Премини към съдържанието

galeniq

Потребител
  • Публикации

    25
  • Регистрация

  • Последно онлайн

Харесвания

0 Неутрална репутация

Всичко за galeniq

  • Титла
    Потребител
  1. Здравейте, все още не съм преинсталирал, но успях да възстановя всички файлове които бяха на C. След един back up всичко си дойде на мястото за C:, но за другите дискове не бях направил back up, а и бях изключил recovery за тях, и файловете на тях са все още криптирани/снимки и документи/. Но открих нещо друга докато се рових на PC прикачам го като файл. След като ги разгледате, можели все нещо да се направи.мисла че единия е някакъв ключ. Doc1.doc
  2. Здравей. Благодаря, за отговора.Очаквам още от едно място да ги погледнат и ще пиша какво е станало.И може след това да изчистим системата . ще пиша.
  3. Здравейте. Приложим съм логовете както е описано. На компа имам 3 операционни системи win 7/ 32 и 64/ и Xp. Преди един ден ми си криптираха файловете след зараза с CTB locker. Успях да почистя компа с есет нод он-лайн скенер и spyhunter.Деинсталирах старата антивирусна Panda и инсталирах Аvira. Освен това с kaspersky rescue disk също се опитах най първо да почистя PC но не стана. Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 07-12-2014 02 Ran by petargani (administrator) on PETARGANI-PC on 08-12-2014 21:18:24 Running from C:\Users\petargani\Desktop Loaded Profile: petargani (Available profiles: petargani) Platform: Windows 7 Ultimate Service Pack 1 (X64) OS Language: English (United States) Internet Explorer Version 9 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe (AMD) C:\Windows\System32\atieclxx.exe (Hewlett-Packard Company) C:\Windows\System32\hpservice.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Realtek Semiconductor Corp.) C:\Windows\RtsCM64.exe (IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe (Intel® Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe () C:\Windows\SysWOW64\PnkBstrA.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\AntiVir Desktop\avshadow.exe (Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe (Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (IVT Corporation) C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RtsCM] => C:\Windows\RTSCM64.EXE [153816 2013-11-14] (Realtek Semiconductor Corp.) HKLM\...\Run: [sysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1703424 2013-11-06] (IDT, Inc.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2804976 2013-10-25] (Synaptics Incorporated) HKLM-x32\...\Run: [uSB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-20] (Intel Corporation) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation) HKLM-x32\...\Run: [safePCRepair AppIntegrator 64-bit] => C:\PROGRA~2\SAFEPC~2\bar\1.bin\AppIntegrator64.exe HKLM-x32\...\Run: [Avira Systray] => C:\Program Files (x86)\Avira\My Avira\Avira.OE.Systray.exe [126200 2014-11-20] (Avira Operations GmbH & Co. KG) HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe [702768 2014-11-24] (Avira Operations GmbH & Co. KG) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-509082093-3467205270-1909939526-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3514176 2011-11-10] (DT Soft Ltd) HKU\S-1-5-21-509082093-3467205270-1909939526-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1 ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION HKU\S-1-5-21-509082093-3467205270-1909939526-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bg HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = Toolbar: HKLM-x32 - No Name - {B821BF60-5C2D-41EB-92DC-3E4CCD3A22E4} - No File DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies) Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 FireFox: ======== FF ProfilePath: C:\Users\petargani\AppData\Roaming\Mozilla\Firefox\Profiles\yag1aACX.default FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF Extension: Avira Browser Safety - C:\Users\petargani\AppData\Roaming\Mozilla\Firefox\Profiles\yag1aACX.default\Extensions\abs@avira.com [2014-12-07] Chrome: ======= CHR HomePage: Default -> hxxp://google.bg/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR DefaultSuggestURL: Default -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter} CHR Profile: C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2014-10-04] CHR Extension: (Google Docs) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-10-04] CHR Extension: (Google Drive) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-10-04] CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-12-07] CHR Extension: (YouTube) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-10-04] CHR Extension: (Google Search) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-10-04] CHR Extension: (Google Sheets) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2014-10-04] CHR Extension: (Google Wallet) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-10-04] CHR Extension: (Gmail) - C:\Users\petargani\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-10-04] CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - No Path ==================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG) R2 AntiVirService; C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [431920 2014-11-24] (Avira Operations GmbH & Co. KG) R2 Avira.OE.ServiceHost; C:\Program Files (x86)\Avira\My Avira\Avira.OE.ServiceHost.exe [166192 2014-11-20] (Avira Operations GmbH & Co. KG) R2 BlueSoleilCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BlueSoleilCS.exe [1626872 2013-01-31] (IVT Corporation) R3 BsHelpCS; C:\Program Files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BsHelpCS.exe [138752 2013-01-10] (IVT Corporation) [File not signed] R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 hpHotkeyMonitor; C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [681760 2013-10-16] (Hewlett-Packard Company) R3 hpqwmiex; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe [1006424 2013-01-23] (Hewlett-Packard Company) [File not signed] R2 Intel® ME Service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe [130592 2012-10-21] (Intel Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe [166432 2012-10-21] (Intel Corporation) R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [66872 2014-11-05] () R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [340480 2013-11-06] (IDT, Inc.) [File not signed] S2 panda_url_filteringService; C:\ProgramData\Panda Security URL Filtering\Panda_URL_Filteringb.exe -- [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R0 amdkmpfd; C:\Windows\System32\DRIVERS\amdkmpfd.sys [36520 2012-09-14] (Advanced Micro Devices, Inc.) R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [119272 2014-11-24] (Avira Operations GmbH & Co. KG) R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [131608 2014-11-24] (Avira Operations GmbH & Co. KG) R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [28600 2014-11-24] (Avira Operations GmbH & Co. KG) U5 BlueletAudio; C:\Windows\System32\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation) R3 BtAudioBusSrv; C:\Windows\System32\Drivers\BtAudioBus.sys [23136 2012-06-15] (IVT Corporation) R3 BthL2caScoIfSrv; C:\Windows\System32\Drivers\BtL2caScoIf.sys [56904 2012-07-19] (Ralink Corporation) R3 btUrbFilterDrv; C:\Windows\System32\Drivers\IvtUrbBtFlt.sys [49632 2012-12-05] (Ralink Corporation) R3 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [279616 2014-09-11] (DT Soft Ltd) S3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] () S3 RSP2STOR; C:\Windows\System32\DRIVERS\RtsP2Stor.sys [290520 2013-08-18] (Realtek Semiconductor Corp.) R3 rtbth; C:\Windows\System32\DRIVERS\rtbth.sys [692832 2012-10-09] (Ralink Technology, Corp.) U5 RTSPER; C:\Windows\System32\Drivers\RTSPER.sys [429272 2013-08-21] (Realsil Semiconductor Corporation) R3 rtsuvc; C:\Windows\System32\DRIVERS\rtsuvc.sys [8876248 2013-11-14] (Realtek Semiconductor Corp.) R0 sptd; C:\Windows\System32\Drivers\sptd.sys [530488 2014-10-02] () [File not signed] U3 awix9yoz; C:\Windows\System32\Drivers\awix9yoz.sys [0 ] (Advanced Micro Devices) U5 BlueletAudio; C:\Windows\SysWOW64\Drivers\BlueletAudio.sys [33968 2012-12-19] (IVT Corporation) S3 panda_url_filteringd; \??\C:\ProgramData\Panda Security URL Filtering\panda_url_filteringd.sys [X] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-08 21:18 - 2014-12-08 21:19 - 00013308 _____ () C:\Users\petargani\Desktop\FRST.txt 2014-12-08 21:18 - 2014-12-08 21:18 - 00000000 ____D () C:\FRST 2014-12-08 21:16 - 2014-12-08 21:16 - 02119680 _____ (Farbar) C:\Users\petargani\Desktop\FRST64.exe 2014-12-08 21:06 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-12-08 21:06 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-12-08 21:06 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-12-08 21:06 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-12-08 21:06 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-12-08 21:06 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll 2014-12-08 21:06 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2014-12-08 21:06 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe 2014-12-08 19:49 - 2014-12-08 19:49 - 00490040 _____ (NCH Software) C:\Users\petargani\Desktop\meofreesetup.exe 2014-12-08 19:49 - 2014-12-08 19:49 - 00001088 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\MEO Encryption Software.lnk 2014-12-08 19:49 - 2014-12-08 19:49 - 00001076 _____ () C:\Users\Public\Desktop\MEO Encryption Software.lnk 2014-12-08 19:49 - 2014-12-08 19:49 - 00000000 ____D () C:\Windows\System32\Tasks\NCH Software 2014-12-08 19:49 - 2014-12-08 19:49 - 00000000 ____D () C:\ProgramData\NCH Software 2014-12-08 19:49 - 2014-12-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Utilities 2014-12-08 19:49 - 2014-12-08 19:49 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NCH Software Suite 2014-12-08 19:49 - 2014-12-08 19:49 - 00000000 ____D () C:\Program Files (x86)\NCH Software 2014-12-08 19:17 - 2014-12-08 19:17 - 00000000 ____D () C:\ProgramData\Doctor Web 2014-12-08 19:06 - 2014-12-08 19:06 - 00000000 ____D () C:\Users\petargani\Doctor Web 2014-12-07 23:56 - 2014-12-07 23:56 - 00620232 _____ (Kaspersky Lab ZAO) C:\Users\petargani\Desktop\xoristdecryptor.exe 2014-12-07 23:21 - 2014-12-07 23:21 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\Avira 2014-12-07 23:16 - 2014-12-07 23:16 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\Mozilla 2014-12-07 23:16 - 2014-11-24 10:23 - 00131608 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys 2014-12-07 23:16 - 2014-11-24 10:23 - 00119272 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys 2014-12-07 23:16 - 2014-11-24 10:23 - 00028600 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avkmgr.sys 2014-12-07 23:15 - 2014-12-08 01:03 - 00000000 ____D () C:\Users\petargani\Desktop\Nikiti_2014 2014-12-07 23:14 - 2014-12-07 23:16 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira 2014-12-07 23:14 - 2014-12-07 23:16 - 00000000 ____D () C:\Program Files (x86)\Avira 2014-12-07 23:14 - 2014-12-07 23:14 - 00001133 _____ () C:\Users\Public\Desktop\Avira.lnk 2014-12-07 23:04 - 2014-12-08 00:57 - 00000000 ____D () C:\Program Files\Recuva 2014-12-07 23:04 - 2014-12-07 23:04 - 00001618 _____ () C:\Users\Public\Desktop\Recuva.lnk 2014-12-07 23:04 - 2014-12-07 23:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva 2014-12-07 22:00 - 2014-12-07 23:16 - 00000000 ____D () C:\ProgramData\Avira 2014-12-07 21:40 - 2014-12-07 21:40 - 04549888 _____ (Avira Operations & Co. KG) C:\Users\petargani\Desktop\avira_en_av_5697363724__ws.exe 2014-12-07 20:57 - 2014-12-07 20:58 - 00000000 ____D () C:\AdwCleaner 2014-12-07 20:57 - 2014-12-07 20:57 - 00000055 _____ () C:\AdwCleanerDebug.txt 2014-12-07 20:43 - 2014-12-07 20:43 - 00002292 _____ () C:\Users\petargani\Desktop\SpyHunter.lnk 2014-12-07 20:43 - 2014-12-07 20:43 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter 2014-12-07 19:52 - 2014-12-07 19:52 - 00000105 _____ () C:\prefs.js 2014-12-07 18:52 - 2014-12-07 18:52 - 00000000 ____D () C:\Program Files (x86)\Enigma Software Group 2014-12-07 18:51 - 2014-12-07 20:46 - 00000000 ____D () C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP 2014-12-07 18:51 - 2014-12-07 18:51 - 00011348 _____ () C:\Users\petargani\Desktop\SafeMSI.zip 2014-12-07 18:36 - 2014-12-07 18:36 - 00000000 ____D () C:\Program Files (x86)\ESET 2014-12-07 18:35 - 2014-12-07 21:48 - 00000000 ____D () C:\Users\petargani\Desktop\Patch 2014-12-07 18:35 - 2014-12-07 18:28 - 46175312 ____R () C:\Users\petargani\Desktop\spyhunterS4.exe 2014-12-07 18:18 - 2014-12-07 18:21 - 00010240 ___SH () C:\Users\petargani\Documents\Thumbs.db 2014-12-07 18:03 - 2014-12-07 18:03 - 01754248 _____ () C:\Users\petargani\Downloads\Adaware_Installer.exe 2014-12-07 18:03 - 2014-12-07 18:03 - 00000000 ____D () C:\ProgramData\Lavasoft 2014-12-07 16:58 - 2014-12-07 19:41 - 00000000 ____D () C:\Kaspersky Rescue Disk 10.0 2014-12-07 14:53 - 2014-12-07 14:53 - 00003152 _____ () C:\Windows\System32\Tasks\{5D41422A-2F01-4D5E-9FCA-B752A52FD595} 2014-12-07 14:53 - 2014-12-07 14:53 - 00000000 ____D () C:\Users\petargani\Desktop\Kaspersky Rescue2Usb 2014-12-07 14:45 - 2014-12-07 14:45 - 00000440 __RSH () C:\Users\petargani\ntuser.pol 2014-12-07 14:38 - 2014-12-07 14:38 - 00387584 _____ () C:\Users\petargani\Desktop\rescue2usb.exe 2014-12-07 14:37 - 2014-12-07 14:40 - 308926464 _____ () C:\Users\petargani\Desktop\kav_rescue_10.iso 2014-12-06 12:22 - 2014-12-07 19:28 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\PETARGANI-PC 2014-11-16 17:11 - 2011-08-24 10:53 - 00194560 _____ (NSSI) C:\Users\petargani\Downloads\IZBOR.exe 2014-11-16 16:59 - 2014-11-16 17:01 - 00000000 ____D () C:\Users\petargani\Desktop\Interik ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-08 21:15 - 2014-09-11 22:05 - 01147713 _____ () C:\Windows\WindowsUpdate.log 2014-12-08 21:07 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-12-08 20:31 - 2014-10-19 14:20 - 00000998 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-12-08 19:06 - 2014-09-11 22:10 - 00000000 ____D () C:\Users\petargani 2014-12-08 19:04 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-08 19:04 - 2009-07-14 06:45 - 00021072 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-08 19:01 - 2009-07-14 07:13 - 00782154 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-08 19:00 - 2013-02-22 12:59 - 00000983 _____ () C:\Windows\SysWOW64\bscs.ini 2014-12-08 18:56 - 2014-10-19 14:20 - 00000994 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-12-08 18:56 - 2014-09-12 01:26 - 00003620 _____ () C:\Windows\SysWOW64\LOCALSERVICE.INI 2014-12-08 18:56 - 2014-09-12 01:26 - 00000043 _____ () C:\Windows\SysWOW64\LOCALDEVICE.INI 2014-12-08 18:56 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-08 18:55 - 2009-07-14 06:51 - 00006506 _____ () C:\Windows\setupact.log 2014-12-08 00:35 - 2010-11-21 05:47 - 00146674 _____ () C:\Windows\PFRO.log 2014-12-07 23:14 - 2014-09-12 00:18 - 00000000 ____D () C:\ProgramData\Package Cache 2014-12-07 23:03 - 2014-10-21 17:53 - 00003958 _____ () C:\Windows\System32\Tasks\User_Feed_Synchronization-{179DD86F-A325-4443-9938-246106148463} 2014-12-07 21:01 - 2014-09-12 00:28 - 00108840 _____ () C:\Users\petargani\AppData\Local\GDIPFONTCACHEV1.DAT 2014-12-07 20:59 - 2014-09-12 01:05 - 00000000 ____D () C:\Program Files (x86)\Panda Security 2014-12-07 20:59 - 2009-07-14 06:45 - 00416024 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-12-07 20:58 - 2014-10-21 18:05 - 00000000 ____D () C:\Windows\system32\log 2014-12-07 20:43 - 2014-09-27 14:07 - 00000000 ____D () C:\Windows\system32\appmgmt 2014-12-07 19:51 - 2014-09-12 01:05 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\Panda Security 2014-12-07 19:51 - 2014-09-12 01:01 - 00000000 ____D () C:\ProgramData\Panda Security 2014-12-07 14:42 - 2009-07-14 05:20 - 00000000 ___HD () C:\Windows\system32\GroupPolicy 2014-12-06 18:10 - 2014-11-05 21:15 - 00000000 ____D () C:\Windows\System32\Tasks\Games 2014-12-06 17:14 - 2014-09-12 01:21 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\uTorrent 2014-12-06 17:14 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\AppCompat 2014-12-06 17:13 - 2014-10-19 14:30 - 00000000 ____D () C:\Users\petargani\Documents\PP2000-22.14 2014-12-06 17:13 - 2014-09-12 00:32 - 00000000 ____D () C:\Users\petargani\AppData\Roaming\Skype 2014-12-06 17:13 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\registration 2014-12-06 17:12 - 2014-10-22 22:52 - 00000000 ____D () C:\ProgramData\Synaptics 2014-12-06 17:12 - 2014-09-11 23:48 - 00000000 __RHD () C:\MSOCache 2014-12-06 12:30 - 2014-10-04 21:48 - 00167728 _____ () C:\Users\petargani\Downloads\1427_7AL.rar.ftelhdd 2014-12-06 12:28 - 2014-10-01 22:49 - 00000000 ____D () C:\Users\petargani\.VirtualBox 2014-12-06 12:25 - 2014-09-12 00:00 - 00000000 ____D () C:\ProgramData\AMD 2014-12-06 12:25 - 2014-09-11 23:55 - 00000000 ____D () C:\Program Files\ATI Technologies 2014-12-06 00:01 - 2014-10-04 21:48 - 01032832 ____H () C:\Users\petargani\AppData\Local\IconCache.db.ftelhdd 2014-12-04 21:39 - 2014-10-04 21:48 - 00010640 _____ () C:\Users\petargani\Desktop\Dogovor motoped sapruzi.doc.ftelhdd 2014-12-04 21:26 - 2014-10-04 21:48 - 00010384 _____ () C:\Users\petargani\Desktop\Dogovor motoped.doc.ftelhdd 2014-12-03 19:51 - 2014-10-04 21:48 - 00008000 _____ () C:\Users\petargani\Desktop\549_Dogovor_prodajba_mps.doc.ftelhdd 2014-12-02 23:54 - 2014-10-04 21:48 - 00210192 _____ () C:\Users\petargani\Desktop\GaniTatko.docx.ftelhdd 2014-11-28 21:48 - 2009-07-14 05:20 - 00000000 ____D () C:\Windows\system32\NDF 2014-11-26 19:33 - 2014-09-27 14:11 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2014-11-24 14:04 - 2010-11-21 05:27 - 00275080 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-11-16 16:56 - 2014-10-04 21:48 - 00061184 _____ () C:\Users\petargani\Downloads\IZBOR.zip.ftelhdd 2014-11-16 12:36 - 2014-10-04 21:48 - 00014256 _____ () C:\Users\petargani\Downloads\ReportEGN.xls.ftelhdd 2014-11-14 23:29 - 2014-10-04 21:48 - 977828320 _____ () C:\Users\petargani\Desktop\iGO9.6.7.281004_Nexus7.zip.ftelhdd 2014-11-13 22:26 - 2014-10-19 14:20 - 00003994 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2014-11-13 22:26 - 2014-10-19 14:20 - 00003742 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore Some content of TEMP: ==================== C:\Users\petargani\AppData\Local\Temp\avgnt.exe C:\Users\petargani\AppData\Local\Temp\ose00000.exe C:\Users\petargani\AppData\Local\Temp\Quarantine.exe C:\Users\petargani\AppData\Local\Temp\SkypeSetup.exe C:\Users\petargani\AppData\Local\Temp\sqlite3.dll ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-12-06 11:28 ==================== End Of Log ============================ Addition.txt
  4. Здравейте. Незнам дали тук е точния раздел, където да се пише, ако модераторите преценят да преместят темата. Преди един ден ми излезна , всички файлове са ми криптирани /CTB locker/ и искаха парички.Успях да премахна заразата от PC но файловете ми останаха криптиране/ документи снимки и др./ Моля, дайте съвет за някоя читава програма за декриптиране или някакъв начин да си декриптирам файловете, че полудявам . . За първи път ми се случва. Ако трябва ще приложа файл.
  5. няма картина на монитора

    Да знам че са стари, но в момента не ми се дават пари за PC ново. Пък и ги ползвам само за сърфиране и гледане на филми и работа, за игри не.
  6. няма картина на монитора

    Имам 2 Pc. едното е с дъно което си прикачил, /а другото е с дъно Asrock P4i65G с което съм в момента и ползвам/. Та става въпрос за това което си прикачил че при него нямам картина.
  7. няма картина на монитора

    да и монитора и кабела и видеото сa тествани. В момента съм с този кабел и този монитор , а видеото не става за това PC. слота на това дъно за видеото е AGP. за разлика от другото което ползвах до преди няколко дни.
  8. няма картина на монитора

    С кое по точно със слота на дъното за картата ли? защото на друго Pc си зарежда картата и няма проблеми.
  9. няма картина на монитора

    Стартирането се чува през тонколонките.
  10. няма картина на монитора

    Монитора е Hanns-G 19 инча
  11. Здравейте. Незнам дали темата е точно за тук, но имам следния проблем при стартиране на компа се чува характерния звук, pc си стартира windows Xp си зарежда, но нямам картина на монитора, та не е от видео картата пробвана е на друго PC, по дъното всичко си е ок на око, не е от рам паметта, дайте малко хелп.Монитора си работи без проблем с другото PC. Това ми е модела дъно К8N4 E -SE AMD Socket 754 CPU - NVIDIA® nForce™ 4 4X - PCI Express Architecture - Gigabit LAN - 4 SATA RAID Ports - 10 USB2.0 Ports видео карта ATI Radeon X550/ATI Radeon X300 Моля, за съвет от какво може да е
  12. Как да си overclock PC-то

    Колеги. Ще прочета ще се опитам и ще ви кажа как съм се справил.
  13. Как да си overclock PC-то

    А това са ми дъното и процесора
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.