Премини към съдържанието

RudeBoy

Потребител
  • Публикации

    6405
  • Регистрация

  • Последно онлайн

  • Топ дни

    14

RudeBoy е топ потребител на 8 ноември 2013

RudeBoy имаше най-много харесвания

Харесвания

9557 Гордостта на форума

Всичко за RudeBoy

  • Титла
    Mr.

Информация

  • Пол
    Мъж

Контакти

  • ICQ
    0
  • Интернет сайт
    https://www.kaldata.com/forums/user/185433-rudeboy/

Последни посетители

30028 прегледа на профила
  1. Относно торент клиент.

    Точно така е: Това и мен ме дразнеше отначало в новите версии на Opera. Но - свикнах .
  2. Относно торент клиент.

    Help за Opera 9.20 ?!? Не е нужно - торентът е вече свален, достатъчно е да се кликне на "балона" горе вдясно, за да се отвори с клиента по подразбиране. След което спокойно може да се изтрие.
  3. Относно торент клиент.

    Новата Opera няма такъв раздел.
  4. Относно торент клиент.

    Торентът вече е в свален, в папката, която си задал по подразбиране .
  5. Всичко за браузъра Opera - част 2

    Да пробваме - остави си само една страница, и напиши пълния адрес. Както е на моя скрийншот.
  6. Лаптопа ми забива !

    При такива симптоми и гаранционен лаптоп - директно в сервиза.
  7. MBAM откри и премахна 3 ключа в регистрите, смятам, че не е проблем: Registry Keys: 3 PUP.Optional.Tuto4PC, HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\MICROSOFT\wewewe, , [bcbd0baa3376cb6b4599c9828f71a060], Adware.Tuto4PC, HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\MICROSOFT\BIGTIME, , [3d3cd9dcb4f567cf9fea644305fc0bf5], Adware.Tuto4PC, HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\MICROSOFT\EWMON, , [7bfe1e97faaffc3af6942b7ccb368c74], Registry Values: 2 Adware.Tuto4PC, HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\MICROSOFT\BIGTIME|partner, installcube, , [3d3cd9dcb4f567cf9fea644305fc0bf5] Adware.Tuto4PC, HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\MICROSOFT\EWMON|partner, installcube, , [7bfe1e97faaffc3af6942b7ccb368c74] Успех и на вас, поздрави.
  8. Резултат от командата: Info: Successfully rebuilt performance counter setting from system backup store FRST и логовете са изчистени. Всичко е ОК, много благодаря още веднъж ПП. Вече ще бъда по-внимателен. Като нищо можеше да хвана някой криптовирус ...
  9. Положението е добре, изглежда, че системата работи нормално. Съжалявам, че си позволих отклонение от изискванията на раздела, но намерих и ръчно спрях разширението на Opera, което ми зареждаше реклами. Затова не е намерено от скрипта. Други промени не съм правил. Fix result of Farbar Recovery Scan Tool (x64) Version: 17-09-2017 Ran by mcpph (17-09-2017 20:36:10) Run:1 Running from C:\Users\mcpph\Desktop Loaded Profiles: mcpph (Available Profiles: mcpph) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: () C:\ProgramData\WinSxA.exe 2017-09-17 12:04 - 2017-09-17 12:04 - 000423080 _____ () C:\ProgramData\WinSxA.exe OPR Extension: (Quick Searcher) - C:\Users\mcpph\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-09-17] R2 WinSxA; C:\ProgramData\WinSxA.exe [423080 2017-09-17] () 2017-09-17 12:08 - 2017-09-17 12:13 - 000001024 _____ C:\Windows\system32\Drivers\etc\hosts.bak 2017-09-17 12:04 - 2017-09-17 12:05 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Zara 2017-09-17 12:04 - 2017-09-17 12:04 - 000423080 _____ C:\ProgramData\WinSxA.exe 2017-09-17 12:04 - 2017-09-17 12:04 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\spbggb0is40 2017-09-17 12:04 - 2017-09-17 12:04 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\0sziqug0wpx 2017-09-04 17:53 - 2017-09-04 17:53 - 000000000 ____D C:\ProgramData\TEMP Task: {912451C7-F9E9-4711-B671-2FAC485785F4} - System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => C:\\Users\\mcpph\\AppData\\Roaming\\ErrorReporting\\ermgr.exe CMD: winmgmt /resyncperf CMD: lodctr /R CMD: del %temp%\*.* /f /s /q CMD: rd /s /q %temp% Hosts: CMD: bitsadmin /reset /allusers CMD: netsh winsock reset catalog CMD: ipconfig /flushdns RemoveProxy: EmptyTemp: End ***************** Error: (0) Failed to create a restore point. Processes closed successfully. C:\ProgramData\WinSxA.exe => No running process found C:\ProgramData\WinSxA.exe => moved successfully C:\Users\mcpph\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha => not found. HKLM\System\CurrentControlSet\Services\WinSxA => key removed successfully WinSxA => service removed successfully C:\Windows\system32\Drivers\etc\hosts.bak => moved successfully C:\Users\mcpph\AppData\Roaming\Zara => moved successfully "C:\ProgramData\WinSxA.exe" => not found. C:\Users\mcpph\AppData\Roaming\spbggb0is40 => moved successfully C:\Users\mcpph\AppData\Roaming\0sziqug0wpx => moved successfully "C:\ProgramData\TEMP" => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{912451C7-F9E9-4711-B671-2FAC485785F4} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{912451C7-F9E9-4711-B671-2FAC485785F4} => key removed successfully C:\Windows\System32\Tasks\Microsoft\Windows\Windows Error Reporting\ErrorReporting => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Windows Error Reporting\ErrorReporting => key removed successfully ========= winmgmt /resyncperf ========= ========= End of CMD: ========= ========= lodctr /R ========= Error: Unable to rebuild performance counter setting from system backup store, error code is 2 ========= End of CMD: ========= ========= del %temp%\*.* /f /s /q ========= Deleted file - C:\Users\mcpph\AppData\Local\Temp\CProgram FilesOpera47.0.2631.80opera_autoupdate.download.lock Deleted file - C:\Users\mcpph\AppData\Local\Temp\CProgram FilesOpera47.0.2631.80opera_autoupdate.metrics.lock Deleted file - C:\Users\mcpph\AppData\Local\Temp\opera_crashreporter.log Deleted file - C:\Users\mcpph\AppData\Local\Temp\preferences00 Deleted file - C:\Users\mcpph\AppData\Local\Temp\qtsingleapp-Viber-0-1-lockfile Deleted file - C:\Users\mcpph\AppData\Local\Temp\StructuredQuery.log Deleted file - C:\Users\mcpph\AppData\Local\Temp\temp.png ========= End of CMD: ========= ========= rd /s /q %temp% ========= C:\Users\mcpph\AppData\Local\Temp\preferences00 - Access is denied. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 6053888 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 43037210 B Java, Flash, Steam htmlcache => 565 B Windows/system/drivers => 4311 B Edge => 0 B Chrome => 0 B Firefox => 0 B Opera => 158406090 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 0 B NetworkService => 0 B mcpph => 3846366 B RecycleBin => 2412799 B EmptyTemp: => 203.9 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:36:16 ==== Имате ЛС с линк към архива. Сърдечно благодаря за помощта, задължен съм ви за пореден път
  10. Проблем с пукнат и 'черен' екран на Samsung Galaxy S3

    Не, приятелю. Това не е някаква програмка, а цяла операционна система. За да я ползваш, трябва да я инсталираш, или поне да си направиш буутваща флашка, и да работиш оттам. Я сега дай едно разяснение. Дисплеят е счупен, това е ясно. Но телефонът изобщо стартира ли? Защото, ако не, няма смисъл от по-горните упражнения. А ако стартира, много вероятно е и Windows да го разпознае като устройство, ако имаш инсталирани драйвери.
  11. Заповядай - https://www.virustotal.com/#/file/8c4a31fa0f7414fad6be7cb8d835b5700e8d01a0076a6ff7dd58c4f10a001108/detection .
  12. Здравейте, Направих една голяма глупост - изтеглих и опитах да отворя кийген за една програма. Явно е бил фалшив, защото компютърът ми се напълни с какво ли не. Сканирах с Panda, премахна много неща, но има още. Като браузвам в нета, постоянно ми се отварят рекламни страници, при кликване на всеки линк. Отварят се дори и от само себе си, при затворен браузър. Имам системен диск, в краен случай съм готов да преинсталирам, но ако мога да се справя с ваша помощ, ще е чудесно . Прикачвам логовете: Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 16-09-2017 Ran by mcpph (administrator) on DESKTOP-P7903MO (17-09-2017 12:39:55) Running from C:\Users\mcpph\Desktop Loaded Profiles: mcpph (Available Profiles: mcpph) Platform: Windows 10 Home Version 1703 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Opera) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Foxit Software Inc.) C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe (@ByELDI) C:\Program Files\KMSpico\Service_KMS.exe (DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe () C:\ProgramData\WinSxA.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Panda Security, S.L.) C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Opera Software) C:\Program Files\Opera\47.0.2631.80\opera.exe (Intel Corporation) C:\Program Files\Intel\STCServ\STCServ.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [14021336 2015-06-18] (Realtek Semiconductor) HKLM-x32\...\Run: [PSUAMain] => C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe [144520 2017-07-19] (Panda Security, S.L.) HKLM\...\Winlogon: [Userinit] C:\Windows\SysWOW64\userinit.exe, HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832272 2017-08-25] (Skype Technologies S.A.) HKU\S-1-5-21-3410296404-4140097037-1986194597-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\ENDLES~1.SCR [5133824 2015-12-01] (Extreme Internet Software) BootExecute: ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{399be296-21bc-4c44-b88b-015636c079a7}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = FireFox: ======== FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2016-12-23] (Foxit Corporation) Opera: ======= OPR Extension: (Adguard AdBlocker) - C:\Users\mcpph\AppData\Roaming\Opera Software\Opera Stable\Extensions\bopfaehpakahokaelnomggbohfbimcia [2017-09-04] OPR Extension: (Quick Searcher) - C:\Users\mcpph\AppData\Roaming\Opera Software\Opera Stable\Extensions\pbdpajcdgknpendpmecafmopknefafha [2017-09-17] StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 FoxitReaderService; C:\Program Files (x86)\Foxit Software\Foxit Reader\FoxitConnectedPDFService.exe [1659592 2016-12-29] (Foxit Software Inc.) S2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [365040 2017-03-18] (Intel Corporation) S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [177376 2016-08-12] (Intel Corporation) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 NanoServiceMain; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [109024 2017-07-19] (Panda Security, S.L.) R2 PandaAgent; C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [86104 2016-07-19] (Panda Security, S.L.) R2 PSUAService; C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [48784 2017-07-19] (Panda Security, S.L.) R2 Service KMSELDI; C:\Program Files\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [File not signed] R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.) R2 STCServ; C:\Program Files\Intel\STCServ\STCServ.exe [8095456 2015-03-16] (Intel Corporation) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [342264 2017-03-18] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [102816 2017-03-18] (Microsoft Corporation) R2 WinSxA; C:\ProgramData\WinSxA.exe [423080 2017-09-17] () ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus.sys [130688 2016-07-22] (Samsung Electronics Co., Ltd.) S3 epmntdrv; C:\Windows\system32\epmntdrv.sys [33448 2016-12-07] () S3 epmntdrv; C:\Windows\SysWOW64\epmntdrv.sys [21496 2016-01-14] () S3 EuGdiDrv; C:\Windows\system32\EuGdiDrv.sys [10848 2016-07-11] () S3 EuGdiDrv; C:\Windows\SysWOW64\EuGdiDrv.sys [10208 2016-07-11] () R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes) S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2017-09-17] (Malwarebytes) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation) R1 NNSALPC; C:\Windows\system32\DRIVERS\NNSALPC.sys [106976 2017-04-07] (Panda Security, S.L.) R1 NNSHTTP; C:\Windows\system32\DRIVERS\NNSHTTP.sys [211936 2017-04-07] (Panda Security, S.L.) R1 NNSHTTPS; C:\Windows\system32\DRIVERS\NNSHTTPS.sys [121312 2017-04-07] (Panda Security, S.L.) R1 NNSIDS; C:\Windows\system32\DRIVERS\NNSIDS.sys [125920 2017-04-07] (Panda Security, S.L.) R1 NNSNAHSL; C:\Windows\system32\DRIVERS\NNSNAHSL.sys [89960 2017-03-17] (Panda Security, S.L.) R1 NNSPICC; C:\Windows\system32\DRIVERS\NNSPICC.sys [118240 2017-04-07] (Panda Security, S.L.) R1 NNSPIHSW; C:\Windows\system32\DRIVERS\NNSPIHSW.sys [91104 2017-04-07] (Panda Security, S.L.) R1 NNSPOP3; C:\Windows\system32\DRIVERS\NNSPOP3.sys [135648 2017-04-07] (Panda Security, S.L.) R1 NNSPROT; C:\Windows\system32\DRIVERS\NNSPROT.sys [336352 2017-04-07] (Panda Security, S.L.) R1 NNSPRV; C:\Windows\system32\DRIVERS\NNSPRV.sys [226272 2017-04-07] (Panda Security, S.L.) R1 NNSSMTP; C:\Windows\system32\DRIVERS\NNSSMTP.sys [123360 2017-04-07] (Panda Security, S.L.) R1 NNSSTRM; C:\Windows\system32\DRIVERS\NNSSTRM.sys [280032 2017-04-07] (Panda Security, S.L.) R1 NNSTLSC; C:\Windows\system32\DRIVERS\NNSTLSC.sys [125408 2017-04-07] (Panda Security, S.L.) R2 PSINAflt; C:\Windows\system32\DRIVERS\PSINAflt.sys [179168 2017-07-19] (Panda Security, S.L.) R2 PSINFile; C:\Windows\System32\DRIVERS\PSINFile.sys [140256 2017-07-19] (Panda Security, S.L.) R1 PSINKNC; C:\Windows\system32\DRIVERS\PSINKNC.sys [207328 2017-07-19] (Panda Security, S.L.) R2 PSINProc; C:\Windows\System32\DRIVERS\PSINProc.sys [133600 2017-07-19] (Panda Security, S.L.) R2 PSINProt; C:\Windows\system32\DRIVERS\PSINProt.sys [146912 2017-07-19] (Panda Security, S.L.) R2 PSINReg; C:\Windows\system32\DRIVERS\PSINReg.sys [117216 2017-07-19] (Panda Security, S.L.) U3 PSKMAD; C:\Windows\System32\DRIVERS\PSKMAD.sys [72648 2017-05-22] (Panda Security, S.L.) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2017-03-18] (Realtek ) S3 SDFRd; C:\Windows\System32\drivers\SDFRd.sys [31128 2017-03-18] () S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [164992 2016-07-22] (Samsung Electronics Co., Ltd.) S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44632 2017-03-18] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [294816 2017-03-18] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [121248 2017-03-18] (Microsoft Corporation) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-17 12:39 - 2017-09-17 12:40 - 000010125 _____ C:\Users\mcpph\Desktop\FRST.txt 2017-09-17 12:39 - 2017-09-17 12:39 - 002398720 _____ (Farbar) C:\Users\mcpph\Desktop\FRST64.exe 2017-09-17 12:39 - 2017-09-17 12:39 - 000000000 ____D C:\FRST 2017-09-17 12:08 - 2017-09-17 12:13 - 000001024 _____ C:\Windows\system32\Drivers\etc\hosts.bak 2017-09-17 12:04 - 2017-09-17 12:05 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Zara 2017-09-17 12:04 - 2017-09-17 12:04 - 000423080 _____ C:\ProgramData\WinSxA.exe 2017-09-17 12:04 - 2017-09-17 12:04 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\spbggb0is40 2017-09-17 12:04 - 2017-09-17 12:04 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\0sziqug0wpx 2017-09-17 12:03 - 2017-09-17 12:07 - 000001654 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ореrа Вrоwsеr.lnk 2017-09-16 08:28 - 2017-09-16 21:13 - 000000000 ____D C:\Users\mcpph\AppData\Local\Samsung 2017-09-16 08:28 - 2017-09-16 08:28 - 000000000 ____D C:\Users\Public\Documents\NativeFus_Log 2017-09-16 08:28 - 2017-09-16 08:28 - 000000000 ____D C:\Users\mcpph\Documents\samsung 2017-09-16 08:27 - 2017-09-16 08:27 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf 2017-09-15 21:10 - 2017-09-16 21:13 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Samsung 2017-09-15 21:10 - 2016-07-22 10:21 - 000164992 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys 2017-09-15 21:10 - 2016-07-22 10:21 - 000130688 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus.sys 2017-09-15 21:09 - 2017-09-16 21:13 - 000000000 ____D C:\ProgramData\Samsung 2017-09-15 21:09 - 2017-09-15 21:10 - 000000000 ____D C:\Program Files (x86)\Samsung 2017-09-15 21:09 - 2016-05-18 14:49 - 004659712 _____ (Dmitry Streblechenko) C:\Windows\SysWOW64\Redemption.dll 2017-09-15 21:09 - 2016-05-18 14:49 - 000144664 _____ (MAPILab Ltd. & Add-in Express Ltd.) C:\Windows\SysWOW64\secman.dll 2017-09-15 21:08 - 2017-09-15 21:08 - 000000000 ____D C:\Users\mcpph\AppData\Local\Downloaded Installations 2017-09-12 15:13 - 2017-09-12 15:13 - 000000911 _____ C:\Users\mcpph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ExifPro 2.1.lnk 2017-09-12 09:35 - 2017-09-17 12:07 - 000192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-09-12 09:35 - 2017-09-12 09:35 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2017-09-12 09:35 - 2017-09-12 09:35 - 000000000 ____D C:\ProgramData\Malwarebytes 2017-09-12 09:35 - 2017-09-12 09:35 - 000000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2017-09-12 09:35 - 2015-10-05 09:50 - 000109272 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamchameleon.sys 2017-09-12 09:35 - 2015-10-05 09:50 - 000064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2017-09-12 09:35 - 2015-10-05 09:50 - 000025816 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys 2017-09-05 23:33 - 2017-09-05 23:33 - 000000000 ____D C:\Program Files\Reference Assemblies 2017-09-05 23:33 - 2017-09-05 23:33 - 000000000 ____D C:\Program Files\MSBuild 2017-09-05 23:33 - 2017-09-05 23:33 - 000000000 ____D C:\Program Files (x86)\Reference Assemblies 2017-09-05 23:33 - 2017-09-05 23:33 - 000000000 ____D C:\Program Files (x86)\MSBuild 2017-09-05 23:33 - 2017-02-10 11:26 - 001166520 _____ (Microsoft Corporation) C:\Windows\system32\PresentationNative_v0300.dll 2017-09-05 23:33 - 2017-02-10 11:26 - 000124624 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2017-09-05 23:33 - 2017-02-10 11:26 - 000035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2017-09-05 23:33 - 2017-02-10 11:21 - 000778936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationNative_v0300.dll 2017-09-05 23:33 - 2017-02-10 11:21 - 000103120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PresentationCFFRasterizerNative_v0300.dll 2017-09-05 23:33 - 2017-02-10 11:21 - 000035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe 2017-09-05 23:27 - 2017-09-05 23:27 - 000000000 ____D C:\Users\mcpph\AppData\Local\ElevatedDiagnostics 2017-09-05 23:24 - 2017-09-05 23:24 - 000000000 ____D C:\Windows\SysWOW64\directx 2017-09-05 23:21 - 2017-09-05 23:21 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\WinRAR 2017-09-04 22:44 - 2017-09-04 22:45 - 000000000 _____ C:\Recovery.txt 2017-09-04 19:29 - 2017-09-04 08:51 - 000000000 ____D C:\Windows\Panther 2017-09-04 18:30 - 2017-09-04 18:30 - 000000000 _SHDL C:\Documents and Settings 2017-09-04 18:29 - 2017-09-17 12:36 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-09-04 18:29 - 2017-09-17 09:31 - 000000000 ____D C:\Windows\system32\SleepStudy 2017-09-04 18:29 - 2017-09-04 18:29 - 000000000 ____D C:\Windows\ServiceProfiles 2017-09-04 18:29 - 2017-09-04 09:56 - 000267480 _____ C:\Windows\system32\FNTCACHE.DAT 2017-09-04 17:53 - 2017-09-04 17:54 - 000000000 ____D C:\Users\mcpph\AppData\Local\Easy CD-DA Extractor 2017-09-04 17:53 - 2017-09-04 17:53 - 000000000 ____D C:\ProgramData\TEMP 2017-09-04 17:53 - 2017-09-04 17:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Easy CD-DA Extractor 16 2017-09-04 17:53 - 2017-09-04 17:53 - 000000000 ____D C:\ProgramData\Easy CD-DA Extractor 2017-09-04 17:53 - 2017-09-04 17:53 - 000000000 ____D C:\Program Files\Easy CD-DA Extractor 16 2017-09-04 17:50 - 2017-09-04 17:50 - 000000000 ____D C:\Users\mcpph\AppData\Local\Kolor 2017-09-04 17:50 - 2017-09-04 17:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kolor 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Mozilla 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\IObit 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\LocalLow\Mozilla 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\Local\Turbo.net 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\Local\Mozilla 2017-09-04 17:48 - 2017-09-04 17:48 - 000000000 ____D C:\Users\mcpph\AppData\Local\CrashDumps 2017-09-04 14:36 - 2017-09-04 17:50 - 000000000 ____D C:\Program Files\Kolor 2017-09-04 11:30 - 2017-09-04 11:30 - 000000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf 2017-09-04 11:23 - 2017-09-04 11:23 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Yamicsoft 2017-09-04 11:23 - 2017-09-04 11:23 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Yamicsoft 2017-09-04 11:23 - 2017-09-04 11:23 - 000000000 ____D C:\Users\mcpph\AppData\Local\DBG 2017-09-04 11:23 - 2017-09-04 11:23 - 000000000 ____D C:\Program Files\Yamicsoft 2017-09-04 10:15 - 2017-09-04 10:15 - 000000000 ____D C:\Users\mcpph\Documents\Adobe 2017-09-04 10:13 - 2017-09-04 10:13 - 000000000 ____D C:\Program Files\Common Files\Adobe 2017-09-04 10:08 - 2017-09-04 10:13 - 000000000 ____D C:\Program Files\Adobe 2017-09-04 10:08 - 2017-09-04 10:08 - 000001029 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Lightroom.lnk 2017-09-04 10:08 - 2017-09-04 10:08 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe 2017-09-04 10:07 - 2017-09-04 10:13 - 000000000 ____D C:\ProgramData\Adobe 2017-09-04 10:07 - 2017-09-04 10:07 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Macromedia 2017-09-04 10:04 - 2017-09-04 10:04 - 000000000 ____D C:\Users\mcpph\AppData\Local\4kdownload.com 2017-09-04 10:04 - 2017-09-04 10:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\4K Download 2017-09-04 10:04 - 2017-09-04 10:04 - 000000000 ____D C:\Program Files (x86)\4KDownload 2017-09-04 09:58 - 2017-09-04 09:58 - 000001531 ____H C:\Windows\EPMBatch.ept 2017-09-04 09:55 - 2017-09-16 21:13 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information 2017-09-04 09:55 - 2017-09-04 09:55 - 000000000 ___HD C:\Program Files (x86)\Temp 2017-09-04 09:55 - 2017-09-04 09:55 - 000000000 ____D C:\Windows\SysWOW64\RTCOM 2017-09-04 09:55 - 2017-09-04 09:55 - 000000000 ____D C:\Program Files\Realtek 2017-09-04 09:55 - 2017-09-04 09:55 - 000000000 ____D C:\Program Files (x86)\Realtek 2017-09-04 09:55 - 2015-06-18 18:45 - 004496600 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RTKVHD64.sys 2017-09-04 09:55 - 2015-06-18 17:59 - 002862488 _____ C:\Windows\system32\Drivers\RTAIODAT.DAT 2017-09-04 09:55 - 2015-06-17 19:47 - 002930904 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RltkAPO64.dll 2017-09-04 09:55 - 2015-06-17 14:45 - 003234520 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkApi64.dll 2017-09-04 09:55 - 2015-06-15 17:39 - 001748184 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RCoInstII64.dll 2017-09-04 09:55 - 2015-05-27 17:38 - 002825944 _____ (Realtek Semiconductor Corp.) C:\Windows\RtlExUpd.dll 2017-09-04 09:55 - 2015-05-26 11:59 - 000166616 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCfg64.dll 2017-09-04 09:55 - 2015-05-25 15:18 - 003195416 _____ (Fortemedia Corporation) C:\Windows\system32\FMAPO64.dll 2017-09-04 09:55 - 2015-05-18 14:47 - 002702040 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTSnMg64.cpl 2017-09-04 09:55 - 2015-05-15 19:27 - 002918104 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtPgEx64.dll 2017-09-04 09:55 - 2015-05-15 16:32 - 001316056 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RTCOM64.dll 2017-09-04 09:55 - 2014-11-11 13:44 - 000631000 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtDataProc64.dll 2017-09-04 09:55 - 2014-06-09 10:59 - 000560328 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAC64.dll 2017-09-04 09:55 - 2014-04-10 12:19 - 002041432 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioEQ64.dll 2017-09-04 09:55 - 2014-01-08 15:25 - 000397592 _____ (Creative Technology Ltd.) C:\Windows\system32\MBWrp64.dll 2017-09-04 09:55 - 2013-10-11 12:47 - 000113576 _____ (Real Sound Lab SIA) C:\Windows\system32\CONEQMSAPOGUILibrary.dll 2017-09-04 09:55 - 2012-06-08 16:21 - 000897152 _____ (Creative Technology Ltd.) C:\Windows\system32\MBAPO64.dll 2017-09-04 09:55 - 2012-06-08 16:21 - 000753280 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\MBAPO32.dll 2017-09-04 09:55 - 2012-03-08 11:47 - 000108640 _____ (Andrea Electronics Corporation) C:\Windows\system32\AERTAR64.dll 2017-09-04 09:55 - 2011-12-20 15:32 - 000331880 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtlCPAPI64.dll 2017-09-04 09:55 - 2011-12-16 14:57 - 000065112 _____ (Creative Technology Ltd.) C:\Windows\system32\MBppld64.dll 2017-09-04 09:55 - 2011-11-22 16:28 - 000014952 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\RtkCoLDR64.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000375128 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEP64A.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DHT64.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000310104 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RP3DAA64.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000204120 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEED64A.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000101208 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEL64A.dll 2017-09-04 09:55 - 2010-11-08 07:31 - 000078680 _____ (Dolby Laboratories, Inc.) C:\Windows\system32\RTEEG64A.dll 2017-09-04 09:55 - 2010-09-27 09:34 - 000318808 _____ (Waves Audio Ltd.) C:\Windows\system32\MaxxAudioAPO20.dll 2017-09-04 09:55 - 2009-11-24 09:55 - 000518896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSX64.dll 2017-09-04 09:55 - 2009-11-24 09:55 - 000211184 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSTSH64.dll 2017-09-04 09:55 - 2009-11-24 09:55 - 000198896 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSHP64.dll 2017-09-04 09:55 - 2009-11-24 09:55 - 000155888 _____ (SRS Labs, Inc.) C:\Windows\system32\SRSWOW64.dll 2017-09-04 09:55 - 2009-11-18 07:13 - 000060504 _____ (Creative Technology Ltd.) C:\Windows\system32\MBPPCn64.dll 2017-09-04 09:54 - 2017-09-13 19:40 - 000000000 ____D C:\Program Files\Recuva 2017-09-04 09:54 - 2017-09-04 09:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2017-09-04 09:51 - 2017-09-17 12:32 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\vlc 2017-09-04 09:51 - 2017-09-04 09:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN 2017-09-04 09:51 - 2017-09-04 09:51 - 000000000 ____D C:\Program Files (x86)\VideoLAN 2017-09-04 09:50 - 2017-09-04 09:50 - 000000000 ____D C:\Users\mcpph\AppData\Local\Foxit Reader 2017-09-04 09:49 - 2017-09-04 09:50 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Foxit Software 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\Users\Public\Foxit Software 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Foxit AgentInformation 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Foxit Reader 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\ProgramData\Foxit Software 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\ProgramData\Foxit ContentPlatform 2017-09-04 09:49 - 2017-09-04 09:49 - 000000000 ____D C:\Program Files (x86)\Foxit Software 2017-09-04 09:48 - 2017-09-04 09:48 - 000000000 ____D C:\Users\mcpph\AppData\Local\Viber 2017-09-04 09:47 - 2017-09-16 12:23 - 000000000 ____D C:\Users\mcpph\Documents\ViberDownloads 2017-09-04 09:45 - 2017-09-16 12:22 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\ViberPC 2017-09-04 09:45 - 2017-09-04 09:45 - 000001033 _____ C:\Users\mcpph\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2017-09-04 09:45 - 2017-09-04 09:45 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2017-09-04 09:45 - 2017-09-04 09:45 - 000000000 ____D C:\Users\mcpph\AppData\Local\Viber Media S.à r.l 2017-09-04 09:45 - 2017-09-04 09:45 - 000000000 ____D C:\Users\mcpph\AppData\Local\Package Cache 2017-09-04 09:41 - 2017-09-04 09:41 - 000000691 _____ C:\Users\mcpph\Desktop\VIDEO.lnk 2017-09-04 09:40 - 2017-09-04 09:40 - 000000716 _____ C:\Users\mcpph\Desktop\DOWNLOAD.lnk 2017-09-04 09:40 - 2017-09-04 09:40 - 000000691 _____ C:\Users\mcpph\Desktop\AUDIO.lnk 2017-09-04 09:40 - 2017-09-04 09:40 - 000000000 ____D C:\ProgramData\ShellIcons 2017-09-04 09:39 - 2017-09-04 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Speccy 2017-09-04 09:39 - 2017-09-04 09:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\EaseUS Partition Master 12.5 2017-09-04 09:39 - 2017-09-04 09:39 - 000000000 ____D C:\Program Files\Speccy 2017-09-04 09:38 - 2017-09-04 09:38 - 000000000 ____D C:\Program Files (x86)\EaseUS 2017-09-04 09:38 - 2017-08-08 17:49 - 004027072 _____ C:\Windows\system32\BootMan.exe 2017-09-04 09:38 - 2017-08-08 17:49 - 003037376 _____ C:\Windows\SysWOW64\BootMan.exe 2017-09-04 09:38 - 2016-12-07 13:26 - 000033448 _____ C:\Windows\system32\epmntdrv.sys 2017-09-04 09:38 - 2016-07-11 10:01 - 000101984 _____ C:\Windows\system32\setupempdrvx64.exe 2017-09-04 09:38 - 2016-07-11 10:01 - 000088160 _____ C:\Windows\SysWOW64\setupempdrv03.exe 2017-09-04 09:38 - 2016-07-11 10:01 - 000010848 _____ C:\Windows\system32\EuGdiDrv.sys 2017-09-04 09:38 - 2016-07-11 10:01 - 000010208 _____ C:\Windows\SysWOW64\EuGdiDrv.sys 2017-09-04 09:38 - 2016-07-08 15:28 - 000248832 _____ C:\Windows\SysWOW64\epmntdrv.pdb 2017-09-04 09:38 - 2016-01-14 10:05 - 000021496 _____ C:\Windows\SysWOW64\epmntdrv.sys 2017-09-04 09:38 - 2014-11-18 14:46 - 000021088 _____ C:\Windows\SysWOW64\EuEpmGdi.dll 2017-09-04 09:38 - 2014-11-18 14:46 - 000017504 _____ C:\Windows\system32\EuEpmGdi.dll 2017-09-04 09:37 - 2017-09-04 09:37 - 000000000 ____D C:\Users\mcpph\AppData\Local\FastStone 2017-09-04 09:37 - 2017-09-04 09:37 - 000000000 ____D C:\ProgramData\FastStone 2017-09-04 09:36 - 2017-09-04 09:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Capture 2017-09-04 09:36 - 2017-09-04 09:38 - 000000000 ____D C:\Program Files (x86)\FastStone Capture 2017-09-04 09:31 - 2017-09-12 22:12 - 000004650 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-09-04 09:31 - 2017-09-12 21:38 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-09-04 09:30 - 2017-09-12 22:12 - 000000000 ____D C:\Users\mcpph\AppData\Local\Adobe 2017-09-04 09:27 - 2017-09-04 09:37 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\FastStone 2017-09-04 09:26 - 2017-09-04 09:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FastStone Image Viewer 2017-09-04 09:26 - 2017-09-04 09:26 - 000000000 ____D C:\Program Files (x86)\FastStone Image Viewer 2017-09-04 09:14 - 2017-09-09 17:38 - 000000000 ____D C:\Program Files\Opera 2017-09-04 09:14 - 2017-09-09 07:08 - 000003958 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1504505679 2017-09-04 09:14 - 2017-09-04 09:14 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Opera Software 2017-09-04 09:14 - 2017-09-04 09:14 - 000000000 ____D C:\Users\mcpph\AppData\Local\Opera Software 2017-09-04 09:12 - 2017-09-04 10:04 - 000003834 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 2017-09-04 09:12 - 2017-09-04 09:12 - 000003604 _____ C:\Windows\System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon 2017-09-04 09:12 - 2017-09-04 09:12 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel 2017-09-04 09:12 - 2017-09-04 09:12 - 000000000 ____D C:\ProgramData\Intel(R) Update Manager 2017-09-04 09:11 - 2017-09-06 10:25 - 000000000 ____D C:\Users\mcpph\AppData\Local\Share Link 2017-09-04 09:11 - 2017-09-04 10:04 - 000000000 ____D C:\ProgramData\Intel 2017-09-04 09:11 - 2017-09-04 09:11 - 000003394 _____ C:\Windows\System32\Tasks\IntelBootstrapCCDashExe 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Connect Center 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ____D C:\Program Files\WinRAR 2017-09-04 09:11 - 2017-09-04 09:11 - 000000000 ____D C:\Program Files (x86)\ASUS 2017-09-04 09:09 - 2017-09-12 15:13 - 000000000 ____D C:\Program Files\ExifPro 2.1 2017-09-04 09:09 - 2017-09-04 09:09 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\MiK 2017-09-04 09:09 - 2017-09-04 09:09 - 000000000 ____D C:\Users\mcpph\AppData\Local\MicrosoftEdge 2017-09-04 09:09 - 2017-09-04 09:09 - 000000000 ____D C:\ProgramData\MiK 2017-09-04 09:06 - 2017-09-04 09:25 - 000000551 _____ C:\Users\mcpph\Desktop\PHOTOS.lnk 2017-09-04 09:06 - 2017-09-04 09:06 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Endless Slideshow Screensaver 2017-09-04 09:06 - 2017-09-04 09:06 - 000000000 ____D C:\Program Files (x86)\Endless Slideshow Screensaver 2017-09-04 09:06 - 2015-12-01 16:11 - 005133824 _____ (Extreme Internet Software) C:\Windows\Endless-Slideshow.scr 2017-09-04 09:06 - 2013-02-06 18:30 - 000337408 _____ (www.imageen.com) C:\Windows\dcrawlib.dll 2017-09-04 09:06 - 2012-05-21 13:43 - 001274880 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\libeay32.dll 2017-09-04 09:06 - 2012-05-21 13:43 - 000330752 _____ (The OpenSSL Project, hxxp://www.openssl.org/) C:\Windows\ssleay32.dll 2017-09-04 09:06 - 2007-06-23 08:29 - 000084992 _____ C:\Windows\jbiglib.dll 2017-09-04 09:06 - 2005-08-30 07:00 - 003919872 _____ C:\Windows\imagemagick.dll 2017-09-04 08:59 - 2017-09-04 14:36 - 000000000 ____D C:\ProgramData\Package Cache 2017-09-04 08:59 - 2017-09-04 08:59 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-09-04 08:59 - 2017-09-04 08:59 - 000000000 ____D C:\Users\mcpph\Tracing 2017-09-04 08:59 - 2017-09-04 08:59 - 000000000 ____D C:\ProgramData\Skype 2017-09-04 08:59 - 2017-09-04 08:59 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-09-04 08:49 - 2017-09-04 08:49 - 000002870 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-09-04 08:49 - 2017-09-04 08:49 - 000002298 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Protection.lnk 2017-09-04 08:49 - 2017-09-04 08:49 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Panda Security 2017-09-04 08:49 - 2017-09-04 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Panda Protection 2017-09-04 08:49 - 2017-09-04 08:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-09-04 08:49 - 2017-09-04 08:49 - 000000000 ____D C:\Program Files\CCleaner 2017-09-04 08:49 - 2017-09-04 08:49 - 000000000 ____D C:\Program Files (x86)\Panda Security 2017-09-04 08:49 - 2017-07-19 05:31 - 000207328 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINKNC.sys 2017-09-04 08:49 - 2017-07-19 05:31 - 000179168 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINAflt.sys 2017-09-04 08:49 - 2017-07-19 05:31 - 000146912 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProt.sys 2017-09-04 08:49 - 2017-07-19 05:31 - 000140256 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINFile.sys 2017-09-04 08:49 - 2017-07-19 05:31 - 000133600 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINProc.sys 2017-09-04 08:49 - 2017-07-19 05:31 - 000117216 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSINReg.sys 2017-09-04 08:49 - 2017-05-22 08:01 - 000072648 _____ (Panda Security, S.L.) C:\Windows\system32\Drivers\PSKMAD.sys 2017-09-04 08:48 - 2017-09-04 08:49 - 000000000 ____D C:\ProgramData\Panda Security 2017-09-04 08:43 - 2017-09-04 08:43 - 000000716 _____ C:\Users\mcpph\Desktop\SOFTWARE.lnk 2017-09-04 08:40 - 2017-09-09 18:51 - 000000000 ____D C:\Wallpaper 2017-09-04 08:37 - 2017-09-04 08:37 - 000004608 _____ C:\Windows\SECOH-QAD.exe 2017-09-04 08:37 - 2017-09-04 08:37 - 000003584 _____ C:\Windows\SECOH-QAD.dll 2017-09-04 08:37 - 2017-09-04 08:37 - 000003476 _____ C:\Windows\System32\Tasks\AutoPico Daily Restart 2017-09-04 08:37 - 2017-09-04 08:37 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico 2017-09-04 08:37 - 2017-09-04 08:37 - 000000000 ____D C:\Program Files\KMSpico 2017-09-04 08:37 - 2010-12-06 05:16 - 000090112 _____ (Vestris Inc.) C:\Windows\system32\Vestris.ResourceLib.dll 2017-09-04 08:36 - 2017-09-17 12:39 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Skype 2017-09-04 08:36 - 2017-09-17 12:20 - 001259196 _____ C:\Windows\system32\PerfStringBackup.INI 2017-09-04 08:36 - 2017-09-04 08:51 - 000000000 ___RD C:\Users\mcpph\OneDrive 2017-09-04 08:36 - 2017-09-04 08:36 - 000000000 ____D C:\Users\mcpph\AppData\Local\Comms 2017-09-04 08:35 - 2017-09-04 09:12 - 000000000 ____D C:\Program Files (x86)\Intel 2017-09-04 08:35 - 2017-09-04 09:11 - 000000000 ____D C:\Program Files\Intel 2017-09-04 08:35 - 2017-09-04 08:36 - 000000200 _____ C:\Windows\system32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat 2017-09-04 08:35 - 2017-09-04 08:35 - 000000000 ____D C:\ProgramData\Microsoft OneDrive 2017-09-04 08:35 - 2017-09-04 08:35 - 000000000 ____D C:\Intel 2017-09-04 08:35 - 2017-09-04 08:35 - 000000000 _____ C:\Windows\system32\GfxValDisplayLog.bin 2017-09-04 08:35 - 2017-09-04 08:23 - 000000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-09-04 08:35 - 2017-09-04 08:23 - 000000000 __SHD C:\Users\mcpph\IntelGraphicsProfiles 2017-09-04 08:35 - 2017-03-18 08:35 - 000095216 _____ (Khronos Group) C:\Windows\SysWOW64\OpenCL.DLL 2017-09-04 08:35 - 2017-03-18 08:35 - 000091120 _____ (Khronos Group) C:\Windows\system32\OpenCL.DLL 2017-09-04 08:34 - 2017-09-04 17:49 - 000000000 ____D C:\Users\mcpph\AppData\Roaming\Adobe 2017-09-04 08:34 - 2017-09-04 17:47 - 000000000 ____D C:\Users\mcpph\AppData\Local\Packages 2017-09-04 08:34 - 2017-09-04 08:35 - 000000000 ____D C:\Users\mcpph\AppData\Local\ConnectedDevicesPlatform 2017-09-04 08:34 - 2017-09-04 08:34 - 000000000 __RHD C:\Users\Public\AccountPictures 2017-09-04 08:34 - 2017-09-04 08:34 - 000000000 ____D C:\Users\mcpph\AppData\Local\VirtualStore 2017-09-04 08:34 - 2017-09-04 08:34 - 000000000 ____D C:\Users\mcpph\AppData\Local\TileDataLayer 2017-09-04 08:34 - 2017-09-04 08:34 - 000000000 ____D C:\Users\mcpph\AppData\Local\Publishers 2017-09-04 08:33 - 2017-09-13 19:41 - 000000000 ____D C:\Users\mcpph 2017-09-04 08:33 - 2017-09-04 08:33 - 000000020 ___SH C:\Users\mcpph\ntuser.ini 2017-09-04 08:33 - 2017-09-04 08:33 - 000000000 ____D C:\ProgramData\USOShared 2017-09-04 08:32 - 2017-07-12 07:39 - 000942592 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll 2017-09-04 08:32 - 2017-03-18 23:56 - 002233344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll 2017-09-04 08:32 - 2017-03-18 07:59 - 004164608 _____ (Microsoft Corporation) C:\Windows\system32\NlsLexicons0002.dll 2017-09-04 08:32 - 2017-03-18 07:55 - 000164864 _____ (Microsoft Corporation) C:\Windows\system32\NlsData0002.dll 2017-09-04 08:32 - 2017-03-18 07:54 - 001914368 _____ (Microsoft Corporation) C:\Windows\system32\MLS2.dll 2017-09-04 08:32 - 2017-03-18 07:43 - 004164608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsLexicons0002.dll 2017-09-04 08:32 - 2017-03-18 07:40 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\NlsData0002.dll 2017-09-04 08:32 - 2017-03-18 07:39 - 001868288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MLS2.dll ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-09-17 12:36 - 2017-03-18 14:40 - 000524288 _____ C:\Windows\system32\config\BBI 2017-09-17 12:22 - 2017-03-19 00:01 - 000000000 ____D C:\Windows\INF 2017-09-12 22:12 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-09-12 22:12 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\system32\Macromed 2017-09-05 23:33 - 2017-03-18 23:51 - 000000000 ____D C:\Windows\CbsTemp 2017-09-05 08:03 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\appcompat 2017-09-04 19:28 - 2017-03-19 00:03 - 000028672 _____ C:\Windows\system32\config\BCD-Template 2017-09-04 18:30 - 2017-03-18 14:40 - 000000000 ____D C:\Windows\system32\Sysprep 2017-09-04 18:29 - 2017-03-19 05:31 - 000000000 ____D C:\Windows\HoloShell 2017-09-04 18:29 - 2017-03-19 00:03 - 000000000 ___RD C:\Windows\PrintDialog 2017-09-04 18:29 - 2017-03-19 00:03 - 000000000 ___RD C:\Windows\MiracastView 2017-09-04 18:29 - 2017-03-19 00:03 - 000000000 ___RD C:\Windows\ImmersiveControlPanel 2017-09-04 18:29 - 2017-03-18 14:40 - 000032768 _____ C:\Windows\system32\config\ELAM 2017-09-04 17:47 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\AppReadiness 2017-09-04 11:34 - 2017-03-19 00:03 - 000000000 ___HD C:\Program Files\WindowsApps 2017-09-04 10:07 - 2017-03-19 00:03 - 000000000 ____D C:\Program Files\Common Files\microsoft shared 2017-09-04 08:49 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy 2017-09-04 08:49 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\system32\GroupPolicy 2017-09-04 08:47 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\Cursors 2017-09-04 08:33 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\system32\WinBioDatabase 2017-09-04 08:33 - 2017-03-19 00:03 - 000000000 ____D C:\ProgramData\USOPrivate 2017-09-04 08:32 - 2017-03-19 05:30 - 000000000 ____D C:\Windows\OCR 2017-09-04 08:32 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\system32\spool 2017-09-04 08:32 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\system32\FxsTmp 2017-09-04 08:31 - 2017-03-19 00:03 - 000000000 ____D C:\Windows\rescache 2017-09-04 08:31 - 2017-03-19 00:03 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft ==================== Files in the root of some directories ======= 2017-09-17 12:04 - 2017-09-17 12:04 - 000423080 _____ () C:\ProgramData\WinSxA.exe Files to move or delete: ==================== C:\ProgramData\WinSxA.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-09-04 18:29 ==================== End of FRST.txt ============================ Addition.txt Panda_report.txt
  13. Мето, виж сега ... Тук не сме се събрали група адвокати, които дават безплатни консултации. Така че въпросите ти не са за този форум. Да, има 2-3 юристи, но те влизат рядко, и отговарят на въпроси само ако имат желание. Така че - наеми си свестен адвокат, и се съветвай с него. Аз мога да ти кажа само, че ако едно лице няма собственост на даден адрес, но е регистрирано там - това нищо не значи, и не дава право на ЧСИ да влиза и да извършва каквито и да е действия в чужд имот. Даже и полицията няма право, без съответната заповед. В България доста време имаше един период, в който всеки можеше да си направи адресна регистрация навсякъде, и много хора злоупотребяваха с това.
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.