Премини към съдържанието

viktor9205

Потребител
  • Публикации

    76
  • Регистрация

  • Последно онлайн

Харесвания

24 Добра репутация

Всичко за viktor9205

  • Титла
    Редовен потребител

Последни посетители

1167 прегледа на профила
  1. Аз имах стар компютър (като кажа стар разбирайте доста стар) и за да го държа в оптимална форма си го глезех чистех/сканирах редовно .. неща които трябва да си се правят.. след проблем с вируси потърсих помощ в форума. Впоследствие като приключихме с проблема просто си оставих тези 2-те --> Malwarebytes' Anti-Malware и SUPERAntiSpyware Free Edition и си ги пусках профилактично веднъж месечно, но от година да не кажа повече ме мързи и не пускам никоя от 2-те, а също системата ми е по-нова от предишната и просто си казах айде айде няма нужда # DelFix v1.013 - Logfile created 21/07/2017 at 22:44:56 # Updated 17/04/2016 by Xplode # Username : win7 - WIN7-PC # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits) ~ Removing disinfection tools ... Deleted : C:\FRST Deleted : C:\AdwCleaner Deleted : C:\SecurityCheck Deleted : C:\Users\win7\Desktop\AdwCleaner[C0].txt Deleted : C:\Users\win7\Desktop\AdwCleaner[S0].txt Deleted : C:\Users\win7\Desktop\JRT.txt Deleted : C:\Users\win7\Desktop\SecurityCheck.txt ~ Creating registry backup ... OK ~ Cleaning system restore ... Deleted : RP #204 [Windows Update | 07/20/2017 19:05:18] Deleted : RP #205 [Windows Update | 07/20/2017 19:22:06] Deleted : RP #206 [Windows Update | 07/20/2017 20:10:41] Deleted : RP #207 [Windows Update | 07/20/2017 23:09:32] Deleted : RP #208 [Windows Update | 07/21/2017 18:42:33] New restore point created ! ~ Resetting system settings ... OK ########## - EOF - ##########
  2. Добре сложих Инсталирай актуализациите автоматично (препоръчително) вече втори ден да не казвам голяма дума не съм имал редирект към някоя страница системата се държи добре. Дърпам ъпдейтите и се надявам това да е всичко по темата, ако има нещо (надявам се да няма) ще се наложи да ви притеснявам пак . Искам да ви благодаря, че си отделихте от времето да помогнете.. не веднъж и два пъти съм търсил помощ в форума и винаги съм бил доволен .. пичове сте ! Живи и здрави
  3. Малко се обърках сега .. всичките всеки един даунлоад ли трябва да сваля ? Skype даже нямам спомен да съм теглил такова нещо ще го изтрия. Това Never check for updates какво е това и от къде да го включа ?
  4. Не съм игнорирал съжалявам бях тръгнал да ги правя,но излезе нещо спешно от работа.. пускам 2-те програми и пращам логовете извинявам се отново ! edit: за момента не ми е прави проблеми, но и преди беше така.. ще пиша днес вечерта или утре да поразцъкам малко из браузъра да видя какво ще стане ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Junkware Removal Tool (JRT) by Malwarebytes Version: 8.1.4 (07.09.2017) Operating System: Windows 7 Ultimate x64 Ran by win7 (Administrator) on ба 19.07.2017 Ј. at 15:39:47,49 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ File System: 9 Successfully deleted: C:\Windows\wininit.ini (File) Successfully deleted: C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KIKO6D9 (Temporary Internet Files Folder) Successfully deleted: C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9DVOURG (Temporary Internet Files Folder) Successfully deleted: C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUT9HMYD (Temporary Internet Files Folder) Successfully deleted: C:\Users\win7\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLL3I1Y7 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\0KIKO6D9 (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H9DVOURG (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\JUT9HMYD (Temporary Internet Files Folder) Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\MLL3I1Y7 (Temporary Internet Files Folder) Registry: 0 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Scan was completed on ба 19.07.2017 Ј. at 15:42:20,89 End of JRT log ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ SecurityCheck.txt SecurityCheck by glax24 & Severnyj v.1.4.0.51 [13.06.17] WebSite: www.safezone.cc DateLog: 19.07.2017 15:45:03 Path starting: C:\Users\win7\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: win7 VersionXML: 4.49is-17.07.2017 ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 0402 Installation date OS: 04.04.2014 10:01:29 LicenseStatus: Windows(R) 7, Ultimate edition The machine is permanently activated. Boot Mode: Normal Default Browser: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe SystemDrive: C: FS: [NTFS] Capacity: [100 Gb] Used: [72.6 Gb] Free: [27.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.0.9600.16428 Warning! Download Update Online installation. Last version available when Windows update is enabled throught the Internet. User Account Control enabled Never check for updates Date install updates: 2014-04-04 11:46:42 Windows Update (wuauserv) - The service is running Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------- [ HotFix ] -------------------------------- HotFix KB3124000 Warning! Download Update HotFix KB3115858 Warning! Download Update HotFix KB3140735 Warning! Download Update HotFix KB3138910 Warning! Download Update HotFix KB3138962 Warning! Download Update HotFix KB3145739 Warning! Download Update HotFix KB3146963 Warning! Download Update HotFix KB3156013 Warning! Download Update HotFix KB3156016 Warning! Download Update HotFix KB3156019 Warning! Download Update HotFix KB3155178 Warning! Download Update HotFix KB3153171 Warning! Download Update HotFix KB3170455 Warning! Download Update HotFix KB3178034 Warning! Download Update HotFix KB3185911 Warning! Download Update HotFix KB3184122 Warning! Download Update HotFix KB3192391 Warning! Download Update HotFix KB3197867 Warning! Download Update HotFix KB3205394 Warning! Download Update HotFix KB4012212 Warning! Download Update HotFix KB4019263 Warning! Download Update HotFix KB4022722 Warning! Download Update ------------------------------ [ MS Office ] ------------------------------ Microsoft Office 2007 v.12.0.4518.1014 ---------------------------- [ Antivirus_WMI ] ---------------------------- ESET NOD32 Antivirus 4.2 (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Защитна стена на Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- ESET NOD32 Antivirus 4.2 (enabled and up to date) Windows Defender (enabled and out of date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- ESET NOD32 Antivirus v.4.2.67.10 -------------------------- [ SecurityUtilities ] -------------------------- SUPERAntiSpyware v.6.0.1146 Malwarebytes Anti-Malware version 2.2.1.1043 v.2.2.1.1043 Zemana AntiMalware v.2.74.0.76 --------------------------- [ OtherUtilities ] ---------------------------- WinRAR 4.20 (64-битова версия) v.4.20.0 Warning! Download Update --------------------------------- [ IM ] ---------------------------------- Skype™ 7.24 v.7.24.104 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.5.0.43916 Warning! P2P-client. -------------------------------- [ Java ] --------------------------------- Java 8 Update 45 v.8.0.450 Warning! Download Update Uninstall old version and install new one (jre-8u131-windows-i586.exe). --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 26 PPAPI v.26.0.0.131 Warning! Download Update Adobe Acrobat Reader DC v.15.010.20056 Warning! Download Update ^Please run Acrobat Reader DC and go Help - Check for updates...^ ------------------------------- [ Browser ] ------------------------------- Google Chrome v.59.0.3071.115 --------------------------- [ RunningProcess ] ---------------------------- C:\Program Files (x86)\Google\Chrome\Application\chrome.exe v.59.0.3071.115 ------------------ [ AntivirusFirewallProcessServices ] ------------------- ESET Service (ekrn) - The service is running C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe v.4.2.67.10 ESET HTTP Server (EhttpSrv) - The service has stopped MBAMScheduler (MBAMScheduler) - The service has stopped MBAMService (MBAMService) - The service has stopped SAS Core Service (!SASCORE) - The service is running D:\Install\SUPERAntiSpyware\SASCore64.exe v.6.0.0.1080 Windows Defender (WinDefend) - The service is running ZAM Controller Service (ZAMSvc) - The service is running C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe v.2.74.0.76 ---------------------------- [ UnwantedApps ] ----------------------------- Skype Click to Call v.8.5.0.9167 Warning! Browser's toolbar. It can slow down the working of your browser and have violation privacy problems. ----------------------------- [ End of Log ] ------------------------------
  5. Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 19.7.2017 г. Scan Time: 10:52 ч. Logfile: Administrator: Yes Version: 2.2.1.1043 Malware Database: v2017.07.19.02 Rootkit Database: v2017.05.27.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: win7 Scan Type: Threat Scan Result: Completed Objects Scanned: 293256 Time Elapsed: 13 min, 2 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 1 PUP.Optional.DriverAgent, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\DrvAgent64, Quarantined, [0c128fd900a91521b0a75835fb05d828], Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 1 PUP.Optional.DriverAgent, C:\Program Files (x86)\eSupport.com\driveragent, Quarantined, [130bcb9d9811b086334b0b8229d715eb], Files: 2 PUP.Optional.DriverAgent, C:\Windows\SysWOW64\drivers\DrvAgent64.SYS, Quarantined, [0c128fd900a91521b0a75835fb05d828], PUP.Optional.DriverAgent, C:\Program Files (x86)\eSupport.com\driveragent\launcher64.dll, Quarantined, [130bcb9d9811b086334b0b8229d715eb], Physical Sectors: 0 (No malicious items detected) (end) AdwCleaner[C0].txt AdwCleaner[S0].txt
  6. Стъпките ги направих, но боокмарковете си седят или може би аз не направих нещо като хората. Следвах стъпките уж Fixlog.txt
  7. Оп докато се похваля пак ме редиректна на 2пъти .... доста по-рядко ме редиректва, но все още го прави edit: почна си постаро му да си го прави на всеки 4-5 клик
  8. Не ми ги прави номерата мисля, че сега е добре много дразнещи глупости са тия зловредни софтуери от къде съм го набарал си нямам идея. Благодаря много за помощта !
  9. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017 Ran by win7 (administrator) on WIN7-PC (11-07-2017 21:10:30) Running from C:\Users\win7\Desktop\Downloads Loaded Profiles: win7 (Available Profiles: win7) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (SUPERAntiSpyware.com) D:\Install\SUPERAntiSpyware\SASCore64.exe (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () D:\Downloads\Droid4X\Droid4XService.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe () C:\ProgramData\HP Mouse Config\PlutoS.exe () C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE (Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2014-04-04] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2010-11-04] (ESET) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-08] (Advanced Micro Devices, Inc.) HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] () HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite 2.2\hpMonitor2.exe [93696 2011-04-07] (Hewlett-Packard) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\Run: [uTorrent] => C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-03] (BitTorrent Inc.) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\Run: [Gaijin.Net Agent] => C:\Users\win7\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {45b25bb8-70f2-11e6-bff7-bc5ff4ed4ba6} - I:\HiSuiteDownLoader.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {52d3c592-be31-11e3-9af0-bc5ff4ed4ba6} - G:\Setup.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {963b7465-bc5a-11e6-af1d-bc5ff4ed4ba6} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {978a01e1-d851-11e4-874d-bc5ff4ed4ba6} - H:\LG_PC_Programs.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {fb4340fa-b777-11e5-a486-bc5ff4ed4ba6} - H:\setup.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {fea4a568-76af-11e6-80d8-bc5ff4ed4ba6} - I:\HiSuiteDownLoader.exe BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{7A876607-6D94-464F-8EE9-5B454D8F5F12}: [NameServer] 212.25.58.229 212.25.58.2 Tcpip\..\Interfaces\{C9E355B3-E4B4-4587-BE42-16E8CA1DE619}: [NameServer] 212.25.58.229 212.25.58.2 Internet Explorer: ================== HKU\S-1-5-21-355088845-516130913-2903887659-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-355088845-516130913-2903887659-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-355088845-516130913-2903887659-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] Chrome: ======= CHR DefaultProfile: Default CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default [2017-07-11] CHR Extension: (Google Диск) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Google Документи офлайн) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28] CHR Extension: (Save to Facebook) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-02-25] CHR Extension: (Adblock Super) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-22] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Late Night) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2017-06-28] CHR Extension: (Chrome Media Router) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; D:\Install\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed] R2 Droid4XService; D:\Downloads\Droid4X\Droid4XService.exe [279552 2016-06-13] () [File not signed] S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [394512 2016-11-30] (EasyAntiCheat Ltd) S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2010-11-04] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2010-11-04] (ESET) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () [File not signed] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.) R2 PlutoS; C:\ProgramData\HP Mouse Config\PlutoS.exe [172032 2010-11-29] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15546512 2017-06-19] (Copyright 2017.) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-04] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170104 2010-09-03] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [126320 2010-07-29] (ESET) R1 Hmonitor45; C:\Windows\SysWOW64\drivers\hmonitor45.sys [14544 2014-09-25] (OpenLibSys.org) R3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.) R3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.) R1 SASDIFSV; D:\Install\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; D:\Install\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2017-07-11] (Zemana Ltd.) R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2017-07-11] (Zemana Ltd.) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-07-11 19:01 - 2017-07-11 19:01 - 00001641 _____ C:\Users\win7\Desktop\2017.07.11-18.41.17-i0-t92-d2.txt 2017-07-11 18:40 - 2017-07-11 21:10 - 00051470 _____ C:\Windows\ZAM.krnl.trace 2017-07-11 18:40 - 2017-07-11 21:10 - 00024141 _____ C:\Windows\ZAM_Guard.krnl.trace 2017-07-11 18:40 - 2017-07-11 18:40 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys 2017-07-11 18:40 - 2017-07-11 18:40 - 00203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys 2017-07-11 18:40 - 2017-07-11 18:40 - 00001148 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk 2017-07-11 18:40 - 2017-07-11 18:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware 2017-07-11 18:40 - 2017-07-11 18:40 - 00000000 ____D C:\Program Files (x86)\Zemana AntiMalware 2017-07-11 18:39 - 2017-07-11 18:39 - 00000000 ____D C:\Users\win7\AppData\Local\Zemana 2017-07-11 13:05 - 2017-07-11 21:10 - 00000000 ____D C:\FRST 2017-07-10 21:19 - 2017-07-11 18:57 - 00000000 ____D C:\Users\win7\AppData\LocalLow\uTorrent 2017-06-29 10:53 - 2017-06-29 10:53 - 00000000 ____D C:\Users\win7\AppData\Roaming\Hewlett-Packard 2017-06-28 22:27 - 2017-06-28 22:27 - 00000000 ____D C:\Users\win7\AppData\Roaming\Google 2017-06-22 00:58 - 2017-06-23 00:27 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-06-22 00:58 - 2017-06-22 10:07 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-06-22 00:55 - 2017-06-22 00:55 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-06-22 00:55 - 2017-06-22 00:55 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-06-22 00:55 - 2017-06-22 00:55 - 00004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-06-22 00:52 - 2017-06-22 00:49 - 00000030 _____ C:\AVScanner.ini 2017-06-18 20:54 - 2017-06-18 20:54 - 00275152 _____ C:\Windows\Minidump\061817-15085-01.dmp 2017-06-17 22:51 - 2017-06-17 22:51 - 00000000 ____D C:\Users\win7\AppData\Local\Gaijin 2017-06-11 22:00 - 2017-06-11 22:00 - 00000991 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-06-11 22:00 - 2017-06-11 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-06-11 21:59 - 2017-06-11 22:00 - 00000000 ____D C:\Program Files (x86)\HiSuite ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-07-11 21:11 - 2014-04-04 16:26 - 00000000 ____D C:\Users\win7\AppData\Roaming\uTorrent 2017-07-11 19:10 - 2014-06-05 22:05 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-355088845-516130913-2903887659-1000UA.job 2017-07-11 19:05 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-11 19:05 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-11 19:03 - 2009-07-14 08:13 - 00785878 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-11 19:03 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf 2017-07-11 18:57 - 2017-05-27 12:40 - 00000000 _____ C:\hsrv.txt 2017-07-11 18:57 - 2015-03-16 23:35 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-07-11 18:57 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-11 18:41 - 2014-04-04 13:01 - 00000000 ____D C:\Users\win7 2017-07-10 22:10 - 2014-06-05 22:05 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-355088845-516130913-2903887659-1000Core.job 2017-06-28 22:11 - 2014-04-04 17:42 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-28 22:11 - 2014-04-04 17:42 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-22 02:16 - 2014-04-04 16:13 - 00000000 ____D C:\Users\win7\AppData\Roaming\Skype 2017-06-22 00:55 - 2014-07-17 10:55 - 00000000 ____D C:\Users\win7\AppData\Local\Adobe 2017-06-22 00:55 - 2014-04-04 16:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-06-22 00:55 - 2014-04-04 16:18 - 00000000 ____D C:\Windows\system32\Macromed 2017-06-21 19:20 - 2017-04-24 11:36 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings 2017-06-18 20:54 - 2015-10-19 10:48 - 00000000 ____D C:\Windows\Minidump 2017-06-17 21:48 - 2016-12-17 14:19 - 00000000 ____D C:\Users\win7\AppData\Local\Bluestacks 2017-06-17 21:48 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Public\Libraries 2017-06-17 18:37 - 2015-10-14 12:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-11 22:00 - 2016-09-11 17:48 - 00000000 ____D C:\Users\win7\AppData\Local\Hisuite ==================== Files in the root of some directories ======= 2017-05-27 12:29 - 2017-05-27 12:41 - 0002652 _____ () C:\Users\win7\AppData\Roaming\droid4xinstaller.log 2014-11-25 13:49 - 2014-11-25 13:49 - 0045270 _____ () C:\Users\win7\AppData\Roaming\room_v3.dat 2017-01-05 16:09 - 2017-01-05 16:09 - 0000000 ____H () C:\Users\win7\AppData\Local\BIT4114.tmp 2016-11-04 11:25 - 2016-11-04 11:25 - 0000000 ____H () C:\Users\win7\AppData\Local\BITF24B.tmp 2016-06-19 22:29 - 2016-10-28 01:21 - 0007603 _____ () C:\Users\win7\AppData\Local\Resmon.ResmonCfg 2016-12-17 14:21 - 2016-11-23 16:37 - 0000570 _____ () C:\Users\win7\AppData\Local\TroubleshooterConfig.json 2015-12-03 14:06 - 2015-12-03 14:06 - 0000000 _____ () C:\Users\win7\AppData\Local\{045F019F-5147-4826-8D4F-D6845652D20D} 2015-06-03 11:01 - 2015-06-03 11:01 - 0000000 _____ () C:\Users\win7\AppData\Local\{072E3ECE-B639-4B2C-B00F-F8C046D5221C} 2014-09-03 15:10 - 2014-09-03 15:10 - 0000000 _____ () C:\Users\win7\AppData\Local\{36E5A0DC-483B-4308-B632-F71D95A0BF40} 2016-11-04 11:24 - 2016-11-04 11:25 - 0000000 _____ () C:\Users\win7\AppData\Local\{5D4D5F57-A81A-42DB-85A1-706E183D02E3} 2017-04-11 18:10 - 2017-04-11 18:10 - 0000000 _____ () C:\Users\win7\AppData\Local\{5E203125-227B-4EBA-84B5-8637FF68E4EC} 2017-01-05 16:08 - 2017-01-05 16:08 - 0000000 _____ () C:\Users\win7\AppData\Local\{60684230-B1E4-4964-AE24-CEA2BCE34C98} 2015-02-17 20:07 - 2015-02-17 20:07 - 0000000 _____ () C:\Users\win7\AppData\Local\{60C80CDB-420A-4A82-85BD-3686830D6DBA} 2015-02-23 15:22 - 2015-02-23 15:22 - 0000000 _____ () C:\Users\win7\AppData\Local\{708EE494-D3BE-417F-A21E-C8152250B52C} 2014-07-23 21:06 - 2014-07-23 21:06 - 0000000 _____ () C:\Users\win7\AppData\Local\{79C9BDA3-3E02-4F2D-9D2F-A38EC05C3BE1} 2014-08-10 14:50 - 2014-08-10 14:50 - 0000000 _____ () C:\Users\win7\AppData\Local\{87159D62-7D59-4DF6-8B33-FAF38EC3D225} 2014-09-10 16:34 - 2014-09-10 16:34 - 0000000 _____ () C:\Users\win7\AppData\Local\{8E9CB275-8C2F-4B28-9104-6B06E2677F84} 2017-04-10 12:14 - 2017-04-10 12:14 - 0000000 _____ () C:\Users\win7\AppData\Local\{AE86EE94-68CD-45B6-B58A-23F3174457C5} 2014-07-09 18:16 - 2014-07-09 18:16 - 0000000 _____ () C:\Users\win7\AppData\Local\{D017D9C5-1BD2-4147-AFE8-680CC9A316DE} 2014-08-28 18:03 - 2014-08-28 18:03 - 0000000 _____ () C:\Users\win7\AppData\Local\{D4A653B4-7CE7-47C4-BFDF-9317C70E4A2E} 2015-03-11 18:41 - 2015-03-11 18:41 - 0000000 _____ () C:\Users\win7\AppData\Local\{D62C394F-E2D8-4E6A-869F-BB02E39F9F71} 2015-11-05 15:41 - 2015-11-05 15:41 - 0000000 _____ () C:\Users\win7\AppData\Local\{DDE83A45-B753-496F-BD23-1964F067D69C} 2015-03-09 17:26 - 2015-03-09 17:26 - 0000000 _____ () C:\Users\win7\AppData\Local\{EBB28E85-99B6-466C-B9EA-6F4C9171BA5E} Some files in TEMP: ==================== 2016-12-14 02:44 - 2017-04-20 09:17 - 0050720 _____ (HP Inc.) C:\Users\win7\AppData\Local\Temp\ACLMInstaller.exe 2017-06-17 21:48 - 2016-12-13 20:24 - 0990744 _____ (BlueStack Systems, Inc.) C:\Users\win7\AppData\Local\Temp\BluestacksUninstaller.exe 2017-06-17 21:48 - 2016-12-13 20:23 - 0187416 _____ (BlueStack Systems) C:\Users\win7\AppData\Local\Temp\HD-LibraryHandler.dll 2017-06-17 21:48 - 2016-12-13 20:21 - 0246808 _____ (BlueStack Systems) C:\Users\win7\AppData\Local\Temp\HD-Logger-Native.dll 2016-10-10 23:42 - 2016-12-05 19:31 - 0037376 _____ (Microsoft) C:\Users\win7\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2016-10-10 23:42 - 2016-12-05 19:31 - 0020992 _____ (Microsoft) C:\Users\win7\AppData\Local\Temp\HiRezLauncherControls.dll 2016-09-09 19:29 - 2016-09-09 19:29 - 59392056 _____ () C:\Users\win7\AppData\Local\Temp\raptrpatch.exe 2016-09-09 19:29 - 2016-09-09 19:29 - 0221632 _____ () C:\Users\win7\AppData\Local\Temp\raptr_stub.exe 2016-08-27 12:28 - 2017-06-21 23:33 - 6098944 _____ () C:\Users\win7\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-07-02 22:50 ==================== End of FRST.txt ============================ Addition.txt
  10. Zemana AntiMalware 2.74.2.76 (Installed) ------------------------------------------------------- Scan Result : Completed Scan Date : 2017.7.11 Operating System : Windows 7 64-bit Processor : 2X AMD A4-5300 APU with Radeon(tm) HD Graphics BIOS Mode : Legacy CUID : 121C33C42DF3CC4ACA6C7C Scan Type : System Scan Duration : 8m 10s Scanned Objects : 87352 Detected Objects : 2 Excluded Objects : 0 Read Level : SCSI Auto Upload : Enabled Detect All Extensions : Disabled Scan Documents : Disabled Domain Info : WORKGROUP,0,2 Detected Objects ------------------------------------------------------- thunder network Status : Scanned Object : NE->c:\programdata\thunder network MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Thunder Network.A!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) thunder network Status : Scanned Object : NE->c:\users\public\thunder network MD5 : - Publisher : - Size : - Version : - Detection : Adware:Win32/Thunder Network.B!Neng Cleaning Action : Quarantine Related Objects : (null) - (null) Cleaning Result ------------------------------------------------------- Cleaned : 2 Reported as safe : 0 Failed : 0
  11. Ползвам "chrome" за браузър.. не знам как и от къде ( имам съмнения за замунда) ми е инфектирана системата. C "win 7" съм системно ме препраща в други страници на всеки 5-6-ти клик направен от мен. Прикачвам снимка по-долу от страницата в която ме праща и лог файловете от "FRST". Не разполагам с диск от моята ОС Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017 Ran by win7 (administrator) on WIN7-PC (11-07-2017 13:06:09) Running from C:\Users\win7\Desktop\Downloads Loaded Profiles: win7 (Available Profiles: win7) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 11 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (AMD) C:\Windows\System32\atiesrxx.exe (AMD) C:\Windows\System32\atieclxx.exe (SUPERAntiSpyware.com) D:\Install\SUPERAntiSpyware\SASCore64.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe () D:\Downloads\Droid4X\Droid4XService.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe (Hi-Rez Studios) D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe (Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe () C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe (Gaijin Entertainment) C:\Users\win7\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe () C:\ProgramData\HP Mouse Config\PlutoS.exe () C:\Program Files (x86)\Standard Mouse Driver\Monitor.EXE (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe (BitTorrent Inc.) C:\Users\win7\AppData\Roaming\uTorrent\updates\3.5.0_43916\utorrentie.exe (HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13513288 2014-04-04] (Realtek Semiconductor) HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [2919168 2010-11-04] (ESET) HKLM\...\Run: [StartCN] => C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe [8029576 2016-11-08] (Advanced Micro Devices, Inc.) HKLM-x32\...\Run: [GrooveMonitor] => C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation) HKLM-x32\...\Run: [Standard Mouse Driver] => C:\Program Files (x86)\Standard Mouse Driver\Monitor.exe [147456 2013-01-04] () HKLM-x32\...\Run: [HPMonitor] => C:\Program Files (x86)\Hewlett-Packard\HP Mouse Suite 2.2\hpMonitor2.exe [93696 2011-04-07] (Hewlett-Packard) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\Run: [uTorrent] => C:\Users\win7\AppData\Roaming\uTorrent\uTorrent.exe [2146496 2017-07-03] (BitTorrent Inc.) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\Run: [Gaijin.Net Agent] => C:\Users\win7\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2010056 2017-06-28] (Gaijin Entertainment) HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {45b25bb8-70f2-11e6-bff7-bc5ff4ed4ba6} - I:\HiSuiteDownLoader.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {52d3c592-be31-11e3-9af0-bc5ff4ed4ba6} - G:\Setup.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {963b7465-bc5a-11e6-af1d-bc5ff4ed4ba6} - J:\HiSuiteDownLoader.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {978a01e1-d851-11e4-874d-bc5ff4ed4ba6} - H:\LG_PC_Programs.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {fb4340fa-b777-11e5-a486-bc5ff4ed4ba6} - H:\setup.exe HKU\S-1-5-21-355088845-516130913-2903887659-1000\...\MountPoints2: {fea4a568-76af-11e6-80d8-bc5ff4ed4ba6} - I:\HiSuiteDownLoader.exe BootExecute: autocheck autochk * sdnclean64.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{7A876607-6D94-464F-8EE9-5B454D8F5F12}: [NameServer] 212.25.58.229 212.25.58.2 Tcpip\..\Interfaces\{C9E355B3-E4B4-4587-BE42-16E8CA1DE619}: [NameServer] 212.25.58.229 212.25.58.2 Internet Explorer: ================== HKU\S-1-5-21-355088845-516130913-2903887659-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices) BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation) BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\ssv.dll [2015-04-17] (Oracle Corporation) BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\jp2ssv.dll [2015-04-17] (Oracle Corporation) Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices) FireFox: ======== FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird FF Extension: (ESET Smart Security Extension) - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2014-04-04] [not signed] FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @java.com/DTPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\dtplugin\npDeployJava1.dll [2015-04-17] (Oracle Corporation) FF Plugin-x32: @java.com/JavaPlugin,version=11.45.2 -> C:\Program Files (x86)\Java\jre1.8.0_45\bin\plugin2\npjp2.dll [2015-04-17] (Oracle Corporation) FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File] FF Plugin-x32: @t.garena.com/garenatalk -> C:\Program Files (x86)\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [No File] FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2015-12-18] (Adobe Systems Inc.) FF Plugin HKU\S-1-5-21-355088845-516130913-2903887659-1000: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\win7\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited) FF Plugin HKU\S-1-5-21-355088845-516130913-2903887659-1000: ubisoft.com/uplaypc -> C:\Program Files (x86)\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll [No File] Chrome: ======= CHR DefaultProfile: Default CHR Session Restore: Default -> is enabled. CHR Profile: C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default [2017-07-11] CHR Extension: (Google Диск) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (Google Документи офлайн) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-15] CHR Extension: (AdBlock) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2017-06-28] CHR Extension: (Save to Facebook) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfikkaogpplgnfjmbjdpalkhclendgd [2017-02-25] CHR Extension: (Adblock Super) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\knebimhcckndhiglamoabbnifdkijidd [2015-09-22] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Late Night) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pgbdhkpacgdhfabeceekiafonfkipohm [2017-06-28] CHR Extension: (Chrome Media Router) - C:\Users\win7\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-06-29] CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; D:\Install\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com) R2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-08-04] (Advanced Micro Devices, Inc.) [File not signed] R2 Droid4XService; D:\Downloads\Droid4X\Droid4XService.exe [279552 2016-06-13] () [File not signed] S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [394512 2016-11-30] (EasyAntiCheat Ltd) S3 EhttpSrv; C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe [42360 2010-11-04] (ESET) R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [810144 2010-11-04] (ESET) U2 HiPatchService; D:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [9728 2016-12-09] (Hi-Rez Studios) [File not signed] R2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [321056 2017-06-01] (HP Inc.) R2 HuaweiHiSuiteService64.exe; C:\Program Files (x86)\HiSuite\HandSetService\HuaweiHiSuiteService64.exe [192200 2017-04-11] () [File not signed] S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [7986816 2016-11-06] (INCA Internet Co., Ltd.) R2 PlutoS; C:\ProgramData\HP Mouse Config\PlutoS.exe [172032 2010-11-29] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2012-12-03] (Advanced Micro Devices Inc.) R2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-04-04] (DT Soft Ltd) R2 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [170104 2010-09-03] (ESET) R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [141264 2010-07-29] (ESET) R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [126320 2010-07-29] (ESET) R1 Hmonitor45; C:\Windows\SysWOW64\drivers\hmonitor45.sys [14544 2014-09-25] (OpenLibSys.org) R3 HPMo4DE3; C:\Windows\System32\DRIVERS\HPMo4DE3.sys [25088 2011-03-09] (TPMX Electronics Ltd.) R3 HPub4DE3; C:\Windows\System32\Drivers\HPub4DE3.sys [18432 2011-04-12] (TPMX Electronics Ltd.) U5 hw_usbdev; C:\Windows\System32\Drivers\hw_usbdev.sys [116864 2017-04-11] (Huawei Technologies Co., Ltd.) R1 SASDIFSV; D:\Install\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; D:\Install\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com) ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-07-11 13:05 - 2017-07-11 13:06 - 00000000 ____D C:\FRST 2017-07-10 21:19 - 2017-07-11 12:31 - 00000000 ____D C:\Users\win7\AppData\LocalLow\uTorrent 2017-06-29 10:53 - 2017-06-29 10:53 - 00000000 ____D C:\Users\win7\AppData\Roaming\Hewlett-Packard 2017-06-28 22:27 - 2017-06-28 22:27 - 00000000 ____D C:\Users\win7\AppData\Roaming\Google 2017-06-22 00:58 - 2017-06-23 00:27 - 00000000 ____D C:\Program Files\Common Files\McAfee 2017-06-22 00:58 - 2017-06-22 10:07 - 00000000 ____D C:\Program Files (x86)\McAfee 2017-06-22 00:55 - 2017-06-22 00:55 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-06-22 00:55 - 2017-06-22 00:55 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-06-22 00:55 - 2017-06-22 00:55 - 00004470 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier 2017-06-22 00:52 - 2017-06-22 00:49 - 00000030 _____ C:\AVScanner.ini 2017-06-18 20:54 - 2017-06-18 20:54 - 00275152 _____ C:\Windows\Minidump\061817-15085-01.dmp 2017-06-17 22:51 - 2017-06-17 22:51 - 00000000 ____D C:\Users\win7\AppData\Local\Gaijin 2017-06-11 22:00 - 2017-06-11 22:00 - 00000991 _____ C:\Users\Public\Desktop\HiSuite.lnk 2017-06-11 22:00 - 2017-06-11 22:00 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HiSuite 2017-06-11 21:59 - 2017-06-11 22:00 - 00000000 ____D C:\Program Files (x86)\HiSuite ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-07-11 13:05 - 2014-04-04 16:26 - 00000000 ____D C:\Users\win7\AppData\Roaming\uTorrent 2017-07-11 12:39 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-07-11 12:39 - 2009-07-14 07:45 - 00026768 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-07-11 12:36 - 2009-07-14 08:13 - 00785878 _____ C:\Windows\system32\PerfStringBackup.INI 2017-07-11 12:36 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\inf 2017-07-11 12:31 - 2017-05-27 12:40 - 00000000 _____ C:\hsrv.txt 2017-07-11 12:31 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-07-11 02:21 - 2015-03-16 23:35 - 00065536 _____ C:\Windows\system32\spu_storage.bin 2017-07-11 01:10 - 2014-06-05 22:05 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-355088845-516130913-2903887659-1000UA.job 2017-07-10 22:10 - 2014-06-05 22:05 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-355088845-516130913-2903887659-1000Core.job 2017-06-28 22:11 - 2014-04-04 17:42 - 00002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-06-28 22:11 - 2014-04-04 17:42 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2017-06-22 02:16 - 2014-04-04 16:13 - 00000000 ____D C:\Users\win7\AppData\Roaming\Skype 2017-06-22 00:55 - 2014-07-17 10:55 - 00000000 ____D C:\Users\win7\AppData\Local\Adobe 2017-06-22 00:55 - 2014-04-04 16:18 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-06-22 00:55 - 2014-04-04 16:18 - 00000000 ____D C:\Windows\system32\Macromed 2017-06-21 19:20 - 2017-04-24 11:36 - 00003350 _____ C:\Windows\System32\Tasks\ESET Windows 10 upgrade – Refresh settings 2017-06-18 20:54 - 2015-10-19 10:48 - 00000000 ____D C:\Windows\Minidump 2017-06-17 21:48 - 2016-12-17 14:19 - 00000000 ____D C:\Users\win7\AppData\Local\Bluestacks 2017-06-17 21:48 - 2009-07-14 06:20 - 00000000 __RHD C:\Users\Public\Libraries 2017-06-17 18:37 - 2015-10-14 12:27 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2017-06-11 22:00 - 2016-09-11 17:48 - 00000000 ____D C:\Users\win7\AppData\Local\Hisuite ==================== Files in the root of some directories ======= 2017-05-27 12:29 - 2017-05-27 12:41 - 0002652 _____ () C:\Users\win7\AppData\Roaming\droid4xinstaller.log 2014-11-25 13:49 - 2014-11-25 13:49 - 0045270 _____ () C:\Users\win7\AppData\Roaming\room_v3.dat 2017-01-05 16:09 - 2017-01-05 16:09 - 0000000 ____H () C:\Users\win7\AppData\Local\BIT4114.tmp 2016-11-04 11:25 - 2016-11-04 11:25 - 0000000 ____H () C:\Users\win7\AppData\Local\BITF24B.tmp 2016-06-19 22:29 - 2016-10-28 01:21 - 0007603 _____ () C:\Users\win7\AppData\Local\Resmon.ResmonCfg 2016-12-17 14:21 - 2016-11-23 16:37 - 0000570 _____ () C:\Users\win7\AppData\Local\TroubleshooterConfig.json 2015-12-03 14:06 - 2015-12-03 14:06 - 0000000 _____ () C:\Users\win7\AppData\Local\{045F019F-5147-4826-8D4F-D6845652D20D} 2015-06-03 11:01 - 2015-06-03 11:01 - 0000000 _____ () C:\Users\win7\AppData\Local\{072E3ECE-B639-4B2C-B00F-F8C046D5221C} 2014-09-03 15:10 - 2014-09-03 15:10 - 0000000 _____ () C:\Users\win7\AppData\Local\{36E5A0DC-483B-4308-B632-F71D95A0BF40} 2016-11-04 11:24 - 2016-11-04 11:25 - 0000000 _____ () C:\Users\win7\AppData\Local\{5D4D5F57-A81A-42DB-85A1-706E183D02E3} 2017-04-11 18:10 - 2017-04-11 18:10 - 0000000 _____ () C:\Users\win7\AppData\Local\{5E203125-227B-4EBA-84B5-8637FF68E4EC} 2017-01-05 16:08 - 2017-01-05 16:08 - 0000000 _____ () C:\Users\win7\AppData\Local\{60684230-B1E4-4964-AE24-CEA2BCE34C98} 2015-02-17 20:07 - 2015-02-17 20:07 - 0000000 _____ () C:\Users\win7\AppData\Local\{60C80CDB-420A-4A82-85BD-3686830D6DBA} 2015-02-23 15:22 - 2015-02-23 15:22 - 0000000 _____ () C:\Users\win7\AppData\Local\{708EE494-D3BE-417F-A21E-C8152250B52C} 2014-07-23 21:06 - 2014-07-23 21:06 - 0000000 _____ () C:\Users\win7\AppData\Local\{79C9BDA3-3E02-4F2D-9D2F-A38EC05C3BE1} 2014-08-10 14:50 - 2014-08-10 14:50 - 0000000 _____ () C:\Users\win7\AppData\Local\{87159D62-7D59-4DF6-8B33-FAF38EC3D225} 2014-09-10 16:34 - 2014-09-10 16:34 - 0000000 _____ () C:\Users\win7\AppData\Local\{8E9CB275-8C2F-4B28-9104-6B06E2677F84} 2017-04-10 12:14 - 2017-04-10 12:14 - 0000000 _____ () C:\Users\win7\AppData\Local\{AE86EE94-68CD-45B6-B58A-23F3174457C5} 2014-07-09 18:16 - 2014-07-09 18:16 - 0000000 _____ () C:\Users\win7\AppData\Local\{D017D9C5-1BD2-4147-AFE8-680CC9A316DE} 2014-08-28 18:03 - 2014-08-28 18:03 - 0000000 _____ () C:\Users\win7\AppData\Local\{D4A653B4-7CE7-47C4-BFDF-9317C70E4A2E} 2015-03-11 18:41 - 2015-03-11 18:41 - 0000000 _____ () C:\Users\win7\AppData\Local\{D62C394F-E2D8-4E6A-869F-BB02E39F9F71} 2015-11-05 15:41 - 2015-11-05 15:41 - 0000000 _____ () C:\Users\win7\AppData\Local\{DDE83A45-B753-496F-BD23-1964F067D69C} 2015-03-09 17:26 - 2015-03-09 17:26 - 0000000 _____ () C:\Users\win7\AppData\Local\{EBB28E85-99B6-466C-B9EA-6F4C9171BA5E} Some files in TEMP: ==================== 2016-12-14 02:44 - 2017-04-20 09:17 - 0050720 _____ (HP Inc.) C:\Users\win7\AppData\Local\Temp\ACLMInstaller.exe 2017-06-17 21:48 - 2016-12-13 20:24 - 0990744 _____ (BlueStack Systems, Inc.) C:\Users\win7\AppData\Local\Temp\BluestacksUninstaller.exe 2017-06-17 21:48 - 2016-12-13 20:23 - 0187416 _____ (BlueStack Systems) C:\Users\win7\AppData\Local\Temp\HD-LibraryHandler.dll 2017-06-17 21:48 - 2016-12-13 20:21 - 0246808 _____ (BlueStack Systems) C:\Users\win7\AppData\Local\Temp\HD-Logger-Native.dll 2016-10-10 23:42 - 2016-12-05 19:31 - 0037376 _____ (Microsoft) C:\Users\win7\AppData\Local\Temp\HiPatchSelfUpdateWindow.exe 2016-10-10 23:42 - 2016-12-05 19:31 - 0020992 _____ (Microsoft) C:\Users\win7\AppData\Local\Temp\HiRezLauncherControls.dll 2016-09-09 19:29 - 2016-09-09 19:29 - 59392056 _____ () C:\Users\win7\AppData\Local\Temp\raptrpatch.exe 2016-09-09 19:29 - 2016-09-09 19:29 - 0221632 _____ () C:\Users\win7\AppData\Local\Temp\raptr_stub.exe 2016-08-27 12:28 - 2017-06-21 23:33 - 6098944 _____ () C:\Users\win7\AppData\Local\Temp\SkypeSetup.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-07-02 22:50 ==================== End of FRST.txt ============================ Addition.txt
  12. Здравейте момчета, искам да споделя един проблем. От седмица насам всеки 4-5 клик в нета ми отваря други странни страници ( ще прикача снимка ) случи ми се веднъж преди доста време на старото "пц" не ми даваше да си пусна компа а да сваля някъв "windows repair" това много ми напомня на него само, че през браузъра ми го отваря. Пускал съм "super anti spyware" както и "malwarebytes" намират някакви вируси махат ги, а проблема остава. Много е дразнещо, ако някои удари едно рамо ще съм много признателен..
  13. Производителност в покой

    Май май това ще да направя отдавна се каня..
  14. Производителност в покой

    64 e, честно казано отдавна нещо ми се вижда муден, но точно програма не помня да съм инсталирал и след нея конкретно да е бил проблема.. отдавна не е преинсталиран може би 2-3 години дали има шанс да е това ?
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.