Премини към съдържанието

Studenta

Потребител
  • Публикации

    47
  • Регистрация

  • Последно онлайн

Харесвания

4 Неутрална репутация

Всичко за Studenta

  • Титла
    Потребител
  • Рожден ден 13.12.1998

Последни посетители

Информацията с последните посетители на профила ви е изключена и не се показва на другите потребители.

  1. Studenta

    Заразен браузър

    Addition_06-01-2018 02.34.51.txt FRST_06-01-2018 02.34.51.txt
  2. Studenta

    Заразен браузър

    Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 1/5/18 Scan Time: 11:37 PM Log File: 914b6982-f260-11e7-89ad-ac220bd789b4.json Administrator: Yes -Software Information- Version: 3.2.2.2018 Components Version: 1.0.188 Update Package Version: 1.0.3633 License: Trial -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: ASUS-PC\ASUS -Scan Summary- Scan Type: Custom Scan Result: Completed Objects Scanned: 189073 Threats Detected: 89 Threats Quarantined: 86 Time Elapsed: 2 hr, 45 min, 18 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 5 PUP.Optional.StartPage, HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\SOFTWARE\START PAGE, Quarantined, [40], [259290],1.0.3633 Adware.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\StartMenuCache, Quarantined, [1200], [450497],1.0.3633 Adware.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B8E04427-B7C1-4FF9-A20E-F3E637C0D686}, Quarantined, [1200], [450490],1.0.3633 PUP.Optional.MultiPlug, HKLM\SOFTWARE\POLICIES\GOOGLE\CHROME, Quarantined, [230], [-1],0.0.0 PUP.Optional.MultiPlug, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\CHROME, Quarantined, [230], [-1],0.0.0 Registry Value: 3 PUP.Optional.StartPage.Generic, HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|VYRTAPCCHC, Quarantined, [566], [182786],1.0.3633 PUP.Optional.StartPage, HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\SOFTWARE\START PAGE|START PAGE, Quarantined, [40], [259290],1.0.3633 Adware.StartPage, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TASKS\{B8E04427-B7C1-4FF9-A20E-F3E637C0D686}|PATH, Quarantined, [1200], [450490],1.0.3633 Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 81 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\2B1F.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\2E2B.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\30E9.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\31B4.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3212.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3443.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\34A1.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3665.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Adware.LoadMoney, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\2AE7.TMP.EXE, Quarantined, [38], [471360],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\A5BB.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5480.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5885.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5D75.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5E6F.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5E7E.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5E8E.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5EFB.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\62A3.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\67A2.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\6A8F.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\727B.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\7327.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\7420.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\7568.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\C184.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Adware.LoadMoney, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CA7F.TMP.EXE, Quarantined, [38], [471360],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\C1D2.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\C838.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\DB8A.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\DFCE.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\E05A.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3B45.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3C3F.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3C01.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3C4F.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3CAC.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\3CCB.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\E662.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Adware.LoadMoney, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\EDF7.TMP.EXE, Quarantined, [38], [471360],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\F512.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\F6D6.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\7F37.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\8F4E.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\949B.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\9EC8.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\AA4D.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\B082.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\BF81.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\4DCC.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\4EB6.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CD09.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Adware.LoadMoney, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CD7B.TMP.EXE, Quarantined, [38], [471360],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CDD4.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CFD6.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\CF4A.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\5403.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\A129.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\A934.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\D275.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\113.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\1214.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\1B95.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\1C50.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Trojan.Downloader, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\27E4.TMP.EXE, Quarantined, [47], [389301],1.0.3633 Adware.LoadMoney, C:\USERS\ASUS\APPDATA\LOCAL\TEMP\28DE.TMP.EXE, Quarantined, [38], [450559],1.0.3633 Adware.SearchGo, C:\ADWCLEANER\QUARANTINE\GXIX4A2DRE\SEARCHGO.DLL, Quarantined, [3517], [411104],1.0.3633 Adware.LoadMoney, C:\ADWCLEANER\QUARANTINE\FRAQBC8WSA\WUPDATE.EXE, Quarantined, [38], [441133],1.0.3633 Adware.StartPage, C:\WINDOWS\SYSTEM32\TASKS\STARTMENUCACHE, Quarantined, [1200], [450498],1.0.3633 Adware.LoadMoney, C:\WINDOWS\TEMP\_AVAST_\UNP200024452.TMP, Removal Failed, [38], [474749],1.0.3633 PUP.Optional.OutBrowse, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RQLXUW7\WINDOWS 7 ACTIVATOR\WINDOWS 7 ACTIVATOR.EXE, Quarantined, [355], [71554],1.0.3633 PUP.Optional.OutBrowse, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RQLXUW7\WINDOWS 7 ACTIVATOR.ZIP, Quarantined, [355], [71554],1.0.3633 Trojan.Agent, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RQWRKKJ\ACTIVATION WINDOWS 8 PRO ZX.EXE, Quarantined, [18], [135094],1.0.3633 PUP.Optional.MultiPlug, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$R4U7DJ3.EXE, Quarantined, [230], [72863],1.0.3633 PUP.Optional.MultiPlug, C:\DOCUMENTS AND SETTINGS\ALL USERS\NTUSER.POL, Removal Failed, [230], [-1],0.0.0 PUP.Optional.MultiPlug, C:\PROGRAMDATA\NTUSER.POL, Removal Failed, [230], [-1],0.0.0 PUP.Optional.MultiPlug, C:\WINDOWS\SYSTEM32\GROUPPOLICY\USER\REGISTRY.POL, Quarantined, [230], [-1],0.0.0 PUP.Optional.MultiPlug, C:\WINDOWS\SYSTEM32\GROUPPOLICY\MACHINE\REGISTRY.POL, Quarantined, [230], [-1],0.0.0 PUP.Optional.Amonetize, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$R2V823B.EXE, Quarantined, [6], [300971],1.0.3633 PUP.Optional.MultiPlug, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RLAN29F.EXE, Quarantined, [230], [72863],1.0.3633 PUP.Optional.OutBrowse, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RNPPYKL.ZIP, Quarantined, [355], [71554],1.0.3633 PUP.Optional.MultiPlug, D:\$RECYCLE.BIN\S-1-5-21-830763801-1145103059-1074387030-1000\$RBAVCET.EXE, Quarantined, [230], [72863],1.0.3633 Physical Sector: 0 (No malicious items detected) (end)
  3. Studenta

    Шесторно убийство в Нови Искър

    Какво ги защитаваш? Мен не ме интересува ако ще ся и 200 човека да убият
  4. Studenta

    Шесторно убийство в Нови Искър

    Бананова Република , телевизионна рубрика медиите са купени а, ченгетата залупени.
  5. Studenta

    Заразен браузър

    AdwCleaner[S0].txt Addition_30-12-2017 21.31.15.txt FRST_30-12-2017 21.31.15.txt
  6. Вече пуснах тема в специализирания форум.
  7. Здравейте, от доста време насам браузъра ми е заразен с някаква руска търсачка. Пробвал съм да трия браузъра да променям настройките да премахвам всички добавки но без успех. Мисля,че с тоя боклук вървят в с още 2 с нея. Когато съм изгасил браузъра и си играя някоя игра примерно изведнъж ми се отваря някакъв шибан руски сайт asap.ru нещо подобно. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017 Ran by ASUS (administrator) on ASUS-PC (30-12-2017 20:36:37) Running from C:\Users\ASUS\Downloads Loaded Profiles: ASUS & UpdatusUser (Available Profiles: ASUS & UpdatusUser) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 9 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe (Microsoft Corporation) C:\Windows\System32\wlanext.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe () C:\Users\ASUS\AppData\Local\Facebook\Games\FacebookGames.exe (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe (Atheros) C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe () C:\Windows\Microsoft\svchost.exe (The CefSharp Authors) C:\Users\ASUS\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-20] (Intel Corporation) Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation) HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC) HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [vyrtapcchc] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526" <==== ATTENTION HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd) HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [57446848 2017-12-10] (Skype Technologies S.A.) HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\MountPoints2: {7e52b7ab-80b8-11e5-abf8-ac220bd789b4} - G:\Install.exe AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-07-08] (NVIDIA Corporation) AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-07-08] (NVIDIA Corporation) Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Games Arcade (BETA).lnk [2016-09-19] ShortcutTarget: Facebook Games Arcade (BETA).lnk -> C:\Users\ASUS\AppData\Local\Facebook\Games\FacebookGames.exe () GroupPolicy: Restriction - Chrome <==== ATTENTION GroupPolicy\User: Restriction <==== ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 77.76.144.10 Tcpip\..\Interfaces\{18B97A15-4C37-40AB-8ABC-148924326CD0}: [NameServer] 8.8.8.8,8.8.4.4 Tcpip\..\Interfaces\{18B97A15-4C37-40AB-8ABC-148924326CD0}: [DhcpNameServer] 77.76.144.10 Tcpip\..\Interfaces\{7B128963-1D6F-410F-B447-36004838DDB1}: [DhcpNameServer] 10.0.0.13 Internet Explorer: ================== HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://granena.ru/?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526 HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms} SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7BA4B52271-83DE-44E1-91D2-F540224D09C8%7D&gp=811014 BHO-x32: Searchgo Class -> {598AEFC6-DD3C-4A63-9AC3-53FCF6155931} -> C:\Users\ASUS\AppData\LocalLow\SearchGo\searchgo.dll [2017-12-30] (Searchgo) BHO-x32: Поиск@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\ASUS\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2016-05-26] (Mail.Ru) Toolbar: HKLM-x32 - Searchgo - {2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC} - C:\Users\ASUS\AppData\LocalLow\SearchGo\searchgo.dll [2017-12-30] (Searchgo) FireFox: ======== FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-30] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-30] () FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation) FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.) FF Plugin HKU\S-1-5-21-3540903787-1263480670-1707380032-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS) Chrome: ======= CHR HomePage: Default -> mail.ru CHR StartupUrls: Default -> "hxxp://granena.ru/?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526" CHR NewTab: Default -> Not-active:"chrome-extension://nagnmfhgkjkplbhplkbicmpkfopmnefp/newtab.html" CHR DefaultSearchURL: Default -> hxxp://go-search.ru/search?q={searchTerms} CHR DefaultSearchKeyword: Default -> GoSearch CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?part={searchTerms} CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-12-30] CHR Extension: (Презентации) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13] CHR Extension: (Документи) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13] CHR Extension: (Google Диск) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-01] CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-01] CHR Extension: (Chrome Cleaner Pro) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp [2017-11-12] CHR Extension: (Save Tabs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-11-05] CHR Extension: (Таблици) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13] CHR Extension: (Google Документи офлайн) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-01] CHR Extension: (Skype) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-30] CHR Extension: (Microcosm - New Tab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nagnmfhgkjkplbhplkbicmpkfopmnefp [2017-11-05] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22] CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-01] CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16] CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-12] CHR Extension: (No Name) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-08-25] CHR HKLM-x32\...\Chrome\Extension: [bgcifljfapbhgiehkjlckfjmgeojijcb] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lbjjfiihgfegniolckphpnfaokdkbmdm] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC) R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.) R2 SvcHost Service Host; C:\Windows\Microsoft\svchost.exe [0 ] () <==== ATTENTION (zero byte File/Folder) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed] ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.) R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-11-01] (DT Soft Ltd) R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC) S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.) S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.) S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-12-30 20:36 - 2017-12-30 20:37 - 000014515 _____ C:\Users\ASUS\Downloads\FRST.txt 2017-12-30 20:36 - 2017-12-30 20:36 - 000000000 ____D C:\FRST 2017-12-30 20:35 - 2017-12-30 20:35 - 002391552 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe 2017-12-30 19:58 - 2017-12-30 20:04 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk 2017-12-30 19:58 - 2017-12-30 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2017-12-30 20:15 - 2016-03-17 20:38 - 000000000 ___RD C:\Users\ASUS\Desktop\Снимки 2017-12-30 20:05 - 2016-05-26 03:40 - 000000000 ____D C:\Users\ASUS\AppData\LocalLow\SearchGo 2017-12-30 20:05 - 2016-05-26 03:40 - 000000000 ____D C:\Users\ASUS\AppData\Local\SearchGo 2017-12-30 20:03 - 2017-07-09 14:45 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk 2017-12-30 20:03 - 2016-05-26 03:39 - 000000000 ____D C:\Users\ASUS\AppData\Local\PowerMonitor 2017-12-30 20:02 - 2009-07-14 07:13 - 000782154 _____ C:\Windows\system32\PerfStringBackup.INI 2017-12-30 20:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2017-12-30 20:00 - 2015-11-01 19:02 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2017-12-30 20:00 - 2015-11-01 19:02 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2017-12-30 20:00 - 2015-11-01 19:02 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2017-12-30 20:00 - 2015-11-01 19:02 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2017-12-30 20:00 - 2015-11-01 19:02 - 000000000 ____D C:\Windows\system32\Macromed 2017-12-30 19:57 - 2017-03-06 20:25 - 000000000 ___RD C:\Program Files (x86)\Skype 2017-12-30 19:57 - 2015-11-01 18:59 - 000000000 ____D C:\ProgramData\Skype 2017-12-30 19:55 - 2016-04-06 12:07 - 000001382 _____ C:\Windows\Sandboxie.ini 2017-12-30 19:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2017-11-30 12:07 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2017-11-30 12:07 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2017-11-30 05:25 - 2015-11-01 18:59 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Skype ==================== Files in the root of some directories ======= 2016-03-30 13:19 - 2016-03-30 13:19 - 000000036 _____ () C:\Users\ASUS\AppData\Local\housecall.guid.cache 2016-07-12 22:16 - 2016-07-12 22:16 - 000004096 ____H () C:\Users\ASUS\AppData\Local\keyfile3.drm Some files in TEMP: ==================== 2017-11-24 23:55 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\113.tmp.exe 2017-11-25 00:04 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\1214.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\1B95.tmp.exe 2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\1C50.tmp.exe 2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\27E4.tmp.exe 2017-11-12 15:44 - 2017-11-12 11:13 - 000775168 ____N (PhoneLine SOFT Inc) C:\Users\ASUS\AppData\Local\Temp\28DE.tmp.exe 2017-11-17 01:08 - 2017-11-16 23:36 - 000807912 _____ () C:\Users\ASUS\AppData\Local\Temp\2AE7.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\2B1F.tmp.exe 2017-11-25 00:04 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\2E2B.tmp.exe 2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\30E9.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\31B4.tmp.exe 2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3212.tmp.exe 2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3443.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\34A1.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3665.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3B45.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C01.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C3F.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C4F.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3CAC.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3CCB.tmp.exe 2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\4DCC.tmp.exe 2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\4EB6.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5403.tmp.exe 2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5480.tmp.exe 2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5885.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5D75.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E6F.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E7E.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E8E.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5EFB.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\62A3.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\67A2.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\6A8F.tmp.exe 2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\727B.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7327.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7420.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7568.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7F37.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\8F4E.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\949B.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\9EC8.tmp.exe 2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A129.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A5BB.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A934.tmp.exe 2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\AA4D.tmp.exe 2017-11-27 07:14 - 2017-11-27 01:56 - 000930776 ____N () C:\Users\ASUS\AppData\Local\Temp\B082.tmp.exe 2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\BF81.tmp.exe 2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\C184.tmp.exe 2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\C1D2.tmp.exe 2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\C838.tmp.exe 2017-11-18 14:23 - 2017-11-18 13:59 - 000803816 _____ () C:\Users\ASUS\AppData\Local\Temp\CA7F.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CD09.tmp.exe 2017-11-18 14:23 - 2017-11-18 13:59 - 000803816 _____ () C:\Users\ASUS\AppData\Local\Temp\CD7B.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CDD4.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CF4A.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CFD6.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\D275.tmp.exe 2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\DB8A.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\DFCE.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\E05A.tmp.exe 2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\E662.tmp.exe 2017-11-17 01:08 - 2017-11-16 23:36 - 000807912 _____ () C:\Users\ASUS\AppData\Local\Temp\EDF7.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\F512.tmp.exe 2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\F6D6.tmp.exe ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe [2010-11-21 05:24] - [2011-01-16 02:01] - 000389632 _____ (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll [2010-11-21 05:24] - [2011-01-16 02:01] - 001008640 _____ (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2017-11-19 01:44 ==================== End of FRST.txt ============================ Addition.txt
  8. Променял съм ги ама пак се връщат Т'ва беше първото което пробвах не става
  9. Как да премахна тая търсачка щото почна да ми трови нервите?, пробвал съм да изтрия браузъра , да махна всички приставки и какво ли още не но не става. Мисля,че с тази вървят още 2-3 други понякога като гледам филм и съм затворил браузъра ми се включва asp.ru нещо такова..
  10. Studenta

    Компютърът се рестартира сам.

    Точно така мисля, че е от клавиатурата
  11. Studenta

    Компютърът се рестартира сам.

    Като си купя, да я пробвам ли на лаптопа? дали прави такива мизерии
  12. Studenta

    Компютърът се рестартира сам.

    Имам 2 покрай мен, да пробвам да ги сменя? Тая команда дори не мога да я изпълня само като натисна win и компютърът се изключва, сега пробвам с изключена мишка дали ще се включи
  13. Studenta

    Компютърът се рестартира сам.

    А ако не се включи кво да прая, - не се включва
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.