Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 19-01-2015
Ran by dp (administrator) on DP-PC on 23-01-2015 11:37:10
Running from C:\Users\dp\Desktop
Loaded Profiles: dp (Available profiles: dp)
Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool:
http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsssvc.exe
(Hewlett-Packard Company) C:\Program Files\HP\Common\HPSupportSolutionsFrameworkService.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Microsoft Corporation) C:\Program Files\Windows Live\Family Safety\fsui.exe
(Apple Inc.) C:\Program Files\iTunes\iTunesHelper.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
() C:\Program Files\Tether\TBService.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [] => [X]
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
HKLM\...\Run: [MSC] => c:\Program Files\Microsoft Security Client\msseces.exe [974432 2014-08-22] (Microsoft Corporation)
HKLM\...\Run: [fssui] => C:\Program Files\Windows Live\Family Safety\fsui.exe [892608 2014-03-31] (Microsoft Corporation)
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
HKU\S-1-5-21-3358529588-1858457421-2119217295-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6699800 2014-12-15] (SUPERAntiSpyware)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-02-28] (Microsoft Corporation)
AppInit_DLLs: C:/PROGRA~2/{6D978~1/171~1.0/desa.dll => C:/PROGRA~2/{6D978~1/171~1.0/desa.dll [649216 2015-01-18] ()
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.com
HKU\S-1-5-21-3358529588-1858457421-2119217295-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache =
http://www.msn.com/
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{E807AA4E-4D04-49E1-8CB3-DD307BCAAF85}: [NameServer] 208.67.222.222,208.67.220.220
FireFox:
========
FF ProfilePath: C:\Users\dp\AppData\Roaming\Mozilla\Firefox\Profiles\huob7hey.default
FF DefaultSearchEngine: Google
FF Homepage: google.com
FF Plugin: @Apple.com/iTunes,version=1.0 -> C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin: @ei.SmileyCentral_1v.com/Plugin -> C:\Program Files\SmileyCentral_1vEI\Installr\2.bin\NP1vEISB.dll No File
FF Plugin: @java.com/JavaPlugin -> C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF Plugin: @RIM.com/WebSLLauncher,version=1.0 -> C:\Program Files\Common Files\Research In Motion\BBWebSLLauncher\NPWebSLLauncher.dll ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
Chrome:
=======
CHR HomePage: Default -> hxxp://vosteran.com/?f=1&a=vst_ggbc_15_03_ch&cd=2XzuyEtN2Y1L1QzutDtDtCzy0DtC0AtDtBtDtC0A0Azy0CtDtN0D0Tzu0StCtCtCtAtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtDtB0DtA0CyCtDtG0B0EtCyBtG0CtDyEyDtG0EtAtCzztGyByB0C0EyCyDtC0E0CzzyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0C0F0FtDyD0FyDtGyC0AyBtDtGyE0E0EyEtGzz0FyD0EtG0DtAyB0CyB0A0CtAyD0BtByD2Q&cr=349076420&ir=
CHR StartupUrls: Default -> "hxxp://vosteran.com/?f=7&a=vst_ggbc_15_03_ch&cd=2XzuyEtN2Y1L1QzutDtDtCzy0DtC0AtDtBtDtC0A0Azy0CtDtN0D0Tzu0StCtCtCtAtN1L2XzutAtFyBtFtBtFtCtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StBtDtB0DtA0CyCtDtG0B0EtCyBtG0CtDyEyDtG0EtAtCzztGyByB0C0EyCyDtC0E0CzzyEyB2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyB0C0F0FtDyD0FyDtGyC0AyBtDtGyE0E0EyEtGzz0FyD0EtG0DtAyB0CyB0A0CtAyD0BtByD2Q&cr=349076420&ir=", "hxxp://www.trovi.com/?gd=&ctid=CT3333528&octid=EB_ORIGINAL_CTID&ISID=M27DA1FA7-A8BF-47AE-90C4-D4D31A989524&SearchSource=55&CUI=&UM=8&UP=SP1CC8F61D-BE0A-4DCA-998E-6DAFF319FD49&SSPV="
CHR DefaultSearchKeyword: Default -> Vosteran.com
CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?client=chrome&hl={language}&q={searchTerms}
CHR Profile: C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Docs) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-04-09]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (Google Wallet) - C:\Users\dp\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-09]
CHR StartMenuInternet: Google Chrome - chrome.exe
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com)
R2 HPSupportSolutionsFrameworkService; C:\Program Files\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2014-11-21] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [969016 2014-11-21] (Malwarebytes Corporation)
R2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22192 2014-08-22] (Microsoft Corporation)
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2009-05-14] (Hewlett-Packard) [File not signed]
R3 NisSrv; c:\Program Files\Microsoft Security Client\NisSrv.exe [288120 2014-08-22] (Microsoft Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2009-05-14] (Hewlett-Packard) [File not signed]
R2 Tether; C:\Program Files\Tether\TBService.exe [49080 2010-03-03] ()
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
S4 NMIndexingService; "C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe" [X]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S3 AVer88xHD; C:\Windows\System32\drivers\AVer88xHD.sys [459392 2009-06-25] (AVerMedia TECHNOLOGIES, Inc.)
R0 iteatapi; C:\Windows\System32\DRIVERS\iteatapi.sys [35608 2008-05-14] (ITE Tech. Inc.)
R3 LVUSBSta; C:\Windows\System32\drivers\LVUSBSta.sys [41752 2008-07-26] (Logitech Inc.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-11-21] (Malwarebytes Corporation)
R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [114904 2015-01-23] (Malwarebytes Corporation)
R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-11-21] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [231800 2014-07-17] (Microsoft Corporation)
S3 Netaapl; C:\Windows\System32\DRIVERS\netaapl.sys [17408 2009-07-09] (Apple Inc.) [File not signed]
S3 PID_PEPI; C:\Windows\System32\DRIVERS\LV302V32.SYS [2570520 2008-07-26] (Logitech Inc.)
S3 pnetmdm; C:\Windows\System32\DRIVERS\pnetmdm.sys [9472 2006-09-28] (June Fabrics Technology) [File not signed]
S3 qrkis; C:\Windows\System32\DRIVERS\qrkis.sys [45608 2009-10-16] (Tether)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R3 SrvHsfPCI; C:\Windows\System32\DRIVERS\VSTBS23.SYS [266752 2009-07-13] (Conexant Systems, Inc.)
S3 U2G300NB; C:\Windows\System32\DRIVERS\U2G300NB.sys [322360 2007-04-15] (Marvell Semiconductor, Inc)
S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [X]
S3 tsusbhub; system32\drivers\tsusbhub.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 11:37 - 2015-01-23 11:37 - 00011976 _____ () C:\Users\dp\Desktop\FRST.txt
2015-01-23 11:36 - 2015-01-23 11:37 - 00000000 ____D () C:\FRST
2015-01-23 11:36 - 2015-01-23 11:36 - 01118208 _____ (Farbar) C:\Users\dp\Desktop\FRST.exe
2015-01-23 10:20 - 2015-01-23 11:34 - 00509440 _____ (Tech Support Guy System) C:\Users\dp\Desktop\SysInfo.exe
2015-01-22 08:36 - 2011-01-10 06:43 - 1573556048 _____ () C:\Users\dp\Downloads\Elki.2010.mkv
2015-01-22 08:18 - 2015-01-22 08:21 - 384018385 _____ () C:\Users\dp\Downloads\Операция «Ы» и другие приключения Шурика _ Фильм полностью _ HD 1080p.mp4
2015-01-22 08:15 - 2015-01-22 08:18 - 338027396 _____ () C:\Users\dp\Downloads\Крепкий орешек.mp4
2015-01-22 07:53 - 2015-01-22 07:58 - 479895704 _____ () C:\Users\dp\Downloads\Без году неделя (фильм

.mp4
2015-01-22 07:35 - 2015-01-22 07:37 - 268313770 _____ () C:\Users\dp\Downloads\Отцы и деды (1982) Полная версия.mp4
2015-01-21 20:45 - 2015-01-21 20:45 - 00001121 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2015-01-21 20:45 - 2015-01-21 20:45 - 00001109 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2015-01-21 20:45 - 2015-01-21 20:45 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2015-01-21 20:45 - 2015-01-21 20:45 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2015-01-21 19:47 - 2015-01-23 11:33 - 00114904 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-01-21 19:47 - 2015-01-21 19:47 - 00001064 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-01-21 19:47 - 2015-01-21 19:47 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-01-21 19:46 - 2015-01-21 19:47 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware
2015-01-21 19:46 - 2015-01-21 19:46 - 20447072 _____ (Malwarebytes Corporation ) C:\Users\dp\Downloads\mbam-setup-2.0.4.1028.exe
2015-01-21 19:46 - 2015-01-21 19:46 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-01-21 19:46 - 2014-11-21 06:14 - 00075480 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-01-21 19:46 - 2014-11-21 06:14 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-01-21 19:46 - 2014-11-21 06:14 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-01-21 19:03 - 2015-01-21 20:13 - 00021696 _____ () C:\Windows\PFRO.log
2015-01-21 19:03 - 2015-01-21 20:13 - 00000168 _____ () C:\Windows\setupact.log
2015-01-21 19:03 - 2015-01-21 19:03 - 00000000 _____ () C:\Windows\setuperr.log
2015-01-21 18:27 - 2015-01-21 18:27 - 00000000 ____D () C:\SUPERDelete
2015-01-21 18:25 - 2015-01-23 08:04 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2015-01-21 18:25 - 2015-01-21 18:25 - 00001965 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2015-01-21 18:25 - 2015-01-21 18:25 - 00000000 ____D () C:\Users\dp\AppData\Roaming\SUPERAntiSpyware.com
2015-01-21 18:25 - 2015-01-21 18:25 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
2015-01-21 18:25 - 2015-01-21 18:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2015-01-21 18:23 - 2015-01-21 18:23 - 21057344 _____ (SUPERAntiSpyware) C:\Users\dp\Downloads\SUPERAntiSpyware.exe
2015-01-21 16:41 - 2015-01-21 16:43 - 00002032 _____ () C:\Users\dp\Desktop\Rkill.txt
2015-01-21 16:41 - 2015-01-21 16:41 - 01943800 _____ (Bleeping Computer, LLC) C:\Users\dp\Downloads\rkill.exe
2015-01-18 19:03 - 2015-01-18 19:03 - 05317104 _____ (Piriform Ltd) C:\Users\dp\Downloads\ccsetup501.exe
2015-01-18 18:54 - 2015-01-23 11:26 - 00576176 _____ () C:\Windows\WindowsUpdate.log
2015-01-18 18:21 - 2015-01-18 18:21 - 00001234 _____ () C:\Users\Public\Desktop\Revo Uninstaller Pro.lnk
2015-01-18 18:21 - 2015-01-18 18:21 - 00000000 ____D () C:\Users\dp\AppData\Local\VS Revo Group
2015-01-18 18:21 - 2015-01-18 18:21 - 00000000 ____D () C:\ProgramData\VS Revo Group
2015-01-18 18:21 - 2015-01-18 18:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Revo Uninstaller Pro
2015-01-18 18:21 - 2015-01-18 18:21 - 00000000 ____D () C:\Program Files\VS Revo Group
2015-01-18 18:21 - 2009-12-30 10:21 - 00027192 _____ (VS Revo Group) C:\Windows\system32\Drivers\revoflt.sys
2015-01-18 18:20 - 2015-01-18 18:20 - 10801480 _____ (VS Revo Group ) C:\Users\dp\Downloads\RevoUninProSetup.exe
2015-01-18 18:09 - 2015-01-18 18:09 - 164495362 _____ () C:\Users\dp\Documents\rebot.reg
2015-01-18 17:48 - 2015-01-18 17:55 - 00000000 ____D () C:\AdwCleaner
2015-01-18 17:47 - 2015-01-18 17:47 - 02186752 _____ () C:\Users\dp\Downloads\AdwCleaner.exe
2015-01-18 16:44 - 2015-01-18 18:36 - 00000000 ____D () C:\Users\dp\AppData\Roaming\1H1Q1V1N1N1S1R
2015-01-18 16:44 - 2015-01-18 16:44 - 00000000 ____D () C:\ProgramData\{6D978554-3D15-54D2-8C93-24505C11F7DE}
2015-01-18 16:44 - 2015-01-18 16:43 - 04813544 _____ (Piriform Ltd) C:\Users\dp\Downloads\CCleanerSetup.exe
2015-01-18 16:43 - 2015-01-18 16:43 - 00847048 _____ ( ) C:\Users\dp\Downloads\Ccleaner_Setup.exe
2015-01-18 13:35 - 2015-01-18 13:35 - 00000046 _____ () C:\Users\dp\AppData\Roaming\WB.CFG
2015-01-18 13:19 - 2015-01-18 13:20 - 00000000 ____D () C:\Users\dp\.smplayer
2015-01-18 13:13 - 2015-01-18 13:36 - 00000000 ____D () C:\ProgramData\Unchecky
2015-01-18 12:44 - 2015-01-18 15:37 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Liveistream
2015-01-18 12:44 - 2015-01-18 12:44 - 00000064 _____ () C:\Users\dp\AppData\Local\00b8c1270aa3f44e5fb958ea63648b0a
2015-01-18 12:35 - 2015-01-18 12:35 - 00000000 __SHD () C:\Users\dp\AppData\Local\EmieUserList
2015-01-18 12:35 - 2015-01-18 12:35 - 00000000 __SHD () C:\Users\dp\AppData\Local\EmieSiteList
2015-01-18 12:35 - 2015-01-18 12:35 - 00000000 __SHD () C:\Users\dp\AppData\Local\EmieBrowserModeList
2015-01-18 12:33 - 2015-01-18 12:34 - 00808440 _____ ( ) C:\Users\dp\Downloads\adobe_flash_setup.exe
2015-01-18 10:15 - 2014-12-18 17:34 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxdav.sys
2015-01-18 10:15 - 2014-12-11 21:11 - 03971512 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe
2015-01-18 10:15 - 2014-12-11 21:11 - 03916728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-01-18 10:15 - 2014-12-05 19:50 - 00242688 _____ (Microsoft Corporation) C:\Windows\system32\nlasvc.dll
2015-01-17 10:27 - 2015-01-17 10:27 - 04877488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe
2015-01-17 09:05 - 2014-12-18 18:43 - 00164864 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2015-01-17 09:05 - 2014-12-11 09:47 - 00046592 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2015-01-10 08:36 - 2015-01-10 08:36 - 00001815 _____ () C:\Users\Public\Desktop\QuickTime Player.lnk
2015-01-10 08:36 - 2015-01-10 08:36 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\QuickTime
2015-01-10 08:36 - 2015-01-10 08:36 - 00000000 ____D () C:\Program Files\QuickTime
2015-01-08 09:52 - 2015-01-08 09:55 - 252722766 _____ () C:\Users\dp\Desktop\Однажды двадцать лет спустя (1980) Советская мелодрама «Однажды двадцать лет спустя» смотреть онлайн.mp4
2015-01-08 09:50 - 2015-01-08 09:56 - 407309607 _____ () C:\Users\dp\Downloads\Однажды двадцать лет спустя (1980) Полная версия.mp4
2014-12-27 18:57 - 2014-12-27 18:59 - 369221578 _____ () C:\Users\dp\Downloads\Сказка Морозко, смотреть сказку Морозко.mp4
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2015-01-23 11:27 - 2014-12-20 14:57 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-01-21 20:21 - 2009-07-13 20:34 - 00020576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-01-21 20:21 - 2009-07-13 20:34 - 00020576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-01-21 20:13 - 2009-07-13 20:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-01-20 09:16 - 2014-06-24 09:38 - 00000000 ____D () C:\Users\dp\AppData\Local\Windows Live
2015-01-18 19:49 - 2014-03-08 11:26 - 00000000 ____D () C:\Program Files\Google
2015-01-18 19:02 - 2014-03-08 11:26 - 00000000 ____D () C:\Users\dp\AppData\Local\Google
2015-01-18 18:47 - 2011-01-28 09:17 - 00000000 ____D () C:\Program Files\VideoLAN
2015-01-18 18:47 - 2010-03-09 20:17 - 00000000 ____D () C:\Users\dp\AppData\Roaming\Apple Computer
2015-01-18 18:47 - 2010-03-09 20:17 - 00000000 ____D () C:\Users\dp\AppData\Local\Apple Computer
2015-01-18 18:43 - 2010-12-25 10:09 - 00000000 ____D () C:\Users\dp\AppData\Roaming\DVDVideoSoft
2015-01-18 18:42 - 2010-12-25 10:09 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DVDVideoSoft
2015-01-18 18:38 - 2010-03-10 17:48 - 00000000 ____D () C:\Program Files\Research In Motion
2015-01-18 18:37 - 2010-03-10 17:48 - 00000000 ____D () C:\Program Files\Common Files\Research In Motion
2015-01-18 17:59 - 2014-03-28 20:37 - 00000000 ____D () C:\Users\dp\AppData\Roaming\Spotify
2015-01-18 17:55 - 2010-12-25 10:09 - 00000000 ____D () C:\Program Files\Common Files\DVDVideoSoft
2015-01-18 17:55 - 2009-07-13 18:04 - 00000615 _____ () C:\Windows\win.ini
2015-01-18 13:45 - 2010-06-04 20:12 - 00000000 ____D () C:\ProgramData\LogiShrd
2015-01-18 13:45 - 2010-06-04 20:01 - 00000000 ____D () C:\Program Files\Common Files\logishrd
2015-01-18 13:38 - 2011-04-04 16:00 - 00000000 ____D () C:\Users\dp\AppData\Local\Adobe
2015-01-18 13:27 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\Resources
2015-01-18 13:19 - 2010-03-09 20:09 - 00000000 ____D () C:\Users\dp
2015-01-18 03:05 - 2014-06-15 15:51 - 00000000 ____D () C:\Windows\system32\MRT
2015-01-18 03:01 - 2014-06-15 15:51 - 110348472 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-01-17 10:27 - 2014-02-26 11:10 - 00701616 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-01-17 10:27 - 2014-02-26 11:10 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-01-17 08:58 - 2014-03-28 20:37 - 00000000 ____D () C:\Users\dp\AppData\Local\Spotify
2015-01-13 08:15 - 2009-07-13 18:37 - 00000000 ____D () C:\Windows\system32\NDF
2014-12-31 03:13 - 2010-03-09 20:34 - 00249488 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
==================== Files in the root of some directories =======
2010-09-04 14:03 - 2011-03-28 19:43 - 0000231 _____ () C:\Users\dp\AppData\Roaming\Rim.Desktop.Exception.log
2010-08-28 23:16 - 2014-05-26 07:36 - 0002810 _____ () C:\Users\dp\AppData\Roaming\Rim.Desktop.HttpServerSetup.log
2015-01-18 13:35 - 2015-01-18 13:35 - 0000046 _____ () C:\Users\dp\AppData\Roaming\WB.CFG
2015-01-18 12:44 - 2015-01-18 12:44 - 0000064 _____ () C:\Users\dp\AppData\Local\00b8c1270aa3f44e5fb958ea63648b0a
2010-04-24 12:00 - 2010-10-22 13:35 - 0000056 ____H () C:\ProgramData\ezsidmv.dat
2014-02-28 12:57 - 2014-07-27 19:35 - 0021308 _____ () C:\ProgramData\hpzinstall.log
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2015-01-17 09:59
==================== End Of Log ============================