Премини към съдържанието

newmant

Потребител
  • Публикации

    12
  • Регистрация

  • Последно онлайн

Харесвания

5 Неутрална репутация

Всичко за newmant

  • Титла
    Потребител
  1. Много благодаря, намерих камерата, работи, но след това къде да търся снимките и видеото?
  2. Извинявай може ли малко по-подробно да обясниш.Какъв е този магазин? Наистина съм доста бос в тия работи.
  3. Путин: Славянската писменост дойде в Русия от македонската земя

    Аз ще поясня.На първо място в света е по брой на детските аборти, В челните позиции при алкохолизма и разводите, иначе стожера на православието! Рускинята е синоним на лека жена а руснака на алокохолик, руската държава пък е просто един доставчик на природни ресурси за големите западноевропейски икономики и нищо повече!
  4. Благодаря за линка но нищо не става! За уиндолс 10 про гледам и пак не става работата.....
  5. Нищо не излиза в тази папка Друг начин няма ли за снимане с камерата? Някаква програма или нещо друго? Как изобщо да я пусна да снима?
  6. Я дай малко по-подробно като за начинаещ моля!
  7. Здравейте! Искам да си направя снимки с камерата на лаптопа, някой ще ми каже ли как става? Направих си на профила на скайпа но незная как да я преместя оттам понеже няма копи пейст нищо. Благодаря предварително.
  8. Fix result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by user (03-04-2017 20:07:55) Run:1 Running from C:\Users\user\Desktop Loaded Profiles: user (Available Profiles: user) Boot Mode: Normal ============================================== fixlist content: ***************** start CreateRestorePoint: CloseProcesses: Handler: WSWSVCUchrome - No CLSID Value CHR Extension: (QuickPrint) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncnemgkphkkeoehcicfbljianpmkabm [2017-03-08] CHR Extension: (AA.com CBG) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblpcphmfdcbjdmkognjbeileginmpdp [2017-03-25] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09] Task: {CEB40C39-D181-4FE8-A38B-9318A745E9C9} - System32\Tasks\{3180CFD3-C66F-42C6-9418-04DC418870B7} => pcalua.exe -a H:\autorun.exe -d H:\ FirewallRules: [{C0DF42B0-C9FA-4B29-B3B5-F21B0E1F624B}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe FirewallRules: [{091E12EC-19AE-4EEF-A1A1-C80E53D30D9C}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe cmd: bitsadmin /reset /allusers cmd: netsh winsock reset catalog cmd: ipconfig /flushdns RemoveProxy: EmptyTemp: end ***************** Restore point was successfully created. Processes closed successfully. HKCR\PROTOCOLS\Handler\WSWSVCUchrome => key not found. C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncnemgkphkkeoehcicfbljianpmkabm => moved successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblpcphmfdcbjdmkognjbeileginmpdp => moved successfully C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{CEB40C39-D181-4FE8-A38B-9318A745E9C9} => key removed successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{CEB40C39-D181-4FE8-A38B-9318A745E9C9} => key removed successfully C:\Windows\System32\Tasks\{3180CFD3-C66F-42C6-9418-04DC418870B7} => moved successfully HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{3180CFD3-C66F-42C6-9418-04DC418870B7} => key removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C0DF42B0-C9FA-4B29-B3B5-F21B0E1F624B} => value removed successfully HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{091E12EC-19AE-4EEF-A1A1-C80E53D30D9C} => value removed successfully ========= bitsadmin /reset /allusers ========= BITSADMIN version 3.0 [ 7.8.10240 ] BITS administration utility. (C) Copyright 2000-2006 Microsoft Corp. BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows. Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets. {4A72DA35-7420-4E17-BA2E-8C8EDC0E988E} canceled. {A203C99D-6AFD-4ABE-A44C-F2670E315BD2} canceled. 2 out of 2 jobs canceled. ========= End of CMD: ========= ========= netsh winsock reset catalog ========= Sucessfully reset the Winsock Catalog. You must restart the computer in order to complete the reset. ========= End of CMD: ========= ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= ========= RemoveProxy: ========= HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully ========= End of RemoveProxy: ========= =========== EmptyTemp: ========== BITS transfer queue => 32768 B DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 12826239 B Java, Flash, Steam htmlcache => 720 B Windows/system/drivers => 0 B Edge => 0 B Chrome => 469831173 B Firefox => 12927888 B Opera => 0 B Temp, IE cache, history, cookies, recent: Default => 0 B Users => 0 B ProgramData => 0 B Public => 0 B systemprofile => 128 B systemprofile32 => 0 B LocalService => 818 B NetworkService => 21643264 B user => 47170488 B RecycleBin => 5296656386 B EmptyTemp: => 5.5 GB temporary data Removed. ================================ The system needed a reboot. ==== End of Fixlog 20:10:05 ====
  9. Здравейте, качвам файловете но мисля че се оправи пустия лаптоп много благодаря! # AdwCleaner v6.045 - Logfile created 02/04/2017 at 18:06:42 # Updated on 28/03/2017 by Malwarebytes # Database : 2017-04-01.1 [Server] # Operating System : Windows 10 Pro (X64) # Username : user - DESKTOP-0IMQORD # Running from : C:\Users\user\Downloads\adwcleaner_6.045.exe # Mode: Clean # Support : https://www.malwarebytes.com/support ***** [ Services ] ***** [-] Service deleted: RelevantKnowledge ***** [ Folders ] ***** [-] Folder deleted: C:\users\user\AppData\Local\MalwareProtectionLive [-] Folder deleted: C:\Program Files\Reimage [#] Folder deleted on reboot: C:\Program Files\reimage [-] Folder deleted: C:\Program Files (x86)\RelevantKnowledge [-] Folder deleted: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle ***** [ Files ] ***** [-] File deleted: C:\users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Malware Protection Live.lnk [-] File deleted: C:\Windows\SysNative\rlls64.dll [-] File deleted: C:\Windows\Reimage.ini [-] File deleted: C:\Windows\SysWOW64\rlls.dll [-] File deleted: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default\searchplugins\yahoo_ff.xml ***** [ DLL ] ***** ***** [ WMI ] ***** ***** [ Shortcuts ] ***** ***** [ Scheduled Tasks ] ***** ***** [ Registry ] ***** [#] Key deleted on reboot: HKLM\SYSTEM\CurrentControlSet\services\relevantknowledge [-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [-] Key deleted: HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine [#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\REI_AxControl.ReiEngine.1 [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4} [-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546} [-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36} [-] Key deleted: HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484} [-] Key deleted: HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Reimage [-] Key deleted: HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. [#] Key deleted on reboot: HKCU\Software\Reimage [#] Key deleted on reboot: HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{D08D9F98-1C78-4704-87E6-368B0023D831} [-] Key deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MalwareProtectionLive [#] Key deleted on reboot: [x64] HKCU\Software\Reimage [#] Key deleted on reboot: [x64] HKCU\Software\Local AppWizard-Generated Applications\Reimage - Windows Problem Relief. [-] Key deleted: [x64] HKLM\SOFTWARE\Reimage [-] Data restored: HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data restored: HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Data restored: [x64] HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] [-] Key deleted: HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Microsoft\Internet Explorer\SearchScopes\{84A468F1-291D-4521-85A0-3E743B96207B} [#] Key deleted on reboot: HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84A468F1-291D-4521-85A0-3E743B96207B} [#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{84A468F1-291D-4521-85A0-3E743B96207B} [-] Value deleted: HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MalwareProtectionLive] [-] Value deleted: [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32 [MalwareProtectionLive] [-] Key deleted: HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL [-] Value deleted: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] [#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] [#] Value deleted on reboot: HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] [-] Key deleted: HKLM\SOFTWARE\Google\Chrome\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle ***** [ Web browsers ] ***** [-] Firefox preferences cleaned: "browser.startup.homepage" - "hxxps://fr.search.yahoo.com/?type=937811&fr=spigot-yhp-ff" [-] Firefox preferences cleaned: "keyword.URL" - "hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=683775&p=" [-] [C:\Users\user\AppData\Local\Google\Chrome\User Data\Default] [extension] Deleted: mkndcbhcgphcfkkddanakjiepeknbgle ************************* :: "Tracing" keys deleted :: Winsock settings cleared ************************* C:\AdwCleaner\AdwCleaner[C0].txt - [4962 Bytes] - [02/04/2017 18:06:42] C:\AdwCleaner\AdwCleaner[S0].txt - [5130 Bytes] - [02/04/2017 18:05:28] ########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [5108 Bytes] ########## Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by user (administrator) on DESKTOP-0IMQORD (02-04-2017 18:18:20) Running from C:\Users\user\Downloads Loaded Profiles: user (Available Profiles: user) Platform: Windows 10 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8519424 2015-11-13] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2934440 2015-05-07] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-13] (AVAST Software) HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-13] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-13] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{bee830ba-5195-4406-9071-5a39aa080c20}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{d191f7ca-366f-4262-8d21-47af0f88d779}: [DhcpNameServer] 185.82.217.89 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = Handler: WSWSVCUchrome - No CLSID Value FireFox: ======== FF DefaultProfile: epwhtpim.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default [2017-04-02] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\epwhtpim.default -> Yahoo! FF SelectedSearchEngine: Mozilla\Firefox\Profiles\epwhtpim.default -> Yahoo! FF Extension: (Firefox Hotfix) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-06] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-06] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-04-02] CHR Extension: (Avast SafePrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-18] CHR Extension: (QuickPrint) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncnemgkphkkeoehcicfbljianpmkabm [2017-03-08] CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-08] CHR Extension: (AA.com CBG) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblpcphmfdcbjdmkognjbeileginmpdp [2017-03-25] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-13] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-13] (AVAST Software) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2269440 2015-07-10] (Broadcom Corporation.) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-11-13] (Intel Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [306944 2015-11-13] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237224 2015-05-07] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-13] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-13] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-13] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-13] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-13] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-13] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-13] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-13] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-13] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-13] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-07-10] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-11-13] (Broadcom Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-12-12] (DT Soft Ltd) R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5864888 2015-11-13] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) S3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-20] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-05-07] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-02 18:18 - 2017-04-02 18:19 - 00013271 _____ C:\Users\user\Downloads\FRST.txt 2017-04-02 18:08 - 2017-04-02 18:08 - 00016148 _____ C:\Windows\system32\DESKTOP-0IMQORD_user_HistoryPrediction.bin 2017-04-02 17:59 - 2017-04-02 18:06 - 00000000 ____D C:\AdwCleaner 2017-04-02 17:58 - 2017-04-02 17:58 - 04089296 _____ C:\Users\user\Downloads\adwcleaner_6.045.exe 2017-04-02 17:28 - 2017-04-02 18:18 - 00000000 ____D C:\FRST 2017-04-02 17:26 - 2017-04-02 17:27 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2017-04-02 17:24 - 2017-04-02 17:24 - 02424832 _____ (Farbar) C:\Users\user\Downloads\Unconfirmed 872026.crdownload 2017-04-02 10:48 - 2017-04-02 10:50 - 00000000 ____D C:\Users\user\AppData\Local\Comms 2017-04-01 17:34 - 2017-04-01 18:09 - 00000000 ____D C:\Users\user\Downloads\[OtakuBG] Hellsing Ultimate I-X + The Dawn I-II (720p.x264.AC3) 2017-04-01 15:50 - 2017-04-01 15:50 - 00032190 _____ C:\Users\user\Downloads\%5BOtakuBG%5D Hellsing Ultimate I-X %2B The Dawn I-II %28720p.x264.AC3%29.torrent 2017-04-01 15:48 - 2017-04-01 15:54 - 00000000 ____D C:\Users\user\Downloads\[OtakuBG] Drifters [1280x720 x264 AAC][c] 2017-04-01 15:48 - 2017-04-01 15:48 - 00017439 _____ C:\Users\user\Downloads\%5BOtakuBG%5D Drifters %5B1280x720 x264 AAC%5D%5Bc%5D.torrent 2017-04-01 11:53 - 2017-04-01 11:53 - 00002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-04-01 11:53 - 2017-04-01 11:53 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-04-01 11:53 - 2017-04-01 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-04-01 11:53 - 2017-04-01 11:53 - 00000000 ____D C:\Program Files\CCleaner 2017-04-01 11:50 - 2017-04-01 11:52 - 09274608 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup528.exe 2017-04-01 09:08 - 2017-04-01 12:20 - 00000000 ____D C:\Users\user\AppData\Local\PDFCreator 2017-03-31 21:56 - 2017-03-31 21:57 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (3).exe 2017-03-30 20:17 - 2017-03-30 20:17 - 00028500 _____ C:\Users\user\Downloads\mi nismo andjeli 2.torrent 2017-03-30 20:05 - 2017-03-30 20:05 - 00014623 _____ C:\Users\user\Downloads\Mi nismo andjeli 3.torrent 2017-03-25 18:07 - 2017-03-25 18:08 - 00000000 ____D C:\Users\user\AppData\Local\YesMessenger 2017-03-25 18:04 - 2017-03-25 18:04 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (2).exe 2017-03-25 18:04 - 2017-03-25 18:04 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\Unconfirmed 984158.crdownload 2017-03-25 18:02 - 2017-03-25 18:02 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (1).exe 2017-03-25 17:59 - 2017-03-25 17:59 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger.exe 2017-03-24 20:07 - 2017-04-01 19:31 - 00000000 ____D C:\Users\user\Downloads\Westworld.S01.HDTV.x265.AAC-WAR 2017-03-22 23:11 - 2017-03-22 23:11 - 00015645 _____ C:\Users\user\Downloads\Westworld.S01.HDTV.x265.AAC-WAR.torrent 2017-03-22 22:44 - 2017-03-24 22:31 - 00000000 ____D C:\Users\user\Downloads\Rogue.One.2016.576p.BRRip.x264-DiN 2017-03-22 22:40 - 2017-03-22 22:40 - 00013293 _____ C:\Users\user\Downloads\Rogue.One.2016.576p.BRRip.x264-DiN.torrent 2017-03-21 23:09 - 2017-03-21 23:16 - 00000000 ____D C:\Users\user\Downloads\Live.by.Night.2016.BRRip.x264-DiN 2017-03-21 23:05 - 2017-03-21 23:05 - 00011371 _____ C:\Users\user\Downloads\Live.by.Night.2016.BRRip.x264-DiN.torrent 2017-03-21 23:04 - 2017-03-21 23:05 - 00039198 _____ C:\Users\user\Downloads\live.by.night.2016.720p.brrip.x264.ac3-abg(subsunacs.net).rar 2017-03-19 20:53 - 2017-03-19 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-19 20:53 - 2017-03-19 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-19 19:09 - 2017-03-19 20:26 - 00000000 ____D C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1 2017-03-19 19:03 - 2017-03-19 19:03 - 00079278 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1.torrent 2017-03-19 19:03 - 2017-03-19 19:03 - 00079278 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1 (1).torrent 2017-03-19 19:01 - 2017-03-19 19:01 - 00016603 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.XviD.AC3-EVO.rar 2017-03-18 19:26 - 2017-03-19 15:45 - 00000000 ____D C:\Users\user\Downloads\Black.Sails.S01.HDTV.x264-MiXED 2017-03-14 22:33 - 2017-03-14 22:33 - 00033770 _____ C:\Users\user\Downloads\tgame-din(subsunacs.net).rar 2017-03-14 22:31 - 2017-03-19 06:26 - 00000000 ____D C:\Users\user\Downloads\Gold.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-03-13 23:14 - 2017-03-13 23:14 - 00000000 ___HD C:\$AV_ASW 2017-03-13 22:31 - 2017-03-13 22:31 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-12 00:27 - 2017-03-12 00:27 - 00000000 _____ C:\Users\user\Desktop\знак на ръката-всеки миг е прекрасен.txt 2017-03-11 19:48 - 2017-04-01 11:58 - 00000032 _____ C:\Users\user\Desktop\КИНОА.КАНЕЛА.БАНАНИ И РЕЦЕПТИ.txt 2017-03-11 09:59 - 2017-04-01 21:15 - 00006364 _____ C:\Users\user\Desktop\тесаракти.txt 2017-03-05 20:35 - 2017-03-09 22:39 - 00000000 ____D C:\Users\user\Downloads\Collateral.Beauty.2016.BRRip.XviD - DiN 2017-03-05 20:34 - 2017-03-05 20:34 - 00013739 _____ C:\Users\user\Downloads\Collateral.Beauty.2016.BRRip.XviD-DiN.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-02 18:13 - 2015-11-13 15:45 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-02 18:13 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF 2017-04-02 18:08 - 2015-11-13 16:29 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles 2017-04-02 18:08 - 2015-11-13 16:28 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-04-02 18:08 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-04-02 18:07 - 2015-07-10 11:05 - 00131072 ___SH C:\Windows\system32\config\BBI 2017-04-02 17:34 - 2015-11-13 15:54 - 00000000 ____D C:\Users\user\AppData\Local\ClassicShell 2017-04-02 17:28 - 2016-10-11 23:31 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A92CAF24-D3B7-4C94-A5EA-86B87E22BB1A} 2017-04-02 16:48 - 2015-11-13 15:54 - 00000000 ____D C:\Users\user\AppData\Roaming\AIMP3 2017-04-02 14:56 - 2016-10-09 21:12 - 00000051 _____ C:\Users\user\Desktop\registracii.txt 2017-04-02 12:44 - 2016-10-09 09:56 - 00000000 ____D C:\Program Files (x86)\Sports Interactive 2017-04-02 12:44 - 2015-11-13 16:46 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2017-04-02 12:16 - 2015-11-13 15:41 - 00000000 ____D C:\Users\user\AppData\Local\Packages 2017-04-02 12:16 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness 2017-04-02 10:41 - 2017-02-12 01:28 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-04-01 23:08 - 2016-12-10 01:05 - 00000000 ____D C:\Users\user\AppData\Roaming\qBittorrent 2017-04-01 15:32 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\LiveKernelReports 2017-04-01 12:20 - 2015-12-12 08:31 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite 2017-04-01 12:20 - 2015-12-11 22:40 - 00000000 ____D C:\Users\user\AppData\Roaming\MPC-HC 2017-04-01 12:20 - 2015-11-13 16:06 - 00000000 ____D C:\Program Files\PDFCreator 2017-04-01 11:55 - 2017-03-02 00:38 - 00000000 ____D C:\Windows\Minidump 2017-04-01 11:55 - 2015-11-14 01:25 - 00000000 ____D C:\Windows\Panther 2017-03-31 20:18 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF 2017-03-21 22:32 - 2015-11-13 16:10 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2017-03-19 20:53 - 2015-11-13 16:01 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-03-19 20:53 - 2015-11-13 16:01 - 00000000 ____D C:\ProgramData\Skype 2017-03-19 20:52 - 2015-11-13 16:13 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-19 12:56 - 2017-01-07 19:37 - 00000777 _____ C:\Users\user\Desktop\ВСИЧКО КОЕТО МОЖЕМ ДА СИ ПРЕДСТАВИМ МОЖЕ ДА СЕ СЛУЧИ.txt 2017-03-15 22:51 - 2016-05-15 05:36 - 00004022 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1463283406 2017-03-15 22:51 - 2016-05-15 05:36 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-03-14 22:06 - 2015-11-13 16:10 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-03-14 21:58 - 2015-11-13 16:01 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-03-14 21:58 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-03-14 21:58 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Macromed 2017-03-13 22:31 - 2016-05-13 19:44 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148943720232804 2017-03-13 22:31 - 2015-11-13 16:10 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-12 23:30 - 2017-02-28 21:07 - 00005753 _____ C:\Users\user\Desktop\ДИШАНЕ.txt 2017-03-12 20:43 - 2016-01-24 18:58 - 00000000 ____D C:\Users\user\Desktop\knigi 2017-03-11 09:58 - 2016-01-31 20:25 - 00000000 ____D C:\Users\user\Desktop\Е-книги 2017-03-05 22:12 - 2017-03-01 21:34 - 00000000 ____D C:\Users\user\Downloads\Dark.City.1998.DC.BDRip.XviD.AC3-WAR Some files in TEMP: ==================== 2016-08-16 09:48 - 2016-08-16 09:48 - 0488960 _____ () C:\Users\user\AppData\Local\Temp\sqlite3.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-28 19:02 ==================== End of FRST.txt ============================ Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-03-2017 Ran by user (02-04-2017 18:20:02) Running from C:\Users\user\Downloads Windows 10 Pro (X64) (2015-11-13 13:38:12) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3011235310-1495189086-2436255903-500 - Administrator - Disabled) DefaultAccount (S-1-5-21-3011235310-1495189086-2436255903-503 - Limited - Disabled) Guest (S-1-5-21-3011235310-1495189086-2436255903-501 - Limited - Disabled) user (S-1-5-21-3011235310-1495189086-2436255903-1001 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) Adobe Flash Player 25 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 25.0.0.127 - Adobe Systems Incorporated) AIMP3 (HKLM-x32\...\AIMP3) (Version: v3.60.1503, 26.09.2015 - AIMP DevTeam) Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 17.2.2288 - AVAST Software) Broadcom 802.11 Network Adapter (HKLM\...\Broadcom 802.11 Network Adapter) (Version: 7.35.275.0 - Broadcom Corporation) Broadcom Bluetooth Drivers (HKLM\...\{0A1B4690-E176-4533-8058-939480AEE1D0}) (Version: 12.0.1.695 - Broadcom Corporation) CCleaner (HKLM\...\CCleaner) (Version: 5.28 - Piriform) CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5931 - CDBurnerXP) Classic Shell (HKLM\...\{E289B7DD-6732-4333-A47A-75A145D23EE3}) (Version: 4.2.4 - IvoSoft) DAEMON Tools Lite (HKLM-x32\...\DAEMON Tools Lite) (Version: 4.47.1.0333 - Disc Soft Ltd) Foxit Reader (HKLM-x32\...\Foxit Reader_is1) (Version: 7.2.2.929 - Foxit Software Inc.) GOM Player (HKLM-x32\...\GOM Player) (Version: 2.2.72.5234 - Gretech Corporation) Google Chrome (HKLM-x32\...\{DC7D9EC9-2AD1-33A7-92CF-5F5051E62843}) (Version: 46.0.2490.86 - Google, Inc.) Google Update Helper (x32 Version: 1.3.32.7 - Google Inc.) Hidden HP Wireless Button Driver (HKLM-x32\...\{EFA01423-3857-468C-B7B6-F30AA08E50BC}) (Version: 1.1.5.1 - Име на компания) Intel(R) Chipset Device Software (x32 Version: 10.1.1.7 - Intel(R) Corporation) Hidden Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation) IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.40 - Irfan Skiljan) K-Lite Codec Pack 11.6.5 Full (HKLM-x32\...\KLiteCodecPack_is1) (Version: 11.6.5 - ) KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 4.0.1.5 - PandoraTV) Microsoft Office Standard 2007 (HKLM-x32\...\STANDARD) (Version: 12.0.4518.1014 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.51106 (HKLM-x32\...\{8e70e4e1-06d7-470b-9f74-a51bef21088e}) (Version: 11.0.51106.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Preview Redistributable (x64) - 12.0.20617 (HKLM-x32\...\{448652c1-f5f3-4230-98c6-68c10c88b1fb}) (Version: 12.0.20617.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 43.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 43.0.1 (x86 en-US)) (Version: 43.0.1 - Mozilla) Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 43.0.1.5828 - Mozilla) PDFCreator (HKLM\...\{0001B4FD-9EA3-4D90-A79E-FD14BA3AB01D}) (Version: 2.2.1 - pdfforge) qBittorrent 3.3.7 (HKLM-x32\...\qBittorrent) (Version: 3.3.7 - The qBittorrent project) Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.31213 - Realtek Semiconductor Corp.) Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7564 - Realtek Semiconductor Corp.) SafeZone Stable 3.55.2393.590 (x32 Version: 3.55.2393.590 - Avast Software) Hidden Skype™ 7.33 (HKLM-x32\...\{3B7E914A-93D5-4A29-92BB-AF8C3F66C431}) (Version: 7.33.105 - Skype Technologies S.A.) Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.4.0 - Synaptics Incorporated) TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.47484 - TeamViewer) WinRAR 5.21 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.21.0 - win.rar GmbH) XEOX Gamepad SL-6556-BK (HKLM-x32\...\{5E7F3FD4-503B-4451-B2EB-AC8C82DBA32F}) (Version: 1.00.0000 - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0138B1D9-F19E-4750-8C66-4F54F00CAAE9} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2017-01-29] (AVAST Software) Task: {0C666E3E-9642-4264-9207-CCED92DAFF73} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.) Task: {0C704726-13E9-4623-9B12-C8F5A5093256} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-11-13] (Google Inc.) Task: {1961CB22-6E58-45DE-9694-B4428C88F1B1} - System32\Tasks\AutoPico Daily Restart => C:\Users\user\Desktop\KMSpico_10.1.2-Final_Install_Portable\KMSpico_10.1.2-Final_Portable\AutoPico.exe Task: {47D077AA-C8B7-4A4D-9DBF-266BB3E84993} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [2017-03-13] (AVAST Software) Task: {4FDC9819-E864-4111-91C4-267DAFDFE882} - System32\Tasks\SafeZone scheduled Autoupdate 1463283406 => C:\Program Files\AVAST Software\SZBrowser\launcher.exe [2017-03-03] (Avast Software) Task: {5C7790D7-DD80-4C92-B33B-B926E3E17F43} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2017-03-14] (Adobe Systems Incorporated) Task: {A6003573-1D98-41EE-BDD0-993A13180982} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-03-03] (Piriform Ltd) Task: {CEB40C39-D181-4FE8-A38B-9318A745E9C9} - System32\Tasks\{3180CFD3-C66F-42C6-9418-04DC418870B7} => pcalua.exe -a H:\autorun.exe -d H:\ (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-07-10 13:00 - 2015-07-10 13:00 - 00032768 _____ () C:\Windows\SYSTEM32\licensemanagerapi.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00403968 _____ () C:\Windows\System32\diagtrack_wininternal.dll 2015-07-10 13:00 - 2015-07-10 13:00 - 02498296 _____ () C:\Windows\system32\CoreUIComponents.dll 2015-11-13 16:25 - 2015-11-13 16:25 - 00396688 _____ () C:\Windows\system32\igfxTray.exe 2015-07-10 13:00 - 2015-07-10 13:00 - 02498296 _____ () C:\Windows\System32\CoreUIComponents.dll 2016-12-17 20:06 - 2015-02-27 14:38 - 00721263 _____ () C:\Windows\SysWOW64\WSCM64.dll 2015-07-10 12:59 - 2015-07-10 12:59 - 00429056 _____ () C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\QuickActions.dll 2015-07-10 13:00 - 2015-07-10 15:14 - 06579712 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll 2015-07-10 13:00 - 2015-07-10 15:14 - 00471040 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll 2015-07-10 13:00 - 2015-07-10 15:14 - 02274816 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersUI.dll 2017-02-07 22:44 - 2017-02-01 11:47 - 02459992 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libglesv2.dll 2017-02-07 22:44 - 2017-02-01 11:47 - 00099672 _____ () C:\Program Files (x86)\Google\Chrome\Application\56.0.2924.87\libegl.dll 2017-03-19 16:44 - 2017-03-19 16:44 - 31099992 _____ () C:\Users\user\AppData\Local\Google\Chrome\User Data\PepperFlash\25.0.0.127\pepflashplayer.dll 2017-03-13 22:31 - 2017-03-13 22:31 - 00170216 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll 2016-10-05 17:11 - 2016-10-05 17:11 - 48936448 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll 2017-03-13 22:30 - 2017-03-13 22:30 - 00290352 _____ () C:\Program Files\AVAST Software\Avast\gaming_mode_ui.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2015-07-10 13:04 - 2015-07-10 13:02 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img1.jpg DNS Servers: 212.27.40.241 - 212.27.40.240 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == HKLM\...\StartupApproved\Run32: => "Wondershare Helper Compact.exe" HKLM\...\StartupApproved\Run32: => "DelaypluginInstall" HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\...\StartupApproved\Run: => "DAEMON Tools Lite" ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139 FirewallRules: [{1D681FA4-ABF2-46A1-89D4-A8961C0EF54C}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{D6D8C0F1-A8F9-440B-A611-E234F3B0A74B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{1E3601E6-E9C2-4F74-BE44-501EB89CD446}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{A89AA912-F99E-4A7A-AA84-7BFAF879EC24}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe FirewallRules: [{952F4920-B531-4855-B609-E90794017099}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{800E7500-B0B6-43BC-9DC5-93A151C5A71C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe FirewallRules: [{5E51B8CF-555B-4F41-B577-8CE405E87C37}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe FirewallRules: [{06C28909-680F-400F-85FB-A1B3FD3AFD7A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [{4C4650F7-DE73-4A16-B0FC-253A9C0F0234}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe FirewallRules: [TCP Query User{F0F551CE-A29E-4793-B6BB-0BB5E904079A}C:\program files (x86)\sports interactive\football manager 2005\fm2005.exe] => (Block) C:\program files (x86)\sports interactive\football manager 2005\fm2005.exe FirewallRules: [UDP Query User{FA9491C9-F67B-4E75-BC76-A46FC55D484E}C:\program files (x86)\sports interactive\football manager 2005\fm2005.exe] => (Block) C:\program files (x86)\sports interactive\football manager 2005\fm2005.exe FirewallRules: [TCP Query User{8D218FD0-D83A-4767-9C94-39BBD54846B2}C:\program files (x86)\sports interactive\football manager 2007\fm.exe] => (Block) C:\program files (x86)\sports interactive\football manager 2007\fm.exe FirewallRules: [UDP Query User{F4E0C868-AD02-4043-935F-42039433A1C8}C:\program files (x86)\sports interactive\football manager 2007\fm.exe] => (Block) C:\program files (x86)\sports interactive\football manager 2007\fm.exe FirewallRules: [{4088BC9F-4931-42B6-889D-46C4B13BC2D7}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{3333BB96-6ED2-4D28-98E5-769A12435DD5}] => (Allow) C:\Program Files (x86)\qBittorrent\qbittorrent.exe FirewallRules: [{C0DF42B0-C9FA-4B29-B3B5-F21B0E1F624B}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe FirewallRules: [{091E12EC-19AE-4EEF-A1A1-C80E53D30D9C}] => (Allow) C:\Program Files (x86)\RelevantKnowledge\rlvknlg.exe FirewallRules: [{706A9964-27C6-4C81-BBBD-C73E7DCB64B8}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe FirewallRules: [{8C2245D1-3E3E-4477-AD76-7F2C4C83348E}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.561_0\SZBrowser.exe FirewallRules: [{03AF0470-A1A5-419D-8040-5CD85F4B7D2F}] => (Allow) C:\Program Files\AVAST Software\SZBrowser\3.55.2393.590\SZBrowser.exe ==================== Restore Points ========================= 13-03-2017 22:56:20 Scheduled Checkpoint 19-03-2017 20:51:06 Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 28-03-2017 21:14:02 Scheduled Checkpoint 02-04-2017 10:33:12 Removed Microsoft Games for Windows - LIVE Redistributable ==================== Faulty Device Manager Devices ============= ==================== Event log errors: ========================= Application errors: ================== Error: (04/02/2017 04:52:47 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettingsBroker.exe, version: 10.0.10240.16384, time stamp: 0x559f39c2 Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3 Exception code: 0xe06d7363 Fault offset: 0x000000000002a1c8 Faulting process id: 0x1b4 Faulting application start time: 0x01d2abc0c36eccd5 Faulting application path: C:\Windows\System32\SystemSettingsBroker.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: 05333cfd-f017-4629-9192-c3538d30606f Faulting package full name: Faulting package-relative application ID: Error: (04/02/2017 10:33:34 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (04/02/2017 06:50:12 AM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: svchost.exe, version: 10.0.10240.16384, time stamp: 0x559f38cb Faulting module name: ntdll.dll, version: 10.0.10240.16384, time stamp: 0x559f384f Exception code: 0xc000000d Fault offset: 0x00000000000f59b0 Faulting process id: 0x978 Faulting application start time: 0x01d2ab6c9227a1aa Faulting application path: C:\Windows\System32\svchost.exe Faulting module path: C:\Windows\SYSTEM32\ntdll.dll Report Id: 4c0f9e83-c991-4f2f-9c15-a6eb15503ae1 Faulting package full name: Faulting package-relative application ID: Error: (03/31/2017 08:39:52 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: SystemSettingsBroker.exe, version: 10.0.10240.16384, time stamp: 0x559f39c2 Faulting module name: KERNELBASE.dll, version: 10.0.10240.16384, time stamp: 0x559f38c3 Exception code: 0xe06d7363 Fault offset: 0x000000000002a1c8 Faulting process id: 0xf10 Faulting application start time: 0x01d2aa4ac29c7f2d Faulting application path: C:\Windows\System32\SystemSettingsBroker.exe Faulting module path: C:\Windows\system32\KERNELBASE.dll Report Id: faa8c5d7-5cde-4d48-bd87-f1b9e092e101 Faulting package full name: Faulting package-relative application ID: Error: (03/30/2017 08:11:30 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NetworkUXBroker.exe, version: 10.0.10240.16384, time stamp: 0x559f3aa6 Faulting module name: WlanMediaManager.dll, version: 10.0.10240.16384, time stamp: 0x559f3de6 Exception code: 0xc0000005 Fault offset: 0x000000000002c159 Faulting process id: 0x13cc Faulting application start time: 0x01d2a980f71c6d8b Faulting application path: C:\Windows\System32\NetworkUXBroker.exe Faulting module path: C:\Windows\System32\WlanMediaManager.dll Report Id: 4abf3af4-1ded-4c44-afa5-e65454b4fb56 Faulting package full name: Faulting package-relative application ID: Error: (03/29/2017 07:17:44 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: NetworkUXBroker.exe, version: 10.0.10240.16384, time stamp: 0x559f3aa6 Faulting module name: WlanMediaManager.dll, version: 10.0.10240.16384, time stamp: 0x559f3de6 Exception code: 0xc0000005 Fault offset: 0x000000000002c159 Faulting process id: 0x1158 Faulting application start time: 0x01d2a8b045eff7ba Faulting application path: C:\Windows\System32\NetworkUXBroker.exe Faulting module path: C:\Windows\System32\WlanMediaManager.dll Report Id: 7c62a441-df63-4890-a25f-f243236763ce Faulting package full name: Faulting package-relative application ID: Error: (03/29/2017 07:00:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0IMQORD) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147023170 See the Microsoft-Windows-TWinUI/Operational log for additional information. Error: (03/28/2017 09:14:05 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (03/28/2017 07:07:03 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: ) Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object. Details: AddLegacyDriverFiles: Unable to back up image of binary Microsoft Link-Layer Discovery Protocol. System Error: Access is denied. . Error: (03/28/2017 06:52:15 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: DESKTOP-0IMQORD) Description: Activation of app Microsoft.Windows.Photos_8wekyb3d8bbwe!App failed with error: -2147024865 See the Microsoft-Windows-TWinUI/Operational log for additional information. System errors: ============= Error: (04/02/2017 06:07:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (04/02/2017 06:07:18 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (04/02/2017 06:07:10 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY) Description: WLAN Extensibility Module has stopped unexpectedly. Module Path: C:\Windows\System32\bcmihvsrv64.dll Error: (04/02/2017 06:07:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Access_Session8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (04/02/2017 06:07:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The User Data Storage_Session8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (04/02/2017 06:07:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Contact Data_Session8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (04/02/2017 06:07:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Sync Host_Session8 service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 10000 milliseconds: Restart the service. Error: (04/02/2017 06:06:36 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Search service, but this action failed with the following error: An instance of the service is already running. Error: (04/02/2017 06:06:06 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: The Windows Search service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 30000 milliseconds: Restart the service. Error: (04/02/2017 06:06:06 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Wondershare Application Framework Service service terminated unexpectedly. It has done this 1 time(s). CodeIntegrity: =================================== Date: 2017-04-02 17:28:00.843 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-04-02 17:28:00.825 Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system. Date: 2017-03-14 18:32:48.796 Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume2\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements. ==================== Memory info =========================== Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz Percentage of memory in use: 54% Total physical RAM: 4023.36 MB Available physical RAM: 1843.48 MB Total Virtual: 4727.36 MB Available Virtual: 2423.34 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:146 GB) (Free:71.42 GB) NTFS Drive e: () (Fixed) (Total:785.03 GB) (Free:697.17 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 00082CDC) Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=146 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=785 GB) - (Type=07 NTFS) ==================== End of Addition.txt ============================
  10. Здравейте от няколко дена имам проблем на лаптопа но само когато съм в нета.Постоянно се отварят нови прозорци каквото и да натисна, изписва че има грешки и отваря сайт с някакъв reimage repair и други подобни, в търсачката излиза съобщение че имам 13 вируса но само това разбирам защото е на френски а аваста няколко пъти го пускам да проверява и нищо не открива. Не мога да изброя заплахите защото нямам идея за за какво става дума.Ако помогнете би било добре, благодаря предварително! Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-03-2017 Ran by user (administrator) on DESKTOP-0IMQORD (02-04-2017 17:28:46) Running from C:\Users\user\Downloads Loaded Profiles: user (Available Profiles: user) Platform: Windows 10 Pro (X64) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (Wondershare) C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe (AVAST Software s.r.o.) C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe () C:\Windows\System32\igfxTray.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe () C:\Users\user\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe (Microsoft Corporation) C:\Windows\System32\InstallAgent.exe (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE (Microsoft Corporation) C:\Windows\splwow64.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Microsoft Corporation) C:\Program Files\Internet Explorer\ielowutil.exe ==================== Registry (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161728 2015-08-09] (IvoSoft) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8519424 2015-11-13] (Realtek Semiconductor) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2934440 2015-05-07] (Synaptics Incorporated) HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [205512 2017-03-13] (AVAST Software) HKLM-x32\...\Run: [MalwareProtectionLive] => C:\Users\user\AppData\Local\MalwareProtectionLive\MalwareProtectionClient.exe [1187360 2016-11-11] () HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe HKLM-x32\...\Run: [DelaypluginInstall] => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd) HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [9364696 2017-03-03] (Piriform Ltd) ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-13] (AVAST Software) ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2017-03-13] (AVAST Software) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{bee830ba-5195-4406-9071-5a39aa080c20}: [DhcpNameServer] 212.27.40.241 212.27.40.240 Tcpip\..\Interfaces\{d191f7ca-366f-4262-8d21-47af0f88d779}: [DhcpNameServer] 185.82.217.89 8.8.8.8 Internet Explorer: ================== HKU\S-1-5-21-3011235310-1495189086-2436255903-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://fr.search.yahoo.com/?type=937811&fr=spigot-yhp-ie SearchScopes: HKU\S-1-5-21-3011235310-1495189086-2436255903-1001 -> {84A468F1-291D-4521-85A0-3E743B96207B} URL = hxxps://fr.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=937811&p={searchTerms} Handler: WSWSVCUchrome - No CLSID Value FireFox: ======== FF DefaultProfile: epwhtpim.default FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default [2017-04-02] FF DefaultSearchEngine: Mozilla\Firefox\Profiles\epwhtpim.default -> Yahoo! FF SelectedSearchEngine: Mozilla\Firefox\Profiles\epwhtpim.default -> Yahoo! FF Homepage: Mozilla\Firefox\Profiles\epwhtpim.default -> hxxps://fr.search.yahoo.com/?type=937811&fr=spigot-yhp-ff FF Keyword.URL: Mozilla\Firefox\Profiles\epwhtpim.default -> hxxps://search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=683775&p= FF Extension: (Firefox Hotfix) - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default\Extensions\firefox-hotfix@mozilla.org.xpi [2016-09-06] FF SearchPlugin: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\epwhtpim.default\searchplugins\yahoo_ff.xml [2016-08-26] FF HKLM\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF Extension: (Avast Online Security) - C:\Program Files\AVAST Software\Avast\WebRep\FF [2016-10-06] FF HKLM\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF Extension: (Avast SafePrice) - C:\Program Files\AVAST Software\Avast\SafePrice\FF [2016-10-06] FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF FF HKLM-x32\...\Firefox\Extensions: [sp@avast.com] - C:\Program Files\AVAST Software\Avast\SafePrice\FF FF HKLM-x32\...\Firefox\Extensions: [{C7AE725D-FA5C-4027-BB4C-787EF9F8248A}] - C:\Program Files (x86)\RelevantKnowledge\firefox FF Extension: (RelevantKnowledge) - C:\Program Files (x86)\RelevantKnowledge\firefox [2016-12-18] [not signed] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_25_0_0_127.dll [2017-03-14] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.32.7\npGoogleUpdate3.dll [2016-12-17] (Google Inc.) Chrome: ======= CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default [2017-04-02] CHR Extension: (Avast SafePrice) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2017-03-18] CHR Extension: (QuickPrint) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\fncnemgkphkkeoehcicfbljianpmkabm [2017-03-08] CHR Extension: (Avast Online Security) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2017-03-08] CHR Extension: (AA.com CBG) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\kblpcphmfdcbjdmkognjbeileginmpdp [2017-03-25] CHR Extension: (RelevantKnowledge) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkndcbhcgphcfkkddanakjiepeknbgle [2016-12-18] CHR Extension: (Chrome Web Store Payments) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-09] CHR Extension: (Chrome Media Router) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-09] CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChromeSp.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> CHR HKLM-x32\...\Chrome\Extension: [mkndcbhcgphcfkkddanakjiepeknbgle] - C:\Program Files (x86)\RelevantKnowledge\rlcm.crx [2016-12-18] ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7147320 2017-03-13] (AVAST Software s.r.o.) R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [262736 2017-03-13] (AVAST Software) R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2269440 2015-07-10] (Broadcom Corporation.) R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [351120 2015-11-13] (Intel Corporation) R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [306944 2015-11-13] (Realtek Semiconductor) R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [237224 2015-05-07] (Synaptics Incorporated) R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH) S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [362928 2015-07-10] (Microsoft Corporation) S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [24864 2015-07-10] (Microsoft Corporation) R2 WsAppService; C:\Program Files (x86)\Wondershare\WAF\2.3.1.204\WsAppService.exe [437392 2016-11-16] (Wondershare) S2 RelevantKnowledge; C:\Program Files (x86)\RelevantKnowledge\rlservice.exe /service [X] <==== ATTENTION ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R1 aswbidsdriver; C:\Windows\system32\drivers\aswbidsdrivera.sys [309272 2017-03-13] (AVAST Software s.r.o.) R0 aswbidsh; C:\Windows\system32\drivers\aswbidsha.sys [189768 2017-03-13] (AVAST Software s.r.o.) R0 aswblog; C:\Windows\system32\drivers\aswbloga.sys [334600 2017-03-13] (AVAST Software s.r.o.) R0 aswbuniv; C:\Windows\system32\drivers\aswbuniva.sys [48528 2017-03-13] (AVAST Software s.r.o.) S3 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [38296 2017-03-13] (AVAST Software) R1 aswKbd; C:\Windows\system32\drivers\aswKbd.sys [32088 2017-03-13] (AVAST Software) R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [126600 2017-03-13] (AVAST Software) R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [100640 2017-03-13] (AVAST Software) R0 aswRvrt; C:\Windows\system32\drivers\aswRvrt.sys [75704 2017-03-13] (AVAST Software) R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [993608 2017-03-13] (AVAST Software) R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [548928 2017-03-21] (AVAST Software) R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [162528 2017-03-13] (AVAST Software) R0 aswVmm; C:\Windows\system32\drivers\aswVmm.sys [337592 2017-03-14] (AVAST Software) R3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [199472 2015-07-10] (Broadcom Corporation.) R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [7551240 2015-11-13] (Broadcom Corporation) R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283200 2015-12-12] (DT Soft Ltd) R3 igfxLP; C:\Windows\system32\DRIVERS\igdkmd64lp.sys [5864888 2015-11-13] (Intel Corporation) R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [587264 2015-07-10] (Realtek ) R3 RTSUER; C:\Windows\system32\Drivers\RtsUer.sys [411712 2015-05-20] (Realsil Semiconductor Corporation) R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [33960 2015-05-07] (Synaptics Incorporated) R3 TXEIx64; C:\Windows\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation) S3 UdeCx; C:\Windows\System32\drivers\udecx.sys [44032 2015-07-10] () S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44568 2015-07-10] (Microsoft Corporation) S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [291680 2015-07-10] (Microsoft Corporation) S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [119648 2015-07-10] (Microsoft Corporation) R3 WirelessButtonDriver64; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [30384 2015-06-23] (HP Inc.) S3 wfpcapture; \SystemRoot\System32\drivers\wfpcapture.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-02 17:28 - 2017-04-02 17:29 - 00014858 _____ C:\Users\user\Downloads\FRST.txt 2017-04-02 17:28 - 2017-04-02 17:28 - 00000000 ____D C:\FRST 2017-04-02 17:26 - 2017-04-02 17:27 - 02424832 _____ (Farbar) C:\Users\user\Downloads\FRST64.exe 2017-04-02 17:24 - 2017-04-02 17:24 - 02424832 _____ (Farbar) C:\Users\user\Downloads\Unconfirmed 872026.crdownload 2017-04-02 16:48 - 2017-04-02 16:48 - 00016148 _____ C:\Windows\system32\DESKTOP-0IMQORD_user_HistoryPrediction.bin 2017-04-02 10:48 - 2017-04-02 10:50 - 00000000 ____D C:\Users\user\AppData\Local\Comms 2017-04-01 17:34 - 2017-04-01 18:09 - 00000000 ____D C:\Users\user\Downloads\[OtakuBG] Hellsing Ultimate I-X + The Dawn I-II (720p.x264.AC3) 2017-04-01 15:50 - 2017-04-01 15:50 - 00032190 _____ C:\Users\user\Downloads\%5BOtakuBG%5D Hellsing Ultimate I-X %2B The Dawn I-II %28720p.x264.AC3%29.torrent 2017-04-01 15:48 - 2017-04-01 15:54 - 00000000 ____D C:\Users\user\Downloads\[OtakuBG] Drifters [1280x720 x264 AAC][c] 2017-04-01 15:48 - 2017-04-01 15:48 - 00017439 _____ C:\Users\user\Downloads\%5BOtakuBG%5D Drifters %5B1280x720 x264 AAC%5D%5Bc%5D.torrent 2017-04-01 11:53 - 2017-04-01 11:53 - 00002868 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC 2017-04-01 11:53 - 2017-04-01 11:53 - 00000863 _____ C:\Users\Public\Desktop\CCleaner.lnk 2017-04-01 11:53 - 2017-04-01 11:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner 2017-04-01 11:53 - 2017-04-01 11:53 - 00000000 ____D C:\Program Files\CCleaner 2017-04-01 11:50 - 2017-04-01 11:52 - 09274608 _____ (Piriform Ltd) C:\Users\user\Downloads\ccsetup528.exe 2017-04-01 09:08 - 2017-04-01 12:20 - 00000000 ____D C:\Users\user\AppData\Local\PDFCreator 2017-03-31 21:56 - 2017-03-31 21:57 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (3).exe 2017-03-30 20:17 - 2017-03-30 20:17 - 00028500 _____ C:\Users\user\Downloads\mi nismo andjeli 2.torrent 2017-03-30 20:05 - 2017-03-30 20:05 - 00014623 _____ C:\Users\user\Downloads\Mi nismo andjeli 3.torrent 2017-03-25 18:07 - 2017-03-25 18:08 - 00000000 ____D C:\Users\user\AppData\Local\YesMessenger 2017-03-25 18:04 - 2017-03-25 18:04 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (2).exe 2017-03-25 18:04 - 2017-03-25 18:04 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\Unconfirmed 984158.crdownload 2017-03-25 18:02 - 2017-03-25 18:02 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger (1).exe 2017-03-25 17:59 - 2017-03-25 17:59 - 00129320 _____ (Rentabiliweb) C:\Users\user\Downloads\yesmessenger.exe 2017-03-24 20:07 - 2017-04-01 19:31 - 00000000 ____D C:\Users\user\Downloads\Westworld.S01.HDTV.x265.AAC-WAR 2017-03-22 23:11 - 2017-03-22 23:11 - 00015645 _____ C:\Users\user\Downloads\Westworld.S01.HDTV.x265.AAC-WAR.torrent 2017-03-22 22:44 - 2017-03-24 22:31 - 00000000 ____D C:\Users\user\Downloads\Rogue.One.2016.576p.BRRip.x264-DiN 2017-03-22 22:40 - 2017-03-22 22:40 - 00013293 _____ C:\Users\user\Downloads\Rogue.One.2016.576p.BRRip.x264-DiN.torrent 2017-03-21 23:09 - 2017-03-21 23:16 - 00000000 ____D C:\Users\user\Downloads\Live.by.Night.2016.BRRip.x264-DiN 2017-03-21 23:05 - 2017-03-21 23:05 - 00011371 _____ C:\Users\user\Downloads\Live.by.Night.2016.BRRip.x264-DiN.torrent 2017-03-21 23:04 - 2017-03-21 23:05 - 00039198 _____ C:\Users\user\Downloads\live.by.night.2016.720p.brrip.x264.ac3-abg(subsunacs.net).rar 2017-03-19 20:53 - 2017-03-19 20:53 - 00000000 ___RD C:\Program Files (x86)\Skype 2017-03-19 20:53 - 2017-03-19 20:53 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype 2017-03-19 19:09 - 2017-03-19 20:26 - 00000000 ____D C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1 2017-03-19 19:03 - 2017-03-19 19:03 - 00079278 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1.torrent 2017-03-19 19:03 - 2017-03-19 19:03 - 00079278 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.x264.AAC-OzZY1 (1).torrent 2017-03-19 19:01 - 2017-03-19 19:01 - 00016603 _____ C:\Users\user\Downloads\The.Great.Wall.2016.HC.HDRip.XviD.AC3-EVO.rar 2017-03-18 19:26 - 2017-03-19 15:45 - 00000000 ____D C:\Users\user\Downloads\Black.Sails.S01.HDTV.x264-MiXED 2017-03-14 22:33 - 2017-03-14 22:33 - 00033770 _____ C:\Users\user\Downloads\tgame-din(subsunacs.net).rar 2017-03-14 22:31 - 2017-03-19 06:26 - 00000000 ____D C:\Users\user\Downloads\Gold.2016.DVDScr.XVID.AC3.HQ.Hive-CM8 2017-03-13 23:14 - 2017-03-13 23:14 - 00000000 ___HD C:\$AV_ASW 2017-03-13 22:31 - 2017-03-13 22:31 - 00398408 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2017-03-12 20:58 - 2017-03-12 21:03 - 00000000 ____D C:\Program Files\Reimage 2017-03-12 11:17 - 2017-03-31 20:05 - 00000150 _____ C:\Windows\Reimage.ini 2017-03-12 00:27 - 2017-03-12 00:27 - 00000000 _____ C:\Users\user\Desktop\знак на ръката-всеки миг е прекрасен.txt 2017-03-11 19:48 - 2017-04-01 11:58 - 00000032 _____ C:\Users\user\Desktop\КИНОА.КАНЕЛА.БАНАНИ И РЕЦЕПТИ.txt 2017-03-11 09:59 - 2017-04-01 21:15 - 00006364 _____ C:\Users\user\Desktop\тесаракти.txt 2017-03-05 20:35 - 2017-03-09 22:39 - 00000000 ____D C:\Users\user\Downloads\Collateral.Beauty.2016.BRRip.XviD - DiN 2017-03-05 20:34 - 2017-03-05 20:34 - 00013739 _____ C:\Users\user\Downloads\Collateral.Beauty.2016.BRRip.XviD-DiN.torrent ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-04-02 17:28 - 2016-10-11 23:31 - 00004166 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{A92CAF24-D3B7-4C94-A5EA-86B87E22BB1A} 2017-04-02 16:48 - 2015-11-13 15:54 - 00000000 ____D C:\Users\user\AppData\Roaming\AIMP3 2017-04-02 14:56 - 2016-10-09 21:12 - 00000051 _____ C:\Users\user\Desktop\registracii.txt 2017-04-02 14:47 - 2016-04-05 19:58 - 00000000 ____D C:\Users\user\AppData\Local\MalwareProtectionLive 2017-04-02 12:44 - 2016-10-09 09:56 - 00000000 ____D C:\Program Files (x86)\Sports Interactive 2017-04-02 12:44 - 2015-11-13 16:46 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2017-04-02 12:16 - 2015-11-13 15:41 - 00000000 ____D C:\Users\user\AppData\Local\Packages 2017-04-02 12:16 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\AppReadiness 2017-04-02 10:41 - 2017-02-12 01:28 - 00004268 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2017-04-02 10:40 - 2015-11-13 15:54 - 00000000 ____D C:\Users\user\AppData\Local\ClassicShell 2017-04-02 06:47 - 2015-11-13 16:29 - 00000000 __SHD C:\Users\user\IntelGraphicsProfiles 2017-04-02 06:47 - 2015-11-13 16:28 - 00000180 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat 2017-04-01 23:08 - 2016-12-10 01:05 - 00000000 ____D C:\Users\user\AppData\Roaming\qBittorrent 2017-04-01 19:55 - 2015-11-13 15:45 - 00830266 _____ C:\Windows\system32\PerfStringBackup.INI 2017-04-01 19:55 - 2015-07-10 13:02 - 00000000 ____D C:\Windows\INF 2017-04-01 15:32 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\LiveKernelReports 2017-04-01 12:20 - 2015-12-12 08:31 - 00000000 ____D C:\Users\user\AppData\Roaming\DAEMON Tools Lite 2017-04-01 12:20 - 2015-12-11 22:40 - 00000000 ____D C:\Users\user\AppData\Roaming\MPC-HC 2017-04-01 12:20 - 2015-11-13 16:06 - 00000000 ____D C:\Program Files\PDFCreator 2017-04-01 11:55 - 2017-03-02 00:38 - 00000000 ____D C:\Windows\Minidump 2017-04-01 11:55 - 2015-11-14 01:25 - 00000000 ____D C:\Windows\Panther 2017-03-31 20:18 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\NDF 2017-03-26 10:59 - 2015-07-10 14:21 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2017-03-25 08:21 - 2015-07-10 11:05 - 00131072 ___SH C:\Windows\system32\config\BBI 2017-03-21 22:32 - 2015-11-13 16:10 - 00548928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys 2017-03-19 20:53 - 2015-11-13 16:01 - 00002640 _____ C:\Users\Public\Desktop\Skype.lnk 2017-03-19 20:53 - 2015-11-13 16:01 - 00000000 ____D C:\ProgramData\Skype 2017-03-19 20:52 - 2015-11-13 16:13 - 00000000 ____D C:\ProgramData\Package Cache 2017-03-19 12:56 - 2017-01-07 19:37 - 00000777 _____ C:\Users\user\Desktop\ВСИЧКО КОЕТО МОЖЕМ ДА СИ ПРЕДСТАВИМ МОЖЕ ДА СЕ СЛУЧИ.txt 2017-03-15 22:51 - 2016-05-15 05:36 - 00004022 _____ C:\Windows\System32\Tasks\SafeZone scheduled Autoupdate 1463283406 2017-03-15 22:51 - 2016-05-15 05:36 - 00001088 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk 2017-03-14 22:06 - 2015-11-13 16:10 - 00337592 _____ (AVAST Software) C:\Windows\system32\Drivers\aswvmm.sys 2017-03-14 21:58 - 2015-11-13 16:01 - 00004386 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-03-14 21:58 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\SysWOW64\Macromed 2017-03-14 21:58 - 2015-07-10 13:04 - 00000000 ____D C:\Windows\system32\Macromed 2017-03-13 23:14 - 2016-12-17 19:51 - 00000000 ____D C:\Program Files (x86)\RelevantKnowledge 2017-03-13 22:31 - 2016-05-13 19:44 - 00032088 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00993608 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00547904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswsp.sys.148943720232804 2017-03-13 22:31 - 2015-11-13 16:10 - 00162528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00126600 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00100640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00075704 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2017-03-13 22:31 - 2015-11-13 16:10 - 00038296 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00334600 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbloga.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00309272 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00189768 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbidsha.sys 2017-03-13 22:30 - 2017-02-12 01:28 - 00048528 _____ (AVAST Software s.r.o.) C:\Windows\system32\Drivers\aswbuniva.sys 2017-03-12 23:30 - 2017-02-28 21:07 - 00005753 _____ C:\Users\user\Desktop\ДИШАНЕ.txt 2017-03-12 20:43 - 2016-01-24 18:58 - 00000000 ____D C:\Users\user\Desktop\knigi 2017-03-11 09:58 - 2016-01-31 20:25 - 00000000 ____D C:\Users\user\Desktop\Е-книги 2017-03-05 22:12 - 2017-03-01 21:34 - 00000000 ____D C:\Users\user\Downloads\Dark.City.1998.DC.BDRip.XviD.AC3-WAR Some files in TEMP: ==================== 2016-08-16 09:48 - 2016-08-16 09:48 - 0488960 _____ () C:\Users\user\AppData\Local\Temp\sqlite3.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-03-28 19:02 ==================== End of FRST.txt ============================ Addition.txt
  11. Благодаря и на двамата.Хубав ден.
  12. От няколко дена имам проблем на лаптопа но само когато съм в нета.Постоянно се отварят нови прозорци каквото и да натисна, изписва че има грешки и отваря сайт с някакъв reimage repair и други подобни, в търсачката излиза съобщение че имам 13 вируса но само това разбирам защото е на френски а аваста няколко пъти го пускам да проверява и нищо не открива. Ако помогнете би било добре, благодаря предварително!
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.