Премини към съдържанието

jordansl

Потребител
  • Публикации

    10
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за jordansl

  • Титла
    Потребител
  1. Още веднъж Ви благодаря! За момента ще се опитам да овладея "доколкото успея" положението с този диск. Явно ще се взима нов диск, но поне бих искал да запазя и извлека по безболезнено цялата полезна информация от този. Ако не Ви представлява трудност и смятате, че е редно, може да преместите темата в хардуерния раздел - сигурен съм, че ще се наложи някой съвет. Поздрави и лека вечер!
  2. Кофти работа. Благодаря Ви много за отделеното време, търпението и отзивчивостта. Лошото е че се занимавам /любителски/ с фотография и на два от дяловете имам доста снимки, които за съжаление не съм архивирал на друг източник. Имам програмата /не съм я инсталирал/ HDDRegenerator. С нея се надявам поне да не се затрие нещо от диска?!? Чудя се дали да я пусна?!? Какво бихте ме посъветвали? Поздрави!
  3. Log Name: Application Source: Microsoft-Windows-Wininit Date: 6/10/2014 г. 16:44:01 ч. Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: Svetlio_dgd-PC Description: Checking file system on G: The type of the file system is NTFS. Volume label is MULTIMEDIA. One of your disks needs to be checked for consistency. You may cancel the disk check, but it is strongly recommended that you continue. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 3)... 79872 file records processed. File verification completed. 3043 large file records processed. 0 bad file records processed. 0 EA records processed. 0 reparse records processed. CHKDSK is verifying indexes (stage 2 of 3)... 87704 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 3)... 79872 file SDs/SIDs processed. Cleaning up 8 unused index entries from index $SII of file 0x9. Cleaning up 8 unused index entries from index $SDH of file 0x9. Cleaning up 8 unused security descriptors. Security descriptor verification completed. 3917 data files processed. CHKDSK is verifying Usn Journal... 145390000 USN bytes processed. Usn Journal verification completed. Read failure with status 0xc000009c at offset 0x18e6398000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639c000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639d000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639d000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639e000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639e000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639f000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639f000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e63a0000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e63a1000 for 0x1000 bytes. Replacing bad clusters in logfile. Adding 5 bad clusters to the Bad Clusters File. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system. 208756610 KB total disk space. 165001956 KB in 68899 files. 28936 KB in 3918 indexes. 76 KB in bad sectors. 294446 KB in use by the system. 65536 KB occupied by the log file. 43431196 KB available on disk. 4096 bytes in each allocation unit. 52189152 total allocation units on disk. 10857799 allocation units available on disk. Internal Info: 00 38 01 00 7d 1c 01 00 d7 bf 01 00 00 00 00 00 .8..}........... 5b 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [............... 14 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................ Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" /> <EventID Qualifiers="16384">1001</EventID> <Version>0</Version> <Level>4</Level> <Task>0</Task> <Opcode>0</Opcode> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-10-06T13:44:01.000000000Z" /> <EventRecordID>533786</EventRecordID> <Correlation /> <Execution ProcessID="0" ThreadID="0" /> <Channel>Application</Channel> <Computer>Svetlio_dgd-PC</Computer> <Security /> </System> <EventData> <Data> Checking file system on G: The type of the file system is NTFS. Volume label is MULTIMEDIA. One of your disks needs to be checked for consistency. You may cancel the disk check, but it is strongly recommended that you continue. Windows will now check the disk. CHKDSK is verifying files (stage 1 of 3)... 79872 file records processed. File verification completed. 3043 large file records processed. 0 bad file records processed. 0 EA records processed. 0 reparse records processed. CHKDSK is verifying indexes (stage 2 of 3)... 87704 index entries processed. Index verification completed. 0 unindexed files scanned. 0 unindexed files recovered. CHKDSK is verifying security descriptors (stage 3 of 3)... 79872 file SDs/SIDs processed. Cleaning up 8 unused index entries from index $SII of file 0x9. Cleaning up 8 unused index entries from index $SDH of file 0x9. Cleaning up 8 unused security descriptors. Security descriptor verification completed. 3917 data files processed. CHKDSK is verifying Usn Journal... 145390000 USN bytes processed. Usn Journal verification completed. Read failure with status 0xc000009c at offset 0x18e6398000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639c000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639d000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639d000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639e000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639e000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e639f000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e639f000 for 0x1000 bytes. Read failure with status 0xc000009c at offset 0x18e63a0000 for 0x10000 bytes. Read failure with status 0xc000009c at offset 0x18e63a1000 for 0x1000 bytes. Replacing bad clusters in logfile. Adding 5 bad clusters to the Bad Clusters File. CHKDSK discovered free space marked as allocated in the volume bitmap. Windows has made corrections to the file system. 208756610 KB total disk space. 165001956 KB in 68899 files. 28936 KB in 3918 indexes. 76 KB in bad sectors. 294446 KB in use by the system. 65536 KB occupied by the log file. 43431196 KB available on disk. 4096 bytes in each allocation unit. 52189152 total allocation units on disk. 10857799 allocation units available on disk. Internal Info: 00 38 01 00 7d 1c 01 00 d7 bf 01 00 00 00 00 00 .8..}........... 5b 17 00 00 00 00 00 00 00 00 00 00 00 00 00 00 [............... 14 00 00 00 00 00 00 00 03 00 00 00 00 00 00 00 ................ </Data> </EventData> </Event> Дано това е верният лог. Извинявам се за грешката.
  4. След изпълнението на командата chkdsk c: /x /f /r публикувам събитие WinInit Event ID 1001 Log Name: Application Source: Windows Error Reporting Date: 9/10/2014 г. 20:21:35 ч. Event ID: 1001 Task Category: None Level: Information Keywords: Classic User: N/A Computer: Svetlio_dgd-PC Description: Сбор на грешки , тип 0 Име на събитието: ServiceHang Отговор: Не е достъпен ИД на архивен файл: 0 Сигнатура на проблема: P1: HmsService P2: hmssvc.exe /Service P3: 0.0.0.0 P4: 10 P5: 2 P6: P7: P8: P9: P10: Прикачени файлове: C:\Windows\Temp\WERFE99.tmp.WERInternalMetadata.xml C:\Windows\Temp\WERFF55.tmp.hdmp C:\Windows\Temp\WERAAC2.tmp.mdmp Тези файлове може да са достъпни тук: C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppHang_HmsService_10f8976a735113ef679b4d8bffa445e8ca3c9aac_cab_048ae649 Символ за анализ: Повторна проверка за решение: 0 ИД на доклада: 84a2f6dd-4fd8-11e4-bfbf-0013f70b8f10 Състояние на доклада: 4 Event Xml: <Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event"> <System> <Provider Name="Windows Error Reporting" /> <EventID Qualifiers="0">1001</EventID> <Level>4</Level> <Task>0</Task> <Keywords>0x80000000000000</Keywords> <TimeCreated SystemTime="2014-10-09T17:21:35.000000000Z" /> <EventRecordID>534280</EventRecordID> <Channel>Application</Channel> <Computer>Svetlio_dgd-PC</Computer> <Security /> </System> <EventData> <Data> </Data> <Data>0</Data> <Data>ServiceHang</Data> <Data>Не е достъпен</Data> <Data>0</Data> <Data>HmsService</Data> <Data>hmssvc.exe /Service</Data> <Data>0.0.0.0</Data> <Data>10</Data> <Data>2</Data> <Data> </Data> <Data> </Data> <Data> </Data> <Data> </Data> <Data> </Data> <Data> C:\Windows\Temp\WERFE99.tmp.WERInternalMetadata.xml C:\Windows\Temp\WERFF55.tmp.hdmp C:\Windows\Temp\WERAAC2.tmp.mdmp</Data> <Data>C:\ProgramData\Microsoft\Windows\WER\ReportQueue\AppHang_HmsService_10f8976a735113ef679b4d8bffa445e8ca3c9aac_cab_048ae649</Data> <Data> </Data> <Data>0</Data> <Data>84a2f6dd-4fd8-11e4-bfbf-0013f70b8f10</Data> <Data>4</Data> </EventData> </Event>
  5. Стана от трети опит. Прикачвам файла, защото при опит за публикация дава съобщение, че е много дълъг. sfcdetails.txt
  6. ОК! Опитвам отново. Стартирах CMD.exe с десен бутон и "Изпълни като администратор".
  7. Изпълних командата sfc /scannow, но следващата команда не създаде txt файл на десктопа?!? Намерих го тук: C:Windows\Logs\CBS\CBS.txt /надявам се да е този/. Понеже е доста голям - около 2Мб не знам дали е редно да го публикувам?
  8. И с копиране на командата с десен бутон дава същото съобщение, цитирам го: C:\Windows\system32\ulib.dll is either not designed to run on Windows or it contains an error. Try installing the program again using the original installation media or contact your system administrator or the software vendor for support.
  9. При опит да изпълня препоръките Ви, излиза следното съобщение: Моля вижте снимката от линка /при опит да я прикача ми дава, че е с неразрешено разширение - снимката е jpeg/? http://goo.gl/8s5lNE Как да продължа нататък?
  10. Уважаеми членове на екипа HJT Team, Моля за вашите съвети и евентуално съдействие относно проблем с персоналния ми компютър. Накратко ще опиша какъв е проблемът: Преди около седмица синът ми, който основно използва ПК ми звънна и каза, че същия не иска да зареди уиндоуса /Windows 7 – 32 Bit/. След около, /доколкото разбрах/ десетина опита най-накрая е заредил през SAVE MODE, /но не от първия път през SAVE MODE/. От тогава ПК работи по-бавно и зарежда трудно /не от първия опит/. Преди два дни изобщо не искаше да зареди дори BIOSа и го изключвах от щепсела и после на дънната платка светеше бутона "Clear CMOS", който след натискане изгасна и компютъра зареди. От тогава не съм го гасил. ПК работи, но отвреме навереме „зацепва” за кратко /някога за до 5 сек., а понякога и за повече/. Това го прави независимо дали работя с някоя програма или съм само в интернет. Аз лично имам съмнение, че освен някой вирус има проблем и с HDD /WDC WD10EALX-009BA0 (931 GB)/. Сканирах го с „HDTune Pro v5.0.0 Portable” и първият път показа едно червено квадратче /около 800ния Гб/. При последващо сканиране излизат само зелени квадратчета? За защита от вируси ползвам следните програми: Malwarebytes Anti-Malware – обновява се всеки час и го пускам да сканира минимум три пъти седмично. AVAST Free Antivirus – обновява се сама, почти не се налагало да я ползвам. DISK Cleanup – ползвам я редовно, почти всеки ден. Изтеглих от темата „Системата ми е инфектирана - Какво да правя сега?” програмата „Farbar Recovery Scan Tool” и в следващия си пост ще постна и прикача резултатите. Ще съм Ви благодарен за всеки съвет и помощ, която бихте ми указали. Благодаря Ви предварително и лека вечер. Поздрави! Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 06-10-2014 01 Ran by Svetlio_dgd (administrator) on SVETLIO_DGD-PC on 08-10-2014 22:51:17 Running from C:\Users\Svetlio_dgd\Desktop Loaded Profiles: Svetlio_dgd & postgres (Available profiles: Svetlio_dgd & postgres & Guest) Platform: Microsoft Windows 7 Ultimate Service Pack 1 (X86) OS Language: Български (България) Internet Explorer Version 10 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Ellora Assets Corp.) E:\INSTALIRANI PROGRAMI\Freemake\CaptureLib\CaptureLibService.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Nalpeiron Ltd.) C:\Windows\System32\NLSSRV32.EXE (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (Sony Corporation) E:\INSTALIRANI PROGRAMI\PlayMemories Home\PMBDeviceInfoProvider.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\pg_ctl.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\Version8\TeamViewer_Service.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE (Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (PostgreSQL Global Development Group) C:\Program Files\PostgreSQL\8.4\bin\postgres.exe (Malwarebytes Corporation) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Update Core\NvBackend.exe (Microsoft Corporation) C:\Windows\System32\dllhost.exe (Microsoft Corporation) C:\Windows\System32\vds.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe (Evgeny Lachinov) E:\INSTALIRANI PROGRAMI\DMC\HMC\Home Media Server\hmssvc.exe (Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\WINWORD.EXE (FinalWire Ltd.) C:\Program Files\FinalWire\AIDA64 Extreme Edition\aida64.exe () C:\Users\Svetlio_dgd\Desktop\Purrint.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [4085896 2014-08-01] (AVAST Software) HKU\S-1-5-21-3032407643-517686676-1031731631-1000\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 HKU\S-1-5-21-3032407643-517686676-1031731631-1012\...\Policies\Explorer: [NoDriveTypeAutoRun] 0x91000000 Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\.lnk ShortcutTarget: .lnk -> C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (No File) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll (AVAST Software) ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google) BootExecute: PDBoot.exeautocheck autochk * GroupPolicy: Group Policy on Chrome detected <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.dir.bg/ HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x46D26360BF2DCC01 HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG SearchScopes: HKCU - {2AE54361-C168-4558-BE1D-F18B70F6CD45} URL = http://search.softonic.com/INF00176/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=d40554de000000000000000000000000&toi=16066&r=963 SearchScopes: HKCU - {3A40E547-20FD-44a2-94D0-1C98342D1507} URL = http://search.daum.net/search?nil_profile=ie&ref_code=ms&q={searchTerms} SearchScopes: HKCU - {FF2DC9C6-A751-4442-88D6-37849BD7200F} URL = http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} BHO: Octh Class -> {000123B4-9B42-4900-B3F7-F4B073EFC214} -> E:\INSTALIRANI PROGRAMI\Orbitdownloader\orbitcth.dll No File BHO: Fast Search -> {5AB7104A-B71F-49AD-9154-F7F8806AE848} -> C:\Program Files\Surf Canyon\surfcanyon.dll (Surf Canyon Incorporated) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation) BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software) BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.) BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - E:\INSTALIRANI PROGRAMI\Orbitdownloader\GrabPro.dll No File Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.) Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://85.91.149.71/activex/AMC.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation) Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 78.159.128.2 78.159.128.3 Tcpip\..\Interfaces\{1490DD49-61C6-41E4-834E-48D4FBA3D4F3}: [NameServer] 8.8.8.8,8.8.4.4 FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () FF Plugin: @esn.me/esnsonar,version=0.70.4 -> C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) FF Plugin: @esn/esnlaunch,version=2.3.0 -> C:\Program Files\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> E:\INSTALIRANI PROGRAMI\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File FF Plugin: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> E:\INSTALIRANI PROGRAMI\Foxit Reader\plugins\npFoxitReaderPlugin.dll No File FF Plugin: @inhatch.com,version=0.7.61 -> E:\INSTALIRANI PROGRAMI\Inhatch\npinhatch.dll No File FF Plugin: @java.com/DTPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) FF Plugin: @java.com/JavaPlugin,version=10.45.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @microsoft.com/GENUINE -> C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @microsoft.com/WLPG,version=15.4.3538.0513 -> C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) FF Plugin: @mozilla.zeniko.ch/PDFlite_Browser_Plugin -> C:\Program Files\PDFlite\npPdfViewer.dll No File FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin: @videolan.org/vlc,version=2.1.2 -> E:\INSTALIRANI PROGRAMI\VLC\npvlc.dll (VideoLAN) FF Plugin HKCU: @tools.google.com/Google Update;version=3 -> C:\Users\Svetlio_dgd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: @tools.google.com/Google Update;version=9 -> C:\Users\Svetlio_dgd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) FF Plugin HKCU: ubisoft.com/uplaypc -> C:\Program Files\Ubisoft\Ubisoft Game Launcher\npuplaypc.dll () FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: avast! Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2011-06-18] FF HKCU\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Svetlio_dgd\AppData\Roaming\IDM\idmmzcc5 Chrome: ======= CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll No File CHR Plugin: (Shockwave Flash) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\37.0.2062.124\PepperFlash\pepflashplayer.dll () CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer CHR Plugin: (Native Client) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\37.0.2062.124\ppGoogleNaClPluginChrome.dll () CHR Plugin: (Chrome PDF Viewer) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\37.0.2062.124\pdf.dll () CHR Plugin: (Orbit Downloader) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\plugins\nporbit.dll ( ) CHR Plugin: (ESN Launch Mozilla Plugin) - C:\Program Files\Battlelog Web Plugins\2.3.0\npesnlaunch.dll (ESN Social Software AB) CHR Plugin: (ESN Sonar API) - C:\Program Files\Battlelog Web Plugins\Sonar\0.70.4\npesnsonar.dll (ESN Social Software AB) CHR Plugin: (Java Deployment Toolkit 7.0.450.18) - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation) CHR Plugin: (Java Platform SE 7 U45) - C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) CHR Plugin: (Silverlight Plug-In) - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll No File CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation) CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation) CHR Plugin: (Windows Live Photo Gallery) - C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation) CHR Plugin: (Google Update) - C:\Users\Svetlio_dgd\AppData\Local\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.) CHR Plugin: (Shockwave Flash) - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll () CHR Plugin: (Windows Activation Technologies) - C:\Windows\system32\Wat\npWatWeb.dll (Microsoft Corporation) CHR Plugin: (VLC Web Plugin) - E:\INSTALIRANI PROGRAMI\VLC\npvlc.dll (VideoLAN) CHR CustomProfile: C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (YouTube) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2011-12-16] CHR Extension: (Google ) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2011-12-16] CHR Extension: (ZenMate) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2014-06-27] CHR Extension: (avast! Online Security) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2013-12-20] CHR Extension: (Google Wallet) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-22] CHR Extension: (Gmail) - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2011-12-16] CHR HKLM\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-08-01] CHR HKLM\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14] CHR StartMenuInternet: Google Chrome - C:\Users\Svetlio_dgd\AppData\Local\Google\Chrome\Application\chrome.exe CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION CHR HKCU\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) S4 Autodata Limited License Service; C:\Program Files\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2012-05-09] (Autodata Limited) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-08-01] (AVAST Software) S4 c2cautoupdatesvc; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation) S4 c2cpnrsvc; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation) R2 FreemakeVideoCapture; E:\INSTALIRANI PROGRAMI\Freemake\CaptureLib\CaptureLibService.exe [9216 2013-04-01] (Ellora Assets Corp.) [File not signed] S4 HDDSvc; C:\Program Files\Common Files\AltrixSoft\HDDInfoService\HDDSvc.exe [484304 2013-03-10] (AltrixSoft (http://www.altrixsoft.com/)) R2 HmsService; E:\INSTALIRANI PROGRAMI\DMC\HMC\Home Media Server\hmssvc.exe [5429360 2014-04-25] (Evgeny Lachinov) S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe [69632 2005-11-14] (Macrovision Corporation) [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1809720 2014-05-12] (Malwarebytes Corporation) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [860472 2014-05-12] (Malwarebytes Corporation) S4 Mcx2Svc; C:\Windows\system32\Mcx2Svc.dll [68096 2010-11-21] (Microsoft Corporation) [File not signed] R2 NvNetworkService; C:\Program Files\NVIDIA Corporation\NetService\NvNetworkService.exe [1370912 2013-11-29] (NVIDIA Corporation) R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [14657824 2013-11-29] (NVIDIA Corporation) S4 OS Selector; E:\INSTALIRANI PROGRAMI\Acronis Disk Director 11 Home v11.0.2121\OSS\reinstall_svc.exe [2139400 2010-09-29] () S4 PDAgent; E:\INSTALIRANI PROGRAMI\Raxco PerfectDisk Pro 12.5 Build 312 Final\x86\PDAgent.exe [1415032 2012-10-04] (Raxco Software, Inc.) S4 PDEngine; C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe [2166648 2012-10-04] (Raxco Software, Inc.) R2 PMBDeviceInfoProvider; E:\INSTALIRANI PROGRAMI\PlayMemories Home\PMBDeviceInfoProvider.exe [481304 2013-10-01] (Sony Corporation) S3 ServiceLayer; C:\Program Files\PC Connectivity Solution\ServiceLayer.exe [633856 2011-06-08] (Nokia) [File not signed] S2 ADExchange; C:\Program Files\Common Files\ArcSoft\esinter\Bin\eservutil.exe [X] R2 postgresql-8.4; C:/Program Files/PostgreSQL/8.4/bin/pg_ctl.exe runservice -N "postgresql-8.4" -D "C:/Program Files/PostgreSQL/8.4/data" -w [X] ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 AIDA64Driver; C:\Program Files\FinalWire\AIDA64 Extreme Edition\kerneld.x32 [28824 2011-08-18] () R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [24184 2014-08-01] () R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [67824 2014-08-01] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [81768 2014-08-01] (AVAST Software) R0 aswRvrt; C:\Windows\system32\Drivers\aswRvrt.sys [49944 2014-08-01] () R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [779536 2014-08-01] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [414520 2014-08-01] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [71944 2014-08-01] (AVAST Software) R0 aswVmm; C:\Windows\system32\Drivers\aswVmm.sys [192352 2014-08-01] () S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [279712 2012-04-19] () R2 DefragFS; C:\Windows\system32\Drivers\DefragFS.sys [104088 2012-09-11] (Raxco Software, Inc.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [218688 2011-06-18] (DT Soft Ltd) R3 ElbyCDFL; C:\Windows\System32\Drivers\ElbyCDFL.sys [27392 2005-05-03] (SlySoft, Inc.) [File not signed] R2 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [10624 2005-04-21] (Elaborate Bytes AG) [File not signed] R3 EtronHub3; C:\Windows\System32\Drivers\EtronHub3.sys [41600 2011-05-25] (Etron Technology Inc) R3 EtronXHCI; C:\Windows\System32\Drivers\EtronXHCI.sys [61824 2011-05-25] (Etron Technology Inc) R3 ezplay; C:\Windows\System32\Drivers\ezplay.sys [94208 2012-02-18] (VSO Software) R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [67184 2010-08-24] (Atheros Communications, Inc.) R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [25888 2012-04-19] () R1 mbamchameleon; C:\Windows\system32\drivers\mbamchameleon.sys [74456 2014-05-12] (Malwarebytes Corporation) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2014-05-12] (Malwarebytes Corporation) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-10-08] (Malwarebytes Corporation) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2014-05-12] (Malwarebytes Corporation) R2 npf; C:\Windows\System32\drivers\npf.sys [35088 2011-02-12] (CACE Technologies, Inc.) R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad32v.sys [34080 2013-10-30] (NVIDIA Corporation) R2 PDFSFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [69016 2012-08-23] (Raxco Software, Inc.) S0 sptd; C:\Windows\System32\Drivers\sptd.sys [639224 2011-06-18] (Duplex Secure Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [181912 2013-04-03] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 TBPanel; C:\Windows\system32\Drivers\TBPanel.sys [12256 2007-03-16] (Windows ® 2000 DDK provider) S3 USBAAPL; C:\Windows\System32\Drivers\usbaapl.sys [45056 2014-07-28] (Apple, Inc.) [File not signed] S3 AmdLLD; system32\DRIVERS\AmdLLD.sys [X] S3 dgderdrv; System32\drivers\dgderdrv.sys [X] S3 FreshIO; \??\C:\Program Files\FreshDevices\FreshDiagnose\FreshIO.sys [X] U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed] S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 22:51 - 2014-10-08 22:52 - 00022812 _____ () C:\Users\Svetlio_dgd\Desktop\FRST.txt 2014-10-08 02:54 - 2014-10-08 02:57 - 00000000 ____D () C:\Program Files\Virus Scanner 2014-10-08 01:50 - 2014-10-08 22:51 - 00000000 ____D () C:\FRST 2014-10-08 01:48 - 2014-10-08 01:49 - 01101312 _____ (Farbar) C:\Users\Svetlio_dgd\Desktop\FRST.exe 2014-10-08 01:44 - 2014-10-08 01:44 - 00000412 _____ () C:\Windows\Tasks\RegInOut on user logon - Svetlio_dgd.job 2014-10-08 01:44 - 2014-10-08 01:44 - 00000000 ____D () C:\ProgramData\RegInOut 2014-10-08 01:35 - 2014-10-08 01:35 - 00000000 ____D () C:\Program Files\PC Drivers HeadQuarters 2014-10-03 13:39 - 2014-09-25 04:40 - 00519680 _____ (Microsoft Corporation) C:\Windows\system32\qdvd.dll 2014-09-24 11:04 - 2014-09-10 00:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-09-23 23:21 - 2014-09-23 23:21 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Better File Series 2014-09-19 14:21 - 2014-10-06 20:04 - 00003528 _____ () C:\Windows\setupact.log 2014-09-19 14:21 - 2014-09-19 14:21 - 00416920 _____ () C:\Windows\system32\FNTCACHE.DAT 2014-09-19 14:21 - 2014-09-19 14:21 - 00000000 _____ () C:\Windows\setuperr.log 2014-09-16 20:25 - 2014-09-16 20:25 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\Skype 2014-09-16 20:25 - 2014-09-16 20:25 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2014-09-16 20:25 - 2014-09-16 20:25 - 00000000 ____D () C:\Program Files\Common Files\Skype 2014-09-13 12:54 - 2014-09-13 12:54 - 00000000 ____D () C:\Users\Guest\AppData\Local\NVIDIA Corporation 2014-09-13 12:53 - 2014-09-13 12:53 - 00000000 ____D () C:\Users\Guest\AppData\Local\NVIDIA 2014-09-11 00:28 - 2014-09-11 00:30 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\Apple Computer 2014-09-11 00:28 - 2014-09-11 00:28 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\Apple Computer 2014-09-11 00:27 - 2014-09-11 00:42 - 00000000 ____D () C:\ProgramData\188F1432-103A-4ffb-80F1-36B633C5C9E1 2014-09-11 00:26 - 2014-09-11 00:26 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\Apple 2014-09-11 00:25 - 2014-10-06 14:39 - 00000000 ____D () C:\Program Files\Bonjour 2014-09-11 00:24 - 2014-09-11 00:52 - 00000000 ____D () C:\ProgramData\Apple 2014-09-10 10:23 - 2014-08-17 06:57 - 14369280 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 13757440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 02861568 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 02055168 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 01766400 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 01440768 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-09-10 10:23 - 2014-08-17 06:57 - 01180672 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00493056 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00391168 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00357888 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00226816 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00163840 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00109056 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00080384 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00061440 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00042496 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-09-10 10:23 - 2014-08-17 06:57 - 00039424 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-09-10 10:23 - 2014-08-17 06:57 - 00033280 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-09-10 10:23 - 2014-08-16 09:43 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-09-10 10:23 - 2014-08-16 08:53 - 00071680 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe 2014-09-10 10:22 - 2014-06-27 04:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-09-10 10:17 - 2014-07-07 04:40 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-09-10 10:17 - 2014-07-07 04:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-09-10 10:17 - 2014-06-24 05:59 - 01987584 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll 2014-09-10 10:16 - 2014-08-01 14:35 - 00793600 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-10-08 22:49 - 2012-04-02 15:11 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-10-08 22:48 - 2011-06-18 17:10 - 00001032 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3032407643-517686676-1031731631-1000UA.job 2014-10-08 22:39 - 2011-10-30 02:03 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\Vso 2014-10-08 22:38 - 2013-07-21 02:48 - 00000068 _____ () C:\Users\Svetlio_dgd\AppData\Local\Images.fl 2014-10-08 22:36 - 2014-04-22 15:03 - 00110296 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2014-10-08 22:31 - 2011-06-24 14:35 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2014-10-08 21:54 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\tracing 2014-10-08 21:49 - 2012-08-24 21:00 - 01124551 _____ () C:\Windows\WindowsUpdate.log 2014-10-08 21:26 - 2011-06-19 12:14 - 00000000 ____D () C:\ProgramData\TEMP 2014-10-08 20:48 - 2011-06-18 17:10 - 00000980 _____ () C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-3032407643-517686676-1031731631-1000Core.job 2014-10-08 20:23 - 2014-06-03 17:54 - 00000000 ____D () C:\ProgramData\Home Media Server 2014-10-08 20:19 - 2011-06-18 18:13 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\uTorrent 2014-10-08 17:30 - 2011-09-05 15:15 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\HoldemManager 2014-10-08 17:00 - 2011-07-01 13:52 - 00000388 _____ () C:\Windows\Tasks\At1.job 2014-10-08 02:54 - 2014-08-15 22:11 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\Viber 2014-10-08 02:51 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-10-08 02:00 - 2013-01-08 20:39 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\CrashDumps 2014-10-08 01:15 - 2011-07-17 14:13 - 00000000 ___RD () C:\Users\Svetlio_dgd\Desktop\TOOLS 2014-10-08 00:56 - 2011-06-21 22:00 - 04043616 _____ () C:\Windows\system32\perfh015.dat 2014-10-08 00:56 - 2011-06-21 22:00 - 03311368 _____ () C:\Windows\system32\perfc015.dat 2014-10-08 00:56 - 2011-06-21 21:56 - 04027254 _____ () C:\Windows\system32\perfh019.dat 2014-10-08 00:56 - 2011-06-21 21:56 - 03304780 _____ () C:\Windows\system32\perfc019.dat 2014-10-08 00:56 - 2010-11-21 00:01 - 00006848 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-10-07 23:30 - 2011-06-24 14:35 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2014-10-06 21:02 - 2013-09-26 23:05 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hard Disk Sentinel 2014-10-06 20:47 - 2011-07-17 13:48 - 00000000 ____D () C:\Windows\XSxS 2014-10-06 20:13 - 2009-07-14 07:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-10-06 20:13 - 2009-07-14 07:34 - 00026576 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-10-06 20:04 - 2012-04-05 16:04 - 00065536 _____ () C:\Windows\system32\Ikeext.etl 2014-10-06 20:04 - 2011-06-18 17:40 - 00000000 ____D () C:\ProgramData\NVIDIA 2014-10-06 20:04 - 2009-07-14 07:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-10-06 19:07 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\LogFiles 2014-10-06 16:44 - 2012-01-01 18:42 - 00000000 ____D () C:\Users\postgres.Svetlio_dgd-PC.002 2014-10-02 14:57 - 2012-06-24 17:21 - 00000000 ___RD () C:\Users\Svetlio_dgd\Desktop\POKER 2014-10-02 14:54 - 2011-10-05 03:44 - 00000000 ____D () C:\Program Files\Holdem Manager 2 2014-09-30 00:16 - 2011-06-18 17:03 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\Skype 2014-09-26 14:18 - 2009-07-14 07:53 - 00032538 _____ () C:\Windows\Tasks\SCHEDLGU.TXT 2014-09-25 14:39 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\rescache 2014-09-24 11:04 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\ru-RU 2014-09-24 11:04 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\pl-PL 2014-09-24 11:04 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\he-IL 2014-09-24 11:04 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\de-DE 2014-09-24 11:04 - 2009-07-14 05:37 - 00000000 ____D () C:\Windows\system32\bg-BG 2014-09-23 23:30 - 2011-06-21 22:42 - 00000000 ___RD () C:\Users\Svetlio_dgd\Desktop\PHOTO 2014-09-22 03:45 - 2012-02-21 00:22 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\Microgaming 2014-09-21 21:29 - 2011-07-18 22:08 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Local\PokerStars.BG 2014-09-18 23:46 - 2013-11-21 23:07 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\AIMP3 2014-09-18 23:46 - 2012-11-10 00:23 - 00000000 ____D () C:\Users\Svetlio_dgd\.thumbnails 2014-09-18 23:46 - 2011-06-18 22:10 - 00000000 ____D () C:\Users\Svetlio_dgd\AppData\Roaming\DAEMON Tools Lite 2014-09-18 23:46 - 2011-06-18 16:44 - 00000000 ____D () C:\Windows\Panther 2014-09-18 23:28 - 2014-08-09 03:10 - 00000020 _____ () C:\Windows\system32\PDBootState 2014-09-18 02:54 - 2011-07-18 22:08 - 00000000 ____D () C:\Program Files\PokerStars 2014-09-16 20:27 - 2011-06-18 17:02 - 00000000 ____D () C:\Program Files\Skype 2014-09-16 20:25 - 2012-09-05 04:32 - 00002503 _____ () C:\Users\Public\Desktop\Skype.lnk 2014-09-16 20:25 - 2011-06-18 17:02 - 00000000 ____D () C:\ProgramData\Skype 2014-09-15 09:06 - 2011-06-18 16:35 - 00231568 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe 2014-09-13 02:09 - 2012-11-10 00:04 - 00000000 ____D () C:\Users\Svetlio_dgd\.gimp-2.8 2014-09-12 18:18 - 2012-01-21 16:44 - 00001083 _____ () C:\Users\Svetlio_dgd\AppData\Roaming\burnaware.ini 2014-09-11 00:27 - 2011-07-26 16:39 - 00000000 ____D () C:\ProgramData\Apple Computer Files to move or delete: ==================== C:\Windows\Tasks\At1.job Some content of TEMP: ==================== C:\Users\Svetlio_dgd\AppData\Local\Temp\Downloader.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2014-10-06 03:26 ==================== End Of Log ============================ Addition.txt
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.