Премини към съдържанието

plamen10

Потребител
  • Публикации

    45
  • Регистрация

  • Последно онлайн

Всичко публикувано от plamen10

  1. да компа си е за пенсия,но за сега не мога да си позволя нов ще му увелича рамта с още 2gb
  2. мерси за помоща! намирам значително подобрение firefox не ми товари толкова ,преди беше на 60% само браузера,снимката е с 2 отворени страници на тая антика. ВЕЛИКАН си!D:
  3. # Run at 26.4.2020 'г.' 20:40:27 'ч.' # KpRm (Kernel-panik) version 2.8 # Website https://kernel-panik.me/tool/kprm/ # Run by NIKI from E:\FILMI # Computer Name: NIKI-PC # OS: Windows 7 X64 (7601) Service Pack 1 # Number of passes: 2 - Checked options - ~ Registry Backup ~ Delete Tools ~ Restore System Settings ~ UAC Restore ~ Delete Restore Points ~ Create Restore Point ~ Delete Quarantines - Create Registry Backup - ~ [OK] Hive C:\Windows\System32\config\SOFTWARE backed up ~ [OK] Hive C:\Users\NIKI\NTUSER.dat backed up [OK] Registry Backup: C:\KPRM\backup\2020-04-26-20-40-27 - Delete Tools - ## FRST [OK] C:\FRST deleted - Restore System Settings - [OK] Reset WinSock [OK] FLUSHDNS [OK] Hide Hidden file. [OK] Show Extensions for known file types [OK] Hide protected operating system files - Restore UAC - [OK] Set EnableLUA with default (1) value [OK] Set ConsentPromptBehaviorAdmin with default (5) value [OK] Set ConsentPromptBehaviorUser with default (3) value [OK] Set EnableInstallerDetection with default (0) value [OK] Set EnableSecureUIAPaths with default (1) value [OK] Set EnableUIADesktopToggle with default (0) value [OK] Set EnableVirtualization with default (1) value [OK] Set FilterAdministratorToken with default (0) value [OK] Set PromptOnSecureDesktop with default (1) value [OK] Set ValidateAdminCodeSignatures with default (0) value - Clear Restore Points - ~ [OK] RP named Програма за инсталиране на модули за Windows created at 04/26/2020 12:44:51 deleted ~ [OK] RP named Програма за инсталиране на модули за Windows created at 04/26/2020 12:46:17 deleted ~ [OK] RP named Windows Update created at 04/26/2020 15:25:14 deleted ~ [OK] RP named Windows Update created at 04/26/2020 15:32:48 deleted ~ [OK] RP named Windows Update created at 04/26/2020 15:39:59 deleted ~ [OK] RP named Windows Update created at 04/26/2020 15:47:16 deleted ~ [OK] RP named Windows Update created at 04/26/2020 15:52:39 deleted [OK] All system restore points have been successfully deleted - Create Restore Point - [OK] System Restore Point created - Display System Restore Point - ~ RP named KpRm created at 04/26/2020 17:41:28 -- KPRM finished in 98.52s --
  4. последният файл WINRAR 5.71 64-bit от 18.4.2020 горе долу от тогава са проблемите
  5. а тоя файл не ми излиза Avast Update Helper
  6. като кликнах да деинсталирам Intel Security True Key ми изписа: появи се грешка и файла изчезна
  7. не се бъзикам просто съм много зпе с компютрите
  8. SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17] WebSite: www.safezone.cc DateLog: 26.04.2020 19:32:38 Path starting: C:\Users\NIKI\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: NIKI VersionXML: 7.42is-25.04.2020 ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 0402 Installation date OS: 08.08.2017 11:21:21 LicenseStatus: Windows(R) 7, Ultimate edition Initial grace period ends :43080 minutes Boot Mode: Normal Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe SystemDrive: 😄 FS: [NTFS] Capacity: [68.4 Gb] Used: [39.8 Gb] Free: [28.6 Gb] ------------------------------- [ Windows ] ------------------------------- Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats Internet Explorer 8.0.7601.17514 Warning! Download Update User Account Control disabled (Level 1) ^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^ Never check for updates Date install updates: 2017-08-08 12:45:37 Windows Update (wuauserv) - The service is running Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------- [ HotFix ] -------------------------------- HotFix KB3177467 Warning! Download Update ---------------------------- [ Antivirus_WMI ] ---------------------------- Malwarebytes (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Защитна стена на Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Malwarebytes (enabled and up to date) Windows Defender (enabled and out of date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.1.0.56 v.4.1.0.56 Avast Update Helper v.1.4.154.333 --------------------------- [ OtherUtilities ] ---------------------------- Microsoft .NET Framework 4.8 v.4.8.03761 -------------------------------- [ Arch ] --------------------------------- WinRAR 5.71 (64-bit) v.5.71.0 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.5.5.45628 Warning! P2P-client. --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 32 PPAPI v.32.0.0.363 Adobe Acrobat Reader DC v.20.006.20042 ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 75.0 (x86 bg) v.75.0 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe v.4.0.0.620 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.620 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.890 Windows Defender (WinDefend) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- Intel Security True Key v.4.19.108.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. ----------------------------- [ End of Log ] ------------------------------ да потърся ли update: WinRAR 5.71 (64-bit) v.5.71.0 Warning! Download Update ?
  9. инсталирах ги само за тая HotFix KB3177467 Warning! Download Update ми пище актуализацията не се отнася за вашия компютър нито една от тях
  10. благодаря за търпениетo простете некомпетентността ми ,ще пробвам да ги инсталирам сега
  11. добре от линка който сте дали нали?
  12. Extended support has ended 14.01.2020 от тогава са ми проблемите тоест не видя ми се че е 14.04.2020 собщението долу в дясно: Това копие на уиндоус не оргинално !което имах изчезна!
  13. SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17] WebSite: www.safezone.cc DateLog: 26.04.2020 17:12:15 Path starting: C:\Users\NIKI\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: NIKI VersionXML: 7.42is-25.04.2020 ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 0402 Installation date OS: 08.08.2017 11:21:21 LicenseStatus: Windows(R) 7, Ultimate edition Initial grace period ends :43200 minutes Boot Mode: Normal Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe SystemDrive: 😄 FS: [NTFS] Capacity: [68.4 Gb] Used: [36.4 Gb] Free: [32 Gb] ------------------------------- [ Windows ] ------------------------------- Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats Internet Explorer 8.0.7601.17514 Warning! Download Update User Account Control disabled (Level 1) ^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^ Never check for updates Date install updates: 2017-08-08 12:45:37 Windows Update (wuauserv) - The service is running Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service has stopped Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------- [ HotFix ] -------------------------------- HotFix KB3177467 Warning! Download Update HotFix KB4012212 Warning! Download Update HotFix KB4499175 Warning! Download Update HotFix KB4512486 Warning! Download Update HotFix KB4539602 Warning! Download Update --------------------------- [ FirewallWindows ] --------------------------- Защитна стена на Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Windows Defender (enabled and out of date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Avast Update Helper v.1.4.154.333 --------------------------- [ OtherUtilities ] ---------------------------- Microsoft .NET Framework 4.5.2 v.4.5.51209 Warning! Download Update -------------------------------- [ Arch ] --------------------------------- WinRAR 5.71 (64-bit) v.5.71.0 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.5.5.45628 Warning! P2P-client. --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 32 PPAPI v.32.0.0.363 Adobe Acrobat Reader DC v.20.006.20042 ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 75.0 (x86 bg) v.75.0 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Windows Defender (WinDefend) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- Intel Security True Key v.4.19.108.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. ----------------------------- [ End of Log ] ------------------------------
  14. отново непрекъснат beep сигнал при сканирането с SecurityCheck by glax24 ето и резултата
  15. инсталирах ги с големи мъки през Safe Mode сега сканирам с Securitycheck,премахнах Kaspersky
  16. SecurityCheck by glax24 & Severnyj v.1.4.0.53 [27.10.17] WebSite: www.safezone.cc DateLog: 26.04.2020 14:08:18 Path starting: C:\Users\NIKI\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: NIKI VersionXML: 7.42is-25.04.2020 ___________________________________________________________________________ Windows 7(6.1.7601) Service Pack 1 (x64) Ultimate Lang: 0402 Installation date OS: 08.08.2017 11:21:21 LicenseStatus: Windows(R) 7, Ultimate edition Windows is in Notification mode Boot Mode: Normal Default Browser: C:\Program Files (x86)\Mozilla Firefox\firefox.exe SystemDrive: 😄 FS: [NTFS] Capacity: [68.4 Gb] Used: [31.4 Gb] Free: [37 Gb] ------------------------------- [ Windows ] ------------------------------- Extended support has ended 14.01.2020, Your operating system may be vulnerable to new types of threats Internet Explorer 8.0.7601.17514 Warning! Download Update User Account Control disabled (Level 1) ^It is recommended to enable (default): Win+R typing UserAccountControlSettings and Enter^ Never check for updates Date install updates: 2017-08-08 12:45:37 Windows Update (wuauserv) - The service is running Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ------------------------------- [ HotFix ] -------------------------------- HotFix KB3177467 Warning! Download Update HotFix KB3125574 Warning! Download Update HotFix KB4012212 Warning! Download Update HotFix KB4499175 Warning! Download Update HotFix KB4474419 Warning! Download Update HotFix KB4490628 Warning! Download Update HotFix KB4512486 Warning! Download Update HotFix KB4474419 Warning! Download Update HotFix KB4539602 Warning! Download Update ---------------------------- [ Antivirus_WMI ] ---------------------------- Kaspersky Anti-Virus (disabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Защитна стена на Windows (MpsSvc) - The service is running --------------------------- [ AntiSpyware_WMI ] --------------------------- Kaspersky Anti-Virus (disabled and up to date) Windows Defender (enabled and out of date) ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Kaspersky Anti-Virus v.20.0.14.1085 Avast Update Helper v.1.4.154.333 --------------------------- [ OtherUtilities ] ---------------------------- Microsoft .NET Framework 4.5.2 v.4.5.51209 Warning! Download Update -------------------------------- [ Arch ] --------------------------------- WinRAR 5.71 (64-bit) v.5.71.0 Warning! Download Update ---------------------------- [ ProxyAndVPNs ] ----------------------------- Kaspersky Secure Connection v.20.0.14.1085 --------------------------------- [ P2P ] --------------------------------- µTorrent v.3.5.5.45628 Warning! P2P-client. --------------------------- [ AdobeProduction ] --------------------------- Adobe Flash Player 32 PPAPI v.32.0.0.363 Adobe Acrobat Reader DC v.20.006.20042 ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 75.0 (x86 bg) v.75.0 ------------------ [ AntivirusFirewallProcessServices ] ------------------- Kaspersky Anti-Virus Service 20.0 (AVP20.0) - The service is running C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe v.20.0.14.1085 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avpui.exe v.20.0.21.1325 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe v.20.0.14.1085 C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe v.20.0.21.1325 Windows Defender (WinDefend) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- Intel Security True Key v.4.19.108.1 Warning! Application is distributed through the partnership programs and bundle assemblies. Uninstallation recommended. Possible you became a victim of fraud or social engineering. ----------------------------- [ End of Log ] ------------------------------
  17. показва ми че не мога да я ползвам на уйндоус 7
  18. Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-04-2020 Ran by NIKI (26-04-2020 13:29:13) Running from E:\FILMI Windows 7 Ultimate Service Pack 1 (X64) (2017-08-08 11:21:21) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-2908173009-1435417482-1856714295-500 - Administrator - Disabled) Guest (S-1-5-21-2908173009-1435417482-1856714295-501 - Limited - Disabled) NIKI (S-1-5-21-2908173009-1435417482-1856714295-1000 - Administrator - Enabled) => C:\Users\NIKI ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Kaspersky Anti-Virus (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8} AS: Kaspersky Anti-Virus (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65} AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) µTorrent (HKU\S-1-5-21-2908173009-1435417482-1856714295-1000\...\uTorrent) (Version: 3.5.5.45628 - BitTorrent Inc.) Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 20.006.20042 - Adobe Systems Incorporated) Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.363 - Adobe) AIDA64 Extreme v6.25 (HKLM-x32\...\AIDA64 Extreme_is1) (Version: 6.25 - FinalWire Ltd.) AMD Catalyst Install Manager (HKLM\...\{37FCE154-7F59-74F0-3A35-BF503CEB230B}) (Version: 8.0.877.0 - Advanced Micro Devices, Inc.) Avast Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.4.154.333 - AVAST Software) Hidden BS.Player FREE (HKLM-x32\...\BSPlayerf) (Version: 2.71.1081 - AB Team, d.o.o.) bwin Poker (HKLM-x32\...\bwincomPoker) (Version: - bwincom) GGPoker (HKLM-x32\...\{17957224-C75F-41E9-B76B-30C53F187ACD}) (Version: 1.0.0.76 - NSUS Ltd.) Intel Security True Key (HKLM\...\TrueKey) (Version: 4.19.108.1 - Intel Security) Kaspersky Anti-Virus (HKLM-x32\...\{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Anti-Virus (HKLM-x32\...\InstallWIX_{D891550B-ACFE-4797-B368-BCFC434BBEB1}) (Version: 20.0.14.1085 - Kaspersky) Kaspersky Secure Connection (HKLM-x32\...\{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Hidden Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{145AE349-477A-45E5-A57C-5F5BF2BB5775}) (Version: 20.0.14.1085 - Kaspersky) Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation) Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation) Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.40660 (HKLM-x32\...\{61087a79-ac85-455c-934d-1fa22cc64f36}) (Version: 12.0.40660.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation) Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation) Mozilla Firefox 75.0 (x86 bg) (HKLM-x32\...\Mozilla Firefox 75.0 (x86 bg)) (Version: 75.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 75.0 - Mozilla) Notepad++ (32-bit x86) (HKLM-x32\...\Notepad++) (Version: 7.8.5 - Notepad++ Team) OpenAL (HKLM-x32\...\OpenAL) (Version: - ) Poker at bet365.BG (HKLM-x32\...\bet365pokerbg) (Version: - ) PokerStars.bg (HKLM-x32\...\PokerStars.bg) (Version: - PokerStars.bg) PostgreSQL 9.3 (HKLM\...\PostgreSQL 9.3) (Version: 9.3 - PostgreSQL Global Development Group) TechPowerUp GPU-Z (HKLM-x32\...\TechPowerUp GPU-Z) (Version: - TechPowerUp) WinRAR 5.71 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.71.0 - win.rar GmbH) ==================== Custom CLSID (Whitelisted): ============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ContextMenuHandlers1: [ANotepad++64] -> {B298D29A-A6ED-11DE-BA8C-A68E55D89593} => C:\Program Files (x86)\Notepad++\NppShell_06.dll [2020-03-04] (Notepad++ -> ) ContextMenuHandlers1: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers2: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers4: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [Kaspersky Anti-Virus 20.0] -> {6E1B4453-548D-4C43-A4AB-DE8D1D3DE17B} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\ShellEx.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2019-04-27] (win.rar GmbH -> Alexander Roshal) ==================== Codecs (Whitelisted) ==================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll ==================== Shortcuts & WMI ======================== (The entries could be listed to be restored or removed.) WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\":: WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99] WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate] Shortcut: C:\Users\NIKI\Desktop\iexplore - Пряк път.lnk -> C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) <==== Cyrillic Shortcut: C:\Users\NIKI\Desktop\Компютър.lnk -> [LFPO :i+00r1SPS0%G`%><[email protected]!8AB5<=0 ?0?:01SPSjc(=Oe)::{20D04FE0-3AEA-1069-A2D8-08002B30309D}] <==== Cyrillic ==================== Loaded Modules (Whitelisted) ============= 2020-04-05 14:27 - 2018-11-06 06:01 - 000178688 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBPQ.dll 2020-04-05 14:28 - 2016-08-02 13:40 - 002257408 _____ () [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libxml2.dll 2013-04-30 05:49 - 2009-08-18 01:52 - 000251904 _____ (Advanced Micro Devices, Inc.) [File not signed] C:\Windows\system32\atiadlxx.dll 2020-04-05 14:27 - 2011-01-10 18:16 - 000240862 _____ (Free Software Foundation) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\libintl-8.dll 2020-04-05 14:28 - 2018-08-22 15:11 - 001669632 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\LIBEAY32.dll 2020-04-05 14:28 - 2018-08-22 15:11 - 000355840 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\SSLEAY32.dll ==================== Alternate Data Streams (Whitelisted) ======== ==================== Safe Mode (Whitelisted) ================== ==================== Association (Whitelisted) ================= ==================== Internet Explorer trusted/restricted ========== ==================== Hosts content: ========================= (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 05:34 - 2019-03-25 03:42 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts ==================== Other Areas =========================== (Currently there is no automatic fix for this section.) HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\AMD APP\bin\x86_64;C:\Program Files (x86)\AMD APP\bin\x86;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static HKU\S-1-5-21-2908173009-1435417482-1856714295-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\NIKI\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 109.120.236.9 - 109.120.236.10 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 0) Windows Firewall is enabled. ==================== MSCONFIG/TASK MANAGER disabled items == (If an entry is included in the fixlist, it will be removed.) MSCONFIG\startupreg: Chromium => "c:\users\niki\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session MSCONFIG\startupreg: HoldemManager.Server => C:\Users\NIKI\AppData\Roaming\Max Value Software\Holdem Manager\3.0\HoldemManager.Server.lnk ==================== FirewallRules (Whitelisted) ================ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{FB9E84BA-BEA0-4825-91EF-03DAB5320893}] => (Allow) C:\Users\NIKI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [{EF9FB740-DE5F-4D12-9DEA-BD76DC9007C6}] => (Allow) C:\Users\NIKI\AppData\Roaming\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent Inc.) FirewallRules: [TCP Query User{A5A53208-6FA0-46F1-8D4E-A124FE2CC581}E:\game\hl.exe] => (Allow) E:\game\hl.exe (Valve) [File not signed] FirewallRules: [UDP Query User{F6BA2AEB-5C39-4082-A03A-0F2FFE2B011F}E:\game\hl.exe] => (Allow) E:\game\hl.exe (Valve) [File not signed] FirewallRules: [{70CA6AB4-DD6D-4BB4-80BB-AE6EE6BBC2A1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) FirewallRules: [{4820E1B4-AC7B-493F-86BC-6CD63513E6B4}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation) ==================== Restore Points ========================= 26-04-2020 12:55:04 Restore Point Created by FRST ==================== Faulty Device Manager Devices ============ Name: Teredo Tunneling Pseudo-Interface Description: Microsoft Teredo Tunneling Adapter Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: tunnel Problem: : This device cannot start. (Code10) Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device. On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard. ==================== Event log errors: ======================== Application errors: ================== Error: (04/26/2020 01:02:30 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected. Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . Error: (04/26/2020 01:02:08 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 4107) (User: ) Description: Грешка при извличане на списък с главни сертификати на трети лица от архивен файл за автоматична актуализация в: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> с грешка: Сертификационната верига е обработена, но е завършена в начален сертификат, който не е надежден според доставчик на надеждност. . System errors: ============= Error: (04/26/2020 01:00:57 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: cdrom Error: (04/26/2020 12:56:29 PM) (Source: Service Control Manager) (EventID: 7000) (User: ) Description: Услуга Intel Security True Key Scheduler не може да бъде стартирана поради следната грешка: Системата не може да намери указания път. Error: (04/26/2020 12:56:00 PM) (Source: Service Control Manager) (EventID: 7032) (User: ) Description: Диспечерът за управление на услуги се опита да предприеме коригиращо действие (Рестартиране на услугата) след неочакваното прекъсване на услуга Windows Search, но това действие се оказа неуспешно поради следната грешка: Вече се изпълнява екземпляр на услугата. Error: (04/26/2020 12:55:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Software Protection беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 120000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (04/26/2020 12:55:30 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Windows Search беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 30000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (04/26/2020 12:55:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга Adobe Acrobat Update Service беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Error: (04/26/2020 12:55:29 PM) (Source: Service Control Manager) (EventID: 7031) (User: ) Description: Услуга Intel Security True Key Scheduler беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). След 60000 милисекунди ще бъде предприето следното коригиращо действие: Рестартиране на услугата. Error: (04/26/2020 12:55:29 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: Услуга postgresql-x64-9.3 - PostgreSQL Server 9.3 беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). Windows Defender: =================================== Date: 2020-04-18 16:41:56.810 Description: Windows Defender scan has been stopped before completion. Scan ID:{18C53372-97D0-4D8F-9449-F106E1A29303} Scan Type:AntiSpyware Scan Parameters:Quick Scan CodeIntegrity: =================================== Date: 2020-04-26 01:16:01.312 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 01:16:01.214 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:26:26.827 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:26:26.705 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:09:18.393 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:09:18.300 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:03:57.477 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. Date: 2020-04-26 00:03:57.384 Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\FinalWire\AIDA64 Extreme\kerneld.x64 because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source. ==================== Memory info =========================== BIOS: Award Software International, Inc. F5 10/02/2007 Motherboard: Gigabyte Technology Co., Ltd. P31-DS3L Processor: Intel(R) Pentium(R) Dual CPU E2160 @ 1.80GHz Percentage of memory in use: 97% Total physical RAM: 2046.49 MB Available physical RAM: 41.62 MB Total Virtual: 4844.08 MB Available Virtual: 469.07 MB ==================== Drives ================================ Drive 😄 () (Fixed) (Total:68.36 GB) (Free:36.66 GB) NTFS Drive e: () (Fixed) (Total:397.29 GB) (Free:393.67 GB) NTFS \\?\Volume{ba140c5c-7c2a-11e7-bd49-806e6f6e6963}\ (Резервирана за системата) (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS ==================== MBR & Partition Table ==================== ========================================================== Disk: 0 (MBR Code: Windows 7/8/10) (Size: 465.8 GB) (Disk ID: 64F6E93D) Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=68.4 GB) - (Type=07 NTFS) Partition 3: (Not Active) - (Size=397.3 GB) - (Type=0F Extended) ==================== End of Addition.txt =======================
  19. Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-04-2020 Ran by NIKI (administrator) on NIKI-PC (Gigabyte Technology Co., Ltd. P31-DS3L) (26-04-2020 13:25:49) Running from E:\FILMI Loaded Profiles: NIKI (Available Profiles: NIKI) Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България) Internet Explorer Version 8 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Adobe Inc. -> Adobe Systems) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (AMD) [File not signed] C:\Windows\System32\atieclxx.exe (AMD) [File not signed] C:\Windows\System32\atiesrxx.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avpui.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe (Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksdeui.exe (Mozilla Corporation -> Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe <5> (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe (PostgreSQL Global Development Group) [File not signed] C:\Program Files\PostgreSQL\9.3\bin\postgres.exe <7> ==================== Registry (Whitelisted) =================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter" ==================== Scheduled Tasks (Whitelisted) ============ (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0EA9752E-5502-414D-8E41-88A7685CA6E3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1242704 2020-02-25] (Adobe Inc. -> Adobe Systems) Task: {10FD4DEF-BC30-4EA0-BFE6-E5A07CFA4F0E} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [110792 2020-04-03] (Mozilla Corporation -> Mozilla Foundation) Task: {287CC9BE-EE06-4E20-8126-0FA783951DE2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-04-18] (Adobe Inc. -> Adobe) Task: {361F7AAC-862B-4008-A033-6FE09E89BE2F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_363_pepper.exe [1454136 2020-04-18] (Adobe Inc. -> Adobe) Task: {9DC0E174-6D0C-4347-8D42-535054232246} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Tcpip\..\Interfaces\{2188F396-7F40-4A6F-9EE9-C5C218D8BED1}: [NameServer] 109.120.236.9 109.120.236.10 Internet Explorer: ================== HKU\S-1-5-21-2908173009-1435417482-1856714295-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-xl/?ocid=iehp BHO: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) BHO-x32: Kaspersky Protection -> {9F904093-6E18-4536-BF5F-B03689CF00F0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\IEExt\ie_plugin.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\IEExt\ie_plugin.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) Toolbar: HKU\S-1-5-21-2908173009-1435417482-1856714295-1000 -> Kaspersky Protection Toolbar - {EF293C5A-9F37-49FD-91C4-2B867063FC54} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\IEExt\ie_plugin.dll [2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Windows -> Microsoft Corporation) StartMenuInternet: IEXPLORE.EXE - iexplore.exe FireFox: ======== FF DefaultProfile: zddwqpsx.default FF ProfilePath: C:\Users\NIKI\AppData\Roaming\Mozilla\Firefox\Profiles\zddwqpsx.default [2020-04-26] FF ProfilePath: C:\Users\NIKI\AppData\Roaming\Mozilla\Firefox\Profiles\i7k7dkez.default-release [2020-04-26] FF DownloadDir: E:\FILMI FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-03-06] (Adobe Inc. -> Adobe Systems Inc.) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-04-26] <==== ATTENTION (Points to *.cfg file) FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-04-26] <==== ATTENTION Chrome: ======= CHR Profile: C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default [2020-04-26] CHR HomePage: Default -> hxxp://www.msn.com/?pc=UP97&ocid=UP97DHP CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Extension: (Презентации) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12] CHR Extension: (Документи) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12] CHR Extension: (Google Диск) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-08] CHR Extension: (YouTube) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-08] CHR Extension: (АБВ Уведомител) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\cpbekonjicgkldkmopnamgglbfaiojje [2017-08-11] CHR Extension: (Таблици) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12] CHR Extension: (Google Документи офлайн) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-03-12] CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-17] CHR Extension: (Gmail) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-04-29] CHR Extension: (Chrome Media Router) - C:\Users\NIKI\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2020-04-03] CHR HKLM\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [elhpdacimkjpccooodognopfhbdgnpbk] - hxxps://chrome.google.com/webstore/detail/elhpdacimkjpccooodognopfhbdgnpbk CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found> ==================== Services (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [203264 2009-08-18] (AMD) [File not signed] R2 AVP20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\avp.exe [357416 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) S3 klvssbridge64_20.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Anti-Virus 20.0\x64\vssbridge64.exe [438928 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 KSDE4.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 4.0\ksde.exe [619752 2019-03-21] (Kaspersky Lab -> AO Kaspersky Lab) R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Windows -> Microsoft Corporation) R2 postgresql-x64-9.3; "C:\Program Files\PostgreSQL\9.3\bin\pg_ctl.exe" runservice -N "postgresql-x64-9.3" -D "C:/Program Files/PostgreSQL/9.3/data" -w [X] ===================== Drivers (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) S3 amdkmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-14] (Microsoft Windows -> ATI Technologies Inc.) S3 amdkmdap; C:\Windows\System32\DRIVERS\atikmpag.sys [359936 2013-04-30] (Advanced Micro Devices, Inc.) [File not signed] R3 AtiHDAudioService; C:\Windows\System32\drivers\AtihdW76.sys [96896 2012-05-14] (Advanced Micro Devices, Inc. -> Advanced Micro Devices) R3 atikmdag; C:\Windows\System32\DRIVERS\atikmdag.sys [5020672 2009-07-14] (Microsoft Windows -> ATI Technologies Inc.) R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [246912 2019-02-16] (Kaspersky Lab -> AO Kaspersky Lab) R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [531584 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [79768 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [145504 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab) R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [93312 2019-03-12] (Kaspersky Lab -> AO Kaspersky Lab) R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [251800 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [586496 2020-01-27] (Kaspersky Lab -> AO Kaspersky Lab) R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1163216 2020-01-24] (Kaspersky Lab -> AO Kaspersky Lab) R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [998296 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [58192 2019-03-19] (Kaspersky Lab -> AO Kaspersky Lab) R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [79760 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [59512 2019-03-18] (Kaspersky Lab -> AO Kaspersky Lab) R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [51328 2019-03-13] (Kaspersky Lab -> AO Kaspersky Lab) R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [48592 2018-03-16] (AnchorFree Inc -> The OpenVPN Project) S4 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [105600 2019-03-05] (Kaspersky Lab -> AO Kaspersky Lab) R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [211048 2020-02-10] (Kaspersky Lab -> AO Kaspersky Lab) R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [232344 2020-04-20] (Kaspersky Lab -> AO Kaspersky Lab) R3 RTL8167; C:\Windows\System32\DRIVERS\Rt64win7.sys [187392 2009-06-10] (Microsoft Windows -> Realtek Corporation ) S3 VGPU; System32\drivers\rdvgkmd.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One month (created) =================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-26 11:53 - 2020-04-26 13:27 - 000000000 ____D C:\FRST 2020-04-26 00:03 - 2020-04-26 00:03 - 000001139 _____ C:\Users\NIKI\Desktop\AIDA64 Extreme.lnk 2020-04-26 00:03 - 2020-04-26 00:03 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FinalWire 2020-04-26 00:03 - 2020-04-26 00:03 - 000000000 ____D C:\Program Files (x86)\FinalWire 2020-04-25 22:29 - 2020-04-25 22:29 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\TechPowerUp GPU-Z 2020-04-25 22:29 - 2020-04-25 22:29 - 000000000 ____D C:\Program Files (x86)\GPU-Z 2020-04-25 21:23 - 2020-04-25 21:34 - 3186397467 _____ C:\Users\NIKI\Downloads\Vtorzhienie.2019.x264.BDRip.(1080p).OlLanDGroup.mkv 2020-04-20 11:34 - 2020-04-20 11:34 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection 2020-04-20 11:33 - 2020-04-20 11:33 - 000002043 _____ C:\Users\Public\Desktop\Kaspersky Anti-Virus.lnk 2020-04-20 11:33 - 2020-04-20 11:33 - 000002043 _____ C:\ProgramData\Desktop\Kaspersky Anti-Virus.lnk 2020-04-20 11:33 - 2020-04-20 11:33 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Anti-Virus 2020-04-20 11:33 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll 2020-04-20 11:32 - 2020-04-26 13:18 - 000000000 ____D C:\ProgramData\Kaspersky Lab 2020-04-20 11:32 - 2020-04-20 11:36 - 000998296 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys 2020-04-20 11:32 - 2020-04-20 11:36 - 000251800 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys 2020-04-20 11:32 - 2020-04-20 11:33 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab 2020-04-19 19:57 - 2020-04-19 19:57 - 000000000 ____D C:\Users\NIKI\Documents\TotalAV 2020-04-19 19:54 - 2020-04-19 20:51 - 000000000 ____D C:\ProgramData\TotalAV 2020-04-19 19:54 - 2020-04-19 19:54 - 000000000 ____D C:\ProgramData\SecuritySuite 2020-04-19 16:48 - 2020-04-20 11:35 - 000003032 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} 2020-04-19 16:40 - 2020-04-20 11:34 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files 2020-04-19 15:45 - 2020-04-19 15:45 - 000000000 ____D C:\Program Files (x86)\AMD APP 2020-04-19 15:43 - 2020-04-19 15:43 - 000000000 ____D C:\Program Files\ATI Technologies 2020-04-19 15:43 - 2020-04-19 15:43 - 000000000 ____D C:\Program Files\ATI 2020-04-19 14:33 - 2020-04-19 14:33 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\DriverPack Cloud 2020-04-19 14:33 - 2020-04-19 14:33 - 000000000 ____D C:\Users\NIKI\AppData\Local\cloud 2020-04-19 14:20 - 2020-04-19 14:20 - 000000000 ____D C:\Users\NIKI\.cache 2020-04-19 14:20 - 2014-09-10 19:14 - 000163480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 001070232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomctl.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000660120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomct2.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000617896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000444328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MShflxgd.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000416408 _____ (Microsoft Corporation ) C:\Windows\SysWOW64\comct332.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000279192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatgrd.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000259736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msflxgrd.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000253080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdatlst.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000222360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tabctl32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000219288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\richtx32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000218776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dblist32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000212112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mci32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000179352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmask32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000170920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comct232.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000131728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinet.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000130712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msstdfmt.dll 2020-04-19 14:20 - 2013-11-25 16:27 - 000127640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mswinsck.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000119960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mscomm32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000108696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSSTKPRP.DLL 2020-04-19 14:20 - 2013-11-25 16:27 - 000104088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\picclp32.ocx 2020-04-19 14:20 - 2013-11-25 16:27 - 000084624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysinfo.ocx 2020-04-19 14:20 - 2011-01-12 22:36 - 001054208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71u.dll 2020-04-19 14:20 - 2011-01-12 22:25 - 000065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71DEU.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ITA.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71FRA.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ESP.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71ENU.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71KOR.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71JPN.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHT.DLL 2020-04-19 14:20 - 2011-01-12 22:25 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71CHS.DLL 2020-04-19 14:20 - 2011-01-12 22:19 - 001060864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFC71.dll 2020-04-19 14:20 - 2011-01-12 21:53 - 000090112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl71.dll 2020-04-19 14:20 - 2008-04-15 15:00 - 001355776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvbvm50.dll 2020-04-19 14:20 - 2007-02-01 19:13 - 000503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp71.dll 2020-04-19 14:20 - 2007-02-01 16:11 - 000344064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr71.dll 2020-04-19 14:20 - 2007-01-30 19:04 - 000339968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcr70.dll 2020-04-19 14:20 - 2006-08-25 23:28 - 001017344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70u.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70ita.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70fra.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70esp.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70deu.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000057344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70enu.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70kor.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70jpn.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70cht.dll 2020-04-19 14:20 - 2006-08-25 23:15 - 000040960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70chs.dll 2020-04-19 14:20 - 2006-08-25 23:07 - 001024000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfc70.dll 2020-04-19 14:20 - 2006-08-25 22:17 - 000086016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\atl70.dll 2020-04-19 14:20 - 2005-01-20 18:25 - 000054784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvci70.dll 2020-04-19 14:20 - 2002-01-05 04:40 - 000487424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MSVCP70.DLL 2020-04-19 14:20 - 1996-01-12 03:00 - 000722192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Vb40032.dll 2020-04-19 14:20 - 1994-11-18 00:00 - 000210944 _____ C:\Windows\SysWOW64\msvcrt10.dll 2020-04-19 14:17 - 2020-04-19 14:23 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\DRPSu 2020-04-18 22:09 - 2020-04-18 22:09 - 000000000 ____D C:\ProgramData\Driver-Soft 2020-04-18 22:08 - 2020-04-18 22:08 - 000000000 ____D C:\Program Files (x86)\Driver-Soft 2020-04-18 21:32 - 2020-04-26 01:29 - 000000000 ____D C:\Program Files\AMD 2020-04-18 21:32 - 2020-04-18 21:32 - 000000000 ____D C:\Users\NIKI\AppData\Local\RadeonInstaller 2020-04-18 20:56 - 2020-04-19 10:40 - 000000000 ____D C:\Program Files (x86)\ATI 2020-04-18 20:54 - 2020-04-18 20:54 - 000000000 ____D C:\ATI 2020-04-18 20:42 - 2020-04-26 01:29 - 000000000 ____D C:\ProgramData\AMD 2020-04-18 20:42 - 2020-04-18 20:42 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\ATI 2020-04-18 20:42 - 2020-04-18 20:42 - 000000000 ____D C:\Users\NIKI\AppData\Local\ATI 2020-04-18 20:35 - 2020-04-26 01:29 - 000000000 ____D C:\AMD 2020-04-18 18:58 - 2020-04-18 18:58 - 000000000 ____D C:\Users\NIKI\AppData\Local\mbamtray 2020-04-18 18:58 - 2020-04-18 18:58 - 000000000 ____D C:\Users\NIKI\AppData\Local\mbam 2020-04-18 17:32 - 2020-04-18 17:32 - 000001958 _____ C:\Users\Public\Desktop\PokerStars.bg.lnk 2020-04-18 17:32 - 2020-04-18 17:32 - 000001958 _____ C:\ProgramData\Desktop\PokerStars.bg.lnk 2020-04-18 14:42 - 2020-04-18 14:42 - 000000995 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Notepad++.lnk 2020-04-18 13:27 - 2020-04-26 13:01 - 000000000 ____D C:\Users\NIKI\AppData\LocalLow\Mozilla 2020-04-18 13:27 - 2020-04-26 13:01 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox 2020-04-18 13:27 - 2020-04-18 13:27 - 000001123 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk 2020-04-18 13:27 - 2020-04-18 13:27 - 000001111 _____ C:\Users\Public\Desktop\Firefox.lnk 2020-04-18 13:27 - 2020-04-18 13:27 - 000001111 _____ C:\ProgramData\Desktop\Firefox.lnk 2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla 2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\Mozilla 2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\Users\NIKI\AppData\Local\Mozilla 2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\ProgramData\Mozilla 2020-04-18 13:27 - 2020-04-18 13:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service 2020-04-16 12:59 - 2020-04-16 12:59 - 000000000 __SHD C:\found.001 2020-04-16 10:00 - 2020-04-16 10:00 - 000000000 __SHD C:\found.000 2020-04-14 21:07 - 2020-04-14 21:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\bwin Poker 2020-04-14 13:50 - 2020-04-18 17:32 - 000001964 _____ C:\ProgramData\Microsoft\Windows\Start Menu\PokerStars.bg.lnk 2020-04-14 13:50 - 2020-04-14 13:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerStars.bg 2020-04-05 15:16 - 2020-04-05 15:16 - 000000000 ____D C:\Users\NIKI\AppData\Local\PokerStars 2020-04-05 14:29 - 2020-04-05 14:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PostgreSQL 9.3 2020-04-05 14:27 - 2020-04-05 14:27 - 000000000 ____D C:\Program Files\PostgreSQL 2020-04-05 14:22 - 2020-04-05 15:15 - 000000000 ____D C:\Users\NIKI\AppData\Local\PokerTracker 4 2020-04-05 14:22 - 2020-04-05 14:22 - 000005060 _____ C:\ProgramData\tlkqhubf.mqw 2020-04-05 14:22 - 2020-04-05 14:22 - 000000016 _____ C:\ProgramData\mntemp 2020-04-05 14:22 - 2020-04-05 14:22 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PokerTracker 4 ==================== One month (modified) ================== (If an entry is included in the fixlist, the file/folder will be moved.) 2020-04-26 13:00 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT 2020-04-26 12:59 - 2009-07-14 07:45 - 000026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2020-04-26 12:59 - 2009-07-14 07:45 - 000026112 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2020-04-26 12:55 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\tracing 2020-04-26 12:45 - 2017-09-22 17:19 - 000000000 ____D C:\Program Files (x86)\PokerStars.BG 2020-04-26 12:45 - 2017-08-10 17:13 - 000000000 ____D C:\Users\NIKI\AppData\Local\PokerStars.BG 2020-04-26 03:12 - 2017-08-08 16:15 - 000000000 ____D C:\Windows\SysWOW64\Macromed 2020-04-26 02:31 - 2020-01-13 14:52 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\Max Value Software 2020-04-25 23:29 - 2017-08-09 16:37 - 000007593 _____ C:\Users\NIKI\AppData\Local\Resmon.ResmonCfg 2020-04-25 21:36 - 2020-01-06 04:27 - 000000000 ____D C:\Users\NIKI\AppData\LocalLow\uTorrent 2020-04-25 21:36 - 2017-08-08 16:04 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\uTorrent 2020-04-25 21:22 - 2020-02-10 19:24 - 000000000 ____D C:\Users\NIKI\AppData\Local\BitTorrentHelper 2020-04-25 21:22 - 2017-10-20 12:24 - 000000000 ___SD C:\Users\NIKI\AppData\LocalLow\Temp 2020-04-25 15:41 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf 2020-04-22 14:20 - 2020-03-05 15:16 - 000000462 _____ C:\Users\NIKI\Desktop\Нов текстов документ (2).txt 2020-04-20 13:09 - 2017-08-08 16:28 - 000000000 ____D C:\Windows\KJ 2020-04-20 11:36 - 2020-02-10 04:17 - 000079768 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klbackupdisk.sys 2020-04-20 11:36 - 2019-03-19 02:31 - 000232344 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\kneps.sys 2020-04-20 11:36 - 2019-03-18 02:11 - 000079760 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klkbdflt.sys 2020-04-20 11:35 - 2017-08-08 16:37 - 000000000 ____D C:\Program Files\Common Files\AV 2020-04-19 23:47 - 2017-08-10 18:01 - 000000000 ____D C:\KMPlayer 2020-04-19 14:20 - 2017-08-08 14:21 - 000000000 ____D C:\Users\NIKI 2020-04-19 14:20 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\system 2020-04-19 13:43 - 2009-07-14 08:08 - 000032572 _____ C:\Windows\Tasks\SCHEDLGU.TXT 2020-04-18 23:38 - 2017-08-08 16:37 - 000000000 ____D C:\ProgramData\Package Cache 2020-04-18 17:25 - 2018-02-12 14:39 - 000000000 ____D C:\Users\NIKI\AppData\Local\ElevatedDiagnostics 2020-04-18 15:34 - 2017-09-27 17:56 - 000000704 _____ C:\Users\NIKI\Desktop\Нов текстов документ.txt 2020-04-18 14:42 - 2019-03-20 11:11 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\Notepad++ 2020-04-18 14:42 - 2019-03-20 11:11 - 000000000 ____D C:\Program Files (x86)\Notepad++ 2020-04-18 14:41 - 2017-08-12 00:49 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-04-18 14:41 - 2017-08-12 00:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR 2020-04-18 14:41 - 2017-08-12 00:49 - 000000000 ____D C:\Program Files\WinRAR 2020-04-18 14:40 - 2017-09-14 22:42 - 000000000 ____D C:\Windows\Minidump 2020-04-18 14:40 - 2017-08-08 15:13 - 000000000 ____D C:\Windows\Panther 2020-04-18 13:52 - 2017-08-08 14:31 - 000000000 ____D C:\Program Files (x86)\Google 2020-04-18 13:16 - 2019-11-08 14:11 - 000004284 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater 2020-04-18 13:15 - 2019-11-08 14:11 - 000842296 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerApp.exe 2020-04-18 13:15 - 2019-11-08 14:11 - 000175160 _____ (Adobe) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl 2020-04-18 13:15 - 2019-11-08 14:11 - 000004428 _____ C:\Windows\system32\Tasks\Adobe Flash Player PPAPI Notifier 2020-04-18 13:15 - 2017-08-08 16:15 - 000000000 ____D C:\Windows\system32\Macromed 2020-04-18 13:15 - 2017-08-08 16:15 - 000000000 ____D C:\Users\NIKI\AppData\Local\Adobe 2020-04-16 12:45 - 2019-01-28 02:15 - 000000000 _____ C:\Windows\system32\last.dump 2020-04-16 00:52 - 2019-04-27 12:54 - 000004476 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task 2020-04-14 21:07 - 2019-12-22 16:17 - 000001489 _____ C:\ProgramData\Microsoft\Windows\Start Menu\bwin Poker.lnk 2020-04-14 21:07 - 2019-12-22 16:17 - 000001483 _____ C:\Users\NIKI\Desktop\bwin Poker.lnk 2020-04-14 21:07 - 2009-07-14 08:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games 2020-04-12 14:26 - 2019-11-29 11:29 - 000000000 ____D C:\Users\NIKI\AppData\Roaming\GGPCOM 2020-04-11 17:39 - 2017-08-08 16:09 - 000000000 ____D C:\ProgramData\AVAST Software 2020-04-05 15:57 - 2017-08-08 16:30 - 000765280 _____ C:\Windows\SysWOW64\PerfStringBackup.INI 2020-04-05 15:57 - 2009-07-14 08:13 - 000765280 _____ C:\Windows\system32\PerfStringBackup.INI 2020-04-05 14:27 - 2009-07-14 06:20 - 000000000 ____D C:\Program Files\Common Files\Microsoft Shared 2020-03-27 16:05 - 2019-12-23 13:09 - 000000000 ____D C:\Program Files (x86)\GGPoker ==================== Files in the root of some directories ======== 2019-03-25 03:18 - 2019-03-25 03:18 - 000000000 _____ () C:\Users\NIKI\AppData\Local\BIT2194.tmp 2018-11-14 13:58 - 2018-11-14 13:58 - 000000000 ____H () C:\Users\NIKI\AppData\Local\BITA69B.tmp 2017-08-09 16:37 - 2020-04-25 23:29 - 000007593 _____ () C:\Users\NIKI\AppData\Local\Resmon.ResmonCfg 2019-01-28 02:11 - 2019-01-28 02:11 - 000000000 _____ () C:\Users\NIKI\AppData\Local\{22E526A1-3654-454C-AD90-C4374AA14F42} 2018-11-14 13:57 - 2018-11-14 13:58 - 000000000 _____ () C:\Users\NIKI\AppData\Local\{9D862BA5-1AFD-43D8-A0D0-C9D415A32E52} ==================== SigCheck ============================ (There is no automatic fix for files that do not pass verification.) LastRegBack: 2020-04-21 18:17 ==================== End of FRST.txt ========================
  20. ами не намирам подобрение,вирус ли е?
  21. да тест на паметта ми беше на 100% но не го завърших
  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване