дддддддддд | AdsFix | g3n-h@ckm@n | 11.09.2014.3

ддддд Vista | 7 | 8 | 8.1 - 32/64 bits ддддд - Start 02:37:45 - 12/09/2014

update on : 11/09/2014 | 15.50 by g3n-h@ckm@nЩ
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Boot: Normal boot
[Mo'ath (Administrator)] - [MOATH] -  (jordan [0409])
SID = S-1-5-21-1780214637-3531778011-2012122408-1001 || [4d6f27617468205e5e]
PC : Hewlett-Packard - 218F - F9U86EA#ABV
Bios : Insyde - 02/24/2014
System : Windows 8.1 Pro (64 bits) Professional 
RAM memory = Total (MB) : 4090 | Free (MB) : 3032
Pagefile = Total (MB) : 8285 | Free (MB) : 7154
Virtual = Total (MB) : 4194 | Free (MB) : 3994

Registry saved, to restore :  : C:\AdsFix\Save\Registry [12.09.2014 @ 02_37_44] (Click on Options & Restore the register)
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"

дддддддддд | Windows Updates

No windows updates detected !!! 

дддддддддд | Browsers

IE : 11.0.9600.17239     (й Microsoft Corporation. All rights reserved.)
GC : 37.0.2062.103     (Copyright 2012 Google Inc. All rights reserved.)

дддддддддд | Security (atcav : 0)

AV : 360 Total Security Disabled
AS : Windows Defender Disabled
AM : Malwarebytes' Anti-Malware   (1.0.0.532)     []
FW : 
WMI : OK
WU: Windows Update Service [Manual(3)] = Order
AS: Windows Defender [Manual(3)] = Order
FW: Windows FireWall Service [Auto(2)] = Order

дддддддддд | FlashPlayer

ActiveX : 14.0.0.176

дддддддддд | Killed processes

76 | [Owner : SYSTEM |Parent : 644] - (.Intel Corporation - igfxCUIService Module.) - (6.15.10.3496) = C:\Windows\System32\igfxCUIService.exe
688 | [Owner : SYSTEM |Parent : 644] - (.Realtek Semiconductor - Realtek Audio Service.) - (1.0.0.55) = C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
804 | [Owner : SYSTEM |Parent : 688] - (.Realtek Semiconductor - HD Audio Background Process.) - (1.0.0.193) = C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
1320 | [Owner : SYSTEM |Parent : 644] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.3.9600.16384) = C:\Windows\System32\spoolsv.exe
1496 | [Owner : SYSTEM |Parent : 644] - (.Andrea Electronics Corporation - Andrea filters APO access service (64-bit).) - (1.0.64.10) = C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
1512 | [Owner : SYSTEM |Parent : 644] - (.Apple Inc. - Bonjour Service.) - (3.0.0.10) = C:\Program Files\Bonjour\mDNSResponder.exe
1532 | [Owner : SYSTEM |Parent : 644] - (.BlueStack Systems, Inc. - BlueStacks Log Rotator Service.) - (0.8.9.3088) = C:\Program Files (x86)\BlueStacks\HD-LogRotatorService.exe
1708 | [Owner : SYSTEM |Parent : 644] - (.BlueStack Systems, Inc. - BlueStacks Updater Service.) - (0.8.9.3088) = C:\Program Files (x86)\BlueStacks\HD-UpdaterService.exe
1872 | [Owner : SYSTEM |Parent : 644] - (.Hewlett-Packard Company - SolutionsFrameworkService.) - (1.0.10.0) = C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
1944 | [Owner : SYSTEM |Parent : 644] - (. - DCSHOST.) - (2.0.0.47) = C:\ProgramData\DatacardService\HWDeviceService64.exe
2008 | [Owner : SYSTEM |Parent : 644] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (3.0.2.0) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe
2064 | [Owner : SYSTEM |Parent : 1804] - (. - .) - (0.0.0.0) = C:\ProgramData\Zain Broadband\OnlineUpdate\ouc.exe
2168 | [Owner : LOCAL SERVICE |Parent : 336] - (.Microsoft Corporation - Device Association Framework Provider Host.) - (6.3.9600.17031) = C:\Windows\System32\dasHost.exe
2224 | [Owner : LOCAL SERVICE |Parent : 336] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.3.9600.16384) = C:\Windows\System32\WUDFHost.exe
2400 | [Owner : Mo'ath |Parent : 1460] - (.Malwarebytes Corporation - Malwarebytes Anti-Malware.) - (1.0.0.532) = C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
2912 | [Owner : LOCAL SERVICE |Parent : 644] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
2668 | [Owner : Mo'ath |Parent : 2528] - (.Microsoft Corporation - Windows Explorer.) - (6.3.9600.17031) = C:\Windows\explorer.exe
3020 | [Owner : Mo'ath |Parent : 1944] - (.Huawei Technologies Co., Ltd. - DataCardMonitor MFC Application.) - (2.0.0.47) = C:\ProgramData\DatacardService\DCSHelper.exe
2240 | [Owner : Mo'ath |Parent : 2368] - (.Intel Corporation - igfxHK Module.) - (6.15.10.3496) = C:\Windows\System32\igfxHK.exe
2184 | [Owner : Mo'ath |Parent : 2368] - (.Intel Corporation - igfxTray Module.) - (6.15.10.3496) = C:\Windows\System32\igfxTray.exe
2872 | [Owner : Mo'ath |Parent : 728] - (.Intel Corporation - igfxEM Module.) - (6.15.10.3496) = C:\Windows\System32\igfxEM.exe
3996 | [Owner : Mo'ath |Parent : 908] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.3.9600.17031) = C:\Windows\System32\taskhostex.exe
80 | [Owner : SYSTEM |Parent : 644] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.9600.17031) = C:\Windows\System32\SearchIndexer.exe
4028 | [Owner : Mo'ath |Parent : 2668] - (.Realtek Semiconductor - Realtek HD Audio Manager.) - (1.0.378.0) = C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
3960 | [Owner : Mo'ath |Parent : 2668] - (. - .) - (0.0.0.0) = C:\Program Files (x86)\Zain Broadband\Zain Broadband.exe
5808 | [Owner : NETWORK SERVICE |Parent : 644] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.9600.17031) = C:\Program Files\Windows Media Player\wmpnetwk.exe
4552 | [Owner : LOCAL SERVICE |Parent : 644] - (.Microsoft Corporation - PresentationFontCache.exe.) - (3.0.6920.7903) = C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe

дддддддддд | Tasks


Deleted successfully : C:\Windows\Tasks\360Disabled

дддддддддд | Services

Deleted successfully : HKLM\SYSTEM\ControlSet001\Services\360AvFlt : system32\DRIVERS\360AvFlt.sys

дддддддддд | AppCertDlls | AppInit_DLLs


дддддддддд | Hosts

Hosts : Ok

дддддддддд | SafeBoot


д


дддддддддд | Register

Deleted successfully : HKLM\SOFTWARE\360softmgr
Deleted successfully : HKU\S-1-5-21-1780214637-3531778011-2012122408-1001\SOFTWARE\360
Deleted successfully : HKLM64\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC} : BabylonToolbarTlbr.dll    (String)
Deleted successfully : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extension Compatibility\{98889811-442D-49DD-99D7-DC866BE87DBC}    (CLSID)

дддддддддд | Heuristics


дддддддддд | reparsepoint



дддддддддд | Folders | Files

Deleted successfully : C:\Users\All Users\360safe
Deleted successfully : C:\Users\All Users\Start Menu\Programs\360 Security Cetner
Deleted successfully : C:\Users\Mo'ath\AppData\LocalLow\360WD
Deleted successfully : C:\Windows\System32\Config\Systemprofile\AppData\Roaming\360safe\360ScanLog

дддддддддд | .LNK


дддддддддд | opening unknown extension


дддддддддд | Proxy


дддддддддд | Internet Explorer


дддддддддд | Google Chrome

Deleted successfully : C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Reseted successfully : SearchURL

C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\aohghmighlieiainnegkcijnfilokake =  : Google & co - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\apdfllckaahabafndbhieahigkjlhalf =  : Google & co - https://drive.google.com/?usp=chrome_app - Google & co - [http://docs.google.com/http://drive.google.com/https://docs.google.com/https://drive.google.com/] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo =  : Google & co - http://www.youtube.com - http://www.youtube.com/?feature=ytca - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf =  : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\eehpibjfkijipalplliffcgkhhmecjgi =  :     __MSG_extDesc__ - http://www.football-champions.com/?s=chromestore -     __MSG_extName__ - [http://www.football-champions.com/?s=chromestore] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\eemlkeanncmjljgehlbplemhmdmalhdc =  - Google & co - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\hlhbmnfdcklajeaeikfinieljfegamko =  :     __MSG_extension_description__ - http://speedtest.appsmaster.co/ -     __MSG_extension_name__ - [http://speedtest.appsmaster.co/] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\jpfbieopdmepaolggioebjmedmclkbap =  :     Automatically clear your browser cache before loading a page. Can be enabled/disabled with a single mouse click. -     Cache Killer - permissions:[webRequestbrowsingData\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\mnnelgnkomjdakpkjpkfehdipjifjmbk =  :     __MSG_description__ - http://world.needforspeed.com/c/chrome-web-store -     __MSG_title__ - [http://world.needforspeed.com/] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\nccllfnllopfpcbjdgjdlfmomnfgnnbk =  :     Log into multiple accounts on the same site simultaneously. -     MultiLogin - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\oncckmaelaecccmaniihojgeopkcajfh =  :     __MSG_ext_description__ -     __MSG_ext_name__ - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\pfpeapihoiogbcmdmnibeplnikfnhoge =  :     Outlook.com offers the richest most personal experience with Facebook Twitter and Skype integration Office Web Apps and more. - https://mail.live.com -     Outlook.com - [*://*.mail.live.com/] - https://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\pinjeagflheledfiihhbilplepebhhcn =  :     Big collection of timeline covers for your FB Profile and a visual cover editor to design covers. - http://www.timelinecovers.pro/?label=chr1 -     Facebook Covers - [http://www.timelinecovers.pro/?label=chr1] - http://clients2.google.com/service/update2/crx
C:\Users\Mo'ath\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia =  : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx

дддддддддд | Chromium



дддддддддд | Comodo Dragon



дддддддддд | Firefox



дддддддддд | SeaMonkey



дддддддддд | Pale moon



дддддддддд | Opera



дддддддддд | Spark



дддддддддд | StartMenuInternet


дддддддддд | Javascript


дддддддддд | Firewall

Deleted successfully : [HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]~[{5DBC3D1D-3459-4877-95BF-493E984BE26B}] : v2.22|Action=Allow|Active=TRUE|Dir=In|Protocol=17|Profile=Public|App=C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe|Name=360????????|

дддддддддд | ADS

дддддддддд | Temporary files

[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Mo'ath] Temporary files deleted : 0 Ko
[Public] Temporary files deleted : 0 Ko
[C:\Windows\Temp] Temporary files deleted : 0 Ko
[C:\Temp] Temporary files deleted : 0 Ko


Other(s) report(s)

C:\AdsFix_12_09_2014_02_16_06.txt[30199 o]

дддддддддд | Listing 


дддддддддд | C:\Program Files (x86)

[04/09/2014 22:47:06] - |D| - C:\Program Files (x86)\360
[16/08/2014 01:26:32] - |D| - C:\Program Files (x86)\Adobe
[20/08/2014 16:14:57] - |D| - C:\Program Files (x86)\Ashampoo
[09/08/2014 00:07:01] - |D| - C:\Program Files (x86)\BlueStacks
[22/08/2014 12:45:54] - |D| - C:\Program Files (x86)\Bonjour
[22/08/2013 16:36:15] - |D| - C:\Program Files (x86)\Common Files
[22/08/2013 18:36:33] - |ASH| - C:\Program Files (x86)\desktop.ini
[11/08/2014 01:37:42] - |D| - C:\Program Files (x86)\FreeTime
[06/08/2014 05:35:50] - |D| - C:\Program Files (x86)\Google
[07/09/2014 18:46:47] - |D| - C:\Program Files (x86)\Hewlett-Packard
[06/08/2014 09:12:17] - |D| - C:\Program Files (x86)\Hp
[06/09/2014 17:35:30] - |D| - C:\Program Files (x86)\IconCool Software
[06/08/2014 05:21:10] - |D| - C:\Program Files (x86)\Intel
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Internet Explorer
[06/08/2014 05:56:52] - |D| - C:\Program Files (x86)\IObit
[09/08/2014 00:05:41] - |D| - C:\Program Files (x86)\Java
[27/08/2014 19:55:17] - |D| - C:\Program Files (x86)\Malwarebytes Anti-Malware
[15/08/2014 09:08:03] - |D| - C:\Program Files (x86)\Microsoft SkyDrive
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Microsoft.NET
[15/08/2014 08:55:35] - |D| - C:\Program Files (x86)\MSBuild
[16/08/2014 01:59:38] - |D| - C:\Program Files (x86)\Photoshop
[11/08/2014 02:27:58] - |D| - C:\Program Files (x86)\QuickTime
[15/08/2014 08:55:35] - |D| - C:\Program Files (x86)\Reference Assemblies
[11/08/2014 03:31:45] - |D| - C:\Program Files (x86)\Remove Logo Now!
[11/08/2014 02:27:29] - |D| - C:\Program Files (x86)\TechSmith
[20/08/2014 00:23:57] - |D| - C:\Program Files (x86)\vcd-creator-burner-pro
[06/08/2014 05:54:28] - |D| - C:\Program Files (x86)\VideoLAN
[08/08/2014 10:10:08] - |D| - C:\Program Files (x86)\VisualRoute
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Defender
[15/08/2014 08:59:13] - |D| - C:\Program Files (x86)\Windows Live
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Mail
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Media Player
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Multimedia Platform
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows NT
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Photo Viewer
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Windows Portable Devices
[22/08/2013 18:36:30] - |SHD| - C:\Program Files (x86)\Windows Sidebar
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\WindowsPowerShell
[06/08/2014 08:42:12] - |D| - C:\Program Files (x86)\WinRAR
[06/08/2014 05:27:34] - |D| - C:\Program Files (x86)\Zain Broadband

дддддддддд | C:\Program Files

[22/08/2014 12:13:15] - |D| - C:\Program Files\Andy
[22/08/2014 12:45:54] - |D| - C:\Program Files\Bonjour
[22/08/2013 16:36:15] - |D| - C:\Program Files\Common Files
[22/08/2013 18:36:45] - |ASH| - C:\Program Files\desktop.ini
[06/08/2014 05:21:04] - |D| - C:\Program Files\Intel
[22/08/2013 18:36:31] - |D| - C:\Program Files\Internet Explorer
[15/08/2014 08:55:27] - |D| - C:\Program Files\MSBuild
[22/08/2014 12:46:09] - |D| - C:\Program Files\Oracle
[06/08/2014 06:28:01] - |D| - C:\Program Files\Realtek
[15/08/2014 08:55:27] - |D| - C:\Program Files\Reference Assemblies
[15/08/2014 08:53:47] - |D| - C:\Program Files\Synaptics
[22/08/2013 17:47:10] - |HD| - C:\Program Files\Uninstall Information
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Defender
[22/08/2013 22:11:28] - |D| - C:\Program Files\Windows Journal
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Mail
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Media Player
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Multimedia Platform
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows NT
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Photo Viewer
[22/08/2013 18:36:31] - |D| - C:\Program Files\Windows Portable Devices
[22/08/2013 18:36:31] - |SHD| - C:\Program Files\Windows Sidebar
[22/08/2013 18:36:31] - |HD| - C:\Program Files\WindowsApps
[22/08/2013 18:36:31] - |D| - C:\Program Files\WindowsPowerShell

дддддддддд | C:\Program Files (x86)\Common Files

[16/08/2014 01:26:32] - |D| - C:\Program Files (x86)\Common Files\Adobe
[06/08/2014 05:21:01] - |D| - C:\Program Files (x86)\Common Files\Intel
[09/08/2014 00:05:52] - |D| - C:\Program Files (x86)\Common Files\Java
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Common Files\Microsoft Shared
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Common Files\Services
[22/08/2013 18:36:30] - |D| - C:\Program Files (x86)\Common Files\System
[11/08/2014 02:27:47] - |D| - C:\Program Files (x86)\Common Files\TechSmith Shared
[15/08/2014 08:56:57] - |D| - C:\Program Files (x86)\Common Files\Windows Live

дддддддддд | C:\Program Files\Common Files

[16/08/2014 02:03:54] - |D| - C:\Program Files\Common Files\Adobe
[22/08/2013 18:36:31] - |D| - C:\Program Files\Common Files\microsoft shared
[22/08/2013 18:36:31] - |D| - C:\Program Files\Common Files\Services
[22/08/2013 18:36:31] - |D| - C:\Program Files\Common Files\System

дддддддддд | C:\Users\Mo'ath\AppData\Roaming

[06/08/2014 01:54:10] - |D| - C:\Users\Mo'ath\AppData\Roaming\Adobe
[22/08/2014 12:13:15] - |A| - C:\Users\Mo'ath\AppData\Roaming\AndyCleanupTool.exe
[22/08/2014 12:13:25] - |A| - C:\Users\Mo'ath\AppData\Roaming\AndyCleanVM.exe
[20/08/2014 16:15:12] - |D| - C:\Users\Mo'ath\AppData\Roaming\Ashampoo
[09/08/2014 01:05:30] - |D| - C:\Users\Mo'ath\AppData\Roaming\DMCache
[11/08/2014 01:35:16] - |D| - C:\Users\Mo'ath\AppData\Roaming\dvdcss
[09/08/2014 01:05:31] - |D| - C:\Users\Mo'ath\AppData\Roaming\IDM
[06/08/2014 05:57:02] - |D| - C:\Users\Mo'ath\AppData\Roaming\IObit
[06/08/2014 05:32:48] - |D| - C:\Users\Mo'ath\AppData\Roaming\Macromedia
[06/08/2014 01:53:27] - |SD| - C:\Users\Mo'ath\AppData\Roaming\Microsoft
[20/08/2014 00:30:57] - |D| - C:\Users\Mo'ath\AppData\Roaming\rmi
[11/08/2014 02:31:33] - |D| - C:\Users\Mo'ath\AppData\Roaming\TechSmith
[06/08/2014 05:54:47] - |D| - C:\Users\Mo'ath\AppData\Roaming\vlc
[06/08/2014 08:42:26] - |D| - C:\Users\Mo'ath\AppData\Roaming\WinRAR

дддддддддд | C:\Users\Mo'ath\AppData\Local

[16/08/2014 01:09:48] - |D| - C:\Users\Mo'ath\AppData\Local\Adobe
[06/08/2014 01:53:31] - |SHD| - C:\Users\Mo'ath\AppData\Local\Application Data
[20/08/2014 16:15:03] - |D| - C:\Users\Mo'ath\AppData\Local\ashampoo
[31/08/2014 18:30:58] - |D| - C:\Users\Mo'ath\AppData\Local\CrashDumps
[07/08/2014 10:03:53] - |SHD| - C:\Users\Mo'ath\AppData\Local\EmieSiteList
[07/08/2014 10:03:53] - |SHD| - C:\Users\Mo'ath\AppData\Local\EmieUserList
[10/08/2014 09:26:09] - |D| - C:\Users\Mo'ath\AppData\Local\Facebook
[06/08/2014 05:35:45] - |D| - C:\Users\Mo'ath\AppData\Local\Google
[06/08/2014 01:53:31] - |SHD| - C:\Users\Mo'ath\AppData\Local\History
[05/09/2014 02:21:52] - |AH| - C:\Users\Mo'ath\AppData\Local\IconCache.db
[06/08/2014 01:53:29] - |D| - C:\Users\Mo'ath\AppData\Local\Microsoft
[06/08/2014 01:53:57] - |D| - C:\Users\Mo'ath\AppData\Local\Packages
[06/08/2014 05:56:30] - |D| - C:\Users\Mo'ath\AppData\Local\Programs
[11/08/2014 02:31:26] - |D| - C:\Users\Mo'ath\AppData\Local\TechSmith
[06/08/2014 01:53:31] - |SHD| - C:\Users\Mo'ath\AppData\Local\Temporary Internet Files
[06/08/2014 01:54:06] - |D| - C:\Users\Mo'ath\AppData\Local\VirtualStore
[15/08/2014 08:57:13] - |D| - C:\Users\Mo'ath\AppData\Local\Windows Live

дддддддддд | C:\ProgramData

[16/08/2014 01:28:26] - |D| - C:\ProgramData\Adobe
[22/08/2014 12:45:54] - |D| - C:\ProgramData\Apple
[22/08/2013 17:45:52] - |SHD| - C:\ProgramData\Application Data
[20/08/2014 16:15:01] - |D| - C:\ProgramData\Ashampoo
[27/08/2014 23:21:03] - |D| - C:\ProgramData\AVAST Software
[09/08/2014 00:07:01] - |D| - C:\ProgramData\BlueStacks
[09/08/2014 00:07:01] - |D| - C:\ProgramData\BlueStacksSetup
[06/08/2014 05:23:19] - |D| - C:\ProgramData\DatacardService
[22/08/2013 17:45:52] - |SHD| - C:\ProgramData\Desktop
[22/08/2013 17:45:52] - |SHD| - C:\ProgramData\Documents
[16/08/2014 02:04:29] - |D| - C:\ProgramData\Google
[09/08/2014 01:05:31] - |D| - C:\ProgramData\IDM
[06/08/2014 05:57:02] - |D| - C:\ProgramData\IObit
[06/08/2014 08:48:32] - |D| - C:\ProgramData\KMSAutoS
[08/08/2014 09:18:57] - |D| - C:\ProgramData\log
[27/08/2014 19:55:17] - |D| - C:\ProgramData\Malwarebytes
[22/08/2013 16:36:15] - |SD| - C:\ProgramData\Microsoft
[15/08/2014 09:07:54] - |D| - C:\ProgramData\Microsoft OneDrive
[08/08/2014 09:18:57] - |D| - C:\ProgramData\OnlineUpdate
[09/08/2014 00:06:03] - |D| - C:\ProgramData\Oracle
[16/08/2014 01:27:23] - |D| - C:\ProgramData\Package Cache
[22/08/2013 18:36:30] - |D| - C:\ProgramData\regid.1991-06.com.microsoft
[11/08/2014 02:27:58] - |D| - C:\ProgramData\regid.1995-08.com.techsmith
[22/08/2013 17:45:52] - |SHD| - C:\ProgramData\Start Menu
[08/08/2014 10:09:27] - |D| - C:\ProgramData\Sun
[11/08/2014 02:27:29] - |D| - C:\ProgramData\TechSmith
[22/08/2013 17:45:52] - |SHD| - C:\ProgramData\Templates
[06/08/2014 05:28:09] - |D| - C:\ProgramData\Zain Broadband

[X] : [528 Ko]

Analyzed : 98548 | Modified : 0 | Infected : 13

дддддддддд |EOF| дддддддддд | 03:03:50 | [22 Ko]