Премини към съдържанието

sheky

Потребител
  • Публикации

    1419
  • Регистрация

  • Последно онлайн

Харесвания

442 Супер репутация

11 Последователи

Всичко за sheky

  • Титла
    kaldata маниак
  • Рожден ден 13.09.1978

Информация

  • Пол
    Мъж

Последни посетители

Информацията с последните посетители на профила ви е изключена и не се показва на другите потребители.

  1. Здравейте! Дайте идея как бих могъл да сканирам или следя в реално време, при стартиране на някакъв ехе файл, какви промени прави по windows или по скоро, в кои файлове пише?
  2. sheky

    Скайп проблеми

    Благодаря
  3. sheky

    Скайп проблеми

    Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by Sheky (12-04-2017 22:59:25) Run:3 Running from C:\Users\Sheky\Desktop Loaded Profiles: Sheky (Available Profiles: Sheky) Boot Mode: Normal ============================================== fixlist content: ***************** start createrestorepoint: DeleteKey: HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} DeleteKey: HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} hosts: end ***************** Restore point was successfully created. HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} => key removed successfully HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} => key removed successfully C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ==== End of Fixlog 22:59:47 ====
  4. sheky

    Скайп проблеми

    Results of screen317's Security Check version 1.014 --- 12/23/15 x64 (UAC is enabled) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Windows Defender 360 Total Security WMI entry may not exist for antivirus; attempting automatic update. `````````Anti-malware/Other Utilities Check:````````` Mozilla Firefox (52.0.2) Google Chrome (57.0.2987.133) Google Chrome (SetupMetrics...) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbamtray.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: % ````````````````````End of Log`````````````````````` Не. За момента няма самоволни изпращания на съобщения.
  5. sheky

    Скайп проблеми

    Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by Sheky (11-04-2017 20:47:14) Run:2 Running from C:\Users\Sheky\Desktop Loaded Profiles: Sheky (Available Profiles: Sheky) Boot Mode: Normal ============================================== fixlist content: ***************** start HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\...\MountPoints2: {2b5bbc35-db08-11e6-8261-28d244e8a10d} - "G:\autorun.exe" SearchScopes: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} CHR Extension: (Chrome Media Router) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-21] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx 2017-04-09 15:31 - 2017-04-09 15:31 - 00001155 _____ C:\Users\Sheky\Desktop\JRT.txt 2017-04-09 15:30 - 2017-04-09 15:30 - 00003907 _____ C:\Users\Sheky\Desktop\AdwCleaner[S0].txt 2017-04-09 15:27 - 2017-04-09 15:27 - 00004150 _____ C:\Users\Sheky\Desktop\AdwCleaner[C0].txt 2017-04-09 15:19 - 2017-04-09 15:24 - 00000000 ____D C:\AdwCleaner 2017-04-09 15:17 - 2017-04-09 15:17 - 04089296 _____ C:\Users\Sheky\Desktop\adwcleaner_6.045.exe 2017-04-09 15:17 - 2017-04-09 15:17 - 01663904 _____ (Malwarebytes) C:\Users\Sheky\Desktop\JRT.exe 2014-09-16 10:16 - 2014-09-16 10:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl Task: {07BA9A43-6ABF-41D4-B540-CB4A65FB69D1} - System32\Tasks\{E1C5D7F9-1C8D-4F3F-A6EA-EC64F74E5389} => Chrome.exe hxxps://ui.skype.com/ui/0/7.34.0.102/bg/abandoninstall?page=tsProgressBar Task: {4654E0AF-4C6D-46EF-AF16-1CED1153540E} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-05-30] (Lenovo) Task: {5E70EC5A-64D5-4CBE-BC34-058D2F497E2F} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => %ProgramFiles%\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe Task: {EFEFF63C-C507-4320-9575-21FC08EAE362} - System32\Tasks\{B1E09098-19DF-40A2-9F0F-1680B923934D} => Chrome.exe hxxps://ui.skype.com/ui/0/7.34.0.102/bg/abandoninstall?page=tsProgressBar FirewallRules: [TCP Query User{E5C53580-FDD8-4413-9DC5-C2DCA22E969C}C:\users\Sheky\downloads\anydesk (1).exe] => (Allow) C:\users\Sheky\downloads\anydesk (1).exe FirewallRules: [UDP Query User{443A2B85-B6EA-4A3F-AFBC-F3A9DFB41CCD}C:\users\Sheky\downloads\anydesk (1).exe] => (Allow) C:\users\Sheky\downloads\anydesk (1).exe FirewallRules: [TCP Query User{AC3A78E0-F3B3-4734-8DB0-0B4306332511}C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe FirewallRules: [UDP Query User{3637F0C2-B894-49CD-AF02-EF2E3D4FC7B0}C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe FirewallRules: [TCP Query User{14DFB07D-4676-4EE6-AF63-5A7275BE4A73}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [UDP Query User{D9895B2A-9449-4EA7-B4F0-2A2EBBF28232}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe FirewallRules: [TCP Query User{ED64731B-FCA5-4D3B-8120-87B717B1CB2E}C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe FirewallRules: [UDP Query User{6C65DF8F-22CD-4712-81BD-11B1EB58309C}C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe] => (Allow) C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe FirewallRules: [{9C2EA9E1-F4C5-46AD-BA06-E8A6E1816CFC}] => (Allow) LPort=55100 Hosts: cmd: bitsadmin /reset /allusers cmd: netsh winsock reset catalog cmd: ipconfig /flushdns EmptyTemp: Reboot: end ***************** HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2b5bbc35-db08-11e6-8261-28d244e8a10d} => key removed successfully HKCR\CLSID\{2b5bbc35-db08-11e6-8261-28d244e8a10d} => key not found. HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value not found. HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found. C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\efaidnbmnnnibpcajpcglclefindmkaj => key not found. HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\glcimepnljoholdmjchkloafkggfoijh => key not found. C:\Users\Sheky\Desktop\JRT.txt => moved successfully C:\Users\Sheky\Desktop\AdwCleaner[S0].txt => moved successfully C:\Users\Sheky\Desktop\AdwCleaner[C0].txt => moved successfully "C:\AdwCleaner" => not found. C:\Users\Sheky\Desktop\adwcleaner_6.045.exe => moved successfully C:\Users\Sheky\Desktop\JRT.exe => moved successfully C:\ProgramData\DP45977C.lfl => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{07BA9A43-6ABF-41D4-B540-CB4A65FB69D1} => key not found. C:\windows\System32\Tasks\{E1C5D7F9-1C8D-4F3F-A6EA-EC64F74E5389} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E1C5D7F9-1C8D-4F3F-A6EA-EC64F74E5389} => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4654E0AF-4C6D-46EF-AF16-1CED1153540E} => key not found. C:\windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program 64 35 => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5E70EC5A-64D5-4CBE-BC34-058D2F497E2F} => key not found. C:\windows\System32\Tasks\Lenovo\Lenovo Customer Feedback Program => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Lenovo\Lenovo Customer Feedback Program => key not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{EFEFF63C-C507-4320-9575-21FC08EAE362} => key not found. C:\windows\System32\Tasks\{B1E09098-19DF-40A2-9F0F-1680B923934D} => not found. HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{B1E09098-19DF-40A2-9F0F-1680B923934D} => key not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{E5C53580-FDD8-4413-9DC5-C2DCA22E969C}C:\users\Sheky\downloads\anydesk (1).exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{443A2B85-B6EA-4A3F-AFBC-F3A9DFB41CCD}C:\users\Sheky\downloads\anydesk (1).exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{AC3A78E0-F3B3-4734-8DB0-0B4306332511}C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{3637F0C2-B894-49CD-AF02-EF2E3D4FC7B0}C:\users\Sheky\desktop\skypeportable\app\skype\phone\skype.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{14DFB07D-4676-4EE6-AF63-5A7275BE4A73}C:\program files (x86)\skype\phone\skype.exe => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{D9895B2A-9449-4EA7-B4F0-2A2EBBF28232}C:\program files (x86)\skype\phone\skype.exe => value not found. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{ED64731B-FCA5-4D3B-8120-87B717B1CB2E}C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{6C65DF8F-22CD-4712-81BD-11B1EB58309C}C:\users\Sheky\downloads\skypeportable\app\skype\phone\skype.exe => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9C2EA9E1-F4C5-46AD-BA06-E8A6E1816CFC} => value not found. C:\Windows\System32\Drivers\etc\hosts => moved successfully Hosts restored successfully. ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.7.9600 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. 0 out of 0 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= =========== EmptyTemp: ========== BITS transfer queue => 8388608 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 4276084 B Java, Flash, Steam htmlcache => 0 B Windows/system/drivers => -275 B Edge => 0 B Chrome => 14794900 B Firefox => 0 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 0 B systemprofile32 => 0 B LocalService => -440 B NetworkService => 2018 B Sheky => 102809 B RecycleBin => 0 B EmptyTemp: => 26.3 MB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:47:32 ==== Malwarebytes Anti-Malware www.malwarebytes.org Дата на сканиране: 11-Apr-17 Час на сканиране: 20:55 Дневник: Администратор: Да Версия: 2.2.1.1043 База от данни за злонамерен софтуер: v2017.04.11.07 База от данни за рууткити: v2017.04.02.01 Лиценз: Безплатен Защита от злонамерен софтуер: Забранено Защита от злонамерени страници: Забранено Самозащита: Забранено ОС: Windows 8.1 Процесор: x64 Файлова система: NTFS Потребител: Sheky Тип сканиране: Сканиране за заплахи Резултат: Завършено Сканиране обекти: 258862 Изминало време: 12 мин. 18 сек. Памет: Разрешено Начално стартиране: Разрешено Файлова система: Разрешено Архиви: Разрешено Рууткити: Разрешено Евристика: Разрешено ПНП: Разрешено ПНИ: Разрешено Процеси: 0 (Не бяха открити злонамерени обекти) Модули: 0 (Не бяха открити злонамерени обекти) Ключове в системния регистър: 0 (Не бяха открити злонамерени обекти) Стойности в системния регистър: 0 (Не бяха открити злонамерени обекти) Данни в системния регистър: 0 (Не бяха открити злонамерени обекти) Папки: 0 (Не бяха открити злонамерени обекти) Файлове: 0 (Не бяха открити злонамерени обекти) Физически сектори: 0 (Не бяха открити злонамерени обекти) (end) HitmanPro 3.7.18.284 www.hitmanpro.com Computer name . . . . : LENOVO-PC Windows . . . . . . . : 6.3.0.9600.X64/4 User name . . . . . . : Lenovo-PC\Sheky UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2017-04-11 21:10:36 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 5s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 8 Traces . . . . . . . : 11 Objects scanned . . . : 1,177,014 Files scanned . . . . : 23,497 Remnants scanned . . : 239,365 files / 914,152 keys Suspicious files ____________________________________________________________ C:\Users\Sheky\Desktop\FRST64.exe Size . . . . . . . : 2,424,832 bytes Age . . . . . . . : 6.0 days (2017-04-05 20:57:36) Entropy . . . . . : 7.6 SHA-256 . . . . . : 3A3DCD0D3C9C1FE10C45AF795DC9452DA192246BB67D896AB7F16151A53C1B5F Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Malware remnants ____________________________________________________________ HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9}\ (SuperFish) HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F}\ (SuperFish) Cookies _____________________________________________________________________ C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Cookies:addthis.com C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
  6. sheky

    Скайп проблеми

    # AdwCleaner v6.045 - Logfile created 09/04/2017 at 15:24:04 # Updated on 28/03/2017 by Malwarebytes # Database : 2017-04-06.1 [Server] # Operating System : Windows 8.1 Connected (X64) # Username : Sheky - LENOVO-PC # Running from : C:\Users\Sheky\Desktop\adwcleaner_6.045.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ****** [ Services ] ****** ***** [ Folders ] ***** [-] Folder deleted: C:\Users\Sheky\AppData\Local\SweetLabs App Platform [-] Folder deleted: C:\ProgramData\Pokki [#] Folder deleted on reboot: C:\ProgramData\Application Data\Pokki [-] Folder deleted: C:\Users\Default User\AppData\Local\Pokki [#] Folder deleted on reboot: C:\Users\Default\AppData\Local\Pokki [-] Folder deleted: C:\Users\Public\Pokki ***** [ Files ] ***** [-] File deleted: C:\Users\Sheky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\PC App Store.lnk ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** [-] Task deleted: SweetLabs App Platform ***** [ Registry ] ***** [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Pokki_04bb6df446330549a2cb8d67fbd1a745025b7bd1 [-] Key deleted: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\Classes\pokki [#] Key deleted on reboot: HKCU\Software\Classes\pokki [#] Key deleted on reboot: [x64] HKCU\Software\Classes\pokki [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{2E5FA7B4-61A2-4662-BBCE-62BBB20FC649} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{5D7F05E3-075A-43AF-8BC7-21E2F7F38845} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{617E26CE-E6E1-4C75-A68A-A001F2B98491} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{79FBDBEA-A722-4ABD-BEC0-B7D463F6BA0E} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{8128586C-DF69-4266-873F-CF4C6F705A7C} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{C1F9CFCE-A7DC-4072-8B31-1DEA57004C86} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EA4AD895-2A7F-430E-B973-DEE6C4E743A9} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{EBF4B60F-A863-426F-BE6F-5DFE83BC574F} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{CB6BF8B6-E12B-42FA-A478-91BCCDE475DC} [-] Key deleted: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\SweetLabs App Platform [-] Key deleted: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP [-] Key deleted: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu [#] Key deleted on reboot: HKCU\Software\SweetLabs App Platform [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP [#] Key deleted on reboot: HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu [#] Key deleted on reboot: [x64] HKCU\Software\SweetLabs App Platform [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_AP [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SweetLabs_Start_Menu [-] Key deleted: HKCU\Software\Classes\AllFileSystemObjects\shell\pokki [-] Key deleted: HKCU\Software\Classes\Directory\shell\pokki [-] Key deleted: HKCU\Software\Classes\Drive\shell\pokki [-] Key deleted: HKCU\Software\Classes\lnkfile\shell\pokki [-] Key deleted: HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDWFP ***** [ Web browsers ] ***** ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [3917 Bytes] - [09/04/2017 15:24:04] C:\AdwCleaner\AdwCleaner[S0].txt - [3915 Bytes] - [09/04/2017 15:20:41] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4063 Bytes] ########## ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.2 (03.10.2017) Operating System: Windows 8.1 Connected x64 Ran by Sheky (Administrator) on 09-Apr-17 at 15:27:54.88 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 4 Successfully deleted: C:\Users\Sheky\AppData\Local\{6D721437-B029-4FCC-B2D8-8F9BE03CC4D1} (Empty Folder) Successfully deleted: C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod (Folder) Successfully deleted: C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage-journal (File) Successfully deleted: C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_bigefpfhnfcobdlfbedofhhaibnlghod_0.localstorage (File) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on 09-Apr-17 at 15:31:25.43 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Addition.txt FRST.txt
  7. Skype разпрати на всичките ми познати съобщения от вида: https://www.google.com/url?sa=t&url=http%3A%2F%2Fytwq2.ru&usg=AFQjCNGwZpAH6DGJ07gA4rp4b2XJBw7riw&id=Friends_username След това, скайп ми пратиха съобщение, че някой е ползвал скайпа ми, и да си сменя паролата и секюрити настройките. Malwarebytes не откри проблеми, но все пак, възможно ли е да има някаква зараза? Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by Sheky (administrator) on LENOVO-PC (05-04-2017 20:58:11) Running from C:\Users\Sheky\Desktop Loaded Profiles: Sheky (Available Profiles: Sheky) Platform: Windows 8.1 Connected (Update) (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe (AMD) C:\Windows\System32\atieclxx.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe () C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe (Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\igfxsrvc.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.32.7\GoogleCrashHandler64.exe (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (Realtek semiconductor) C:\Windows\RTFTrack.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe (Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe (Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (Viber Media S.Ã r.l.) C:\Users\Sheky\AppData\Local\Viber\Viber.exe (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe (Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Skype Technologies) C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2014-02-26] (Intel Corporation) HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc.) HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] () HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) HKLM\...\Run: [BTMTrayAgent] => rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2013-10-17] (Realtek semiconductor) HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [15813616 2014-09-16] (Lenovo(beijing) Limited) HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [80880 2014-09-16] (Lenovo(beijing) Limited) HKLM\...\Run: [Malwarebytes TrayApp] => C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe [2780112 2017-01-20] (Malwarebytes) HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED) HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-03-11] (Advanced Micro Devices, Inc.) Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4701888 2016-12-22] (Disc Soft Ltd) HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27774944 2017-03-21] (Skype Technologies S.A.) HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\...\Run: [Viber] => C:\Users\Sheky\AppData\Local\Viber\Viber.exe [34979408 2017-03-07] (Viber Media S.Ã r.l.) HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\...\MountPoints2: {2b5bbc35-db08-11e6-8261-28d244e8a10d} - "G:\autorun.exe" ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{23797B6A-FD73-4749-95E3-01950D5732BA}: [DhcpNameServer] 192.168.100.1 Tcpip\..\Interfaces\{680A2EA5-42AD-44B8-846E-DE8E2969CCF7}: [DhcpNameServer] 192.168.42.129 Tcpip\..\Interfaces\{72CF154A-9D41-4296-B873-D407C076CC97}: [DhcpNameServer] 192.168.100.1 Internet Explorer: ================== HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\Microsoft\Internet Explorer\Main,Start Page = about:Tabs HKU\S-1-5-21-3078476333-1625487174-3110811314-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB SearchScopes: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} SearchScopes: HKU\S-1-5-21-3078476333-1625487174-3110811314-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms} BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-03-03] (Qihu 360 Software Co., Ltd.) BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-01-22] (Qihu 360 Software Co., Ltd.) FireFox: ======== FF DefaultProfile: dl8ej4nc.default FF ProfilePath: C:\Users\Sheky\AppData\Roaming\Mozilla\Firefox\Profiles\dl8ej4nc.default [2017-04-04] FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-15] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2017-01-15] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-12-23] (Adobe Systems Inc.) Chrome: ======= CHR Profile: C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default [2017-04-05] CHR Extension: (Google Презентации) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-01-15] CHR Extension: (Google Документи) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-15] CHR Extension: (Google Диск) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-15] CHR Extension: (MEGA) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\bigefpfhnfcobdlfbedofhhaibnlghod [2017-04-05] CHR Extension: (YouTube) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-15] CHR Extension: (Adobe Acrobat) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-04] CHR Extension: (Google Документи офлайн) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-15] CHR Extension: (AdBlock) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-03-31] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Gmail) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-15] CHR Extension: (Chrome Media Router) - C:\Users\Sheky\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-03-21] CHR HKLM-x32\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [glcimepnljoholdmjchkloafkggfoijh] - hxxps://clients2.google.com/service/update2/crx Opera: ======= StartMenuInternet: (HKLM) OperaStable - C:\Program Files\Opera\Launcher.exe ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [1471168 2016-12-22] (Disc Soft Ltd) R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [16232 2014-02-26] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-28] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-28] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-09-16] (Intel Corporation) R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2014-09-16] (Lenovo(beijing) Limited) S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [4355024 2017-01-20] (Malwarebytes) S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [284912 2013-11-21] () R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [928168 2017-03-03] (QIHU 360 SOFTWARE CO. LIMITED) S3 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] () R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace\VfConnectorService.exe [68368 2014-09-16] () S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-24] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-24] (Microsoft Corporation) R2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3674864 2013-11-21] (Intel® Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 360AntiHacker; C:\windows\System32\Drivers\360AntiHacker64.sys [151784 2016-12-30] (360.cn) R3 360AvFlt; C:\windows\System32\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn) R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-03-03] (360.cn) R1 360Box64; C:\windows\System32\DRIVERS\360Box64.sys [330472 2017-03-03] (360.cn) R1 360Camera; C:\windows\System32\Drivers\360Camera64.sys [40520 2016-12-30] (360.cn) R1 360FsFlt; C:\windows\System32\DRIVERS\360FsFlt.sys [391392 2016-12-30] (360.cn) R1 BAPIDRV; C:\windows\System32\DRIVERS\BAPIDRV64.sys [188864 2016-12-30] (360.cn) R3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions, Inc.) R3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1419576 2013-12-11] (Motorola Solutions, Inc.) R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [30264 2017-01-15] (Disc Soft Ltd) R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [47672 2017-01-15] (Disc Soft Ltd) R3 ibtusb; C:\windows\system32\DRIVERS\ibtusb.sys [163536 2014-03-06] (Intel Corporation) R3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [251848 2017-04-03] (Malwarebytes) R3 MEIx64; C:\windows\system32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation) R3 NETwNb64; C:\windows\system32\DRIVERS\NETwbw02.sys [3609568 2013-12-25] (Intel Corporation) S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation) R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [8876248 2013-10-17] (Realtek Semiconductor Corp.) R3 SmbDrvI; C:\windows\system32\DRIVERS\Smb_driver_Intel.sys [34544 2013-12-24] (Synaptics Incorporated) S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [35856 2014-03-24] (Microsoft Corporation) S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [257880 2014-03-24] (Microsoft Corporation) S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-24] (Microsoft Corporation) S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-05 20:58 - 2017-04-05 20:58 - 00016563 _____ C:\Users\Sheky\Desktop\FRST.txt 2017-04-05 20:58 - 2017-04-05 20:58 - 00000000 ____D C:\FRST 2017-04-05 20:57 - 2017-04-05 20:57 - 02424832 _____ (Farbar) C:\Users\Sheky\Desktop\FRST64.exe 2017-04-03 09:27 - 2017-04-03 09:44 - 00251848 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMSwissArmy.sys 2017-04-03 09:27 - 2017-04-03 09:44 - 00110536 _____ (Malwarebytes) C:\windows\system32\Drivers\farflt.sys 2017-04-03 09:27 - 2017-04-03 09:44 - 00091584 _____ (Malwarebytes) C:\windows\system32\Drivers\mwac.sys 2017-04-03 09:27 - 2017-04-03 09:44 - 00043968 _____ (Malwarebytes) C:\windows\system32\Drivers\mbam.sys 2017-04-03 09:27 - 2017-04-03 09:27 - 00176584 _____ (Malwarebytes) C:\windows\system32\Drivers\MBAMChameleon.sys 2017-04-03 09:26 - 2017-04-03 09:26 - 00001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk 2017-04-03 09:26 - 2017-04-03 09:26 - 00000000 ____D C:\windows\system32\Drivers\etc\BACKUP 2017-04-03 09:26 - 2017-04-03 09:26 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes 2017-04-03 09:26 - 2017-04-03 09:26 - 00000000 ____D C:\ProgramData\Malwarebytes 2017-04-03 09:26 - 2017-04-03 09:26 - 00000000 ____D C:\Program Files\Malwarebytes 2017-04-03 09:26 - 2017-01-20 07:47 - 00077416 _____ C:\windows\system32\Drivers\mbae64.sys 2017-04-03 09:25 - 2017-04-03 09:25 - 00018215 _____ C:\Users\Sheky\Downloads\Malwarebytes Anti-Malware Premium v3.0.6.1469 RePack.torrent 2017-04-01 16:17 - 2017-04-01 16:17 - 00003108 _____ C:\windows\System32\Tasks\{E1C5D7F9-1C8D-4F3F-A6EA-EC64F74E5389} 2017-03-31 11:11 - 2017-03-31 11:11 - 00219220 _____ C:\Users\Sheky\Downloads\CP.SL.OF.02.05.03 Implementation.pdf 2017-03-30 10:22 - 2017-03-30 10:23 - 00344624 _____ C:\windows\system32\FNTCACHE.DAT 2017-03-30 09:19 - 2017-03-30 09:19 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\SkypePM 2017-03-29 16:29 - 2017-03-29 16:29 - 00143333 _____ C:\Users\Sheky\Downloads\Kong Skull Island 2017 HDCAM x264 HQMic AC3-WhoOpiN.torrent 2017-03-29 09:34 - 2017-03-29 09:34 - 00003108 _____ C:\windows\System32\Tasks\{B1E09098-19DF-40A2-9F0F-1680B923934D} 2017-03-29 08:18 - 2017-03-29 08:18 - 00000299 _____ C:\Users\Sheky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Recycle Bin.lnk 2017-03-27 20:42 - 2017-03-27 20:42 - 00028477 _____ C:\Users\Sheky\Downloads\Bulgarskite Voivodi Comic.torrent 2017-03-27 20:42 - 2017-03-27 20:42 - 00005011 _____ C:\Users\Sheky\Downloads\HitarPetar.rar.torrent 2017-03-27 20:39 - 2017-03-27 20:39 - 00022465 _____ C:\Users\Sheky\Downloads\Spisanie Daga.torrent 2017-03-25 13:43 - 2017-03-25 13:43 - 00077769 _____ C:\Users\Sheky\Downloads\The.Day.Of.The.Triffids_Part_1_and_2.(subs.sab.bz).rar 2017-03-25 13:40 - 2017-03-25 13:40 - 00040096 _____ C:\Users\Sheky\Downloads\The.Day.of.the.Triffids.2009.BRRip.x264.2parts.rar 2017-03-24 18:01 - 2017-03-24 18:01 - 00049942 _____ C:\Users\Sheky\Downloads\patriots.day.2016.brrip.xvid.ac3-ozzy1(subsunacs.net).rar 2017-03-24 11:01 - 2017-03-24 11:01 - 00060923 _____ C:\Users\Sheky\Downloads\why.him.2016.720p.web-dl.x264.ac3-evo(subsunacs.net).rar 2017-03-22 21:30 - 2017-03-22 21:30 - 00133843 _____ C:\Users\Sheky\Downloads\fallen-din.srt 2017-03-21 20:03 - 2017-03-21 20:34 - 00000000 ____D C:\Program Files\Stan-Media 2017-03-21 20:03 - 2017-03-21 20:03 - 00000000 ____D C:\windows\AM 2017-03-21 20:03 - 2017-03-21 20:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\STAN-MEDIA 2017-03-21 13:14 - 2017-03-21 13:14 - 01738952 _____ C:\Users\Sheky\Downloads\AnyDesk (1).exe 2017-03-20 21:13 - 2017-03-20 21:14 - 13193344 _____ (TeamViewer GmbH) C:\Users\Sheky\Downloads\TeamViewer_Setup_bg.exe 2017-03-19 21:17 - 2017-03-19 21:18 - 27201113 _____ C:\Users\Sheky\Downloads\Photoshop трикове за дизайнери - Кори Баркър.pdf 2017-03-19 21:15 - 2017-03-19 21:15 - 00089592 _____ C:\Users\Sheky\Downloads\Rogue_One_A_Star_Wars_Story_2016.(subs.sab.bz).rar 2017-03-17 21:19 - 2017-03-17 21:19 - 00053842 _____ C:\Users\Sheky\Downloads\The_Great_Wall_2017.(subs.sab.bz).rar 2017-03-15 18:21 - 2017-03-15 18:22 - 00000000 ____D C:\Users\Sheky\Downloads\The.Matrix.Collection.1999-2003.1080p.BluRay.DTS.x265-Mad 2017-03-15 18:21 - 2017-03-15 18:21 - 00089053 _____ C:\Users\Sheky\Downloads\the.matrix.complete.trilogy.1080p.bluray(subsunacs.net).rar 2017-03-15 13:11 - 2017-03-15 13:11 - 00196364 _____ C:\Users\Sheky\Downloads\AAA_CR5.pdf 2017-03-15 08:29 - 2017-03-15 08:29 - 00038121 _____ C:\Users\Sheky\Downloads\resident.evil.the.final.chapter.2017.hdrip.xvid.ac3-evo(subsunacs.net).rar 2017-03-14 21:34 - 2017-03-14 21:34 - 01912363 _____ C:\Users\Sheky\Downloads\WinMTR-v092.zip 2017-03-14 21:32 - 2017-04-05 20:31 - 00000000 ____D C:\Users\Sheky\Documents\ViberDownloads 2017-03-14 21:31 - 2017-04-04 13:30 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\ViberPC 2017-03-14 21:31 - 2017-03-14 21:31 - 00000981 _____ C:\Users\Sheky\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2017-03-14 21:31 - 2017-03-14 21:31 - 00000979 _____ C:\Users\Sheky\Desktop\Viber.lnk 2017-03-14 21:31 - 2017-03-14 21:31 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2017-03-14 21:31 - 2017-03-14 21:31 - 00000000 ____D C:\Users\Sheky\AppData\Local\Viber 2017-03-14 21:30 - 2017-03-14 21:30 - 00117805 _____ C:\Users\Sheky\Downloads\cports-x64.zip 2017-03-14 21:30 - 2017-03-14 21:30 - 00000000 ____D C:\Users\Sheky\AppData\Local\Package Cache 2017-03-14 21:29 - 2017-03-14 21:30 - 68126760 _____ (Viber Media Inc.) C:\Users\Sheky\Downloads\ViberSetup.exe 2017-03-13 22:10 - 2017-03-13 22:10 - 00042340 _____ C:\Users\Sheky\Downloads\digger (1).rar 2017-03-13 19:20 - 2017-03-13 19:20 - 00042340 _____ C:\Users\Sheky\Downloads\digger.rar 2017-03-12 12:35 - 2017-03-12 12:35 - 00734996 _____ C:\Users\Sheky\Downloads\16006247_1664814110202114_4965627225249415168_n.mp4 2017-03-11 18:15 - 2017-03-11 18:15 - 00031673 _____ C:\Users\Sheky\Downloads\xxx-the-return-of-xander-cage_bulgarian-1518049.zip 2017-03-11 18:14 - 2017-03-11 18:14 - 00028440 _____ C:\Users\Sheky\Downloads\xxx.return.of.xander.cage.2017.new.hd-ts.hq-cpg(subsunacs.net) (1).rar 2017-03-11 12:05 - 2017-03-11 12:05 - 00001354 _____ C:\Users\Sheky\Downloads\WifiInfoView.cfg 2017-03-11 12:02 - 2017-03-11 12:02 - 00319064 _____ C:\Users\Sheky\Downloads\wifiinfoview (1).zip 2017-03-11 12:02 - 2017-02-21 12:22 - 00286416 _____ (NirSoft) C:\Users\Sheky\Downloads\WifiInfoView.exe 2017-03-11 12:02 - 2017-02-21 12:22 - 00053194 _____ C:\Users\Sheky\Downloads\WifiInfoView.chm 2017-03-11 12:02 - 2017-02-21 12:22 - 00016519 _____ C:\Users\Sheky\Downloads\readme.txt 2017-03-10 18:52 - 2017-03-10 18:53 - 00000000 ____D C:\Users\Sheky\Downloads\SkypePortable 2017-03-10 13:39 - 2017-03-10 13:39 - 00028440 _____ C:\Users\Sheky\Downloads\xxx.return.of.xander.cage.2017.new.hd-ts.hq-cpg(subsunacs.net).rar 2017-03-09 19:17 - 2017-03-09 19:17 - 00000000 ____D C:\Users\Sheky\AppData\Local\Intel_Corporation 2017-03-09 09:35 - 2017-04-01 16:16 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-09 09:35 - 2017-03-09 09:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-09 09:35 - 2015-08-22 16:42 - 00901264 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00066400 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00022368 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00019808 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00017760 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00016224 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00015712 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00014176 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00013664 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012640 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:42 - 00012128 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00984448 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00063840 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00020832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00019808 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00017760 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00016224 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00015712 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00014176 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00013664 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll 2017-03-09 09:35 - 2015-08-22 16:35 - 00012128 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll 2017-03-08 21:28 - 2017-03-08 21:28 - 00024503 _____ C:\Users\Sheky\Downloads\Criminal.2016.BRRip.XviD.AC3_EVO.(subs.sab.bz).rar 2017-03-08 19:45 - 2017-03-08 19:45 - 00031761 _____ C:\Users\Sheky\Downloads\bvs.2016.theatrical_bluray(subsunacs.net) (1).rar 2017-03-08 19:43 - 2017-03-08 19:43 - 00031761 _____ C:\Users\Sheky\Downloads\bvs.2016.theatrical_bluray(subsunacs.net).rar 2017-03-07 21:37 - 2017-03-20 20:58 - 00000600 _____ C:\Users\Sheky\AppData\Local\PUTTY.RND 2017-03-07 21:37 - 2017-03-07 21:37 - 00829304 _____ (Simon Tatham) C:\Users\Sheky\Downloads\putty.exe 2017-03-07 21:28 - 2017-03-07 21:33 - 00000000 ____D C:\Users\Sheky\AppData\Local\Darksiders2 2017-03-07 21:28 - 2017-03-07 21:28 - 00000827 _____ C:\Users\Sheky\Desktop\Darksiders II Deathinitive Edition.lnk 2017-03-07 21:28 - 2017-03-07 21:28 - 00000000 ____D C:\Users\Sheky\Documents\My Games 2017-03-07 21:28 - 2017-03-07 21:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Darksiders II Deathinitive Edition 2017-03-07 15:40 - 2017-03-07 15:40 - 11014136 _____ C:\Users\Sheky\Downloads\king-trilogia.rar ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-05 20:50 - 2017-02-24 16:47 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\Skype 2017-04-05 20:49 - 2017-01-15 18:55 - 00003938 _____ C:\windows\System32\Tasks\User_Feed_Synchronization-{52C6678C-A372-4C60-A841-9CA9F9F534F9} 2017-04-04 19:29 - 2017-01-24 14:51 - 00000000 ____D C:\Users\Sheky\AppData\LocalLow\Mozilla 2017-04-04 17:44 - 2017-01-15 14:45 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\Victor Vran 2017-04-03 18:56 - 2013-08-22 16:36 - 00000000 ____D C:\windows\Inf 2017-04-03 10:02 - 2017-01-15 18:52 - 00003600 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3078476333-1625487174-3110811314-1001 2017-04-03 09:56 - 2017-01-15 12:56 - 00000000 ____D C:\Users\Sheky\AppData\LocalLow\360WD 2017-04-03 09:49 - 2014-03-18 12:53 - 00865408 _____ C:\windows\system32\PerfStringBackup.INI 2017-04-03 09:44 - 2013-08-22 17:45 - 00000006 ____H C:\windows\Tasks\SA.DAT 2017-04-03 09:43 - 2014-09-16 11:01 - 00004608 _____ C:\windows\system32\VfService.trf 2017-04-03 09:43 - 2013-08-22 16:25 - 00262144 ___SH C:\windows\system32\config\BBI 2017-04-03 09:42 - 2017-01-15 18:45 - 00000000 ____D C:\Users\Sheky 2017-04-03 09:28 - 2017-01-15 10:48 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\uTorrent 2017-04-01 16:17 - 2017-02-24 16:47 - 00000000 ____D C:\ProgramData\Skype 2017-03-31 14:42 - 2017-01-15 11:18 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\vlc 2017-03-30 09:56 - 2017-01-15 18:45 - 00000000 ____D C:\Users\Sheky\AppData\Local\SweetLabs App Platform 2017-03-29 23:15 - 2017-01-15 10:25 - 00002224 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-03-29 15:29 - 2017-01-27 14:40 - 00000061 _____ C:\Users\Sheky\Desktop\2.txt 2017-03-21 20:04 - 2017-01-15 18:46 - 00000000 ____D C:\Users\Sheky\AppData\Local\VirtualStore 2017-03-21 13:15 - 2017-02-05 20:07 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\AnyDesk 2017-03-20 21:18 - 2017-02-07 16:57 - 00000000 ____D C:\Users\Sheky\AppData\Roaming\TeamViewer 2017-03-09 09:35 - 2017-02-24 16:47 - 00002713 _____ C:\Users\Public\Desktop\Skype.lnk 2017-03-09 09:35 - 2013-08-22 18:20 - 00000000 ____D C:\windows\CbsTemp 2017-03-09 09:33 - 2014-09-16 10:06 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-06 15:26 - 2017-01-15 12:56 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\360 Security Center ==================== Files in the root of some directories ======= 2017-02-25 18:20 - 2017-02-25 18:20 - 0000132 _____ () C:\Users\Sheky\AppData\Roaming\Adobe PNG Format CC Prefs 2017-01-24 18:30 - 2017-01-27 18:34 - 1583461 _____ () C:\Users\Sheky\AppData\Roaming\Victor Vran.rar 2017-02-26 19:43 - 2017-02-26 19:43 - 0000070 _____ () C:\Users\Sheky\AppData\Local\KakaUSBSecurity 2017-03-07 21:37 - 2017-03-20 20:58 - 0000600 _____ () C:\Users\Sheky\AppData\Local\PUTTY.RND 2014-09-16 10:16 - 2014-09-16 10:16 - 0000000 ____H () C:\ProgramData\DP45977C.lfl ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\windows\system32\winlogon.exe => File is digitally signed C:\windows\system32\wininit.exe => File is digitally signed C:\windows\explorer.exe => File is digitally signed C:\windows\SysWOW64\explorer.exe => File is digitally signed C:\windows\system32\svchost.exe => File is digitally signed C:\windows\SysWOW64\svchost.exe => File is digitally signed C:\windows\system32\services.exe => File is digitally signed C:\windows\system32\User32.dll => File is digitally signed C:\windows\SysWOW64\User32.dll => File is digitally signed C:\windows\system32\userinit.exe => File is digitally signed C:\windows\SysWOW64\userinit.exe => File is digitally signed C:\windows\system32\rpcss.dll => File is digitally signed C:\windows\system32\dnsapi.dll => File is digitally signed C:\windows\SysWOW64\dnsapi.dll => File is digitally signed C:\windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-30 10:48 ==================== End of FRST.txt ============================ Addition.txt
  8. Дам, ще ги разгледам по обстойно, когато си седна на компютъра. В момента съм на една щайга.... няма значение. Пак Благодаря. Ако и други се сещат, неща споделят.
  9. .Благодаря, ExaFlop, Всъщност само вторият линк мога да отворя, но точно за това говоря. Аз току що се сетих и за www.kali.org, който отговаря на всички изисквания. Вариант е да теглиш iso и локално да мериш. Примерно от debian: http://cdimage.debian.org/debian-cd/8.4.0/amd64/iso-cd/
  10. Точно това имам предвид и аз. Директен даунлоуд. Примерно ftp. Я с линукс, я с нещо друго... каквото и да е.
  11. Нямам претенции към интернет фирмата си. Нямам и към някой друг. Този форум е за взаимопомощ, потърсих сам, не намерих и се допитвам. Ако никой не желае да откликне, няма проблем. Тези тестери, скенери и други подобни сайтове не дават ясна представа за връзката. За това и дадох пример, какви точно сайтове търся, за да не се напълни темата с линкове от рода на speedtest.net Като се има предвид, че много хора разпитват във форума точно такива въпроси - смятам, че ще е полезна за всички. Темата ми е обвързана с въпроси за линкове и скорости, а не за договорните ми отношения с фирмата. Не влизай в техните ботуши, да не ти се окажат големи.
  12. Някога, модераторите бяха на по-високо ниво. Моля, все пак ако някой има интересни линкове да ги сподели. Благодаря.
  13. Здравейте! Предложете линкове за измерване на международната скорост, примерно подобни на българският http://mirrors.unixsol.org/., които нямат ограничения на трафика или колко сесии ще направя от тях. nvidia.com и amd.com стават, но търся още. Благодаря!
  14. sheky

    създаване на сайт

    Благодаря, Кен
  15. sheky

    създаване на сайт

    Да се отваря поле с информация за МАК адреса и IP адреса. Това е.
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.