єєєєєєєєєє | AdsFix | g3n-h@ckm@n | 29.03.2015.1

єєєєє Vista | 7 | 8 | 8.1 - 32/64 bits єєєєє - Start 22:54:39 - 29/03/2015

update on : 29/03/2015 | 20.10 by g3n-h@ckm@n≥
Contact : http://www.sosvirus.net
Assistance : http://www.sosvirus.net/forum-virus-securite.html
Feedbacks : http://www.sosvirus.net/feedbacks-t75915.html
Facebook : https://www.facebook.com/AdsFix
Boot: Normal boot
[Win7 (Administrator)] - [WIN7-PC] -  (XX_XX_XX  [0409])
SID = S-1-5-21-1163517497-134154996-3967426762-1000 || [57696e37205e5e]
PC : Gigabyte Technology Co., Ltd. - G41MT-S2P - 
Processor : X64
Bios : Award Software International, Inc. - 05/16/2011
System : Windows 7 Ultimate (32 bits) Ultimate 
RAM memory = Total (MB) : 2061 | Free (MB) : 1304
Pagefile = Total (MB) : 7181 | Free (MB) : 6192
Virtual = Total (MB) : 2097 | Free (MB) : 1954

C:\ -> [Fixed] | [] | Total : 68830 Mo | Free : 38270 Mo -> NTFS
D:\ -> [Fixed] | [кФяи ФцАйягс] | Total : 80210 Mo | Free : 54870 Mo -> NTFS
E:\ -> [Fixed] | [J] | Total : 89170 Mo | Free : 47880 Mo -> FAT32
F:\ -> [Fixed] | [C] | Total : 88820 Mo | Free : 28540 Mo -> FAT32
G:\ -> [Fixed] | [ЦДФзгй] | Total : 88980 Mo | Free : 23100 Mo -> FAT32
H:\ -> [Fixed] | [хягЦл] | Total : 60860 Mo | Free : 60530 Mo -> NTFS
I:\ -> [CDROM] | [Etisalat Modem] | Total : 30 Mo | Free : 0 Mo -> CDFS

Registry saved, to restore :  Click on Options & Restore the register (C:\AdsFix\Save\Registry [29.03.2015 @ 22_54_37]) or an element
Restore files or folders deleted by mistake : Click on Options & Restore Files | Folders, Select an item >> "restore"

єєєєєєєєєє | Windows Updates

Last dИtection : 2015-03-29 08:18:40
Last downloaded : 2015-02-14 11:57:10
Last installation : 2015-02-14 12:26:41
Next search : 2015-03-30 03:38:00

Service Pack 1 not installed !!!

єєєєєєєєєє | Browsers

IE : 8.0.7600.16385     (╘ Microsoft Corporation. All rights reserved.)
FF : 36.0.4.5557     (╘Firefox and Mozilla Developers; available under the MPL 2 license.)
GC : 40.0.2214.115     (Copyright 2012 Google Inc. All rights reserved.)

єєєєєєєєєє | Security (atcav : 0)

AV :
AS : Windows Defender Disabled
AM : Malwarebytes' Anti-Malware   (1.0.1.922)     [2014.03.28.05]
FW : 
WMI : OK
WU: Windows Update Service [Auto(2)] = Order
AS: Windows Defender [Auto(2)] = Order
FW: Windows FireWall Service [Auto(2)] = Order

єєєєєєєєєє | FlashPlayer

Plugin : 16.0.0.305

єєєєєєєєєє | Killed processes

1256 | [Owner : SYSTEM |Parent : 520] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7600.16385) = C:\Windows\System32\spoolsv.exe
1556 | [Owner : Win7 |Parent : 520] - (.Microsoft Corporation - Host Process for Windows Tasks.) - (6.1.7600.16385) = C:\Windows\System32\taskhost.exe
1596 | [Owner : SYSTEM |Parent : 892] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7600.16385) = C:\Windows\System32\taskeng.exe
1668 | [Owner : Win7 |Parent : 1612] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7600.16385) = C:\Windows\explorer.exe
1736 | [Owner : SYSTEM |Parent : 1596] - (.Google Inc. - Google Installer.) - (1.3.21.103) = C:\Program Files\Google\Update\GoogleUpdate.exe
108 | [Owner : Win7 |Parent : 1668] - (.-.) - (0.0.0.0) = C:\Program Files\EaseUS\EaseUS Partition Master 10.1\bin\TrayPopupE\TrayTipAgentE.exe
280 | [Owner : Win7 |Parent : 1668] - (.-.) - (0.0.0.0) = C:\Program Files\EaseUS\TrayPopup\TrayTipAgent.exe
316 | [Owner : Win7 |Parent : 1668] - (.Intel Corporation - hkcmd Module.) - (8.15.10.2869) = C:\Windows\System32\hkcmd.exe
376 | [Owner : Win7 |Parent : 1668] - (.Intel Corporation - persistence Module.) - (8.15.10.2869) = C:\Windows\System32\igfxpers.exe
612 | [Owner : Win7 |Parent : 1668] - (.-.) - (0.0.0.0) = C:\Program Files\Etisalat USB Modem\UIExec.exe
1080 | [Owner : Win7 |Parent : 1668] - (.CyberLink Corp. - CyberLink YouCam Service.) - (5.0.909.17551) = C:\Program Files\CyberLink\YouCam\YouCamService.exe
1496 | [Owner : SYSTEM |Parent : 520] - (.Microsoft Corporation - Updates Skype Click to Call.) - (7.3.16540.9015) = C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
1884 | [Owner : NETWORK SERVICE |Parent : 520] - (.Microsoft Corporation - Phone Number Recognition (PNR) module.) - (7.3.16540.9015) = C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
664 | [Owner : SYSTEM |Parent : 520] - (.CHENGDU YIWO Tech Development Co., Ltd - EaseUS Todo Backup Agent Application.) - (5.0.0.1) = C:\Program Files\EaseUS\Todo Backup\bin\Agent.exe
2288 | [Owner : SYSTEM |Parent : 520] - (.OpenVPN Technologies, Inc - PrivateTunnel Service.) - (2.1.28.0) = C:\Program Files\OpenVPN Technologies\PrivateTunnel\ptservice.exe
2360 | [Owner : SYSTEM |Parent : 2288] - (.OpenVPN Technologies, Inc - PrivateTunnel Core Daemon.) - (2.3.6.0) = C:\Program Files\OpenVPN Technologies\PrivateTunnel\ptcore.exe
2372 | [Owner : SYSTEM |Parent : 364] - (.Microsoft Corporation - Console Window Host.) - (6.1.7600.16385) = C:\Windows\System32\conhost.exe
2544 | [Owner : SYSTEM |Parent : 520] - (.-.) - (0.0.0.0) = C:\Program Files\Etisalat USB Modem\AssistantServices.exe
2576 | [Owner : SYSTEM |Parent : 520] - (.VIA Technologies, Inc. - Service binary.) - (0.1.0.0) = C:\Windows\System32\ViakaraokeSrv.exe
2640 | [Owner : SYSTEM |Parent : 664] - (.-.) - (0.0.0.0) = C:\Program Files\EaseUS\Todo Backup\bin\TodoBackupService.exe
2684 | [Owner : SYSTEM |Parent : 520] - (.Microsoft Corp. - Microsoftў Windows Live ID Service.) - (7.250.4311.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
3168 | [Owner : SYSTEM |Parent : 2684] - (.Microsoft Corp. - Microsoftў Windows Live ID Service Monitor.) - (7.250.4311.0) = C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
2868 | [Owner : SYSTEM |Parent : 520] - (.Microsoft Corporation - Virtual Disk Service.) - (6.1.7600.16385) = C:\Windows\System32\vds.exe
6040 | [Owner : NETWORK SERVICE |Parent : 520] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.7600.16385) = C:\Program Files\Windows Media Player\wmpnetwk.exe
4560 | [Owner : LOCAL SERVICE |Parent : 860] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.1.7600.16385) = C:\Windows\System32\WUDFHost.exe
3796 | [Owner : Win7 |Parent : 648] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7600.16385) = C:\Windows\explorer.exe
5472 | [Owner : Win7 |Parent : 3796] - (.Microsoft Corporation - Notepad.) - (6.1.7600.16385) = C:\Windows\System32\notepad.exe
5940 | [Owner : Win7 |Parent : 648] - (.Adobe Systems, Inc. - Adobe Flash Player Helper 10.0 r45.) - (10.0.45.2) = C:\Windows\System32\Macromed\Flash\FlashUtil10e.exe
4264 | [Owner : LOCAL SERVICE |Parent : 860] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.1.7600.16385) = C:\Windows\System32\WUDFHost.exe

єєєєєєєєєє | Tasks

Deleted successfully : Driver Booster Scan
Deleted successfully : Driver Booster Update


єєєєєєєєєє | Services


єєєєєєєєєє | AppCertDlls | AppInit_DLLs


єєєєєєєєєє | Hosts

Hosts : Ok

єєєєєєєєєє | SafeBoot


єєєєєєєєєє | Winsock


єєєєєєєєєє | DNS


єєєєєєєєєє | Register

Deleted successfully : HKLM\SOFTWARE\Classes\Interface\{89A3A2ED-0546-4C60-8159-2D917245BCB3} : IBrowserSecurityManager
Deleted successfully : HKU\S-1-5-18\SOFTWARE\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA} : c/Au/XV/H/Ap/X2/GP/j/Xt/axAv/X6////%
Deleted successfully : HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\Driver Booster_is1

єєєєєєєєєє | Folders | Files

Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Driver Booster 2.lnk     (.-.)     
Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2\Uninstall Driver Booster 2.lnk     (.-.)     
Deleted successfully : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 2
Deleted successfully : C:\ProgramData\mxnhytee.feu     (.-.)     
Deleted successfully : C:\Users\Win7\AppData\Roaming\mario.ico     (.-.)     
Deleted successfully : C:\Users\Win7\AppData\Local\Apps

єєєєєєєєєє | .LNK


єєєєєєєєєє | opening unknown extension


єєєєєєєєєє | Proxy


єєєєєєєєєє | Internet Explorer

Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Default_Page_URL] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Default_Search_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[Default_Page_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\SearchURL]~[Default] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[CustomizeSearch] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[SearchMigratedDefaultName] :  -> google.com
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Main]~[SearchMigratedDefaultURL] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchAssistant] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Bar] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Page] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Default_Page_URL] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] :  -> C:\Windows\System32\blank.htm
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Page] :  -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Search_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Page_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[CustomizeSearch] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchMigratedDefaultName] :  -> google.com
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchMigratedDefaultURL] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]~[Tabs] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Search Bar] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[Start Default_Page_URL] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchURL]~[Default] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[CustomizeSearch] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[SearchMigratedDefaultName] :  -> google.com
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Main]~[SearchMigratedDefaultURL] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchAssistant] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Bar] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Page] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Start Default_Page_URL] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Local Page] :  -> C:\Windows\System32\blank.htm
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Search Page] :  -> http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Search_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=54896
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[Default_Page_URL] :  -> http://go.microsoft.com/fwlink/?LinkId=69157
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[CustomizeSearch] :  -> https://www.google.com/
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchMigratedDefaultName] :  -> google.com
Repaired : [HKLM\SOFTWARE\Microsoft\Internet Explorer\Search]~[SearchMigratedDefaultURL] :  -> https://www.google.com/
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[Enabled] :  -> 2
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Internet Explorer\PhishingFilter]~[EnabledV8] :  -> 1
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[ProxyOverride] :  -> *.local
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonBadCertReceving] :  -> 1
Repaired : [HKU\S-1-5-21-1163517497-134154996-3967426762-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet settings]~[WarNonHTTPSToHTTPRedirect] :  -> 1

єєєєєєєєєє | Google Chrome

Deleted successfully : HKLM\SOFTWARE\Policies\Google
Deleted successfully : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Web Data     (.-.)     Reseted successfully : SearchURL
Deleted successfully : C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\Preferences     (.-.)     Impossible to reset : Preferences 

C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\extensions\bepbmhgboaologfdajaanbcjmnhjmhfn =  :     This extension allows you to say ▒Ok Google▓ and start speaking your search. -     Google Voice Search Hotword (Beta) - https://epicunitscan.info/00service/update2/crx
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\extensions\jeaohhlajejodfjadcponpnjgkiikocn =  :     Download files with Internet Download Manager -     IDM Integration Module - permissions:[\u003Call_urls>tabscookiescontextMenuswebNavigationwebRequestwebRequestBlockingmanagementstorageproxy] - https://epicunitscan.info/00service/update2/crx
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl =  :     Skype Click to Call -     Skype Click to Call - https://epicunitscan.info/00service/update2/crx
C:\Users\Win7\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda =  : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://epicunitscan.info/00service/update2/crx

єєєєєєєєєє | Chromium



єєєєєєєєєє | Comodo Dragon



єєєєєєєєєє | Firefox

Deleted successfully : C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\ehnkcsts.default\sessionstore.js     (.-.)     
Deleted successfully : C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\ehnkcsts.default\extensions\twoo@twoo.com.xpi     (.-.)= twoo@twoo.com.xpi

C:\Users\Win7\AppData\Roaming\Mozilla\Firefox\Profiles\ehnkcsts.default\Extensions\mozilla_cc@internetdownloadmanager.com =  :IDM CC -  :http://www.internetdownloadmanager.com

єєєєєєєєєє | SeaMonkey



єєєєєєєєєє | Pale moon



єєєєєєєєєє | Opera



єєєєєєєєєє | Spark



єєєєєєєєєє | StartMenuInternet


єєєєєєєєєє | Javascript


єєєєєєєєєє | Firewall


єєєєєєєєєє | Temporary files

[All Users] Temporary files deleted : 0 Ko
[Default] Temporary files deleted : 0 Ko
[Default User] Temporary files deleted : 0 Ko
[Public] Temporary files deleted : 0 Ko
[USER] Temporary files deleted : 0 Ko
[Win7] Temporary files deleted : 564 Ko
[C:\Windows\Temp] Temporary files deleted : 10874 Ko
[C:\Temp] Temporary files deleted : 0 Ko


Other(s) report(s)

C:\AdsFix_29_03_2015_22_43_30.txt[2647 o]
C:\AdsFix_29_03_2015_22_48_23.txt[2648 o]

єєєєєєєєєє | Listing 


єєєєєєєєєє | C:\Program Files

[20/01/2014 12:11:39] - |D| - C:\Program Files\Adobe
[07/02/2014 09:57:54] - |D| - C:\Program Files\BreakPoint Software
[16/12/2013 21:08:29] - |D| - C:\Program Files\CCleaner
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files
[10/02/2015 23:07:05] - |D| - C:\Program Files\CyberLink
[14/07/2009 06:41:57] - |ASH| - C:\Program Files\desktop.ini
[24/01/2015 19:57:40] - |D| - C:\Program Files\DriverUninstall
[22/08/2014 15:13:31] - |D| - C:\Program Files\DVBViewer
[14/07/2009 06:52:30] - |D| - C:\Program Files\DVD Maker
[20/10/2014 13:58:18] - |D| - C:\Program Files\EaseUS
[24/01/2015 19:57:38] - |D| - C:\Program Files\Etisalat USB Modem
[13/03/2015 03:50:56] - |D| - C:\Program Files\ezAutoCorrect for GMail
[28/02/2015 12:16:46] - |D| - C:\Program Files\Facebook Colors
[01/02/2014 08:56:46] - |D| - C:\Program Files\Fausto
[11/11/2014 17:16:39] - |D| - C:\Program Files\ffdshow
[11/12/2013 23:43:17] - |D| - C:\Program Files\FreeTime
[02/03/2015 15:01:30] - |D| - C:\Program Files\Google
[21/03/2014 06:52:13] - |D| - C:\Program Files\Growl for Windows
[09/09/2014 07:39:41] - |D| - C:\Program Files\HomeGuard
[31/12/2014 16:13:58] - |D| - C:\Program Files\HyperTerminal
[29/07/2014 20:25:23] - |HD| - C:\Program Files\InstallShield Installation Information
[09/12/2013 17:51:46] - |D| - C:\Program Files\Intel
[24/07/2014 14:35:00] - |D| - C:\Program Files\Internet Download Manager
[14/07/2009 04:37:05] - |D| - C:\Program Files\Internet Explorer
[10/11/2014 20:56:25] - |D| - C:\Program Files\IObit
[30/12/2014 17:20:09] - |D| - C:\Program Files\iWisoft Free Video Converter
[07/01/2014 23:16:47] - |D| - C:\Program Files\Java
[05/04/2014 16:01:49] - |D| - C:\Program Files\Malwarebytes Anti-Malware
[14/07/2009 06:52:30] - |D| - C:\Program Files\Microsoft Games
[20/01/2014 12:22:08] - |D| - C:\Program Files\Microsoft Office
[26/11/2014 09:51:08] - |D| - C:\Program Files\Microsoft OneDrive
[26/11/2014 09:54:14] - |D| - C:\Program Files\Microsoft SQL Server Compact Edition
[20/01/2014 12:22:08] - |D| - C:\Program Files\Microsoft.NET
[22/03/2015 08:41:32] - |D| - C:\Program Files\Mozilla Firefox
[16/12/2013 20:31:09] - |D| - C:\Program Files\Mozilla Maintenance Service
[14/07/2009 06:52:30] - |D| - C:\Program Files\MSBuild
[28/10/2014 10:40:21] - |D| - C:\Program Files\OpenVPN Technologies
[21/03/2014 06:51:50] - |D| - C:\Program Files\Palringo
[09/12/2013 17:25:20] - |D| - C:\Program Files\PDF Reader
[04/04/2014 14:11:18] - |D| - C:\Program Files\ProgDVB
[14/07/2009 06:52:30] - |D| - C:\Program Files\Reference Assemblies
[29/07/2014 20:38:24] - |D| - C:\Program Files\SDA
[17/12/2013 16:25:13] - |D| - C:\Program Files\Shortcut
[27/03/2015 13:15:23] - |D| - C:\Program Files\Similar Sites
[31/07/2014 13:15:08] - |RD| - C:\Program Files\Skype
[25/06/2014 22:23:54] - |D| - C:\Program Files\Stardvb
[26/08/2014 14:46:51] - |D| - C:\Program Files\Tango
[06/02/2014 18:00:26] - |D| - C:\Program Files\TeamViewer
[17/12/2013 12:40:16] - |D| - C:\Program Files\TechSmith
[21/10/2014 10:20:36] - |D| - C:\Program Files\TV 3L PC
[14/07/2009 06:53:23] - |HD| - C:\Program Files\Uninstall Information
[05/04/2014 16:10:36] - |D| - C:\Program Files\USB Disk Security
[10/11/2014 22:50:47] - |D| - C:\Program Files\VIA
[25/04/2014 22:35:15] - |D| - C:\Program Files\Video Watermark
[12/12/2013 00:21:46] - |D| - C:\Program Files\VideoLAN
[25/04/2014 08:29:07] - |D| - C:\Program Files\Watermark Factory 2
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Defender
[14/07/2009 09:50:03] - |D| - C:\Program Files\Windows Journal
[26/11/2014 09:52:30] - |D| - C:\Program Files\Windows Live
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows Mail
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Media Player
[14/07/2009 04:37:05] - |D| - C:\Program Files\Windows NT
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Photo Viewer
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Portable Devices
[24/01/2015 19:53:10] - |D| - C:\Program Files\Windows Service
[14/07/2009 06:52:30] - |D| - C:\Program Files\Windows Sidebar
[09/12/2013 17:04:32] - |D| - C:\Program Files\WinRAR
[25/04/2014 22:35:14] - |D| - C:\Program Files\WinWatermark
[09/12/2013 17:30:46] - |D| - C:\Program Files\Yahoo!
[10/12/2013 17:01:52] - |D| - C:\Program Files\ZHPDiag

єєєєєєєєєє | C:\Program Files\Common Files

[20/01/2014 12:11:39] - |D| - C:\Program Files\Common Files\Adobe
[20/01/2014 17:57:38] - |D| - C:\Program Files\Common Files\Adobe AIR
[20/10/2014 12:11:30] - |D| - C:\Program Files\Common Files\ArcSoft
[20/01/2014 12:22:32] - |D| - C:\Program Files\Common Files\DESIGNER
[22/08/2014 15:13:31] - |D| - C:\Program Files\Common Files\DVBViewer Shared
[20/10/2014 12:11:35] - |D| - C:\Program Files\Common Files\Elecard
[29/07/2014 20:25:04] - |D| - C:\Program Files\Common Files\InstallShield
[10/12/2013 16:04:38] - |D| - C:\Program Files\Common Files\Intel
[18/06/2014 07:55:50] - |D| - C:\Program Files\Common Files\Java
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\microsoft shared
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\Services
[15/09/2014 19:10:21] - |D| - C:\Program Files\Common Files\Skype
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\SpeechEngines
[14/07/2009 04:37:05] - |D| - C:\Program Files\Common Files\System
[26/11/2014 09:47:14] - |D| - C:\Program Files\Common Files\Windows Live

єєєєєєєєєє | C:\Users\Win7\AppData\Roaming

[19/10/2014 14:27:11] - |D| - C:\Users\Win7\AppData\Roaming\AC3Filter
[09/12/2013 18:38:07] - |D| - C:\Users\Win7\AppData\Roaming\Adobe
[29/03/2015 17:19:09] - |A| - C:\Users\Win7\AppData\Roaming\appdataFr3.bin
[10/02/2014 00:09:52] - |D| - C:\Users\Win7\AppData\Roaming\BreakPoint Software
[10/02/2015 23:10:26] - |D| - C:\Users\Win7\AppData\Roaming\CyberLink
[09/12/2013 17:32:17] - |D| - C:\Users\Win7\AppData\Roaming\DMCache
[18/12/2013 22:08:16] - |D| - C:\Users\Win7\AppData\Roaming\dvdcss
[09/12/2013 17:02:42] - |D| - C:\Users\Win7\AppData\Roaming\Identities
[09/10/2014 14:41:47] - |D| - C:\Users\Win7\AppData\Roaming\IDM
[10/11/2014 20:56:27] - |D| - C:\Users\Win7\AppData\Roaming\IObit
[09/12/2013 18:38:07] - |D| - C:\Users\Win7\AppData\Roaming\Macromedia
[11/12/2013 20:43:24] - |D| - C:\Users\Win7\AppData\Roaming\Malwarebytes
[09/12/2013 17:02:26] - |D| - C:\Users\Win7\AppData\Roaming\Media Center Programs
[09/12/2013 17:02:25] - |SD| - C:\Users\Win7\AppData\Roaming\Microsoft
[16/12/2013 20:56:21] - |D| - C:\Users\Win7\AppData\Roaming\Mozilla
[10/12/2013 00:04:14] - |D| - C:\Users\Win7\AppData\Roaming\MPC-HC
[23/03/2014 06:48:56] - |D| - C:\Users\Win7\AppData\Roaming\Oracle
[29/05/2014 19:36:49] - |D| - C:\Users\Win7\AppData\Roaming\PlatinumHideIP
[11/11/2014 19:46:09] - |D| - C:\Users\Win7\AppData\Roaming\PotPlayerMini
[18/09/2014 09:26:22] - |D| - C:\Users\Win7\AppData\Roaming\rmi
[09/12/2013 17:31:39] - |D| - C:\Users\Win7\AppData\Roaming\Skype
[06/02/2014 18:00:40] - |D| - C:\Users\Win7\AppData\Roaming\TeamViewer
[20/10/2014 14:19:34] - |D| - C:\Users\Win7\AppData\Roaming\TuneUp Software
[12/12/2013 00:24:48] - |D| - C:\Users\Win7\AppData\Roaming\vlc
[27/02/2014 09:07:04] - |D| - C:\Users\Win7\AppData\Roaming\VSO
[27/11/2014 22:10:46] - |D| - C:\Users\Win7\AppData\Roaming\Windows Live Writer
[09/12/2013 17:04:55] - |D| - C:\Users\Win7\AppData\Roaming\WinRAR
[14/02/2014 20:10:21] - |D| - C:\Users\Win7\AppData\Roaming\Yahoo!
[05/04/2014 16:10:41] - |D| - C:\Users\Win7\AppData\Roaming\Zbshareware Lab
[10/12/2013 17:01:52] - |D| - C:\Users\Win7\AppData\Roaming\ZHP

єєєєєєєєєє | C:\Users\Win7\AppData\Local

[22/07/2014 10:52:05] - |D| - C:\Users\Win7\AppData\Local\Adobe
[09/12/2013 17:02:27] - |SHD| - C:\Users\Win7\AppData\Local\Application Data
[20/10/2014 12:11:32] - |D| - C:\Users\Win7\AppData\Local\ArcSoft
[17/12/2013 12:41:57] - |D| - C:\Users\Win7\AppData\Local\assembly
[29/01/2014 15:26:01] - |D| - C:\Users\Win7\AppData\Local\cache
[12/11/2014 13:28:25] - |D| - C:\Users\Win7\AppData\Local\CrashDumps
[10/02/2015 23:09:46] - |D| - C:\Users\Win7\AppData\Local\CyberLink
[14/11/2014 15:32:27] - |A| - C:\Users\Win7\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[30/01/2014 09:04:44] - |D| - C:\Users\Win7\AppData\Local\Deployment
[15/12/2013 00:00:13] - |D| - C:\Users\Win7\AppData\Local\Diagnostics
[29/07/2014 20:33:51] - |D| - C:\Users\Win7\AppData\Local\Downloaded Installations
[09/12/2013 17:40:57] - |D| - C:\Users\Win7\AppData\Local\ElevatedDiagnostics
[09/12/2013 17:19:26] - |A| - C:\Users\Win7\AppData\Local\GDIPFONTCACHEV1.DAT
[09/12/2013 17:28:31] - |D| - C:\Users\Win7\AppData\Local\Google
[21/03/2014 06:52:17] - |D| - C:\Users\Win7\AppData\Local\Growl
[09/12/2013 17:02:27] - |SHD| - C:\Users\Win7\AppData\Local\History
[17/12/2013 09:25:59] - |AH| - C:\Users\Win7\AppData\Local\IconCache.db
[09/12/2013 18:38:07] - |D| - C:\Users\Win7\AppData\Local\Macromedia
[09/12/2013 17:02:26] - |D| - C:\Users\Win7\AppData\Local\Microsoft
[10/07/2014 11:23:14] - |D| - C:\Users\Win7\AppData\Local\Microsoft Games
[09/12/2013 18:14:46] - |D| - C:\Users\Win7\AppData\Local\Mozilla
[09/12/2013 19:01:42] - |D| - C:\Users\Win7\AppData\Local\Programs
[29/07/2014 21:28:38] - |A| - C:\Users\Win7\AppData\Local\resmon.resmoncfg
[31/07/2014 13:15:22] - |D| - C:\Users\Win7\AppData\Local\Skype
[26/08/2014 14:46:48] - |D| - C:\Users\Win7\AppData\Local\tango
[17/12/2013 12:40:16] - |D| - C:\Users\Win7\AppData\Local\TechSmith
[09/12/2013 17:02:26] - |D| - C:\Users\Win7\AppData\Local\Temp
[09/12/2013 17:02:27] - |SHD| - C:\Users\Win7\AppData\Local\Temporary Internet Files
[20/10/2014 14:19:34] - |D| - C:\Users\Win7\AppData\Local\TuneUp Software
[10/02/2015 20:09:19] - |D| - C:\Users\Win7\AppData\Local\Viber
[09/12/2013 17:02:31] - |D| - C:\Users\Win7\AppData\Local\VirtualStore
[26/11/2014 09:47:27] - |D| - C:\Users\Win7\AppData\Local\Windows Live
[27/11/2014 22:10:46] - |D| - C:\Users\Win7\AppData\Local\Windows Live Writer

єєєєєєєєєє | C:\ProgramData

[20/01/2014 12:11:48] - |D| - C:\ProgramData\Adobe
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Application Data
[20/10/2014 12:11:32] - |D| - C:\ProgramData\ArcSoft
[22/08/2014 15:13:31] - |D| - C:\ProgramData\CMUV
[20/10/2014 14:17:48] - |HD| - C:\ProgramData\Common Files
[10/02/2015 23:12:11] - |D| - C:\ProgramData\CyberLink
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Desktop
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Documents
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Favorites
[21/03/2014 06:52:17] - |D| - C:\ProgramData\Growl
[31/12/2014 16:14:11] - |D| - C:\ProgramData\HyperTerminal
[10/12/2013 15:45:26] - |D| - C:\ProgramData\IDM
[10/02/2015 22:58:38] - |D| - C:\ProgramData\install_clap
[10/11/2014 20:56:28] - |D| - C:\ProgramData\IObit
[17/07/2014 13:49:57] - |D| - C:\ProgramData\Kaspersky Lab
[11/12/2013 20:43:18] - |D| - C:\ProgramData\Malwarebytes
[25/04/2014 22:11:00] - |D| - C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[23/06/2014 07:41:56] - |D| - C:\ProgramData\McAfee
[14/07/2009 04:37:05] - |SD| - C:\ProgramData\Microsoft
[26/11/2014 09:50:31] - |D| - C:\ProgramData\Microsoft OneDrive
[09/12/2013 18:14:41] - |D| - C:\ProgramData\Mozilla
[07/04/2014 22:25:12] - |A| - C:\ProgramData\ntuser.dat
[07/04/2014 22:25:12] - |ASH| - C:\ProgramData\ntuser.dat.LOG1
[07/04/2014 22:25:12] - |ASH| - C:\ProgramData\ntuser.dat.LOG2
[07/04/2014 22:25:13] - |ASH| - C:\ProgramData\ntuser.dat{2ef164cc-be7d-11e3-8378-50e549f2978c}.TM.blf
[07/04/2014 22:25:13] - |ASH| - C:\ProgramData\ntuser.dat{2ef164cc-be7d-11e3-8378-50e549f2978c}.TMContainer00000000000000000001.regtrans-ms
[07/04/2014 22:25:13] - |ASH| - C:\ProgramData\ntuser.dat{2ef164cc-be7d-11e3-8378-50e549f2978c}.TMContainer00000000000000000002.regtrans-ms
[17/07/2014 13:42:48] - |ASH| - C:\ProgramData\ntuser.dat{31bc96a9-0d90-11e4-97a7-50e549f2978c}.TM.blf
[17/07/2014 13:42:48] - |ASH| - C:\ProgramData\ntuser.dat{31bc96a9-0d90-11e4-97a7-50e549f2978c}.TMContainer00000000000000000001.regtrans-ms
[17/07/2014 13:42:48] - |ASH| - C:\ProgramData\ntuser.dat{31bc96a9-0d90-11e4-97a7-50e549f2978c}.TMContainer00000000000000000002.regtrans-ms
[07/01/2014 23:17:14] - |D| - C:\ProgramData\Oracle
[31/12/2014 16:14:00] - |D| - C:\ProgramData\Package Cache
[29/05/2014 19:36:49] - |D| - C:\ProgramData\PlatinumHideIP
[10/11/2014 20:56:36] - |D| - C:\ProgramData\ProductData
[04/04/2014 14:11:56] - |D| - C:\ProgramData\ProgDVB
[09/12/2013 17:30:33] - |D| - C:\ProgramData\Skype
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Start Menu
[07/01/2014 23:17:21] - |D| - C:\ProgramData\Sun
[17/12/2013 12:40:26] - |D| - C:\ProgramData\TechSmith
[14/07/2009 06:53:55] - |SHD| - C:\ProgramData\Templates
[20/10/2014 14:17:48] - |D| - C:\ProgramData\TuneUp Software
[25/04/2014 08:29:20] - |D| - C:\ProgramData\Watermark Factory
[09/12/2013 17:31:10] - |D| - C:\ProgramData\Yahoo!
[28/02/2015 12:13:32] - |D| - C:\ProgramData\{6a811926-c225-ad52-6a81-11926c22649b}
[20/10/2014 14:17:49] - |SHD| - C:\ProgramData\{FE8D473A-6F06-4F99-B5F4-BED72B2A038C}

єєєєєєєєєє | C:\Windows\Tasks

[09/12/2013 18:29:11] - |A| - C:\Windows\Tasks\Adobe Flash Player Updater.job
[02/03/2015 15:01:39] - |A| - C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
[02/03/2015 15:01:40] - |A| - C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
[14/07/2009 06:53:47] - |AH| - C:\Windows\Tasks\SA.DAT
[14/07/2009 06:53:46] - |A| - C:\Windows\Tasks\SCHEDLGU.TXT

єєєєєєєєєє | C:\Windows\System32\Tasks

[09/12/2013 18:29:11] - |A| - C:\Windows\System32\Tasks\Adobe Flash Player Updater
[16/12/2013 21:08:43] - |A| - C:\Windows\System32\Tasks\CCleanerSkipUAC
[02/03/2015 15:01:40] - |A| - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
[02/03/2015 15:01:40] - |A| - C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
[14/07/2009 04:37:09] - |D| - C:\Windows\System32\Tasks\Microsoft
[14/07/2009 06:54:35] - |D| - C:\Windows\System32\Tasks\WPD
[09/12/2013 17:30:42] - |A| - C:\Windows\System32\Tasks\{53CDEC58-B3F2-4E4A-ACFC-3F8A9F3F7CCB}
[30/07/2014 13:33:52] - |A| - C:\Windows\System32\Tasks\{7CD3DF20-A2F0-4EAA-822F-93054E52DE18}
[27/07/2014 10:26:06] - |A| - C:\Windows\System32\Tasks\{93C213B9-7EE3-45EC-A9F7-FDCEFD4C5C12}
[26/03/2015 17:03:19] - |A| - C:\Windows\System32\Tasks\{BC91D16C-8FEC-4EEA-8FEB-52FE54191EE6}

[X] : [127 Ko]

Analyzed : 175164 | Modified : 42 | Deleted : 18

єєєєєєєєєє |EOF| єєєєєєєєєє | 01:29:35 | [32 Ko]