Помогите пожалуйста удалить окна с рекламой в браузерах и постоянных перенаправ.

[bunker2]

Добрый день! Уважаемые знатоки, помогите удалить постоянные окна которые открываються при нажатии на странице, на адрес в странице, или когда хочу что-то прочитать, или новую страницу чистую открыть, даже когда правой кнопкой мышки нажимаю, открываэться новая страница с рекламой. И бываэт такое что немогу написать в с троке поиска, пока не закрою браузер людбой и не открою заново.
У меня Виндовс 10 х64. Браузеры Опера 31я и 12я, Хром и Встроенный браузер от вынды.
вот лог программы:

Вложения:

You must be logged in to view attached files.

[Admin]

Здравствуйте, добро пожаловать на Spyware-ru форум.

Ещё несколько вопросов:
1. когда, примерно, возникла проблема
2. эта проблема одинакова во всех браузерах ?
3. открывается всегда одно и тоже окно с рекламным сайтом ? Или каждый раз что-то новое ?

И ещё, сделайте анализ программой FRST. Тут описание — http://www.spyware-ru.com/forums/topic/chitat-obyazatelno-kak-vylechit-kompyuter-pervye-shagi/ , шаг 2. Оба лога прикрепите к вашему ответу.

[bunker2]

Где-то недели 2 -3 назад.
Да во всех браузерах.
Бывает что окна одинаковы, бывает что сайт другой, то тема про алиекспрес, ставки на футбол и т.д. остается неизменной.
На выходных по удалял немножко программ и подчистил компьютер программой REG ORGANIZER.
Вот первый лог:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-07-2016
Ran by BUNKER2 (administrator) on DOKTORTRAX (04-07-2016 11:29:23)
Running from C:\Users\BUNKER2\AppData\Local\Temp\scoped_dir3960_24102
Loaded Profiles: BUNKER2 (Available Profiles: BUNKER2)
Platform: Windows 10 Enterprise Version 1511 (X64) Language: Русский (Россия)
Internet Explorer Version 11 (Default browser: Opera)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\avp.exe
(Adobe Systems, Incorporated) C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
(Locktime Software) C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe
(Microsoft Corporation) C:\Windows\System32\vmms.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
() C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe
(AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\avpui.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation) C:\Windows\System32\igfxTray.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe
(Opera Software) C:\Program Files (x86)\Opera\38.0.2220.31\opera.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\…\Run: [] => [X]
ShellIconOverlayIdentifiers: [ AccExtIco1] -> {AB9CF9F8-8A96-4F9D-BF21-CE85714C3A47} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco2] -> {853B7E05-C47D-4985-909A-D0DC5C6D7303} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
ShellIconOverlayIdentifiers: [ AccExtIco3] -> {42D38F2E-98E9-4382-B546-E24E4D6D04BB} => C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSyncExtension\CoreSync_x64.dll [2016-01-22] ()
BootExecute: autocheck autochk *
GroupPolicyScripts\User: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1
Tcpip\Parameters: [NameServer] 8.8.8.8
Tcpip\..\Interfaces\{d1fbaed0-d400-47c3-b687-c61ad775105f}: [DhcpNameServer] 8.8.8.8 8.8.4.4 192.168.1.1
ManualProxies:

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> DefaultScope {43EBD363-949C-440E-B239-DB00F898DC42} URL =
SearchScopes: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> {8C3078A0-9AAB-4371-85D1-656CA8E46EE8} URL = hxxp://yandex.ua/search/?win=217&clid=2254995&text={searchTerms}
SearchScopes: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7BCB8BF409-8414-4A1A-82DB-D59CEB694337%7D&gp=811010
BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office16\OCHelper.dll [2016-05-27] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
BHO: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll [2015-07-31] (Microsoft Corporation)
BHO-x32: Поиск@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\BUNKER2\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2016-03-22] (Mail.Ru)
BHO-x32: Adobe Acrobat Create PDF Helper -> {AE7CD045-E861-484f-8273-0445EE161910} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
BHO-x32: FlashGetBHO -> {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} -> C:\Users\BUNKER2\AppData\Roaming\FlashGetBHO\FlashGetBHO.dll [2012-11-01] (Trend Media Group)
BHO-x32: Microsoft OneDrive for Business Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL [2016-05-17] (Microsoft Corporation)
BHO-x32: Adobe Acrobat Create PDF from Selection -> {F4971EE7-DAA0-4053-9964-665D8EE6A077} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
Toolbar: HKLM — Kaspersky Protection Toolbar — {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM — Adobe Acrobat Create PDF Toolbar — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
Toolbar: HKLM-x32 — Kaspersky Protection Toolbar — {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
Toolbar: HKLM-x32 — Adobe Acrobat Create PDF Toolbar — {47833539-D0C5-4125-9FA8-0819E2EAAC93} — C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll [2016-02-09] (Adobe Systems Incorporated)
Toolbar: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> No Name — {2743291E-C9F8-48C1-B295-7F8CC878FD3A} — No File
Handler: mso-minsb.16 — {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} — C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: mso-minsb.16 — {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} — C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: osf.16 — {5504BE45-A83B-4808-900A-3A5C36E7F77A} — C:\Program Files\Microsoft Office\Office16\MSOSB.DLL [2016-05-20] (Microsoft Corporation)
Handler-x32: osf.16 — {5504BE45-A83B-4808-900A-3A5C36E7F77A} — C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL [2016-04-12] (Microsoft Corporation)
Handler: WSWSVCUchrome — No CLSID Value

Edge:
======
Edge HomeButtonPage: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> hxxp://www.yandex.ua/?win=217&clid=2254994

FireFox:
========
FF ProfilePath: C:\Users\BUNKER2\AppData\Roaming\Mozilla\Firefox\Profiles\nahd6ha2.default
FF Homepage: hxxps://www.malwarebytes.org/restorebrowser//general/newhometab.php?hometab=home&partner=11467&guid={E14427E2-594A-4C84-B09E-B1E1197FB3A3}&i=
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_192.dll [2016-06-16] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll [2016-02-12] (Adobe Systems)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_192.dll [2016-06-16] ()
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2016-01-12] (Microsoft Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50428.0\npctrl.dll [2016-04-27] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office16\NPSPWRAP.DLL [2015-07-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-26] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.30.3\npGoogleUpdate3.dll [2016-06-26] (Google Inc.)
FF Plugin-x32: Adobe Acrobat -> C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2016-05-27] (Adobe Systems Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll [2016-02-12] (Adobe Systems)
FF Plugin HKU\S-1-5-21-252111683-1522408880-3306365401-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\BUNKER2\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll [2016-01-12] (Microsoft Corporation)
FF HKLM-x32\…\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\FFExt\light_plugin_firefox\addon.xpi
FF Extension: Kaspersky Protection — C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-04-27]
FF HKLM-x32\…\Firefox\Extensions: [web2pdfextension.15@web2pdf.adobedotcom] — C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn
FF Extension: Adobe Acrobat DC — Create PDF — C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Browser\WCFirefoxExtn [2016-03-13]

Chrome:
=======
CHR HomePage: Default -> yandex.ru/?__PARAM__from=chromehp
CHR StartupUrls: Default -> «hxxp://mail.ru/cnt/10445?gp=801050»
CHR DefaultSearchURL: Default -> hxxp://yandex.ru/search/?__PARAM__from=chromesearch&text={searchTerms}
CHR DefaultSearchKeyword: Default -> yandex.ru
CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?uil=ru&part={searchTerms}
CHR Session Restore: Default -> is enabled.
CHR Profile: C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Презентации) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-01-16]
CHR Extension: (Документы Google) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-01-16]
CHR Extension: (Диск Google) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-01-16]
CHR Extension: (YouTube) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-01-16]
CHR Extension: (Новости) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\chbcakcafkeacjljckffjnmliiikgoag [2016-03-22]
CHR Extension: (Google Search) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-16]
CHR Extension: (Adobe Acrobat) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2016-03-29]
CHR Extension: (Google Таблицы) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-01-16]
CHR Extension: (Google Документы офлайн) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-29]
CHR Extension: (Kaspersky Protection) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\lpeeaghdjmhlakojjcgfdhgcejdaefmi [2016-01-16]
CHR Extension: (Платежная система Интернет-магазина Chrome) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-22]
CHR Extension: (Gmail) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-01-16]
CHR HKLM\…\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] — hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-252111683-1522408880-3306365401-1001\SOFTWARE\Google\Chrome\Extensions\…\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [aeembeejekghkopiabadonpmfpigojok] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [bejnpnkhfgfkcpgikiinojlmdcjimobi] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [bgcifljfapbhgiehkjlckfjmgeojijcb] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [dkekdlkmdpipihonapoleopfekmapadh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [lbjjfiihgfegniolckphpnfaokdkbmdm] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] — hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\…\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [pfigaoamnncijbgomifamkmkidnnlikl] — hxxp://clients2.google.com/service/update2/crx

Opera:
=======
OPR Extension: (Download Master) — C:\Users\BUNKER2\AppData\Roaming\Opera Software\Opera Stable\Extensions\kjidkaoploafppfnkhodonjhlkedndaa [2016-02-19]
OPR Extension: (SaveFrom.net помощник) — C:\Users\BUNKER2\AppData\Roaming\Opera Software\Opera Stable\Extensions\npdpplbicnmpoigidfdjadamgfkilaak [2016-07-03]
StartMenuInternet: (HKLM) Opera — C:\Program Files\Opera x64\Opera.exe

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R4 AdobeUpdateService; C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [693440 2016-01-28] (Adobe Systems Incorporated)
R4 AGSService; C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2021592 2016-04-05] (Adobe Systems, Incorporated)
R2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
R2 Chemtable Startup Checking; C:\Program Files (x86)\Reg Organizer\StartupCheckingService.exe [3477952 2016-06-01] ()
R2 HvHost; C:\Windows\System32\hvhostsvc.dll [61440 2016-03-20] (Microsoft Corporation)
R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [330136 2015-08-27] (Intel Corporation)
S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
R2 nlsvc; C:\Program Files\Locktime Software\NetLimiter 4\NLSvc.exe [322896 2016-02-18] (Locktime Software)
S3 vmcompute; C:\Windows\system32\vmcompute.exe [1142272 2016-03-20] (Microsoft Corporation)
R2 vmms; C:\Windows\system32\vmms.exe [14384128 2016-03-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [364464 2015-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-10-30] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
R3 dtultrascsibus; C:\Windows\System32\drivers\dtultrascsibus.sys [30264 2016-02-22] (Disc Soft Ltd)
R3 dtultrausbbus; C:\Windows\System32\drivers\dtultrausbbus.sys [47160 2016-02-22] (Disc Soft Ltd)
R1 GUBootStartup; C:\Windows\System32\drivers\GUBootStartup.sys [20160 2016-01-16] (Glarysoft Ltd)
R1 hvservice; C:\Windows\System32\drivers\hvservice.sys [71008 2016-03-20] (Microsoft Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79752 2015-12-01] (AO Kaspersky Lab)
R2 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [30328 2015-06-24] (Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [182664 2015-12-11] (AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\drivers\klhk.sys [237488 2016-04-27] (AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [987568 2016-04-27] (AO Kaspersky Lab)
R1 KLIM6; C:\Windows\system32\DRIVERS\klim6.sys [51288 2016-03-04] (AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [41656 2015-06-07] (Kaspersky Lab ZAO)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [87944 2015-10-06] (Kaspersky Lab ZAO)
R1 Klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [112520 2015-12-03] (AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
S3 lunparser; C:\Windows\System32\drivers\lunparser.sys [22528 2016-03-20] (Microsoft Corporation)
S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [65408 2016-03-10] (Malwarebytes Corporation)
R2 nldrv; C:\Program Files\Locktime Software\NetLimiter 4\nldrv.sys [129152 2016-02-18] (Locktime Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2010-07-16] (CACE Technologies, Inc.)
S3 passthruparser; C:\Windows\System32\drivers\passthruparser.sys [23552 2016-03-20] (Microsoft Corporation)
S3 pcip; C:\Windows\System32\drivers\pcip.sys [44544 2016-03-20] (Microsoft Corporation)
S3 pvhdparser; C:\Windows\System32\drivers\pvhdparser.sys [50176 2016-03-20] (Microsoft Corporation)
R3 Synth3dVsp; C:\Windows\System32\drivers\synth3dvsp.sys [101888 2016-03-20] (Microsoft Corporation)
S3 usbUDisc; C:\Windows\System32\drivers\USBDrv_AMD64.sys [18392 2013-01-25] (Scott)
S3 vhdparser; C:\Windows\System32\drivers\vhdparser.sys [26624 2016-03-20] (Microsoft Corporation)
R2 VMSP; C:\Windows\System32\drivers\vmswitch.sys [976384 2016-03-20] (Microsoft Corporation)
R0 vmsproxy; C:\Windows\System32\drivers\vmsproxy.sys [22016 2016-03-20] (Microsoft Corporation)
S3 VMSVSF; C:\Windows\System32\drivers\vmswitch.sys [976384 2016-03-20] (Microsoft Corporation)
S3 VMSVSP; C:\Windows\System32\drivers\vmswitch.sys [976384 2016-03-20] (Microsoft Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-10-30] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [293216 2015-10-30] (Microsoft Corporation)
S3 wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [140672 2014-11-24] (MBB)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [118112 2015-10-30] (Microsoft Corporation)
S3 WinNat; C:\Windows\System32\drivers\winnat.sys [350720 2016-03-20] (Microsoft Corporation)
U4 klkbdflt2; \SystemRoot\system32\DRIVERS\klkbdflt2.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 11:28 — 2016-07-04 11:29 — 00000000 ____D C:\FRST
2016-07-04 11:28 — 2016-07-04 11:28 — 02390016 _____ (Farbar) C:\Users\BUNKER2\Downloads\FRST64.exe
2016-07-03 00:13 — 2016-07-03 00:13 — 00003542 _____ C:\Windows\System32\Tasks\RegOrganizerQuickLaunch
2016-07-03 00:13 — 2016-07-03 00:13 — 00001596 _____ C:\Windows\system32\rrr.lnk
2016-07-02 19:05 — 2016-07-02 19:05 — 03866497 ____R C:\Users\BUNKER2\Downloads\QR Factory 2.9.5 [lic].dmg
2016-07-02 19:04 — 2016-07-02 19:04 — 00003009 _____ C:\Users\BUNKER2\Downloads\[NNMClub.to]_QR Factory 2.9.5 [lic].dmg.torrent
2016-07-02 14:41 — 2016-07-02 14:43 — 00000000 ____D C:\Users\BUNKER2\Downloads\Sibelius 6
2016-07-01 15:14 — 2016-07-01 15:18 — 00388608 _____ (Trend Micro Inc.) C:\Users\BUNKER2\Downloads\HijackThis.exe
2016-06-29 09:09 — 2016-06-29 09:09 — 00044925 _____ C:\Users\BUNKER2\Downloads\AN1451 project.zip
2016-06-27 22:57 — 2013-01-25 04:18 — 00018392 _____ (Scott) C:\Windows\system32\Drivers\USBDrv_AMD64.sys
2016-06-27 22:48 — 2011-11-25 00:25 — 00015360 _____ (June Fabrics Technology Inc.) C:\Windows\system32\Drivers\pneteth.sys
2016-06-27 22:31 — 2016-06-27 22:31 — 00001249 _____ C:\Users\BUNKER2\Desktop\PhoenixUSBPro.exe.lnk
2016-06-27 22:23 — 2016-07-02 19:59 — 00000258 __RSH C:\Users\BUNKER2\ntuser.pol
2016-06-27 22:05 — 2016-06-28 00:50 — 00000907 _____ C:\Users\BUNKER2\Desktop\LiveSuit.exe.lnk
2016-06-27 14:25 — 2016-06-27 15:45 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BaiduYunKongMing
2016-06-27 14:23 — 2016-07-03 00:18 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BaiduYunGuanjia
2016-06-27 14:23 — 2016-06-27 23:01 — 00000000 ____D C:\Users\BUNKER2\Desktop\Прошивка для Вытя
2016-06-27 14:23 — 2016-06-27 14:23 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BaiduYunKernel
2016-06-27 11:21 — 2016-06-27 11:21 — 10173408 _____ C:\Users\BUNKER2\Downloads\LiveSuit v1.09 RU (1).zip
2016-06-27 11:21 — 2016-06-27 11:21 — 01429777 _____ C:\Users\BUNKER2\Downloads\LiveSuit_Drivers.zip
2016-06-27 11:21 — 2016-06-27 11:21 — 01429777 _____ C:\Users\BUNKER2\Downloads\LiveSuit_Drivers (1).zip
2016-06-27 10:59 — 2016-06-27 10:59 — 01374626 _____ C:\Users\BUNKER2\Downloads\nl.fameit.rotate-6000.apk
2016-06-27 09:22 — 2016-06-27 09:22 — 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\3CA14143.sys
2016-06-26 23:37 — 2016-06-27 09:22 — 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\53D60113.sys
2016-06-26 11:29 — 2016-06-26 11:29 — 00010178 _____ C:\Users\BUNKER2\Desktop\hosts (2)
2016-06-26 11:25 — 2016-06-26 11:25 — 00000000 ____D C:\Users\BUNKER2\Downloads\antimm_2.2
2016-06-26 11:21 — 2016-06-26 11:21 — 22878960 _____ C:\Users\BUNKER2\Downloads\antimm_2.2.rar
2016-06-26 11:17 — 2016-06-26 11:17 — 00000080 _____ C:\Users\BUNKER2\AppData\Roaming\Microsoft\Windows\Start Menu\чTorrent.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\ярлики з 10ъ вынды — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\чTorrent.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\Мої документи Сканер — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\Документи Ексель — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\Temp — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\opera.exe — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\MTKdroidTools.exe — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\launcher.exe — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\HostsEditor.exe — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\hosts — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\chrome.exe — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\cache — ярлык.lnk
2016-06-26 11:16 — 2016-06-26 11:16 — 00000080 _____ C:\Users\BUNKER2\Desktop\Adobe DNG Converter.exe — ярлык.lnk
2016-06-26 10:33 — 2016-07-02 23:21 — 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2016-06-26 10:33 — 2016-06-26 11:26 — 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-06-26 10:33 — 2016-06-26 11:16 — 00001171 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-06-26 10:33 — 2016-06-26 10:33 — 00000000 ____D C:\Users\Все пользователи\Malwarebytes
2016-06-26 10:33 — 2016-06-26 10:33 — 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2016-06-26 10:33 — 2016-06-26 10:33 — 00000000 ____D C:\ProgramData\Malwarebytes
2016-06-26 10:33 — 2016-03-10 14:09 — 00065408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2016-06-26 10:33 — 2016-03-10 14:08 — 00140672 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys
2016-06-26 10:33 — 2016-03-10 14:08 — 00027008 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2016-06-24 18:05 — 2016-06-24 18:05 — 09592761 ____R C:\Users\BUNKER2\Downloads\Windows 7 Loader eXtreme Edition v3.502.zip
2016-06-24 18:04 — 2016-06-24 18:04 — 00003550 _____ C:\Users\BUNKER2\Downloads\Windows 7 Loader eXtreme Edition v3.502.zip.torrent
2016-06-24 18:02 — 2016-06-24 18:02 — 00001781 _____ C:\Users\BUNKER2\Downloads\windows-7-loader-extreme-edition-v3-010-[torrentino].torrent
2016-06-24 17:29 — 2016-06-27 14:56 — 00000000 ____D C:\Users\BUNKER2\Downloads\HP ProBook 4545s
2016-06-24 17:20 — 2016-06-24 17:20 — 00016847 _____ C:\Users\BUNKER2\Downloads\HP_ProBook_4545s (1).torrent
2016-06-24 17:14 — 2016-06-24 17:14 — 00016847 _____ C:\Users\BUNKER2\Downloads\HP_ProBook_4545s.torrent
2016-06-24 15:42 — 2016-06-24 15:42 — 3190663168 _____ C:\Users\BUNKER2\Downloads\Win7_Ult_SP1_Italian_x64.iso
2016-06-24 13:11 — 2016-06-24 15:03 — 00316928 _____ (HeiDoc.Net) C:\Users\BUNKER2\Downloads\Для закачки виндовса из сервера майкрософта Microsoft Windows and Office ISO Download Tool 2.03.exe
2016-06-24 12:47 — 2016-06-24 12:47 — 00000000 ____D C:\Users\BUNKER2\Downloads\struktura_radio
2016-06-24 12:43 — 2016-06-24 12:43 — 04296954 _____ C:\Users\BUNKER2\Downloads\struktura_radio.zip
2016-06-24 10:48 — 2016-06-24 11:18 — 3115025084 ____R C:\Users\BUNKER2\Downloads\Kevin.&.Perry.Go.Large.2000.WEB-DL.720p.RUS.ENG.mkv
2016-06-24 10:48 — 2016-06-24 10:48 — 00015338 _____ C:\Users\BUNKER2\Downloads\[rutracker.org].t5005073.torrent
2016-06-24 10:41 — 2016-06-24 10:43 — 00000000 ____D C:\Users\BUNKER2\Downloads\Kevin & Perry Go Large
2016-06-24 10:41 — 2016-06-24 10:41 — 00016815 _____ C:\Users\BUNKER2\Downloads\[rutor.is]Kevin_and_Perry_Go_Large.torrent
2016-06-23 14:34 — 2016-06-23 14:34 — 04784128 _____ C:\Users\BUNKER2\Downloads\Canon_Eos_Rebel_T3_Service_Manual_Repair_Guide (1).iso
2016-06-23 14:31 — 2016-06-23 14:31 — 04784128 _____ C:\Users\BUNKER2\Downloads\Canon_Eos_Rebel_T3_Service_Manual_Repair_Guide.iso
2016-06-23 14:15 — 2016-06-23 14:16 — 02706088 _____ C:\Users\BUNKER2\Downloads\f1233819937.pdf
2016-06-21 21:25 — 2016-06-21 21:53 — 00000000 ____D C:\Users\BUNKER2\Downloads\Fred Myrow & Malcolm Seagrave — Phantasm (1979); Phantasm II (1988) (CD, 1991) FLAC
2016-06-21 21:24 — 2016-06-21 21:24 — 00015109 _____ C:\Users\BUNKER2\Downloads\fantazm-[torrentino].torrent
2016-06-21 20:12 — 2016-06-22 00:36 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\CANON_INC
2016-06-21 20:11 — 2016-06-26 11:16 — 00001140 _____ C:\Users\Public\Desktop\EOS Utility.lnk
2016-06-21 20:11 — 2016-06-21 20:11 — 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Canon Utilities
2016-06-21 20:11 — 2016-06-21 20:11 — 00000000 ____D C:\Program Files (x86)\Canon
2016-06-21 20:10 — 2016-06-21 20:10 — 00000000 ____D C:\Users\Все пользователи\Canon_Inc_IC
2016-06-21 20:10 — 2016-06-21 20:10 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\canon
2016-06-21 20:10 — 2016-06-21 20:10 — 00000000 ____D C:\ProgramData\Canon_Inc_IC
2016-06-21 20:07 — 2016-06-21 20:07 — 00000000 ____D C:\Users\BUNKER2\Downloads\euw2.14.20a-updater
2016-06-21 20:06 — 2016-06-21 20:07 — 99814828 _____ C:\Users\BUNKER2\Downloads\euw2.14.20a-updater.zip
2016-06-21 10:20 — 2016-06-21 10:20 — 00003886 _____ C:\Windows\System32\Tasks\{8510C61A-07A0-C79C-4D6F-9EC6F3F1561A}
2016-06-20 11:31 — 2016-06-20 11:31 — 00014578 _____ C:\Users\BUNKER2\Downloads\[goldenshara.com].V.PoiSke.Dor1.2O16.D.TS.14OOMB.torrent
2016-06-18 20:10 — 2016-06-18 20:10 — 09957413 _____ C:\Users\BUNKER2\Downloads\100_2357.MOV
2016-06-18 12:37 — 2016-06-18 12:37 — 12249373 _____ C:\Users\BUNKER2\Downloads\Каталог АСКО_УКРЕМ 2016.rar
2016-06-18 12:37 — 2016-06-18 12:37 — 03032368 _____ C:\Users\BUNKER2\Downloads\magnitos_small.rar
2016-06-16 15:12 — 2016-06-16 15:12 — 00385539 _____ C:\Users\BUNKER2\Downloads\Квитанция-об-оплате.pdf
2016-06-16 15:01 — 2016-06-16 15:08 — 00000000 ____D C:\Users\BUNKER2\Documents\Квитанції оплати
2016-06-15 18:43 — 2016-06-15 18:43 — 00043041 _____ C:\Users\BUNKER2\Downloads\557f0b1c-f6f6-40de-971e-f5b8066777a6.pdf
2016-06-15 18:25 — 2016-06-15 18:25 — 00000000 ____D C:\Users\BUNKER2\Downloads\EOSCameraInfo
2016-06-15 18:24 — 2016-06-15 18:24 — 00917091 _____ C:\Users\BUNKER2\Downloads\EOSCameraInfo.zip
2016-06-15 12:20 — 2016-06-15 12:20 — 00091038 _____ C:\Users\BUNKER2\Downloads\canon_ef_life_size_converter_parts.pdf
2016-06-15 12:10 — 2016-06-15 12:16 — 00000000 ____D C:\Users\BUNKER2\Downloads\Lynda.com — Shooting with the Canon Rebel T3i (600D and Kiss X5) (Nov. 2011)
2016-06-15 12:09 — 2016-06-15 12:09 — 00029833 _____ C:\Users\BUNKER2\Downloads\%5Bsmart-torrent.org%5D_torrent_29491.torrent
2016-06-14 22:12 — 2016-05-28 09:13 — 01401024 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2016-06-14 22:12 — 2016-05-28 09:13 — 01184960 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2016-06-14 22:12 — 2016-05-28 09:13 — 00514752 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2016-06-14 22:12 — 2016-05-28 09:13 — 00290496 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2016-06-14 22:12 — 2016-05-28 09:13 — 00092352 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2016-06-14 22:12 — 2016-05-28 09:13 — 00046784 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2016-06-14 22:12 — 2016-05-28 08:25 — 04268880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setupapi.dll
2016-06-14 22:12 — 2016-05-28 08:23 — 00388384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ws2_32.dll
2016-06-14 22:12 — 2016-05-28 08:23 — 00312160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswsock.dll
2016-06-14 22:12 — 2016-05-28 08:22 — 07474528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2016-06-14 22:12 — 2016-05-28 08:22 — 04387680 _____ (Microsoft Corporation) C:\Windows\system32\setupapi.dll
2016-06-14 22:12 — 2016-05-28 08:22 — 00428896 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2016-06-14 22:12 — 2016-05-28 08:22 — 00211296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tpm.sys
2016-06-14 22:12 — 2016-05-28 08:22 — 00118624 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\partmgr.sys
2016-06-14 22:12 — 2016-05-28 08:20 — 00430312 _____ (Microsoft Corporation) C:\Windows\system32\ws2_32.dll
2016-06-14 22:12 — 2016-05-28 08:18 — 00357216 _____ (Microsoft Corporation) C:\Windows\system32\mswsock.dll
2016-06-14 22:12 — 2016-05-28 08:16 — 00026408 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-06-14 22:12 — 2016-05-28 08:09 — 00501600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupEngine.dll
2016-06-14 22:12 — 2016-05-28 08:09 — 00170848 _____ (Microsoft Corporation) C:\Windows\system32\NetworkUXBroker.exe
2016-06-14 22:12 — 2016-05-28 08:09 — 00084832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NetSetupApi.dll
2016-06-14 22:12 — 2016-05-28 08:08 — 00693600 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupEngine.dll
2016-06-14 22:12 — 2016-05-28 08:08 — 00258912 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ufx01000.sys
2016-06-14 22:12 — 2016-05-28 08:08 — 00115040 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupApi.dll
2016-06-14 22:12 — 2016-05-28 08:07 — 03675512 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2016-06-14 22:12 — 2016-05-28 08:07 — 02921880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2016-06-14 22:12 — 2016-05-28 08:07 — 01322248 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2016-06-14 22:12 — 2016-05-28 08:07 — 00957608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2016-06-14 22:12 — 2016-05-28 08:07 — 00808288 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2016-06-14 22:12 — 2016-05-28 08:07 — 00703840 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2016-06-14 22:12 — 2016-05-28 08:07 — 00331616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pci.sys
2016-06-14 22:12 — 2016-05-28 08:06 — 22561256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2016-06-14 22:12 — 2016-05-28 08:06 — 04074160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2016-06-14 22:12 — 2016-05-28 08:06 — 00730344 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Shell.Broker.dll
2016-06-14 22:12 — 2016-05-28 08:06 — 00303216 _____ (Microsoft Corporation) C:\Windows\system32\LockAppHost.exe
2016-06-14 22:12 — 2016-05-28 08:06 — 00254656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LockAppHost.exe
2016-06-14 22:12 — 2016-05-28 08:05 — 04515264 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2016-06-14 22:12 — 2016-05-28 08:04 — 00604928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys
2016-06-14 22:12 — 2016-05-28 08:04 — 00431296 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll
2016-06-14 22:12 — 2016-05-28 08:04 — 00360480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcryptprimitives.dll
2016-06-14 22:12 — 2016-05-28 08:04 — 00161632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2016-06-14 22:12 — 2016-05-28 08:04 — 00111064 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2016-06-14 22:12 — 2016-05-28 08:04 — 00097096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2016-06-14 22:12 — 2016-05-28 08:03 — 00131248 _____ (Microsoft Corporation) C:\Windows\system32\gpapi.dll
2016-06-14 22:12 — 2016-05-28 07:58 — 01996640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2016-06-14 22:12 — 2016-05-28 07:58 — 00379232 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 02548944 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 02195632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 01594416 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 01372312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 00649792 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 00636304 _____ (Microsoft Corporation) C:\Windows\system32\fontdrvhost.exe
2016-06-14 22:12 — 2016-05-28 07:57 — 00577376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms2.sys
2016-06-14 22:12 — 2016-05-28 07:57 — 00546456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontdrvhost.exe
2016-06-14 22:12 — 2016-05-28 07:57 — 00521664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2016-06-14 22:12 — 2016-05-28 07:57 — 00316256 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2016-06-14 22:12 — 2016-05-28 07:35 — 00123392 _____ (Microsoft Corporation) C:\Windows\system32\tdlrecover.exe
2016-06-14 22:12 — 2016-05-28 07:35 — 00089088 _____ (Microsoft Corporation) C:\Windows\system32\MapsCSP.dll
2016-06-14 22:12 — 2016-05-28 07:35 — 00031744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsdport.sys
2016-06-14 22:12 — 2016-05-28 07:31 — 00091648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdlrecover.exe
2016-06-14 22:12 — 2016-05-28 07:31 — 00088576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\olepro32.dll
2016-06-14 22:12 — 2016-05-28 07:31 — 00066560 _____ (Microsoft Corporation) C:\Windows\system32\MosHostClient.dll
2016-06-14 22:12 — 2016-05-28 07:29 — 22379008 _____ (Microsoft Corporation) C:\Windows\system32\edgehtml.dll
2016-06-14 22:12 — 2016-05-28 07:29 — 00079360 _____ (Microsoft Corporation) C:\Windows\system32\adhsvc.dll
2016-06-14 22:12 — 2016-05-28 07:29 — 00045568 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2016-06-14 22:12 — 2016-05-28 07:29 — 00019456 _____ (Microsoft Corporation) C:\Windows\system32\httpprxp.dll
2016-06-14 22:12 — 2016-05-28 07:28 — 00166400 _____ (Microsoft Corporation) C:\Windows\system32\MusNotification.exe
2016-06-14 22:12 — 2016-05-28 07:28 — 00118272 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2016-06-14 22:12 — 2016-05-28 07:28 — 00090112 _____ (Microsoft Corporation) C:\Windows\system32\FwRemoteSvr.dll
2016-06-14 22:12 — 2016-05-28 07:27 — 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosHostClient.dll
2016-06-14 22:12 — 2016-05-28 07:27 — 00028672 _____ (Microsoft Corporation) C:\Windows\system32\mapsupdatetask.dll
2016-06-14 22:12 — 2016-05-28 07:26 — 00199168 _____ (Microsoft Corporation) C:\Windows\system32\InstallAgent.exe
2016-06-14 22:12 — 2016-05-28 07:26 — 00157184 _____ (Microsoft Corporation) C:\Windows\system32\dmcertinst.exe
2016-06-14 22:12 — 2016-05-28 07:26 — 00145920 _____ (Microsoft Corporation) C:\Windows\system32\omadmclient.exe
2016-06-14 22:12 — 2016-05-28 07:26 — 00120320 _____ (Microsoft Corporation) C:\Windows\system32\MapsBtSvc.dll
2016-06-14 22:12 — 2016-05-28 07:26 — 00074752 _____ (Microsoft Corporation) C:\Windows\system32\MosStorage.dll
2016-06-14 22:12 — 2016-05-28 07:25 — 00051200 _____ (Microsoft Corporation) C:\Windows\system32\gpscript.dll
2016-06-14 22:12 — 2016-05-28 07:25 — 00037376 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00218624 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00124928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\Ndu.sys
2016-06-14 22:12 — 2016-05-28 07:24 — 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00091136 _____ (Microsoft Corporation) C:\Windows\system32\browserbroker.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00086528 _____ (Microsoft Corporation) C:\Windows\system32\AppCapture.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00072704 _____ (Microsoft Corporation) C:\Windows\system32\moshost.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00067072 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc6.dll
2016-06-14 22:12 — 2016-05-28 07:24 — 00053760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FwRemoteSvr.dll
2016-06-14 22:12 — 2016-05-28 07:23 — 00155136 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\hidclass.sys
2016-06-14 22:12 — 2016-05-28 07:23 — 00086016 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcsvc.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00406528 _____ (Microsoft Corporation) C:\Windows\system32\MusUpdateHandlers.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00368640 _____ (Microsoft Corporation) C:\Windows\system32\usocore.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00278528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
2016-06-14 22:12 — 2016-05-28 07:22 — 00269824 _____ (Microsoft Corporation) C:\Windows\system32\moshostcore.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00163328 _____ (Microsoft Corporation) C:\Windows\system32\tetheringservice.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00161280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\InstallAgent.exe
2016-06-14 22:12 — 2016-05-28 07:22 — 00087040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapsBtSvc.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00079872 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2016-06-14 22:12 — 2016-05-28 07:22 — 00059904 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MosStorage.dll
2016-06-14 22:12 — 2016-05-28 07:21 — 00550912 _____ (Microsoft Corporation) C:\Windows\system32\StoreAgent.dll
2016-06-14 22:12 — 2016-05-28 07:21 — 00239104 _____ (Microsoft Corporation) C:\Windows\system32\BrokerLib.dll
2016-06-14 22:12 — 2016-05-28 07:21 — 00207360 _____ (Microsoft Corporation) C:\Windows\system32\NetSetupSvc.dll
2016-06-14 22:12 — 2016-05-28 07:21 — 00190464 _____ (Microsoft Corporation) C:\Windows\system32\wscsvc.dll
2016-06-14 22:12 — 2016-05-28 07:21 — 00042496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpscript.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00641536 _____ (Microsoft Corporation) C:\Windows\system32\enterprisecsps.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00511488 _____ (Microsoft Corporation) C:\Windows\system32\newdev.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00332288 _____ (Microsoft Corporation) C:\Windows\system32\polstore.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00267264 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore6.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00199168 _____ (Microsoft Corporation) C:\Windows\system32\GnssAdapter.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00174080 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_Privacy.dll
2016-06-14 22:12 — 2016-05-28 07:20 — 00057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc6.dll
2016-06-14 22:12 — 2016-05-28 07:19 — 24605696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2016-06-14 22:12 — 2016-05-28 07:19 — 00764928 _____ (Microsoft Corporation) C:\Windows\system32\Chakradiag.dll
2016-06-14 22:12 — 2016-05-28 07:19 — 00567808 _____ (Microsoft Corporation) C:\Windows\system32\MBMediaManager.dll
2016-06-14 22:12 — 2016-05-28 07:19 — 00414720 _____ (Microsoft Corporation) C:\Windows\system32\bcastdvr.exe
2016-06-14 22:12 — 2016-05-28 07:19 — 00355840 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2016-06-14 22:12 — 2016-05-28 07:19 — 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcsvc.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 11545088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 07977472 _____ (Microsoft Corporation) C:\Windows\system32\mos.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00678912 _____ (Microsoft Corporation) C:\Windows\system32\gpprefcl.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00610816 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00591360 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00460800 _____ (Microsoft Corporation) C:\Windows\system32\MapConfiguration.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00392192 _____ (Microsoft Corporation) C:\Windows\system32\IPSECSVC.DLL
2016-06-14 22:12 — 2016-05-28 07:18 — 00380416 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2016-06-14 22:12 — 2016-05-28 07:18 — 00285184 _____ (Microsoft Corporation) C:\Windows\system32\VEEventDispatcher.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 09918976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00963072 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00630784 _____ (Microsoft Corporation) C:\Windows\system32\MessagingDataModel2.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00485888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\newdev.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00415232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StoreAgent.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00315392 _____ (Microsoft Corporation) C:\Windows\system32\RDXTaskFactory.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00278016 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Internal.Management.dll
2016-06-14 22:12 — 2016-05-28 07:17 — 00173056 _____ (Microsoft Corporation) C:\Windows\system32\mdmmigrator.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 19344384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 00690176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2016-06-14 22:12 — 2016-05-28 07:16 — 00684544 _____ (Microsoft Corporation) C:\Windows\system32\StructuredQuery.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 00592896 _____ (Microsoft Corporation) C:\Windows\system32\AppContracts.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 00503808 _____ (Microsoft Corporation) C:\Windows\system32\tileobjserver.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 00406528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2016-06-14 22:12 — 2016-05-28 07:16 — 00291328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\polstore.dll
2016-06-14 22:12 — 2016-05-28 07:16 — 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore6.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 01056256 _____ (Microsoft Corporation) C:\Windows\system32\JpMapControl.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00853504 _____ (Microsoft Corporation) C:\Windows\system32\MapsStore.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00794624 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00579072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gpprefcl.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00535040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00349696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapConfiguration.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00293888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2016-06-14 22:12 — 2016-05-28 07:15 — 00237056 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2016-06-14 22:12 — 2016-05-28 07:14 — 18674176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\edgehtml.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 01716736 _____ (Microsoft Corporation) C:\Windows\system32\SRHInproc.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00988160 _____ (Microsoft Corporation) C:\Windows\system32\NMAA.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00965632 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00784384 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00606208 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00499712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MessagingDataModel2.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00219136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\VEEventDispatcher.dll
2016-06-14 22:12 — 2016-05-28 07:14 — 00200192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Internal.Management.dll
2016-06-14 22:12 — 2016-05-28 07:13 — 01387520 _____ (Microsoft Corporation) C:\Windows\system32\win32kbase.sys
2016-06-14 22:12 — 2016-05-28 07:13 — 00990208 _____ (Microsoft Corporation) C:\Windows\system32\SharedStartModel.dll
2016-06-14 22:12 — 2016-05-28 07:13 — 00982016 _____ (Microsoft Corporation) C:\Windows\system32\AppxPackaging.dll
2016-06-14 22:12 — 2016-05-28 07:13 — 00939520 _____ (Microsoft Corporation) C:\Windows\system32\MapControlCore.dll
2016-06-14 22:12 — 2016-05-28 07:13 — 00587776 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2016-06-14 22:12 — 2016-05-28 07:13 — 00467456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppContracts.dll
2016-06-14 22:12 — 2016-05-28 07:12 — 00800768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JpMapControl.dll
2016-06-14 22:12 — 2016-05-28 07:12 — 00614400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2016-06-14 22:12 — 2016-05-28 07:12 — 00521728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\StructuredQuery.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 01445888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRHInproc.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00890368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxPackaging.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00799744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00784896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NMAA.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00711680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MapControlCore.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00687616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2016-06-14 22:12 — 2016-05-28 07:11 — 00128512 _____ (Microsoft Corporation) C:\Windows\system32\httpprxm.dll
2016-06-14 22:12 — 2016-05-28 07:09 — 01073152 _____ (Microsoft Corporation) C:\Windows\system32\RDXService.dll
2016-06-14 22:12 — 2016-05-28 07:08 — 13385728 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2016-06-14 22:12 — 2016-05-28 07:08 — 06295552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mos.dll
2016-06-14 22:12 — 2016-05-28 07:06 — 12128256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2016-06-14 22:12 — 2016-05-28 07:06 — 07200256 _____ (Microsoft Corporation) C:\Windows\system32\BingMaps.dll
2016-06-14 22:12 — 2016-05-28 07:06 — 01339904 _____ (Microsoft Corporation) C:\Windows\system32\gpsvc.dll
2016-06-14 22:12 — 2016-05-28 07:05 — 03994624 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers_nt.dll
2016-06-14 22:12 — 2016-05-28 07:05 — 03664896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2016-06-14 22:12 — 2016-05-28 07:05 — 02582016 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2016-06-14 22:12 — 2016-05-28 07:05 — 01797120 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2016-06-14 22:12 — 2016-05-28 07:04 — 06973952 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2016-06-14 22:12 — 2016-05-28 07:04 — 00555520 _____ (Microsoft Corporation) C:\Windows\system32\SyncController.dll
2016-06-14 22:12 — 2016-05-28 07:04 — 00450560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SyncController.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 05323776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 05205504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\BingMaps.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 02609664 _____ (Microsoft Corporation) C:\Windows\system32\NetworkMobileSettings.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 01185280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\LocationFramework.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 00693760 _____ (Microsoft Corporation) C:\Windows\system32\internetmail.dll
2016-06-14 22:12 — 2016-05-28 07:03 — 00417792 _____ (Microsoft Corporation) C:\Windows\system32\dmenrollengine.dll
2016-06-14 22:12 — 2016-05-28 07:02 — 03590144 _____ (Microsoft Corporation) C:\Windows\system32\win32kfull.sys
2016-06-14 22:12 — 2016-05-28 07:02 — 02061824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2016-06-14 22:12 — 2016-05-28 07:02 — 01534464 _____ (Microsoft Corporation) C:\Windows\system32\LocationFramework.dll
2016-06-14 22:12 — 2016-05-28 07:02 — 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\updatepolicy.dll
2016-06-14 22:12 — 2016-05-28 07:01 — 01799680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Logon.dll
2016-06-14 22:12 — 2016-05-28 07:01 — 01582080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2016-06-14 22:12 — 2016-05-28 07:01 — 01500160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2016-06-14 22:12 — 2016-05-28 07:01 — 00111104 _____ (Microsoft Corporation) C:\Windows\system32\updatepolicy.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 05660160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Chakra.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 03585536 _____ (Microsoft Corporation) C:\Windows\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 02635776 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Logon.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 02230272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 02168320 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 01730560 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 01707520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ActiveSyncProvider.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 00162816 _____ (Microsoft Corporation) C:\Windows\system32\enrollmentapi.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 00151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2016-06-14 22:12 — 2016-05-28 07:00 — 00090624 _____ (Microsoft Corporation) C:\Windows\system32\DeviceEnroller.exe
2016-06-14 22:12 — 2016-05-28 06:59 — 00176640 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2016-06-14 22:12 — 2016-05-28 06:58 — 07832576 _____ (Microsoft Corporation) C:\Windows\system32\Chakra.dll
2016-06-14 22:12 — 2016-05-28 06:58 — 04896256 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2016-06-14 22:12 — 2016-05-28 06:58 — 02755584 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2016-06-14 22:12 — 2016-05-28 06:58 — 02066432 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2016-06-14 22:12 — 2016-05-28 06:58 — 01996288 _____ (Microsoft Corporation) C:\Windows\system32\ActiveSyncProvider.dll
2016-06-14 22:12 — 2016-05-28 06:57 — 02281472 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-06-14 22:12 — 2016-05-28 06:55 — 01390080 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Shell.dll
2016-06-14 22:12 — 2016-05-28 06:53 — 00076800 _____ (Microsoft Corporation) C:\Windows\system32\ngcpopkeysrv.dll
2016-06-14 14:28 — 2016-06-14 14:28 — 00015030 _____ C:\Users\BUNKER2\Downloads\Киборг X — Cyborg X (2016) WEB-DLRip — L.torrent
2016-06-14 14:26 — 2016-06-14 14:26 — 00019976 _____ C:\Users\BUNKER2\Downloads\[hdreactor.org]_Holidays.2016.D.1080p.WEB-DL.mkv.torrent
2016-06-13 11:26 — 2016-06-26 11:16 — 00001247 _____ C:\Users\Public\Desktop\Reg Organizer.lnk
2016-06-13 11:26 — 2016-06-13 11:29 — 00000000 ____D C:\Program Files (x86)\Reg Organizer
2016-06-13 11:26 — 2016-06-13 11:26 — 00000000 ____D C:\Users\Все пользователи\Chemtable Software
2016-06-13 11:26 — 2016-06-13 11:26 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\ChemTable Software
2016-06-13 11:26 — 2016-06-13 11:26 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\ChemTable Software
2016-06-13 11:26 — 2016-06-13 11:26 — 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Reg Organizer
2016-06-13 11:26 — 2016-06-13 11:26 — 00000000 ____D C:\ProgramData\Chemtable Software
2016-06-13 11:25 — 2016-06-13 11:26 — 09282256 _____ (ChemTable Software ) C:\Users\BUNKER2\Downloads\reg-organizer-setup.exe
2016-06-13 11:21 — 2016-06-13 11:21 — 00000000 ____D C:\Users\BUNKER2\Downloads\Reg Organizer 7.36 Final + Portable
2016-06-13 11:20 — 2016-06-13 11:20 — 00007074 _____ C:\Users\BUNKER2\Downloads\[NNMClub.to]_Reg Organizer 7.36 Final + Portable.torrent
2016-06-12 22:23 — 2016-06-12 22:23 — 00000000 ____D C:\Users\BUNKER2\Downloads\Windows.10.Manager.1.1.4
2016-06-12 21:59 — 2016-06-12 22:01 — 22010362 _____ C:\Users\BUNKER2\Downloads\Windows.10.Manager.1.1.4.rar
2016-06-12 10:46 — 2016-06-12 10:46 — 00928416 _____ C:\Users\BUNKER2\Downloads\149743_1.pdf
2016-06-12 10:41 — 2016-06-12 10:41 — 00212595 _____ C:\Users\BUNKER2\Downloads\Двигатель, стартер, глушитель, система зажигания, топливная система бензинового триммера CHAMPION Т434. SelTop.ru.html
2016-06-12 10:41 — 2016-06-12 10:41 — 00000000 ____D C:\Users\BUNKER2\Downloads\Двигатель, стартер, глушитель, система зажигания, топливная система бензинового триммера CHAMPION Т434. SelTop.ru_files
2016-06-12 10:40 — 2016-06-12 10:40 — 00136330 _____ C:\Users\BUNKER2\Downloads\запчасти бензотримара.htm
2016-06-11 17:20 — 2016-06-11 17:20 — 00015938 _____ C:\Users\BUNKER2\Downloads\26842_.Allegiant.2016.torrent
2016-06-11 09:44 — 2016-06-11 09:45 — 00000000 ____D C:\Users\BUNKER2\Downloads\Активаторы
2016-06-10 23:44 — 2016-06-10 23:45 — 00000036 _____ C:\Users\BUNKER2\Desktop\Для проверкиактивации.txt
2016-06-09 20:44 — 2016-06-09 21:48 — 352128908 ____R C:\Users\BUNKER2\Downloads\The.Angry.Birds.Movie.2016.D.Telecine.720P_KOSHERA.mkv
2016-06-09 19:27 — 2016-06-09 19:27 — 00022898 _____ C:\Users\BUNKER2\Downloads\[new-rutor.org]Angry.Birds.v.kino_The.Angry.Birds.Movie.2016.TS.7.torrent
2016-06-09 19:25 — 2016-06-09 19:25 — 00004512 _____ C:\Users\BUNKER2\Downloads\[torrent.by]_varkraft-warcraft-2016-ts-720r-d-zvuk-s-camrip.torrent
2016-06-08 23:19 — 2016-06-08 23:19 — 00041564 _____ C:\Users\BUNKER2\Downloads\kalkul_kotly_8_1.xlsx
2016-06-08 11:23 — 2016-06-08 11:23 — 00017066 _____ C:\Users\BUNKER2\Downloads\[kinozal.tv]id1453788.torrent
2016-06-08 09:49 — 2016-06-08 10:21 — 00000000 ____D C:\Users\BUNKER2\Desktop\прошивка для вовчика
2016-06-05 14:23 — 2016-06-05 14:23 — 00034793 _____ C:\Users\BUNKER2\Downloads\lyudi-iks-apokalipsis—2016-tc-1080p—671-gb.torrent
2016-06-04 18:31 — 2016-06-04 18:31 — 00013218 _____ C:\Users\BUNKER2\Downloads\[rutracker.org].t70158.torrent
2016-06-04 18:31 — 2016-06-04 18:31 — 00000000 ____D C:\Users\BUNKER2\Downloads\Romantic Collection v_1-3
2016-06-04 18:20 — 2016-07-03 22:57 — 00000000 ____D C:\Users\BUNKER2\Downloads\Romantic Collection 2014
2016-06-04 18:20 — 2016-06-04 18:20 — 00027280 _____ C:\Users\BUNKER2\Downloads\Скачать Romantic_Collection_2014.torrent
2016-06-04 18:19 — 2016-06-04 18:19 — 02116920 _____ C:\Users\BUNKER2\Downloads\Скачать Romantic_Collection_2014.torrent.exe
2016-06-04 15:14 — 2016-06-04 15:45 — 2475888137 ____R C:\Users\BUNKER2\Downloads\The Right Kind of Wrong.2013.720p.BluRay.x264-LEONARDO_[scarabey.org].mkv
2016-06-04 15:13 — 2016-06-04 15:13 — 00024287 _____ C:\Users\BUNKER2\Downloads\lyublyu.tvoyu.zhenu.2014.BDRip.170848.torrent

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-07-04 11:15 — 2016-02-02 15:06 — 00000000 ____D C:\Users\Все пользователи\Kaspersky Lab
2016-07-04 11:15 — 2016-02-02 15:06 — 00000000 ____D C:\ProgramData\Kaspersky Lab
2016-07-04 11:09 — 2016-04-25 22:42 — 19179520 _____ C:\Users\BUNKER2\AppData\Local\SageThumbs.db3
2016-07-04 11:09 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\AppReadiness
2016-07-04 11:04 — 2016-01-16 16:54 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\IP-TV Player
2016-07-04 11:04 — 2015-10-30 10:24 — 00000000 ___HD C:\Program Files\WindowsApps
2016-07-04 11:02 — 2016-01-27 15:00 — 00004192 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{5B1CD464-CABA-4F6D-9DA0-2F0CDC3A96E2}
2016-07-04 10:59 — 2016-01-12 20:40 — 00000000 __SHD C:\Users\BUNKER2\IntelGraphicsProfiles
2016-07-03 22:56 — 2016-01-12 18:31 — 01831108 _____ C:\Windows\system32\PerfStringBackup.INI
2016-07-03 22:56 — 2015-10-30 22:11 — 00793590 _____ C:\Windows\system32\perfh019.dat
2016-07-03 22:56 — 2015-10-30 22:11 — 00157364 _____ C:\Windows\system32\perfc019.dat
2016-07-03 22:56 — 2015-10-30 10:21 — 00000000 ____D C:\Windows\INF
2016-07-03 00:20 — 2016-02-29 15:24 — 00000000 ____D C:\Users\Public\Documents\RonyaSoft
2016-07-03 00:18 — 2016-01-12 18:27 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\Packages
2016-07-03 00:07 — 2016-01-12 17:17 — 00000000 ____D C:\Windows\Panther
2016-07-02 22:24 — 2016-01-12 18:20 — 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-07-02 19:59 — 2016-01-12 18:26 — 00000000 ____D C:\Users\BUNKER2
2016-07-02 19:58 — 2015-10-30 09:28 — 00262144 ___SH C:\Windows\system32\config\BBI
2016-07-02 19:17 — 2016-01-25 16:47 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\uTorrent
2016-07-02 19:04 — 2016-03-06 20:48 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BITS
2016-07-02 14:43 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\LiveKernelReports
2016-07-02 14:42 — 2016-03-21 20:05 — 00000000 ____D C:\KMPlayer
2016-06-27 22:26 — 2016-01-29 16:56 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\ElevatedDiagnostics
2016-06-26 11:17 — 2016-04-21 23:08 — 00000933 _____ C:\Users\BUNKER2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MediaInfo.lnk
2016-06-26 11:17 — 2016-03-21 20:09 — 00001201 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
2016-06-26 11:17 — 2016-03-13 13:48 — 00001298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Creative Cloud.lnk
2016-06-26 11:17 — 2016-03-13 13:23 — 00002469 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat DC.lnk
2016-06-26 11:17 — 2016-03-13 13:23 — 00002114 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat Distiller DC.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002662 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive для бизнеса.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype для бизнеса 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002656 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002648 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002642 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint 2016.lnk
2016-06-26 11:17 — 2016-03-06 20:13 — 00002628 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher 2016.lnk
2016-06-26 11:17 — 2016-02-15 19:46 — 00001195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Premiere Pro CC 2015.lnk
2016-06-26 11:17 — 2016-02-15 19:33 — 00001207 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Media Encoder CC 2015.lnk
2016-06-26 11:17 — 2016-02-15 19:11 — 00001129 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Photoshop CC 2015.lnk
2016-06-26 11:17 — 2016-02-15 19:09 — 00001379 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Update Management Tool.lnk
2016-06-26 11:17 — 2016-01-16 16:54 — 00002042 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IP-TV Player.lnk
2016-06-26 11:17 — 2016-01-16 16:22 — 00001161 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Glary Utilities 5.lnk
2016-06-26 11:17 — 2016-01-12 18:42 — 00001047 _____ C:\Users\BUNKER2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Дополнительные возможности.lnk
2016-06-26 11:17 — 2016-01-12 18:30 — 00002417 _____ C:\Users\BUNKER2\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2016-06-26 11:16 — 2016-05-14 11:05 — 00000686 _____ C:\Users\BUNKER2\Desktop\SimpleTV b9 (2.2.3).lnk
2016-06-26 11:16 — 2016-05-14 11:02 — 00000727 _____ C:\Users\BUNKER2\Desktop\Link2Play.lnk
2016-06-26 11:16 — 2016-05-07 13:04 — 00001218 _____ C:\Users\BUNKER2\Desktop\WIDI 4.1 Pro.lnk
2016-06-26 11:16 — 2016-05-05 22:41 — 00001047 _____ C:\Users\BUNKER2\Desktop\Melodyne Studio 4.lnk
2016-06-26 11:16 — 2016-05-05 22:11 — 00001044 _____ C:\Users\BUNKER2\Desktop\Capstan.lnk
2016-06-26 11:16 — 2016-04-28 12:46 — 00001195 _____ C:\Users\BUNKER2\Desktop\Adobe Media Encoder CC 2015.lnk
2016-06-26 11:16 — 2016-04-28 12:46 — 00001183 _____ C:\Users\BUNKER2\Desktop\Adobe Premiere Pro CC 2015.lnk
2016-06-26 11:16 — 2016-04-22 21:26 — 00001285 _____ C:\Users\Public\Desktop\UmmyVideoDownloader.lnk
2016-06-26 11:16 — 2016-04-21 23:08 — 00000903 _____ C:\Users\BUNKER2\Desktop\MediaInfo.lnk
2016-06-26 11:16 — 2016-03-31 22:14 — 00001224 _____ C:\Users\BUNKER2\Desktop\Поиграй!.lnk
2016-06-26 11:16 — 2016-03-29 20:04 — 00000728 _____ C:\Users\BUNKER2\Desktop\Яндекс.Диск.lnk
2016-06-26 11:16 — 2016-03-21 20:09 — 00001195 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
2016-06-26 11:16 — 2016-03-21 20:05 — 00000643 _____ C:\Users\BUNKER2\Desktop\KMPlayer.lnk
2016-06-26 11:16 — 2016-03-20 15:11 — 00002072 _____ C:\Users\BUNKER2\Desktop\Диспетчер Hyper-V — Ярлык.lnk
2016-06-26 11:16 — 2016-03-13 13:48 — 00001286 _____ C:\Users\Public\Desktop\Adobe Creative Cloud.lnk
2016-06-26 11:16 — 2016-03-13 13:23 — 00002091 _____ C:\Users\Public\Desktop\Adobe Acrobat DC.lnk
2016-06-26 11:16 — 2016-03-08 16:31 — 00001337 _____ C:\Users\Public\Desktop\Print2CAD 2016 Manual.lnk
2016-06-26 11:16 — 2016-03-08 16:31 — 00001273 _____ C:\Users\Public\Desktop\Print2CAD 2016 7th Generation.lnk
2016-06-26 11:16 — 2016-03-06 20:49 — 00001471 _____ C:\Users\BUNKER2\Desktop\FlashGet downloads.lnk
2016-06-26 11:16 — 2016-03-06 20:49 — 00001324 _____ C:\Users\BUNKER2\Desktop\FlashGet3.lnk
2016-06-26 11:16 — 2016-03-02 19:57 — 00002619 _____ C:\Users\Public\Desktop\Folder Size Explorer.lnk
2016-06-26 11:16 — 2016-03-01 22:05 — 00001269 _____ C:\Users\Public\Desktop\NetLimiter 4 (x64).lnk
2016-06-26 11:16 — 2016-02-22 17:05 — 00001867 _____ C:\Users\Public\Desktop\DAEMON Tools Ultra.lnk
2016-06-26 11:16 — 2016-02-15 19:12 — 00001822 _____ C:\Users\BUNKER2\Desktop\Adobe Photoshop CC 2015 — Ярлык.lnk
2016-06-26 11:16 — 2016-02-08 20:51 — 00001988 _____ C:\Users\BUNKER2\Desktop\ib.lnk
2016-06-26 11:16 — 2016-02-08 20:45 — 00001202 _____ C:\Users\BUNKER2\Desktop\OLYMPUS Viewer 2.lnk
2016-06-26 11:16 — 2016-02-08 20:45 — 00001182 _____ C:\Users\BUNKER2\Desktop\Оновлення фотокамер OLYMPUS.lnk
2016-06-26 11:16 — 2016-02-02 15:07 — 00002244 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2016-06-26 11:16 — 2016-01-30 19:43 — 00001593 _____ C:\Users\BUNKER2\Desktop\Calculator — Ярлык.lnk
2016-06-26 11:16 — 2016-01-29 18:18 — 00000440 _____ C:\Users\BUNKER2\Desktop\Этот компьютер — Ярлык.lnk
2016-06-26 11:16 — 2016-01-28 20:17 — 00001643 _____ C:\Users\BUNKER2\Desktop\TCE64.lnk
2016-06-26 11:16 — 2016-01-16 16:54 — 00002030 _____ C:\Users\Public\Desktop\IP-TV Player.lnk
2016-06-26 11:16 — 2016-01-16 16:22 — 00001149 _____ C:\Users\Public\Desktop\Glary Utilities 5.lnk
2016-06-26 11:16 — 2016-01-16 16:11 — 00002009 _____ C:\Users\BUNKER2\Desktop\Process Hacker 2.lnk
2016-06-26 11:16 — 2016-01-12 22:12 — 00001048 _____ C:\Users\BUNKER2\Desktop\AIDA64.lnk
2016-06-26 11:15 — 2016-04-19 19:01 — 00000000 ____D C:\Users\Все пользователи\64eb4d33
2016-06-26 11:15 — 2016-04-19 19:01 — 00000000 ____D C:\ProgramData\64eb4d33
2016-06-26 11:15 — 2016-03-28 11:53 — 00000000 ____D C:\Program Files (x86)\OneSystemCare
2016-06-26 11:15 — 2016-02-25 21:30 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\GoCoupons
2016-06-25 16:01 — 2016-04-22 16:11 — 00001810 _____ C:\Users\BUNKER2\Desktop\chrome.exe — ярлык.lnk
2016-06-25 16:00 — 2016-03-01 21:47 — 00001466 _____ C:\Users\BUNKER2\Desktop\launcher.exe — ярлык.lnk
2016-06-25 09:22 — 2016-01-12 18:44 — 00000000 ____D C:\Program Files (x86)\Opera
2016-06-25 08:43 — 2016-03-30 13:15 — 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-06-25 08:43 — 2016-03-30 13:15 — 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-06-24 15:24 — 2016-03-26 11:05 — 00000000 ____D C:\Users\BUNKER2\Desktop\проги міні
2016-06-23 15:47 — 2016-03-30 13:15 — 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-06-21 22:03 — 2016-02-22 17:05 — 00000000 ____D C:\Users\Все пользователи\DAEMON Tools Ultra
2016-06-21 22:03 — 2016-02-22 17:05 — 00000000 ____D C:\ProgramData\DAEMON Tools Ultra
2016-06-17 15:38 — 2015-10-30 10:11 — 00000000 ____D C:\Windows\CbsTemp
2016-06-17 09:28 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\rescache
2016-06-15 20:43 — 2016-01-25 13:39 — 00000000 ____D C:\Users\Все пользователи\regid.1986-12.com.adobe
2016-06-15 20:43 — 2016-01-25 13:39 — 00000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2016-06-15 15:21 — 2016-01-12 18:27 — 00000000 __RHD C:\Users\Public\AccountPictures
2016-06-15 15:20 — 2016-01-12 18:17 — 04963184 _____ C:\Windows\system32\FNTCACHE.DAT
2016-06-15 12:37 — 2015-10-30 10:24 — 00000000 ___SD C:\Windows\system32\DiagSvcs
2016-06-15 12:37 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\system32\SystemResetPlatform
2016-06-15 12:37 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\bcastdvr
2016-06-14 23:06 — 2016-03-06 20:11 — 00000000 ____D C:\Users\Все пользователи\Microsoft Help
2016-06-14 23:04 — 2016-01-12 18:45 — 00000000 ____D C:\Windows\system32\MRT
2016-06-14 23:00 — 2016-01-12 18:44 — 142482544 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2016-06-14 21:33 — 2015-10-30 10:26 — 00828408 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-06-14 21:33 — 2015-10-30 10:26 — 00176632 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-06-13 11:32 — 2016-03-28 11:55 — 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\simplitec
2016-06-12 22:23 — 2016-04-11 10:05 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\Yamicsoft
2016-06-11 09:56 — 2016-01-12 22:16 — 00000000 ____D C:\Users\BUNKER2\AppData\Local\MSfree Inc
2016-06-11 09:41 — 2016-03-06 21:02 — 00000204 _____ C:\Windows\SysWOW64\secustat.dat
2016-06-05 11:08 — 2016-04-27 20:55 — 00000000 ____D C:\Users\BUNKER2\Downloads\Hiti_2016
2016-06-04 17:58 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\system32\WinBioDatabase
2016-06-04 17:31 — 2015-10-30 10:24 — 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2016-01-12 20:39 — 2016-01-12 20:39 — 0007602 _____ () C:\Users\BUNKER2\AppData\Local\Resmon.ResmonCfg
2016-04-25 22:42 — 2016-07-04 11:09 — 19179520 _____ () C:\Users\BUNKER2\AppData\Local\SageThumbs.db3

Some files in TEMP:
====================
C:\Users\BUNKER2\AppData\Local\Temp\mediaget-uninstaller.exe
C:\Users\BUNKER2\AppData\Local\Temp\Uninstall.exe

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2016-06-29 21:30

==================== End of FRST.txt ============================

Вложения:

You must be logged in to view attached files.

[Admin]

Запустите программу Блокнот и вставьте в открытое окно следующий текст

CreateRestorePoint:
GroupPolicyScripts\User: Restriction <======= ATTENTION
Toolbar: HKU\S-1-5-21-252111683-1522408880-3306365401-1001 -> No Name — {2743291E-C9F8-48C1-B295-7F8CC878FD3A} — No File
Handler: WSWSVCUchrome — No CLSID Value
CHR Extension: (Google Search) — C:\Users\BUNKER2\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-01-16]
CHR HKLM\…\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] — hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKU\S-1-5-21-252111683-1522408880-3306365401-1001\SOFTWARE\Google\Chrome\Extensions\…\Chrome\Extension: [dhdgffkkebhmkfjojejmpbldmpobfkfo] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [aeembeejekghkopiabadonpmfpigojok] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [bejnpnkhfgfkcpgikiinojlmdcjimobi] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [bgcifljfapbhgiehkjlckfjmgeojijcb] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [dkekdlkmdpipihonapoleopfekmapadh] — hxxp://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [lbjjfiihgfegniolckphpnfaokdkbmdm] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] — hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
CHR HKLM-x32\…\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] — hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\…\Chrome\Extension: [pfigaoamnncijbgomifamkmkidnnlikl] — hxxp://clients2.google.com/service/update2/crx
Task: {03F2EA60-96A1-4417-8F13-5F7F7C1480FF} - System32\Tasks\{8510C61A-07A0-C79C-4D6F-9EC6F3F1561A} => Regsvr32.exe /s /n /i:"/rt" "C:\PROGRA~3\64eb4d33\24359033.dll" <==== ATTENTION
Task: {907F63C6-9C77-4C02-9C19-BADCAB919256} - System32\Tasks\{1FDD8DC4-916F-479A-B06D-3DF115F52F4B} => pcalua.exe -a K:\AutorunHelper.exe -d K:\
Task: {E504E60D-3D0C-4439-ABE3-08E4D8E3D67B} - System32\Tasks\RegOrganizerQuickLaunch => -RegistryEditor -ForceForeground -NoSplash
FirewallRules: [TCP Query User{79319522-1E68-4B39-90E2-9DAD9B36866E}C:\users\bunker2\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\bunker2\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
FirewallRules: [UDP Query User{D432F30C-C050-4DB3-882D-1F3706A4E0C2}C:\users\bunker2\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe] => (Allow) C:\users\bunker2\appdata\roaming\baidu\baiduyunguanjia\baiduyunguanjia.exe
2016-06-27 14:23 — 2016-07-03 00:18 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BaiduYunGuanjia
2016-06-27 14:23 — 2016-06-27 14:23 — 00000000 ____D C:\Users\BUNKER2\AppData\Roaming\BaiduYunKernel
EmptyTemp:
Reboot:

Сохраните полученный файл в папку где находится программа FRST/FRST64 под именем fixlist

Запустите программу FRST и нажмите кнопку Fix.
Когда программа закончит работу появиться сообщение «Fix completed». Нажмите OK.
Откроется блокнот с содержимым файла fixlog.txt. Вставьте содержимое этого файла в ваш ответ.

После этого выполните новую проверку программой FRST (перед нажатием клавиши Scan поставьте галочку в пункте Addition.txt) и оба её лога прикрепите к вашему ответу.

[bunker2]

После того когда нажал ОК. Выполнилась перезагрузка. Так же в коде написано. Окно не открывалось. Сейчас заново проверю.

[bunker2]

Вот заново просканировал и прикрепляю файлы.

Вложения:

You must be logged in to view attached files.

[Admin]

В папке где находится FRST удалите файлы FRST.txt и Addition.txt (то есть оба лога). В этой же папке должен быть файл fixlog.txt. Выполните новое сканирование программой FRST, как в прошлый раз, и все три файла FRST.txt, Addition.txt и fixlog.txt прикрепите к вашему сообщению.

[Автор]

Сообщения