Премини към съдържанието

Йорданка Т. Иванова

Потребител
  • Публикации

    7
  • Регистрация

  • Последно онлайн

Харесвания

4 Неутрална репутация

Всичко за Йорданка Т. Иванова

  • Титла
    Новобранец
  • Рожден ден 23 януари

Последни посетители

28 прегледа на профила
  1. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Изключително много Ви благодаря за отделеното време и безценните съвети! Спокойна вечер!
  2. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Fixlog (2).txt
  3. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Fixlog.txt AdwCleaner[S00].txt FRST1.txt Addition1.txt
  4. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Надявам се да съм успяла да спазя точно инструкциите Ви Качвам всички файлове и много благодаря за помощта и отделеното време! Fixlog.txt FRST1.txt Addition1.txt AdwCleaner[S00].txt
  5. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Благодаря, когато имате възможност.
  6. Йорданка Т. Иванова

    Avast премести в клетката заразени файлове

    Ами искам да знам има ли нужда и какво трябва да направя, за да се спася от тези вируси. Понеже бяха преместени файлове от папка Windows, до момента не съм забелязала да има проблем с нещо, но и не съм толкова компетентна, за да го разбера навреме.
  7. Здравейте, при опит за възстановяване на системата към предишна дата, Avast направи пълно сканиране на компютъра и ми премести в клетка заразените файлове. Има ли възможност да се почисти компютъра от въпросните заплахи и съответно да си възстановя файловете, най-вече тези /ако има такива/, които са необходими за правилното функциониране на системата. П.П.: Пълен лаик съм на тема антивирусни програми. Нов Microsoft Office PowerPoint Presentation.pptx Ето го резултата от файла FRST Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24.10.2018 Ran by Rosko (administrator) on ROSKO-PC (28-10-2018 14:36:09) Running from C:\Users\Rosko\Downloads Loaded Profiles: Rosko (Available Profiles: Rosko) Platform: Windows 7 Ultimate (X64) Language: Български (България) Internet Explorer Version 8 (Default browser: Chrome) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Intel Corporation) C:\Windows\System32\igfxCUIService.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe (Windows (R) Win 7 DDK provider) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BAVSvc.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BHipsSvc.exe (Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe (Qualcomm®Atheros®) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavTray.exe (Intel) C:\Program Files (x86)\Intel Driver Update Utility\DSATray.exe (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe () C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe () C:\Program Files (x86)\CalendarTool\2.0.0.1000176\CalendarServ.exe () C:\Program Files (x86)\CalendarTool\2.0.0.1000176\calendar.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe (Baidu, Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\bavhm.exe (Intel Corporation) C:\Windows\System32\igfxEM.exe (Intel Corporation) C:\Windows\System32\igfxHK.exe (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe () C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe () C:\Program Files\Intel\SUR\QUEENCREEK\esrv.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Baidu Inc.) C:\Program Files (x86)\Baidu Security\Baidu Antivirus\bavadvtools2\8C8AEEC1-5166-4CE7-BBAD-7C37409D0C73\tool\bdMiniDownloaderGB_BAV-Mini_32_1002.exe (Baidu Inc.) C:\Users\Rosko\AppData\Local\MiniService\MiniService.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Viber Media S.Ã r.l.) C:\Users\Rosko\AppData\Local\Viber\Viber.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe () C:\Program Files\Realtek\Audio\HDA\FMAPP.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2778352 2014-01-24] (Synaptics Incorporated) HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672304 2014-03-21] (Realtek Semiconductor) HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [242392 2018-10-18] (AVAST Software) HKLM-x32\...\Run: [Baidu Antivirus] => C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavTray.exe [2553328 2015-07-14] (Baidu, Inc.) HKLM-x32\...\Run: [DSATray] => C:\Program Files (x86)\Intel Driver Update Utility\DsaTray.exe [132856 2017-05-18] (Intel) HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [133760 2013-12-24] (Qualcomm®Atheros®) HKU\S-1-5-21-749869763-3409154425-2811610640-1000\...\Run: [Viber] => C:\Users\Rosko\AppData\Local\Viber\Viber.exe [36762184 2018-10-22] (Viber Media S.Ã r.l.) HKU\S-1-5-21-749869763-3409154425-2811610640-1000\...\MountPoints2: {c4a92fbb-e173-11e7-9426-f8a963743fcb} - G:\LG_PC_Programs.exe ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\Parameters: [DhcpNameServer] 172.16.1.1 Tcpip\..\Interfaces\{2FB69C23-4CBD-4252-994A-27D31EDC0D6D}: [DhcpNameServer] 172.16.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-749869763-3409154425-2811610640-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2009-07-14] (Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2009-07-14] (Microsoft Corporation) FireFox: ======== FF DefaultProfile: 2csmqmsd.default FF ProfilePath: C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default [2018-07-05] FF Homepage: Mozilla\Firefox\Profiles\2csmqmsd.default -> about:blank FF Extension: (Avast SafePrice) - C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default\Extensions\sp@avast.com.xpi [2018-10-18] FF Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Roaming\Mozilla\Firefox\Profiles\2csmqmsd.default\Extensions\wrc@avast.com.xpi [2018-10-18] FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_31_0_0_122.dll [2018-10-09] () FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_31_0_0_122.dll [2018-10-09] () FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-10] (Intel Corporation) FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll [2015-08-18] (Sun Microsystems, Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.) FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-19] (Google Inc.) FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN) FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2018-09-20] (Adobe Systems Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\enpsysau.js [2017-09-10] Chrome: ======= CHR DefaultProfile: Default CHR Profile: C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default [2018-10-28] CHR Extension: (Презентации) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-10-02] CHR Extension: (Документи) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-10-02] CHR Extension: (Google Диск) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-10-02] CHR Extension: (YouTube) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-10-02] CHR Extension: (Adobe Acrobat) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2018-10-02] CHR Extension: (Avast SafePrice | Сравнение, сделки, купони) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\eofcbnmajmjmplflapaojjnihcjkigck [2018-10-19] CHR Extension: (Таблици) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-10-02] CHR Extension: (Google Документи офлайн) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-10-08] CHR Extension: (АБВ Уведомител) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\glkfpmcniebkbeakjdpobddpjghbapec [2018-10-28] CHR Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-18] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-10-02] CHR Extension: (Gmail) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-10-02] CHR Extension: (Chrome Media Router) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-28] CHR Profile: C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey [2018-10-28] <==== ATTENTION CHR Extension: (Презентации) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-23] CHR Extension: (Документи) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-23] CHR Extension: (Google Диск) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22] CHR Extension: (YouTube) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24] CHR Extension: (Google Търсене) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-11-02] CHR Extension: (АБВ Уведомител) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2015-11-25] CHR Extension: (Adobe Acrobat) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-03-08] CHR Extension: (Таблици) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-11-11] CHR Extension: (Farmville2 X-Press) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\gbgjpdhhnbgmnafojckjmjogcpoinlim [2018-10-24] CHR Extension: (Google Документи офлайн) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-21] CHR Extension: (Avast Online Security) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\gomekmidlodglbbmalcneegieacbdmki [2018-10-18] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-12] CHR Extension: (Gmail) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-04-23] CHR Extension: (Chrome Media Router) - C:\Users\Rosko\AppData\Local\Google\Chrome\User Data\lejutplovshprohey\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-01] CHR HKU\S-1-5-21-749869763-3409154425-2811610640-1000\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ==================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [8188768 2018-10-18] (AVAST Software) R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [318592 2013-12-24] (Windows (R) Win 7 DDK provider) [File not signed] R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [325024 2018-10-18] (AVAST Software) R2 BavSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BavSvc.exe [2805208 2015-07-14] (Baidu, Inc.) S3 BdSandboxSrv; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdSandboxSrv64.exe [490480 2015-04-29] (Baidu, Inc.) R2 BHipsSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BHipsSvc.exe [544032 2015-07-14] (Baidu, Inc.) S3 BsrSvc; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\BavAdvTools2\128B4BEC-5D89-43AD-BAA8-207084AA0E4F\tool\BsrSvc.exe [3503416 2015-07-08] (Baidu, Inc.) R2 DSAService; C:\Program Files (x86)\Intel Driver Update Utility\DSAService.exe [21240 2017-05-18] (Intel) R2 ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () R2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation) R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed] S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation) R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-10] (Intel Corporation) R2 MiniService; C:\Users\Rosko\AppData\Local\MiniService\MiniService.exe [103616 2018-10-28] (Baidu Inc.) [File not signed] <==== ATTENTION R2 SystemUsageReportSvc_QUEENCREEK; C:\Program Files\Intel Driver Update Utility\SUR\SurSvc.exe [157456 2017-03-07] () R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11644656 2018-09-10] (TeamViewer GmbH) R2 TheCalendarService; C:\Program Files (x86)\CalendarTool\2.0.0.1000176\CalendarServ.exe [152720 2017-08-09] () S3 USER_ESRV_SVC_QUEENCREEK; C:\Program Files\Intel\SUR\QUEENCREEK\esrv_svc.exe [824592 2017-03-07] () R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation) ===================== Drivers (Whitelisted) ====================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [201408 2018-10-18] (AVAST Software) S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [230512 2018-10-18] (AVAST Software) S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [201928 2018-10-18] (AVAST Software) S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [346760 2018-10-18] (AVAST Software) S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [59664 2018-10-18] (AVAST Software) R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [185240 2018-10-18] (AVAST Software) S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [47064 2018-10-18] (AVAST Software) R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [42456 2018-10-18] (AVAST Software) R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [163376 2018-10-18] (AVAST Software) S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [111968 2018-10-18] (AVAST Software) R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [88112 2018-10-18] (AVAST Software) S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1028840 2018-10-18] (AVAST Software) R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [467904 2018-10-18] (AVAST Software) S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [208640 2018-10-18] (AVAST Software) S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381144 2018-10-18] (AVAST Software) U3 BdApiUtil; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdApiUtil64.sys [116936 2015-07-14] (Baidu, Inc.) R3 bdark64; C:\Windows\system32\drivers\bdark64.sys [78792 2015-04-20] () U3 BdCameraProtect; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\BdCameraProtect64.sys [25000 2015-07-14] (Baidu, Inc.) S3 BdSandbox; C:\Windows\System32\drivers\BdSandbox.sys [235976 2015-04-29] (Baidu, Inc.) R1 Bfilter; C:\Windows\System32\drivers\Bfilter.sys [62920 2015-07-14] (Baidu, Inc.) R1 Bfmon; C:\Windows\System32\drivers\Bfmon.sys [38344 2015-07-14] (Baidu, Inc.) R1 Bnbase; C:\Windows\System32\drivers\bnbasex64.sys [62792 2015-07-14] (Baidu, Inc.) R1 Bndef; C:\Windows\System32\drivers\bndef64.sys [487144 2015-07-14] (Baidu, Inc.) R3 Bnmon; C:\Program Files (x86)\Baidu Security\Baidu Antivirus\5.6.2.147365.0\Bnmon64.sys [82376 2015-07-14] (Baidu, Inc.) R1 Bprotect; C:\Windows\System32\drivers\Bprotect.sys [171464 2015-07-14] (Baidu, Inc.) S3 BTATH_LWFLT; C:\Windows\System32\DRIVERS\btath_lwflt.sys [77464 2013-12-24] (Qualcomm Atheros) R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2016-08-08] (REALiX(tm)) R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100312 2013-12-10] (Intel Corporation) R3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [466136 2014-01-14] (Realsil Semiconductor Corporation) R3 semav6msr64; C:\Windows\system32\drivers\semav6msr64.sys [21984 2016-10-18] () U3 aswbdisk; no ImagePath U0 Partizan; system32\drivers\Partizan.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-28 14:35 - 2018-10-28 14:36 - 000000000 ____D C:\FRST 2018-10-28 14:35 - 2018-10-28 14:35 - 002414592 _____ (Farbar) C:\Users\Rosko\Downloads\FRST64.exe 2018-10-28 14:28 - 2018-10-28 14:36 - 000021836 _____ C:\Users\Rosko\Downloads\FRST.txt 2018-10-28 14:26 - 2018-10-28 14:27 - 000020080 _____ C:\Users\Rosko\Downloads\Addition.txt 2018-10-28 13:34 - 2018-10-28 13:34 - 000000000 ____D C:\Users\Rosko\AppData\Local\MiniService 2018-10-28 13:29 - 2018-10-28 13:32 - 000000000 ____D C:\ProgramData\BsrSvc_exe 2018-10-28 13:19 - 2018-10-28 13:20 - 000617400 _____ C:\Users\Rosko\Desktop\Нов Microsoft Office PowerPoint Presentation.pptx 2018-10-28 12:40 - 2018-10-28 13:16 - 000000000 ____D C:\ProgramData\BavSvc_exe 2018-10-28 12:37 - 2018-10-28 12:37 - 000000000 ____D C:\Users\Rosko\AppData\Local\Viber 2018-10-28 09:17 - 2018-10-28 11:16 - 000000000 ____D C:\Users\Rosko\Desktop\официялни споразумения 2018-2019г 2018-10-26 17:03 - 2018-10-26 17:03 - 000102327 _____ C:\Users\Rosko\Downloads\П-03001718127835-177-001_archive (1).zip 2018-10-24 10:41 - 2018-10-24 10:41 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\AVAST Software 2018-10-24 10:39 - 2018-10-24 10:39 - 000611358 _____ C:\Users\Rosko\Downloads\379984975 (1).pdf 2018-10-24 10:32 - 2018-10-28 12:37 - 000000000 ____D C:\Users\Rosko\AppData\Local\AVAST Software 2018-10-22 15:05 - 2018-10-22 15:06 - 000103383 _____ C:\Users\Rosko\Downloads\П-03001718185275-040-001_archive.zip 2018-10-20 07:48 - 2018-10-20 07:48 - 000230931 _____ C:\Users\Rosko\Downloads\ЗП Ростислав Недков 19.10 (1).pdf 2018-10-20 07:40 - 2018-10-20 07:40 - 000230931 _____ C:\Users\Rosko\Downloads\ЗП Ростислав Недков 19.10.pdf 2018-10-19 08:51 - 2018-10-19 08:51 - 002437339 _____ C:\Users\Rosko\Downloads\dec92_2016_1010_баркод_с_ръководство_за_потребителя.rar 2018-10-18 18:17 - 2018-10-18 18:17 - 000665976 _____ C:\Users\Rosko\Downloads\Re6enie_VAS_27.02.2018 (1).pdf 2018-10-18 11:52 - 2018-10-18 11:52 - 000039854 _____ C:\Users\Rosko\Downloads\nlnazadyljenia[1] (1).pdf 2018-10-18 10:16 - 2018-10-18 10:16 - 000001922 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk 2018-10-18 10:16 - 2018-10-18 10:16 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software 2018-10-18 10:15 - 2018-10-18 10:15 - 000000000 ____D C:\Windows\System32\Tasks\Avast Software 2018-10-18 10:14 - 2018-10-26 00:45 - 000004168 _____ C:\Windows\System32\Tasks\Avast Emergency Update 2018-10-18 10:13 - 2018-10-18 10:13 - 001142072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ucrtbase.dll 2018-10-18 10:13 - 2018-10-18 10:13 - 000467904 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000381144 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000378584 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe 2018-10-18 10:13 - 2018-10-18 10:13 - 000208640 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000201408 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000163376 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000111968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000088112 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000047064 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys 2018-10-18 10:13 - 2018-10-18 10:13 - 000000000 ____D C:\Program Files\Common Files\AVAST Software 2018-10-18 10:13 - 2018-10-18 10:12 - 001028840 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 001001272 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll 2018-10-18 10:13 - 2018-10-18 10:12 - 000346760 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 000230512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 000201928 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 000185240 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 000059664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys 2018-10-18 10:13 - 2018-10-18 10:12 - 000042456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswKbd.sys 2018-10-18 10:11 - 2018-10-18 11:43 - 000000000 ____D C:\ProgramData\AVAST Software 2018-10-18 10:11 - 2018-10-18 10:11 - 000000000 ____D C:\Program Files\AVAST Software 2018-10-18 10:09 - 2018-10-18 16:40 - 000000000 ____D C:\Users\Rosko\Documents\ViberDownloads 2018-10-18 10:09 - 2018-10-18 10:09 - 000000000 ____D C:\Users\Rosko\AppData\Local\Viber Media S.à r.l 2018-10-18 10:08 - 2018-10-28 13:47 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\ViberPC 2018-10-18 10:08 - 2018-10-18 10:08 - 000000956 _____ C:\Users\Rosko\AppData\Roaming\Microsoft\Windows\Start Menu\Viber.lnk 2018-10-18 10:08 - 2018-10-18 10:08 - 000000954 _____ C:\Users\Rosko\Desktop\Viber.lnk 2018-10-18 10:08 - 2018-10-18 10:08 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Viber 2018-10-18 10:08 - 2018-10-18 10:08 - 000000000 ____D C:\Users\Rosko\AppData\Local\cache 2018-10-18 10:07 - 2018-10-18 10:07 - 000000000 ____D C:\Users\Rosko\AppData\Local\Package Cache 2018-10-18 10:06 - 2018-10-18 10:07 - 089186064 _____ (Viber Media Inc.) C:\Users\Rosko\Downloads\ViberSetup.exe 2018-10-17 22:33 - 2018-10-17 22:33 - 000267977 _____ C:\Users\Rosko\Downloads\danuchno_oblagane_vnoski_na_zemedelski_proizvoditeli (4).pdf 2018-10-17 22:08 - 2018-10-17 22:09 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint (2).pptx 2018-10-17 21:41 - 2018-10-17 21:41 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint (1).pptx 2018-10-17 21:14 - 2018-10-17 21:14 - 000267977 _____ C:\Users\Rosko\Downloads\danuchno_oblagane_vnoski_na_zemedelski_proizvoditeli (3).pdf 2018-10-17 16:19 - 2018-10-17 16:19 - 000289368 _____ C:\Windows\Minidump\101718-14539-01.dmp 2018-10-17 15:07 - 2018-10-17 15:07 - 003833305 _____ C:\Users\Rosko\Downloads\dec50_2017_19.03.2018.rar 2018-10-17 14:45 - 2018-10-17 14:45 - 004074946 _____ C:\Users\Rosko\Downloads\dec50_2016_баркод_с_ръководство_за_потребителя.rar 2018-10-17 12:55 - 2018-10-17 12:55 - 000648847 _____ C:\Users\Rosko\Downloads\DOM (2).pdf 2018-10-17 07:52 - 2018-10-17 07:52 - 000012846 _____ C:\Users\Rosko\Downloads\Spravka vazstanovqvane (4).ods 2018-10-17 07:52 - 2018-10-17 07:52 - 000000165 ____H C:\Users\Rosko\Downloads\~$Spravka vazstanovqvane (4).ods 2018-10-16 13:59 - 2018-10-16 13:59 - 070935933 _____ C:\Users\Rosko\Downloads\wetransfer-a3a156.zip 2018-10-16 12:10 - 2018-10-16 12:10 - 001266784 _____ C:\Users\Rosko\Downloads\statement (21).pdf 2018-10-16 12:09 - 2018-10-16 12:09 - 001105420 _____ C:\Users\Rosko\Downloads\statement (20).pdf 2018-10-16 10:58 - 2018-10-16 10:58 - 000648847 _____ C:\Users\Rosko\Downloads\DOM (1).pdf 2018-10-16 08:14 - 2018-10-16 08:14 - 001939889 _____ C:\Users\Rosko\Downloads\95_09.pdf 2018-10-15 16:01 - 2018-10-15 16:01 - 000749389 _____ C:\Users\Rosko\Downloads\Нов Презентация на Microsoft PowerPoint.pptx 2018-10-15 15:57 - 2018-10-15 15:57 - 000102327 _____ C:\Users\Rosko\Downloads\П-03001718127835-177-001_archive.zip 2018-10-15 13:54 - 2018-10-15 13:54 - 000648847 _____ C:\Users\Rosko\Downloads\Ползване на данъчни облекчения и наличие на задължения.pdf 2018-10-15 13:47 - 2018-10-15 13:47 - 000648847 _____ C:\Users\Rosko\Downloads\DOM.pdf 2018-10-12 13:49 - 2018-10-12 13:49 - 000009969 _____ C:\Users\Rosko\Downloads\РОСТИСЛАВ НЕДКОВ БОРИСОВ_2019_ЮПЕР.ZIP 2018-10-12 13:49 - 2018-10-12 13:49 - 000001382 _____ C:\Users\Rosko\Downloads\НЕДКО БОРИСОВ КОЛЕВ_2019_ЮПЕР.ZIP 2018-10-12 13:48 - 2018-10-12 13:48 - 000001499 _____ C:\Users\Rosko\Downloads\НЕДКО БОРИСОВ КОЛЕВ_2019_БОЖУРОВО.ZIP 2018-10-12 09:23 - 2018-10-12 09:23 - 000075048 _____ C:\Users\Rosko\Downloads\Crystal Reports - sp_invoice_text_only_2007_5_l.rpt (1).pdf 2018-10-10 12:50 - 2018-10-10 12:50 - 004808921 _____ C:\Users\Rosko\Downloads\П-03001718168660-004-001_archive.zip 2018-10-06 15:09 - 2018-10-06 15:09 - 000611358 _____ C:\Users\Rosko\Downloads\379984975.pdf 2018-10-04 13:28 - 2018-10-04 13:28 - 000156030 _____ C:\Users\Rosko\Downloads\П-03001718168660-040-001_archive.zip 2018-10-01 18:27 - 2018-10-01 18:27 - 000143428 _____ C:\Users\Rosko\Downloads\Информационна брошура за бъдещите майки.pdf ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2018-10-28 14:23 - 2009-07-14 06:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2018-10-28 14:23 - 2009-07-14 06:45 - 000016624 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2018-10-28 14:19 - 2009-07-14 05:20 - 000000000 ____D C:\PerfLogs 2018-10-28 14:11 - 2017-08-24 12:56 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\CalendarTool 2018-10-28 12:42 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI 2018-10-28 12:42 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf 2018-10-28 12:36 - 2017-06-10 14:47 - 000000000 __SHD C:\Users\Rosko\IntelGraphicsProfiles 2018-10-28 12:36 - 2015-04-23 13:38 - 000000000 ____D C:\Program Files (x86)\TeamViewer 2018-10-28 12:35 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2018-10-28 11:44 - 2016-08-08 17:51 - 000000000 ___HD C:\Program Files (x86)\m3yE3E0 2018-10-28 10:43 - 2015-04-23 12:58 - 000000000 ____D C:\Users\Rosko\AppData\Local\Microsoft Help 2018-10-28 10:29 - 2017-01-10 10:04 - 000000000 ____D C:\Users\Rosko\AppData\Local\CrashDumps 2018-10-27 19:48 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\tracing 2018-10-24 07:25 - 2015-04-24 13:10 - 000000000 ____D C:\Users\Rosko\AppData\Roaming\Skype 2018-10-23 08:18 - 2017-02-01 21:07 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk 2018-10-18 09:43 - 2018-07-09 15:03 - 000000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 13.lnk 2018-10-18 09:43 - 2016-02-04 18:11 - 000002998 _____ C:\Windows\wininit.ini 2018-10-17 16:19 - 2015-06-12 12:20 - 000000000 ____D C:\Windows\Minidump 2018-10-17 16:18 - 2015-06-12 12:20 - 375178840 _____ C:\Windows\MEMORY.DMP 2018-10-15 10:59 - 2009-07-14 07:08 - 000032534 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2018-10-09 21:41 - 2018-03-14 11:33 - 000004462 _____ C:\Windows\System32\Tasks\Adobe Flash Player NPAPI Notifier 2018-10-09 21:41 - 2017-02-01 18:37 - 000842240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe 2018-10-09 21:41 - 2017-02-01 18:37 - 000175104 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2018-10-09 21:41 - 2017-02-01 18:37 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater 2018-10-09 21:41 - 2017-02-01 18:37 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2018-10-09 21:41 - 2017-02-01 18:37 - 000000000 ____D C:\Windows\system32\Macromed 2018-10-04 13:28 - 2015-11-03 22:05 - 000000000 ____D C:\Users\Rosko\AppData\LocalLow\Adobe 2018-10-01 21:10 - 2015-04-23 13:18 - 000000000 ____D C:\KMPlayer 2018-10-01 08:27 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\system32\NDF ==================== Files in the root of some directories ======= 2015-10-10 07:33 - 2015-10-10 07:33 - 000229019 _____ () C:\ProgramData\KTLVGTHRCQSO.dat 2017-06-08 17:31 - 2017-06-08 17:31 - 000000017 _____ () C:\Users\Rosko\AppData\Local\resmon.resmoncfg ==================== Bamital & volsnap ====================== (There is no automatic fix for files that do not pass verification.) C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\SysWOW64\wininit.exe => File is digitally signed C:\Windows\explorer.exe => File is digitally signed C:\Windows\SysWOW64\explorer.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\SysWOW64\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\SysWOW64\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\SysWOW64\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2018-10-26 08:40 ==================== End of FRST.txt ============================ Addition.txt
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.