Премини към съдържанието

Kras4ooo

Потребител
  • Публикации

    183
  • Регистрация

  • Последно онлайн

Харесвания

33 Добра репутация

1 Последовател

Всичко за Kras4ooo

  • Титла
    Почетен потребител
  • Рожден ден 9.08.1994

Информация

  • Пол
    Мъж
  • Град
    София
  • Интереси
    Компютри-Софтуер

Контакти

  • Skype
    game_boy90
  • Facebook
    Няма
  • Google+
    Няма
  • Twitter
    Няма
  • ICQ
    Няма
  • Yahoo
    Няма
  • Интернет сайт
    http://www.comptehn.com

Последни посетители

Информацията с последните посетители на профила ви е изключена и не се показва на другите потребители.

  1. Благодаря за почистването и ще изпълня стъпките които сте написали по-горе. Имам само едно питане Delfix.exe ще изтрие ли Malwarebytes, защто тя е с лиценз ?
  2. Здравейте, Относно обновяването на Adobe Reader беше неуспешно, защото най-новата версия не е съвместима с Windows XP. Затова инсталирах отново старата. Относно състоянието на системата: мисля, че няма съществена разлика, но все пак е почистена, което е благодарение на вас и аз съм доволен от този факт. Относно файловете все още са криптирани, но това е разбираемо. Вие още в първия коментар казахте, че няма декриптор. Прикачил съм логовете които поискахте. Fixlog.txt ESETScan2.txt
  3. Здравейте, Имам логове от всички скенери с изключение на EmsisoftEmergencyKit , защото получих следното съобщение: This program cannot be run on Windows versions prior to Windows7 Другите логове са прикачени в коментара ми. mbam.txt HitmanPro_20161004_2152.xml ESETScan.txt checkup.txt
  4. Здравейте, Изпълних командите както описахте по-горе. По средата на почистването се включи 360 Total Security ( той засече FRST, като опасност ), но веднага го махнах. Мисля, че не се отрази на почистванет, но това ще го видите от лога. Fixlog.txt
  5. Заповядайте FRST.txt Addition.txt
  6. Първо искам да благодаря за отговора и за информацията, която ми дадохте относно криптиращия вирус. Първоначално не успях да стартирам успешно ESETNecursCleaner.exe след това пуснах програмата като администратор и тя се стартира успешно. Прилагам всички логове от нея. Прикачил съм всички поискани логове. Още един път благодаря за времето което отделяте и за помощта която ми оказвате! ESETNecursCleaner.exe_20161001.152045.2136.log ESETNecursCleaner.exe_20161001.152137.3396.log ESETNecursCleaner.exe_20161001.152149.324.log FRST.txt Addition.txt
  7. Здравейте, май съм лепнал познатият ви вече "Криптиращ вирус". Това, което прави е, че в момента не мога да отворя много файлове. Ще се радвам ако може да се намери някакво решение. Благодаря предварително! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 28-09-2016 Ran by jeny (ATTENTION: The user is not administrator) on ALADIN-3FL-1 (30-09-2016 22:35:41) Running from C:\Documents and Settings\jeny\Desktop Loaded Profiles: jeny (Available Profiles: Administrator & jeny) Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States) Internet Explorer Version 8 (Default browser: IE) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) Failed to access process -> smss.exe Failed to access process -> csrss.exe Failed to access process -> winlogon.exe Failed to access process -> services.exe Failed to access process -> lsass.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> svchost.exe Failed to access process -> QHActiveDefense.exe Failed to access process -> spoolsv.exe Failed to access process -> HeciServer.exe Failed to access process -> Jhi_service.exe Failed to access process -> KaraokeSer.exe Failed to access process -> LMS.exe Failed to access process -> mbamscheduler.exe Failed to access process -> UNS.exe Failed to access process -> alg.exe Failed to access process -> QHWatchdog.exe Failed to access process -> svchost.exe (VIA Technologies, Inc.) C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\Application\chrome.exe Failed to access process -> wmiprvse.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [HDAudDeck] => C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe [41118320 2011-12-06] (VIA Technologies, Inc.) HKLM\...\Run: [QHSafeTray] => C:\Program Files\360\Total Security\safemon\QHSafeTray.exe [1474168 2015-12-11] (QIHU 360 SOFTWARE CO. LIMITED) HKLM\...\Run: [KernelFaultCheck] => %systemroot%\system32\dumprep 0 -k HKU\S-1-5-21-507921405-1614895754-682003330-1388\...\Run: [Google Update] => C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [144200 2015-08-17] (Google Inc.) SecurityProviders: msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll Startup: C:\Documents and Settings\jeny\Start Menu\Programs\Startup\printirane.bat [2015-12-08] () ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{98DAB270-EF89-48E0-9CA9-298A36CF1DC1}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-507921405-1614895754-682003330-1388\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION HKU\S-1-5-21-507921405-1614895754-682003330-1388\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2012-04-04] (Adobe Systems Incorporated) FireFox: ======== FF Plugin: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation) FF Plugin: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation) FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2012-04-04] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-507921405-1614895754-682003330-1388: @tools.google.com/Google Update;version=3 -> C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF Plugin HKU\S-1-5-21-507921405-1614895754-682003330-1388: @tools.google.com/Google Update;version=9 -> C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Update\1.3.31.5\npGoogleUpdate3.dll [2016-07-29] (Google Inc.) FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2013-06-17] [not signed] Chrome: ======= CHR Profile: C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default [2016-09-30] CHR Extension: (Google Slides) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-17] CHR Extension: (Google Docs) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-08-17] CHR Extension: (Google Drive) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-23] CHR Extension: (YouTube) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-29] CHR Extension: (Google Search) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-28] CHR Extension: (Google Sheets) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-17] CHR Extension: (Google Docs Offline) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-16] CHR Extension: (No Name) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2016-09-30] CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-04-06] CHR Extension: (Gmail) - C:\Documents and Settings\jeny\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-17] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) "4530d40c9f91a1aa" => service could not be unlocked. <===== ATTENTION "TlntSvr" => service could not be unlocked. <===== ATTENTION "WmiApRpl" => service could not be unlocked. <===== ATTENTION R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [462048 2012-04-20] (Intel(R) Corporation) R2 jhi_service; C:\Program Files\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation) R2 KaraokeService; C:\WINDOWS\system32\KaraokeSer.exe [88688 2011-11-11] (VIA Technologies, Inc.) R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-04-14] (Malwarebytes Corporation) S2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1080120 2015-04-14] (Malwarebytes Corporation) R2 QHActiveDefense; C:\Program Files\360\Total Security\safemon\QHActiveDefense.exe [903288 2015-12-11] (QIHU 360 SOFTWARE CO. LIMITED) S4 syshost32; "C:\WINDOWS\Installer\{6513E56E-7AD5-CBD4-B0ED-C0A990D6628F}\syshost.exe" /service [X] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 360AntiHacker; C:\WINDOWS\System32\Drivers\360AntiHacker.sys [122448 2015-12-11] (360.cn) S3 360AvFlt; C:\WINDOWS\System32\drivers\360AvFlt.sys [66128 2015-12-11] (360.cn) S3 360Box; C:\WINDOWS\System32\DRIVERS\360Box.sys [204368 2015-12-11] (360.cn) S3 360Camera; C:\WINDOWS\System32\Drivers\360Camera.sys [34888 2015-04-02] (360.cn) S1 360SelfProtection; C:\WINDOWS\System32\drivers\360SelfProtection.sys [179152 2015-12-11] (360安全中心) S1 BAPIDRV; C:\WINDOWS\System32\DRIVERS\BAPIDRV.sys [177232 2015-12-11] (360.cn) S1 EfiMon; C:\WINDOWS\System32\Drivers\Efimon.sys [23248 2015-12-11] (360.cn) S0 HookPort; C:\WINDOWS\System32\DRIVERS\hookport.sys [60368 2015-12-11] (360安全中心) S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [23256 2015-04-14] (Malwarebytes Corporation) S3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-24] (Malwarebytes Corporation) R3 MEI; C:\WINDOWS\System32\DRIVERS\HECI.sys [55104 2012-07-02] (Intel Corporation) R0 mv61xxmm; C:\WINDOWS\system32\Drivers\mv61xxmm.sys [14184 2013-01-09] (Marvell Semiconductor Inc.) R0 mv64xxmm; C:\WINDOWS\system32\Drivers\mv64xxmm.sys [5632 2013-01-09] (Marvell Semiconductor Inc.) [File not signed] R0 mvxxmm; C:\WINDOWS\system32\Drivers\mvxxmm.sys [14184 2013-01-09] (Marvell Semiconductor Inc.) S3 qutmdserv; C:\WINDOWS\system32\drivers\qutmdrv.sys [301264 2015-12-11] (360.cn) S1 qutmipc; C:\WINDOWS\system32\drivers\qutmipc.sys [53960 2015-12-11] (360.cn) R3 VIAHdAudAddService; C:\WINDOWS\System32\drivers\viahduaa.sys [2820608 2011-12-02] (VIA Technologies, Inc.) U5 4530d40c9f91a1aa; C:\Windows\System32\Drivers\4530d40c9f91a1aa.sys [86016 2015-06-19] () <===== ATTENTION Necurs Rootkit? S5 TlntSvr; <===== ATTENTION: Locked Service U5 WmiApRpl; <===== ATTENTION: Locked Service U1 WS2IFSL; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-30 22:34 - 2016-09-30 22:34 - 01754624 _____ (Farbar) C:\Documents and Settings\jeny\Desktop\FRST.exe 2016-09-25 13:17 - 2016-09-30 22:35 - 00011773 _____ C:\Documents and Settings\jeny\Desktop\FRST.txt 2016-09-25 13:17 - 2016-09-25 13:17 - 00016266 _____ C:\Documents and Settings\jeny\Desktop\Addition.txt 2016-09-25 13:13 - 2016-09-30 22:35 - 00000000 ____D C:\FRST 2016-09-25 12:52 - 2016-09-30 21:30 - 00000007 _____ C:\WINDOWS\system32\ANIWZCSUSERNAME 2016-09-25 12:48 - 2016-09-25 12:48 - 00000000 ____D C:\Program Files\D-Link ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2016-09-30 22:35 - 2013-06-13 18:10 - 00000000 ____D C:\Documents and Settings\jeny\Local Settings\Temp 2016-09-30 22:33 - 2015-06-24 09:30 - 00000000 ____D C:\Documents and Settings\jeny\Application Data\360WD 2016-09-30 22:32 - 2013-06-18 15:57 - 00000438 ____H C:\WINDOWS\Tasks\User_Feed_Synchronization-{ABBF9751-7A97-4FFE-8F32-C47FDE461873}.job 2016-09-30 22:28 - 2015-06-23 18:04 - 00000000 __SHD C:\$360Section 2016-09-30 22:28 - 2015-06-23 18:03 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\360Quarant 2016-09-30 22:28 - 2015-06-23 18:02 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\360TotalSecurity 2016-09-30 22:20 - 2013-06-12 01:07 - 00559818 _____ C:\WINDOWS\system32\PerfStringBackup.INI 2016-09-30 22:15 - 2013-06-12 01:01 - 00000000 ___HD C:\WINDOWS\inf 2016-09-30 22:14 - 2015-06-24 09:23 - 00136464 _____ C:\WINDOWS\system32\FNTCACHE.DAT 2016-09-30 22:14 - 2013-06-11 17:28 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT 2016-09-30 22:13 - 2013-06-14 10:28 - 00000000 ____D C:\Documents and Settings\administrator.SYSADMIN 2016-09-30 22:13 - 2013-06-13 18:10 - 00000000 ____D C:\Documents and Settings\jeny 2016-09-30 22:13 - 2013-06-11 17:30 - 00000000 ____D C:\Documents and Settings\Administrator 2016-09-30 22:13 - 2013-06-11 17:28 - 00000000 __SHD C:\Documents and Settings\LocalService 2016-09-30 22:13 - 2013-06-11 17:25 - 00000000 __SHD C:\Documents and Settings\NetworkService 2016-09-30 22:12 - 2013-06-11 17:18 - 00000000 ____D C:\WINDOWS\Registration 2016-09-30 22:05 - 2013-06-12 01:01 - 00000000 RSHDC C:\WINDOWS\system32\dllcache 2016-09-30 22:04 - 2016-08-22 19:31 - 00000000 ____D C:\Documents and Settings\jeny\Local Settings\Application Data\panda 2016-09-30 22:04 - 2016-08-22 14:06 - 00000000 ____D C:\Program Files\pandasecuritytb 2016-09-30 22:04 - 2016-08-22 14:06 - 00000000 ____D C:\Program Files\Panda Security URL Filtering 2016-09-30 22:04 - 2016-08-22 14:05 - 00000000 ____D C:\Program Files\Panda Security 2016-09-30 22:04 - 2015-06-23 11:22 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2016-09-30 22:03 - 2015-06-24 09:36 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Malwarebytes Anti-Malware 2016-09-30 22:03 - 2013-06-11 17:53 - 00000000 ___HD C:\Program Files\InstallShield Installation Information 2016-09-30 22:03 - 2013-06-11 17:51 - 00000000 ____D C:\Program Files\Common Files\InstallShield 2016-09-30 22:02 - 2016-08-22 14:06 - 00524288 _____ C:\WINDOWS\system32\config\Nano.evt 2016-09-30 21:59 - 2016-08-19 19:50 - 00335656 _____ C:\WINDOWS\ntbtlog.txt 2016-09-30 21:58 - 2013-06-11 17:28 - 00031926 _____ C:\WINDOWS\SchedLgU.Txt 2016-09-30 21:30 - 2008-04-14 14:00 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl 2016-09-25 14:17 - 2013-06-12 01:01 - 00000000 ____D C:\WINDOWS\Network Diagnostic 2016-09-25 13:59 - 2015-08-17 16:13 - 00000974 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskUserS-1-5-21-507921405-1614895754-682003330-1388UA.job 2016-09-25 13:00 - 2013-06-12 01:01 - 00000000 ____D C:\WINDOWS\system 2016-09-02 18:19 - 2013-06-17 12:15 - 00000000 ____D C:\Documents and Settings\jeny\Desktop\ALADIN ==================== Files in the root of some directories ======= 2015-06-19 09:21 - 2016-08-18 12:23 - 0008656 _____ () C:\Documents and Settings\jeny\Application Data\HELP_DECRYPT.HTML 2015-06-19 09:21 - 2016-08-18 12:23 - 0045776 _____ () C:\Documents and Settings\jeny\Application Data\HELP_DECRYPT.PNG 2015-06-19 09:21 - 2016-08-18 12:23 - 0004288 _____ () C:\Documents and Settings\jeny\Application Data\HELP_DECRYPT.TXT 2015-06-19 09:21 - 2015-06-19 09:21 - 0000300 _____ () C:\Documents and Settings\jeny\Application Data\HELP_DECRYPT.URL 2016-08-18 12:23 - 2016-08-18 12:23 - 3276854 _____ () C:\Documents and Settings\jeny\Application Data\README.bmp 2016-08-18 12:23 - 2016-08-18 12:23 - 0238187 _____ () C:\Documents and Settings\jeny\Application Data\README.html 2016-08-18 12:23 - 2016-08-18 12:23 - 0001659 _____ () C:\Documents and Settings\jeny\Application Data\README.txt 2015-06-19 09:21 - 2016-08-18 12:23 - 0008656 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\HELP_DECRYPT.HTML 2015-06-19 09:21 - 2016-08-18 12:23 - 0045776 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\HELP_DECRYPT.PNG 2015-06-19 09:21 - 2016-08-18 12:23 - 0004288 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\HELP_DECRYPT.TXT 2015-06-19 09:21 - 2015-06-19 09:21 - 0000300 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\HELP_DECRYPT.URL 2016-08-18 12:23 - 2016-08-18 12:23 - 3276854 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\README.bmp 2016-08-18 12:23 - 2016-08-18 12:23 - 0238187 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\README.html 2016-08-18 12:23 - 2016-08-18 12:23 - 0001659 _____ () C:\Documents and Settings\jeny\Application Data\Microsoft\README.txt 2014-04-15 09:32 - 2014-04-29 14:38 - 0005632 _____ () C:\Documents and Settings\jeny\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2013-07-12 17:01 - 2015-12-30 11:48 - 0004096 ____H () C:\Documents and Settings\jeny\Local Settings\Application Data\keyfile3.drm 2016-08-18 12:32 - 2016-08-18 12:32 - 3276854 _____ () C:\Documents and Settings\jeny\Local Settings\Application Data\README.bmp 2016-08-18 12:32 - 2016-08-18 12:32 - 0238187 _____ () C:\Documents and Settings\jeny\Local Settings\Application Data\README.html 2016-08-18 12:32 - 2016-08-18 12:32 - 0001659 _____ () C:\Documents and Settings\jeny\Local Settings\Application Data\README.txt 2015-06-19 09:21 - 2015-06-19 09:21 - 0008620 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.HTML 2015-06-19 09:21 - 2015-06-19 09:21 - 0045735 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.PNG 2015-06-19 09:21 - 2015-06-19 09:21 - 0004250 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.TXT 2015-06-19 09:21 - 2015-06-19 09:21 - 0000300 _____ () C:\Documents and Settings\All Users\Application Data\HELP_DECRYPT.URL Some files in TEMP: ==================== C:\Documents and Settings\jeny\Local Settings\Temp\avgnt.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\WINDOWS\explorer.exe => File is digitally signed C:\WINDOWS\system32\winlogon.exe => File is digitally signed C:\WINDOWS\system32\svchost.exe => File is digitally signed C:\WINDOWS\system32\services.exe => File is digitally signed C:\WINDOWS\system32\User32.dll => File is digitally signed C:\WINDOWS\system32\userinit.exe => File is digitally signed C:\WINDOWS\system32\rpcss.dll => File is digitally signed C:\WINDOWS\system32\dnsapi.dll => File is digitally signed C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed ==================== End of FRST.txt ============================ Addition.txt
  8. Проблема го оправих, темата може да се затваря . Върнах нещата от Malwarebytes изтрих го от контролният панел и след това с Malwarebytes почистих и остатъците. Вече рекламите ги няма.
  9. Здравейте. Прихванъл съм Razor web ads, уж го изтрих на повече браузъри, но на Chrome все още си седи и не се маха, непрекъснато излизат реклами и това е доста дразнещо, следвах определени стъпки за нулиране на настройки, изтриване на история, но все още го има проблема. Ето логовете от FRST: FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-07-2015 Ran by PC (administrator) on HP (01-08-2015 13:08:31) Running from C:\Users\PC\Desktop Loaded Profiles: PC (Available Profiles: PC) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Hewlett-Packard) C:\Windows\System32\hpservice.exe (Andrea Electronics Corporation) C:\Windows\System32\AEADISRV.EXE (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (© 2015 Microsoft Corporation) C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe () C:\Program Files (x86)\T-Mobile\Connection Manager\BackgroundService\ServiceManager.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (Analog Devices, Inc.) C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QLBCTRL.exe () C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe ( Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\VolCtrl.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe (Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\Com4QLBEx.exe (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_18_0_0_209.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SoundMAX] => C:\Program Files (x86)\Analog Devices\SoundMAX\soundmax.exe [3866624 2009-05-18] (Analog Devices, Inc.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2095912 2010-05-14] (Synaptics Incorporated) HKLM-x32\...\Run: [SoundMAXPnP] => C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe [1314816 2009-05-18] (Analog Devices, Inc.) HKLM-x32\...\Run: [QlbCtrl.exe] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch Buttons\QlbCtrl.exe [287800 2010-02-25] ( Hewlett-Packard Development Company, L.P.) HKLM-x32\...\Run: [T-Mobile ModemListener] => C:\Program Files (x86)\T-Mobile\Connection Manager\Background\ModemListener.exe [117624 2012-04-25] () Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3887599759-1120334359-667510920-1000\...\Run: [BingSvc] => C:\Users\PC\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-3887599759-1120334359-667510920-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4471536 2015-05-21] (Disc Soft Ltd) HKU\S-1-5-21-3887599759-1120334359-667510920-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8322328 2015-05-08] (Piriform Ltd) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-3887599759-1120334359-667510920-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation) Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{A285274F-B331-4B8B-8FAB-429EE5B07847}: [DhcpNameServer] 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w8ez55re.default FF SearchEngineOrder.3: Bing FF SelectedSearchEngine: Bing FF Homepage: hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP FF Keyword.URL: hxxp://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_209.dll [2015-07-31] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-14] ( Microsoft Corporation) FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-31] () FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll [2014-02-13] ( Microsoft Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-23] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.1.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2013-11-11] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-3887599759-1120334359-667510920-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\PC\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-12-05] (Unity Technologies ApS) FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml [2015-01-29] FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-01-29] FF Extension: Bing Search - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\w8ez55re.default\Extensions\bingsearch.full@microsoft.com [2015-05-29] FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-07-08] FF HKLM-x32\...\Firefox\Extensions: [ff-bmboc@bytemobile.com] - C:\Program Files (x86)\T-Mobile\Connection Manager\addon FF Extension: Bytemobile Optimization Client - C:\Program Files (x86)\T-Mobile\Connection Manager\addon [2013-11-23] Chrome: ======= CHR Profile: C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Slides) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-02-17] CHR Extension: (Google Docs) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-02-17] CHR Extension: (Google Drive) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-02-17] CHR Extension: (YouTube) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-02-17] CHR Extension: (Google Search) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-02-17] CHR Extension: (Google Sheets) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-02-17] CHR Extension: (Google Wallet) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-02-17] CHR Extension: (Gmail) - C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-02-17] (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AEADIFilters; C:\Windows\system32\AEADISRV.EXE [111616 2008-07-15] (Andrea Electronics Corporation) R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusService.exe [1272560 2015-05-21] (Disc Soft Ltd) R2 HPSLPSVC; C:\Users\PC\AppData\Local\Temp\7zS3345\hpslpsvc64.dll [1039360 2013-07-19] (Hewlett-Packard Co.) [File not signed] S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\LENOVO\easyplussdk\bin\EPHotspot64.exe [625640 2015-04-24] (Lenovo) S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation) R2 Modem Device Helper; C:\Program Files (x86)\T-Mobile\Connection Manager\BackgroundService\ServiceManager.exe [51576 2012-04-25] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 BMLoad; C:\Windows\System32\drivers\BMLoad.sys [16512 2011-08-05] (Bytemobile, Inc.) [File not signed] R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2015-06-09] (Disc Soft Ltd) S3 hitmanpro37; C:\Windows\system32\drivers\hitmanpro37.sys [43664 2015-08-01] () S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [119680 2011-08-05] (TCT International Mobile Ltd) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation) S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [63704 2015-06-18] (Malwarebytes Corporation) R3 SNP2UVC; C:\Windows\System32\DRIVERS\snp2uvc.sys [1848496 2009-07-01] () R1 tcpipBM; C:\Windows\system32\drivers\tcpipBM.sys [39552 2011-08-05] (Bytemobile, Inc.) [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-01 13:08 - 2015-08-01 13:09 - 00011933 _____ C:\Users\PC\Desktop\FRST.txt 2015-08-01 13:08 - 2015-08-01 13:08 - 00000000 ____D C:\FRST 2015-08-01 13:07 - 2015-08-01 13:07 - 02168832 _____ (Farbar) C:\Users\PC\Desktop\FRST64.exe 2015-08-01 12:43 - 2015-08-01 12:43 - 00000000 _____ C:\autoexec.bat 2015-08-01 12:40 - 2015-08-01 12:41 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\PC\Downloads\SpyHunter-Installer.exe 2015-08-01 12:27 - 2015-08-01 12:32 - 00000000 ____D C:\Users\PC\AppData\Roaming\SUPERAntiSpyware.com 2015-08-01 12:26 - 2015-08-01 12:26 - 22882024 _____ (SUPERAntiSpyware) C:\Users\PC\Downloads\SUPERAntiSpyware.exe 2015-08-01 12:19 - 2015-08-01 12:19 - 00001187 _____ C:\Users\PC\Desktop\JRT.txt 2015-08-01 11:42 - 2015-08-01 11:45 - 164390696 _____ C:\Users\PC\Downloads\EmsisoftEmergencyKit.exe 2015-08-01 11:36 - 2015-08-01 11:36 - 00002890 _____ C:\Windows\system32\.crusader 2015-08-01 11:31 - 2015-08-01 11:37 - 00043664 _____ C:\Windows\system32\Drivers\hitmanpro37.sys 2015-08-01 11:31 - 2015-08-01 11:37 - 00000000 ____D C:\ProgramData\HitmanPro 2015-08-01 11:31 - 2015-08-01 11:31 - 00000000 ____D C:\Program Files\HitmanPro 2015-08-01 11:29 - 2015-08-01 11:30 - 11032736 _____ (SurfRight B.V.) C:\Users\PC\Downloads\HitmanPro_x64.exe 2015-08-01 10:14 - 2015-08-01 12:36 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-08-01 10:14 - 2015-08-01 10:15 - 00001102 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-08-01 10:14 - 2015-08-01 10:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-08-01 10:14 - 2015-08-01 10:15 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware 2015-08-01 10:14 - 2015-08-01 10:14 - 00000000 ____D C:\ProgramData\Malwarebytes 2015-08-01 10:14 - 2015-06-18 09:48 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-08-01 10:14 - 2015-06-18 09:47 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-08-01 10:14 - 2015-06-18 09:47 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-08-01 10:13 - 2015-08-01 10:13 - 21545336 _____ (Malwarebytes Corporation ) C:\Users\PC\Downloads\mbam-setup-sem-2.1.6.1022.exe 2015-07-31 12:31 - 2015-07-31 12:31 - 00000000 _____ C:\Users\PC\Desktop\New Text Document (2).txt 2015-07-08 22:03 - 2015-08-01 10:45 - 00027160 _____ C:\Windows\PFRO.log 2015-07-08 12:53 - 2015-07-08 22:03 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-08-01 13:08 - 2013-11-18 12:38 - 01252011 _____ C:\Windows\WindowsUpdate.log 2015-08-01 13:04 - 2015-06-19 08:04 - 00002434 _____ C:\Windows\setupact.log 2015-08-01 13:04 - 2015-02-17 15:22 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-08-01 13:04 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-08-01 12:38 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-08-01 12:38 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-08-01 12:28 - 2013-11-19 00:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-08-01 12:23 - 2015-02-17 15:22 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-08-01 12:15 - 2013-11-18 22:45 - 00000000 ____D C:\Users\PC 2015-07-31 12:53 - 2014-03-15 12:40 - 00000000 ____D C:\Users\PC\AppData\Roaming\vlc 2015-07-31 12:28 - 2013-11-19 00:06 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2015-07-31 12:28 - 2013-11-19 00:06 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2015-07-31 12:28 - 2013-11-19 00:06 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2015-07-31 12:27 - 2015-04-18 15:55 - 00000000 ____D C:\Users\PC\AppData\Roaming\dvdcss 2015-07-30 23:56 - 2013-11-19 00:16 - 00000000 ____D C:\Users\PC\AppData\Roaming\Skype 2015-07-30 23:41 - 2013-11-19 00:13 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-07-30 23:40 - 2014-12-30 20:06 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task 2015-07-30 15:39 - 2015-02-17 15:27 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-07-28 08:36 - 2014-01-08 18:28 - 00000000 ____D C:\Users\PC\Desktop\dikumenti 2015-07-23 13:18 - 2015-02-17 15:22 - 00003994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA 2015-07-23 13:18 - 2015-02-17 15:22 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore 2015-07-23 13:14 - 2009-07-14 08:13 - 00726316 _____ C:\Windows\system32\PerfStringBackup.INI 2015-07-08 22:03 - 2013-11-19 00:51 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2013-11-18 23:28 - 2013-11-18 23:28 - 0000000 _____ () C:\Users\PC\AppData\Local\AtStart.txt 2013-11-18 23:28 - 2013-11-18 23:28 - 0000000 _____ () C:\Users\PC\AppData\Local\DSwitch.txt 2013-11-18 23:28 - 2013-11-18 23:28 - 0000000 _____ () C:\Users\PC\AppData\Local\QSwitch.txt 2014-12-04 13:47 - 2014-12-04 13:47 - 0000239 _____ () C:\ProgramData\hpzinstall.log Some files in TEMP: ==================== C:\Users\PC\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\System32\winlogon.exe => File is digitally signed C:\Windows\System32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\System32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\System32\services.exe => File is digitally signed C:\Windows\System32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\System32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\System32\rpcss.dll => File is digitally signed C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-07-23 08:58 ==================== End of log ============================ Addition.txt
  10. Това изобщо не е вярно. C++ е много добър и много ползван. Повечето игри според вас на какво се пишат ? Това са езици които дават достъп до памет имате всякаква свобода и естествено ако не внимавате стават много лоши неща. Аз ви препоръчвам щом искате да се занимавате със C++ залягайте и учете много. В интернет има много книги за C++ взимате и почвате да четете.
  11. Ами аз акцентирах първо върху заглавието на темата и второ върху последният пост. Мисля, че с този линк отговарям на поне 90% от питащите или преместени въпроси/теми.
  12. За господата хакери. Ето от тук може да започнете с основите на мрежите и как работят тези неща: http://en.wikipedia.org/wiki/OSI_model . Ако толкова пък наистина искате да разберете как се взимат пароли от wifi, skype, как да може да чуете разговор и така нататък. В интернет има доста лекции на CISCO. Ако пък не може да намерите пишете и аз ще ви дам. Ето така се хакват нещата. Иначе в интернет има доста тулчета стига да знаете как се работи с тях и да ги използвате и можете да хакнете и свалите или каквото и да е. Давайте господа хакери вие сте
  13. Мисля че си объркал форума.Все пак се върни и прочети Правилата
  14. Kras4ooo

    Искам....

    Искам другия понеделник да не трябва да пиша тонове код а да си почивам.
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване