Премини към съдържанието

ani.ani

Потребител
  • Публикации

    60
  • Регистрация

  • Последно онлайн

Харесвания

12 Добра репутация

Всичко за ani.ani

  • Титла
    Редовен потребител

Информация

  • Пол
    Жена

Последни посетители

2277 прегледа на профила
  1. ani.ani

    Проблем със скайп !

    Здравейте, Пиша тук, защото видях, че това е последната активна тема за Скайп. Проблемът е следният - не мога да стартирам програмата от компютъра, излиза ми съобщение за проверка на и-нет връзката, но там всичко е добре. Рестартирах няколко пъти, но проблемът не е отстранен. От телефона Скайп се стартира успешно. Съвет как да действам? Благодаря!
  2. ani.ani

    Проблем с флашки

    Благодаря за препоръката. Ще я занеса на сервиз в такъв случай!
  3. ani.ani

    Проблем с флашки

    ОС - Microsoft Windows. Все още не съм намерила начин за справяне с проблема. Оставила съм нещата така.
  4. ani.ani

    Проблем с флашки

    Здравейте, Благодаря за отговора! Не, не се вижда нищо. Веднага се появява съобщението за форматиране. Не знаех, че и флашките имат срок на годност. Тази флашка не е много активно използвана. В такъв случай жалко за инфото, което изгубих.
  5. ani.ani

    Проблем с флашки

    Здравейте! Имам проблем с тази USB флашка Флашката е стара, на повече от 10г. Имам качена в нея музика, около 130 песни, снимки и текстови документи. Не съм я използвала редовно, защото мислих, че съм я изгубила. Вчера реших да добавя още малко музика, защото видях, че има възможност, но в един момент флашката отказа. Излиза съобщение, че е необходимо форматиране, но ако форматирам, доколкото разбирам ще се изтрие всичката налична информация. Има ли вариант, в който да се форматира без да се изтриват данните? Пробвах флашката на телевизора Samsung, пробвах и на аудио с-мата Blaupunkt, изобщо не тръгва. За първи път срещам подобен проблем. Моля за мнение! Благодаря!
  6. Здравейте, Интересувам се дали има разлика между Toshiba и Toshiba Carrier? Видях, че вносителите за България са различни, както и наименованията на климатиците и цените! Toshiba Carrier доколкото разбирам е различна фирма създадена през 1999г. и съсредоточена основно за източните страни. Т.е. излиза, че са различни фирми?! Ако има запознати, може ли да помоля за повече инфо? И тъй като пишат повече професионалисти тук - какво ви е мнението за моделите на Toshiba Suzumi Plus? Благодаря
  7. ani.ani

    Аудио система за озвучаване на малка зала

    Е, то ако става въпрос за такава двупотопна уредба вкъщи в кашон имам на Sony по-нова и по-запазена.
  8. Здравейте, Моля за препоръка на Аудио с-ма с USB за озвучаване на малка зала за танци. Бюджетът е ограничен до макс. 400 лв. Благодаря!
  9. ani.ani

    вирус CTB-Locker

    Изпълних всичко, както написахте. Ето линк - http://dox.bg/files/dw?a=d68cea7833 Проблемът продължава...
  10. ani.ani

    вирус CTB-Locker

    Това е съобщението (на прикачената снимка), което изкача при стартиране на приложение. Пробвах по начина, по който сте описали, но няма промяна. Отново се появява и така до безкрай... Както и да е... Благодаря за отзивчивостта още веднъж!
  11. ani.ani

    вирус CTB-Locker

    Много благодаря за бързото включване! Реших да занеса компютъра за преинсталиране, иначе не съм сигурна дали ще се справя... Само искам да попитам още нещо, ако продължа да използвам компютъра още, ден, два, като програмите (Уорд, Ексeл и браузъра), мога да ги ползвам само с опцията "изпълни като администратор" (иначе не се зареждат и дава грешка), проблем ли ще е за самия компютър?
  12. ani.ani

    вирус CTB-Locker

    FRST.txt Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-05-2015 Ran by User (administrator) on USER-PC on 03-06-2015 08:22:04 Running from D:\Свалено от Интернет Loaded Profiles: User (Available Profiles: User) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe (Enigma Software Group USA, LLC.) C:\Program Files\Enigma Software Group\SpyHunter\SpyHunter4.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe (Microsoft Corporation) C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe () C:\Program Files\Everything\Everything.exe (Realsil Microelectronics Inc.) C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe (Farbar) D:\Свалено от Интернет\FRST (1).exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [TWebCamera] => C:\Program Files\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2475384 2010-11-02] (TOSHIBA CORPORATION.) HKLM\...\Run: [synTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1934632 2010-09-30] (Synaptics Incorporated) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [997920 2011-06-15] (Microsoft Corporation) HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [10025576 2011-02-11] (Realtek Semiconductor) HKLM\...\Run: [Everything] => C:\Program Files\Everything\Everything.exe [1048576 2014-08-06] () HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [5088456 2015-01-28] (ESET) HKU\S-1-5-19\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-20\Control Panel\Desktop\\SCRNSAVE.EXE -> HKU\S-1-5-21-442882556-3365707433-1788447081-1000\...\Run: [f.lux] => C:\Users\User\AppData\Local\FluxSoftware\Flux\flux.exe [1017224 2013-10-24] (Flux Software LLC) HKU\S-1-5-21-442882556-3365707433-1788447081-1000\...\Run: [bingSvc] => C:\Users\User\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation) HKU\S-1-5-21-442882556-3365707433-1788447081-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\scrnsave.scr [10240 2009-07-14] (Microsoft Corporation) HKU\S-1-5-18\Control Panel\Desktop\\SCRNSAVE.EXE -> Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\INTERNET - Пряк път.lnk [2013-03-23] ShortcutTarget: INTERNET - Пряк път.lnk -> (No File) Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2007.lnk [2014-07-08] ShortcutTarget: Изрязване на екран и стартиране на OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = HKU\S-1-5-21-442882556-3365707433-1788447081-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-us HKU\S-1-5-21-442882556-3365707433-1788447081-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKU\S-1-5-21-442882556-3365707433-1788447081-1000\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.com/ie HKU\S-1-5-21-442882556-3365707433-1788447081-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://www.google.com/ie SearchScopes: HKU\S-1-5-21-442882556-3365707433-1788447081-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-442882556-3365707433-1788447081-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/search?FORM=SK2MDF&PC=SK2M&q={searchTerms}&src=IE-SearchBox SearchScopes: HKU\S-1-5-21-442882556-3365707433-1788447081-1000 -> {AD050626-AB9A-4822-B763-0F98AAAEBFB0} URL = http://search.creativetoolbars.com/results?src=tb&id=smartbar&g=&q={searchTerms} BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation) BHO: Evernote extension -> {92EF2EAD-A7CE-4424-B0DB-499CF856608E} -> C:\Program Files\Evernote\Evernote\EvernoteIE.dll [2013-12-18] (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{4C3728EE-2994-4500-8D17-45DD2DD41A3F}: [NameServer] 87.120.188.2 FireFox: ======== FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_152.dll [2014-10-10] () FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-16] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-442882556-3365707433-1788447081-1000: @citrixonline.com/appdetectorplugin -> C:\Users\User\AppData\Local\Citrix\Plugins\104\npappdetector.dll [2014-11-22] (Citrix Online) FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml [2015-03-13] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml [2015-03-13] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml [2015-03-13] FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-03-13] FF Extension: Bulgarian Dictionary - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\bg-BG@dictionaries.addons.mozilla.org [2014-01-24] FF Extension: Bing Search - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\bingsearch.full@microsoft.com [2015-04-16] FF Extension: British English Dictionary (Updated) - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\en-gb@flyingtophat.co.uk [2015-01-06] FF Extension: Mozilla Firefox Hotfixer - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\veggy@veggyAddon.com [2015-06-01] FF Extension: Ultra Finder - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\{60984d64-3925-4636-a8c2-1b22a35f133f} [2014-12-29] FF Extension: Disconnect - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\2.0@disconnect.me.xpi [2014-02-19] FF Extension: MEGA - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\firefox@mega.co.nz.xpi [2014-10-09] FF Extension: Adblock Plus - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\e3zve3op.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2014-01-24] FF Extension: No Name - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-05-01] Chrome: ======= CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-03-22] CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-03-22] CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-03-22] CHR Extension: (Adblock Plus) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-04] CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-03-22] CHR Extension: (ABV Notifier) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2015-04-12] CHR Extension: (Bookmark Manager) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-21] CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-31] CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-03-22] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-05-01] CHR HKU\S-1-5-21-442882556-3365707433-1788447081-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fcfenmboojpjinhpgggodefccipikbpd] - https://clients2.google.com/service/update2/crx ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [276992 2014-09-15] (Advanced Micro Devices, Inc.) [File not signed] R2 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816 2015-05-01] (Microsoft Corporation) R2 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01] (Microsoft Corporation) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [1349576 2015-01-28] (ESET) R2 Everything; C:\Program Files\Everything\Everything.exe [1048576 2014-08-06] () [File not signed] <==== ATTENTION R2 IconMan_R; C:\Program Files\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [1809920 2010-08-04] (Realsil Microelectronics Inc.) [File not signed] R2 MsMpSvc; C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe [11736 2011-04-27] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\Antimalware\NisSrv.exe [208944 2011-04-27] (Microsoft Corporation) R2 SpyHunter 4 Service; C:\Program Files\Enigma Software Group\SpyHunter\SH4Service.exe [771456 2015-06-03] (Enigma Software Group USA, LLC.) S4 TuneUp.UtilitiesSvc; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesService32.exe [1739576 2013-10-30] (TuneUp Software) S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [193464 2015-02-23] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [135808 2015-02-23] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [123424 2015-02-23] (ESET) S3 EsgScanner; C:\Windows\System32\DRIVERS\EsgScanner.sys [19984 2015-06-03] () S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [119512 2015-06-03] (Malwarebytes Corporation) R1 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [165648 2011-04-18] (Microsoft Corporation) S3 MpNWMon; C:\Windows\System32\DRIVERS\MpNWMon.sys [43392 2011-04-18] (Microsoft Corporation) R3 PGEffect; C:\Windows\System32\DRIVERS\pgeffect.sys [24064 2009-06-22] (TOSHIBA Corporation) S3 TuneUpUtilitiesDrv; C:\Program Files\TuneUp Utilities 2014\TuneUpUtilitiesDriver32.sys [12320 2013-09-18] (TuneUp Software) S3 VGPU; No ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-03 08:10 - 2015-06-03 08:10 - 00143504 _____ () C:\Windows\Minidump\060315-27705-01.dmp 2015-06-03 08:07 - 2015-06-03 08:07 - 00044560 _____ () C:\Users\User\Desktop\FRST.txt 2015-06-03 01:29 - 2015-06-03 01:29 - 00143504 _____ () C:\Windows\Minidump\060315-30310-01.dmp 2015-06-03 01:21 - 2015-06-03 08:22 - 00000000 ____D () C:\FRST 2015-06-03 01:03 - 2015-06-03 01:03 - 00000000 ____D () C:\Users\User\AppData\Local\ESET 2015-06-03 00:52 - 2015-06-03 00:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET 2015-06-03 00:52 - 2015-06-03 00:52 - 00000000 ____D () C:\ProgramData\ESET 2015-06-03 00:52 - 2015-06-03 00:52 - 00000000 ____D () C:\Program Files\ESET 2015-06-03 00:06 - 2015-06-03 00:06 - 00001240 _____ () C:\Users\User\Desktop\SpyHunter.lnk 2015-06-03 00:06 - 2015-06-03 00:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\Enigma Software Group 2015-06-03 00:06 - 2015-06-03 00:06 - 00000000 ____D () C:\sh4ldr 2015-06-03 00:05 - 2015-06-03 00:05 - 00019984 _____ () C:\Windows\system32\Drivers\EsgScanner.sys 2015-06-03 00:05 - 2015-06-03 00:05 - 00000000 ____D () C:\Program Files\Enigma Software Group 2015-06-02 23:28 - 2015-06-02 23:28 - 03148854 _____ () C:\Users\User\Documents\!Decrypt-All-Files-xspgdhh.bmp 2015-06-02 23:26 - 2015-06-02 23:28 - 00309457 _____ () C:\ProgramData\pmemxfe.html 2015-05-31 20:06 - 2015-05-31 20:06 - 00143504 _____ () C:\Windows\Minidump\053115-17846-01.dmp 2015-05-31 12:20 - 2015-05-31 12:20 - 00143504 _____ () C:\Windows\Minidump\053115-16988-01.dmp 2015-05-30 22:26 - 2015-06-03 08:09 - 00000652 _____ () C:\Windows\Tasks\G2MUploadTask-S-1-5-21-442882556-3365707433-1788447081-1000.job 2015-05-30 16:35 - 2015-05-30 16:35 - 00143504 _____ () C:\Windows\Minidump\053015-17503-01.dmp 2015-05-30 15:35 - 2015-05-30 15:35 - 00143504 _____ () C:\Windows\Minidump\053015-17440-01.dmp 2015-05-30 11:05 - 2015-05-30 11:05 - 00143504 _____ () C:\Windows\Minidump\053015-17206-01.dmp 2015-05-30 00:51 - 2015-05-30 00:51 - 00143504 _____ () C:\Windows\Minidump\053015-19983-01.dmp 2015-05-30 00:38 - 2015-05-30 00:38 - 00143504 _____ () C:\Windows\Minidump\053015-19141-01.dmp 2015-05-29 21:05 - 2015-05-29 21:05 - 00143504 _____ () C:\Windows\Minidump\052915-19063-01.dmp 2015-05-29 20:38 - 2015-05-29 20:39 - 00143504 _____ () C:\Windows\Minidump\052915-28142-01.dmp 2015-05-29 00:12 - 2015-05-29 00:12 - 00143504 _____ () C:\Windows\Minidump\052915-19281-01.dmp 2015-05-28 23:15 - 2015-05-28 23:16 - 00143504 _____ () C:\Windows\Minidump\052815-18205-01.dmp 2015-05-27 13:09 - 2015-05-27 13:10 - 00143504 _____ () C:\Windows\Minidump\052715-18408-01.dmp 2015-05-27 11:04 - 2015-05-27 11:04 - 00143504 _____ () C:\Windows\Minidump\052715-19312-01.dmp 2015-05-26 00:10 - 2015-06-02 11:00 - 00060576 _____ () C:\Users\User\Desktop\1907690_829432187067200_3840091338512232063_n.JPG.xspgdhh 2015-05-26 00:10 - 2015-06-02 10:54 - 00915280 _____ () C:\Users\User\Desktop\Джош Малерман - Кутия за птици (1).PDF.xspgdhh 2015-05-26 00:10 - 2015-06-01 14:39 - 00246784 _____ () C:\Users\User\Desktop\Bulgarian_Twelve_Healers_1941.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-31 23:08 - 04969872 _____ () C:\Users\User\Desktop\the-new-science-of-super-awareness-by-bill-harris.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-31 19:43 - 00406704 _____ () C:\Users\User\Desktop\Beautiful-Summer-Flowers-Wallpaper.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-30 09:55 - 00119328 _____ () C:\Users\User\Desktop\anii.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-29 20:07 - 00154368 _____ () C:\Users\User\Desktop\eye.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-29 20:05 - 00391264 _____ () C:\Users\User\Desktop\DSC03187.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-29 20:02 - 00144208 _____ () C:\Users\User\Desktop\il_570xN.357466204_70l5.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-29 12:28 - 00774064 _____ () C:\Users\User\Desktop\Тайните на енергията - Алла Свиринская.DOCX.xspgdhh 2015-05-26 00:10 - 2015-05-28 15:30 - 00015664 _____ () C:\Users\User\Desktop\Здравейте Силни Хора.DOC.xspgdhh 2015-05-26 00:10 - 2015-05-28 12:08 - 01507008 _____ () C:\Users\User\Desktop\Tainite na mese4nia cycle_mai2015.PPTX.xspgdhh 2015-05-26 00:10 - 2015-05-27 23:23 - 00176752 _____ () C:\Users\User\Desktop\b4_16.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 23:12 - 00012144 _____ () C:\Users\User\Desktop\Page 1.DOC.xspgdhh 2015-05-26 00:10 - 2015-05-27 22:50 - 00365232 _____ () C:\Users\User\Desktop\инфопакет-мп-училищна психология - неспециалисти.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 22:50 - 00290960 _____ () C:\Users\User\Desktop\инфопакет-мп-училищна психология - специалисти-bg.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 22:01 - 14997776 _____ () C:\Users\User\Desktop\recepti_2005.RAR.xspgdhh 2015-05-26 00:10 - 2015-05-27 21:53 - 02952480 _____ () C:\Users\User\Desktop\astrologicheskoe_suzhdenie.RAR.xspgdhh 2015-05-26 00:10 - 2015-05-27 21:27 - 01254736 _____ () C:\Users\User\Desktop\Essential-oils-guide.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 15:33 - 04440976 _____ () C:\Users\User\Desktop\Dr+Sara's+Hormone+Reset+Community+Cookbook.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 14:31 - 04089264 _____ () C:\Users\User\Desktop\JZ_19_2007.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-27 13:02 - 02868176 _____ () C:\Users\User\Desktop\Shake-RecipeBook-Final-102014.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-26 21:13 - 00054656 _____ () C:\Users\User\Desktop\11351230_10152760216546512_6469775742400608419_n.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-26 00:29 - 00095680 _____ () C:\Users\User\Desktop\4.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-26 00:10 - 00022352 _____ () C:\Users\User\Desktop\tumblr_noskukfCy01uoku8ao1_250.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-21 23:41 - 01300816 _____ () C:\Users\User\Desktop\My Body - Source of Energy.DOC.xspgdhh 2015-05-26 00:10 - 2015-05-21 20:33 - 00338992 _____ () C:\Users\User\Desktop\flower.xspgdhh 2015-05-26 00:10 - 2015-05-21 20:26 - 00864896 _____ () C:\Users\User\Desktop\DSC05162.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-21 19:49 - 02101360 _____ () C:\Users\User\Desktop\DSC05168.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-21 13:34 - 00552624 _____ () C:\Users\User\Desktop\22.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-21 01:08 - 07437136 _____ () C:\Users\User\Desktop\The_Tarot_Cards_-_stained_glass_windows.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-20 23:38 - 00009488 _____ () C:\Users\User\Desktop\Моите цитати от.DOC.xspgdhh 2015-05-26 00:10 - 2015-05-20 17:28 - 07233968 _____ () C:\Users\User\Desktop\Grains-cooking-guide.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-18 13:26 - 00500688 _____ () C:\Users\User\Desktop\IMG_1925.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-17 13:26 - 00061584 _____ () C:\Users\User\Desktop\_ng2vc9vzCT1sg15a4o1_500.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-16 15:49 - 00033904 _____ () C:\Users\User\Desktop\me (2).JPG.xspgdhh 2015-05-26 00:10 - 2015-05-16 15:21 - 00184416 _____ () C:\Users\User\Desktop\21313_842497762484630_7080647191965826328_n.JPG.xspgdhh 2015-05-26 00:10 - 2015-05-15 23:45 - 32294864 _____ () C:\Users\User\Desktop\ASTROBROI_BELA_JANUARI_2015 (2).PDF.xspgdhh 2015-05-26 00:10 - 2015-05-14 12:32 - 00174160 _____ () C:\Users\User\Desktop\Скъпоценни камъни Р. Щайнер.DOCX.xspgdhh 2015-05-26 00:10 - 2015-05-09 09:21 - 00533184 _____ () C:\Users\User\Desktop\Metod_BOP_1-32.PDF.xspgdhh 2015-05-26 00:10 - 2015-05-09 01:41 - 00084480 _____ () C:\Users\User\Desktop\hosts.TXT.xspgdhh 2015-05-26 00:10 - 2014-09-29 17:17 - 02695152 _____ () C:\Users\User\Desktop\DSC04679.JPG.xspgdhh 2015-05-22 21:26 - 2015-05-22 21:26 - 00143504 _____ () C:\Windows\Minidump\052215-18548-01.dmp 2015-05-22 20:14 - 2015-05-22 20:14 - 00143504 _____ () C:\Windows\Minidump\052215-18938-01.dmp 2015-05-22 11:44 - 2015-05-22 11:44 - 00143504 _____ () C:\Windows\Minidump\052215-19281-01.dmp 2015-05-21 20:57 - 2015-05-21 20:57 - 00143504 _____ () C:\Windows\Minidump\052115-18470-01.dmp 2015-05-21 12:05 - 2015-05-21 12:05 - 00143504 _____ () C:\Windows\Minidump\052115-20498-01.dmp 2015-05-20 21:37 - 2015-05-20 21:37 - 00143504 _____ () C:\Windows\Minidump\052015-22167-01.dmp 2015-05-20 19:07 - 2015-05-20 19:08 - 00143504 _____ () C:\Windows\Minidump\052015-18220-01.dmp 2015-05-20 16:52 - 2015-05-20 16:51 - 123358126 _____ () C:\Users\User\Desktop\My Body - Source of Energy.m4a 2015-05-19 16:11 - 2015-05-19 16:11 - 00143504 _____ () C:\Windows\Minidump\051915-20311-01.dmp 2015-05-19 14:41 - 2015-05-19 14:41 - 00143504 _____ () C:\Windows\Minidump\051915-22354-01.dmp 2015-05-17 11:46 - 2015-05-17 11:46 - 00143504 _____ () C:\Windows\Minidump\051715-19312-01.dmp 2015-05-15 21:07 - 2015-05-15 21:07 - 00143504 _____ () C:\Windows\Minidump\051515-25022-01.dmp 2015-05-14 21:08 - 2015-05-14 21:08 - 00143504 _____ () C:\Windows\Minidump\051415-18361-01.dmp 2015-05-13 10:42 - 2015-05-01 16:16 - 00102608 _____ (Microsoft Corporation) C:\Windows\system32\PresentationCFFRasterizerNative_v0300.dll 2015-05-13 10:00 - 2015-05-13 10:00 - 00143504 _____ () C:\Windows\Minidump\051315-16926-01.dmp 2015-05-13 09:25 - 2015-04-20 05:56 - 01250816 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll 2015-05-13 09:25 - 2015-04-20 05:56 - 00909312 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll 2015-05-13 09:25 - 2015-04-20 05:03 - 02382336 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-05-13 09:24 - 2015-05-05 04:12 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-05-13 09:24 - 2015-04-18 05:56 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll 2015-05-13 09:24 - 2015-04-04 06:10 - 00137656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-05-13 09:24 - 2015-04-04 06:10 - 00067512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-05-13 09:24 - 2015-04-04 06:05 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-05-13 09:24 - 2015-04-04 06:05 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-05-13 09:24 - 2015-04-04 06:04 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-05-13 09:24 - 2015-04-04 06:04 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-05-13 09:24 - 2015-04-04 06:01 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-05-13 09:24 - 2015-04-04 06:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-05-13 09:24 - 2015-04-04 05:59 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-05-13 09:23 - 2015-04-22 04:48 - 00342736 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-05-13 09:23 - 2015-04-21 19:10 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-05-13 09:23 - 2015-04-21 19:02 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-05-13 09:23 - 2015-04-21 18:58 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-05-13 09:23 - 2015-04-21 18:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-05-13 09:23 - 2015-04-21 18:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-05-13 09:23 - 2015-04-21 18:26 - 00685568 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-05-13 09:23 - 2015-04-21 17:58 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-05-13 09:23 - 2015-04-13 06:19 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\services.exe 2015-05-13 09:22 - 2015-04-21 19:25 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-05-13 09:22 - 2015-04-21 19:25 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-05-13 09:22 - 2015-04-21 19:24 - 19691008 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-05-13 09:22 - 2015-04-21 19:11 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-05-13 09:22 - 2015-04-21 19:11 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-05-13 09:22 - 2015-04-21 19:09 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-05-13 09:22 - 2015-04-21 19:08 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-05-13 09:22 - 2015-04-21 19:04 - 02278400 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-05-13 09:22 - 2015-04-21 19:03 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-05-13 09:22 - 2015-04-21 19:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-05-13 09:22 - 2015-04-21 18:58 - 00664576 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-05-13 09:22 - 2015-04-21 18:58 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-05-13 09:22 - 2015-04-21 18:57 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-05-13 09:22 - 2015-04-21 18:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-05-13 09:22 - 2015-04-21 18:39 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-05-13 09:22 - 2015-04-21 18:38 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-05-13 09:22 - 2015-04-21 18:36 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-05-13 09:22 - 2015-04-21 18:31 - 04305920 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-05-13 09:22 - 2015-04-21 18:26 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-05-13 09:22 - 2015-04-21 18:25 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-05-13 09:22 - 2015-04-21 18:24 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-05-13 09:22 - 2015-04-21 18:17 - 12828672 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-05-13 09:22 - 2015-04-21 18:02 - 01882112 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-05-13 09:22 - 2015-04-21 17:56 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-05-13 09:21 - 2015-04-08 06:14 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-05-13 09:21 - 2015-04-08 06:14 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-05-13 09:21 - 2015-02-18 10:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe 2015-05-12 21:42 - 2015-05-12 21:42 - 00143504 _____ () C:\Windows\Minidump\051215-17534-01.dmp 2015-05-12 18:55 - 2015-05-12 18:55 - 00143504 _____ () C:\Windows\Minidump\051215-17893-01.dmp 2015-05-12 14:59 - 2015-05-12 14:59 - 00143504 _____ () C:\Windows\Minidump\051215-19734-01.dmp 2015-05-11 17:37 - 2015-05-11 17:38 - 00143504 _____ () C:\Windows\Minidump\051115-17752-01.dmp 2015-05-11 14:48 - 2015-05-11 14:48 - 00143504 _____ () C:\Windows\Minidump\051115-17581-01.dmp 2015-05-11 09:15 - 2015-05-11 09:15 - 00143504 _____ () C:\Windows\Minidump\051115-16910-01.dmp 2015-05-10 22:26 - 2015-05-10 22:27 - 00143504 _____ () C:\Windows\Minidump\051015-16614-01.dmp 2015-05-09 00:09 - 2015-06-03 00:39 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-05-09 00:08 - 2015-05-09 00:08 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-05-09 00:07 - 2015-05-09 00:08 - 00000000 ____D () C:\Program Files\Malwarebytes Anti-Malware 2015-05-09 00:07 - 2015-04-14 09:37 - 00092888 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys 2015-05-09 00:07 - 2015-04-14 09:37 - 00051928 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys 2015-05-09 00:07 - 2015-04-14 09:37 - 00023256 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys 2015-05-09 00:01 - 2015-05-09 00:19 - 00000000 ____D () C:\Windows\pss 2015-05-08 23:19 - 2015-05-08 23:19 - 00143504 _____ () C:\Windows\Minidump\050815-18080-01.dmp 2015-05-08 14:31 - 2015-05-08 14:31 - 00001060 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 9.lnk 2015-05-08 13:52 - 2015-05-08 13:52 - 00143504 _____ () C:\Windows\Minidump\050815-17986-01.dmp 2015-05-08 08:04 - 2015-05-08 08:04 - 00143504 _____ () C:\Windows\Minidump\050815-20935-01.dmp 2015-05-08 07:47 - 2015-05-08 07:47 - 00143504 _____ () C:\Windows\Minidump\050815-17378-01.dmp 2015-05-08 01:09 - 2015-05-08 01:10 - 00143504 _____ () C:\Windows\Minidump\050815-20950-01.dmp 2015-05-07 10:59 - 2015-05-07 10:59 - 00143504 _____ () C:\Windows\Minidump\050715-18860-01.dmp 2015-05-05 20:50 - 2015-05-05 20:50 - 00008602 _____ () C:\Users\User\Downloads\HELP_DECRYPT.HTML 2015-05-05 20:50 - 2015-05-05 20:50 - 00001392 _____ () C:\Users\User\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 20:50 - 2015-05-05 20:50 - 00000284 _____ () C:\Users\User\HELP_DECRYPT.URL 2015-05-05 20:50 - 2015-05-05 20:50 - 00000284 _____ () C:\Users\User\Downloads\HELP_DECRYPT.URL 2015-05-05 20:23 - 2015-05-05 20:23 - 00001392 _____ () C:\Users\User\Documents\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 20:23 - 2015-05-05 20:23 - 00000284 _____ () C:\Users\User\Documents\HELP_DECRYPT.URL 2015-05-05 19:56 - 2015-05-05 19:56 - 00001392 _____ () C:\Users\User\AppData\Roaming\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:56 - 2015-05-05 19:56 - 00001392 _____ () C:\Users\User\AppData\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:56 - 2015-05-05 19:56 - 00000284 _____ () C:\Users\User\AppData\Roaming\HELP_DECRYPT.URL 2015-05-05 19:56 - 2015-05-05 19:56 - 00000284 _____ () C:\Users\User\AppData\HELP_DECRYPT.URL 2015-05-05 19:52 - 2015-05-05 19:52 - 00001392 _____ () C:\Users\User\AppData\Local\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:52 - 2015-05-05 19:52 - 00000284 _____ () C:\Users\User\AppData\Local\HELP_DECRYPT.URL 2015-05-05 19:48 - 2015-05-05 19:48 - 00001392 _____ () C:\ProgramData\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:48 - 2015-05-05 19:48 - 00000284 _____ () C:\ProgramData\HELP_DECRYPT.URL 2015-05-05 19:03 - 2015-05-05 19:03 - 00143504 _____ () C:\Windows\Minidump\050515-19047-01.dmp ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-06-03 08:19 - 2009-07-14 07:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-06-03 08:19 - 2009-07-14 07:34 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-06-03 08:10 - 2013-06-25 03:27 - 309542827 _____ () C:\Windows\MEMORY.DMP 2015-06-03 08:10 - 2013-06-25 03:27 - 00000000 ____D () C:\Windows\Minidump 2015-06-03 08:10 - 2013-03-22 21:13 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-06-03 08:10 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2015-06-03 08:10 - 2009-07-14 07:39 - 00205997 _____ () C:\Windows\setupact.log 2015-06-03 07:45 - 2014-01-24 03:19 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-06-03 07:45 - 2013-03-22 21:13 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-06-03 07:40 - 2013-03-21 19:35 - 01331936 _____ () C:\Windows\WindowsUpdate.log 2015-06-03 01:32 - 2014-01-04 17:06 - 00000000 ____D () C:\Users\User\AppData\Roaming\Everything 2015-06-03 01:25 - 2013-03-22 21:17 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype 2015-06-02 23:28 - 2015-01-22 20:59 - 00000000 ____D () C:\Users\User\Downloads\Hector and the Search for Happiness 2014 WEBRip x264 AC3-JYK 2015-06-02 23:28 - 2015-01-07 11:31 - 00000000 ____D () C:\Users\User\Downloads\Veselin Marinov - Ostrovut na lubovta (2014) CDRip MP3 320kbps 2015-06-02 23:27 - 2015-03-15 00:14 - 00000000 ____D () C:\Users\User\Tracing 2015-06-02 23:27 - 2015-02-10 11:48 - 00000000 ____D () C:\Users\User\Downloads\VA - Fifty Shades of Classical Music - 50 Masterpieces (2014) - SMG 2015-06-02 23:27 - 2015-02-06 04:20 - 00000000 ____D () C:\Users\User\Downloads\Addicted.2014.UNRATED.WEBRip.XviD-WAR 2015-06-02 23:27 - 2015-01-26 23:49 - 00000000 ____D () C:\Users\User\Downloads\Safe Haven 2013 BRRip XviD AC3-SANTi 2015-06-02 23:27 - 2015-01-26 00:37 - 00000000 ____D () C:\Users\User\Downloads\The.Best.Of.Me.2014.BDRip.x264.Ac3-HUD 2015-06-02 23:27 - 2015-01-07 11:30 - 00000000 ____D () C:\Users\User\Downloads\Veselin Marinov - Izbrah za vas s liubov (2004) 2015-06-02 23:27 - 2014-05-22 13:00 - 00000000 ____D () C:\Users\User\Documents\Calibre Library 2015-06-02 23:27 - 2014-03-24 16:00 - 00000000 ____D () C:\Users\User\Downloads\PCPerformer-BitTorrent-c 2015-06-02 23:27 - 2014-03-24 15:57 - 00000000 ____D () C:\Users\User\Downloads\Authors.Anonymous.WEBRip.XviD.AC3-WAR 2015-06-02 23:27 - 2014-03-24 15:54 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent 2015-06-02 23:27 - 2014-01-24 03:11 - 00000000 ____D () C:\Users\User\AppData\Roaming\Mozilla 2015-06-02 23:27 - 2014-01-03 15:40 - 00000000 ____D () C:\Users\User\Documents\Autoruns 2015-06-02 23:27 - 2014-01-03 14:51 - 00000000 ____D () C:\Users\User\AppData\Roaming\Wise Registry Cleaner 2015-06-02 23:27 - 2013-11-30 00:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\Stellarium 2015-06-02 23:27 - 2013-05-08 11:50 - 00000000 ____D () C:\Users\User\AppData\Roaming\ViberPC 2015-06-02 23:25 - 2014-05-28 17:41 - 00000000 ____D () C:\Users\User\AppData\Roaming\Cookapp 2015-06-02 23:25 - 2014-05-22 13:00 - 00000000 ____D () C:\Users\User\AppData\Roaming\calibre 2015-06-02 23:25 - 2014-02-27 15:05 - 00000000 ____D () C:\Users\User\AppData\Local\Skype 2015-06-02 23:25 - 2014-01-04 17:37 - 00000000 ____D () C:\Users\User\AppData\Roaming\Malwarebytes 2015-06-02 23:25 - 2013-03-24 14:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\Adobe 2015-06-02 23:24 - 2014-01-24 03:11 - 00000000 ____D () C:\Users\User\AppData\Local\Mozilla 2015-06-02 23:24 - 2013-05-08 11:49 - 00000000 ____D () C:\Users\User\AppData\Local\Viber 2015-06-02 23:22 - 2013-04-05 01:12 - 00000000 ____D () C:\Users\User\AppData\Local\Microsoft Games 2015-06-02 23:22 - 2013-03-22 21:13 - 00000000 ____D () C:\Users\User\AppData\Local\Google 2015-06-02 23:20 - 2014-11-22 11:01 - 00000000 ____D () C:\Users\User\AppData\Local\Citrix 2015-06-02 23:20 - 2014-10-11 13:32 - 00000000 ____D () C:\Users\User\AppData\Local\AMD 2015-06-02 23:20 - 2014-05-28 17:48 - 00000000 ____D () C:\Users\User\.rainlendar2 2015-06-02 23:20 - 2014-01-03 14:40 - 00000000 ____D () C:\ProgramData\Spybot - Search & Destroy 2015-06-02 23:20 - 2013-12-29 02:42 - 00000000 ____D () C:\Users\User\AppData\Local\Evernote 2015-06-02 23:20 - 2013-03-22 21:17 - 00000000 ____D () C:\ProgramData\Skype 2015-06-02 23:13 - 2014-01-18 16:39 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps 2015-05-30 22:26 - 2014-11-22 11:02 - 00000556 _____ () C:\Windows\Tasks\G2MUpdateTask-S-1-5-21-442882556-3365707433-1788447081-1000.job 2015-05-27 18:44 - 2013-03-22 21:17 - 00000000 ___RD () C:\Program Files\Skype 2015-05-26 12:16 - 2013-03-22 21:15 - 00002127 _____ () C:\Users\Public\Desktop\Google Chrome.lnk 2015-05-21 23:37 - 2010-11-21 00:01 - 00788674 _____ () C:\Windows\system32\PerfStringBackup.INI 2015-05-19 18:23 - 2009-07-14 07:53 - 00032534 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2015-05-15 20:56 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache 2015-05-13 19:32 - 2014-05-22 12:59 - 00000930 _____ () C:\Users\Public\Desktop\calibre - E-book management.lnk 2015-05-13 19:32 - 2014-05-22 12:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\calibre - E-book Management 2015-05-13 19:31 - 2014-05-22 12:59 - 00000000 ____D () C:\Program Files\Calibre2 2015-05-13 19:27 - 2014-12-01 22:51 - 00084768 _____ () C:\Users\User\Documents\3b71613f-f7f2-452c-ae0a-906cffdec642.JPG.xspgdhh 2015-05-13 15:24 - 2011-04-12 05:24 - 00000000 ____D () C:\Program Files\Windows Journal 2015-05-13 12:12 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2015-05-13 11:35 - 2009-07-14 07:33 - 00460720 _____ () C:\Windows\system32\FNTCACHE.DAT 2015-05-13 10:42 - 2013-03-22 21:00 - 00000000 ____D () C:\ProgramData\Microsoft Help 2015-05-13 10:39 - 2014-01-03 15:04 - 00000000 ____D () C:\Windows\system32\MRT 2015-05-13 10:24 - 2014-01-03 15:04 - 137310008 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe 2015-05-09 01:45 - 2010-11-21 00:48 - 00154778 _____ () C:\Windows\PFRO.log 2015-05-09 00:16 - 2013-03-22 19:20 - 00000000 ____D () C:\Windows\system32\appmgmt 2015-05-09 00:07 - 2014-01-04 17:36 - 00000000 ____D () C:\ProgramData\Malwarebytes 2015-05-09 00:03 - 2014-01-17 14:38 - 00000000 ____D () C:\ProgramData\Informer Technologies, Inc 2015-05-06 12:04 - 2015-04-16 10:00 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2015-05-05 20:50 - 2013-12-22 07:19 - 00001392 _____ () C:\Users\User\Downloads\HELP_DECRYPT.TXT.xspgdhh ==================== Files in the root of some directories ======= 2015-05-05 19:56 - 2015-05-05 19:56 - 0045607 _____ () C:\Users\User\AppData\Roaming\HELP_DECRYPT.PNG 2015-05-05 19:56 - 2015-05-05 19:56 - 0001392 _____ () C:\Users\User\AppData\Roaming\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:56 - 2015-05-05 19:56 - 0000284 _____ () C:\Users\User\AppData\Roaming\HELP_DECRYPT.URL 2013-12-18 02:08 - 2013-12-18 02:08 - 0003584 _____ () C:\Users\User\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2015-01-07 12:21 - 2015-01-07 12:21 - 0000275 _____ () C:\Users\User\AppData\Local\HamsterAudioConverterSettings.cfg 2015-05-05 19:52 - 2015-05-05 19:52 - 0045607 _____ () C:\Users\User\AppData\Local\HELP_DECRYPT.PNG 2015-05-05 19:52 - 2015-05-05 19:52 - 0001392 _____ () C:\Users\User\AppData\Local\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:52 - 2015-05-05 19:52 - 0000284 _____ () C:\Users\User\AppData\Local\HELP_DECRYPT.URL 2014-10-11 13:30 - 2014-10-11 13:30 - 0007625 _____ () C:\Users\User\AppData\Local\Resmon.ResmonCfg 2013-03-23 21:34 - 2013-03-23 21:34 - 0000056 ____H () C:\ProgramData\ezsidmv.dat 2015-05-05 19:48 - 2015-05-05 19:48 - 0045607 _____ () C:\ProgramData\HELP_DECRYPT.PNG 2015-05-05 19:48 - 2015-05-05 19:48 - 0001392 _____ () C:\ProgramData\HELP_DECRYPT.TXT.xspgdhh 2015-05-05 19:48 - 2015-05-05 19:48 - 0000284 _____ () C:\ProgramData\HELP_DECRYPT.URL 2015-06-02 23:26 - 2015-06-02 23:28 - 0309457 _____ () C:\ProgramData\pmemxfe.html Some files in TEMP: ==================== C:\Users\User\AppData\Local\Temp\BSvcProcessor.exe C:\Users\User\AppData\Local\Temp\BSvcUpdater.exe C:\Users\User\AppData\Local\Temp\InstHelper.exe C:\Users\User\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-05-24 11:44 ==================== End of log ============================ Addition.txt
  13. ani.ani

    вирус CTB-Locker

    Благодаря! Изпълних посочените неща. Но мисля, че няма смисъл да публикувам повече, защото нямам администраторски права за акаунта, което обезсмисля да пиша...
  14. Здравейте, Компютърът ми е заразен с вируса CTB-Locker. Прочетох информативно нещата - криптираха се всички свалени файлове, които имах до момента на компютъра! Свалих програмата Spy Hunter 4, която откри общо 4 "зарази". Отделно свалих и ESET NOD32 Antivirus 8, която откри още 14 заплахи - троянски кон. Нямам представа по-нататък как да действам. Някой може ли да ми окаже съдействие? Предварително благодаря!
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.