Tweet
Yes, you need to save the fixlist to your desktop along with the FRST tool. Then right click FRST run as administrator, then click on the fix button.
-
-
You are currently running FRST from your downloads folder.
Running from C:\Users\rusobr2\Downloads
Open downloads folder by hitting the start button, then type downloads. Click on the folder, then drag and drop the fixlist.txt and FRST onto your desktop. Then run the fix.Comment
-
it is running the “farbar scan then went to fix” but upper window says "not responding … also the "360 came up with trojens and all …Comment
-
for some reason i can’t get the file to desk top, and it is "read @ "notebook, but the "tool is on desk top which i ran, but it came up as "not responding
steve
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016Originally posted by Malnutrition
Ran by rusobr2 (administrator) on RUSOBR2-PC (26-09-2016 15:07:17)
Running from C:\Users\rusobr2\Downloads
Loaded Profiles: rusobr2 (Available Profiles: rusobr2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(© 2015 Microsoft Corporation) C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\B ingSvc.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
HKLM-x32...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1889192 2016-09-14] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-436883666-1139675966-1884149517-1000...\Run: [BingSvc] => C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\B ingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2014-08-04]
ShortcutTarget: Wireless Connection Manager.lnk → C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Tcpip..\Interfaces{F63853C9-4098-42F4-ADE8-406C47CCC51F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
[HEADING=1]Internet Explorer:[/HEADING]
BHO: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-09-14] (Qihu 360 Software Co., Ltd.)
BHO-x32: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-07-11] (Qihu 360 Software Co., Ltd.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957
FF Homepage: msn.com
FF Plugin: @adobe.com/FlashPlayer → C:\windows\system32\Macromed\Flash\NPSWF64_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @adobe.com/FlashPlayer → C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin → C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Extension: (American English Spelling Checker) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\extensions\AmericanEnglishSpellingChecker@lipocodes.xpi [2016-08-26]
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-07-30]
FF Extension: (Firefox Hotfix) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (YouTube™ Flash-HTML5) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2016-07-30]
FF Extension: (translator) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\translator@dontfollowme.net.xpi [2016-06-08]
FF Extension: (Video DownloadHelper) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-26]
FF Extension: (Adblock Plus) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [926632 2016-09-14] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
S2 424706e40d5a5f55369633986718ca4d; c:\program files\768045ce0ae8eb4426ad6062514a19b7\7bb70b6e963 14a97879c4b2fe3c53913.exe
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-07-11] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-09-14] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-09-14] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-09-14] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-09-01] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-09-09] (360.cn)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2016-09-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2016-09-22] (Zemana Ltd.)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys
S3 NvStreamKms; ??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 15:05 - 2016-09-26 15:05 - 00000000 ____D C:\Users\rusobr2\Downloads\FRST-OlderVersion
2016-09-26 15:04 - 2016-09-26 15:04 - 00001906 _____ C:\Users\rusobr2\Desktop\FRST64 - Shortcut.lnk
2016-09-26 10:22 - 2016-09-26 10:22 - 06341128 _____ (SaveFrom.net ) C:\Users\rusobr2\Downloads\SFHelper-Setup(1).exe
2016-09-26 10:13 - 2016-09-26 10:13 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-b8f8b9d038-[308].exe
2016-09-26 10:04 - 2016-09-26 10:04 - 45936050 _____ (DownloadHelper ) C:\Users\rusobr2\Downloads\ConvertHelperSetup-3.2.exe
2016-09-26 09:57 - 2016-09-26 09:58 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-5ebe6f8827-[308].exe
2016-09-26 03:39 - 2016-09-26 03:40 - 00294496 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-23 13:28 - 2016-09-26 03:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 12:13 - 2016-09-23 12:13 - 00002021 _____ C:\Users\rusobr2\Desktop\FRST - Shortcut.lnk
2016-09-23 11:54 - 2016-09-23 11:55 - 00002150 _____ C:\Users\rusobr2\Downloads\fixlist.txt
2016-09-22 21:37 - 2016-09-22 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-09-22 20:09 - 2016-08-05 08:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-09-22 20:09 - 2016-08-05 08:13 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(6).exe
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(5).exe
2016-09-22 18:57 - 2016-09-26 15:06 - 00168971 _____ C:\windows\ZAM.krnl.trace
2016-09-22 18:57 - 2016-09-26 15:05 - 00022897 _____ C:\windows\ZAM_Guard.krnl.trace
2016-09-22 18:57 - 2016-09-22 21:37 - 00001150 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-22 18:57 - 2016-09-22 21:37 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2016-09-22 18:55 - 2016-09-22 18:55 - 00000000 ____D C:\Users\rusobr2\AppData\Local\Zemana
2016-09-22 18:54 - 2016-09-22 18:54 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p.exe
2016-09-21 12:56 - 2016-09-21 12:56 - 00064024 _____ C:\Users\rusobr2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-21 12:02 - 2016-09-21 12:02 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1(1).mp4
2016-09-21 12:01 - 2016-09-21 12:01 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1.mp4
2016-09-21 12:00 - 2016-09-21 12:00 - 13930961 _____ C:\Users\rusobr2\Downloads\Handstands and splits .mp4
2016-09-21 11:57 - 2016-09-21 11:57 - 10799682 _____ C:\Users\rusobr2\Downloads\The splits.mp4
2016-09-21 11:40 - 2016-09-21 11:40 - 04319634 _____ C:\Users\rusobr2\Downloads\How To Do A Frog Split _ Flexi Friday _ Piiink Gymnastics.mp4
2016-09-21 11:11 - 2016-09-21 11:11 - 26403878 _____ C:\Users\rusobr2\Downloads\Stretching and tumbling tutorial.mp4
2016-09-21 11:09 - 2016-09-21 11:10 - 13058083 _____ C:\Users\rusobr2\Downloads\My stretching routine.mp4
2016-09-21 10:22 - 2016-09-21 10:22 - 30402244 _____ C:\Users\rusobr2\Downloads\Splits warm up and my splits.mp4
2016-09-21 09:47 - 2016-09-21 09:47 - 04805041 _____ C:\Users\rusobr2\Downloads\20 сентября 2016 г.mp4
2016-09-21 07:05 - 2016-09-21 07:05 - 01955428 _____ C:\Users\rusobr2\Downloads\4 сентября 2016 г.mp4
2016-09-21 06:51 - 2016-09-21 06:51 - 06638321 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г(3).mp4
2016-09-21 06:47 - 2016-09-21 06:47 - 04482071 _____ C:\Users\rusobr2\Downloads\Даша грохнулась.mp4
2016-09-21 06:43 - 2016-09-21 06:43 - 05313504 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г.mp4
2016-09-21 00:18 - 2016-09-21 00:18 - 00001433 _____ C:\Users\rusobr2\Desktop\aswMBR - Shortcut.lnk
2016-09-20 23:36 - 2016-09-20 23:37 - 00000085 _____ C:\windows\wininit.ini
2016-09-20 23:36 - 2016-09-20 23:36 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2016-09-20 23:34 - 2016-09-20 23:39 - 00000000 __D C:\Users\rusobr2\AppData\Roaming\Geek Uninstaller
2016-09-20 23:21 - 2016-09-20 23:21 - 00002174 _____ C:\Users\rusobr2\Downloads\aswMBR.txt
2016-09-20 23:21 - 2016-09-20 23:21 - 00000512 _____ C:\Users\rusobr2\Downloads\MBR.dat
2016-09-19 10:13 - 2016-09-19 10:13 - 09608270 _____ C:\Users\rusobr2\Downloads\Home gymnastic show backbends, splits, of course needle and turnover!.mp4
2016-09-19 09:53 - 2016-09-19 09:53 - 28420838 _____ C:\Users\rusobr2\Downloads\New Yoga Yoga challenge with girls friend = Desafio Yoga 117.mp4
2016-09-19 01:23 - 2016-09-19 01:23 - 46333830 _____ C:\Users\rusobr2\Downloads\Líná chodit do školy #1.mp4
2016-09-19 01:12 - 2016-09-19 01:12 - 27860219 _____ C:\Users\rusobr2\Downloads\Касмитечка.mp4
2016-09-19 01:04 - 2016-09-19 01:04 - 06170368 _____ C:\Users\rusobr2\Downloads\9 июля 2016 г.mp4
2016-09-19 00:55 - 2016-09-19 00:55 - 77232263 _____ C:\Users\rusobr2\Downloads\10 августа 2016 г.mp4
2016-09-19 00:52 - 2016-09-19 00:52 - 08383314 _____ C:\Users\rusobr2\Downloads\Растяжка на шпагат.mp4
2016-09-19 00:43 - 2016-09-19 00:43 - 36463389 _____ C:\Users\rusobr2\Downloads\МОЕ УТРО_MY MORNING.mp4
2016-09-19 00:33 - 2016-09-19 00:34 - 19430270 _____ C:\Users\rusobr2\Downloads\Схуднути.mp4
2016-09-19 00:32 - 2016-09-19 00:32 - 14602375 _____ C:\Users\rusobr2\Downloads\Гимнастика(3).mp4
2016-09-19 00:31 - 2016-09-19 00:31 - 20566473 _____ C:\Users\rusobr2\Downloads\Гимнастик.mp4
2016-09-19 00:29 - 2016-09-19 00:29 - 10237721 _____ C:\Users\rusobr2\Downloads\Гимнастика(2).mp4
2016-09-18 22:49 - 2016-09-18 22:49 - 15114228 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат Видео урок.mp4
2016-09-18 22:46 - 2016-09-18 22:46 - 34812812 _____ C:\Users\rusobr2\Downloads\Как я встаю на мостик и делаю бабочку.mp4
2016-09-18 22:44 - 2016-09-18 22:44 - 19250202 _____ C:\Users\rusobr2\Downloads\How to escape from the summer heat. gymnastics element. Как спастись от жары летом.mp4
2016-09-18 22:39 - 2016-09-18 22:39 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois(1).mp4
2016-09-18 22:37 - 2016-09-18 22:37 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois.mp4
2016-09-18 22:31 - 2016-09-18 22:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео(1).mp4
2016-09-18 22:23 - 2016-09-18 22:24 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(5).mp4
2016-09-18 22:23 - 2016-09-18 22:23 - 82043109 _____ C:\Users\rusobr2\Downloads\My stretch_warm up routine.mp4
2016-09-18 13:58 - 2016-09-18 14:00 - 40991849 _____ C:\Users\rusobr2\Downloads\The sleepover Part 1.mp4
2016-09-14 11:05 - 2016-09-02 08:40 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:35 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-09-14 11:05 - 2016-09-02 08:35 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-09-14 11:05 - 2016-09-02 08:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:21 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-09-14 11:05 - 2016-09-02 08:21 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:18 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:02 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-09-14 11:05 - 2016-09-02 08:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-09-14 11:05 - 2016-09-02 08:02 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-09-14 11:05 - 2016-09-02 08:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:58 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-09-14 11:05 - 2016-09-02 07:57 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-09-14 11:05 - 2016-09-02 07:55 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-09-14 11:05 - 2016-09-02 07:53 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-09-14 11:05 - 2016-09-02 07:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-08-16 10:36 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-09-14 11:05 - 2016-08-15 19:48 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-09-14 11:05 - 2016-08-15 19:35 - 03218432 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-09-14 11:02 - 2016-08-06 08:31 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-09-14 11:02 - 2016-08-06 08:15 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-09-13 22:42 - 2016-09-13 22:42 - 111822069 _____ C:\Users\rusobr2\Downloads\Ломай меня полностью йога челлендж.mp4
2016-09-13 22:39 - 2016-09-13 22:39 - 45057002 _____ C:\Users\rusobr2\Downloads\Играим в хадилку.mp4
2016-09-13 22:30 - 2016-09-13 22:30 - 14174078 _____ C:\Users\rusobr2\Downloads\Учимся делать шпагат.mp4
2016-09-13 21:31 - 2016-09-13 21:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео.mp4
2016-09-11 01:12 - 2016-09-11 01:12 - 240842651 _____ C:\Users\rusobr2\Downloads\Я Гимнастка _ВанилькаЕП.mp4
2016-09-11 00:24 - 2016-09-11 00:24 - 52286436 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:59 - 2016-09-10 23:59 - 45254372 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:35 - 2016-09-10 23:35 - 40064630 _____ C:\Users\rusobr2\Downloads\Гимнастика(1).mp4
2016-09-10 23:33 - 2016-09-10 23:33 - 03526638 _____ C:\Users\rusobr2\Downloads\гимнастика мост.mp4
2016-09-10 23:08 - 2016-09-10 23:08 - 174767774 _____ C:\Users\rusobr2\Downloads\A type of yoga challenge.mp4
2016-09-10 23:00 - 2016-09-10 23:00 - 54406603 _____ C:\Users\rusobr2\Downloads\The Yoga Challenge - Yoga Challenge - Part 21.mp4
2016-09-10 22:49 - 2016-09-10 22:49 - 05025116 _____ C:\Users\rusobr2\Downloads\Gymnastics(2).mp4
2016-09-10 22:45 - 2016-09-10 22:45 - 50427499 _____ C:\Users\rusobr2\Downloads\Amy’s gymnastic skills.mp4
2016-09-10 22:30 - 2016-09-10 22:31 - 89325604 _____ C:\Users\rusobr2\Downloads\SEMIOLOGIA PEDIATRICA 4 - A LOS SIETE AÑOS - 2056.mp4
2016-09-10 22:28 - 2016-09-10 22:28 - 19170597 _____ C:\Users\rusobr2\Downloads\Yoga challenge with Marina GYMNASTICS Desafio YOGA CHALLENGE (GMSC).mp4
2016-09-10 22:23 - 2016-09-10 22:23 - 136196269 _____ C:\Users\rusobr2\Downloads\Страшные явения.mp4
2016-09-10 22:13 - 2016-09-10 22:13 - 91748415 _____ C:\Users\rusobr2\Downloads\How to get your splits better and to the ground!.mp4
2016-09-10 11:33 - 2016-09-10 11:33 - 10682596 _____ C:\Users\rusobr2\Downloads\Gymnastics _ Backbend,easy tutorial.mp4
2016-09-10 11:14 - 2016-09-10 11:14 - 17128721 _____ C:\Users\rusobr2\Downloads\Gymnastics(1).mp4
2016-09-10 11:11 - 2016-09-10 11:11 - 202934887 _____ C:\Users\rusobr2\Downloads\Gymnastics fail.mp4
2016-09-10 10:57 - 2016-09-10 10:57 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(1).mp4
2016-09-08 07:46 - 2016-09-08 07:48 - 531321141 _____ C:\Users\rusobr2\Downloads\stretching.mp4
2016-09-07 20:46 - 2016-09-07 20:46 - 35863061 _____ C:\Users\rusobr2\Downloads\Part 2 gymnastics.mp4
2016-09-07 12:13 - 2016-09-07 12:13 - 18587769 _____ C:\Users\rusobr2\Downloads\Splits stretching!.mp4
2016-09-07 11:31 - 2016-09-07 11:31 - 58095923 _____ C:\Users\rusobr2\Downloads\Разминка для ног.mp4
2016-09-07 09:43 - 2016-09-07 09:43 - 69716889 _____ C:\Users\rusobr2\Downloads\Yoga challenge girls kids #4.mp4
2016-09-07 09:37 - 2016-09-07 09:37 - 43101788 _____ C:\Users\rusobr2\Downloads\Yoga challenge word 2= Desafio Yoga word.mp4
2016-09-07 09:17 - 2016-09-07 09:17 - 18675477 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Extra Wrestling!.mp4
2016-09-06 21:46 - 2016-09-26 15:07 - 00008675 _____ C:\Users\rusobr2\Downloads\FRST.txt
2016-09-06 21:46 - 2016-09-26 15:05 - 00000000 ____D C:\FRST
2016-09-06 21:45 - 2016-09-26 15:05 - 02403328 _____ (Farbar) C:\Users\rusobr2\Downloads\FRST64.exe
2016-09-06 21:37 - 2016-09-06 21:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-03 09:07 - 2016-09-03 09:08 - 30461490 _____ C:\Users\rusobr2\Downloads\Guide to do some gymnastics.mp4
2016-09-02 07:09 - 2016-09-02 07:09 - 138450435 _____ C:\Users\rusobr2\Downloads\BFF’S YOGA CHALLENGE ч.2.mp4
2016-09-02 06:41 - 2016-09-02 06:41 - 81445047 _____ C:\Users\rusobr2\Downloads\Йога челинж.mp4
2016-09-02 05:36 - 2016-09-02 05:37 - 317107316 _____ C:\Users\rusobr2\Downloads\BetaRiffs _ Day 4 _ SLEEPOVER.mp4
2016-09-01 14:20 - 2016-09-01 14:20 - 35688452 _____ C:\Users\rusobr2\Downloads\NOT MY LEGS CHALLENGE WITH TRYNDA BLOOPERS.mp4
2016-09-01 12:39 - 2016-09-01 12:40 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge.mp4
2016-09-01 11:03 - 2016-09-01 11:03 - 06683268 _____ C:\Users\rusobr2\Downloads\Как научиться делать переворот вперед.mp4
2016-09-01 10:44 - 2016-09-01 10:44 - 75395273 _____ C:\Users\rusobr2\Downloads\Doing gymnastics while doing daily tasks _EPIC FAIL.mp4
2016-09-01 09:27 - 2016-09-01 09:27 - 38333639 _____ C:\Users\rusobr2\Downloads\Ice _ yoga challenge.mp4
2016-09-01 09:22 - 2016-09-01 09:23 - 75980070 _____ C:\Users\rusobr2\Downloads\Ice bath challenge.mp4
2016-08-31 10:57 - 2016-08-31 10:57 - 79534852 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt1.mp4
2016-08-31 10:49 - 2016-08-31 10:49 - 81818813 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt2.mp4
2016-08-31 10:36 - 2016-08-31 10:36 - 65209880 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 149.mp4
2016-08-31 10:24 - 2016-08-31 10:25 - 76388680 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 145.mp4
2016-08-31 10:01 - 2016-08-31 10:02 - 139949912 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Funny!.mp4
2016-08-31 09:06 - 2016-08-31 09:06 - 79297183 _____ C:\Users\rusobr2\Downloads\Yoga challenge .mp4
2016-08-31 08:50 - 2016-08-31 08:50 - 16898776 _____ C:\Users\rusobr2\Downloads\Gymnastics - Middle Split.mp4
2016-08-31 08:39 - 2016-08-31 08:39 - 07341877 _____ C:\Users\rusobr2\Downloads\Gymnastics - How to do the Middle Splits for Kids.mp4
2016-08-31 08:35 - 2016-08-31 08:35 - 12684431 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits Warm Up !.mp4
2016-08-31 08:28 - 2016-08-31 08:28 - 138981413 _____ C:\Users\rusobr2\Downloads\Bath challenge.mp4
2016-08-28 12:02 - 2016-08-28 12:02 - 08486016 _____ C:\Users\rusobr2\Downloads\моё утро 2.mp4
2016-08-28 11:53 - 2016-08-28 11:53 - 129671651 _____ C:\Users\rusobr2\Downloads\Best friend pool chllenge and funny moments.mp4
2016-08-28 11:41 - 2016-08-28 11:41 - 42856901 _____ C:\Users\rusobr2\Downloads\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога .mp4
2016-08-28 10:37 - 2016-08-28 10:37 - 111448144 _____ C:\Users\rusobr2\Downloads\Splits part 1.mp4
2016-08-28 10:29 - 2016-08-28 10:29 - 167548596 _____ C:\Users\rusobr2\Downloads\Yoga Challenge 2 __ REBECCA HOFFMAN.mp4
2016-08-28 10:28 - 2016-08-28 10:28 - 18724991 _____ C:\Users\rusobr2\Downloads\Split skills.mp4
2016-08-27 11:33 - 2016-08-27 11:33 - 17713166 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат за 5 минут.mp4
2016-08-27 10:12 - 2016-08-27 10:12 - 40954820 _____ C:\Users\rusobr2\Downloads\Как научиться делать шпагат.mp4
2016-08-27 09:48 - 2016-08-27 09:48 - 31631713 _____ C:\Users\rusobr2\Downloads\Почувствовал слабинку.mp4
2016-08-27 09:38 - 2016-08-27 09:38 - 53330275 _____ C:\Users\rusobr2\Downloads\În pis.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 14:31 - 2015-09-15 15:16 - 00000000 ____D C:\Users\rusobr2\AppData\LocalLow\360WD
2016-09-26 14:16 - 2016-05-26 09:32 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-26 12:45 - 2015-09-27 10:57 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\vlc
2016-09-26 10:37 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-26 10:37 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-26 10:33 - 2009-07-13 22:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-26 10:33 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-09-26 10:29 - 2015-09-15 14:37 - 00000000 ____D C:\Users\rusobr2
2016-09-26 10:27 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-26 10:06 - 2016-03-25 12:14 - 00000000 ____D C:\Program Files\ConvertHelper3
2016-09-26 09:46 - 2015-12-02 02:43 - 00000000 ____D C:\Users\rusobr2\dwhelper
2016-09-26 03:39 - 2015-11-19 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 21:10 - 2015-09-27 10:37 - 00000000 __SHD C:$360Section
2016-09-23 21:10 - 2015-09-15 15:18 - 00000000 ____D C:\ProgramData\360Quarant
2016-09-23 21:10 - 2015-09-15 15:17 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\360safe
2016-09-21 12:56 - 2015-09-15 15:16 - 00001151 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2016-09-21 12:56 - 2015-09-15 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-09-14 20:48 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2016-09-14 18:30 - 2015-12-14 23:06 - 00086248 _____ (360.cn) C:\windows\SysWOW64\Drivers\360AvFlt.sys
2016-09-14 18:30 - 2015-09-15 15:16 - 00330472 _____ (360.cn) C:\windows\system32\Drivers\360Box64.sys
2016-09-14 18:30 - 2015-09-15 15:16 - 00086248 _____ (360.cn) C:\windows\system32\Drivers\360AvFlt.sys
2016-09-14 11:11 - 2014-07-31 14:32 - 00000000 ____D C:\windows\system32\MRT
2016-09-14 11:06 - 2014-07-31 14:32 - 144199024 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 15:16 - 2016-05-26 09:32 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 15:16 - 2016-05-13 22:40 - 06502080 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\system32\Macromed
2016-09-09 05:24 - 2015-09-15 15:16 - 00188864 _____ (360.cn) C:\windows\system32\Drivers\BAPIDRV64.SYS
2016-09-01 04:43 - 2015-09-15 15:16 - 00391392 _____ (360.cn) C:\windows\system32\Drivers\360fsflt.sys
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 08:36
==================== End of FRST.txt ============================Comment
-
Lets get a look with another set of tools, we will try the FRST fix again later…
Adware Cleaner Scan.
Please download AdwCleaner by Xplode onto your desktop.
[ul]
[li]Close all open programs and internet browsers.[/li][li]Double click on adwcleaner.exe to run the tool.[/li][li]Click on Scan button.[/li][li]When the scan has finished click on Clean button.[/li][li]Your computer will be rebooted automatically. A text file will open after the restart.[/li][li]Please post the contents of that logfile with your next reply.[/li][li]You can find the logfile at C:\AdwCleaner[S1].txt as well.[/li][/ul]
JRT Scan.
Please download Junkware Removal Tool and save it on your desktop.
[ul]
[li]Shut down your anti-virus, anti-spyware, and firewall software now to avoid potential conflicts.[/li][li]Run the tool by double-clicking it. If you are using Windows Vista or Windows 7, right-click it and select Run as administrator.[/li][li]The tool will open and start scanning your system.[/li][li]Please be patient as this can take a while to complete depending on your system’s specifications.[/li][li]On completion, a log is saved to your desktop and will automatically open.[/li][li]Please post the JRT log.[/li][/ul]
Adware Removal Tool Scan.
Download Adware removal tool to your desktop, right click the icon and select Run as Administrator.
[MEDIA=imgur]LOr0Gd7[/MEDIA]
Hit Ok.
[MEDIA=imgur]sYFsqHx[/MEDIA]
Hit next make sure to leave all items checked, for removal.
[MEDIA=imgur]8NcZjGc[/MEDIA]
The Program will close all open programs to complete the removal, so save any work and hit OK. Then hit OK after the removal process is complete, thenOK again to finish up. Post log generated by tool.
ZHP Scan.
Please download Zhp Cleaner to your desktop. Right Click the icon and select run as administrator.- Once you have started the program, you will need to click the scanner button.
[IMG alt="EgsT69u" width="602px" height="129px"]https://windowsinstructed.com/wp-content/uploads/2015/06/EgsT69u.png[/IMG]
The program will close all open browsers!
3. Once the scan is completed, the you will want to click the Repair button.
[URL unfurl="true"]http://windowsinstructed.com/wp-content/uploads/2015/06/6QJjV50.png[/URL]
At the end of the process you may be asked to reboot your machine. After you reboot a report will open on your desktop.
Copy and paste the report here in your next reply.Comment
-
ok… i have "fixlog at desk top
and i have "fixlist at desktop
also the tool is at desktop
steveComment
-
Now open FRST by right cicking and running as admin, press the fix button.Originally posted by rusobr2
[ATTACH]506[/ATTACH]
[ATTACH]507[/ATTACH]Comment
-
i think its all complete
steve
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 25-09-2016
Ran by rusobr2 (administrator) on RUSOBR2-PC (26-09-2016 17:54:36)
Running from C:\Users\rusobr2\Downloads
Loaded Profiles: rusobr2 (Available Profiles: rusobr2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
() C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(© 2015 Microsoft Corporation) C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\B ingSvc.exe
(D-Link Corp.) C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
() C:\Users\rusobr2\Downloads\adwcleaner_6.020(1).exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
HKLM-x32...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1889192 2016-09-14] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-436883666-1139675966-1884149517-1000...\Run: [BingSvc] => C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\B ingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2014-08-04]
ShortcutTarget: Wireless Connection Manager.lnk → C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Tcpip..\Interfaces{F63853C9-4098-42F4-ADE8-406C47CCC51F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
[HEADING=1]Internet Explorer:[/HEADING]
BHO: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-09-14] (Qihu 360 Software Co., Ltd.)
BHO-x32: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-07-11] (Qihu 360 Software Co., Ltd.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957
FF Homepage: msn.com
FF Plugin: @adobe.com/FlashPlayer → C:\windows\system32\Macromed\Flash\NPSWF64_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer → C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin → C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Extension: (American English Spelling Checker) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\extensions\AmericanEnglishSpellingChecker@lipocodes.xpi [2016-08-26]
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-07-30]
FF Extension: (Firefox Hotfix) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (YouTube™ Flash-HTML5) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2016-07-30]
FF Extension: (translator) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\translator@dontfollowme.net.xpi [2016-06-08]
FF Extension: (Video DownloadHelper) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-26]
FF Extension: (Adblock Plus) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
==================== Services (Whitelisted) ========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [926632 2016-09-14] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
R2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
===================== Drivers (Whitelisted) ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-07-11] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-09-14] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-09-14] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-09-14] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-09-01] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-09-09] (360.cn)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2016-09-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2016-09-22] (Zemana Ltd.)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys
S3 NvStreamKms; ??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 17:48 - 2016-09-26 17:48 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020(2).exe
2016-09-26 17:47 - 2016-09-26 17:47 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020(1).exe
2016-09-26 17:24 - 2016-09-26 17:20 - 00002846 _____ C:\Users\rusobr2\Documents\How To Do A Frog Split _ Flexi Friday _ Piiink Gymnastics - Shortcut.lnk
2016-09-26 17:24 - 2016-09-26 17:20 - 00002411 _____ C:\Users\rusobr2\Documents\Splits warm up and my splits - Shortcut.lnk
2016-09-26 17:21 - 2016-09-26 17:20 - 00002786 _____ C:\Users\rusobr2\Documents\Gimnasia - Rápidamente y Fácilmente Divisiones ! _ HD - Shortcut.lnk
2016-09-26 17:21 - 2016-09-26 17:20 - 00002411 _____ C:\Users\rusobr2\Documents\Gymnastics Tutorial Vol 1(1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003236 _____ C:\Users\rusobr2\Desktop\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois(1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003221 _____ C:\Users\rusobr2\Desktop\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003191 _____ C:\Users\rusobr2\Desktop\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002936 _____ C:\Users\rusobr2\Desktop\MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002756 _____ C:\Users\rusobr2\Desktop\Doing gymnastics while doing daily tasks EPIC FAIL - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002726 _____ C:\Users\rusobr2\Desktop\Desafio da piscina na yoga challenge at the beach - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002636 _____ C:\Users\rusobr2\Desktop\Best friend pool chllenge and funny moments - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002591 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge - Desafio da yoga 149 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002591 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge - Desafio da yoga 145 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002576 _____ C:\Users\rusobr2\Desktop\Best friend challenge w Abigail Troute - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002546 _____ C:\Users\rusobr2\Desktop\Bianca se descuida - FAZENDA DE VERÃO - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002541 _____ C:\Users\rusobr2\Desktop\Exercises for your splits - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002531 _____ C:\Users\rusobr2\Desktop\Cómo hacer tu propia habitación _ HD - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002473 _____ C:\Users\rusobr2\Desktop\BFF’S YOGA CHALLENGE ч.2 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002441 _____ C:\Users\rusobr2\Desktop\COMO icebucket challenge! _ HD - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002426 _____ C:\Users\rusobr2\Desktop\BetaRiffs _ Day 4 _ SLEEPOVER - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002401 _____ C:\Users\rusobr2\Desktop\SFHelper-Web-Installer-b8f8b9d038-[308] - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002396 _____ C:\Users\rusobr2\Desktop\Desafio o que tem no meu pé - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002351 _____ C:\Users\rusobr2\Desktop\English Pediatric Female - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002321 _____ C:\Users\rusobr2\Desktop\Amy’s gymnastic skills - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002291 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge 8 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002261 _____ C:\Users\rusobr2\Desktop\desafio da piscina - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002221 _____ C:\Users\rusobr2\Desktop\flashplayer22_jd_install( 2) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002221 _____ C:\Users\rusobr2\Desktop\flashplayer22_jd_install( 1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\cup song update - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\Brigas de irmas - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\Bloopers lol xx - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002201 _____ C:\Users\rusobr2\Desktop\cooler Knaller - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002201 _____ C:\Users\rusobr2\Desktop\Bath challenge - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002161 _____ C:\Users\rusobr2\Desktop\Firefox Setup Stub 41.0 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\readerdc_en_ha_install - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\GoogleEarthPluginSetup - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\ConvertHelperSetup-3.2 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002081 _____ C:\Users\rusobr2\Desktop\arlena - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002066 _____ C:\Users\rusobr2\Desktop\my pictures - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002066 _____ C:\Users\rusobr2\Desktop\fixlist - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002056 _____ C:\Users\rusobr2\Desktop\GoogleEarthSetup - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002055 _____ C:\Users\rusobr2\Desktop\Fixlog - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002055 _____ C:\Users\rusobr2\Desktop\aswMBR - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002021 _____ C:\Users\rusobr2\Desktop\FRST - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001981 _____ C:\Users\rusobr2\Desktop\MSNHomepage - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001981 _____ C:\Users\rusobr2\Desktop\DefaultPack - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001906 _____ C:\Users\rusobr2\Desktop\FRST64 - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001884 _____ C:\Users\rusobr2\Desktop\firefox-setup-win64bit.exe.0ham0ha - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001483 _____ C:\Users\rusobr2\Desktop\MBR.dat - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002842 _____ C:\Users\rusobr2\Desktop\MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos_files - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002221 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup( 6) - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002221 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup( 5) - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002176 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002089 _____ C:\Users\rusobr2\Desktop\Warrant List - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002085 _____ C:\Users\rusobr2\Desktop\Addition - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002056 _____ C:\Users\rusobr2\Desktop\adwcleaner_6.020 - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002041 _____ C:\Users\rusobr2\Desktop\win7_64_1512754 - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00001981 _____ C:\Users\rusobr2\Desktop\360TS_Setup - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00001972 _____ C:\Users\rusobr2\Desktop\FRST-OlderVersion - Shortcut.lnk
2016-09-26 17:12 - 2016-09-26 17:43 - 00000000 ____D C:\AdwCleaner
2016-09-26 17:11 - 2016-09-26 17:12 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020.exe
2016-09-26 15:29 - 2016-09-26 15:29 - 00002055 _____ C:\Users\rusobr2\Desktop\Fixlog - Shortcut.lnk
2016-09-26 15:28 - 2016-09-26 15:28 - 00002066 _____ C:\Users\rusobr2\Desktop\fixlist - Shortcut.lnk
2016-09-26 15:09 - 2016-09-26 15:11 - 00006299 _____ C:\Users\rusobr2\Downloads\Fixlog.txt
2016-09-26 15:08 - 2016-09-26 15:08 - 00020734 _____ C:\Users\rusobr2\Downloads\Addition.txt
2016-09-26 15:05 - 2016-09-26 15:05 - 00000000 ____D C:\Users\rusobr2\Downloads\FRST-OlderVersion
2016-09-26 15:04 - 2016-09-26 15:04 - 00001906 _____ C:\Users\rusobr2\Desktop\FRST64 - Shortcut.lnk
2016-09-26 10:22 - 2016-09-26 10:22 - 06341128 _____ (SaveFrom.net ) C:\Users\rusobr2\Downloads\SFHelper-Setup(1).exe
2016-09-26 10:13 - 2016-09-26 10:13 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-b8f8b9d038-[308].exe
2016-09-26 10:04 - 2016-09-26 10:04 - 45936050 _____ (DownloadHelper ) C:\Users\rusobr2\Downloads\ConvertHelperSetup-3.2.exe
2016-09-26 09:57 - 2016-09-26 09:58 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-5ebe6f8827-[308].exe
2016-09-26 03:39 - 2016-09-26 03:40 - 00294496 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-23 13:28 - 2016-09-26 03:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 12:13 - 2016-09-23 12:13 - 00002021 _____ C:\Users\rusobr2\Desktop\FRST - Shortcut.lnk
2016-09-23 11:54 - 2016-09-23 11:55 - 00002150 _____ C:\Users\rusobr2\Downloads\fixlist.txt
2016-09-22 21:37 - 2016-09-22 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-09-22 20:09 - 2016-08-05 08:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-09-22 20:09 - 2016-08-05 08:13 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(6).exe
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(5).exe
2016-09-22 18:57 - 2016-09-26 17:53 - 00073797 _____ C:\windows\ZAM.krnl.trace
2016-09-22 18:57 - 2016-09-26 17:53 - 00012628 _____ C:\windows\ZAM_Guard.krnl.trace
2016-09-22 18:57 - 2016-09-22 21:37 - 00001150 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-22 18:57 - 2016-09-22 21:37 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2016-09-22 18:55 - 2016-09-22 18:55 - 00000000 ____D C:\Users\rusobr2\AppData\Local\Zemana
2016-09-22 18:54 - 2016-09-22 18:54 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p.exe
2016-09-21 12:56 - 2016-09-21 12:56 - 00064024 _____ C:\Users\rusobr2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-21 12:02 - 2016-09-21 12:02 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1(1).mp4
2016-09-21 12:01 - 2016-09-21 12:01 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1.mp4
2016-09-21 12:00 - 2016-09-21 12:00 - 13930961 _____ C:\Users\rusobr2\Downloads\Handstands and splits .mp4
2016-09-21 11:57 - 2016-09-21 11:57 - 10799682 _____ C:\Users\rusobr2\Downloads\The splits.mp4
2016-09-21 11:40 - 2016-09-21 11:40 - 04319634 _____ C:\Users\rusobr2\Downloads\How To Do A Frog Split _ Flexi Friday _ Piiink Gymnastics.mp4
2016-09-21 11:11 - 2016-09-21 11:11 - 26403878 _____ C:\Users\rusobr2\Downloads\Stretching and tumbling tutorial.mp4
2016-09-21 11:09 - 2016-09-21 11:10 - 13058083 _____ C:\Users\rusobr2\Downloads\My stretching routine.mp4
2016-09-21 10:22 - 2016-09-21 10:22 - 30402244 _____ C:\Users\rusobr2\Downloads\Splits warm up and my splits.mp4
2016-09-21 09:47 - 2016-09-21 09:47 - 04805041 _____ C:\Users\rusobr2\Downloads\20 сентября 2016 г.mp4
2016-09-21 07:05 - 2016-09-21 07:05 - 01955428 _____ C:\Users\rusobr2\Downloads\4 сентября 2016 г.mp4
2016-09-21 06:51 - 2016-09-21 06:51 - 06638321 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г(3).mp4
2016-09-21 06:47 - 2016-09-21 06:47 - 04482071 _____ C:\Users\rusobr2\Downloads\Даша грохнулась.mp4
2016-09-21 06:43 - 2016-09-21 06:43 - 05313504 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г.mp4
2016-09-21 00:18 - 2016-09-21 00:18 - 00001433 _____ C:\Users\rusobr2\Desktop\aswMBR - Shortcut.lnk
2016-09-20 23:36 - 2016-09-20 23:37 - 00000085 _____ C:\windows\wininit.ini
2016-09-20 23:36 - 2016-09-20 23:36 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2016-09-20 23:34 - 2016-09-20 23:39 - 00000000 __D C:\Users\rusobr2\AppData\Roaming\Geek Uninstaller
2016-09-20 23:21 - 2016-09-20 23:21 - 00002174 _____ C:\Users\rusobr2\Downloads\aswMBR.txt
2016-09-20 23:21 - 2016-09-20 23:21 - 00000512 _____ C:\Users\rusobr2\Downloads\MBR.dat
2016-09-19 10:13 - 2016-09-19 10:13 - 09608270 _____ C:\Users\rusobr2\Downloads\Home gymnastic show backbends, splits, of course needle and turnover!.mp4
2016-09-19 09:53 - 2016-09-19 09:53 - 28420838 _____ C:\Users\rusobr2\Downloads\New Yoga Yoga challenge with girls friend = Desafio Yoga 117.mp4
2016-09-19 01:23 - 2016-09-19 01:23 - 46333830 _____ C:\Users\rusobr2\Downloads\Líná chodit do školy #1.mp4
2016-09-19 01:12 - 2016-09-19 01:12 - 27860219 _____ C:\Users\rusobr2\Downloads\Касмитечка.mp4
2016-09-19 01:04 - 2016-09-19 01:04 - 06170368 _____ C:\Users\rusobr2\Downloads\9 июля 2016 г.mp4
2016-09-19 00:55 - 2016-09-19 00:55 - 77232263 _____ C:\Users\rusobr2\Downloads\10 августа 2016 г.mp4
2016-09-19 00:52 - 2016-09-19 00:52 - 08383314 _____ C:\Users\rusobr2\Downloads\Растяжка на шпагат.mp4
2016-09-19 00:43 - 2016-09-19 00:43 - 36463389 _____ C:\Users\rusobr2\Downloads\МОЕ УТРО_MY MORNING.mp4
2016-09-19 00:33 - 2016-09-19 00:34 - 19430270 _____ C:\Users\rusobr2\Downloads\Схуднути.mp4
2016-09-19 00:32 - 2016-09-19 00:32 - 14602375 _____ C:\Users\rusobr2\Downloads\Гимнастика(3).mp4
2016-09-19 00:31 - 2016-09-19 00:31 - 20566473 _____ C:\Users\rusobr2\Downloads\Гимнастик.mp4
2016-09-19 00:29 - 2016-09-19 00:29 - 10237721 _____ C:\Users\rusobr2\Downloads\Гимнастика(2).mp4
2016-09-18 22:49 - 2016-09-18 22:49 - 15114228 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат Видео урок.mp4
2016-09-18 22:46 - 2016-09-18 22:46 - 34812812 _____ C:\Users\rusobr2\Downloads\Как я встаю на мостик и делаю бабочку.mp4
2016-09-18 22:44 - 2016-09-18 22:44 - 19250202 _____ C:\Users\rusobr2\Downloads\How to escape from the summer heat. gymnastics element. Как спастись от жары летом.mp4
2016-09-18 22:39 - 2016-09-18 22:39 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois(1).mp4
2016-09-18 22:37 - 2016-09-18 22:37 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois.mp4
2016-09-18 22:31 - 2016-09-18 22:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео(1).mp4
2016-09-18 22:23 - 2016-09-18 22:24 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(5).mp4
2016-09-18 22:23 - 2016-09-18 22:23 - 82043109 _____ C:\Users\rusobr2\Downloads\My stretch_warm up routine.mp4
2016-09-18 13:58 - 2016-09-18 14:00 - 40991849 _____ C:\Users\rusobr2\Downloads\The sleepover Part 1.mp4
2016-09-14 11:05 - 2016-09-02 08:40 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:35 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-09-14 11:05 - 2016-09-02 08:35 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-09-14 11:05 - 2016-09-02 08:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:21 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-09-14 11:05 - 2016-09-02 08:21 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:18 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:02 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-09-14 11:05 - 2016-09-02 08:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-09-14 11:05 - 2016-09-02 08:02 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-09-14 11:05 - 2016-09-02 08:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:58 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-09-14 11:05 - 2016-09-02 07:57 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-09-14 11:05 - 2016-09-02 07:55 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-09-14 11:05 - 2016-09-02 07:53 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-09-14 11:05 - 2016-09-02 07:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-08-16 10:36 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-09-14 11:05 - 2016-08-15 19:48 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-09-14 11:05 - 2016-08-15 19:35 - 03218432 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-09-14 11:02 - 2016-08-06 08:31 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-09-14 11:02 - 2016-08-06 08:15 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-09-13 22:42 - 2016-09-13 22:42 - 111822069 _____ C:\Users\rusobr2\Downloads\Ломай меня полностью йога челлендж.mp4
2016-09-13 22:39 - 2016-09-13 22:39 - 45057002 _____ C:\Users\rusobr2\Downloads\Играим в хадилку.mp4
2016-09-13 22:30 - 2016-09-13 22:30 - 14174078 _____ C:\Users\rusobr2\Downloads\Учимся делать шпагат.mp4
2016-09-13 21:31 - 2016-09-13 21:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео.mp4
2016-09-11 01:12 - 2016-09-11 01:12 - 240842651 _____ C:\Users\rusobr2\Downloads\Я Гимнастка _ВанилькаЕП.mp4
2016-09-11 00:24 - 2016-09-11 00:24 - 52286436 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:59 - 2016-09-10 23:59 - 45254372 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:35 - 2016-09-10 23:35 - 40064630 _____ C:\Users\rusobr2\Downloads\Гимнастика(1).mp4
2016-09-10 23:33 - 2016-09-10 23:33 - 03526638 _____ C:\Users\rusobr2\Downloads\гимнастика мост.mp4
2016-09-10 23:08 - 2016-09-10 23:08 - 174767774 _____ C:\Users\rusobr2\Downloads\A type of yoga challenge.mp4
2016-09-10 23:00 - 2016-09-10 23:00 - 54406603 _____ C:\Users\rusobr2\Downloads\The Yoga Challenge - Yoga Challenge - Part 21.mp4
2016-09-10 22:49 - 2016-09-10 22:49 - 05025116 _____ C:\Users\rusobr2\Downloads\Gymnastics(2).mp4
2016-09-10 22:45 - 2016-09-10 22:45 - 50427499 _____ C:\Users\rusobr2\Downloads\Amy’s gymnastic skills.mp4
2016-09-10 22:30 - 2016-09-10 22:31 - 89325604 _____ C:\Users\rusobr2\Downloads\SEMIOLOGIA PEDIATRICA 4 - A LOS SIETE AÑOS - 2056.mp4
2016-09-10 22:28 - 2016-09-10 22:28 - 19170597 _____ C:\Users\rusobr2\Downloads\Yoga challenge with Marina GYMNASTICS Desafio YOGA CHALLENGE (GMSC).mp4
2016-09-10 22:23 - 2016-09-10 22:23 - 136196269 _____ C:\Users\rusobr2\Downloads\Страшные явения.mp4
2016-09-10 22:13 - 2016-09-10 22:13 - 91748415 _____ C:\Users\rusobr2\Downloads\How to get your splits better and to the ground!.mp4
2016-09-10 11:33 - 2016-09-10 11:33 - 10682596 _____ C:\Users\rusobr2\Downloads\Gymnastics _ Backbend,easy tutorial.mp4
2016-09-10 11:14 - 2016-09-10 11:14 - 17128721 _____ C:\Users\rusobr2\Downloads\Gymnastics(1).mp4
2016-09-10 11:11 - 2016-09-10 11:11 - 202934887 _____ C:\Users\rusobr2\Downloads\Gymnastics fail.mp4
2016-09-10 10:57 - 2016-09-10 10:57 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(1).mp4
2016-09-08 07:46 - 2016-09-08 07:48 - 531321141 _____ C:\Users\rusobr2\Downloads\stretching.mp4
2016-09-07 20:46 - 2016-09-07 20:46 - 35863061 _____ C:\Users\rusobr2\Downloads\Part 2 gymnastics.mp4
2016-09-07 12:13 - 2016-09-07 12:13 - 18587769 _____ C:\Users\rusobr2\Downloads\Splits stretching!.mp4
2016-09-07 11:31 - 2016-09-07 11:31 - 58095923 _____ C:\Users\rusobr2\Downloads\Разминка для ног.mp4
2016-09-07 09:43 - 2016-09-07 09:43 - 69716889 _____ C:\Users\rusobr2\Downloads\Yoga challenge girls kids #4.mp4
2016-09-07 09:37 - 2016-09-07 09:37 - 43101788 _____ C:\Users\rusobr2\Downloads\Yoga challenge word 2= Desafio Yoga word.mp4
2016-09-07 09:17 - 2016-09-07 09:17 - 18675477 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Extra Wrestling!.mp4
2016-09-06 21:46 - 2016-09-26 17:54 - 00008175 _____ C:\Users\rusobr2\Downloads\FRST.txt
2016-09-06 21:46 - 2016-09-26 17:53 - 00000000 ____D C:\FRST
2016-09-06 21:45 - 2016-09-26 15:05 - 02403328 _____ (Farbar) C:\Users\rusobr2\Downloads\FRST64.exe
2016-09-06 21:37 - 2016-09-06 21:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-03 09:07 - 2016-09-03 09:08 - 30461490 _____ C:\Users\rusobr2\Downloads\Guide to do some gymnastics.mp4
2016-09-02 07:09 - 2016-09-02 07:09 - 138450435 _____ C:\Users\rusobr2\Downloads\BFF’S YOGA CHALLENGE ч.2.mp4
2016-09-02 06:41 - 2016-09-02 06:41 - 81445047 _____ C:\Users\rusobr2\Downloads\Йога челинж.mp4
2016-09-02 05:36 - 2016-09-02 05:37 - 317107316 _____ C:\Users\rusobr2\Downloads\BetaRiffs _ Day 4 _ SLEEPOVER.mp4
2016-09-01 14:20 - 2016-09-01 14:20 - 35688452 _____ C:\Users\rusobr2\Downloads\NOT MY LEGS CHALLENGE WITH TRYNDA BLOOPERS.mp4
2016-09-01 12:39 - 2016-09-01 12:40 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge.mp4
2016-09-01 11:03 - 2016-09-01 11:03 - 06683268 _____ C:\Users\rusobr2\Downloads\Как научиться делать переворот вперед.mp4
2016-09-01 10:44 - 2016-09-01 10:44 - 75395273 _____ C:\Users\rusobr2\Downloads\Doing gymnastics while doing daily tasks _EPIC FAIL.mp4
2016-09-01 09:27 - 2016-09-01 09:27 - 38333639 _____ C:\Users\rusobr2\Downloads\Ice _ yoga challenge.mp4
2016-09-01 09:22 - 2016-09-01 09:23 - 75980070 _____ C:\Users\rusobr2\Downloads\Ice bath challenge.mp4
2016-08-31 10:57 - 2016-08-31 10:57 - 79534852 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt1.mp4
2016-08-31 10:49 - 2016-08-31 10:49 - 81818813 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt2.mp4
2016-08-31 10:36 - 2016-08-31 10:36 - 65209880 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 149.mp4
2016-08-31 10:24 - 2016-08-31 10:25 - 76388680 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 145.mp4
2016-08-31 10:01 - 2016-08-31 10:02 - 139949912 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Funny!.mp4
2016-08-31 09:06 - 2016-08-31 09:06 - 79297183 _____ C:\Users\rusobr2\Downloads\Yoga challenge .mp4
2016-08-31 08:50 - 2016-08-31 08:50 - 16898776 _____ C:\Users\rusobr2\Downloads\Gymnastics - Middle Split.mp4
2016-08-31 08:39 - 2016-08-31 08:39 - 07341877 _____ C:\Users\rusobr2\Downloads\Gymnastics - How to do the Middle Splits for Kids.mp4
2016-08-31 08:35 - 2016-08-31 08:35 - 12684431 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits Warm Up !.mp4
2016-08-31 08:28 - 2016-08-31 08:28 - 138981413 _____ C:\Users\rusobr2\Downloads\Bath challenge.mp4
2016-08-28 12:02 - 2016-08-28 12:02 - 08486016 _____ C:\Users\rusobr2\Downloads\моё утро 2.mp4
2016-08-28 11:53 - 2016-08-28 11:53 - 129671651 _____ C:\Users\rusobr2\Downloads\Best friend pool chllenge and funny moments.mp4
2016-08-28 11:41 - 2016-08-28 11:41 - 42856901 _____ C:\Users\rusobr2\Downloads\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога .mp4
2016-08-28 10:37 - 2016-08-28 10:37 - 111448144 _____ C:\Users\rusobr2\Downloads\Splits part 1.mp4
2016-08-28 10:29 - 2016-08-28 10:29 - 167548596 _____ C:\Users\rusobr2\Downloads\Yoga Challenge 2 __ REBECCA HOFFMAN.mp4
2016-08-28 10:28 - 2016-08-28 10:28 - 18724991 _____ C:\Users\rusobr2\Downloads\Split skills.mp4
2016-08-27 11:33 - 2016-08-27 11:33 - 17713166 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат за 5 минут.mp4
2016-08-27 10:12 - 2016-08-27 10:12 - 40954820 _____ C:\Users\rusobr2\Downloads\Как научиться делать шпагат.mp4
2016-08-27 09:48 - 2016-08-27 09:48 - 31631713 _____ C:\Users\rusobr2\Downloads\Почувствовал слабинку.mp4
2016-08-27 09:38 - 2016-08-27 09:38 - 53330275 _____ C:\Users\rusobr2\Downloads\În pis.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 17:52 - 2015-09-27 10:57 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\vlc
2016-09-26 17:51 - 2015-09-15 15:16 - 00000000 ____D C:\Users\rusobr2\AppData\LocalLow\360WD
2016-09-26 17:51 - 2009-07-13 22:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-26 17:51 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-09-26 17:46 - 2015-09-15 14:37 - 00000000 ____D C:\Users\rusobr2
2016-09-26 17:45 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-26 17:16 - 2016-05-26 09:32 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-26 10:37 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-26 10:37 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-26 10:06 - 2016-03-25 12:14 - 00000000 ____D C:\Program Files\ConvertHelper3
2016-09-26 09:46 - 2015-12-02 02:43 - 00000000 ____D C:\Users\rusobr2\dwhelper
2016-09-26 03:39 - 2015-11-19 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 21:10 - 2015-09-27 10:37 - 00000000 __SHD C:$360Section
2016-09-23 21:10 - 2015-09-15 15:18 - 00000000 ____D C:\ProgramData\360Quarant
2016-09-23 21:10 - 2015-09-15 15:17 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\360safe
2016-09-21 12:56 - 2015-09-15 15:16 - 00001151 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2016-09-21 12:56 - 2015-09-15 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-09-14 20:48 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2016-09-14 18:30 - 2015-12-14 23:06 - 00086248 _____ (360.cn) C:\windows\SysWOW64\Drivers\360AvFlt.sys
2016-09-14 18:30 - 2015-09-15 15:16 - 00330472 _____ (360.cn) C:\windows\system32\Drivers\360Box64.sys
2016-09-14 18:30 - 2015-09-15 15:16 - 00086248 _____ (360.cn) C:\windows\system32\Drivers\360AvFlt.sys
2016-09-14 11:11 - 2014-07-31 14:32 - 00000000 ____D C:\windows\system32\MRT
2016-09-14 11:06 - 2014-07-31 14:32 - 144199024 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 15:16 - 2016-05-26 09:32 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 15:16 - 2016-05-13 22:40 - 06502080 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\system32\Macromed
2016-09-09 05:24 - 2015-09-15 15:16 - 00188864 _____ (360.cn) C:\windows\system32\Drivers\BAPIDRV64.SYS
2016-09-01 04:43 - 2015-09-15 15:16 - 00391392 _____ (360.cn) C:\windows\system32\Drivers\360fsflt.sys
[HEADING=1]Some files in TEMP:[/HEADING]
C:\Users\rusobr2\AppData\Local\Temp\libeay32.dll
C:\Users\rusobr2\AppData\Local\Temp\msvcr120.dll
C:\Users\rusobr2\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap =================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 08:36
==================== End of FRST.txt ============================
i ran the tool, then ran "fix …and also ran the adware tool and "fixComment
-
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
[ul]
[li]Right-click on FRST icon and select Run as Administrator to start the tool.[/li](XP users click run after receipt of Windows Security Warning - Open File).
[li]Make sure that Addition option is checked.[/li][li]Press Scan button and wait.[/li][li]The tool will produce two logfiles on your desktop: FRST.txt, and Addition.txt.[/li][/ul]
Please Copy & Paste them into your next replyComment
-
Are you still having any issues?Comment
-
[HEADING=1]odd that nothing has changed… but here’ the list if this is rite … talk about frustrating
thanks..steve
Fix result of Farbar Recovery Scan Tool (x64) Version: 25-09-2016
Ran by rusobr2 (26-09-2016 17:58:10) Run:3
Running from C:\Users\rusobr2\Downloads
Loaded Profiles: rusobr2 (Available Profiles: rusobr2)
Boot Mode: Normal[/HEADING]
fixlist content:
start
CreateRestorePoint:
CloseProcesses:
Winlogon\Notify\SDWinLogon-x32: SDWinLogon.dll
Hosts:
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Tcpip..\Interfaces{F63853C9-4098-42F4-ADE8-406C47CCC51F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
FF Plugin: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE → disabled [No File]
FF Plugin-x32: @tools.google.com/Google Update;version=3 → C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 → C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-27] (Google Inc.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [327944 2016-07-18] (McAfee, Inc.)
S2 424706e40d5a5f55369633986718ca4d; c:\program files\768045ce0ae8eb4426ad6062514a19b7\7bb70b6e963 14a97879c4b2fe3c53913.exe
c:\program files\768045ce0ae8eb4426ad6062514a19b7\7bb70b6e963 14a97879c4b2fe3c53913.exe
c:\program files\768045ce0ae8eb4426ad6062514a19b7
R1 219c91ba2c1e0bc8a0cdb74f9227c597; system32\DRIVERS\219c91ba2c1e0bc8a0cdb74f9227c597. sys
C:\Windows\System32\drivers\219c91ba2c1e0bc8a0cdb7 4f9227c597.sys
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus
Task: {695CC8BF-7C35-4760-B577-C7930E2F8504} - System32\Tasks\RealPlayerRealUpgradeLogonTaskS-1-5-21-436883666-1139675966-1884149517-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
Task: {E79D24D9-EF3C-4FAB-96D2-1E132CFCF8E4} - System32\Tasks\RealDownloader Update Check => C:\Program Files (x86)\RealNetworks\RealDownloader\downloader2.exe
Task: {F772966F-99C1-4160-BADC-979584135DBE} - System32\Tasks\RealPlayerRealUpgradeScheduledTaskS-1-5-21-436883666-1139675966-1884149517-1000 => C:\Program Files (x86)\Real\RealUpgrade\RealUpgrade.exe
RemoveProxy:
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f
CMD: bitsadmin /reset /allusers
CMD: ipconfig /flushdns
Emptytemp:
reboot:
end
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\SDWinLogon => key not found.
“C:\Windows\System32\Drivers\etc\hosts” => Could not move.
Could not restore Hosts.
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\DhcpNameServer => value could not remove.
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{F63853C9-4098-42F4-ADE8-406C47CCC51F}\DhcpNameServer => value removed successfully
HKLM\Software\MozillaPlugins@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins@microsoft.com/GENUINE => key not found.
HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=3 => key not found.
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
HKLM\Software\Wow6432Node\MozillaPlugins@tools.google.com/Google Update;version=9 => key not found.
C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll => not found.
McComponentHostService => service not found.
424706e40d5a5f55369633986718ca4d => service not found.
“c:\program files\768045ce0ae8eb4426ad6062514a19b7\7bb70b6e963 14a97879c4b2fe3c53913.exe” => not found.
“c:\program files\768045ce0ae8eb4426ad6062514a19b7” => not found.
219c91ba2c1e0bc8a0cdb74f9227c597 => service not found.
“C:\Windows\System32\drivers\219c91ba2c1e0bc8a0cdb 74f9227c597.sys” => not found.
“C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee Security Scan Plus” => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{695CC8B F-7C35-4760-B577-C7930E2F8504} => key not found.
C:\windows\System32\Tasks\RealPlayerRealUpgradeLog onTaskS-1-5-21-436883666-1139675966-1884149517-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlay erRealUpgradeLogonTaskS-1-5-21-436883666-1139675966-1884149517-1000 => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{E79D24D 9-EF3C-4FAB-96D2-1E132CFCF8E4} => key not found.
C:\windows\System32\Tasks\RealDownloader Update Check => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealDown loader Update Check => key not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{F772966 F-99C1-4160-BADC-979584135DBE} => key not found.
C:\windows\System32\Tasks\RealPlayerRealUpgradeSch eduledTaskS-1-5-21-436883666-1139675966-1884149517-1000 => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\RealPlay erRealUpgradeScheduledTaskS-1-5-21-436883666-1139675966-1884149517-1000 => key not found.
========= RemoveProxy: =========
HKU\S-1-5-21-436883666-1139675966-1884149517-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings => value could not remove.
HKU\S-1-5-21-436883666-1139675966-1884149517-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f =========
========= End of Reg: =========
========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Pol icy\Local /f =========
========= End of Reg: =========
========= bitsadmin /reset /allusers =========
========= End of CMD: =========
========= ipconfig /flushdns =========
========= End of CMD: =========
=========== EmptyTemp: ==========
BITS transfer queue => 8388608 BComment
-
Ok … i re-run, and here is the first, and i’ll retrieve the "addition
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-09-2016
Ran by rusobr2 (administrator) on RUSOBR2-PC (28-09-2016 17:09:12)
Running from C:\Users\rusobr2\Downloads
Loaded Profiles: rusobr2 (Available Profiles: rusobr2)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 10 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Zemana Ltd.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
(QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlug in_23_0_0_162.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
HKLM-x32...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe [1889192 2016-09-27] (QIHU 360 SOFTWARE CO. LIMITED)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-436883666-1139675966-1884149517-1000...\Run: [BingSvc] => C:\Users\rusobr2\AppData\Local\Microsoft\BingSvc\B ingSvc.exe [144008 2015-11-12] (© 2015 Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Wireless Connection Manager.lnk [2014-08-04]
ShortcutTarget: Wireless Connection Manager.lnk → C:\Program Files (x86)\D-Link\DWA-131\wirelesscm.exe (D-Link Corp.)
BootExecute: autocheck autochk * sdnclean64.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
Tcpip..\Interfaces{F63853C9-4098-42F4-ADE8-406C47CCC51F}: [DhcpNameServer] 8.8.8.8 8.8.4.4 72.14.112.9
[HEADING=1]Internet Explorer:[/HEADING]
BHO: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2016-09-27] (Qihu 360 Software Co., Ltd.)
BHO-x32: SafeMon Class → {B69F34DD-F0F9-42DC-9EDD-957187DA688D} → C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2016-07-11] (Qihu 360 Software Co., Ltd.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957
FF Homepage: msn.com
FF Plugin: @adobe.com/FlashPlayer → C:\windows\system32\Macromed\Flash\NPSWF64_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin-x32: @adobe.com/FlashPlayer → C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_ 162.dll [2016-09-13] ()
FF Plugin-x32: @Google.com/GoogleEarthPlugin → C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll [2015-05-21] (Google)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 → C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: Adobe Reader → C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-07-28] (Adobe Systems Inc.)
FF Extension: (American English Spelling Checker) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\extensions\AmericanEnglishSpellingChecker@lipocodes.xpi [2016-08-26]
FF Extension: (360 Internet Protection) - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox [2016-07-30]
FF Extension: (Firefox Hotfix) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\firefox-hotfix@mozilla.org.xpi [2016-08-30]
FF Extension: (YouTube™ Flash-HTML5) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\jid1-o2qEVrZ4t5FJWu@jetpack.xpi [2016-07-30]
FF Extension: (translator) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions\translator@dontfollowme.net.xpi [2016-06-08]
FF Extension: (Video DownloadHelper) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{b9db16a4-6edc-47ec-a1f4-b86292ed211d}.xpi [2016-09-26]
FF Extension: (Adblock Plus) - C:\Users\rusobr2\AppData\Roaming\Mozilla\Firefox\P rofiles\dyxfuajd.default-1444401129957\Extensions{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2016-04-28]
FF HKLM-x32...\Firefox\Extensions: [WebProtection@360safe.com] - C:\Program Files (x86)\360\Total Security\safemon\webprotection_firefox
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [926632 2016-09-27] (QIHU 360 SOFTWARE CO. LIMITED)
S3 RealPlayerUpdateSvc; C:\Program Files (x86)\Real\UpdateService\RealPlayerUpdateSvc.exe [33088 2015-11-04] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S2 WlanWpsSvc; C:\Program Files (x86)\D-Link\DWA-131\WlanWpsSvc.exe [167936 2008-06-26] () [File not signed]
S2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [13624048 2016-09-02] (Zemana Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [151784 2016-07-11] (360.cn)
R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2016-09-27] (360.cn)
R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2016-09-27] (360.cn)
R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2016-09-27] (360.cn)
S3 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [40520 2015-09-05] (360.cn)
R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [391392 2016-09-01] (360.cn)
R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-09-09] (360.cn)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50472 2015-08-10] (NVIDIA Corporation)
S3 RTL8192cu; C:\Windows\System32\DRIVERS\rtwlanu.sys [986728 2012-02-10] (Realtek Semiconductor Corporation )
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2016-09-22] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2016-09-22] (Zemana Ltd.)
S3 ADIHdAudAddService; system32\drivers\ADIHdAud.sys
S3 NvStreamKms; ??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-26 17:48 - 2016-09-26 17:48 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020(2).exe
2016-09-26 17:47 - 2016-09-26 17:47 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020(1).exe
2016-09-26 17:24 - 2016-09-26 17:20 - 00002846 _____ C:\Users\rusobr2\Documents\How To Do A Frog Split _ Flexi Friday _ Piiink Gymnastics - Shortcut.lnk
2016-09-26 17:24 - 2016-09-26 17:20 - 00002411 _____ C:\Users\rusobr2\Documents\Splits warm up and my splits - Shortcut.lnk
2016-09-26 17:21 - 2016-09-26 17:20 - 00002786 _____ C:\Users\rusobr2\Documents\Gimnasia - Rápidamente y Fácilmente Divisiones ! _ HD - Shortcut.lnk
2016-09-26 17:21 - 2016-09-26 17:20 - 00002411 _____ C:\Users\rusobr2\Documents\Gymnastics Tutorial Vol 1(1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003236 _____ C:\Users\rusobr2\Desktop\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois(1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003221 _____ C:\Users\rusobr2\Desktop\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00003191 _____ C:\Users\rusobr2\Desktop\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002936 _____ C:\Users\rusobr2\Desktop\MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002756 _____ C:\Users\rusobr2\Desktop\Doing gymnastics while doing daily tasks EPIC FAIL - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002726 _____ C:\Users\rusobr2\Desktop\Desafio da piscina na yoga challenge at the beach - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002636 _____ C:\Users\rusobr2\Desktop\Best friend pool chllenge and funny moments - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002591 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge - Desafio da yoga 149 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002591 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge - Desafio da yoga 145 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002576 _____ C:\Users\rusobr2\Desktop\Best friend challenge w Abigail Troute - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002546 _____ C:\Users\rusobr2\Desktop\Bianca se descuida - FAZENDA DE VERÃO - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002541 _____ C:\Users\rusobr2\Desktop\Exercises for your splits - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002531 _____ C:\Users\rusobr2\Desktop\Cómo hacer tu propia habitación _ HD - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002473 _____ C:\Users\rusobr2\Desktop\BFF’S YOGA CHALLENGE ч.2 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002441 _____ C:\Users\rusobr2\Desktop\COMO icebucket challenge! _ HD - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002426 _____ C:\Users\rusobr2\Desktop\BetaRiffs _ Day 4 _ SLEEPOVER - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002401 _____ C:\Users\rusobr2\Desktop\SFHelper-Web-Installer-b8f8b9d038-[308] - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002396 _____ C:\Users\rusobr2\Desktop\Desafio o que tem no meu pé - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002351 _____ C:\Users\rusobr2\Desktop\English Pediatric Female - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002321 _____ C:\Users\rusobr2\Desktop\Amy’s gymnastic skills - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002291 _____ C:\Users\rusobr2\Desktop\Fun Yoga Challenge 8 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002261 _____ C:\Users\rusobr2\Desktop\desafio da piscina - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002221 _____ C:\Users\rusobr2\Desktop\flashplayer22_jd_install( 2) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002221 _____ C:\Users\rusobr2\Desktop\flashplayer22_jd_install( 1) - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\cup song update - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\Brigas de irmas - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002216 _____ C:\Users\rusobr2\Desktop\Bloopers lol xx - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002201 _____ C:\Users\rusobr2\Desktop\cooler Knaller - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002201 _____ C:\Users\rusobr2\Desktop\Bath challenge - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002161 _____ C:\Users\rusobr2\Desktop\Firefox Setup Stub 41.0 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\readerdc_en_ha_install - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\GoogleEarthPluginSetup - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002146 _____ C:\Users\rusobr2\Desktop\ConvertHelperSetup-3.2 - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002081 _____ C:\Users\rusobr2\Desktop\arlena - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002066 _____ C:\Users\rusobr2\Desktop\my pictures - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002066 _____ C:\Users\rusobr2\Desktop\fixlist - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002056 _____ C:\Users\rusobr2\Desktop\GoogleEarthSetup - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002055 _____ C:\Users\rusobr2\Desktop\Fixlog - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002055 _____ C:\Users\rusobr2\Desktop\aswMBR - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00002021 _____ C:\Users\rusobr2\Desktop\FRST - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001981 _____ C:\Users\rusobr2\Desktop\MSNHomepage - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001981 _____ C:\Users\rusobr2\Desktop\DefaultPack - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001906 _____ C:\Users\rusobr2\Desktop\FRST64 - Shortcut (2).lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001884 _____ C:\Users\rusobr2\Desktop\firefox-setup-win64bit.exe.0ham0ha - Shortcut.lnk
2016-09-26 17:20 - 2016-09-26 17:20 - 00001483 _____ C:\Users\rusobr2\Desktop\MBR.dat - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002842 _____ C:\Users\rusobr2\Desktop\MSN.com - Hotmail, Outlook, Skype, Bing, Latest News, Photos & Videos_files - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002221 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup( 6) - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002221 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup( 5) - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002176 _____ C:\Users\rusobr2\Desktop\Zemana.AntiMalware.Setup - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002089 _____ C:\Users\rusobr2\Desktop\Warrant List - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002085 _____ C:\Users\rusobr2\Desktop\Addition - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002056 _____ C:\Users\rusobr2\Desktop\adwcleaner_6.020 - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00002041 _____ C:\Users\rusobr2\Desktop\win7_64_1512754 - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00001981 _____ C:\Users\rusobr2\Desktop\360TS_Setup - Shortcut.lnk
2016-09-26 17:19 - 2016-09-26 17:19 - 00001972 _____ C:\Users\rusobr2\Desktop\FRST-OlderVersion - Shortcut.lnk
2016-09-26 17:12 - 2016-09-26 17:43 - 00000000 ____D C:\AdwCleaner
2016-09-26 17:11 - 2016-09-26 17:12 - 03861056 _____ C:\Users\rusobr2\Downloads\adwcleaner_6.020.exe
2016-09-26 15:29 - 2016-09-26 15:29 - 00002055 _____ C:\Users\rusobr2\Desktop\Fixlog - Shortcut.lnk
2016-09-26 15:28 - 2016-09-26 15:28 - 00002066 _____ C:\Users\rusobr2\Desktop\fixlist - Shortcut.lnk
2016-09-26 15:09 - 2016-09-26 17:59 - 00006166 _____ C:\Users\rusobr2\Downloads\Fixlog.txt
2016-09-26 15:08 - 2016-09-26 15:08 - 00020734 _____ C:\Users\rusobr2\Downloads\Addition.txt
2016-09-26 15:05 - 2016-09-28 17:08 - 00000000 ____D C:\Users\rusobr2\Downloads\FRST-OlderVersion
2016-09-26 15:04 - 2016-09-26 15:04 - 00001906 _____ C:\Users\rusobr2\Desktop\FRST64 - Shortcut.lnk
2016-09-26 10:22 - 2016-09-26 10:22 - 06341128 _____ (SaveFrom.net ) C:\Users\rusobr2\Downloads\SFHelper-Setup(1).exe
2016-09-26 10:13 - 2016-09-26 10:13 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-b8f8b9d038-[308].exe
2016-09-26 10:04 - 2016-09-26 10:04 - 45936050 _____ (DownloadHelper ) C:\Users\rusobr2\Downloads\ConvertHelperSetup-3.2.exe
2016-09-26 09:57 - 2016-09-26 09:58 - 00844760 _____ ( ) C:\Users\rusobr2\Downloads\SFHelper-Web-Installer-5ebe6f8827-[308].exe
2016-09-26 03:39 - 2016-09-26 03:40 - 00294496 _____ C:\windows\system32\FNTCACHE.DAT
2016-09-23 13:28 - 2016-09-26 03:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2016-09-23 12:13 - 2016-09-23 12:13 - 00002021 _____ C:\Users\rusobr2\Desktop\FRST - Shortcut.lnk
2016-09-23 11:54 - 2016-09-23 11:55 - 00002150 _____ C:\Users\rusobr2\Downloads\fixlist.txt
2016-09-22 21:37 - 2016-09-22 21:37 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2016-09-22 20:09 - 2016-08-05 08:30 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\tzres.dll
2016-09-22 20:09 - 2016-08-05 08:13 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzres.dll
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(6).exe
2016-09-22 19:08 - 2016-09-22 19:08 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p(5).exe
2016-09-22 18:57 - 2016-09-28 17:09 - 01006046 _____ C:\windows\ZAM.krnl.trace
2016-09-22 18:57 - 2016-09-28 17:08 - 00120076 _____ C:\windows\ZAM_Guard.krnl.trace
2016-09-22 18:57 - 2016-09-22 21:37 - 00001150 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2016-09-22 18:57 - 2016-09-22 21:37 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2016-09-22 18:57 - 2016-09-22 18:57 - 00203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2016-09-22 18:55 - 2016-09-22 18:55 - 00000000 ____D C:\Users\rusobr2\AppData\Local\Zemana
2016-09-22 18:54 - 2016-09-22 18:54 - 05292304 _____ ( ) C:\Users\rusobr2\Downloads\Zemana.AntiMalware.Setu p.exe
2016-09-21 12:56 - 2016-09-21 12:56 - 00064024 _____ C:\Users\rusobr2\AppData\Local\GDIPFONTCACHEV1.DAT
2016-09-21 12:02 - 2016-09-21 12:02 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1(1).mp4
2016-09-21 12:01 - 2016-09-21 12:01 - 12085005 _____ C:\Users\rusobr2\Downloads\Gymnastics Tutorial Vol 1.mp4
2016-09-21 12:00 - 2016-09-21 12:00 - 13930961 _____ C:\Users\rusobr2\Downloads\Handstands and splits .mp4
2016-09-21 11:57 - 2016-09-21 11:57 - 10799682 _____ C:\Users\rusobr2\Downloads\The splits.mp4
2016-09-21 11:40 - 2016-09-21 11:40 - 04319634 _____ C:\Users\rusobr2\Downloads\How To Do A Frog Split _ Flexi Friday _ Piiink Gymnastics.mp4
2016-09-21 11:11 - 2016-09-21 11:11 - 26403878 _____ C:\Users\rusobr2\Downloads\Stretching and tumbling tutorial.mp4
2016-09-21 11:09 - 2016-09-21 11:10 - 13058083 _____ C:\Users\rusobr2\Downloads\My stretching routine.mp4
2016-09-21 10:22 - 2016-09-21 10:22 - 30402244 _____ C:\Users\rusobr2\Downloads\Splits warm up and my splits.mp4
2016-09-21 09:47 - 2016-09-21 09:47 - 04805041 _____ C:\Users\rusobr2\Downloads\20 сентября 2016 г.mp4
2016-09-21 07:05 - 2016-09-21 07:05 - 01955428 _____ C:\Users\rusobr2\Downloads\4 сентября 2016 г.mp4
2016-09-21 06:51 - 2016-09-21 06:51 - 06638321 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г(3).mp4
2016-09-21 06:47 - 2016-09-21 06:47 - 04482071 _____ C:\Users\rusobr2\Downloads\Даша грохнулась.mp4
2016-09-21 06:43 - 2016-09-21 06:43 - 05313504 _____ C:\Users\rusobr2\Downloads\7 сентября 2016 г.mp4
2016-09-21 00:18 - 2016-09-21 00:18 - 00001433 _____ C:\Users\rusobr2\Desktop\aswMBR - Shortcut.lnk
2016-09-20 23:36 - 2016-09-20 23:37 - 00000085 _____ C:\windows\wininit.ini
2016-09-20 23:36 - 2016-09-20 23:36 - 00000000 ____D C:\windows\System32\Tasks\Safer-Networking
2016-09-20 23:34 - 2016-09-20 23:39 - 00000000 __D C:\Users\rusobr2\AppData\Roaming\Geek Uninstaller
2016-09-20 23:21 - 2016-09-20 23:21 - 00002174 _____ C:\Users\rusobr2\Downloads\aswMBR.txt
2016-09-20 23:21 - 2016-09-20 23:21 - 00000512 _____ C:\Users\rusobr2\Downloads\MBR.dat
2016-09-19 10:13 - 2016-09-19 10:13 - 09608270 _____ C:\Users\rusobr2\Downloads\Home gymnastic show backbends, splits, of course needle and turnover!.mp4
2016-09-19 09:53 - 2016-09-19 09:53 - 28420838 _____ C:\Users\rusobr2\Downloads\New Yoga Yoga challenge with girls friend = Desafio Yoga 117.mp4
2016-09-19 01:23 - 2016-09-19 01:23 - 46333830 _____ C:\Users\rusobr2\Downloads\Líná chodit do školy #1.mp4
2016-09-19 01:12 - 2016-09-19 01:12 - 27860219 _____ C:\Users\rusobr2\Downloads\Касмитечка.mp4
2016-09-19 01:04 - 2016-09-19 01:04 - 06170368 _____ C:\Users\rusobr2\Downloads\9 июля 2016 г.mp4
2016-09-19 00:55 - 2016-09-19 00:55 - 77232263 _____ C:\Users\rusobr2\Downloads\10 августа 2016 г.mp4
2016-09-19 00:52 - 2016-09-19 00:52 - 08383314 _____ C:\Users\rusobr2\Downloads\Растяжка на шпагат.mp4
2016-09-19 00:43 - 2016-09-19 00:43 - 36463389 _____ C:\Users\rusobr2\Downloads\МОЕ УТРО_MY MORNING.mp4
2016-09-19 00:33 - 2016-09-19 00:34 - 19430270 _____ C:\Users\rusobr2\Downloads\Схуднути.mp4
2016-09-19 00:32 - 2016-09-19 00:32 - 14602375 _____ C:\Users\rusobr2\Downloads\Гимнастика(3).mp4
2016-09-19 00:31 - 2016-09-19 00:31 - 20566473 _____ C:\Users\rusobr2\Downloads\Гимнастик.mp4
2016-09-19 00:29 - 2016-09-19 00:29 - 10237721 _____ C:\Users\rusobr2\Downloads\Гимнастика(2).mp4
2016-09-18 22:49 - 2016-09-18 22:49 - 15114228 _____ C:\Users\rusobr2\Downloads\Как сесть на шпагат Видео урок.mp4
2016-09-18 22:46 - 2016-09-18 22:46 - 34812812 _____ C:\Users\rusobr2\Downloads\Как я встаю на мостик и делаю бабочку.mp4
2016-09-18 22:44 - 2016-09-18 22:44 - 19250202 _____ C:\Users\rusobr2\Downloads\How to escape from the summer heat. gymnastics element. Как спастись от жары летом.mp4
2016-09-18 22:39 - 2016-09-18 22:39 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois(1).mp4
2016-09-18 22:37 - 2016-09-18 22:37 - 44013441 _____ C:\Users\rusobr2\Downloads\challenge in the pool with my brother dois.desafio na piscina com meu irmão dois.mp4
2016-09-18 22:31 - 2016-09-18 22:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео(1).mp4
2016-09-18 22:23 - 2016-09-18 22:24 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(5).mp4
2016-09-18 22:23 - 2016-09-18 22:23 - 82043109 _____ C:\Users\rusobr2\Downloads\My stretch_warm up routine.mp4
2016-09-18 13:58 - 2016-09-18 14:00 - 40991849 _____ C:\Users\rusobr2\Downloads\The sleepover Part 1.mp4
2016-09-14 11:05 - 2016-09-02 08:40 - 00631176 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 05548264 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:35 - 00706280 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2016-09-14 11:05 - 2016-09-02 08:35 - 00154856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2016-09-14 11:05 - 2016-09-02 08:35 - 00095464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2016-09-14 11:05 - 2016-09-02 08:34 - 01732864 _____ (Microsoft Corporation) C:\windows\system32\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\wow64win.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\wow64.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\winsrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00210432 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00028672 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2016-09-14 11:05 - 2016-09-02 08:31 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\wow64cpu.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01464320 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01212928 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 01163264 _____ (Microsoft Corporation) C:\windows\system32\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00880640 _____ (Microsoft Corporation) C:\windows\system32\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00730624 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00690688 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00463872 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00316416 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00190464 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00044032 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00034816 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00006144 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00005120 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004608 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00004096 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003584 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:30 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:21 - 04000488 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2016-09-14 11:05 - 2016-09-02 08:21 - 03944680 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2016-09-14 11:05 - 2016-09-02 08:18 - 01314112 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntdll.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 01114112 _____ (Microsoft Corporation) C:\windows\SysWOW64\kernel32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00690688 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00666112 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00644096 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00553472 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00342528 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00275456 _____ (Microsoft Corporation) C:\windows\SysWOW64\KernelBase.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00260608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00223232 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00141312 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00005120 _____ (Microsoft Corporation) C:\windows\SysWOW64\wow32.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00004096 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:16 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 08:02 - 00148480 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2016-09-14 11:05 - 2016-09-02 08:02 - 00062464 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2016-09-14 11:05 - 2016-09-02 08:02 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2016-09-14 11:05 - 2016-09-02 08:01 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:58 - 00338432 _____ (Microsoft Corporation) C:\windows\system32\conhost.exe
2016-09-14 11:05 - 2016-09-02 07:57 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2016-09-14 11:05 - 2016-09-02 07:55 - 00159744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00291328 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb10.sys
2016-09-14 11:05 - 2016-09-02 07:54 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxsmb20.sys
2016-09-14 11:05 - 2016-09-02 07:53 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2016-09-14 11:05 - 2016-09-02 07:53 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptbase.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\setup16.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntvdm64.dll
2016-09-14 11:05 - 2016-09-02 07:49 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\instnm.exe
2016-09-14 11:05 - 2016-09-02 07:49 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\user.exe
2016-09-14 11:05 - 2016-09-02 07:48 - 00006144 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00004608 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003584 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2016-09-14 11:05 - 2016-09-02 07:48 - 00003072 ____H (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2016-09-14 11:05 - 2016-08-16 10:36 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
2016-09-14 11:05 - 2016-08-15 19:48 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
2016-09-14 11:05 - 2016-08-15 19:35 - 03218432 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00464896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2016-09-14 11:05 - 2016-08-12 09:26 - 00168960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2016-09-14 11:02 - 2016-08-06 08:31 - 00877056 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
2016-09-14 11:02 - 2016-08-06 08:15 - 00581632 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
2016-09-13 22:42 - 2016-09-13 22:42 - 111822069 _____ C:\Users\rusobr2\Downloads\Ломай меня полностью йога челлендж.mp4
2016-09-13 22:39 - 2016-09-13 22:39 - 45057002 _____ C:\Users\rusobr2\Downloads\Играим в хадилку.mp4
2016-09-13 22:30 - 2016-09-13 22:30 - 14174078 _____ C:\Users\rusobr2\Downloads\Учимся делать шпагат.mp4
2016-09-13 21:31 - 2016-09-13 21:31 - 38455354 _____ C:\Users\rusobr2\Downloads\Как вам видео.mp4
2016-09-11 01:12 - 2016-09-11 01:12 - 240842651 _____ C:\Users\rusobr2\Downloads\Я Гимнастка _ВанилькаЕП.mp4
2016-09-11 00:24 - 2016-09-11 00:24 - 52286436 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:59 - 2016-09-10 23:59 - 45254372 _____ C:\Users\rusobr2\Downloads\Твистер.mp4
2016-09-10 23:35 - 2016-09-10 23:35 - 40064630 _____ C:\Users\rusobr2\Downloads\Гимнастика(1).mp4
2016-09-10 23:33 - 2016-09-10 23:33 - 03526638 _____ C:\Users\rusobr2\Downloads\гимнастика мост.mp4
2016-09-10 23:08 - 2016-09-10 23:08 - 174767774 _____ C:\Users\rusobr2\Downloads\A type of yoga challenge.mp4
2016-09-10 23:00 - 2016-09-10 23:00 - 54406603 _____ C:\Users\rusobr2\Downloads\The Yoga Challenge - Yoga Challenge - Part 21.mp4
2016-09-10 22:49 - 2016-09-10 22:49 - 05025116 _____ C:\Users\rusobr2\Downloads\Gymnastics(2).mp4
2016-09-10 22:45 - 2016-09-10 22:45 - 50427499 _____ C:\Users\rusobr2\Downloads\Amy’s gymnastic skills.mp4
2016-09-10 22:30 - 2016-09-10 22:31 - 89325604 _____ C:\Users\rusobr2\Downloads\SEMIOLOGIA PEDIATRICA 4 - A LOS SIETE AÑOS - 2056.mp4
2016-09-10 22:28 - 2016-09-10 22:28 - 19170597 _____ C:\Users\rusobr2\Downloads\Yoga challenge with Marina GYMNASTICS Desafio YOGA CHALLENGE (GMSC).mp4
2016-09-10 22:23 - 2016-09-10 22:23 - 136196269 _____ C:\Users\rusobr2\Downloads\Страшные явения.mp4
2016-09-10 22:13 - 2016-09-10 22:13 - 91748415 _____ C:\Users\rusobr2\Downloads\How to get your splits better and to the ground!.mp4
2016-09-10 11:33 - 2016-09-10 11:33 - 10682596 _____ C:\Users\rusobr2\Downloads\Gymnastics _ Backbend,easy tutorial.mp4
2016-09-10 11:14 - 2016-09-10 11:14 - 17128721 _____ C:\Users\rusobr2\Downloads\Gymnastics(1).mp4
2016-09-10 11:11 - 2016-09-10 11:11 - 202934887 _____ C:\Users\rusobr2\Downloads\Gymnastics fail.mp4
2016-09-10 10:57 - 2016-09-10 10:57 - 130289264 _____ C:\Users\rusobr2\Downloads\Yoga Challenge(1).mp4
2016-09-08 07:46 - 2016-09-08 07:48 - 531321141 _____ C:\Users\rusobr2\Downloads\stretching.mp4
2016-09-07 20:46 - 2016-09-07 20:46 - 35863061 _____ C:\Users\rusobr2\Downloads\Part 2 gymnastics.mp4
2016-09-07 12:13 - 2016-09-07 12:13 - 18587769 _____ C:\Users\rusobr2\Downloads\Splits stretching!.mp4
2016-09-07 11:31 - 2016-09-07 11:31 - 58095923 _____ C:\Users\rusobr2\Downloads\Разминка для ног.mp4
2016-09-07 09:43 - 2016-09-07 09:43 - 69716889 _____ C:\Users\rusobr2\Downloads\Yoga challenge girls kids #4.mp4
2016-09-07 09:37 - 2016-09-07 09:37 - 43101788 _____ C:\Users\rusobr2\Downloads\Yoga challenge word 2= Desafio Yoga word.mp4
2016-09-07 09:17 - 2016-09-07 09:17 - 18675477 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Extra Wrestling!.mp4
2016-09-06 21:46 - 2016-09-28 17:09 - 00007931 _____ C:\Users\rusobr2\Downloads\FRST.txt
2016-09-06 21:46 - 2016-09-28 17:09 - 00000000 ____D C:\FRST
2016-09-06 21:45 - 2016-09-28 17:08 - 02404352 _____ (Farbar) C:\Users\rusobr2\Downloads\FRST64.exe
2016-09-06 21:37 - 2016-09-06 21:37 - 00000000 ____D C:\Program Files\Common Files\AV
2016-09-03 09:07 - 2016-09-03 09:08 - 30461490 _____ C:\Users\rusobr2\Downloads\Guide to do some gymnastics.mp4
2016-09-02 07:09 - 2016-09-02 07:09 - 138450435 _____ C:\Users\rusobr2\Downloads\BFF’S YOGA CHALLENGE ч.2.mp4
2016-09-02 06:41 - 2016-09-02 06:41 - 81445047 _____ C:\Users\rusobr2\Downloads\Йога челинж.mp4
2016-09-02 05:36 - 2016-09-02 05:37 - 317107316 _____ C:\Users\rusobr2\Downloads\BetaRiffs _ Day 4 _ SLEEPOVER.mp4
2016-09-01 14:20 - 2016-09-01 14:20 - 35688452 _____ C:\Users\rusobr2\Downloads\NOT MY LEGS CHALLENGE WITH TRYNDA BLOOPERS.mp4
2016-09-01 12:39 - 2016-09-01 12:40 - 103365220 _____ C:\Users\rusobr2\Downloads\2 girls yoga challenge.mp4
2016-09-01 11:03 - 2016-09-01 11:03 - 06683268 _____ C:\Users\rusobr2\Downloads\Как научиться делать переворот вперед.mp4
2016-09-01 10:44 - 2016-09-01 10:44 - 75395273 _____ C:\Users\rusobr2\Downloads\Doing gymnastics while doing daily tasks _EPIC FAIL.mp4
2016-09-01 09:27 - 2016-09-01 09:27 - 38333639 _____ C:\Users\rusobr2\Downloads\Ice _ yoga challenge.mp4
2016-09-01 09:22 - 2016-09-01 09:23 - 75980070 _____ C:\Users\rusobr2\Downloads\Ice bath challenge.mp4
2016-08-31 10:57 - 2016-08-31 10:57 - 79534852 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt1.mp4
2016-08-31 10:49 - 2016-08-31 10:49 - 81818813 _____ C:\Users\rusobr2\Downloads\Yoga Challenge pt2.mp4
2016-08-31 10:36 - 2016-08-31 10:36 - 65209880 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 149.mp4
2016-08-31 10:24 - 2016-08-31 10:25 - 76388680 _____ C:\Users\rusobr2\Downloads\Fun Yoga Challenge - Desafio da yoga 145.mp4
2016-08-31 10:01 - 2016-08-31 10:02 - 139949912 _____ C:\Users\rusobr2\Downloads\Yoga Challenge Funny!.mp4
2016-08-31 09:06 - 2016-08-31 09:06 - 79297183 _____ C:\Users\rusobr2\Downloads\Yoga challenge .mp4
2016-08-31 08:50 - 2016-08-31 08:50 - 16898776 _____ C:\Users\rusobr2\Downloads\Gymnastics - Middle Split.mp4
2016-08-31 08:39 - 2016-08-31 08:39 - 07341877 _____ C:\Users\rusobr2\Downloads\Gymnastics - How to do the Middle Splits for Kids.mp4
2016-08-31 08:35 - 2016-08-31 08:35 - 12684431 _____ C:\Users\rusobr2\Downloads\Gymnastics - Splits Warm Up !.mp4
2016-08-31 08:28 - 2016-08-31 08:28 - 138981413 _____ C:\Users\rusobr2\Downloads\Bath challenge.mp4
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-09-28 16:58 - 2015-09-15 15:16 - 00000000 ____D C:\Users\rusobr2\AppData\LocalLow\360WD
2016-09-28 16:16 - 2016-05-26 09:32 - 00000830 _____ C:\windows\Tasks\Adobe Flash Player Updater.job
2016-09-28 13:21 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-09-28 13:21 - 2009-07-13 21:45 - 00021888 ____H C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-09-28 07:46 - 2015-09-15 15:16 - 00001151 _____ C:\Users\Public\Desktop\360 Total Security.lnk
2016-09-28 07:46 - 2015-09-15 15:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center
2016-09-28 02:15 - 2015-12-02 02:43 - 00000000 ____D C:\Users\rusobr2\dwhelper
2016-09-28 00:38 - 2015-09-27 10:57 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\vlc
2016-09-27 23:52 - 2015-12-14 23:06 - 00086248 _____ (360.cn) C:\windows\SysWOW64\Drivers\360AvFlt.sys
2016-09-27 23:52 - 2015-09-15 15:16 - 00330472 _____ (360.cn) C:\windows\system32\Drivers\360Box64.sys
2016-09-27 23:52 - 2015-09-15 15:16 - 00086248 _____ (360.cn) C:\windows\system32\Drivers\360AvFlt.sys
2016-09-26 18:53 - 2009-07-13 20:20 - 00000000 ____D C:\windows\rescache
2016-09-26 17:51 - 2009-07-13 22:13 - 00781790 _____ C:\windows\system32\PerfStringBackup.INI
2016-09-26 17:51 - 2009-07-13 20:20 - 00000000 ____D C:\windows\inf
2016-09-26 17:46 - 2015-09-15 14:37 - 00000000 ____D C:\Users\rusobr2
2016-09-26 17:45 - 2009-07-13 22:08 - 00000006 ____H C:\windows\Tasks\SA.DAT
2016-09-26 10:06 - 2016-03-25 12:14 - 00000000 ____D C:\Program Files\ConvertHelper3
2016-09-26 03:39 - 2015-11-19 09:39 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2016-09-23 21:10 - 2015-09-27 10:37 - 00000000 __SHD C:$360Section
2016-09-23 21:10 - 2015-09-15 15:18 - 00000000 ____D C:\ProgramData\360Quarant
2016-09-23 21:10 - 2015-09-15 15:17 - 00000000 ____D C:\Users\rusobr2\AppData\Roaming\360safe
2016-09-14 11:11 - 2014-07-31 14:32 - 00000000 ____D C:\windows\system32\MRT
2016-09-14 11:06 - 2014-07-31 14:32 - 144199024 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00796352 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2016-09-13 15:16 - 2016-05-26 09:32 - 00142528 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-09-13 15:16 - 2016-05-26 09:32 - 00003768 _____ C:\windows\System32\Tasks\Adobe Flash Player Updater
2016-09-13 15:16 - 2016-05-13 22:40 - 06502080 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\SysWOW64\Macromed
2016-09-13 15:16 - 2014-08-04 09:59 - 00000000 ____D C:\windows\system32\Macromed
2016-09-09 05:24 - 2015-09-15 15:16 - 00188864 _____ (360.cn) C:\windows\system32\Drivers\BAPIDRV64.SYS
2016-09-01 04:43 - 2015-09-15 15:16 - 00391392 _____ (360.cn) C:\windows\system32\Drivers\360fsflt.sys
[HEADING=1]Some files in TEMP:[/HEADING]
C:\Users\rusobr2\AppData\Local\Temp\libeay32.dll
C:\Users\rusobr2\AppData\Local\Temp\msvcr120.dll
C:\Users\rusobr2\AppData\Local\Temp\sqlite3.dll
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\SysWOW64\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2016-09-25 08:36
==================== End of FRST.txt ============================
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-09-2016
Ran by rusobr2 (28-09-2016 17:10:08)
Running from C:\Users\rusobr2\Downloads
Windows 7 Home Premium Service Pack 1 (X64) (2015-09-15 21:37:06)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================
Administrator (S-1-5-21-436883666-1139675966-1884149517-500 - Administrator - Disabled)
Guest (S-1-5-21-436883666-1139675966-1884149517-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-436883666-1139675966-1884149517-1002 - Limited - Enabled)
rusobr2 (S-1-5-21-436883666-1139675966-1884149517-1000 - Administrator - Enabled) => C:\Users\rusobr2
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: 360 Total Security (Enabled - Up to date) {0371CA44-3F80-A1D3-BECE-910620B58D50}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: 360 Total Security (Enabled - Up to date) {B8102BA0-19BA-AE5D-847E-AA745B32C7ED}
==================== Installed Programs ======================
(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
360 Total Security (HKLM-x32...\360TotalSecurity) (Version: 8.8.0.1080 - 360 Security Center)
Adobe Acrobat Reader DC (HKLM-x32...{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
Adobe Flash Player 23 NPAPI (HKLM-x32...\Adobe Flash Player NPAPI) (Version: 23.0.0.162 - Adobe Systems Incorporated)
ConvertHelper 3.2 (HKLM...{27CC6AB1-E72B-4179-AF1A-EAE507EBAF52}}_is1) (Version: - DownloadHelper)
D-Link DWA-131 Wireless N Nano USB Adapter (HKLM-x32...{98B82958-1DCA-4504-BE88-C91F1C7A7225}) (Version: 1 - D-Link)
Google Earth (HKLM-x32...{817750FA-EC6A-485D-9901-0683AE6FFDF1}) (Version: 7.1.5.1557 - Google)
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Microsoft .NET Framework 4.6.1 (HKLM...{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM...{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32...{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 49.0.1 (x86 en-US) (HKLM-x32...\Mozilla Firefox 49.0.1 (x86 en-US)) (Version: 49.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32...\MozillaMaintenanceService) (Version: 49.0.1.6109 - Mozilla)
OpenOffice 4.1.0 (HKLM-x32...{C87EF11D-36E9-479D-9898-7541EA1E8A6A}) (Version: 4.10.9764 - Apache Software Foundation)
RealDownloader (x32 Version: 18.1.2.179 - RealNetworks) Hidden
Unknown File Handler (HKLM-x32...\UFH_is1) (Version: 2015.12.29.0 - File.org)
UpdateService (x32 Version: 1.0.0 - RealNetworks, Inc.) Hidden
VLC media player (HKLM-x32...\VLC media player) (Version: 2.2.4 - VideoLAN)
Zemana AntiMalware (HKLM-x32...{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.30.75 - Zemana Ltd.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {112EB998-21AB-451B-84E6-16B7E490B7D8} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe [2016-09-13] (Adobe Systems Incorporated)
Task: {17F5B756-88DC-4AF9-B7DF-CE86CB01E698} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {8EF0AFD9-13F3-4129-A4D3-6A35AA6C13FB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {EB701FFA-2793-4687-91C5-B5E75F882E3D} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
==================== Shortcuts =============================
(The entries could be listed to be restored or removed.)
Shortcut: C:\Users\rusobr2\Desktop\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога - Shortcut.lnk → C:\Users\rusobr2\Downloads\DESAFÍO ACEPTADO Yoga Desafio aceitado Yoga ВЫЗОВ ПРИНЯТ Йога .mp4 ()
==================== Loaded Modules (Whitelisted) ==============
2015-09-15 15:16 - 2016-09-27 23:52 - 00782248 _____ () C:\Program Files (x86)\360\Total Security\MenuEx64.dll
2016-09-22 18:57 - 2016-09-22 18:57 - 00123760 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2015-09-15 15:16 - 2016-09-27 23:52 - 00099240 _____ () C:\Program Files (x86)\360\Total Security\deepscan\qutmload.dll
2015-09-15 15:16 - 2016-09-27 23:52 - 00584616 _____ () C:\Program Files (x86)\360\Total Security\safemon\wdui2.dll
2016-09-13 15:16 - 2016-09-13 15:16 - 19588800 _____ () C:\windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_ 162.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” will be restored.)
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-13 19:34 - 2016-09-20 23:38 - 00000834 ____A C:\windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-436883666-1139675966-1884149517-1000\Control Panel\Desktop\Wallpaper → C:\Users\rusobr2\AppData\Roaming\Microsoft\Windows \Themes\TranscodedWallpaper.jpg
DNS Servers: 8.8.8.8 - 8.8.4.4
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Pol icies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{CB5892D1-D134-49A4-B4D4-249AED3D11DC}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{BF7A5042-B431-44EC-910A-29CF8CE7CF87}] => (Allow) C:\Program Files (x86)\360\Total Security\LiveUpdate360.exe
FirewallRules: [{225AF79B-8EFD-4F2C-A426-8AF611BFE0E6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{75B2F34C-F4E2-4AFD-A855-2AD733017867}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{A69BD9DA-B464-4A30-89EB-6C5017DDE021}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{774225EE-E7C7-4510-8DF7-F32B011FA366}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{95AB12F7-9EEB-48FA-AEB6-43ECC0CE3157}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{F56F610F-5356-4E19-AE05-E8F76ECBE804}] => (Allow) C:\Program Files (x86)\GlassWire\GWCtlSrv.exe
FirewallRules: [{5F4ECB8C-06FC-47C9-9F4D-35C2C0084B9B}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{910B2F64-A9CA-4865-9D70-92F98AD498B1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{BD8A9C81-9E66-42D1-BDAA-F6294FD29F53}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{4F0663CE-6234-489D-84C7-B3BCDE1AE40B}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5F62046F-82EC-46A2-9C40-FE0697D67E46}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\InstantSetup.exe
FirewallRules: [{8118F12A-1A44-4F3A-8656-9F67B3648D86}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\InstantSetup.exe
FirewallRules: [{DE79D5C2-2D29-48B2-8DB3-DCEAFF73F582}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{57A75971-0B04-49ED-A045-8F1900DC14EE}] => (Allow) C:\Program Files (x86)\360\Total Security\softmgr\360InstantSetup.exe
FirewallRules: [{6706059A-FCBE-4EC3-9E01-2545ABACDF19}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
FirewallRules: [{7A809890-BFF0-4B8D-914B-B24AA8B1736D}] => (Allow) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
==================== Restore Points =========================
18-09-2016 07:23:06 Windows Update
22-09-2016 20:09:15 Windows Update
26-09-2016 15:09:17 Restore Point Created by FRST
26-09-2016 17:56:11 Restore Point Created by FRST
26-09-2016 17:58:11 Restore Point Created by FRST
27-09-2016 03:09:03 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (09/28/2016 11:38:47 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (09/27/2016 04:59:59 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (09/27/2016 01:02:27 AM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (09/26/2016 08:20:33 PM) (Source: Customer Experience Improvement Program) (EventID: 1008) (User: )
Description: A problem prevented Customer Experience Improvement Program data from being sent to Microsoft, (Error 80004005).
Error: (09/26/2016 05:56:10 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f45878bd-75e2-4a32-af0b-a2e2439fc793}
Error: (09/26/2016 05:47:04 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/26/2016 03:33:29 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program FRST64.exe version 25.9.2016.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
Process ID: e78
Start Time: 01d218421f151db1
Termination Time: 4
Application Path: C:\Users\rusobr2\Downloads\FRST64.exe
Report Id: 390c9e1d-8439-11e6-821e-001aa0aaf328
Error: (09/26/2016 03:09:17 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
Operation:
Gathering Writer Data
Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {b1d06e53-8a00-4fab-9c82-3228dc1cecc4}
Error: (09/26/2016 10:29:26 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query “SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA “Win32_Processor” AND TargetInstance.LoadPercentage > 99” could not be reactivated in namespace “//./root/CIMV2” because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (09/26/2016 10:21:39 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: plugin-container.exe, version: 49.0.1.6109, time stamp: 0x57e44563
Faulting module name: mozglue.dll, version: 49.0.1.6109, time stamp: 0x57e43eea
Exception code: 0x80000003
Fault offset: 0x0000e846
Faulting process id: 0xf74
Faulting application start time: 0x01d21818d616c26d
Faulting application path: C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
Faulting module path: C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
Report Id: aeafa18d-840d-11e6-b5c2-001aa0aaf328
[HEADING=1]System errors:[/HEADING]
Error: (09/28/2016 07:46:11 AM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The 360 Total Security service terminated unexpectedly. It has done this 1 time(s).
Error: (09/27/2016 12:22:31 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: A timeout (30000 milliseconds) was reached while waiting for a transaction response from the Wlansvc service.
Error: (09/26/2016 05:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/26/2016 05:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Print Spooler service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
Error: (09/26/2016 05:58:23 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 2 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/26/2016 05:56:58 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error:
An instance of the service is already running.
Error: (09/26/2016 05:56:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/26/2016 05:56:28 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Media Player Network Sharing Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service.
Error: (09/26/2016 05:56:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The ZAM Controller Service service terminated unexpectedly. It has done this 1 time(s).
Error: (09/26/2016 05:56:28 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The WlanWpsSvc service terminated unexpectedly. It has done this 1 time(s).
[HEADING=1]CodeIntegrity:[/HEADING]
Date: 2016-03-23 22:04:30.267
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\win32k.sy s because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2016-03-23 22:04:30.111
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\win32k.sy s because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-13 23:17:22.280
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\A DIHdAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-13 23:17:22.202
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\A DIHdAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-13 23:10:19.282
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\A DIHdAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
Date: 2015-12-13 23:10:19.188
Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\A DIHdAud.sys because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
Processor: Intel(R) Pentium(R) D CPU 3.40GHz
Percentage of memory in use: 34%
Total physical RAM: 4029.61 MB
Available physical RAM: 2628.25 MB
Total Virtual: 8057.41 MB
Available Virtual: 5985.29 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:223.61 GB) (Free:153.65 GB) NTFS
==================== MBR & Partition Table ==================
================================================== ======
Disk: 0 (Size: 232.9 GB) (Disk ID: 07063C21)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=8.8 GB) - (Type=27)
Partition 3: (Not Active) - (Size=223.6 GB) - (Type=07 NTFS)
==================== End of Addition.txt ============================Comment
-
i’v not had much chance to work with PC, as grand-daughters have been all over it …
i ran the Farbar, then clicked on fix’, and all read-outs have been posted, all seamed to be OK, but haven’t had time to use… i’ll be back on here in a couple hrs
thanks, steveComment
-
Everything Appears To Be Fine Here, lets make one last scan to check for outdated Software.
Security Check Scan.
[ul]
[li]Download Security Check to your desktop.[/li][li]Right click it run as administrator.[/li][li]When the program completes, the tool will automatically open a log file.[/li][li]Please post that log here in your next post.[/li][/ul]Comment
-
well, it comes up as “error” for security check, and after several approaches, i come up with no results
now it comes up “error in execution” “security check exe” / auto delscript" the network name cannot be found.
** well, after running around for a few, i come up with a “log”
security check"
SecurityCheck by glax24 & Severnyj v.1.4.0.46 [22.09.16]
WebSite: www.safezone.cc
DateLog: 29.09.2016 14:25:57
Path starting: C:\Users\rusobr2\AppData\Local\Temp\SecurityCheck\ SecurityCheck.exe
Log directory: C:\SecurityCheck
IsAdmin: True
User: rusobr2
VersionXML: 3.39is-26.09.2016
Windows 7(6.1.7601) Service Pack 1 (x64) HomePremium Lang: English(0409)
Installation date OS: 15.09.2015 21:37:06
LicenseStatus: Windows(R) 7, HomePremium edition The machine is permanently activated.
Boot Mode: Normal
Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe
SystemDrive: C: FS: [NTFS] Capacity: [223.6 Gb] Used: [70.3 Gb] Free: [153.3 Gb]
------------------------------- [ Windows ] -------------------------------
Internet Explorer 10.0.9200.17609 Warning! Download Update
Online installation. Last version available when Windows update is enabled throught the Internet.
User Account Control enabled
Notify before download
Date install updates: 2016-09-23 03:10:14
Windows Update (wuauserv) - The service is running
Security Center (wscsvc) - The service is running
Remote Registry (RemoteRegistry) - The service has stopped
SSDP Discovery (SSDPSRV) - The service is running
Remote Desktop Services (TermService) - The service has stopped
Windows Remote Management (WS-Management) (WinRM) - The service has stopped
---------------------------- [ Antivirus_WMI ] ----------------------------
360 Total Security (enabled)
--------------------------- [ FirewallWindows ] ---------------------------
Windows Firewall (MpsSvc) - The service is running
--------------------------- [ AntiSpyware_WMI ] ---------------------------
Windows Defender (enabled and up to date)
360 Total Security (enabled)
---------------------- [ AntiVirusFirewallInstall ] -----------------------
360 Total Security v.8.8.0.1080
-------------------------- [ SecurityUtilities ] --------------------------
Zemana AntiMalware v.2.30.75
--------------------------- [ OtherUtilities ] ----------------------------
VLC media player v.2.2.4
OpenOffice 4.1.0 v.4.10.9764 Warning! Download Update
--------------------------- [ AdobeProduction ] ---------------------------
Adobe Flash Player 23 NPAPI v.23.0.0.162
Adobe Acrobat Reader DC v.15.017.20053
------------------------------- [ Browser ] -------------------------------
Mozilla Firefox 49.0.1 (x86 en-US) v.49.0.1
--------------------------- [ RunningProcess ] ----------------------------
C:\Program Files (x86)\Mozilla Firefox\firefox.exe v.49.0.1.6109
------------------ [ AntivirusFirewallProcessServices ] -------------------
Windows Defender (WinDefend) - The service is running
ZAM Controller Service (ZAMSvc) - The service is running
C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.0.0.0.0
360 Total Security (QHActiveDefense) - The service is running
C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe v.8.8.0.1008
C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe v.8.2.0.1000
C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe v.8.8.0.1012
----------------------------- [ End of Log ] ------------------------------Comment
Comment