Премини към съдържанието

stanilm

Потребител
  • Публикации

    32
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за stanilm

  • Титла
    Потребител
  1. Ако това е краят, Благодаря, за пореден път на всички от екипа на kaldata ! # DelFix v1.010 - Logfile created 08/07/2015 at 18:34:22 # Updated 26/04/2015 by Xplode # Username : STANIL - STANIL-PC # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\RegBackup Deleted : C:\Users\STANIL\Desktop\FRST-OlderVersion Deleted : C:\ComboFix.txt Deleted : C:\Users\STANIL\Desktop\Addition (1).txt Deleted : C:\Users\STANIL\Desktop\Addition.txt Deleted : C:\Users\STANIL\Desktop\AdwCleaner[s0].txt Deleted : C:\Users\STANIL\Desktop\adwcleaner_4.207.exe Deleted : C:\Users\STANIL\Desktop\ComboFix.exe Deleted : C:\Users\STANIL\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Users\STANIL\Desktop\Fixlog.txt Deleted : C:\Users\STANIL\Desktop\FRST.exe Deleted : C:\Users\STANIL\Desktop\FRST.txt Deleted : C:\Users\STANIL\Desktop\JRT.exe Deleted : C:\Users\STANIL\Desktop\JRT.txt Deleted : C:\Users\STANIL\Desktop\log ESET.txt Deleted : C:\Users\STANIL\Desktop\log.txt Deleted : C:\Users\STANIL\Desktop\report_2015-01-31_09-31-28.xlsx Deleted : C:\Users\STANIL\Desktop\report_2015-01-31_09-31-49.csv Deleted : C:\Windows\grep.exe Deleted : C:\Windows\PEV.exe Deleted : C:\Windows\NIRCMD.exe Deleted : C:\Windows\MBR.exe Deleted : C:\Windows\SED.exe Deleted : C:\Windows\SWREG.exe Deleted : C:\Windows\SWSC.exe Deleted : C:\Windows\SWXCACLS.exe Deleted : C:\Windows\Zip.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ########## - EOF - ##########
  2. Нахалният сайт го няма.Мисля, че всичко е ок.
  3. Здравейте, Мисля ,че сега всичко е ОК.Обърнах специално внимание на отметките. Резултат по-долу, е след поставяне на отметки пред всички горе описани тагове.Включително и Remove found threats. Сега мисля , че има разлика. C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchCH.dll Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchFF.dll Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowserAction.dll a variant of Win32/ELEX.DH potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\CmdShell.exe a variant of Win32/ELEX.CY potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi Win32/Toolbar.TNT2.I potentially unwanted application deleted - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\HPNotify.exe a variant of Win32/ELEX.DK potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\IeWatchDog.dll Win32/ELEX.BM potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\ProtectService.exe a variant of Win32/ELEX.EE potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Program Files\MiuiTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\everything.dll a variant of Win32/ELEX.DJ potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\helper.dll a variant of Win32/ELEX.DJ potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\Patch.dll a variant of Win32/ELEX.DJ potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\ServiceEverything.exe a variant of Win32/ELEX.DJ potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX.exe a variant of Win32/ELEX.DJ potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX64.exe a variant of Win64/ELEX.A potentially unwanted application cleaned by deleting - quarantined C:\FRST\Quarantine\C\Users\STANIL\AppData\Local\Temp\utt25C4.tmp.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application cleaned by deleting - quarantined C:\Users\STANIL\AppData\Local\Viber\Helper.dll Win32/Toolbar.SearchSuite.W potentially unwanted application cleaned by deleting - quarantined C:\Users\STANIL\AppData\Local\Viber\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.W.gen potentially unwanted application cleaned by deleting - quarantined C:\Users\STANIL\AppData\Roaming\uTorrent\updates\3.4.2_35141.exe a variant of Win32/OpenCandy.C potentially unsafe application cleaned by deleting - quarantined C:\Users\STANIL\Desktop\ViberSetup.exe Win32/Toolbar.SearchSuite.W potentially unwanted application cleaned by deleting - quarantined C:\Users\STANIL\Downloads\GOMPLAYERENSETUP.EXE a variant of Win32/OpenCandy.C potentially unsafe application deleted - quarantined
  4. C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchCH.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchFF.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowserAction.dll a variant of Win32/ELEX.DH potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\CmdShell.exe a variant of Win32/ELEX.CY potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi Win32/Toolbar.TNT2.I potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\HPNotify.exe a variant of Win32/ELEX.DK potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\IeWatchDog.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\ProtectService.exe a variant of Win32/ELEX.EE potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\everything.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\helper.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\Patch.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\ServiceEverything.exe a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX.exe a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX64.exe a variant of Win64/ELEX.A potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Local\Temp\utt25C4.tmp.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Users\STANIL\AppData\Local\Viber\Helper.dll Win32/Toolbar.SearchSuite.W potentially unwanted application C:\Users\STANIL\AppData\Local\Viber\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.W.gen potentially unwanted application C:\Users\STANIL\AppData\Roaming\uTorrent\updates\3.4.2_35141.exe a variant of Win32/OpenCandy.C potentially unsafe application
  5. C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchCH.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowerWatchFF.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\BrowserAction.dll a variant of Win32/ELEX.DH potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\CmdShell.exe a variant of Win32/ELEX.CY potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\ffsearch_toolbar!1.0.0.1031.xpi Win32/Toolbar.TNT2.I potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\HPNotify.exe a variant of Win32/ELEX.DK potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\IeWatchDog.dll Win32/ELEX.BM potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\ProtectService.exe a variant of Win32/ELEX.EE potentially unwanted application C:\FRST\Quarantine\C\Program Files\MiuiTab\SupTab.dll a variant of Win32/Thinknice.B potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\everything.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\helper.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\Patch.dll a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\ServiceEverything.exe a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX.exe a variant of Win32/ELEX.DJ potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Everything\SFKEX64.exe a variant of Win64/ELEX.A potentially unwanted application C:\FRST\Quarantine\C\Users\STANIL\AppData\Local\Temp\utt25C4.tmp.exe.xBAD a variant of Win32/Bundled.Toolbar.Ask.E potentially unsafe application C:\Users\STANIL\AppData\Local\Viber\Helper.dll Win32/Toolbar.SearchSuite.W potentially unwanted application C:\Users\STANIL\AppData\Local\Viber\Uninstall.exe a variant of Win32/Toolbar.SearchSuite.W.gen potentially unwanted application C:\Users\STANIL\AppData\Roaming\uTorrent\updates\3.4.2_35141.exe a variant of Win32/OpenCandy.C potentially unsafe application C:\Users\STANIL\Desktop\ViberSetup.exe Win32/Toolbar.SearchSuite.W potentially unwanted application C:\Users\STANIL\Downloads\GOMPLAYERENSETUP.EXE a variant of Win32/OpenCandy.C potentially unsafe application
  6. Моля, за извинение. ComboFix 15-06-27.01 - STANIL 06.2015 г. 21:50:49.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.3574.2514 [GMT 3:00] Running from: c:\users\STANIL\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Local Settings\Temp c:\programdata\Local Settings\Temp\msqzzamb.com . . ((((((((((((((((((((((((( Files Created from 2015-05-27 to 2015-06-27 ))))))))))))))))))))))))))))))) . . 2015-06-27 18:54 . 2015-06-27 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-06-27 18:43 . 2015-06-27 18:44 -------- d-----w- C:\AdwCleaner 2015-06-27 18:40 . 2015-06-27 18:40 -------- d-----w- C:\RegBackup 2015-06-26 17:47 . 2015-06-27 18:45 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-06-26 17:46 . 2015-06-27 11:37 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2015-06-26 17:46 . 2015-06-26 17:46 -------- d-----w- c:\programdata\Malwarebytes 2015-06-26 17:46 . 2015-06-18 05:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-06-26 17:46 . 2015-06-18 05:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-06-26 17:46 . 2015-06-18 05:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-06-24 18:29 . 2015-06-26 17:43 -------- d-----w- C:\FRST 2015-06-10 04:48 . 2015-06-10 04:53 -------- d-----w- c:\users\STANIL\AppData\Local\Microsoft Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-06-24 12:15 . 2014-11-01 21:49 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-06-24 12:15 . 2014-11-01 21:49 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-06-02 28785792] "GomTray"="c:\program files\GRETECH\GOMTray\GomTray.exe" [2013-07-04 2384472] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 1690224] "NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2462536] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 718688] "ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-10-04 2197680] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-10-27 280576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 3986944] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer8"=wdmaud.drv . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160] R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-01-31 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-10-26 218688] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 915784] S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 18044232] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-16 410768] S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 238592] S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1060864] S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 484352] S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 19272] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-09-04 32928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1143920] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-06-24 18:24 990024 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2015-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01 12:15] . 2015-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2015-06-24 18:24] . 2015-06-27 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2015-06-24 18:24] . . ------- Supplementary Scan ------- . uStart Page = about:Tabs IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 TCP: Interfaces\{B8BFED57-45CB-4B04-B37E-49C18C7006C8}: NameServer = 8.8.8.8,8.8.4.4 . - - - - ORPHANS REMOVED - - - - . HKCU-Run-KMPConnect - c:\program files\KMPConnect\kair_view.exe HKLM-Run-PowerDVD13Agent - c:\program files\CyberLink\PowerDVD13\PowerDVD13Agent.exe AddRemove-AC3Filter_is1 - c:\program files\AC3Filter\unins000.exe AddRemove-InstallShield_{20D4A895-748C-4D88-871C-FDB1695B0169} - c:\progra~1\COMMON~1\INSTAL~1\Driver\7\INTEL3~1\IDriver.exe AddRemove-SendToKindle - c:\program files\Amazon\SendToKindle\uninstall.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2015-06-27 21:55:54 ComboFix-quarantined-files.txt 2015-06-27 18:55 . Pre-Run: 20 821 086 208 bytes free Post-Run: 20 720 631 808 bytes free . - - End Of File - - 36EE0D1B85D63034392E8B0171C57822 A36C5E4F47E84449FF07ED3517B43A31
  7. JRT.txt : ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 7.1.9 (06.27.2015:2) OS: Windows 7 Ultimate x86 Ran by STANIL on бкЎ 27.06.2015 Ј. at 21:40:39,70 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~ Services ~~~ Tasks ~~~ Registry Values ~~~ Registry Keys ~~~ Files ~~~ Folders Failed to delete: [Folder] C:\ProgramData\tuneup software Successfully deleted: [Folder] C:\ProgramData\apn Successfully deleted: [Folder] C:\Users\STANIL\AppData\Roaming\tuneup software Successfully deleted: [Folder] C:\Users\STANIL\local settings\application data\tuneup software ~~~ Chrome [C:\Users\STANIL\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset [C:\Users\STANIL\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted: [C:\Users\STANIL\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset [C:\Users\STANIL\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted: [] ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on бкЎ 27.06.2015 Ј. at 21:41:57,78 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ AdwCleaner[s0].txt): # AdwCleaner v4.207 - Logfile created 27/06/2015 at 21:44:48 # Updated 21/06/2015 by Xplode # Database : 2015-06-23.1 [server] # Operating system : Windows 7 Ultimate Service Pack 1 (x86) # Username : STANIL - STANIL-PC # Running from : C:\Users\STANIL\Desktop\adwcleaner_4.207.exe # Option : Cleaning ***** [ Services ] ***** ***** [ Files / Folders ] ***** ***** [ Scheduled tasks ] ***** ***** [ Shortcuts ] ***** Shortcut Disinfected : C:\Users\Public\Desktop\Assassin's Creed IV - Black Flag.lnk Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Assassin's Creed IV - Black Flag\Assassin's Creed IV - Black Flag.lnk Shortcut Disinfected : C:\Users\STANIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk Shortcut Disinfected : C:\Users\STANIL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk Shortcut Disinfected : C:\Users\STANIL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk ***** [ Registry ] ***** Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4EFB-9B51-7695ECA05670} Key Deleted : HKLM\SOFTWARE\hdcode Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\delta-homes.com Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.delta-homes.com ***** [ Web browsers ] ***** -\\ Internet Explorer v11.0.9600.17728 -\\ Google Chrome v43.0.2357.130 [C:\Users\STANIL\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [search Provider] : hxxp://www.ask.com/web?q={searchTerms} ************************* AdwCleaner[R0].txt - [1821 bytes] - [27/06/2015 21:44:02] AdwCleaner[s0].txt - [1771 bytes] - [27/06/2015 21:44:48] ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1830 bytes] ########## ComboFix (log): ComboFix 15-06-27.01 - STANIL 06.2015 г. 21:50:49.1.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.3574.2514 [GMT 3:00] Running from: c:\users\STANIL\Desktop\ComboFix.exe SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\programdata\Local Settings\Temp c:\programdata\Local Settings\Temp\msqzzamb.com . . ((((((((((((((((((((((((( Files Created from 2015-05-27 to 2015-06-27 ))))))))))))))))))))))))))))))) . . 2015-06-27 18:54 . 2015-06-27 18:54 -------- d-----w- c:\users\Default\AppData\Local\temp 2015-06-27 18:43 . 2015-06-27 18:44 -------- d-----w- C:\AdwCleaner 2015-06-27 18:40 . 2015-06-27 18:40 -------- d-----w- C:\RegBackup 2015-06-26 17:47 . 2015-06-27 18:45 98520 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2015-06-26 17:46 . 2015-06-27 11:37 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2015-06-26 17:46 . 2015-06-26 17:46 -------- d-----w- c:\programdata\Malwarebytes 2015-06-26 17:46 . 2015-06-18 05:41 51928 ----a-w- c:\windows\system32\drivers\mwac.sys 2015-06-26 17:46 . 2015-06-18 05:41 94936 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2015-06-26 17:46 . 2015-06-18 05:41 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-06-24 18:29 . 2015-06-26 17:43 -------- d-----w- C:\FRST 2015-06-10 04:48 . 2015-06-10 04:53 -------- d-----w- c:\users\STANIL\AppData\Local\Microsoft Games . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2015-06-24 12:15 . 2014-11-01 21:49 778416 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2015-06-24 12:15 . 2014-11-01 21:49 142512 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2015-06-02 28785792] "GomTray"="c:\program files\GRETECH\GOMTray\GomTray.exe" [2013-07-04 2384472] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 1690224] "NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-10-04 2462536] "XboxStat"="c:\program files\Microsoft Xbox 360 Accessories\XboxStat.exe" [2009-10-01 718688] "ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-10-04 2197680] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2014-10-07 507776] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "SPReview"="c:\windows\System32\SPReview\SPReview.exe" [2014-10-27 280576] . c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ WDDMStatus.lnk - c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMStatus.exe [2011-3-9 3986944] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 5 (0x5) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableUIADesktopToggle"= 0 (0x0) . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32] "mixer8"=wdmaud.drv . R2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2015-06-18 1871160] R2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2015-06-18 1133880] R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2015-02-18 315488] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2015-03-13 102912] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2015-06-18 23256] R3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2015-06-18 51928] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2015-01-31 15872] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2010-11-20 52224] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] R3 WDC_SAM;WD SCSI Pass Thru driver;c:\windows\system32\DRIVERS\wdcsam.sys [2011-02-16 11520] S1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\DRIVERS\dtsoftbus01.sys [2014-10-26 218688] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-10-04 915784] S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-10-04 1795912] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-10-04 18044232] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-10-16 410768] S2 WDDMService;WDDMService;c:\program files\Western Digital\WD SmartWare\WD Drive Manager\WDDMService.exe [2011-03-09 238592] S2 WDFME;WD File Management Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDFME\WDFME.exe [2011-03-09 1060864] S2 WDSC;WD File Management Shadow Engine;c:\program files\Western Digital\WD SmartWare\Front Parlor\WDSC.exe [2011-03-09 484352] S3 MEI;Intel® Management Engine Interface ;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-10-04 19272] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-09-04 32928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2010-12-28 327784] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1143920] . . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2015-06-24 18:24 990024 ----a-w- c:\program files\Google\Chrome\Application\43.0.2357.130\Installer\chrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2015-06-27 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-01 12:15] .
  8. Мисля, че всичко е изпълнено според указанията. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 26.6.2015 г. Scan Time: 20:48:15 ч. Logfile: Administrator: Yes Version: 2.01.6.1022 Malware Database: v2015.06.26.06 Rootkit Database: v2015.06.26.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: STANIL Scan Type: Threat Scan Result: Completed Objects Scanned: 301381 Time Elapsed: 5 min, 59 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 6 PUP.Optional.LuckyTab.A, HKU\S-1-5-21-2924463148-2046589775-2370302242-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [301ef3cc7e0cb1853a90dd900cf7768a], PUP.Optional.LuckyTab.A, HKU\S-1-5-21-2924463148-2046589775-2370302242-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{51D26BB4-4D2C-4AE4-9873-5FF41B6DED1F}, Quarantined, [301ef3cc7e0cb1853a90dd900cf7768a], PUP.Optional.Delta.A, HKLM\SOFTWARE\delta-homesSoftware, Quarantined, [0c42a41bb5d56fc7d430b66b5da721df], PUP.Optional.Picexa.A, HKLM\SOFTWARE\PicexaSvc, Quarantined, [3e10b20dafdbf4426da49bf6dc29e020], PUP.Optional.WebsSearches.A, HKLM\SOFTWARE\webssearchesSoftware, Quarantined, [82cc5669f8924ee887ca76c4cf35837d], PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB, Quarantined, [fd51c5fa9bef8da9afb217053dc7c23e], Registry Values: 1 PUP.Optional.SupTab.A, HKLM\SOFTWARE\SUPTAB|ptid, kmp, Quarantined, [fd51c5fa9bef8da9afb217053dc7c23e] Registry Data: 0 (No malicious items detected) Folders: 5 PUP.Optional.OpenCandy, C:\Users\STANIL\AppData\Roaming\OpenCandy, Quarantined, [f5597e41a9e1fe388b1d843ed62df30d], PUP.Optional.OpenCandy, C:\Users\STANIL\AppData\Roaming\OpenCandy\C7C7299392314C22A12850BCDE853E3C, Quarantined, [f5597e41a9e1fe388b1d843ed62df30d], PUP.Optional.WebsSearches.A, C:\Users\STANIL\AppData\Roaming\webssearches, Quarantined, [2c22f2cd90fa80b62142f3d5a85b857b], PUP.Optional.WebsSearches.A, C:\Users\STANIL\AppData\Roaming\webssearches\log, Quarantined, [2c22f2cd90fa80b62142f3d5a85b857b], PUP.Optional.APNToolBar.Gen, C:\ProgramData\APN\APN-Stub, Quarantined, [61ed308fd0bae84e2383fdf7709332ce], Files: 4 Backdoor.Bot.ED, C:\Users\STANIL\AppData\Roaming\Identities\msdn.exe, Quarantined, [e668942bccbe55e161ff2939966b4db3], PUP.Optional.OpenCandy, C:\Users\STANIL\AppData\Roaming\OpenCandy\C7C7299392314C22A12850BCDE853E3C\TuneUpUtilities2014WORLDW1D_en-US.exe, Quarantined, [f5597e41a9e1fe388b1d843ed62df30d], PUP.Optional.WebsSearches.A, C:\Users\STANIL\AppData\Roaming\webssearches\UninstallManager.exe, Quarantined, [2c22f2cd90fa80b62142f3d5a85b857b], PUP.Optional.WebsSearches.A, C:\Users\STANIL\AppData\Roaming\webssearches\log\UninstallManager_2015-01-24[15-06-07-802].log, Quarantined, [2c22f2cd90fa80b62142f3d5a85b857b], Physical Sectors: 0 (No malicious items detected) (end) Fixlog.txt
  9. Здравейте, . След стъпка 2 мисля че DelFix, затри логфайла fixlog.txt и не мога да го публикувам. Ако това не е проблем за мен всичко е ОК. Благодаря за помоща,ако това бяха последните стъпки, може да закриваме темата. Показвам лога от DelFix # DelFix v10.8 - Logfile created 18/10/2014 at 16:40:43 # Updated 29/07/2014 by Xplode # Username : Admin - ADMIN-PC # Operating System : Windows 7 Ultimate Service Pack 1 (32 bits) ~ Removing disinfection tools ... Deleted : \FRST Deleted : \AdwCleaner Deleted : C:\Windows\system32\config\systemprofile\Desktop\FRST-OlderVersion Deleted : \ComboFix.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\Addition.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\adwcleaner_3.311.exe Deleted : C:\Windows\system32\config\systemprofile\Desktop\esetsmartinstaller_enu.exe Deleted : C:\Windows\system32\config\systemprofile\Desktop\Fixlog.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\Fixlog1.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\FRST.exe Deleted : C:\Windows\system32\config\systemprofile\Desktop\FRST.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\JRT.exe Deleted : C:\Windows\system32\config\systemprofile\Desktop\JRT.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\log.txt Deleted : C:\Windows\system32\config\systemprofile\Desktop\SecurityCheck.exe Deleted : HKLM\SOFTWARE\AdwCleaner Deleted : HKLM\SOFTWARE\Swearware ~ Cleaning system restore ... Deleted : RP #96 [ComboFix created restore point | 10/18/2014 13:36:02] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  10. Всичко е ок. С изключение на постоянно изскачащ прозорец ,че Malwarebytes Anti-Malware спря да работи.
  11. 2014-10-18 11:36:21, Info CSI 00000009 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:21, Info CSI 0000000a [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:23, Info CSI 0000000c [sR] Verify complete 2014-10-18 11:36:24, Info CSI 0000000d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:24, Info CSI 0000000e [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:26, Info CSI 00000010 [sR] Verify complete 2014-10-18 11:36:26, Info CSI 00000011 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:26, Info CSI 00000012 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:29, Info CSI 00000014 [sR] Verify complete 2014-10-18 11:36:30, Info CSI 00000015 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:30, Info CSI 00000016 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:31, Info CSI 00000018 [sR] Verify complete 2014-10-18 11:36:32, Info CSI 00000019 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:32, Info CSI 0000001a [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:33, Info CSI 0000001c [sR] Verify complete 2014-10-18 11:36:34, Info CSI 0000001d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:34, Info CSI 0000001e [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:35, Info CSI 00000020 [sR] Verify complete 2014-10-18 11:36:36, Info CSI 00000021 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:36, Info CSI 00000022 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:37, Info CSI 00000024 [sR] Verify complete 2014-10-18 11:36:38, Info CSI 00000025 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:38, Info CSI 00000026 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:39, Info CSI 00000028 [sR] Verify complete 2014-10-18 11:36:39, Info CSI 00000029 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:39, Info CSI 0000002a [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:41, Info CSI 0000002c [sR] Verify complete 2014-10-18 11:36:41, Info CSI 0000002d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:41, Info CSI 0000002e [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:44, Info CSI 00000030 [sR] Verify complete 2014-10-18 11:36:44, Info CSI 00000031 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:44, Info CSI 00000032 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:46, Info CSI 00000034 [sR] Verify complete 2014-10-18 11:36:46, Info CSI 00000035 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:46, Info CSI 00000036 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:48, Info CSI 00000038 [sR] Verify complete 2014-10-18 11:36:48, Info CSI 00000039 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:48, Info CSI 0000003a [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:50, Info CSI 0000003c [sR] Verify complete 2014-10-18 11:36:50, Info CSI 0000003d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:50, Info CSI 0000003e [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:52, Info CSI 00000040 [sR] Verify complete 2014-10-18 11:36:52, Info CSI 00000041 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:52, Info CSI 00000042 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:54, Info CSI 00000044 [sR] Verify complete 2014-10-18 11:36:54, Info CSI 00000045 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:54, Info CSI 00000046 [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:56, Info CSI 00000048 [sR] Verify complete 2014-10-18 11:36:56, Info CSI 00000049 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:56, Info CSI 0000004a [sR] Beginning Verify and Repair transaction 2014-10-18 11:36:57, Info CSI 0000004c [sR] Verify complete 2014-10-18 11:36:58, Info CSI 0000004d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:36:58, Info CSI 0000004e [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:00, Info CSI 00000050 [sR] Verify complete 2014-10-18 11:37:01, Info CSI 00000051 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:01, Info CSI 00000052 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:04, Info CSI 00000054 [sR] Verify complete 2014-10-18 11:37:04, Info CSI 00000055 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:04, Info CSI 00000056 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:06, Info CSI 0000005a [sR] Verify complete 2014-10-18 11:37:06, Info CSI 0000005b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:06, Info CSI 0000005c [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:09, Info CSI 00000060 [sR] Verify complete 2014-10-18 11:37:09, Info CSI 00000061 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:09, Info CSI 00000062 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:11, Info CSI 00000064 [sR] Verify complete 2014-10-18 11:37:11, Info CSI 00000065 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:11, Info CSI 00000066 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:14, Info CSI 0000006a [sR] Verify complete 2014-10-18 11:37:14, Info CSI 0000006b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:14, Info CSI 0000006c [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:18, Info CSI 00000076 [sR] Verify complete 2014-10-18 11:37:18, Info CSI 00000077 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:18, Info CSI 00000078 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:21, Info CSI 0000007a [sR] Verify complete 2014-10-18 11:37:21, Info CSI 0000007b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:21, Info CSI 0000007c [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:24, Info CSI 0000007e [sR] Verify complete 2014-10-18 11:37:25, Info CSI 0000007f [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:25, Info CSI 00000080 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:27, Info CSI 00000082 [sR] Verify complete 2014-10-18 11:37:27, Info CSI 00000083 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:27, Info CSI 00000084 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:30, Info CSI 00000086 [sR] Verify complete 2014-10-18 11:37:30, Info CSI 00000087 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:30, Info CSI 00000088 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:33, Info CSI 0000008a [sR] Verify complete 2014-10-18 11:37:34, Info CSI 0000008b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:34, Info CSI 0000008c [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:36, Info CSI 0000008e [sR] Verify complete 2014-10-18 11:37:36, Info CSI 0000008f [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:36, Info CSI 00000090 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:40, Info CSI 00000092 [sR] Verify complete 2014-10-18 11:37:40, Info CSI 00000093 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:40, Info CSI 00000094 [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:47, Info CSI 00000098 [sR] Verify complete 2014-10-18 11:37:48, Info CSI 00000099 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:48, Info CSI 0000009a [sR] Beginning Verify and Repair transaction 2014-10-18 11:37:52, Info CSI 0000009c [sR] Verify complete 2014-10-18 11:37:53, Info CSI 0000009d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:37:53, Info CSI 0000009e [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:00, Info CSI 000000a0 [sR] Verify complete 2014-10-18 11:38:00, Info CSI 000000a1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:00, Info CSI 000000a2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:03, Info CSI 000000a4 [sR] Verify complete 2014-10-18 11:38:03, Info CSI 000000a5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:03, Info CSI 000000a6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:06, Info CSI 000000a8 [sR] Verify complete 2014-10-18 11:38:06, Info CSI 000000a9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:06, Info CSI 000000aa [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:08, Info CSI 000000ac [sR] Verify complete 2014-10-18 11:38:08, Info CSI 000000ad [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:08, Info CSI 000000ae [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:09, Info CSI 000000b0 [sR] Verify complete 2014-10-18 11:38:10, Info CSI 000000b1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:10, Info CSI 000000b2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:11, Info CSI 000000b4 [sR] Verify complete 2014-10-18 11:38:12, Info CSI 000000b5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:12, Info CSI 000000b6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:16, Info CSI 000000cb [sR] Verify complete 2014-10-18 11:38:17, Info CSI 000000cc [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:17, Info CSI 000000cd [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:19, Info CSI 000000d8 [sR] Verify complete 2014-10-18 11:38:20, Info CSI 000000d9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:20, Info CSI 000000da [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:21, Info CSI 000000dc [sR] Verify complete 2014-10-18 11:38:21, Info CSI 000000dd [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:21, Info CSI 000000de [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:23, Info CSI 000000e0 [sR] Verify complete 2014-10-18 11:38:24, Info CSI 000000e1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:24, Info CSI 000000e2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:26, Info CSI 000000e4 [sR] Verify complete 2014-10-18 11:38:26, Info CSI 000000e5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:26, Info CSI 000000e6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:30, Info CSI 000000e8 [sR] Verify complete 2014-10-18 11:38:30, Info CSI 000000e9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:30, Info CSI 000000ea [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:37, Info CSI 000000ed [sR] Verify complete 2014-10-18 11:38:37, Info CSI 000000ee [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:37, Info CSI 000000ef [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:40, Info CSI 000000f1 [sR] Verify complete 2014-10-18 11:38:40, Info CSI 000000f2 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:40, Info CSI 000000f3 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:41, Info CSI 000000f5 [sR] Verify complete 2014-10-18 11:38:42, Info CSI 000000f6 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:42, Info CSI 000000f7 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:43, Info CSI 000000f9 [sR] Verify complete 2014-10-18 11:38:43, Info CSI 000000fa [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:43, Info CSI 000000fb [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:47, Info CSI 000000fd [sR] Verify complete 2014-10-18 11:38:47, Info CSI 000000fe [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:47, Info CSI 000000ff [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:50, Info CSI 00000101 [sR] Verify complete 2014-10-18 11:38:50, Info CSI 00000102 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:50, Info CSI 00000103 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:53, Info CSI 00000105 [sR] Verify complete 2014-10-18 11:38:53, Info CSI 00000106 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:53, Info CSI 00000107 [sR] Beginning Verify and Repair transaction 2014-10-18 11:38:57, Info CSI 00000109 [sR] Verify complete 2014-10-18 11:38:57, Info CSI 0000010a [sR] Verifying 100 (0x00000064) components 2014-10-18 11:38:57, Info CSI 0000010b [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:04, Info CSI 0000012c [sR] Verify complete 2014-10-18 11:39:04, Info CSI 0000012d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:04, Info CSI 0000012e [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:08, Info CSI 00000135 [sR] Verify complete 2014-10-18 11:39:08, Info CSI 00000136 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:08, Info CSI 00000137 [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:14, Info CSI 00000139 [sR] Verify complete 2014-10-18 11:39:14, Info CSI 0000013a [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:14, Info CSI 0000013b [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:27, Info CSI 0000013d [sR] Verify complete 2014-10-18 11:39:27, Info CSI 0000013e [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:27, Info CSI 0000013f [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:37, Info CSI 00000142 [sR] Verify complete 2014-10-18 11:39:37, Info CSI 00000143 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:37, Info CSI 00000144 [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:42, Info CSI 00000146 [sR] Verify complete 2014-10-18 11:39:42, Info CSI 00000147 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:42, Info CSI 00000148 [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:47, Info CSI 0000014a [sR] Verify complete 2014-10-18 11:39:47, Info CSI 0000014b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:47, Info CSI 0000014c [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:50, Info CSI 0000014e [sR] Verify complete 2014-10-18 11:39:50, Info CSI 0000014f [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:50, Info CSI 00000150 [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:55, Info CSI 00000152 [sR] Verify complete 2014-10-18 11:39:55, Info CSI 00000153 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:55, Info CSI 00000154 [sR] Beginning Verify and Repair transaction 2014-10-18 11:39:58, Info CSI 00000156 [sR] Verify complete 2014-10-18 11:39:58, Info CSI 00000157 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:39:58, Info CSI 00000158 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:02, Info CSI 0000015b [sR] Verify complete 2014-10-18 11:40:02, Info CSI 0000015c [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:02, Info CSI 0000015d [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:05, Info CSI 0000015f [sR] Verify complete 2014-10-18 11:40:05, Info CSI 00000160 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:05, Info CSI 00000161 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:20, Info CSI 00000163 [sR] Verify complete 2014-10-18 11:40:20, Info CSI 00000164 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:20, Info CSI 00000165 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:26, Info CSI 00000168 [sR] Verify complete 2014-10-18 11:40:26, Info CSI 00000169 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:26, Info CSI 0000016a [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:31, Info CSI 0000016c [sR] Verify complete 2014-10-18 11:40:31, Info CSI 0000016d [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:31, Info CSI 0000016e [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:35, Info CSI 00000170 [sR] Verify complete 2014-10-18 11:40:35, Info CSI 00000171 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:35, Info CSI 00000172 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:40, Info CSI 00000174 [sR] Verify complete 2014-10-18 11:40:40, Info CSI 00000175 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:40, Info CSI 00000176 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:47, Info CSI 00000179 [sR] Verify complete 2014-10-18 11:40:47, Info CSI 0000017a [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:47, Info CSI 0000017b [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:52, Info CSI 0000017d [sR] Verify complete 2014-10-18 11:40:52, Info CSI 0000017e [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:52, Info CSI 0000017f [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:55, Info CSI 00000181 [sR] Verify complete 2014-10-18 11:40:55, Info CSI 00000182 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:55, Info CSI 00000183 [sR] Beginning Verify and Repair transaction 2014-10-18 11:40:59, Info CSI 00000185 [sR] Verify complete 2014-10-18 11:40:59, Info CSI 00000186 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:40:59, Info CSI 00000187 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:03, Info CSI 0000018a [sR] Verify complete 2014-10-18 11:41:03, Info CSI 0000018b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:03, Info CSI 0000018c [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:07, Info CSI 0000018e [sR] Verify complete 2014-10-18 11:41:07, Info CSI 0000018f [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:07, Info CSI 00000190 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:10, Info CSI 00000192 [sR] Verify complete 2014-10-18 11:41:11, Info CSI 00000193 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:11, Info CSI 00000194 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:13, Info CSI 00000196 [sR] Verify complete 2014-10-18 11:41:14, Info CSI 00000197 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:14, Info CSI 00000198 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:18, Info CSI 0000019a [sR] Verify complete 2014-10-18 11:41:18, Info CSI 0000019b [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:18, Info CSI 0000019c [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:23, Info CSI 000001a0 [sR] Verify complete 2014-10-18 11:41:23, Info CSI 000001a1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:23, Info CSI 000001a2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:27, Info CSI 000001a4 [sR] Verify complete 2014-10-18 11:41:27, Info CSI 000001a5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:27, Info CSI 000001a6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:32, Info CSI 000001a8 [sR] Verify complete 2014-10-18 11:41:32, Info CSI 000001a9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:32, Info CSI 000001aa [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:37, Info CSI 000001ac [sR] Verify complete 2014-10-18 11:41:37, Info CSI 000001ad [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:37, Info CSI 000001ae [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:41, Info CSI 000001b0 [sR] Verify complete 2014-10-18 11:41:41, Info CSI 000001b1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:41, Info CSI 000001b2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:46, Info CSI 000001b4 [sR] Verify complete 2014-10-18 11:41:46, Info CSI 000001b5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:46, Info CSI 000001b6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:48, Info CSI 000001b8 [sR] Verify complete 2014-10-18 11:41:48, Info CSI 000001b9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:48, Info CSI 000001ba [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:51, Info CSI 000001bc [sR] Verify complete 2014-10-18 11:41:52, Info CSI 000001bd [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:52, Info CSI 000001be [sR] Beginning Verify and Repair transaction 2014-10-18 11:41:55, Info CSI 000001c0 [sR] Verify complete 2014-10-18 11:41:56, Info CSI 000001c1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:41:56, Info CSI 000001c2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:00, Info CSI 000001c4 [sR] Verify complete 2014-10-18 11:42:00, Info CSI 000001c5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:00, Info CSI 000001c6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:03, Info CSI 000001c8 [sR] Verify complete 2014-10-18 11:42:04, Info CSI 000001c9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:04, Info CSI 000001ca [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:06, Info CSI 000001cc [sR] Verify complete 2014-10-18 11:42:06, Info CSI 000001cd [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:06, Info CSI 000001ce [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:11, Info CSI 000001d0 [sR] Verify complete 2014-10-18 11:42:11, Info CSI 000001d1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:11, Info CSI 000001d2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:19, Info CSI 000001d4 [sR] Verify complete 2014-10-18 11:42:19, Info CSI 000001d5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:19, Info CSI 000001d6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:30, Info CSI 000001d8 [sR] Verify complete 2014-10-18 11:42:30, Info CSI 000001d9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:30, Info CSI 000001da [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:33, Info CSI 000001dc [sR] Verify complete 2014-10-18 11:42:33, Info CSI 000001dd [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:33, Info CSI 000001de [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:37, Info CSI 000001e0 [sR] Verify complete 2014-10-18 11:42:37, Info CSI 000001e1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:37, Info CSI 000001e2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:39, Info CSI 000001e4 [sR] Verify complete 2014-10-18 11:42:39, Info CSI 000001e5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:39, Info CSI 000001e6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:42, Info CSI 000001e8 [sR] Verify complete 2014-10-18 11:42:42, Info CSI 000001e9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:42, Info CSI 000001ea [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:45, Info CSI 000001ec [sR] Verify complete 2014-10-18 11:42:45, Info CSI 000001ed [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:45, Info CSI 000001ee [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:48, Info CSI 000001f0 [sR] Verify complete 2014-10-18 11:42:48, Info CSI 000001f1 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:48, Info CSI 000001f2 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:51, Info CSI 000001f4 [sR] Verify complete 2014-10-18 11:42:51, Info CSI 000001f5 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:51, Info CSI 000001f6 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:52, Info CSI 000001f8 [sR] Verify complete 2014-10-18 11:42:52, Info CSI 000001f9 [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:52, Info CSI 000001fa [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:53, Info CSI 000001fc [sR] Verify complete 2014-10-18 11:42:53, Info CSI 000001fd [sR] Verifying 100 (0x00000064) components 2014-10-18 11:42:53, Info CSI 000001fe [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:57, Info CSI 00000200 [sR] Verify complete 2014-10-18 11:42:57, Info CSI 00000201 [sR] Verifying 5 components 2014-10-18 11:42:57, Info CSI 00000202 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:58, Info CSI 00000204 [sR] Verify complete 2014-10-18 11:42:58, Info CSI 00000205 [sR] Repairing 0 components 2014-10-18 11:42:58, Info CSI 00000206 [sR] Beginning Verify and Repair transaction 2014-10-18 11:42:58, Info CSI 00000208 [sR] Repair complete + Log Name: Application Source: Microsoft-Windows-Wininit Date: 18.10.2014 г. 12:16:35 ч. Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: Admin-PC Description: Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... Cleaning up instance tags for file 0x138b0. 219392 file records processed. File verification completed. 280 large file records processed. 0 bad file records processed. 2 EA records processed. 27 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 273708 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 219392 file SDs/SIDs processed. Cleaning up 1504 unused index entries from index $SII of file 0x9. Cleaning up 1504 unused index entries from index $SDH of file 0x9. Cleaning up 1504 unused security descriptors. Security descriptor verification completed. 27159 data files processed. CHKDSK is verifying Usn Journal... 37215464 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 219376 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 3563080 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system. 52432895 KB total disk space. 37760344 KB in 148925 files. 95056 KB in 27160 indexes. 0 KB in bad sectors. 325171 KB in use by the system. 65536 KB occupied by the log file. 14252324 KB available on disk. 4096 bytes in each allocation unit. 13108223 total allocation units on disk. 3563081 allocation units available on disk. Internal Info: 00 59 03 00 e0 af 02 00 69 f1 04 00 00 00 00 00 .Y......i....... 70 65 00 00 1b 00 00 00 00 00 00 00 00 00 00 00 pe.............. 38 5f 5a 00 50 01 58 00 98 1a 58 00 00 00 58 00 8_Z.P.X...X...X. Windows has finished checking your disk. Please wait while your computer restarts. Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" /> <EventID Qualifiers="16384">1001</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-10-18T09:16:35.000000000Z" /> <EventRecordID>142832</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>Admin-PC</Computer> <Security /> </System> <EventData> <Data> Checking file system on C: The type of the file system is NTFS. A disk check has been scheduled. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 5)... Cleaning up instance tags for file 0x138b0. 219392 file records processed. File verification completed. 280 large file records processed. 0 bad file records processed. 2 EA records processed. 27 reparse records processed. CHKDSK is verifying indexes (stage 2 of 5)... 273708 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 5)... 219392 file SDs/SIDs processed. Cleaning up 1504 unused index entries from index $SII of file 0x9. Cleaning up 1504 unused index entries from index $SDH of file 0x9. Cleaning up 1504 unused security descriptors. Security descriptor verification completed. 27159 data files processed. CHKDSK is verifying Usn Journal... 37215464 USN bytes processed. Usn Journal verification completed. CHKDSK is verifying file data (stage 4 of 5)... 219376 files processed. File data verification completed. CHKDSK is verifying free space (stage 5 of 5)... 3563080 free clusters processed. Free space verification is complete. CHKDSK discovered free space marked as allocated in the master file table (MFT) bitmap. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system. 52432895 KB total disk space. 37760344 KB in 148925 files. 95056 KB in 27160 indexes. 0 KB in bad sectors. 325171 KB in use by the system. 65536 KB occupied by the log file. 14252324 KB available on disk. 4096 bytes in each allocation unit. 13108223 total allocation units on disk. 3563081 allocation units available on disk. Internal Info: 00 59 03 00 e0 af 02 00 69 f1 04 00 00 00 00 00 .Y......i....... 70 65 00 00 1b 00 00 00 00 00 00 00 00 00 00 00 pe.............. 38 5f 5a 00 50 01 58 00 98 1a 58 00 00 00 58 00 8_Z.P.X...X...X. Windows has finished checking your disk. Please wait while your computer restarts. </Data> </EventData> </Event>
  12. здравейте, ще го оставим за неделя
  13. Здравейте, Системата се по забърза. Често излиза прозорец че програмата Malwarebytes Anti-Malware не фунционира правилно и че ще трябва да бъде затворена. Настройките на WINDOWS продължават да се губят. Все повече се замислям за преинстал. Results of screen317's Security Check version 0.99.88 Windows 7 Service Pack 1 x86 (UAC is disabled!) Internet Explorer 11 ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! AVG Anti-Virus Free Edition 2012 Antivirus up to date! (On Access scanning disabled!) `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 7 Java version out of Date! Adobe Flash Player 11.7.700.202 Flash Player out of Date! Adobe Reader 9 Adobe Reader out of Date! Mozilla Firefox (33.0) ````````Process Check: objlist.exe by Laurent```````` Malwarebytes Anti-Malware mbamservice.exe AVG avgwdsvc.exe AVG avgtray.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 2% ````````````````````End of Log``````````````````````
  14. След рестарт се получи. ComboFix 14-10-04.01 - SYSTEM 10.2014 г. 16:08:01.2.4 - x86 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.3574.2425 [GMT 3:00] Running from: c:\windows\system32\config\systemprofile\Desktop\ComboFix.exe Command switches used :: c:\windows\system32\config\systemprofile\Desktop\CFScript.txt.txt AV: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0} SP: AVG Anti-Virus Free Edition 2012 *Disabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} * Created a new restore point . FILE :: "d:\for pc\BSPlayer\keymakerBSplayer.exe" "d:\for pc\MediaInfo_GUI_0.7.41_Windows_i386.exe" "d:\for pc\pf-setup-en.exe" "d:\for pc\SoftonicDownloader_for_directx.exe" "d:\for pc\YouTube-Vbox7-video-download\Gomplayerensetup.exe" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . d:\for pc\BSPlayer\keymakerBSplayer.exe d:\for pc\MediaInfo_GUI_0.7.41_Windows_i386.exe d:\for pc\pf-setup-en.exe d:\for pc\SoftonicDownloader_for_directx.exe d:\for pc\YouTube-Vbox7-video-download\Gomplayerensetup.exe . . ((((((((((((((((((((((((( Files Created from 2014-09-12 to 2014-10-12 ))))))))))))))))))))))))))))))) . . 2014-10-12 13:14 . 2014-10-12 13:14 -------- d-----w- c:\users\nov\AppData\Local\temp 2014-10-12 13:14 . 2014-10-12 13:14 -------- d-----w- c:\users\Default\AppData\Local\temp 2014-10-12 13:14 . 2014-10-12 13:14 -------- d-----w- c:\users\Azaq\AppData\Local\temp 2014-10-12 13:14 . 2014-10-12 13:14 -------- d-----w- c:\users\Admin\AppData\Local\temp 2014-10-11 14:20 . 2014-05-08 09:06 2742784 ----a-w- c:\windows\system32\rdpcorets.dll 2014-10-11 14:20 . 2014-05-08 09:06 13824 ----a-w- c:\windows\system32\RdpGroupPolicyExtension.dll 2014-10-11 14:15 . 2014-10-11 14:15 -------- d-sh--w- c:\windows\system32\config\systemprofile\AppData\Local\EmieSiteList 2014-10-11 13:55 . 2014-10-11 13:55 -------- d-----w- c:\program files\AGEIA Technologies 2014-10-11 13:55 . 2014-09-13 20:05 613696 ----a-w- c:\windows\system32\nvStreaming.exe 2014-10-11 06:26 . 2014-10-11 12:42 110296 ----a-w- c:\windows\system32\drivers\48230029.sys 2014-10-07 20:52 . 2014-10-07 20:52 -------- d-----w- c:\program files\ESET 2014-10-07 20:41 . 2014-10-12 13:15 110296 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2014-10-07 20:40 . 2014-10-07 20:40 -------- d-----w- c:\program files\Malwarebytes Anti-Malware 2014-10-07 20:40 . 2014-10-07 20:40 -------- d-----w- c:\programdata\Malwarebytes 2014-10-07 20:40 . 2014-05-12 04:26 51928 ----a-w- c:\windows\system32\drivers\mwac.sys 2014-10-07 20:40 . 2014-05-12 04:25 74456 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2014-10-07 20:40 . 2014-05-12 04:25 23256 ----a-w- c:\windows\system32\drivers\mbam.sys 2014-10-06 17:13 . 2014-10-12 13:15 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\temp 2014-10-06 17:00 . 2014-09-14 23:08 8806800 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{164F8E9A-0A5B-4CFD-9166-41F99008A6F9}\mpengine.dll 2014-10-06 16:54 . 2014-10-06 16:54 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\TuneUp Software 2014-10-06 16:52 . 2014-10-06 16:52 -------- d-----w- c:\users\Default\AppData\Local\NVIDIA Corporation 2014-10-06 16:50 . 2014-08-18 21:30 646144 ----a-w- c:\windows\system32\MsSpellCheckingFacility.exe 2014-10-06 16:50 . 2014-06-27 01:45 2285056 ----a-w- c:\windows\system32\msmpeg2vdec.dll 2014-10-05 12:30 . 2014-10-05 12:30 -------- d-----w- c:\windows\ERUNT 2014-10-05 12:16 . 2014-10-05 12:56 -------- d-----w- C:\AdwCleaner 2014-10-05 06:38 . 2014-10-05 12:26 -------- d-----w- C:\FRST 2014-10-04 16:58 . 2014-09-17 02:13 1291280 ----a-w- c:\windows\system32\nvspbridge.dll 2014-10-04 16:57 . 2014-09-04 19:14 32928 ----a-w- c:\windows\system32\drivers\nvvad32v.sys 2014-10-04 16:51 . 2014-10-04 16:51 -------- d-----w- c:\program files\MSXML 4.0 2014-10-04 16:47 . 2013-04-09 23:34 1247744 ----a-w- c:\windows\system32\DWrite.dll 2014-10-04 14:56 . 2014-10-11 19:30 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\vlc 2014-10-04 14:56 . 2014-10-04 14:56 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\GRETECH 2014-10-04 14:55 . 2014-10-04 14:55 -------- d-----w- c:\windows\Migration 2014-10-04 14:23 . 2014-10-04 14:38 -------- d-----w- c:\windows\system32\MRT 2014-10-04 14:16 . 2012-07-26 03:20 73216 ----a-w- c:\windows\system32\WUDFSvc.dll 2014-10-04 14:16 . 2012-07-26 03:20 38912 ----a-w- c:\windows\system32\WUDFCoinstaller.dll 2014-10-04 14:16 . 2012-07-26 03:20 172032 ----a-w- c:\windows\system32\WUDFPlatform.dll 2014-10-04 14:16 . 2012-07-26 02:33 66560 ----a-w- c:\windows\system32\drivers\WUDFPf.sys 2014-10-04 14:16 . 2012-07-26 02:32 155136 ----a-w- c:\windows\system32\drivers\WUDFRd.sys 2014-10-04 14:16 . 2012-07-26 03:21 196608 ----a-w- c:\windows\system32\WUDFHost.exe 2014-10-04 14:16 . 2012-07-26 03:20 613888 ----a-w- c:\windows\system32\WUDFx.dll 2014-10-04 14:15 . 2014-03-09 21:47 99480 ----a-w- c:\windows\system32\infocardapi.dll 2014-10-04 14:15 . 2014-06-30 22:14 8856 ----a-w- c:\windows\system32\icardres.dll 2014-10-04 14:15 . 2014-03-09 21:47 619672 ----a-w- c:\windows\system32\icardagt.exe 2014-10-04 14:15 . 2014-06-06 06:16 35480 ----a-w- c:\windows\system32\TsWpfWrp.exe 2014-10-04 14:15 . 2012-03-01 05:46 19824 ----a-w- c:\windows\system32\drivers\fs_rec.sys 2014-10-04 14:15 . 2012-03-01 05:29 5120 ----a-w- c:\windows\system32\wmi.dll 2014-10-04 14:12 . 2010-02-11 07:10 293376 ----a-w- c:\windows\system32\browserchoice.exe 2014-10-04 14:01 . 2013-05-10 04:56 12625408 ----a-w- c:\windows\system32\wmploc.DLL 2014-10-04 14:01 . 2013-05-10 03:48 164864 ----a-w- c:\program files\Windows Media Player\wmplayer.exe 2014-10-04 13:54 . 2014-10-04 13:54 69632 ----a-w- c:\windows\system32\smss.exe 2014-10-04 13:54 . 2014-10-04 13:54 640512 ----a-w- c:\windows\system32\advapi32.dll 2014-10-04 13:54 . 2014-10-04 13:54 619520 ----a-w- c:\windows\system32\tdh.dll 2014-10-04 13:54 . 2014-10-04 13:54 38912 ----a-w- c:\windows\system32\csrsrv.dll 2014-10-04 13:54 . 2014-10-04 13:54 1289096 ----a-w- c:\windows\system32\ntdll.dll 2014-10-04 13:54 . 2014-10-04 13:54 231424 ----a-w- c:\windows\system32\mswsock.dll 2014-10-04 13:54 . 2014-10-04 13:54 49152 ----a-w- c:\windows\system32\taskhost.exe 2014-10-04 13:52 . 2014-10-04 13:52 1505280 ----a-w- c:\windows\system32\d3d11.dll 2014-10-04 13:44 . 2011-12-16 07:52 690688 ----a-w- c:\windows\system32\msvcrt.dll 2014-10-04 13:44 . 2013-10-05 19:57 1168384 ----a-w- c:\windows\system32\crypt32.dll 2014-10-04 13:44 . 2013-07-09 04:46 140288 ----a-w- c:\windows\system32\cryptsvc.dll 2014-10-04 13:44 . 2013-07-09 04:46 103936 ----a-w- c:\windows\system32\cryptnet.dll 2014-10-04 13:44 . 2013-07-12 10:07 86016 ----a-w- c:\windows\system32\drivers\usbcir.sys 2014-10-04 13:44 . 2014-06-03 09:29 936960 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\journal.dll 2014-10-04 13:42 . 2012-10-09 17:40 44032 ----a-w- c:\windows\system32\dhcpcsvc6.dll 2014-10-04 13:41 . 2014-06-18 01:52 399360 ----a-w- c:\program files\Common Files\Microsoft Shared\ink\tabskb.dll 2014-10-04 13:40 . 2013-06-15 03:38 31232 ----a-w- c:\windows\system32\drivers\tssecsrv.sys 2014-10-04 13:31 . 2014-04-12 02:15 67520 ----a-w- c:\windows\system32\drivers\ksecdd.sys 2014-10-04 13:31 . 2014-04-12 02:15 136640 ----a-w- c:\windows\system32\drivers\ksecpkg.sys 2014-10-04 13:31 . 2014-04-12 02:12 15872 ----a-w- c:\windows\system32\sspisrv.dll 2014-10-04 13:31 . 2014-04-12 02:12 100352 ----a-w- c:\windows\system32\sspicli.dll 2014-10-04 13:31 . 2014-04-12 02:12 22016 ----a-w- c:\windows\system32\secur32.dll 2014-10-04 13:31 . 2014-04-12 02:11 22528 ----a-w- c:\windows\system32\lsass.exe 2014-10-04 13:31 . 2013-07-04 12:16 369848 ----a-w- c:\windows\system32\drivers\cng.sys 2014-10-04 13:31 . 2013-02-27 04:49 47104 ----a-w- c:\windows\system32\appinfo.dll 2014-10-04 13:27 . 2014-05-14 16:23 45536 ----a-w- c:\windows\system32\wups2.dll 2014-10-04 13:27 . 2014-05-14 16:23 54240 ----a-w- c:\windows\system32\wuauclt.exe 2014-10-04 13:27 . 2014-05-14 16:23 1973728 ----a-w- c:\windows\system32\wuaueng.dll 2014-10-04 13:27 . 2014-05-14 16:17 2425856 ----a-w- c:\windows\system32\wucltux.dll 2014-10-04 13:27 . 2014-05-14 16:23 36320 ----a-w- c:\windows\system32\wups.dll 2014-10-04 13:27 . 2014-05-14 16:23 581600 ----a-w- c:\windows\system32\wuapi.dll 2014-10-04 13:27 . 2014-05-14 16:17 92672 ----a-w- c:\windows\system32\wudriver.dll 2014-10-04 13:27 . 2014-05-14 06:23 179656 ----a-w- c:\windows\system32\wuwebv.dll 2014-10-04 13:27 . 2014-05-14 06:17 33792 ----a-w- c:\windows\system32\wuapp.exe 2014-10-04 13:25 . 2014-10-11 14:57 -------- d-----w- c:\windows\system32\%LocalAppData% 2014-10-04 12:22 . 2014-10-04 12:22 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\NVIDIA 2014-10-03 17:19 . 2014-10-03 18:28 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Adobe 2014-10-03 16:53 . 2014-10-05 17:04 -------- d-----r- c:\program files\Skype 2014-10-03 16:53 . 2014-10-03 16:53 -------- d-----w- c:\program files\Common Files\Skype 2014-10-01 21:00 . 2014-10-01 21:11 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\uTorrent 2014-09-29 17:57 . 2014-09-29 17:57 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Macromedia 2014-09-29 17:49 . 2014-09-29 17:49 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\EMU 2014-09-29 17:49 . 2014-09-29 17:49 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Warner Bros. Interactive Entertainment 2014-09-29 17:44 . 2014-09-29 17:44 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Mozilla 2014-09-29 17:42 . 2014-09-29 17:42 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Skype 2014-09-29 17:42 . 2014-10-12 13:04 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\Skype 2014-09-29 17:31 . 2014-09-29 17:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\CyberLink 2014-09-29 17:31 . 2014-09-29 17:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Cyberlink SoftDMA 2014-09-29 17:31 . 2014-09-29 17:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Roaming\AVG2012 2014-09-29 17:31 . 2014-09-29 17:31 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\CyberLink 2014-09-29 17:31 . 2014-09-29 17:31 -------- d-----w- c:\users\Default\AppData\Local\NVIDIA 2014-09-29 17:29 . 2014-09-29 17:29 -------- d-----w- c:\windows\system32\config\systemprofile\AppData\Local\Banamalon 2014-09-29 17:23 . 2014-10-04 16:42 -------- d-----w- c:\users\TEMP 2014-09-21 08:10 . 2014-09-21 08:10 -------- d-----w- c:\users\Admin\AppData\Local\Banamalon 2014-09-21 08:09 . 2014-09-21 08:11 -------- d-----w- c:\users\Admin\AppData\Roaming\Banamalon 2014-09-20 14:53 . 2014-09-20 14:53 -------- d-----w- c:\users\stanil1 2014-09-20 14:45 . 2014-09-20 14:45 -------- d-----w- c:\users\Guest 2014-09-19 18:21 . 2014-09-19 18:21 -------- d-----w- C:\OLTemp 2014-09-19 17:35 . 2013-01-14 14:22 205312 ----a-w- c:\windows\system32\drivers\qcusbser.sys 2014-09-19 17:35 . 2009-02-05 05:59 25728 ----a-w- c:\windows\system32\drivers\androidusb.sys 2014-09-19 17:35 . 2014-09-19 17:35 -------- d-----w- c:\program files\Smart Suite . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2014-09-17 02:13 . 2013-12-26 13:34 2193560 ----a-w- c:\windows\system32\nvspcap.dll 2014-09-15 06:06 . 2012-06-23 14:36 231568 ------w- c:\windows\system32\MpSigStub.exe 2014-09-13 23:45 . 2013-12-26 13:29 16875856 ----a-w- c:\windows\system32\nvd3dum.dll 2014-09-13 23:45 . 2012-06-23 14:15 867528 ----a-w- c:\windows\system32\nvumdshim.dll 2014-09-13 23:45 . 2012-06-23 14:15 2838424 ----a-w- c:\windows\system32\nvapi.dll 2014-09-13 23:45 . 2012-06-23 14:15 18106152 ----a-w- c:\windows\system32\nvwgf2um.dll 2014-09-13 21:06 . 2012-06-23 14:16 4458128 ----a-w- c:\windows\system32\nvcpl.dll 2014-09-13 21:06 . 2012-06-23 14:16 3069128 ----a-w- c:\windows\system32\nvsvc.dll 2014-09-13 21:06 . 2013-12-26 13:32 2555200 ----a-w- c:\windows\system32\nvsvcr.dll 2014-09-13 21:06 . 2012-06-23 14:16 669896 ----a-w- c:\windows\system32\nvvsvc.exe 2014-09-13 21:06 . 2012-06-23 14:16 61768 ----a-w- c:\windows\system32\nvshext.dll 2014-09-13 21:06 . 2012-06-23 14:16 375112 ----a-w- c:\windows\system32\nvmctray.dll 2014-09-04 19:14 . 2013-12-26 13:29 32416 ----a-w- c:\windows\system32\nvaudcap32v.dll 2014-08-11 16:06 . 2012-10-23 19:14 42784 ----a-w- c:\windows\system32\drivers\avgtpx86.sys 2014-07-24 23:35 . 2014-07-24 23:35 875688 ----a-w- c:\windows\system32\msvcr120_clr0400.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay] @="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}" [HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}] 2014-08-08 07:34 579400 ----a-w- c:\program files\Google\Drive\googledrivesync32.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2014-08-27 22041192] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HDAudDeck"="c:\program files\VIA\VIAudioi\VDeck\VDeck.exe" [2010-08-11 1690224] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2013-05-08 41056] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576] "AVG_TRAY"="c:\program files\AVG\AVG2012\avgtray.exe" [2012-11-19 2598520] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-07-03 252848] "ShadowPlay"="c:\windows\system32\nvspcap.dll" [2014-09-17 2193560] "NvBackend"="c:\program files\NVIDIA Corporation\Update Core\NvBackend.exe" [2014-09-17 2460488] "PowerDVD13Agent"="c:\program files\CyberLink\PowerDVD13\PowerDVD13Agent.exe" [2013-05-03 513048] "DVAPTray"="c:\windows\System32\DVAPTray.exe" [2009-10-30 188416] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\Currentversion\policies\explorer\Run] "38526"="c:\progra~2\LOCALS~1\Temp\mspuean.com" [bU] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG2012\avgrsx.exe /sync /restart . R2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [2014-04-03 315008] R3 AEXPAM;Philips SmartManage Service;c:\windows\system32\Drivers\aexpamdrv.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys [2010-11-20 62464] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe [2014-10-04 108032] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2012-08-23 14848] R3 Sony PC Companion;Sony PC Companion;c:\program files\Sony\Sony PC Companion\PCCService.exe [2013-02-04 155824] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys [2010-11-20 77184] R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\DRIVERS\teamviewervpn.sys [2012-11-28 25088] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys [2012-08-23 24064] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys [2013-10-02 49152] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys [2010-11-20 112640] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys [x] S0 AVGIDSHX;AVGIDSHX;c:\windows\system32\DRIVERS\avgidshx.sys [2012-04-19 24896] S0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\DRIVERS\avgrkx86.sys [2012-01-31 31952] S0 sptd;sptd;c:\windows\System32\Drivers\sptd.sys [2012-06-23 691696] S1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\DRIVERS\avgldx86.sys [2012-11-08 250080] S1 Avgtdix;AVG TDI Driver;c:\windows\system32\DRIVERS\avgtdix.sys [2013-04-11 302368] S1 avgtp;avgtp;c:\windows\system32\drivers\avgtpx86.sys [2014-08-11 42784] S2 {09F57980-3432-4AFC-957D-27AC45FAE1F5};Power Control [2014/01/12 17:57];c:\program files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl [2013-05-03 08:20 76560] S2 avgwd;AVG WatchDog;c:\program files\AVG\AVG2012\avgwdsvc.exe [2012-02-14 193288] S2 CyberLink PowerDVD 13 Media Server Monitor Service;CyberLink PowerDVD 13 Media Server Monitor Service;c:\program files\CyberLink\PowerDVD13\Kernel\DMS\CLMSMonitorServicePDVD13.exe [2013-05-03 77576] S2 CyberLink PowerDVD 13 Media Server Service;CyberLink PowerDVD 13 Media Server Service;c:\program files\CyberLink\PowerDVD13\Kernel\DMS\CLMSServerPDVD13.exe [2013-05-03 323336] S2 GfExperienceService;NVIDIA GeForce Experience Service;c:\program files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2014-09-17 915784] S2 MBAMScheduler;MBAMScheduler;c:\program files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720] S2 MBAMService;MBAMService;c:\program files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472] S2 NvNetworkService;NVIDIA Network Service;c:\program files\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-09-17 1795912] S2 NvStreamSvc;NVIDIA Streamer Service;c:\program files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2014-09-17 18044744] S2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe [2014-09-13 410952] S2 UNS;Intel® Management and Security Application User Notification Service;c:\program files\Intel\Intel® Management Engine Components\UNS\UNS.exe [2010-12-20 2656280] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2014-05-12 23256] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys [2014-10-12 110296] S3 MBAMWebAccessControl;MBAMWebAccessControl;c:\windows\system32\drivers\mwac.sys [2014-05-12 51928] S3 MEI;Intel® Management Engine Interface;c:\windows\system32\DRIVERS\HECI.sys [2010-10-19 41088] S3 NvStreamKms;NvStreamKms;c:\program files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-09-17 19272] S3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);c:\windows\system32\drivers\nvvad32v.sys [2014-09-04 32928] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt86win7.sys [2011-06-10 394856] S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-08-04 1143920] . . --- Other Services/Drivers In Memory --- . *NewlyCreated* - MBAMSWISSARMY . Contents of the 'Scheduled Tasks' folder . 2014-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 19:12] . 2014-10-12 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2013-05-30 19:12] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\OFFICE11\EXCEL.EXE/3000 TCP: DhcpNameServer = 192.168.0.1 FF - ProfilePath - c:\windows\System32\config\systemprofile\AppData\Roaming\Mozilla\Firefox\Profiles\kzn7ax0t.default\ FF - prefs.js: browser.startup.homepage - hxxps://www.google.bg/?gws_rd=ssl . . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\services\{09F57980-3432-4AFC-957D-27AC45FAE1F5}] "ImagePath"="\??\c:\program files\CyberLink\PowerDVD13\Common\NavFilter\000.fcl" . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32] @="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil32_11_4_402_287_ActiveX.exe" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*] @="?????????????????? v1" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*1*\CLSID] @="{E23FE9C6-778E-49D4-B537-38FCDE4887D8}" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*] @="?????????????????? v2" . [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\VideoLAN.VLCPlugin.*2*\CLSID] @="{9BE31822-FDAD-461B-AD51-BE1D1C159921}" . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . ------------------------ Other Running Processes ------------------------ . c:\progra~1\AVG\AVG2012\avgrsx.exe c:\program files\AVG\AVG2012\avgcsrvx.exe c:\windows\system32\nvvsvc.exe c:\program files\NVIDIA Corporation\Display\nvxdsync.exe c:\windows\system32\nvvsvc.exe c:\program files\Common Files\InterVideo\DeviceService\DevSvc.exe c:\windows\system32\conhost.exe c:\windows\system32\taskhost.exe c:\program files\AVG\AVG2012\avgnsx.exe c:\windows\system32\conhost.exe c:\windows\system32\conhost.exe c:\program files\AVG\AVG2012\avgemcx.exe c:\windows\System32\rundll32.exe c:\program files\NVIDIA Corporation\Display\nvtray.exe c:\program files\Windows Media Player\wmpnetwk.exe c:\program files\Intel\Intel® Management Engine Components\LMS\LMS.exe . ************************************************************************** . Completion time: 2014-10-12 16:22:27 - machine was rebooted ComboFix-quarantined-files.txt 2014-10-12 13:22 ComboFix2.txt 2014-10-06 17:13 . Pre-Run: 13 990 633 472 bytes free Post-Run: 13 958 070 272 bytes free . - - End Of File - - 543EF43198C6B18D1438846D9B71E9C9 A36C5E4F47E84449FF07ED3517B43A31
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.