tuzaro123
-
Брой теми
3 -
Регистрация
-
Последно посещение
tuzaro123's Achievements
Новобранец (1/14)
0
Репутация в общността
-
Мисля, че вече всичко е нормално. Благодаря. # AdwCleaner v6.020 - Дневникът е създаден 23/09/2016 в 16:39:19# Обновен на 14/09/2016 от ToolsLib# База данни : 2016-09-22.1 [Сървърна]# Операционна Система : Windows 7 Ultimate Service Pack 1 (X86)# Потребителско име : tuzaro - TUZARO-PC# Изпълнява се от : C:\Users\tuzaro\Downloads\adwcleaner_6.020.exe# Режим: Почистване# Поддръжка : https://toolslib.net/forum ***** [ Услуги ] ***** ***** [ Папки ] ***** [-] Папката е изтрита: C:\Users\tuzaro\AppData\Roaming\KW[-] Папката е изтрита: C:\Users\tuzaro\AppData\Roaming\HPRewriter2[-] Папката е изтрита: C:\ProgramData\Trymedia[-] Папката е изтрита: C:\ProgramData\Thunder Network[#] Папката е изтрита по време на рестартиране: C:\ProgramData\Application Data\Trymedia[#] Папката е изтрита по време на рестартиране: C:\ProgramData\Application Data\Thunder Network[-] Папката е изтрита: C:\Program Files\adblocker[-] Папката е изтрита: C:\Program Files\WeatherChickn[-] Папката е изтрита: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj ***** [ Файлове ] ***** ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Преки пътища ] ***** ***** [ Планирани Задачи ] ***** ***** [ Регистър ] ***** [-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\SearchBar.SearchBarMain[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\SearchBar.SearchBarMain.1[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\CLSID\{6E993643-8FBC-44FE-BC85-D318495C4D96}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\CLSID\{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\CLSID\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95E84BD3-3604-4AAC-B2CA-D9AC3E55B64B}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC}[-] Ключът беше изтрит: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{598AEFC6-DD3C-4A63-9AC3-53FCF6155931}[-] Ключът беше изтрит: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{2974C985-8151-4DE5-B23C-B875F0A8522F}[-] Ключът беше изтрит: HKU\.DEFAULT\Software\Mail.Ru[-] Ключът беше изтрит: HKU\.DEFAULT\Software\UCBrowser[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\APN PIP[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Installer[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Reimage[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Mail.Ru[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\UCBrowserPID[-] Ключът беше изтрит: HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\AppDataLow\Software\Mail.Ru[#] Ключът беше изтрит по време на рестартиране: HKU\S-1-5-18\Software\Mail.Ru[#] Ключът беше изтрит по време на рестартиране: HKU\S-1-5-18\Software\UCBrowser[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\APN PIP[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\Installer[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\Reimage[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief.[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\Mail.Ru[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\UCBrowserPID[#] Ключът беше изтрит по време на рестартиране: HKCU\Software\AppDataLow\Software\Mail.Ru[-] Ключът беше изтрит: HKLM\SOFTWARE\PIP[-] Ключът беше изтрит: HKLM\SOFTWARE\Reimage[-] Ключът беше изтрит: HKLM\SOFTWARE\Trymedia Systems[-] Ключът беше изтрит: HKLM\SOFTWARE\Mail.Ru[-] Ключът беше изтрит: HKLM\SOFTWARE\UCBrowserPID[-] Ключът беше изтрит: HKLM\SOFTWARE\StarkIndustry[-] Ключът беше изтрит: HKLM\SOFTWARE\mtQuoteex[-] Ключът беше изтрит: HKLM\SOFTWARE\HPRewriter[-] Ключът беше изтрит: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WeatherChickn[-] Ключът беше изтрит: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL[-] Ключът беше изтрит: HKLM\SOFTWARE\Google\Chrome\Extensions\oelpkepjlgmehajehfeicfbjdiobdkfj[-] Ключът беше изтрит: HKLM\SOFTWARE\Google\Chrome\Extensions\bgcifljfapbhgiehkjlckfjmgeojijcb[-] Ключът беше изтрит: HKLM\SOFTWARE\Google\Chrome\Extensions\lbjjfiihgfegniolckphpnfaokdkbmdm ***** [ Интернет Браузъри ] ***** [-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default] [extension] Изтрит: bgcifljfapbhgiehkjlckfjmgeojijcb[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default] [extension] Изтрит: feeilhmlfcpfchpbgoknoeefdkbgionj[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default] [extension] Изтрит: lbjjfiihgfegniolckphpnfaokdkbmdm[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default] [extension] Изтрит: oelpkepjlgmehajehfeicfbjdiobdkfj[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [search Provider] Изтрит: ask.com[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Web data] [search Provider] Изтрит: feed.sonic-search.com[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Изтрит: bgcifljfapbhgiehkjlckfjmgeojijcb[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Изтрит: feeilhmlfcpfchpbgoknoeefdkbgionj[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Изтрит: lbjjfiihgfegniolckphpnfaokdkbmdm[-] [C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1] [extension] Изтрит: oelpkepjlgmehajehfeicfbjdiobdkfj ************************* :: "Tracing" ключовете бяха изтрити:: Winsock настройките бяха изчистени ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [8756 Байта] - [23/09/2016 16:39:19]C:\AdwCleaner\AdwCleaner[s0].txt - [8439 Байта] - [23/09/2016 16:37:18] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [8912 Байта] ##########
-
Fix result of Farbar Recovery Scan Tool (x86) Version: 21-09-2016 Ran by tuzaro (23-09-2016 06:22:47) Run:1 Running from C:\Users\tuzaro\Downloads Loaded Profiles: tuzaro (Available Profiles: tuzaro) Boot Mode: Normal ============================================== fixlist content: ***************** start HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [Flvto YouTube Downloader] => C:\Users\tuzaro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe [525312 2016-03-28] (Hotger) HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [installer] => C:\Users\tuzaro\AppData\Local\Temp\is-KVKBR.tmp\51495.exe /autorun <===== ATTENTION GroupPolicy: Restriction - Chrome <======= ATTENTION R2 AdBlockerService; C:\Program Files\AdBlocker\Service.WinServiceHost.exe [7168 2016-04-09] () [File not signed] CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__ CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2Xqk-2GynjKTCOoiXgbImkDQeUXp8DWNILW73gtEKGE3LJ-Lo8F1Scn1ooHSSB3wPqY2rx3_n0JKBhMFtBrVx3QKfiQ,,&q={searchTerms} CHR DefaultSearchKeyword: Default -> feed.sonic-search.com CHR Extension: (Adblocker for Youtube™) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-22] CHR Profile: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-09-17] <==== ATTENTION R2 UCBrowserSvc; C:\Program Files\UCBrowser\Application\UCService.exe [931504 2016-08-23] () R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [72064 2016-08-23] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTION 2016-09-22 19:31 - 2016-09-22 19:32 - 142981808 _____ C:\Users\tuzaro\Downloads\wm58zik7.exe 2016-09-17 13:39 - 2016-09-22 22:28 - 00000446 _____ C:\Windows\Tasks\UCBrowserUpdater.job 2016-09-17 13:39 - 2016-09-17 13:39 - 00000000 ____D C:\Users\tuzaro\AppData\Local\UCBrowser 2016-09-17 13:39 - 2016-09-17 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器 2016-09-17 13:39 - 2016-08-23 14:06 - 00072064 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys 2016-09-17 13:38 - 2016-09-22 19:52 - 00000000 ____D C:\Program Files\UCBrowser 2016-09-17 13:38 - 2016-09-17 13:38 - 00001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk 2016-09-17 13:38 - 2016-09-17 13:38 - 00001460 _____ C:\Users\Public\Desktop\UC浏览器.lnk Task: {075332F3-3893-44CA-AF78-3217AFFC2109} - \svchost -> No File <==== ATTENTION Task: {1D0A9A2D-DB26-4B93-A0B3-B565466210D3} - System32\Tasks\UCBrowserUpdaterCore => C:\Program Files\UCBrowser\Application\update_task.exe [2016-08-23] (UCWeb Inc) <==== ATTENTION Task: {F9F3D93A-6901-4D6A-8E7A-99D72F69BCB3} - System32\Tasks\UCBrowserUpdater => C:\Program Files\UCBrowser\Application\update_task.exe [2016-08-23] (UCWeb Inc) <==== ATTENTION Task: C:\Windows\Tasks\UCBrowserUpdater.job => C:\Program Files\UCBrowser\Application\update_task.exe <==== ATTENTION Task: C:\Windows\Tasks\UCBrowserUpdaterCore.job => C:\Program Files\UCBrowser\Application\update_task.exe <==== ATTENTION 2016-04-09 11:45 - 2016-04-09 11:45 - 00007168 _____ () C:\Program Files\AdBlocker\Service.WinServiceHost.exe 2016-09-22 19:51 - 2016-08-23 13:30 - 02143528 _____ () C:\Program Files\UCBrowser\Application\5.7.15319.5\UCAgent.exe 2016-09-17 13:38 - 2016-08-23 13:23 - 00931504 _____ () C:\Program Files\UCBrowser\Application\UCService.exe FirewallRules: [{57E85390-4013-4781-B15D-AA5602598DB5}] => (Allow) C:\Program Files\UCBrowser\Application\UCBrowser.exe FirewallRules: [{0A64026F-1EE6-482B-BE13-64F71A8DFAA3}] => (Allow) C:\Program Files\UCBrowser\Application\UCBrowser.exe emptytemp: end ***************** HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Flvto YouTube Downloader => value removed successfully. HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Microsoft\Windows\CurrentVersion\Run\\Installer => value removed successfully. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully AdBlockerService => Service stopped successfully. AdBlockerService => service removed successfully. Chrome HomePage => removed successfully. Chrome DefaultSearchURL => removed successfully. Chrome DefaultSearchKeyword => removed successfully. C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk => moved successfully C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Guest Profile => moved successfully UCBrowserSvc => service not found. UCGuard => service not found. C:\Users\tuzaro\Downloads\wm58zik7.exe => moved successfully "C:\Windows\Tasks\UCBrowserUpdater.job" => not found. "C:\Users\tuzaro\AppData\Local\UCBrowser" => not found. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器" => not found. "C:\Windows\system32\Drivers\ucguard.sys" => not found. "C:\Program Files\UCBrowser" => not found. "C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk" => not found. "C:\Users\Public\Desktop\UC浏览器.lnk" => not found. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{075332F3-3893-44CA-AF78-3217AFFC2109}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{075332F3-3893-44CA-AF78-3217AFFC2109}" => key removed successfully. "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\svchost" => key removed successfully. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1D0A9A2D-DB26-4B93-A0B3-B565466210D3} => key not found. C:\Windows\System32\Tasks\UCBrowserUpdaterCore => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdaterCore => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F9F3D93A-6901-4D6A-8E7A-99D72F69BCB3} => key not found. C:\Windows\System32\Tasks\UCBrowserUpdater => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\UCBrowserUpdater => key not found. C:\Windows\Tasks\UCBrowserUpdater.job => not found. C:\Windows\Tasks\UCBrowserUpdaterCore.job => not found. C:\Program Files\AdBlocker\Service.WinServiceHost.exe => moved successfully "C:\Program Files\UCBrowser\Application\5.7.15319.5\UCAgent.exe" => not found. "C:\Program Files\UCBrowser\Application\UCService.exe" => not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{57E85390-4013-4781-B15D-AA5602598DB5} => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0A64026F-1EE6-482B-BE13-64F71A8DFAA3} => value not found. =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 25926558 B Java, Flash, Steam htmlcache => 492 B Windows/system/drivers => 10108692 B Edge => 0 B Chrome => 539277478 B Firefox => 29089052 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Public => 0 B ProgramData => 0 B systemprofile => 0 B LocalService => 0 B NetworkService => 33822 B tuzaro => 111512029 B RecycleBin => 0 B EmptyTemp: => 690.8 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 06:23:33 ====
-
Поставям копираните неща както пише в закачената тема. Malwarebytes Anti-Malwarewww.malwarebytes.org Дата на сканиране: 22.9.2016 г.Час на сканиране: 21:30 ч.Дневник: 22.09.2016.txtАдминистратор: Да Версия: 2.2.1.1043База от данни за злонамерен софтуер: v2016.09.22.14База от данни за рууткити: v2016.08.15.01Лиценз: БезплатенЗащита от злонамерен софтуер: ЗабраненоЗащита от злонамерени страници: ЗабраненоСамозащита: Забранено ОС: Windows 7 Service Pack 1Процесор: x86Файлова система: NTFSПотребител: tuzaro Тип сканиране: Сканиране за заплахиРезултат: ЗавършеноСканиране обекти: 270947Изминало време: 40 мин. 18 сек. Памет: РазрешеноНачално стартиране: РазрешеноФайлова система: РазрешеноАрхиви: РазрешеноРууткити: РазрешеноЕвристика: РазрешеноПНП: РазрешеноПНИ: Разрешено Процеси: 1PUP.Optional.Linkury, C:\ProgramData\Quoteex\Quoteex.exe, 2648, Изтриване при рестартиране, [f3431263f3a765d14e39c91fa16360a0] Модули: 3PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Silverlam.dll, Изтриване при рестартиране, [61d5fc790199d85ef9ca607947bdaf51], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Silverlam.dll, Изтриване при рестартиране, [61d5fc790199d85ef9ca607947bdaf51], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Silverlam.dll, Изтриване при рестартиране, [61d5fc790199d85ef9ca607947bdaf51], Ключове в системния регистър: 24PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\IMAGE FILE EXECUTION OPTIONS\QUOTEEX.EXE, Поставен под карантина, [f3431263f3a765d14e39c91fa16360a0], Adware.HPDefender, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\HPRewriter2, Поставен под карантина, [dd591b5a950578bea66c8a6859abcb35], PUP.Optional.NeoBar.Generic, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\Youtube AdBlock, Поставен под карантина, [8fa794e1d1c9d1656edeb21748bcc739], PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CloudPrinter, Поставен под карантина, [1323f08549516ec81ac2c62ef70c0cf4], PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\Quoteex, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.YouTubeAdBlock, HKLM\SOFTWARE\CLASSES\TYPELIB\{45965C76-4C88-4512-9358-368483E1C3B1}, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, HKLM\SOFTWARE\CLASSES\INTERFACE\{D8CB24E3-DDA3-4B7F-8BA3-871DB7D3D986}, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, HKLM\SOFTWARE\CLASSES\INTERFACE\{F6DF4318-A699-4E88-BE1D-84F4A009B08A}, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\mtQuoteex, Поставен под карантина, [a1956c09dcbe62d4250e31c823e0db25], PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\IELNKSRCH, Поставен под карантина, [5bdb4b2ad8c2d066ae6e3eb6de2504fc], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\CloudPrinter_RASAPI32, Поставен под карантина, [b87e5d1819815ed89f04bf365ba8a65a], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\CloudPrinter_RASMANCS, Поставен под карантина, [c67015602d6dbf77cad920d5a2615fa1], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\Quoteex_RASAPI32, Поставен под карантина, [7abc5a1bbfdb67cfa78a2dccb64d0ff1], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\TRACING\Quoteex_RASMANCS, Поставен под карантина, [d462e5908c0e68ce1e1304f542c1f30d], PUP.Optional.YeaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{075332F3-3893-44CA-AF78-3217AFFC2109}, Изтриване при рестартиране, [4ee890e53862fa3c4037b94173904cb4], PUP.Optional.YeaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\svchost, Изтриване при рестартиране, [6bcb86eff5a5191d2256e911c43f857b], PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Youtube AdBlock, Изтриване при рестартиране, [2610373e9703300670ea962b23e1c53b], PUP.Optional.NeoBar, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Update Service for Youtube AdBlock2, Изтриване при рестартиране, [d165d4a12e6ce74f45152899887cc739], PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SILENTPROCESSEXIT\Quoteex.exe, Поставен под карантина, [c76f294cccce5ed854deb4457390cd33], PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5A54D94C-26D6-4750-9BDF-E7F4566DF2AB}, Поставен под карантина, [3501a9cc42586dc90387ccdc9073827e], PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\EVENTLOG\APPLICATION\Application Hosting, Поставен под карантина, [23135421b9e1cb6bbec4c1356c97c13f], PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\mtQuoteex, Поставен под карантина, [86b06510108a60d6de51ca2fee1522de], PUP.Optional.Linkury, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{IELNKSRCH}, Поставен под карантина, [a88e482d9efcca6cd34820d41ee5eb15], PUP.Optional.ContentPush, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\ContentPush, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], Стойности в системния регистър: 14PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|DisplayName, Search the web, Поставен под карантина, [5bdb4b2ad8c2d066ae6e3eb6de2504fc]PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\ielnksrch|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Поставен под карантина, [7eb8ed88bdddf541b20d579f699ac33d]PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Поставен под карантина, [79bd690c07932016c69f2ca0c141fa06]PUP.Optional.YeaPlayer, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{075332F3-3893-44CA-AF78-3217AFFC2109}|Path, \svchost, Изтриване при рестартиране, [4ee890e53862fa3c4037b94173904cb4]PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\{5A54D94C-26D6-4750-9BDF-E7F4566DF2AB}|Publisher, Linkury, Поставен под карантина, [3501a9cc42586dc90387ccdc9073827e]PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\CLOUDPRINTER|ImagePath, C:\ProgramData\\CloudPrinter\\CloudPrinter.exe shuz -f "C:\ProgramData\\CloudPrinter\\CloudPrinter.dat" -l -a, Поставен под карантина, [fd39363f7228ef475c1aee08e023ed13]PUP.Optional.AutoConfigURL.PrxySvrRST, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NLASVC\PARAMETERS\INTERNET\MANUALPROXIES, 0http://non-block.net/wpad.dat?d77a3875dd10bbb12915b93e9d514b6a16631112, Поставен под карантина, [73c3c6af5941fa3c87258b5ffb0935cb] PUP.Optional.Linkury.ACMB1, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\QUOTEEX|ImagePath, C:\ProgramData\\Quoteex\\Quoteex.exe shuz -f "C:\ProgramData\\Quoteex\\Quoteex.dat" -l -a, Поставен под карантина, [3600f77e52481a1c33018970e71c8e72]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\ENVIRONMENT|SNP, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D?publisher=APSFWakeNet&co=BG&userid=d2c47080-3455-4251-d415-158b114925cf&searchtype=sc&installDate=17.09.2016&barcodeid=51198003&channelid=3&av=windows, Поставен под карантина, [9a9cdf96c0daba7cebfdc82cb74c43bd]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\ENVIRONMENT|SNF, C:\ProgramData\Quoteexs\snp.sc, Поставен под карантина, [e0568fe6c4d6af878d5ab93be51e31cf]PUP.Optional.Linkury, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|DisplayName, Search the web, Поставен под карантина, [a88e482d9efcca6cd34820d41ee5eb15]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\{ielnksrch}|URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Поставен под карантина, [5cda5e176d2d22145c61dd199172c23e]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHURL|Default, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Поставен под карантина, [05310e6752480333bfff8f67db288c74]Hijack.AutoConfigURL.PrxySvrRST, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\INTERNET SETTINGS|AutoConfigUrl, http://non-block.net/wpad.dat?d77a3875dd10bbb12915b93e9d514b6a16631112, Поставен под карантина, [9a9cc4b1a6f4e84e3476698125df15eb] Данни в системния регистър: 8PUP.Optional.Linkury.ACMB1, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS|AppInit_DLLs, C:\ProgramData\Quoteex\Silverlam.dll, Добър: (), Лош: (C:\ProgramData\Quoteex\Silverlam.dll),Заменен,[61d5fc790199d85ef9ca607947bdaf51]PUP.Optional.Linkury, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Добър: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Лош: ({ielnksrch}),Заменен,[2412fe77bddd2115ee69d1a820e49967]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Page, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Добър: (www.google.com), Лош: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}),Заменен,[53e37bfaaaf0ac8a055aec8d82825fa1]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Start Page, http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa6zODqtlgkPDvxiFLaYSMkDg29Th8EMDvZGpuY0IrHDTNy1Hv40xlQ9VxQIy3eFAk7XAE0jn61zbOZy2HOhLuDyX5OCg,,, Добър: (www.google.com), Лош: (http://%66%65%65%64.%68%65%6C%70%65%72%62%61%72.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa6zODqtlgkPDvxiFLaYSMkDg29Th8EMDvZGpuY0IrHDTNy1Hv40xlQ9VxQIy3eFAk7XAE0jn61zbOZy2HOhLuDyX5OCg,,),Заменен,[59dd89ec6436ad894a15a7d2d72d3dc3]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|Search Bar, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Добър: (www.google.com), Лош: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}),Заменен,[89ade293bedccd695906ccad7f856b95]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\MAIN|SearchAssistant, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Добър: (www.google.com), Лош: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}),Заменен,[4fe7d1a43466e3537be476035fa5758b]PUP.Optional.Linkury.ACMB1, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCH|Default_Search_URL, http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}, Добър: (www.google.com), Лош: (http://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2SQlBzJkLuRUzLQGSP3mEckSd1VKRb3o7h_AhG9BqvfJo3YL-KkNpVpY30twZRQi1F8QisVFgtUHkBs3N8MBW6dNb_A,,&q={searchTerms}),Заменен,[3bfb89ec2278082e57093e3b9a6a2cd4]PUP.Optional.Linkury, HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {ielnksrch}, Добър: ({0633EE93-D776-472f-A0FF-E1416B8B2E3A}), Лош: ({ielnksrch}),Заменен,[1323660f6c2e51e59abce9901aea43bd] Папки: 75PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar, Поставен под карантина, [9c9aafc63466d75f57c350a40ff4b749], PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter, Поставен под карантина, [1323f08549516ec81ac2c62ef70c0cf4], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex, Изтриване при рестартиране, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\ondemand, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\temp, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\files, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hi, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\am, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ar, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\be, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\bg, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\bn, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ca, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\cs, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\da, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\de, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\el, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en_GB, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en_US, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\es, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\es_419, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\et, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fa, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fi, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fil, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fr, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\gu, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\he, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hr, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hu, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\id, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\it, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ja, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\kn, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ko, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\lt, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\lv, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\mk, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ml, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\mr, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ms, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\nl, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\no, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pl, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt_BR, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt_PT, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ro, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ru, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sk, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sl, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sq, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sr, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sv, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sw, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ta, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\te, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\th, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\tr, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\uk, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\vi, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\zh_CN, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\zh_TW, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.ContentPush, C:\Program Files\ContentPush, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], PUP.Optional.ContentPush, C:\Program Files\ContentPush\Temp, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], PUP.Optional.Linkury.ACMB1, C:\Program Files\Common Files\Unaqvohold, Поставен под карантина, [be78a1d4d9c1ef47c9fbebb1f11341bf], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteexs, Поставен под карантина, [f73f78fdeab0a88eb24087152bd9e21e], Файлове: 158PUP.Optional.Linkury, C:\ProgramData\Quoteex\Quoteex.exe, Изтриване при рестартиране, [f3431263f3a765d14e39c91fa16360a0], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Silverlam.dll, Изтриване при рестартиране, [61d5fc790199d85ef9ca607947bdaf51], PUP.Optional.Linkury, C:\ProgramData\CloudPrinter\CloudPrinter.exe, Поставен под карантина, [95a198dd306ab58156312bbded1701ff], Trojan.Downloader, C:\ProgramData\Quoteex\KanEco.exe, Поставен под карантина, [60d63f36e2b8ed497f57f6e3ae568779], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\MedZap.dll, Поставен под карантина, [63d3294c3f5bb383a82f756419eb43bd], PUP.Optional.LogicHandler, C:\Users\tuzaro\AppData\Roaming\Doublehold.bin, Поставен под карантина, [3bfb0f667c1e043209e3fb636e9243bd], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\Treefind.exe, Поставен под карантина, [2e08caabaeec280eafd87870cf35aa56], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\Zenhold.bin, Поставен под карантина, [65d1e98c7624a5915d7574e32bd925db], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\Ziming.exe, Поставен под карантина, [063062137d1d979ff19608e082824bb5], Adware.HPDefender, C:\Users\tuzaro\AppData\Roaming\HPRewriter2\uninstaller.exe, Поставен под карантина, [dd591b5a950578bea66c8a6859abcb35], PUP.Optional.TorrentSearch, C:\Program Files\Youtube AdBlock\MYnnnIQ.exe, Поставен под карантина, [3204adc8c9d12313e37dcbf154ad4cb4], PUP.Optional.NeoBar.Generic, C:\Program Files\Youtube AdBlock\uninstall.exe, Поставен под карантина, [8fa794e1d1c9d1656edeb21748bcc739], Adware.FileTour, C:\Users\tuzaro\AppData\Local\Temp\ucbrabs.exe, Поставен под карантина, [78bef382cdcd71c5801b9950a3618878], PUP.Optional.NeoBar.Generic, C:\Users\tuzaro\AppData\Local\Temp\359D22AD-E1A0-45DC-80AE-109F5F140E6F\yt.exe, Поставен под карантина, [0c2a5124ecae0f274507b118887cb34d], PUP.Optional.NeoBar.Generic, C:\Windows\Temp\ttMhlAJQWwjSBiNO.exe, Поставен под карантина, [0036cda80b8f11254efeab1e94705aa6], PUP.Optional.InstallMonster, C:\Users\tuzaro\Downloads\Wondershare MobileTrans 7.6.rar, Поставен под карантина, [53e35c19c0da0036cfd03cb4768e4db3], PUP.Optional.IStartSurf, C:\Users\tuzaro\Downloads\Wondershare MobileTrans 757469 Crack Serial Number Download.gz, Поставен под карантина, [43f394e1debcae8873063fb1659f1de3], Adware.FileFinder, C:\Users\tuzaro\Downloads\Wondershare_Mobiletrans_Registration_Code_Incl_Crack_downloader.exe, Поставен под карантина, [0c2a2b4a287272c466eefee355af8e72], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\set.exe.config, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\Config.json, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.dll, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.Linq.dll, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\System.Data.SQLite.xml, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X64\SQLite.Interop.dll, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.LogicHandler, C:\ProgramData\Logic Handler\X86\SQLite.Interop.dll, Поставен под карантина, [a88e2d48504aea4ccae91baf06fc649c], PUP.Optional.Trovi, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.otrovi.com_0.localstorage, Поставен под карантина, [de58205585157eb8d45f42775fa43dc3], PUP.Optional.Trovi, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.otrovi.com_0.localstorage-journal, Поставен под карантина, [45f1ed880f8be353a88b9821996aad53], Trojan.Agent.Trace, C:\Users\Public\Desktop\Download Wondershare Mo...lnk, Поставен под карантина, [3006175e9406cd691a5f86400bf85aa6], PUP.Optional.BestPriceNinja, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage, Поставен под карантина, [5ed8bcb95c3e0036ea017c659370a858], PUP.Optional.BestPriceNinja, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_pstatic.bestpriceninja.com_0.localstorage-journal, Поставен под карантина, [6accdf965941a59141aa22bf9073748c], PUP.Optional.CrossRider, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage, Поставен под карантина, [d066264f7e1c5adc75326c7ddf24cd33], PUP.Optional.CrossRider, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\https_d19tqk5t6qcjac.cloudfront.net_0.localstorage-journal, Поставен под карантина, [a096b2c3356521151493a94047bc2ed2], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\ApplicationHosting.dat, Поставен под карантина, [e35355207a20b58189d141ae877cde22], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\md.xml, Поставен под карантина, [52e43f36a5f551e5a6b511de9370669a], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\noah.dat, Поставен под карантина, [fc3abfb6aaf090a6cb91df10d92aca36], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\uninstall_temp.ico, Поставен под карантина, [0f27b2c308921620e479f4fb17ec09f7], PUP.Optional.Linkury, C:\Users\tuzaro\AppData\Roaming\lobby.dat, Поставен под карантина, [46f0da9b14867cba93536e818f7405fb], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Finhome.ico, Поставен под карантина, [9c9aafc63466d75f57c350a40ff4b749], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Goodnix.ico, Поставен под карантина, [9c9aafc63466d75f57c350a40ff4b749], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Latlux.ico, Поставен под карантина, [9c9aafc63466d75f57c350a40ff4b749], PUP.Optional.Linkury, C:\Windows\Temp\Smartbar\Topdax.ico, Поставен под карантина, [9c9aafc63466d75f57c350a40ff4b749], PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\CloudPrinter.dat, Поставен под карантина, [1323f08549516ec81ac2c62ef70c0cf4], PUP.Optional.Linkury.ACMB1, C:\ProgramData\CloudPrinter\Config.xml, Поставен под карантина, [1323f08549516ec81ac2c62ef70c0cf4], PUP.Optional.Linkury.ACMB1, C:\Windows\System32\findit.xml, Поставен под карантина, [9c9ae0959a007fb7aa38599bfa095ca4], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\conf.config, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.dat, Изтриване при рестартиране, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Config.xml, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Flexfax.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Inlex.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\KanEco.exe, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\KanEco.exe.config, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Kantax.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Lamla.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\md.xml, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Newcom.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ontobam.exe, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Ontobam.exe.config, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Quoteex.d.dat, Изтриване при рестартиране, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Stanovejob.dat, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Tipphase.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\TrisPlus.dat, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\uninstall.dat, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\VillaDomdox.dat, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Zam-Tech.bin, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Zoomnix.exe, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteex\Zoomnix.exe.config, Поставен под карантина, [73c386ef4852ec4a5bd3fefbdf243dc3], PUP.Optional.YeaPlayer, C:\Windows\System32\Tasks\svchost, Поставен под карантина, [a09611643169ec4a96dec436af54b24e], PUP.Optional.Linkury.Gen, C:\Users\tuzaro\AppData\Roaming\Treefind.tst, Поставен под карантина, [ae885f16fb9f7fb76ca234c9f70cf60a], PUP.Optional.Linkury.Gen, C:\Users\tuzaro\AppData\Roaming\Ziming.tst, Поставен под карантина, [51e580f58b0fbf77818d77867f842cd4], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\EAq80w.dll, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\icon16.ico, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\YNMdI1B75P.exe, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\background.html, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\Kernel.js, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\files\background.js, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\files\foreground.js, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\files\main.css, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\files\proxy.js, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hi\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\am\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ar\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\be\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\bg\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\bn\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ca\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\cs\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\da\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\de\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\el\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en_GB\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\en_US\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\es\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\es_419\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\et\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fa\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fi\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fil\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\fr\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\gu\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\he\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hr\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\hu\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\id\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\it\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ja\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\kn\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ko\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\lt\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\lv\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\mk\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ml\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\mr\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ms\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\nl\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\no\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pl\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt_BR\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\pt_PT\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ro\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ru\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sk\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sl\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sq\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sr\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sv\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\sw\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\ta\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\te\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\th\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\tr\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\uk\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\vi\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\zh_CN\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.YouTubeAdBlock, C:\Program Files\Youtube AdBlock\IEEF\files\_locales\zh_TW\messages.json, Поставен под карантина, [f83e77fe17838babefcc8d33739107f9], PUP.Optional.NeoBar, C:\Windows\Tasks\Update Service for Youtube AdBlock.job, Поставен под карантина, [eb4b4a2bfc9ebb7b0157447d7f85fc04], PUP.Optional.NeoBar, C:\Windows\Tasks\Update Service for Youtube AdBlock2.job, Поставен под карантина, [a393aec727733ef832264f725aaaff01], PUP.Optional.NeoBar, C:\Windows\System32\Tasks\Update Service for Youtube AdBlock, Поставен под карантина, [1125393c8515e254dc7dd7ea45bfcd33], PUP.Optional.NeoBar, C:\Windows\System32\Tasks\Update Service for Youtube AdBlock2, Поставен под карантина, [0432383d306a8caa2f2aa21f45bf966a], PUP.Optional.SafeFinder.ShrtCln, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage, Поставен под карантина, [122455203862191d06039937ae56ac54], PUP.Optional.SafeFinder.ShrtCln, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_search.safefinder.com_0.localstorage-journal, Поставен под карантина, [a492c6afa5f5330393768a46d034dd23], PUP.Optional.WizeSearch, C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_feeilhmlfcpfchpbgoknoeefdkbgionj_0.localstorage, Поставен под карантина, [181e22539109bd791e5d33c1ec1845bb], PUP.Optional.ContentPush, C:\Program Files\ContentPush\uninstall.exe, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], PUP.Optional.ContentPush, C:\Program Files\ContentPush\version, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], PUP.Optional.ContentPush, C:\Program Files\ContentPush\Temp\_1.zip, Поставен под карантина, [d264acc99901ed49a0617d4513f1857b], PUP.Optional.Linkury.ACMB1, C:\Program Files\Common Files\Unaqvohold\InstallationConfiguration.xml, Поставен под карантина, [be78a1d4d9c1ef47c9fbebb1f11341bf], PUP.Optional.Linkury.ACMB1, C:\Program Files\Common Files\Unaqvohold\uninstall.dat, Поставен под карантина, [be78a1d4d9c1ef47c9fbebb1f11341bf], PUP.Optional.Linkury.ACMB1, C:\Program Files\Common Files\Unaqvohold\uninstall.exe, Поставен под карантина, [be78a1d4d9c1ef47c9fbebb1f11341bf], PUP.Optional.Linkury.ACMB1, C:\Program Files\Common Files\Unaqvohold\uninstall.ico, Поставен под карантина, [be78a1d4d9c1ef47c9fbebb1f11341bf], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteexs\ff.HP, Поставен под карантина, [f73f78fdeab0a88eb24087152bd9e21e], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteexs\ff.NT, Поставен под карантина, [f73f78fdeab0a88eb24087152bd9e21e], PUP.Optional.Linkury.ACMB1, C:\ProgramData\Quoteexs\snp.sc, Поставен под карантина, [f73f78fdeab0a88eb24087152bd9e21e], PUP.Optional.Linkury.ACMB1, C:\Users\tuzaro\AppData\Roaming\Config.xml, Поставен под карантина, [8babf48118820e28dfe0227a07fd6b95], PUP.Optional.Linkury.ACMB1, C:\Users\tuzaro\AppData\Roaming\InstallationConfiguration.xml, Поставен под карантина, [4aec304548523402b60ae6b6877d8a76], PUP.Optional.GoSearch, C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\prefs.js, Добър: (), Лош: (user_pref("browser.search.defaultenginename", "GoSearch"), Заменен,[f640581d7a2076c03eb0dcbca2629868]PUP.Optional.Linkury.ACMB1, C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\prefs.js, Добър: (), Лош: (user_pref("browser.newtab.url", "C:\ProgramData\Quoteexs\ff.NT"), Заменен,[171f2b4a049644f243645d40d133cc34]PUP.Optional.Linkury.ACMB1, C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\prefs.js, Добър: (user_pref("browser.startup.homepage", "https://www.malwarebytes.org/restorebrowser/),Лош: (user_pref("browser.startup.homepage", "C:\ProgramData\Quoteexs\ff.HP), Заменен,[290d3a3b1d7d51e5ddc8f7a859aba858] Физически сектори: 0(Не бяха открити злонамерени обекти) (end) Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 21-09-2016Ran by tuzaro (administrator) on TUZARO-PC (22-09-2016 22:35:52)Running from C:\Users\tuzaro\DownloadsLoaded Profiles: tuzaro (Available Profiles: tuzaro)Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) Language: Български (България)Internet Explorer Version 11 (Default browser: "C:\Program Files\UCBrowser\Application\UCBrowser.exe" --wow-as-default=2 -- "%1")Boot Mode: NormalTutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe(ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe() C:\Program Files\AdBlocker\Service.WinServiceHost.exe() C:\Program Files\UCBrowser\Application\UCService.exe(Google Inc.) C:\Program Files\Google\Update\1.3.31.5\GoogleCrashHandler.exe(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe(Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe(Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe(Hotger) C:\Users\tuzaro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe(Secunia) C:\Program Files\Secunia\PSI\psi_tray.exe(ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe(Nero AG) C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe(Secunia) C:\Program Files\Secunia\PSI\psia.exe(Secunia) C:\Program Files\Secunia\PSI\sua.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe() C:\Program Files\UCBrowser\Application\5.7.15319.5\UCAgent.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe(Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [startCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2009-05-21] (Advanced Micro Devices, Inc.)HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7625248 2009-07-28] (Realtek Semiconductor)HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-06-30] (Nullsoft, Inc.)HKLM\...\Run: [NeroFilterCheck] => C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [161328 2007-05-04] (Nero AG)HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2131344 2016-06-20] (Wondershare)HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] => C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [149040 2007-05-04] (Nero AG)HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [bitComet] => C:\Program Files\BitComet\BitComet.exe [12805888 2013-02-19] (www.BitComet.com)HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6667992 2016-03-11] (Piriform Ltd)HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [Flvto YouTube Downloader] => C:\Users\tuzaro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe [525312 2016-03-28] (Hotger)HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\Run: [installer] => C:\Users\tuzaro\AppData\Local\Temp\is-KVKBR.tmp\51495.exe /autorun <===== ATTENTIONHKU\S-1-5-21-4058490045-3294789279-1302001635-1000\...\RunOnce: [Application Restart #2] => C:\Program Files\Google\Chrome\Application\chrome.exe [961352 2016-08-03] (Google Inc.)Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Secunia PSI Tray.lnk [2016-09-22]ShortcutTarget: Secunia PSI Tray.lnk -> C:\Program Files\Secunia\PSI\psi_tray.exe (Secunia)GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1Tcpip\..\Interfaces\{9CC9E079-7FEC-4058-AE9C-F6BA5D3C7338}: [NameServer] 138.201.199.90,8.8.8.8Tcpip\..\Interfaces\{9CC9E079-7FEC-4058-AE9C-F6BA5D3C7338}: [DhcpNameServer] 192.168.0.1Tcpip\..\Interfaces\{D69D8048-ABE3-4BB8-9DF0-C888C77A0F67}: [NameServer] 138.201.137.84,8.8.8.8Tcpip\..\Interfaces\{D69D8048-ABE3-4BB8-9DF0-C888C77A0F67}: [DhcpNameServer] 192.168.0.1ManualProxies: Internet Explorer:==================HKU\S-1-5-21-4058490045-3294789279-1302001635-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?pc=UE07&ocid=UE07DHPBHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2011-02-12] (Microsoft Corporation)BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-12-21] (Microsoft Corporation)DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab FireFox:========FF ProfilePath: C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.defaultFF Homepage: hxxps://www.malwarebytes.org/restorebrowser/FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_23_0_0_162.dll [2016-09-17] ()FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll [2013-10-07] (Google)FF Plugin: @microsoft.com/GENUINE -> disabled [No File]FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.)FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.2.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)FF Plugin HKU\S-1-5-21-4058490045-3294789279-1302001635-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\tuzaro\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [No File]FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2016-06-23] (Adobe Systems Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin2.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin3.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin4.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin5.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin6.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npqtplugin7.dll [2013-04-05] (Apple Inc.)FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll [2011-06-30] (Nullsoft, Inc.)FF Extension: (YouTube mp3) - C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\Extensions\info@youtube-mp3.org.xpi [2016-08-02]FF Extension: (Simple YouTube to MP3/MP4 Converter and Downloader) - C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\Extensions\jid0-SQnwtgW1b8BsMB5PLV5WScEDWOjw@jetpack.xpi [2016-08-02]FF Extension: (Fire Media Player) - C:\Users\tuzaro\AppData\Roaming\Mozilla\Firefox\Profiles\eo84hsfm.default\Extensions\musicplayer@firemediaplayer.com.xpi [2016-04-08]FF Extension: (Kaspersky URL Advisor) - C:\Program Files\Mozilla Firefox\extensions\linkfilter@kaspersky.ru_bak2 [2016-08-02] [not signed] Chrome: =======CHR HomePage: Default -> mail.ru/cnt/11956636?rciguc__PARAM__CHR DefaultSearchURL: Default -> hxxp://%66%65%65%64.%73%6F%6E%69%63-%73%65%61%72%63%68.%63%6F%6D/?p=mKO_AwFzXIpYRaHdGKBRGNclVS1AC6sNoHukF2bfbYiq88Pm-GR6HFBR8mFcar4ShAtDXDCaaGGEPH62XfNWyezm6-hzrLW3mPy1_zJklB80MFa2Xqk-2GynjKTCOoiXgbImkDQeUXp8DWNILW73gtEKGE3LJ-Lo8F1Scn1ooHSSB3wPqY2rx3_n0JKBhMFtBrVx3QKfiQ,,&q={searchTerms}CHR DefaultSearchKeyword: Default -> feed.sonic-search.comCHR Profile: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default [2016-09-22]CHR Extension: (Google Презентации) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-09-17]CHR Extension: (Google Документи) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-09-17]CHR Extension: (Google Диск) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-09-17]CHR Extension: (YouTube) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-09-17]CHR Extension: (Adblocker for Youtube™) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-22]CHR Extension: (АБВ Уведомител) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2016-06-03]CHR Extension: (WGT Golf Challenge) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\dcilimldmomiaihcfkmaldanopfejefg [2016-06-03]CHR Extension: (High Contrast) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2016-06-10]CHR Extension: (Stylish) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fjnbnpbmkenffdnngjfgmeleoegfcffe [2016-06-03]CHR Extension: (Full Screen Weather) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2016-06-03]CHR Extension: (Google Документи офлайн) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-17]CHR Extension: (Snow ReportBG) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mccfmfnkmofdpfppkefodgbmhjplikik [2016-06-03]CHR Extension: (Безплатни онлайн PDF Unlocker) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkdknbehfogkgogcennnagfokmnimpab [2016-06-03]CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-06-03]CHR Extension: (Gmail) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-09-17]CHR Extension: (Chrome Media Router) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-02]CHR Profile: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Guest Profile [2016-09-17] <==== ATTENTIONCHR Extension: (No Name) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\cebkcnlhbjapdpofhcokcdhfgpehhajk [2016-09-22]CHR Profile: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1 [2016-09-22]CHR Extension: (Google Презентации) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-05-22]CHR Extension: (Google Документи) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2016-05-22]CHR Extension: (Google Диск) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-05-22]CHR Extension: (YouTube) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-05-22]CHR Extension: (Wize) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\feeilhmlfcpfchpbgoknoeefdkbgionj [2016-09-22]CHR Extension: (Електронни таблици от Google) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-05-22]CHR Extension: (Google Документи офлайн) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-09-22]CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-05-22]CHR Extension: (Gmail) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-05-22]CHR Extension: (Chrome Media Router) - C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2016-09-22]CHR Profile: C:\Users\tuzaro\AppData\Local\Google\Chrome\User Data\System Profile [2016-09-22] <==== ATTENTIONCHR HKLM\...\Chrome\Extension: [bgcifljfapbhgiehkjlckfjmgeojijcb] - hxxps://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [lbjjfiihgfegniolckphpnfaokdkbmdm] - hxxps://clients2.google.com/service/update2/crxCHR HKLM\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AdBlockerService; C:\Program Files\AdBlocker\Service.WinServiceHost.exe [7168 2016-04-09] () [File not signed]S3 BITCOMET_HELPER_SERVICE; C:\Program Files\BitComet\tools\BitCometService.exe [1296728 2010-12-28] (www.BitComet.com)R2 Secunia PSI Agent; C:\Program Files\Secunia\PSI\PSIA.exe [1570520 2016-02-02] (Secunia)R2 Secunia Update Agent; C:\Program Files\Secunia\PSI\sua.exe [837848 2016-02-02] (Secunia)R2 UCBrowserSvc; C:\Program Files\UCBrowser\Application\UCService.exe [931504 2016-08-23] ()R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)S3 WsDrvInst; C:\Program Files\Wondershare\MobileTrans\DriverInstall.exe [41872 2014-03-26] (Wondershare) ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [239168 2012-09-21] (DT Soft Ltd)R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2016-09-22] (Malwarebytes)R3 PSI; C:\Windows\System32\DRIVERS\psi_mf_x86.sys [16024 2016-02-02] (Secunia)R3 RTL8187B; C:\Windows\System32\DRIVERS\RTL8187B.sys [347136 2009-07-14] (Realtek Semiconductor Corporation )R1 UCGuard; C:\Windows\System32\DRIVERS\ucguard.sys [72064 2016-08-23] (Huorong Borui (Beijing) Technology Co., Ltd.) <==== ATTENTIONS3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2012-12-13] (Apple, Inc.) [File not signed]S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-22 22:35 - 2016-09-22 22:36 - 00017235 _____ C:\Users\tuzaro\Downloads\FRST.txt2016-09-22 22:34 - 2016-09-22 22:34 - 00049108 _____ C:\Users\tuzaro\Desktop\22.09.2016.txt2016-09-22 22:26 - 2016-09-22 22:26 - 00131072 ____N C:\Windows\Minidump\092216-32869-01.dmp2016-09-22 21:27 - 2016-09-22 22:35 - 00000000 ____D C:\FRST2016-09-22 21:26 - 2016-09-22 21:26 - 01753088 _____ (Farbar) C:\Users\tuzaro\Downloads\FRST.exe2016-09-22 20:28 - 2016-09-22 22:28 - 00000282 _____ C:\Windows\Tasks\UCBrowserUpdaterCore.job2016-09-22 19:33 - 2016-09-22 21:03 - 00000000 ____D C:\Users\tuzaro\Doctor Web2016-09-22 19:31 - 2016-09-22 22:34 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys2016-09-22 19:31 - 2016-09-22 19:32 - 142981808 _____ C:\Users\tuzaro\Downloads\wm58zik7.exe2016-09-22 19:30 - 2016-09-22 22:16 - 00001058 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk2016-09-22 19:30 - 2016-09-22 19:30 - 22851472 _____ (Malwarebytes ) C:\Users\tuzaro\Downloads\mbam-setup-2.2.1.1043 (1).exe2016-09-22 19:30 - 2016-09-22 19:30 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware2016-09-22 19:30 - 2016-09-22 19:30 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware2016-09-22 19:30 - 2016-03-10 14:09 - 00053120 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys2016-09-22 19:30 - 2016-03-10 14:08 - 00126336 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys2016-09-22 19:30 - 2016-03-10 14:08 - 00024448 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys2016-09-17 20:12 - 2016-09-17 20:12 - 00000290 __RSH C:\Users\tuzaro\ntuser.pol2016-09-17 14:07 - 2016-09-22 19:11 - 00002090 __RSH C:\ProgramData\ntuser.pol2016-09-17 14:02 - 2016-09-22 22:16 - 00001199 _____ C:\Users\Public\Desktop\Wondershare MobileTrans.lnk2016-09-17 14:02 - 2016-09-17 14:02 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Wondershare2016-09-17 14:02 - 2016-09-17 14:02 - 00000000 ____D C:\Program Files\Wondershare2016-09-17 13:55 - 2016-09-17 13:55 - 00000000 ____D C:\Program Files\WeatherChickn2016-09-17 13:54 - 2016-09-17 13:54 - 07090176 _____ C:\Users\tuzaro\AppData\Roaming\agent.dat2016-09-17 13:54 - 2016-09-17 13:54 - 00018432 _____ C:\Users\tuzaro\AppData\Roaming\Main.dat2016-09-17 13:53 - 2016-09-17 13:53 - 00140288 _____ C:\Users\tuzaro\AppData\Roaming\Installer.dat2016-09-17 13:48 - 2016-09-17 13:48 - 00019394 _____ C:\Users\tuzaro\Downloads\[ArenaBG.com]-Wondershare_MobileTrans_4.2.0.Keygen.tPORt.torrent2016-09-17 13:43 - 2016-09-22 21:05 - 00000000 ____D C:\Users\tuzaro\AppData\Local\Host Service2016-09-17 13:40 - 2016-09-17 13:40 - 00000000 ____D C:\ProgramData\Webitar Production Inc2016-09-17 13:39 - 2016-09-22 22:28 - 00000446 _____ C:\Windows\Tasks\UCBrowserUpdater.job2016-09-17 13:39 - 2016-09-17 13:39 - 00000000 ____D C:\Users\tuzaro\AppData\Local\UCBrowser2016-09-17 13:39 - 2016-09-17 13:39 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器2016-09-17 13:39 - 2016-08-23 14:06 - 00072064 _____ (Huorong Borui (Beijing) Technology Co., Ltd.) C:\Windows\system32\Drivers\ucguard.sys2016-09-17 13:38 - 2016-09-22 19:52 - 00000000 ____D C:\Program Files\UCBrowser2016-09-17 13:38 - 2016-09-17 13:38 - 00001472 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UC浏览器.lnk2016-09-17 13:38 - 2016-09-17 13:38 - 00001460 _____ C:\Users\Public\Desktop\UC浏览器.lnk2016-09-17 13:37 - 2016-09-17 14:02 - 00000000 ____D C:\Program Files\AdBlocker2016-09-17 13:37 - 2016-09-17 13:37 - 00000000 ____D C:\ProgramData\Thunder Network2016-09-17 13:37 - 2016-09-17 13:37 - 00000000 ____D C:\ProgramData\Package Cache2016-09-17 13:37 - 2016-09-17 13:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AdBlocker2016-09-17 13:36 - 2016-09-22 22:16 - 00002111 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Моzillа Firеfох.lnk2016-09-17 13:36 - 2016-09-22 22:16 - 00002109 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Gооglе Сhrоmе.lnk2016-09-17 13:36 - 2016-09-22 22:16 - 00002093 _____ C:\Users\Public\Desktop\Моzillа Firеfох.lnk2016-09-17 13:36 - 2016-09-22 22:15 - 00002037 _____ C:\Users\tuzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Intеrnеt Ехрlоrеr.lnk2016-09-17 13:36 - 2016-09-22 22:14 - 00001084 _____ C:\Users\tuzaro\Desktop\Play Travian.lnk2016-09-17 13:36 - 2016-09-22 22:12 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\HPRewriter22016-09-17 13:35 - 2016-09-17 13:35 - 02546473 _____ C:\Users\tuzaro\Downloads\Wondershare_MobileTrans_Crack_incl_Serial_Key_V7.zip2016-09-17 13:18 - 2016-09-17 13:18 - 00000000 ____D C:\Users\tuzaro\Documents\Wondershare2016-09-17 13:03 - 2016-09-17 13:03 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_WinUsb_01009.Wdf2016-09-17 12:52 - 2016-09-17 12:52 - 00000000 ____D C:\Program Files\PC Connectivity Solution2016-09-17 12:52 - 2012-10-17 14:53 - 00019072 _____ (Nokia) C:\Windows\system32\Drivers\pccsmcfd.sys2016-09-17 12:48 - 2016-09-17 12:48 - 00851176 _____ (Microsoft Corporation) C:\Windows\system32\WinUSBCoInstaller2.dll2016-09-17 12:45 - 2016-09-17 12:45 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\HMYGSetting2016-09-17 12:45 - 2016-09-17 12:45 - 00000000 ____D C:\ProgramData\Wondershare2016-09-17 12:44 - 2016-09-17 14:02 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\Wondershare2016-09-17 12:44 - 2016-09-17 14:02 - 00000000 ____D C:\Users\tuzaro\.android2016-09-17 12:43 - 2016-09-17 12:43 - 00811152 _____ C:\Users\tuzaro\Downloads\mobiletrans_setup_full1352.exe2016-09-17 12:43 - 2016-09-17 12:43 - 00000000 ____D C:\Users\Public\Documents\Wondershare2016-09-04 11:25 - 2016-09-04 11:25 - 00032281 _____ C:\Users\tuzaro\Downloads\fast.and.furious.7.2015.dvdrip.xvid-evo(subsunacs.net) (1).rar2016-09-04 11:16 - 2016-09-04 11:16 - 00092147 _____ C:\Users\tuzaro\Downloads\[ArenaBG.com]-Fast.and.Furious.7.2015.DVDRip.XviD-EVO.torrent2016-09-04 11:16 - 2016-09-04 11:16 - 00032281 _____ C:\Users\tuzaro\Downloads\fast.and.furious.7.2015.dvdrip.xvid-evo(subsunacs.net).rar2016-09-04 11:11 - 2016-09-04 11:11 - 00086632 _____ C:\Users\tuzaro\Downloads\The.Fast.and.Furious.Collection.2001-2015.576p.BRRIP.x264.AAC-GOD.torrent2016-09-04 10:47 - 2016-09-04 10:47 - 00030231 _____ C:\Users\tuzaro\Downloads\FF6.(subs.sab.bz).rar2016-09-04 10:45 - 2016-09-04 10:45 - 00018514 _____ C:\Users\tuzaro\Downloads\Fast.And.Furious.6.2013.EXTENDED.480p.BDRip.XviD.AC3-KiNGS.torrent2016-09-03 12:09 - 2016-09-03 12:09 - 00026675 _____ C:\Users\tuzaro\Downloads\okolofutbola.2013.o.tvrip.1400mb.txt(subsunacs.net) (1).7z2016-09-03 11:56 - 2016-09-03 11:56 - 00026675 _____ C:\Users\tuzaro\Downloads\okolofutbola.2013.o.tvrip.1400mb.txt(subsunacs.net).7z2016-09-03 11:55 - 2016-09-03 11:56 - 00014400 _____ C:\Users\tuzaro\Downloads\Okolofutbola.2013.O.TVRip.1400MB.INTERCINEMA.avi.torrent2016-09-02 21:08 - 2016-09-02 21:08 - 00014859 _____ C:\Users\tuzaro\Downloads\I Love My Mom's Big Tits 3.torrent2016-09-02 21:08 - 2016-09-02 21:08 - 00012148 _____ C:\Users\tuzaro\Downloads\Storm Of Kings XXX Parody NEW Aug 2016 XXX.torrent2016-09-02 21:06 - 2016-09-02 21:06 - 00013820 _____ C:\Users\tuzaro\Downloads\[bigTitsInSports] Nicole Aniston Abigail Mac Gym And Juice NEW Aug 2016 XXX.torrent2016-08-26 21:25 - 2016-08-02 17:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll2016-08-26 21:25 - 2016-08-02 09:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb2016-08-26 21:25 - 2016-08-02 09:03 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll2016-08-26 21:25 - 2016-08-02 08:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll2016-08-26 21:25 - 2016-08-02 08:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll2016-08-26 21:25 - 2016-08-02 08:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll2016-08-26 21:25 - 2016-08-02 08:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll2016-08-26 21:25 - 2016-08-02 08:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll2016-08-26 21:25 - 2016-08-02 08:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll2016-08-26 21:25 - 2016-08-02 08:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe2016-08-26 21:25 - 2016-08-02 08:41 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe2016-08-26 21:25 - 2016-08-02 08:36 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe2016-08-26 21:25 - 2016-08-02 08:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll2016-08-26 21:25 - 2016-08-02 08:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll2016-08-26 21:25 - 2016-08-02 08:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll2016-08-26 21:25 - 2016-08-02 08:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll2016-08-26 21:25 - 2016-08-02 08:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll2016-08-26 21:25 - 2016-08-02 08:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll2016-08-26 21:25 - 2016-08-02 08:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll2016-08-26 21:25 - 2016-08-02 08:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll2016-08-26 21:25 - 2016-08-02 08:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl2016-08-26 21:25 - 2016-08-02 08:14 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe2016-08-26 21:25 - 2016-08-02 08:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll2016-08-26 21:25 - 2016-08-02 07:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll2016-08-26 21:25 - 2016-08-02 07:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll2016-08-26 21:25 - 2016-08-02 07:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll2016-08-26 21:25 - 2016-07-08 18:22 - 00137960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys2016-08-26 21:25 - 2016-07-08 18:22 - 00067304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys2016-08-26 21:25 - 2016-07-08 18:16 - 01062912 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll2016-08-26 21:25 - 2016-07-08 18:16 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll2016-08-26 21:25 - 2016-07-08 17:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe2016-08-26 21:25 - 2016-07-08 17:53 - 02399232 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys2016-08-26 21:25 - 2016-07-08 17:51 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys2016-08-26 21:25 - 2016-07-08 17:51 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys2016-08-26 21:25 - 2016-07-08 17:51 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys2016-08-26 21:25 - 2016-07-08 17:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll2016-08-26 21:25 - 2016-07-08 17:50 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe2016-08-26 21:25 - 2016-07-08 17:50 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll2016-08-26 21:24 - 2016-08-02 08:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll2016-08-26 21:24 - 2016-08-02 08:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll2016-08-26 21:24 - 2016-08-02 08:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec2016-08-26 21:24 - 2016-08-02 08:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll2016-08-26 21:24 - 2016-08-02 08:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll2016-08-26 21:24 - 2016-08-02 08:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll2016-08-26 21:24 - 2016-08-02 08:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll2016-08-26 21:24 - 2016-08-02 08:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll2016-08-26 21:24 - 2016-08-02 08:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll2016-08-26 18:11 - 2016-08-26 18:11 - 00013461 _____ C:\Users\tuzaro\Downloads\[ArenaBG.com]-DoctorAdventures - Julia Ann, Kylie Page (She Wants It Both Ways) XXX NEW 23.August.2016.torrent2016-08-26 18:07 - 2016-08-26 18:07 - 00014639 _____ C:\Users\tuzaro\Downloads\[ArenaBG.com]-Tushy - Scarlet Red (Blonde Gets Anal From Sisters Husband) XXX NEW 24.August.2016.torrent2016-08-26 18:03 - 2016-08-26 18:03 - 00026714 _____ C:\Users\tuzaro\Downloads\[ArenaBG.com]-[RealWifeStories - Brazzers] Lexi Luna (You Snore, She Whores - 25.08.16).torrent2016-08-26 17:53 - 2016-08-26 17:53 - 00020752 _____ C:\Users\tuzaro\Downloads\RealWifeStories - Peta Jensen (A Guilty Conscience).torrent2016-08-26 17:53 - 2016-08-26 17:53 - 00015469 _____ C:\Users\tuzaro\Downloads\MyDadsHotGirlfriend - Janice Griffith.torrent2016-08-26 17:48 - 2016-08-26 17:48 - 00012031 _____ C:\Users\tuzaro\Downloads\BigTitsAtWork - Nicole Aniston (The Perfect Maid 2).torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-22 22:36 - 2009-07-14 07:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A02016-09-22 22:36 - 2009-07-14 07:34 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A02016-09-22 22:31 - 2013-04-22 19:48 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\BitComet2016-09-22 22:27 - 2015-07-26 20:11 - 00000982 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job2016-09-22 22:27 - 2012-10-01 06:25 - 00000000 ____D C:\Windows\Minidump2016-09-22 22:27 - 2009-07-14 07:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT2016-09-22 22:19 - 2009-07-14 07:52 - 00000000 ____D C:\Windows\Offline Web Pages2016-09-22 22:16 - 2016-07-29 16:16 - 00000975 _____ C:\Users\Public\Desktop\ArenaPLAY.lnk2016-09-22 22:16 - 2016-06-03 21:03 - 00001031 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Secunia PSI.lnk2016-09-22 22:16 - 2016-04-08 15:52 - 00000963 _____ C:\Users\Public\Desktop\CCleaner.lnk2016-09-22 22:16 - 2013-12-22 15:09 - 00000946 _____ C:\Users\Public\Desktop\VLC media player.lnk2016-09-22 22:16 - 2013-08-03 14:38 - 00002164 _____ C:\Users\Public\Desktop\Google Earth.lnk2016-09-22 22:16 - 2013-04-22 19:48 - 00000963 _____ C:\Users\Public\Desktop\BitComet.lnk2016-09-22 22:16 - 2013-03-08 20:20 - 00000080 _____ C:\Users\Public\Desktop\Google Земя.lnk2016-09-22 22:16 - 2013-02-01 11:56 - 00002686 _____ C:\Users\Public\Desktop\Nero StartSmart Essentials.lnk2016-09-22 22:16 - 2013-02-01 11:56 - 00002586 _____ C:\Users\Public\Desktop\Nero Home Essentials SE.lnk2016-09-22 22:16 - 2013-02-01 11:56 - 00002204 _____ C:\Users\Public\Desktop\Nero Online Upgrade.lnk2016-09-22 22:16 - 2012-11-28 13:05 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk2016-09-22 22:16 - 2012-11-28 13:05 - 00001983 _____ C:\Users\Public\Desktop\Adobe Reader XI.lnk2016-09-22 22:16 - 2012-10-16 22:46 - 00000935 _____ C:\Users\Public\Desktop\Winamp.lnk2016-09-22 22:16 - 2012-09-21 21:59 - 00001894 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk2016-09-22 22:16 - 2012-09-15 20:31 - 00001153 _____ C:\Users\Public\Desktop\GOM Player.lnk2016-09-22 22:16 - 2012-09-15 18:45 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk2016-09-22 22:16 - 2012-09-15 18:45 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk2016-09-22 22:16 - 2009-07-14 07:46 - 00001515 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk2016-09-22 22:16 - 2009-07-14 07:42 - 00001330 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk2016-09-22 22:16 - 2009-07-14 07:42 - 00001246 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk2016-09-22 22:16 - 2009-07-14 07:42 - 00001210 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk2016-09-22 22:15 - 2015-09-07 21:04 - 00002190 _____ C:\Users\tuzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flvto YouTube Downloader.lnk2016-09-22 22:15 - 2015-09-07 21:04 - 00001325 _____ C:\Users\tuzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Uninstall Flvto YouTube Downloader.lnk2016-09-22 22:15 - 2012-09-15 20:31 - 00001183 _____ C:\Users\tuzaro\AppData\Roaming\Microsoft\Windows\Start Menu\GOM Player.lnk2016-09-22 22:15 - 2009-07-14 07:46 - 00001282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk2016-09-22 22:15 - 2009-07-14 07:37 - 00001266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk2016-09-22 22:14 - 2016-04-08 21:18 - 00001246 _____ C:\Users\tuzaro\Desktop\MediaHuman YouTube to MP3 Converter.lnk2016-09-22 22:14 - 2016-04-08 21:08 - 00002182 _____ C:\Users\tuzaro\Desktop\Flvto YouTube Downloader.lnk2016-09-22 22:14 - 2013-07-21 18:05 - 00001426 _____ C:\Users\tuzaro\Desktop\FlashGet downloads.lnk2016-09-22 22:14 - 2013-01-30 13:54 - 00001183 _____ C:\Users\tuzaro\Desktop\Any Audio Converter.lnk2016-09-22 22:14 - 2012-09-17 18:33 - 00000767 _____ C:\Users\tuzaro\Desktop\Counter-Strike 1.6.lnk2016-09-22 22:13 - 2012-09-27 18:54 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Games2016-09-22 22:05 - 2013-03-08 20:18 - 00000986 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job2016-09-22 21:55 - 2012-09-17 19:29 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job2016-09-22 21:12 - 2016-08-02 18:57 - 00000000 ____D C:\Program Files\Mozilla Firefox2016-09-22 21:12 - 2012-09-16 22:47 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service2016-09-22 21:12 - 2012-09-15 18:49 - 00000000 ____D C:\Users\tuzaro2016-09-17 14:07 - 2009-07-14 05:37 - 00000000 ___HD C:\Windows\system32\GroupPolicy2016-09-17 13:03 - 2009-07-14 05:37 - 00000000 ____D C:\Windows\inf2016-09-17 12:55 - 2012-09-17 19:29 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe2016-09-17 12:55 - 2012-09-17 19:29 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl2016-09-17 12:55 - 2012-09-17 19:29 - 00000000 ____D C:\Windows\system32\Macromed2016-09-17 12:54 - 2013-07-17 18:43 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\PC Suite2016-09-17 12:51 - 2013-07-17 18:40 - 00000000 ____D C:\Program Files\Nokia2016-09-17 12:38 - 2009-07-14 07:33 - 00408000 _____ C:\Windows\system32\FNTCACHE.DAT2016-09-04 13:49 - 2013-12-22 15:10 - 00000000 ____D C:\Users\tuzaro\AppData\Roaming\vlc2016-08-27 15:50 - 2013-07-19 20:03 - 00000000 ____D C:\Windows\system32\MRT2016-08-27 15:35 - 2012-09-15 19:27 - 144884648 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe ==================== Files in the root of some directories ======= 2016-09-17 13:54 - 2016-09-17 13:54 - 7090176 _____ () C:\Users\tuzaro\AppData\Roaming\agent.dat2016-09-17 13:53 - 2016-09-17 13:53 - 0140288 _____ () C:\Users\tuzaro\AppData\Roaming\Installer.dat2016-09-17 13:54 - 2016-09-17 13:54 - 0018432 _____ () C:\Users\tuzaro\AppData\Roaming\Main.dat2012-12-27 00:22 - 2013-01-21 10:28 - 0000693 _____ () C:\Users\tuzaro\AppData\Roaming\Rim.Desktop.Exception.log2012-12-27 00:12 - 2016-04-08 14:51 - 0002009 _____ () C:\Users\tuzaro\AppData\Roaming\Rim.Desktop.HttpServerSetup.log2012-12-27 00:22 - 2013-01-21 10:28 - 0000693 _____ () C:\Users\tuzaro\AppData\Roaming\Rim.DesktopHelper.Exception.log2012-11-23 13:15 - 2012-11-23 13:15 - 0017408 _____ () C:\Users\tuzaro\AppData\Local\WebpageIcons.db2012-10-08 09:02 - 2012-10-08 09:02 - 0000056 ____H () C:\ProgramData\ezsidmv.dat Some files in TEMP:====================C:\Users\tuzaro\AppData\Local\Temp\adblocker4.exeC:\Users\tuzaro\AppData\Local\Temp\AutoTime51495.exeC:\Users\tuzaro\AppData\Local\Temp\Browser_V5.7.14377.702_r_4333_(Build1608231143).exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signedC:\Windows\system32\winlogon.exe => File is digitally signedC:\Windows\system32\wininit.exe => File is digitally signedC:\Windows\system32\svchost.exe => File is digitally signedC:\Windows\system32\services.exe => File is digitally signedC:\Windows\system32\User32.dll => File is digitally signedC:\Windows\system32\userinit.exe => File is digitally signedC:\Windows\system32\rpcss.dll => File is digitally signedC:\Windows\system32\dnsapi.dll => File is digitally signedC:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2016-09-03 14:19 ==================== End of FRST.txt ============================ Addition.txt