-19 00:37 - 2014-09-14 00:50 - 00440320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2014-08-19 00:36 - 2014-09-14 00:50 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-08-19 00:35 - 2014-09-14 00:50 - 00597504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-08-19 00:27 - 2014-09-14 00:50 - 00365056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2014-08-19 00:25 - 2014-09-14 00:50 - 00727040 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-08-19 00:25 - 2014-09-14 00:50 - 00707072 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-08-19 00:23 - 2014-09-14 00:49 - 02104832 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-08-19 00:23 - 2014-09-14 00:49 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2014-08-19 00:22 - 2014-09-14 00:50 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2014-08-19 00:19 - 2014-09-14 00:50 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-08-19 00:17 - 2014-09-14 00:50 - 00243200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2014-08-19 00:17 - 2014-09-14 00:50 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2014-08-19 00:16 - 2014-09-14 00:49 - 13588480 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-08-19 00:15 - 2014-09-14 00:49 - 11769856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-08-19 00:15 - 2014-09-14 00:49 - 02310656 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-08-19 00:09 - 2014-09-14 00:50 - 00603136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-08-19 00:08 - 2014-09-14 00:49 - 02014208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-08-19 00:07 - 2014-09-14 00:49 - 01068032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2014-08-18 23:55 - 2014-09-14 00:49 - 01447424 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-08-18 23:46 - 2014-09-14 00:49 - 01812992 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-08-18 23:38 - 2014-09-14 00:49 - 01190400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-08-18 23:38 - 2014-09-14 00:49 - 00775168 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-08-18 23:36 - 2014-09-14 00:49 - 00678400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
 
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\BackupSetup.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u51-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
C:\Users\pc1\AppData\Local\Temp\Quarantine.exe
C:\Users\pc1\AppData\Local\Temp\tu17p84.exe
C:\Users\pc1\AppData\Local\Temp\utt4526.tmp.exe
C:\Users\pc1\AppData\Local\Temp\utt4FD0.tmp.exe
C:\Users\pc1\AppData\Local\Temp\vcredist_x64.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-09-16 17:10
 
==================== End Of Log ============================
Link to comment
Сподели другаде

Изтегли HitmanPro и:

- стартирай файла и кликни Напред;

- постави отметка на Приемам всички условия в лицензионното споразумение и кликни Напред;

- избери Не, искам да извършва еднократно сканиране на компютъра и кликни Напред;

- изчакай да приключи сканирането;

- ако бъдат открити заплахи, кликни Напред, в противен случай кликни Затвори;

- кликни Активирай безплатен лиценз, потвърди с OK и кликни Напред;

- изчакай да приключи премахването и кликни Next;

- кликни Изнеси резултатите от сканирането в XML файл и запази файла на удобно място с име по желание;

- ако има нужда от рестартиране, ще има бутон Рестартирай, кликни го; в противен случай кликни Затвори.

 

След това архивирай запазения XML файл и го прикачи към коментара си.

Link to comment
Сподели другаде

Има подобрение от към скоростта на компютъра , но рекламите продължават да излизат 

 

HitmanPro 3.7.9.225
www.hitmanpro.com
 
   Computer name . . . . : PC1123333
   Windows . . . . . . . : 6.1.1.7601.X64/2
   User name . . . . . . : pc1123333\pc1
   UAC . . . . . . . . . : Enabled
   License . . . . . . . : Trial (30 days left)
 
   Scan date . . . . . . : 2014-09-18 12:10:53
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 8m 22s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
 
   Threats . . . . . . . : 7
   Traces  . . . . . . . : 296
 
   Objects scanned . . . : 1 696 629
   Files scanned . . . . : 40 617
   Remnants scanned  . . : 254 717 files / 1 401 295 keys
 
Malware _____________________________________________________________________
 
   C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\setup[1].exe -> Quarantined
      Size . . . . . . . : 11 598 664 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:27:31)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 8FC0D64E522AE135C84AD1D35DFE854E1BA8D315DF1794B563B410C365236C24
      Product  . . . . . :  
      Description  . . . : Cjvbxllno
      Version  . . . . . : 20.14.3.10
      RSA Key Size . . . : 2048
      Source URL . . . . : hxxp://dl.loadclientinputsrv.com/outil/fuully/styi2/setup.exe
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.NSIS.Adwapper.ai
      Fuzzy  . . . . . . : 100.0
      Forensic Cluster
         -25.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{203EE914-A795-41E5-9DA2-C4A8F5A7C325}
         -20.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6758E7CC-FE22-42AB-8F93-67D5E5751285}
         -20.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -20.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -20.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -17.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\23\63E6B5C5A9DE15EF.dat
         -15.6s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\DynamicOfferScreen[1].htm
         -14.9s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\dc[1].js
         -14.7s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\bodyImg[1].png
         -14.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\button_over[1].png
         -14.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\button[1].png
         -6.5s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\DynamicOfferScreen[1].htm
         -0.9s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\DynamicOfferScreen[1].htm
          0.0s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\setup[1].exe
          2.5s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\DynamicOfferScreen[2].htm
          2.6s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\jquery-ui-1.8.19.custom[1].css
          2.7s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\jquery-ui[1].css
          2.7s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\jquery.min[3].js
          2.8s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\jquery-ui.min[1].js
          3.1s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\ytdie7.9[1].exe
          3.1s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\ytdie7.9[1].exe
          3.8s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\ui-bg_gloss-wave_75_2191c0_500x100[1].png
          3.8s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\ui-bg_inset-hard_100_fcfdfd_1x100[1].png
 
   C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\ytdie7.9[1].exe -> Quarantined
      Size . . . . . . . : 1 171 992 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:27:34)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 73E6AB242B4E6DAEAEB90D9ECAFC85A59E58A64C75CD39E8EE22AE91A95D45EE
      Version  . . . . . : 1.6.6697.297
      Source URL . . . . : hxxp://cdn.download4desktop.com/Installer/YouTubeAccelerator/ytdie7.9.exe
    > Kaspersky  . . . . : Trojan-Dropper.Win32.Agent.nnxn
      Fuzzy  . . . . . . : 112.0
      Forensic Cluster
         -28.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{203EE914-A795-41E5-9DA2-C4A8F5A7C325}
         -23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{6758E7CC-FE22-42AB-8F93-67D5E5751285}
         -23.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -23.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -23.4s C:\Users\pc1\AppData\Local\Temp\914102044310\
         -20.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\23\63E6B5C5A9DE15EF.dat
         -18.6s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\DynamicOfferScreen[1].htm
         -18.0s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\dc[1].js
         -17.8s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\bodyImg[1].png
         -17.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\button_over[1].png
         -17.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\button[1].png
         -9.6s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\DynamicOfferScreen[1].htm
         -4.0s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\DynamicOfferScreen[1].htm
         -3.1s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\setup[1].exe
         -0.6s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\DynamicOfferScreen[2].htm
         -0.4s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\jquery-ui-1.8.19.custom[1].css
         -0.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\jquery-ui[1].css
         -0.3s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VTNLQ5N4\jquery.min[3].js
         -0.2s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\jquery-ui.min[1].js
          0.0s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\ytdie7.9[1].exe
          0.0s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\CXHSMWTJ\ytdie7.9[1].exe
          0.7s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\ui-bg_gloss-wave_75_2191c0_500x100[1].png
          0.7s C:\Users\pc1\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2R6NRB1F\ui-bg_inset-hard_100_fcfdfd_1x100[1].png
 
   C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe -> Quarantined
      Size . . . . . . . : 12 232 832 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:34:10)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : E3FC9178E61267EDE1E2867C834FE5D5B9CA64EF00D47188D0C54EAC44AAC409
      Product  . . . . . :  
      Description  . . . : Ktwrxvlkuwrep
      Version  . . . . . : 20.19.14.22
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.NSIS.Adwapper.ai
      Fuzzy  . . . . . . : 100.0
      Forensic Cluster
         -2.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{57017D77-2936-47F7-8F85-A043E0286C86}
         -1.4s C:\Users\pc1\AppData\Local\Temp\Install_10239\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\YTDi 1.0.0.1_1.0.0.1\
         -0.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8F85DF5F-16FB-49C4-83B4-D2EDF7BE372A}
         -0.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\66\D18C72F9126AA7B2.dat
         -0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\shopperpro.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
          0.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\ytd.exe
          1.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\sense.exe
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         32.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{276CFF2F-5E43-4B34-885C-52951810B8DB}
         33.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         33.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         49.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BB8BF87B-02E1-4DF0-AB90-36D004418324}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\7E172E64090849B0.dat
         53.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         53.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         65.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\49\4461D1BB15578E71.dat
 
   C:\Users\pc1\AppData\Local\Temp\Install_10239\sense.exe -> Quarantined
      Size . . . . . . . : 11 916 256 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:34:11)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 7E0E88E350EDC34664E19D9B9F4444F6F8B9D66CDD2AF28FE381B38879874875
      Product  . . . . . :  
      Description  . . . : Sxsvjry
      Version  . . . . . : 1.12.25.19
      RSA Key Size . . . : 2048
      LanguageID . . . . : 1033
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.NSIS.Adwapper.ai
      Fuzzy  . . . . . . : 100.0
      Forensic Cluster
         -3.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{57017D77-2936-47F7-8F85-A043E0286C86}
         -2.4s C:\Users\pc1\AppData\Local\Temp\Install_10239\
         -2.4s C:\Users\pc1\AppData\Local\CrashRpt\
         -2.4s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\
         -2.4s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\YTDi 1.0.0.1_1.0.0.1\
         -1.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8F85DF5F-16FB-49C4-83B4-D2EDF7BE372A}
         -1.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\66\D18C72F9126AA7B2.dat
         -1.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\shopperpro.exe
         -1.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
         -1.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
         -1.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\ytd.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\sense.exe
         22.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         22.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         22.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         22.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         22.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         31.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{276CFF2F-5E43-4B34-885C-52951810B8DB}
         32.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         32.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         48.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BB8BF87B-02E1-4DF0-AB90-36D004418324}
         50.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         50.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         50.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         50.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         50.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\
         51.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\7E172E64090849B0.dat
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         58.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         58.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         58.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         58.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         64.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\49\4461D1BB15578E71.dat
 
   C:\Users\pc1\AppData\Local\Temp\Install_10239\shopperpro.exe -> Quarantined
      Size . . . . . . . : 2 679 273 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:34:10)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : FE2F67AA5310063A1368082DB6B12397F6946156E7BD6154C95D9D40676D3F88
      Version  . . . . . : 1.6.6681.871
    > Kaspersky  . . . . : not-a-virus:AdWare.NSIS.Agent.bx
      Fuzzy  . . . . . . : 112.0
      Forensic Cluster
         -2.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{57017D77-2936-47F7-8F85-A043E0286C86}
         -1.3s C:\Users\pc1\AppData\Local\Temp\Install_10239\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\
         -1.3s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\YTDi 1.0.0.1_1.0.0.1\
         -0.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8F85DF5F-16FB-49C4-83B4-D2EDF7BE372A}
         -0.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\66\D18C72F9126AA7B2.dat
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\shopperpro.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
          0.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\ytd.exe
          1.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\sense.exe
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         32.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{276CFF2F-5E43-4B34-885C-52951810B8DB}
         33.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         33.3s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         49.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BB8BF87B-02E1-4DF0-AB90-36D004418324}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\
         52.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\7E172E64090849B0.dat
         53.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         53.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         65.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\49\4461D1BB15578E71.dat
 
   C:\Users\pc1\AppData\Local\Temp\Install_10239\ytd.exe -> Quarantined
      Size . . . . . . . : 6 873 072 bytes
      Age  . . . . . . . : 9.6 days (2014-09-08 22:34:10)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : 687E876C12B9A5BBBA057FD975BC0002DBA238B327243976DC1185FD644AF9BF
      Version  . . . . . : 1.0.3.9
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:AdWare.NSIS.Agent.bx
      Fuzzy  . . . . . . : 100.0
      Forensic Cluster
         -2.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{57017D77-2936-47F7-8F85-A043E0286C86}
         -1.5s C:\Users\pc1\AppData\Local\Temp\Install_10239\
         -1.4s C:\Users\pc1\AppData\Local\CrashRpt\
         -1.4s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\
         -1.4s C:\Users\pc1\AppData\Local\CrashRpt\UnsentCrashReports\YTDi 1.0.0.1_1.0.0.1\
         -0.9s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{8F85DF5F-16FB-49C4-83B4-D2EDF7BE372A}
         -0.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\66\D18C72F9126AA7B2.dat
         -0.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\shopperpro.exe
         -0.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
         -0.1s C:\Users\pc1\AppData\Local\Temp\Install_10239\geforce.exe
          0.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\ytd.exe
          1.0s C:\Users\pc1\AppData\Local\Temp\Install_10239\sense.exe
         23.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         23.7s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D56AC9D4-8AEB-4DA7-9373-46CC228C82A3}
         32.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{276CFF2F-5E43-4B34-885C-52951810B8DB}
         33.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         33.2s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{0DAF0BBF-B5F6-4F70-A501-AC178BF1E3E0}
         49.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{BB8BF87B-02E1-4DF0-AB90-36D004418324}
         51.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         51.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{C7340186-84F7-4126-8330-5C2CC1D937BE}
         52.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\
         52.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\16\7E172E64090849B0.dat
         53.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         53.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\84\BB5665CC9F584C08.dat
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         59.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{038C9A15-BD92-41B8-9D3E-6C61940823AE}
         65.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\49\4461D1BB15578E71.dat
 
   C:\Users\pc1\Downloads\VideoDownloadConvert.exe -> Quarantined
      Size . . . . . . . : 215 704 bytes
      Age  . . . . . . . : 634.7 days (2012-12-22 20:26:00)
      Entropy  . . . . . : 6.0
      SHA-256  . . . . . : 7C1FB216FE92C45D5C1CE09496C48A3A8A00B84E2C055BA2026FC2A773371852
      RSA Key Size . . . : 2048
      Authenticode . . . : Valid
    > Kaspersky  . . . . : not-a-virus:WebToolbar.Win32.MyWebSearch.gen
      Fuzzy  . . . . . . : 99.0
 
 
Suspicious files ____________________________________________________________
 
   C:\Users\pc1\Desktop\FRST64.exe
      Size . . . . . . . : 2 105 856 bytes
      Age  . . . . . . . : 2.6 days (2014-09-15 21:57:35)
      Entropy  . . . . . : 7.5
      SHA-256  . . . . . : D6C5EDFD26E84E2BF10A388F78882CC8288DCEBE8F20C39C5222B17C213ACD5A
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
 
Potential Unwanted Programs _________________________________________________
 
   HKLM\SOFTWARE\Classes\*\shellex\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AniGIFCtrl.AniGIF\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg.1\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AniGIFPpg.AniGIFPpg\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2.1\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AniGIFPpg2.AniGIFPpg2\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\AppID\SysMenu.DLL\ (Goobzo) -> Deleted
   HKLM\SOFTWARE\Classes\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}\ (Goobzo) -> Deleted
   HKLM\SOFTWARE\Classes\CLSID\{020B1D4B-5738-4C77-9E19-4F173DD9B486}\ (Goobzo) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{34AD1EA7-8B9E-4D8B-B3ED-365D12C8EE73}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{35BBB95B-2CE4-4A9E-BDED-50EFD632AC00}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{3BA6794F-1E38-4460-949A-0DE97D8EF5C2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{3CBA93EA-AEC3-4EC3-9EFD-D96A661B639D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{5252AC41-94BB-11D1-B2E7-444553540000}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{5A96E574-F8A6-4F6A-B58D-79C14B698017}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{6605E3BD-7BC3-479C-BF0A-E5D5E954EA52}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{82351440-9094-11D1-A24B-00A0C932C7DF}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{93F0AC70-20D8-4AE8-A02F-6812EFFB6B58}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{94E98D20-156E-4C53-BD7F-972C96E680B2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{A266567F-8E5D-480C-BCE2-C360FA669FD5}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{CE4F67F6-4FD4-49DB-9D71-713CCD3D00CD}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{FB32408C-E182-443C-B15E-1E3C721E29EC}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\SysMenu.DLL\ (Goobzo) -> PendingDelete
   HKLM\SOFTWARE\Classes\Wow6432Node\AppID\{D813D5BB-EBC7-45F9-B8A4-36A305168069}\ (Goobzo) -> PendingDelete
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{61AB12E1-A5FF-11D1-B2E9-444553540000}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{6DC82D15-92F2-11D1-A255-00A0C932C7DF}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{82351441-9094-11D1-A24B-00A0C932C7DF}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{34AD1EA7-8B9E-4D8B-B3ED-365D12C8EE73}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{35BBB95B-2CE4-4A9E-BDED-50EFD632AC00}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3BA6794F-1E38-4460-949A-0DE97D8EF5C2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{3CBA93EA-AEC3-4EC3-9EFD-D96A661B639D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5252AC41-94BB-11D1-B2E7-444553540000}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{5A96E574-F8A6-4F6A-B58D-79C14B698017}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{6605E3BD-7BC3-479C-BF0A-E5D5E954EA52}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{82351440-9094-11D1-A24B-00A0C932C7DF}\ (YTDownloader) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{93F0AC70-20D8-4AE8-A02F-6812EFFB6B58}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{94E98D20-156E-4C53-BD7F-972C96E680B2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{A266567F-8E5D-480C-BCE2-C360FA669FD5}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CE4F67F6-4FD4-49DB-9D71-713CCD3D00CD}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{82351433-9094-11D1-A24B-00A0C932C7DF}\ (YTDownloader) -> PendingDelete
   HKLM\SOFTWARE\Microsoft\Tracing\dmwu_RASAPI32\ (Sweetpacks) -> Deleted
   HKLM\SOFTWARE\Microsoft\Tracing\dmwu_RASMANCS\ (Sweetpacks) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\YTDownloader\ (YTDownloader) -> Deleted
   HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SBMNTR\ (Goobzo) -> Deleted
   HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SBMNTR\ (Goobzo) -> Deleted
   HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SBMNTR\ (Goobzo) -> PendingDelete
   HKU\.DEFAULT\Software\AppDataLow\Software\Sense\ (SaveSense) -> Deleted
   HKU\.DEFAULT\Software\IM\ (Sweetpacks) -> Deleted
   HKU\.DEFAULT\Software\ImInstaller\ (Sweetpacks) -> Deleted
   HKU\S-1-5-18\Software\AppDataLow\Software\Sense\ (SaveSense) -> PendingDelete
   HKU\S-1-5-18\Software\IM\ (Sweetpacks) -> PendingDelete
   HKU\S-1-5-18\Software\ImInstaller\ (Sweetpacks) -> PendingDelete
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} (Claro) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{98889811-442D-49DD-99D7-DC866BE87DBC} (Claro) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\shoppingate.info\ (ShopperPro) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectNewTabPageShow (22Find) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Internet Explorer\TabbedBrowsing\bProtectShowTabsWelcome (22Find) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}\ (MindSpark) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro) -> Deleted
   HKU\S-1-5-21-3951854703-640708595-620863282-1000_Classes\*\ShellEx\ContextMenuHandlers\SysMenuExt\ (YTDownloader) -> PendingDelete
   HKU\S-1-5-21-3951854703-640708595-620863282-1000_Classes\Wow6432Node\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}\ (MindSpark) -> Deleted
 
Cookies _____________________________________________________________________
 
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:0dayporno.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:1xxx.cqcounter.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:21sextreme.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:21sextury.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.propellerads.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.sbb.bg
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ad4game.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adamoads.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.adsrvmedia.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.betweendigital.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.bg-mamma.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.crakmedia.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.creative-serving.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.domainbg.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.fashionsupreme.co.uk
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.genericlink.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.glispa.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.grabgoodusa.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.ibtracking.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kaldata.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.mediade.sk
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.novsport.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pornerbros.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.rcs.it
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.reddollars.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.solutionsunuk.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.tv7.bg
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.webcafe.bg
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.yahoo.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.adreactor.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adservinghost2.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultadworld.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:adultfriendfinder.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:at.atwola.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:burstnet.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:collective-media.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:creatives.livejasmin.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:diff3.smartadserver.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.streamate.doublepimp.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ero-advertising.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:faceporn.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:fastclick.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:flirt4free.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:fuckndrive.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:fuckstudies.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:galleries.fuckstudies.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:hardsextube.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:hardsexxxtube.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:hidefporn.ws
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:hugesex.tv
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:in.getclicky.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:indexxx.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:kontera.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:legalporno.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:livejasmin.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:media6degrees.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:mediaplex.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.sexsearch.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:openx.sexsearchcom.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:porn-xnick.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornerbros.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornhub.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornleech.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornmd.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornteengirl.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:questionmarket.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:rabbitporno.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:realmedia.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:rk.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexad.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexart.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexkompania.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexpartnior.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sextubekitty.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sextvx.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexyladiesonly.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:specificclick.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:spylog.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:statse.webtrendslive.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:tacoda.at.atwola.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.hubrus.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:tubekittysex.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:tubepornstars.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:watchmygf.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.burstnet.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.flirt4free.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.googleadservices.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.hardsextube.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.indexxx.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.pornhub.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.pornteengirl.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.rk.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.sexpartnior.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.tubepornstars.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:www.youporn.com
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Cookies:youporn.com
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\4A4FAOE5.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\7VQH2WGI.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\F052REOF.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\H3RP3E7N.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\IHZ2L0WF.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\IX7HW05X.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\JWXRSR0M.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\LULMJUSN.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\pc1@yadro[1].txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\TB0TS8K9.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\Y9RBHC3F.txt
   C:\Users\pc1\AppData\Roaming\Microsoft\Windows\Cookies\ZXCUV7SW.txt
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:2o7.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ad.leadbolt.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ad.mlnadvertising.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ad.propellerads.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ad.yieldmanager.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adbrite.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.ad4game.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.blitz.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.crakmedia.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.delfin.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.fiat-bg.org
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.gamesbannernet.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.kaldata.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.lzjl.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.mtel.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.tradeads.eu
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ads.tv7.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adserver.adreactor.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adtech.de
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adultadworld.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adultfriendfinder.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:adverticum.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:advertising.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:advertstream.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:apmebf.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:at.atwola.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:atdmt.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:br.rk.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:c.atdmt.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:c1.atdmt.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:casalemedia.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:clicksor.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:collective-media.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:doubleclick.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:eaeacom.112.2o7.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ero-advertising.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:exoclick.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:fastclick.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:gmeurope.112.2o7.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:interclick.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:invitemedia.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:kontera.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:livejasmin.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:media6degrees.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:mediaplex.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:microsoftwlsearchcrm.112.2o7.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:mm.chitika.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:oracle.112.2o7.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:pornologo.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:pornup.me
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:rts.phn.doublepimp.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:ru4.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:server.cpmstar.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:serving-sys.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:sexreform.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:sexwell.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:smartadserver.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:statcounter.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:stats.adotube.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:statse.webtrendslive.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:sunporno.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:track.adform.net
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:track.right-ads.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:tradedoubler.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:tribalfusion.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.freshpornclips.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.freshporntube.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.googleadservices.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.hometubeporn.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.pornup.me
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.sexwell.bg
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:www.sunporno.com
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:yadro.ru
   C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\cookies.sqlite:zedo.com
 
 
Link to comment
Сподели другаде

Сега можеш ли да инсталираш Malwarebytes Anti-Malware? Ако не, кажи точно каква грешка се изписва.

 

Не мога да я инсталирам пак - грешката е 

Expression error Runtime Error (at7:177) External exception E06D7363

 

Няколко пъти излиза тази грешка по време на инсталацията , и след това уж завършва инсталирането , но не може да се стартира програмата

Link to comment
Сподели другаде

Нека опитаме следното...

Деинсталирай Malwarebytes Anti-Malware. Ако ти се поиска рестарт, се съгласи.
Изтегли този файл и го запази на удобно място. Стартирай го и го остави да си свърши работата. Накрая ще поиска рестарт, на който се съгласи.

След като зареди операционната система, изтегли актуална версия на програмата от тази страница. Важно е да е от официален източник, а не от разни торент тракери.

Link to comment
Сподели другаде

Нека опитаме следното...

 

Деинсталирай Malwarebytes Anti-Malware. Ако ти се поиска рестарт, се съгласи.

Изтегли този файл и го запази на удобно място. Стартирай го и го остави да си свърши работата. Накрая ще поиска рестарт, на който се съгласи.

След като зареди операционната система, изтегли актуална версия на програмата от тази страница. Важно е да е от официален източник, а не от разни торент тракери.

Така вече се инсталира програмата , част от рекламите не се появяват вече , ето и файловете

scan log.txt

protection log.txt

Link to comment
Сподели другаде

Може ли снимка на рекламите, които все още се появяват?

Да , появяват се пак всичките реклами както и преди , вчера нещо съм се заблудил.Трябва да уточня -  днес разбрах ,че на IE няма такива реклами само през Хром.Странно

post-944-0-33832900-1411203618_thumb.jpg

post-944-0-03826700-1411203636_thumb.jpg

post-944-0-94748500-1411203650_thumb.jpg

Link to comment
Сподели другаде

Изпълни следното:
- изтегли прикрепения файл Fixlist.txt и го запази в същата папка, където се намира FRST/FRST64 (това трябва да е работният плот, ако си следвал точно инструкциите в предишния коментар) и замени стария файл с такова име, ако има такъв;
- стартирай FRST/FRST64;
- кликни бутон Fix и изчакай инструмента да извърши поправките;
- ако случайно има нужда от рестарт, се съгласи и остави системата да се рестартира нормално, след което остави инструментът да си довърши работата;
- когато всичко приключи, в същата папка ще се създаде Fixlog.txt, копирай съдържанието му към следващия си коментар или го прикрепи към него.

 

Рестартирай Chrome и виж дали има подобрение.

Link to comment
Сподели другаде

 

 

Изпълни следното:

- изтегли прикрепения файл http://forums.softvisia.com/public/style_images/master/attachicon.gifFixlist.txt и го запази в същата папка, където се намира FRST/FRST64 (това трябва да е работният плот, ако си следвал точно инструкциите в предишния коментар) и замени стария файл с такова име, ако има такъв;

- стартирай FRST/FRST64;

- кликни бутон Fix и изчакай инструмента да извърши поправките;

- ако случайно има нужда от рестарт, се съгласи и остави системата да се рестартира нормално, след което остави инструментът да си довърши работата;

- когато всичко приключи, в същата папка ще се създаде Fixlog.txt, копирай съдържанието му към следващия си коментар или го прикрепи към него.

 

Рестартирай Chrome и виж дали има подобрение.

Има значително подобрение - рекламите спряха да излизат и скоростта стана още по-добра :)

 

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 12-09-2014
Ran by pc1 at 2014-09-21 20:51:57 Run:1
Running from C:\Users\pc1\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CHR DefaultSearchURL: Default -> http://www.mysearchr...q={searchTerms}
CHR DefaultSuggestURL: Default -> 
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Extension: (ciaaiedhdplbckgciamhkoejibpoegke) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaaiedhdplbckgciamhkoejibpoegke [2014-09-12]
CHR Extension: (Sense) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd [2014-09-14]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]
emptytemp:
end
*****************
 
Chrome DefaultSearchURL deleted successfully.
Chrome DefaultSuggestURL deleted successfully.
C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll not found.
C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ciaaiedhdplbckgciamhkoejibpoegke => Moved successfully.
C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljngnafhejmefmijjoedbclkadhacebd => Moved successfully.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
EmptyTemp: => Removed 1.9 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====

Какви са следващите стъпки който трябва да извърша ?

Link to comment
Сподели другаде

Гост
This topic is now closed to further replies.
×
×
  • Създай ново...