Премини към съдържанието

    Препоръчан отговор


    Здравейте!Днес и аз се натъкнах на вируса от фейсбук.Антивирусната програма (Аваст) не работеше и показваше съобщението,за което споменаха и в другите теми.Инсталирах Malwarebytes и направих пълен скан.Изтрих заплахите и рестартирах компютъра си.Антивирусната изчезна както и странното забавяне на компютъра (процесорът работеше на 100%).Всичко изглежда наред ,но не мога да вляза във фейсбук.Бих се радвал на малко помощ.Благодаря предварително! П.С.: Работя с Windows 7 Home Premium.

    Редактирано от nologo (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    В този раздел има правила, ето: Правила на форум: Премахване на зловреден софтуер - HiJackThis логове. Прочетете ги много внимателно. След като ги прочетете, направете това, което е записано в т. 1. от правилата. Някой колега ще поеме случая. Успех!

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Извинявам се,но съм нов във форума. Нямам диск на уиндоус.Ето и съдържанието на 2-та лога: . DDS (Ver_2011-06-23.01) - NTFSAMD64 Internet Explorer: 8.0.7600.16385 Run by Христови at 2:15:39 on 2011-07-26 Microsoft Windows 7 Home Premium 6.1.7600.0.1251.359.1026.18.1978.1030 [GMT 3:00] . AV: AntiVir Desktop *Disabled/Outdated* {090F9C29-64CE-6C6F-379C-5901B49A85B7} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: AntiVir Desktop *Disabled/Outdated* {B26E7DCD-42F4-63E1-0D2C-6273CF1DCF0A} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskhost.exe C:\Windows\Explorer.EXE C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files (x86)\EgisTec MyWinLocker\x86\mwlDaemon.exe C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Windows\PLFSetI.exe C:\Windows\system32\igfxsrvc.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files\Acer\Acer ePower Management\ePowerTray.exe C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe C:\Program Files (x86)\Skype\Phone\Skype.exe C:\Program Files\Rainmeter\Rainmeter.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Launch Manager\dsiwmis.exe C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe C:\Program Files (x86)\Acer\Registration\GREGsvc.exe C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe C:\Program Files (x86)\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe C:\Program Files\Acer\Acer Updater\UpdaterService.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Launch Manager\LManager.exe C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe C:\Program Files (x86)\Launch Manager\MMDx64Fx.exe C:\Program Files (x86)\Launch Manager\LMworker.exe C:\Windows\system32\SearchIndexer.exe C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe C:\Windows\system32\igfxext.exe C:\Windows\system32\wbem\unsecapp.exe C:\Program Files (x86)\Winamp\winampa.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Acer\Acer ePower Management\ePowerEvent.exe C:\Program Files (x86)\Skype\Plugin Manager\skypePM.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\BitComet\BitComet.exe C:\Windows\system32\wuauclt.exe C:\Windows\system32\NOTEPAD.EXE C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\SysWOW64\rundll32.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\Христови\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Users\Христови\Downloads\dds.scr C:\Windows\SysWOW64\cmd.exe C:\Windows\system32\conhost.exe C:\Windows\SysWOW64\cscript.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://mtb-bg.com/forum/viewforum.php?f=17 uDefault_Page_URL = hxxp://acer.msn.com mDefault_Page_URL = hxxp://acer.msn.com mStart Page = hxxp://acer.msn.com mSearchAssistant = hxxp://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=5c32fdcd0000000000001c659d90419e&tlver=1.4.19.19&affID=17160 uURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll mURLSearchHooks: Winamp Search Class: {57bca5fa-5dbb-45a2-b558-1755c3f6253b} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll mWinlogon: Userinit=userinit.exe, BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Winamp Toolbar Loader: {25cee8ec-5730-41bc-8b58-22ddc8ab8c20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll BHO: CescrtHlpr Object: {2eecd738-5844-4a99-b4b6-146bf802613b} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll BHO: Search Helper: {6ebf7485-159f-4bff-a14f-b9e3aac4465b} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB: Winamp Toolbar: {ebf2ba02-9094-4c5a-858b-bb198f3d8de2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll TB: avast! WebRep: {8e5e2654-ad2d-48bf-ac2d-d17f00898d06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB: Babylon Toolbar: {98889811-442d-49dd-99d7-dc866be87dbc} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /nosplash /minimized uRun: [Google Update] "C:\Users\Христови\AppData\Local\Google\Update\GoogleUpdate.exe" /c mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe mRun: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun: [babylonToolbar] "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I mRun: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun: [tray_ico] mRun: [tray_ico2] mRun: [tray_ico3] mRun: [tray_ico4] mRun: [7764286.exe] "C:\Windows\Temp\7764286.exe" mRun: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\RAINME~1.LNK - C:\Program Files\Rainmeter\Rainmeter.exe mPolicies-explorer: NoActiveDesktop = 1 (0x1) mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1) mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableSecureUIAPaths = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html IE: &С&валяне &с BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddLink.htm IE: &С&валяне на всички с BitComet - C:\Program Files (x86)\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~3\Office12\EXCEL.EXE/3000 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 IE: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~3\Office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~3\Office12\REFIEBAR.DLL LSP: C:\Program Files (x86)\Avira\AntiVir Desktop\avsda.dll DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.3.16.0.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab TCP: DhcpNameServer = 78.83.147.1 192.168.0.1 TCP: Interfaces\{2B85E303-05C1-4448-A6ED-92591D551DC4} : DhcpNameServer = 78.83.147.1 192.168.0.1 TCP: Interfaces\{2B85E303-05C1-4448-A6ED-92591D551DC4}\64C6F6F6270233D213 : DhcpNameServer = 192.168.110.1 TCP: Interfaces\{2B85E303-05C1-4448-A6ED-92591D551DC4}\76164756771697 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{2B85E303-05C1-4448-A6ED-92591D551DC4}\B696B6F6 : DhcpNameServer = 192.168.1.1 TCP: Interfaces\{ED4E74B1-3A4A-46B1-8F22-D04FB6B44703} : NameServer = 78.86.187.1 TCP: Interfaces\{ED4E74B1-3A4A-46B1-8F22-D04FB6B44703} : DhcpNameServer = 192.168.2.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO-X64: AcroIEHelperStub - No File BHO-X64: Winamp Toolbar Loader: {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll BHO-X64: Winamp Toolbar Loader - No File BHO-X64: CescrtHlpr Object: {2EECD738-5844-4a99-B4B6-146BF802613B} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\bh\BabylonToolbar.dll BHO-X64: Babylon toolbar helper - No File BHO-X64: BitComet Helper: {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll BHO-X64: BitComet ClickCapture - No File BHO-X64: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll BHO-X64: Search Helper - No File BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll BHO-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll BHO-X64: Bing Bar BHO: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll BHO-X64: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll TB-X64: @C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\MSN Toolbar\Platform\6.0.2282.0\npwinext.dll TB-X64: Winamp Toolbar: {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files (x86)\Winamp Toolbar\winamptb.dll TB-X64: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll TB-X64: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarTlbr.dll mRun-x64: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe mRun-x64: [suiteTray] "C:\Program Files (x86)\EgisTec MyWinLockerSuite\x86\SuiteTray.exe" mRun-x64: [EgisUpdate] "C:\Program Files (x86)\EgisTec IPS\EgisUpdate.exe" -d mRun-x64: [EgisTecPMMUpdate] "C:\Program Files (x86)\EgisTec IPS\PmmUpdate.exe" mRun-x64: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe mRun-x64: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe" mRun-x64: [backupManagerTray] "C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe" -h -k mRun-x64: [OOTag] C:\Program Files (x86)\Acer\OOBEOffer\OOTag.exe mRun-x64: [Microsoft Default Manager] "C:\Program Files (x86)\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" -resume mRun-x64: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe" mRun-x64: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui mRun-x64: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" mRun-x64: [babylonToolbar] "C:\Program Files (x86)\BabylonToolbar\BabylonToolbar\1.4.19.19\BabylonToolbarsrv.exe" /md I mRun-x64: [sunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mRun-x64: [tray_ico] mRun-x64: [tray_ico2] mRun-x64: [tray_ico3] mRun-x64: [tray_ico4] mRun-x64: [7764286.exe] "C:\Windows\Temp\7764286.exe" mRun-x64: [avgnt] "C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe" /min IE-X64: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files (x86)\BitComet\tools\BitCometBHO_1.4.12.6.dll/206 IE-X64: {FA9B9510-9FCB-4ca0-818C-5D0987B47C4D} - C:\Program Files (x86)\PokerStars.NET\PokerStarsUpdate.exe SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll . ============= SERVICES / DRIVERS =============== . R1 mwlPSDFilter;mwlPSDFilter;C:\Windows\system32\DRIVERS\mwlPSDFilter.sys --> C:\Windows\system32\DRIVERS\mwlPSDFilter.sys [?] R1 mwlPSDNServ;mwlPSDNServ;C:\Windows\system32\DRIVERS\mwlPSDNServ.sys --> C:\Windows\system32\DRIVERS\mwlPSDNServ.sys [?] R1 mwlPSDVDisk;mwlPSDVDisk;C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys --> C:\Windows\system32\DRIVERS\mwlPSDVDisk.sys [?] R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe [2011-7-25 135336] R2 avgntflt;avgntflt;C:\Windows\system32\DRIVERS\avgntflt.sys --> C:\Windows\system32\DRIVERS\avgntflt.sys [?] R2 DsiWMIService;Dritek WMI Service;C:\Program Files (x86)\Launch Manager\dsiwmis.exe [2010-8-27 321104] R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe [2010-11-17 868896] R2 GREGService;GREGService;C:\Program Files (x86)\Acer\Registration\GREGsvc.exe [2010-1-8 23584] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2010-8-27 13336] R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-2 2804568] R2 NTI IScheduleSvc;NTI IScheduleSvc;C:\Program Files (x86)\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [2010-6-29 255744] R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-1-9 2228008] R2 Updater Service;Updater Service;C:\Program Files\Acer\Acer Updater\UpdaterService.exe [2010-8-27 243232] R3 IntcHdmiAddService;Intel® High Definition Audio HDMI;C:\Windows\system32\drivers\IntcHdmi.sys --> C:\Windows\system32\drivers\IntcHdmi.sys [?] R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?] S2 AntiVirMailService;Avira AntiVir MailGuard;C:\Program Files (x86)\Avira\AntiVir Desktop\avmailc.exe [2011-7-25 339624] S2 AntiVirService;Avira AntiVir Guard;C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe [2011-7-25 269480] S2 AntiVirWebService;Avira AntiVir WebGuard;C:\Program Files (x86)\Avira\AntiVir Desktop\avwebgrd.exe [2011-7-25 421032] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S3 MWLService;MyWinLocker Service;C:\Program Files (x86)\EgisTec MyWinLocker\x86\MWLService.exe [2010-5-27 305520] S3 nmwcdx64;Nokia USB Phone Parent;C:\Windows\system32\drivers\ccdcmbx64.sys --> C:\Windows\system32\drivers\ccdcmbx64.sys [?] S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\Windows\system32\Drivers\RtsUStor.sys --> C:\Windows\system32\Drivers\RtsUStor.sys [?] S3 WatAdminSvc;Услуга на технологиите за активиране на Windows;C:\Windows\system32\Wat\WatAdminSvc.exe --> C:\Windows\system32\Wat\WatAdminSvc.exe [?] . =============== Created Last 30 ================ . 2011-07-25 23:15:40 -------- d-----w- C:\Users\?ЁшёЄютш\AppData\Local\Microsoft 2011-07-25 20:38:05 -------- d-----w- C:\Users\Христови\AppData\Roaming\Avira 2011-07-25 20:35:42 -------- d-----w- C:\ProgramData\Avira 2011-07-25 19:42:02 -------- d-----w- C:\Users\Христови\AppData\Roaming\Malwarebytes 2011-07-25 19:41:58 41272 ----a-w- C:\Windows\SysWow64\drivers\mbamswissarmy.sys 2011-07-25 19:41:57 -------- d-----w- C:\ProgramData\Malwarebytes 2011-07-25 19:41:54 25912 ----a-w- C:\Windows\System32\drivers\mbam.sys 2011-07-25 19:41:54 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware 2011-07-25 19:35:59 -------- d--h--w- C:\Windows\update.tray-8-0-lnk 2011-07-25 19:35:59 -------- d--h--w- C:\Windows\update.tray-8-0 2011-07-25 19:33:08 83120 ----a-w- C:\Windows\System32\drivers\avgntflt.sys 2011-07-25 19:33:02 -------- d-----w- C:\Program Files (x86)\Avira 2011-07-25 19:30:22 -------- d-----w- C:\Program Files (x86)\Common Files\Symantec Shared 2011-07-25 19:16:34 -------- d-----w- C:\Windows\System32\drivers\NSSx64\0305010.006 2011-07-25 19:16:34 -------- d-----w- C:\Windows\System32\drivers\NSSx64 2011-07-25 19:16:34 -------- d-----w- C:\Program Files (x86)\Norton Security Scan 2011-07-25 19:16:33 -------- d-----w- C:\ProgramData\Norton 2011-07-25 19:16:32 -------- d-----w- C:\ProgramData\NortonInstaller 2011-07-25 19:16:32 -------- d-----w- C:\Program Files (x86)\NortonInstaller 2011-07-25 19:04:46 -------- d-----w- C:\Windows\ufa 2011-07-25 19:04:46 -------- d-----w- C:\Windows\phoenix 2011-07-25 19:01:52 -------- d--h--w- C:\Windows\update.5.0 2011-07-25 18:59:32 -------- d--h--w- C:\Windows\update.2 2011-07-25 18:59:10 246272 ----a-w- C:\Windows\unrar.exe 2011-07-25 18:57:02 -------- d-----w- C:\Windows\av_ico 2011-07-25 18:55:12 -------- d--h--w- C:\Windows\update.1 2011-07-25 18:55:07 -------- d--h--w- C:\Windows\update.tray-7-0-lnk 2011-07-25 18:55:07 -------- d--h--w- C:\Windows\update.tray-7-0 2011-07-25 18:46:27 472808 ----a-w- C:\Windows\SysWow64\deployJava1.dll 2011-07-25 18:33:57 -------- d-----w- C:\Users\Христови\AppData\Roaming\.minecraft 2011-07-24 15:53:40 8578896 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AEEFE707-9179-4500-A31E-85478DE37E50}\mpengine.dll 2011-07-05 10:53:29 63488 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ISBEW64.exe 2011-07-05 10:53:29 274432 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iscript.dll 2011-07-05 10:53:29 184320 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iuser.dll 2011-07-05 10:53:28 753664 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iKernel.dll 2011-07-05 10:53:28 69714 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\ctor.dll 2011-07-05 10:53:28 5632 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\DotNetInstaller.exe 2011-07-05 10:53:28 200836 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\iGdi.dll 2011-07-05 10:53:27 331908 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\Professional\RunTime\11\00\Intel32\setup.dll 2011-07-05 10:48:27 65536 ----a-r- C:\Users\Христови\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut5_3293C06B003F40278380FFD79E38167D.exe 2011-07-05 10:48:27 61440 ----a-r- C:\Users\Христови\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut3_3293C06B003F40278380FFD79E38167D.exe 2011-07-05 10:48:27 61440 ----a-r- C:\Users\Христови\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut2_3293C06B003F40278380FFD79E38167D_1.exe 2011-07-05 10:48:27 57344 ----a-r- C:\Users\Христови\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\ARPPRODUCTICON.exe 2011-07-05 10:48:27 40960 ----a-r- C:\Users\Христови\AppData\Roaming\Microsoft\Installer\{3293C06B-003F-4027-8380-FFD79E38167D}\NewShortcut1_3293C06B003F40278380FFD79E38167D.exe 2011-07-05 10:39:12 -------- d-----w- C:\Program Files (x86)\Aspyr Media, Inc 2011-06-29 19:35:04 -------- d-----w- C:\League of legends america . ==================== Find3M ==================== . 2011-06-18 18:09:27 404640 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2011-06-11 02:56:44 3134464 ----a-w- C:\Windows\System32\win32k.sys 2011-06-02 06:45:22 362496 ----a-w- C:\Windows\System32\wow64win.dll 2011-06-02 06:45:22 243200 ----a-w- C:\Windows\System32\wow64.dll 2011-06-02 06:45:22 13312 ----a-w- C:\Windows\System32\wow64cpu.dll 2011-06-02 06:44:54 214528 ----a-w- C:\Windows\System32\winsrv.dll 2011-06-02 06:42:37 16384 ----a-w- C:\Windows\System32\ntvdm64.dll 2011-06-02 06:39:54 422400 ----a-w- C:\Windows\System32\KernelBase.dll 2011-06-02 06:35:56 338944 ----a-w- C:\Windows\System32\conhost.exe 2011-06-02 05:59:44 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll 2011-06-02 05:56:28 44032 ----a-w- C:\Windows\apppatch\acwow64.dll 2011-06-02 05:56:06 25600 ----a-w- C:\Windows\SysWow64\setup16.exe 2011-06-02 05:54:51 5120 ----a-w- C:\Windows\SysWow64\wow32.dll 2011-06-02 05:54:50 272384 ----a-w- C:\Windows\SysWow64\KernelBase.dll 2011-06-02 03:51:00 7680 ----a-w- C:\Windows\SysWow64\instnm.exe 2011-06-02 03:50:59 2048 ----a-w- C:\Windows\SysWow64\user.exe 2011-06-02 03:45:49 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll 2011-06-02 03:45:49 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-02 03:45:49 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll 2011-06-02 03:45:49 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll 2011-05-28 03:25:16 1638912 ----a-w- C:\Windows\System32\mshtml.tlb 2011-05-28 03:00:02 1638912 ----a-w- C:\Windows\SysWow64\mshtml.tlb 2011-05-24 16:14:10 270720 ------w- C:\Windows\System32\MpSigStub.exe 2011-05-24 11:21:59 404992 ----a-w- C:\Windows\System32\umpnpmgr.dll 2011-05-24 10:34:20 64512 ----a-w- C:\Windows\SysWow64\devobj.dll 2011-05-24 10:34:20 44544 ----a-w- C:\Windows\SysWow64\devrtl.dll 2011-05-24 10:34:00 145920 ----a-w- C:\Windows\SysWow64\cfgmgr32.dll 2011-05-24 10:32:46 252928 ----a-w- C:\Windows\SysWow64\drvinst.exe 2011-05-10 12:10:59 40112 ----a-w- C:\Windows\avastSS.scr 2011-05-10 12:04:08 600920 ----a-w- C:\Windows\System32\drivers\aswSnx.sys 2011-05-10 11:59:48 64344 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys 2011-05-04 05:30:38 2326016 ----a-w- C:\Windows\System32\tquery.dll 2011-05-04 05:28:07 779264 ----a-w- C:\Windows\System32\mssvp.dll 2011-05-04 05:28:07 2228224 ----a-w- C:\Windows\System32\mssrch.dll 2011-05-04 05:28:06 75264 ----a-w- C:\Windows\System32\msscntrs.dll 2011-05-04 05:28:06 491520 ----a-w- C:\Windows\System32\mssph.dll 2011-05-04 05:28:06 288256 ----a-w- C:\Windows\System32\mssphtb.dll 2011-05-04 05:24:09 593408 ----a-w- C:\Windows\System32\SearchIndexer.exe 2011-05-04 05:24:09 249856 ----a-w- C:\Windows\System32\SearchProtocolHost.exe 2011-05-04 05:24:09 113664 ----a-w- C:\Windows\System32\SearchFilterHost.exe 2011-05-04 04:53:10 1553920 ----a-w- C:\Windows\SysWow64\tquery.dll 2011-05-04 04:52:59 666624 ----a-w- C:\Windows\SysWow64\mssvp.dll 2011-05-04 04:52:59 59392 ----a-w- C:\Windows\SysWow64\msscntrs.dll 2011-05-04 04:52:59 337408 ----a-w- C:\Windows\SysWow64\mssph.dll 2011-05-04 04:52:59 197120 ----a-w- C:\Windows\SysWow64\mssphtb.dll 2011-05-04 04:52:59 1401856 ----a-w- C:\Windows\SysWow64\mssrch.dll 2011-05-04 04:52:12 86528 ----a-w- C:\Windows\SysWow64\SearchFilterHost.exe 2011-05-04 04:52:12 428032 ----a-w- C:\Windows\SysWow64\SearchIndexer.exe 2011-05-04 04:52:12 164352 ----a-w- C:\Windows\SysWow64\SearchProtocolHost.exe 2011-05-04 02:51:08 287744 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys 2011-05-04 02:51:08 157696 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys 2011-05-04 02:51:05 126464 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys 2011-05-03 05:21:22 976896 ----a-w- C:\Windows\System32\inetcomm.dll 2011-05-03 04:50:29 740864 ----a-w- C:\Windows\SysWow64\inetcomm.dll 2011-04-29 03:13:10 461312 ----a-w- C:\Windows\System32\drivers\srv.sys 2011-04-29 03:12:54 399872 ----a-w- C:\Windows\System32\drivers\srv2.sys 2011-04-29 03:12:37 161792 ----a-w- C:\Windows\System32\drivers\srvnet.sys 2011-04-27 02:57:40 102400 ----a-w- C:\Windows\System32\drivers\dfsc.sys . ============= FINISH: 2:16:29,72 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-23.01) . Microsoft Windows 7 Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 9.12.2010 г. 19:04:57 System Uptime: 25.7.2011 г. 23:36:43 (3 hours ago) . Motherboard: Acer | | JE51_MV Processor: Pentium® Dual-Core CPU T4500 @ 2.30GHz | uPGA-478 | 2300/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 285 GiB total, 173,515 GiB free. D: is CDROM () E: is CDROM () F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP125: 12.7.2011 г. 13:29:05 - Windows Update RP126: 15.7.2011 г. 10:06:39 - Windows Update RP127: 18.7.2011 г. 10:19:46 - Windows Update RP128: 20.7.2011 г. 14:06:19 - Windows Update RP129: 24.7.2011 г. 18:52:42 - Windows Update RP130: 25.7.2011 г. 21:42:10 - Installed Java SE Development Kit 6 Update 26 RP131: 25.7.2011 г. 21:45:16 - Installed Java 6 Update 26 . ==== Installed Programs ====================== . Update for Microsoft Office 2007 (KB2508958) Acer Backup Manager Acer Crystal Eye webcam Ver:1.1.188.706 Acer ePower Management Acer eRecovery Management Acer GameZone Console Acer Registration Acer ScreenSaver Acer Updater Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.1 MUI Adobe Shockwave Player 11.5 Advertising Center Airport Mania First Flight Amazonia Avira AntiVir Premium Babylon toolbar Backup Manager Basic Bing Bar Bing Bar Platform Bing Rewards Client Installer BitComet 1.25 Cake Mania Cheat Engine 6.0 Compatibility Pack for the 2007 Office system CyberLink PowerDVD 9 Dave Mirra Freestyle BMX DolbyFiles Dream Day First Home eSobi v2 FoxTab Video Converter Galapago GamePlayLabs Plugin GameRanger GOM Player Google Chrome Heroes of Hellas Identity Card Intel® Rapid Storage Technology Java Auto Updater Java 6 Update 26 Java SE Development Kit 6 Update 26 Launch Manager League of Legends Malwarebytes' Anti-Malware, версия 1.51.1.1800 Merriam Websters Spell Jam Microsoft Default Manager Microsoft Office 2003 Resource Kit Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Ultimate 2007 Microsoft Office Word MUI (English) 2007 Microsoft Search Enhancement Pack Microsoft Silverlight Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Monopoly Classic MyWinLocker MyWinLocker Suite Nero ControlCenter Nero Installer Norton Online Backup Norton Security Scan NTI Media Maker 9 NVIDIA PhysX Pando Media Booster Poker Pop PokerStars.net Rainmeter Realtek High Definition Audio Driver Realtek USB 2.0 Card Reader Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2509488) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft Office 2007 System (KB2541012) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2541007) Security Update for Microsoft Office Groove 2007 (KB2494047) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2535818) Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Shredder Skype™ 5.3 System Requirements Lab CYRI System Requirements Lab for Intel TeamViewer 6 The Godfather™ II Tony Hawk's American Wasteland Tony Hawk's American Wasteland 1.01 Patch Update for 2007 Microsoft Office System (KB2284654) Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 4 Client Profile (KB2473228) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 (KB2509470) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (KB2553975) Welcome Center Winamp Winamp Detector Plug-in Winamp Toolbar WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 25.7.2011 г. 23:37:23, Error: Service Control Manager [7001] - Услуга Avira AntiVir WebGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Операцията завърши успешно. 25.7.2011 г. 23:37:23, Error: Service Control Manager [7001] - Услуга Avira AntiVir MailGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Операцията завърши успешно. 25.7.2011 г. 23:36:07, Error: Service Control Manager [7006] - Обръщението към ScRegSetValueExW е неуспешно заради Start със следната грешка: Достъпът е отказан. 25.7.2011 г. 23:36:07, Error: Service Control Manager [7006] - Обръщението към ScRegSetValueExW е неуспешно заради Start със следната грешка: Достъпът е отказан. 25.7.2011 г. 23:36:07, Error: Service Control Manager [7006] - Обръщението към ScRegSetValueExW е неуспешно заради Start със следната грешка: Достъпът е отказан. 25.7.2011 г. 23:32:18, Error: Service Control Manager [7001] - Услуга Avira AntiVir MailGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 23:32:11, Error: Service Control Manager [7001] - Услуга Avira AntiVir WebGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 23:32:11, Error: Service Control Manager [7000] - Услуга Avira AntiVir Guard не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 23:32:05, Error: Service Control Manager [7000] - Услуга Avira AntiVir Scheduler не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 23:30:34, Error: Service Control Manager [7034] - Услуга srviecheck беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 25.7.2011 г. 23:30:34, Error: Service Control Manager [7034] - Услуга srvbtcclient беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 25.7.2011 г. 23:30:33, Error: Service Control Manager [7034] - Услуга wxpdrivers беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 25.7.2011 г. 23:30:33, Error: Service Control Manager [7034] - Услуга srvsysdriver32 беше прекъсната неочаквано. Това се е случвало с нея 1 път(и). 25.7.2011 г. 22:37:19, Error: Service Control Manager [7001] - Услуга Avira AntiVir MailGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 22:37:08, Error: Service Control Manager [7001] - Услуга Avira AntiVir WebGuard зависи от услуга Avira AntiVir Guard, която не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 22:37:08, Error: Service Control Manager [7000] - Услуга Avira AntiVir Guard не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 22:36:58, Error: Service Control Manager [7000] - Услуга Avira AntiVir Scheduler не може да бъде стартирана поради следната грешка: Системата не може да намери указания файл. 25.7.2011 г. 22:36:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:48, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 25.7.2011 г. 22:35:47, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 25.7.2011 г. 22:35:45, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:45, Error: Service Control Manager [7001] - Услуга Network List Service зависи от услуга Network Location Awareness, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 25.7.2011 г. 22:35:45, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 25.7.2011 г. 22:35:44, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 25.7.2011 г. 22:35:38, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: AFD avipbb DfsC discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf ws2ifsl 25.7.2011 г. 22:35:38, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга Workstation зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга SMB MiniRedirector Wrapper and Engine зависи от услуга Redirected Buffering Sub Sysytem, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга SMB 2.0 MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга SMB 1.x MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга Network Location Awareness зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:31, Error: Service Control Manager [7001] - Услуга IP Helper зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 22:35:30, Error: Service Control Manager [7001] - Услуга TCP/IP NetBIOS Helper зависи от услуга Ancillary Function Driver for Winsock, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 22:35:30, Error: Service Control Manager [7001] - Услуга Network Store Interface Service зависи от услуга NSI proxy service driver., която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 22:35:30, Error: Service Control Manager [7001] - Услуга DNS Client зависи от услуга Драйвер за поддържане на TDI при NetIO онаследяване, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 22:35:30, Error: Service Control Manager [7001] - Услуга DHCP Client зависи от услуга Ancillary Function Driver for Winsock, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 22:35:16, Error: sptd [4] - Driver detected an internal error in its data structures for . 25.7.2011 г. 22:33:52, Error: Service Control Manager [7006] - Обръщението към ScRegSetValueExW е неуспешно заради Start със следната грешка: Достъпът е отказан. 25.7.2011 г. 21:55:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 25.7.2011 г. 21:54:55, Error: Service Control Manager [7026] - Неуспешно зареждане на следния драйвер, който се активира с включване на компютъра или стартиране на системата: AFD aswRdr aswSnx aswSP aswTdi DfsC discache mwlPSDFilter mwlPSDNServ mwlPSDVDisk NetBIOS NetBT nsiproxy Psched rdbss spldr sptd tdx vwififlt Wanarpv6 WfpLwf 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга Workstation зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга TCP/IP NetBIOS Helper зависи от услуга Ancillary Function Driver for Winsock, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга SMB MiniRedirector Wrapper and Engine зависи от услуга Redirected Buffering Sub Sysytem, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга SMB 2.0 MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга SMB 1.x MiniRedirector зависи от услуга SMB MiniRedirector Wrapper and Engine, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга Network Store Interface Service зависи от услуга NSI proxy service driver., която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга Network Location Awareness зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга IP Helper зависи от услуга Network Store Interface Service, която не може да бъде стартирана поради следната грешка: Подчинената услуга или група не успя да стартира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга DNS Client зависи от услуга Драйвер за поддържане на TDI при NetIO онаследяване, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 21:54:53, Error: Service Control Manager [7001] - Услуга DHCP Client зависи от услуга Ancillary Function Driver for Winsock, която не може да бъде стартирана поради следната грешка: Свързано към системата устройство не функционира. 25.7.2011 г. 21:54:23, Error: sptd [4] - Driver detected an internal error in its data structures for . 25.7.2011 г. 03:03:58, Error: Service Control Manager [7011] - Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга TeamViewer6. 20.7.2011 г. 18:49:59, Error: NetBT [4319] - A duplicate name has been detected on the TCP network. The IP address of the computer that sent the message is in the data. Use nbtstat -n in a command window to see which name is in the Conflict state. 20.7.2011 г. 16:30:22, Error: Service Control Manager [7011] - Изтекъл период на изчакване (30000 милисекунди) при изчакване на отговор за транзакция от услуга WinDefend. 20.7.2011 г. 00:09:48, Error: NetBT [4321] - The name "WORKGROUP :1d" could not be registered on the interface with IP address 192.168.3.224. The computer with the IP address 192.168.3.196 did not allow the name to be claimed by this computer. 19.7.2011 г. 19:53:55, Error: bowser [8003] - The master browser has received a server announcement from the computer ACAS¦-PC that believes that it is the master browser for the domain on transport NetBT_Tcpip_{2B85E303-05C1-4448-A6ED-92591D551DC4}. The master browser is stopping or an election is being forced. . ==== End Of File ===========================

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Изтеглете OTL.exe и го запазете на десктопа.

    • Стартирайте OTL (ако е необходимо, потвърдете през UAC).
    • Направете следните настройки:
    • Сложете отметка пред Scan All Users Публикувано изображение
    • Под менюто File Age => изберете 90 days
    • Под менюто Standard Registry => променете на ALL
    • Сложете отметки пред LOP и Purity Check

    Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

    netsvcs
    msconfig
    drivers32 /all
    %SYSTEMDRIVE%\*.*
    %PROGRAMFILES%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %PROGRAMFILES%\Internet Explorer\*.tmp
    %PROGRAMFILES%\Internet Explorer\*.dat
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    /md5start
    atapi.sys
    iaStor.sys
    explorer.exe
    svchost.exe
    userinit.exe
    hlp.dat
    winlogon.exe
    wininit.exe
    volsnap.sys
    /md5stop
    • Натиснете маркираният в синьо бутон: Run Scan.
    • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :otl
    O2:64bit: - BHO: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - File not found
    O2 - BHO: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
    O3:64bit: - HKLM\..\Toolbar: (avast! WebRep) - {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - File not found
    O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKLM\..\Toolbar: (avast! WebRep) - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - File not found
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [7764286.exe] C:\Windows\Temp\7764286.exe ()
    O4 - HKLM..\Run: [avast] File not found
    O4 - HKLM..\Run: [tray_ico] File not found
    O4 - HKLM..\Run: [tray_ico2] File not found
    O4 - HKLM..\Run: [tray_ico3] File not found
    O4 - HKLM..\Run: [tray_ico4] File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    O33 - MountPoints2\{b0f49742-047f-11e0-b963-1c7508337675}\Shell - "" = AutoRun
    O33 - MountPoints2\{b0f49742-047f-11e0-b963-1c7508337675}\Shell\AutoRun\command - "" = E:\Launch.exe
    O33 - MountPoints2\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\Shell - "" = AutoRun
    O33 - MountPoints2\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\Shell\AutoRun\command - "" = G:\RunGame.exe
    [2011/07/25 22:35:59 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0-lnk
    [2011/07/25 22:35:59 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-8-0
    [2011/07/25 22:04:46 | 000,000,000 | ---D | C] -- C:\Windows\ufa
    [2011/07/25 22:04:46 | 000,000,000 | ---D | C] -- C:\Windows\phoenix
    [2011/07/25 22:01:52 | 000,000,000 | -H-D | C] -- C:\Windows\update.5.0
    [2011/07/25 21:59:32 | 000,000,000 | -H-D | C] -- C:\Windows\update.2
    [2011/07/25 21:57:02 | 000,000,000 | ---D | C] -- C:\Windows\av_ico
    [2011/07/25 21:55:12 | 000,000,000 | -H-D | C] -- C:\Windows\update.1
    [2011/07/25 21:55:07 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0-lnk
    [2011/07/25 21:55:07 | 000,000,000 | -H-D | C] -- C:\Windows\update.tray-7-0
    [2011/07/25 23:09:54 | 000,000,180 | ---- | M] () -- C:\Windows\info1
    [2011/07/25 22:37:33 | 000,203,160 | -H-- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
    [2011/07/25 22:37:33 | 000,000,734 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hоsts
    [2011/07/25 22:04:45 | 005,589,370 | ---- | M] () -- C:\Windows\phoenix.rar
    [2011/07/25 22:04:45 | 001,075,284 | ---- | M] () -- C:\Windows\rpcminer.rar
    [2011/07/25 22:04:45 | 000,246,272 | ---- | M] () -- C:\Windows\unrar.exe
    [2011/07/25 22:04:45 | 000,182,617 | ---- | M] () -- C:\Windows\ufa.rar
    [2011/07/25 21:59:09 | 000,904,792 | ---- | M] () -- C:\Windows\geoiplist.rar
    [2011/07/25 21:58:26 | 000,000,000 | ---- | M] () -- C:\Windows\loader2.exe_ok
    @Alternate Data Stream - 143 bytes -> C:\ProgramData\Temp:CDFF58FE
    @Alternate Data Stream - 135 bytes -> C:\ProgramData\Temp:E36F5B57
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:1A60DE96
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\Temp:E3C56885
    :files
    recycler /alldrives
    ipconfig /flushdns /c
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallOverride" = 0
    "DisableThumbnailCache" = 0
    :commands
    [purity]
    [resethosts]
    [emptytemp]
    [emptyflash]
    [clearallrestorepoints]
    [Reboot]
    
    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    All processes killed

    ========== OTL ==========

    64bit-Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.

    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ deleted successfully.

    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5} deleted successfully.

    64bit-Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{318A227B-5E9F-45bd-8999-7F8F10CA4CF5}\ not found.

    64bit-Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}\ not found.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\Locked deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7764286.exe deleted successfully.

    C:\Windows\Temp\7764286.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.

    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0f49742-047f-11e0-b963-1c7508337675}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0f49742-047f-11e0-b963-1c7508337675}\ not found.

    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{b0f49742-047f-11e0-b963-1c7508337675}\ not found.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{b0f49742-047f-11e0-b963-1c7508337675}\ not found.

    File E:\Launch.exe not found.

    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\ not found.

    Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\ not found.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{bdb4cb2c-05f9-11e0-a6d5-1c7508337675}\ not found.

    File G:\RunGame.exe not found.

    C:\Windows\update.tray-8-0-lnk folder moved successfully.

    C:\Windows\update.tray-8-0 folder moved successfully.

    C:\Windows\ufa folder moved successfully.

    C:\Windows\phoenix\kernels\poclbm folder moved successfully.

    C:\Windows\phoenix\kernels\phatk folder moved successfully.

    C:\Windows\phoenix\kernels folder moved successfully.

    C:\Windows\phoenix folder moved successfully.

    C:\Windows\update.5.0 folder moved successfully.

    C:\Windows\update.2 folder moved successfully.

    C:\Windows\av_ico folder moved successfully.

    C:\Windows\update.1 folder moved successfully.

    C:\Windows\update.tray-7-0-lnk folder moved successfully.

    C:\Windows\update.tray-7-0 folder moved successfully.

    C:\Windows\info1 moved successfully.

    C:\Windows\SysNative\drivers\etc\hosts moved successfully.

    C:\Windows\SysNative\drivers\etc\hоsts moved successfully.

    C:\Windows\phoenix.rar moved successfully.

    C:\Windows\rpcminer.rar moved successfully.

    C:\Windows\unrar.exe moved successfully.

    C:\Windows\ufa.rar moved successfully.

    C:\Windows\geoiplist.rar moved successfully.

    C:\Windows\loader2.exe_ok moved successfully.

    ADS C:\ProgramData\Temp:CDFF58FE deleted successfully.

    ADS C:\ProgramData\Temp:E36F5B57 deleted successfully.

    ADS C:\ProgramData\Temp:1A60DE96 deleted successfully.

    ADS C:\ProgramData\Temp:E3C56885 deleted successfully.

    ========== FILES ==========

    recycler not found in C:\

    < ipconfig /flushdns /c >

    No captured output from command...

    C:\Users\Христови\Desktop\cmd.bat deleted successfully.

    ========== REGISTRY ==========

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"FirewallOverride" | 0 /E : value set successfully!

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\\"DisableThumbnailCache" | 0 /E : value set successfully!

    ========== COMMANDS ==========

    HOSTS file reset successfully

    [EMPTYTEMP]

    User: All Users

    User: Default

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 0 bytes

    User: Public

    User: Христови

    ->Temp folder emptied: 2091268995 bytes

    ->Temporary Internet Files folder emptied: 519695196 bytes

    ->Java cache emptied: 0 bytes

    ->Google Chrome cache emptied: 342596637 bytes

    ->Flash cache emptied: 3186418 bytes

    User: ╒ЁшёЄютш

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 0 bytes

    %systemroot%\System32 .tmp files removed: 0 bytes

    %systemroot%\System32 (64bit) .tmp files removed: 0 bytes

    %systemroot%\System32\drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 71588125 bytes

    %systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 69108 bytes

    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2,888.00 mb

    [EMPTYFLASH]

    User: All Users

    User: Default

    User: Default User

    User: Public

    User: Христови

    ->Flash cache emptied: 0 bytes

    User: ╒ЁшёЄютш

    Total Flash Files Cleaned = 0.00 mb

    Restore point Set: OTL Restore Point

    OTL by OldTimer - Version 3.2.26.1 log created on 07262011_150538

    Files\Folders moved on Reboot...

    C:\Users\Христови\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

    File move failed. C:\Windows\temp\dsiwmis.log scheduled to be moved on reboot.

    Registry entries deleted on Reboot...

    Изглежда проблемът е отстранен (вече и фейсбук работи) ,но това Вие ще кажете.Ако наистина вече всичко е наред съм Ви много благодарен!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Следва:

    • Обновете Malwarebytes' Anti-Malware. Стартирайте програмата и изберете Perform Quick Scan, след това кликнете на Scan.
    • Сканирането ще отнеме малко време, затова моля бъдете търпеливи.
    • Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
    • Уверете се, че на всички редове има отметки, и кликнете Remove Selected.
    • Когато всичко бъде премахнато, логът ще бъде отворен в Notepad. Копирайте лога и го публикувайте в следващия си коментар в темата.
    Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

    След това проверете дали работи антивирусната програма (Avira). Ако не е активна, преинсталирайте я отново. Имате някакви остатъци от avast, но за това по-късно.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Malwarebytes' Anti-Malware 1.51.1.1800 www.malwarebytes.org Версия на базата от данни: 7281 Windows 6.1.7600 Internet Explorer 8.0.7600.16385 26.7.2011 г. 15:31:18 mbam-log-2011-07-26 (15-31-18).txt Тип сканиране: Бързо сканиране Сканирани обекти: 170344 Изминало време: 3 минута(и), 27 секунда(и) Заразени процеси в паметта: 0 Заразени модули в паметта: 0 Заразени ключове в регистратурата: 2 Заразени стойности в регистратурата: 0 Заразени информационни обекти в регистратурата: 0 Заразени папки: 0 Заразени файлове: 0 Заразени процеси в паметта: (Не бяха открити зловредни обекти) Заразени модули в паметта: (Не бяха открити зловредни обекти) Заразени ключове в регистратурата: HKEY_LOCAL_MACHINE\SOFTWARE\sysdriver32.exe (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\systeminfog (Trojan.Agent) -> Quarantined and deleted successfully. Заразени стойности в регистратурата: (Не бяха открити зловредни обекти) Заразени информационни обекти в регистратурата: (Не бяха открити зловредни обекти) Заразени папки: (Не бяха открити зловредни обекти) Заразени файлове: (Не бяха открити зловредни обекти) Антивирусната авира не работи,но това е защото няма лиценз,а е свалена от замунда. Инсталацията изтрих наскоро,но ако е необходимо бих могъл да сваля друга.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Следва:

    Стартирайте OTL още веднъж и натиснете бутона CleanUp.

    Публикувано изображение

    При дeинсталацията на OTL ще бъдат почистени инструменти и файлове, които използвахме в темата. Ще последва рестарт на Windows. Може да изтриете останалите програми и логове, които използвахме в темата.

    Деинсталирайте avira от контролния панел -> Programs -> Uninstall a program -> маркирайте avira -> uninstall.

    След като деинсталирате avira, изтеглете и инсталирайте avast free -> линк: тук.

    После пуснете проверка с avast и пишете дали има открити зарази.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Сега забелязах също,че при опит за like или нещо друго във фейсбук ме препраща към 1 и същи адрес (http://www.facebook.com/ajax/ufi/modify.php ) и не отваря нищо.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    След като изпълните инструкциите от коментар 10 ще видим какво може да се направи с FaceBook. В момента FaceBook ни е най-малката грижа...

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    След дълга цялостна проверка бяха открити 3 заплахи,които аз изтрих.Ето и снимка на това което видях в аваст:

    post-305482-0-92675500-1311690050_thumb.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Сега забелязах също,че при опит за like или нещо друго във фейсбук ме препраща към 1 и същи адрес (http://www.facebook..../ufi/modify.php ) и не отваря нищо.

    Пробвайте следното: How to fix

    Освен това има ли някакви други проблеми с Windows?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Извинете за забавянето!Други проблеми за сега не съм забелязал.Благодаря ви много за помощта и търпението!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Много добре. Не разбрах дали изтриването на кеша на браузърите и на бисквитките (cookies) е решило проблема с FaceBook.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    В такъв случай маркирам проблема като решен. Приятна вечер и успех!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    • Горещи теми в момента

    • Подобни теми

      • от Симеон Йорданов
        Преди 5 дни както изведнъж бях в фейсбук той ме изхвърли.Поиска ми някаква снимка за удостоверение,че съм аз.Пратих им.На следващия ден опитах да влезна,но не стана изписа ми ето това вече 5 ден.ПОМОЩ!!!

      • от juveplu
        Здравейте , тези дни получих e-mail  в АБВ  от непознат със съдържащ файл за сваляне . Не съм чакал от никого файл и не го отворих , а направо го изтрих .
        Да но от тогава изтривам всички писма от кошчето а като погледнеш към надписа КОШЧЕ  винаги стои цифрата 1 . Ето така    Кошче 1 . Все едно има нещо . И това няма триене . Все пак си мисля че има нещо вкарано вътре . 
        Как мога да почистя това за да стане както преди ? 
      • от СТАМАТ
        https://stamat2015.blogspot.bg/ https://docs.google.com/document/d/1y... Най-после на Български език Първата Автентична Авторска книга за Плоската Земя: "Истината за Плоската Земя и Освобождението на Човечеството, или Зететичните изследвания на СТАМАТ" !!! Следовници на Истината и Търсачи на Трансцендента, сваляйте на PDF, разпечатвайте и разпространявайте!!! http://stamat2015.blog.bg/ http://sthamanuviro.blog.bg/ Нека никой не се заблуждава, че не е непрекъснато следен, използвайки Фейсбук! Това малко клипче отпреди 10 години показва връзките на Фейсбук с ЦРУ! През последните няколко десетилетия, чрез медийно пропагандиране и посредством масовото навлизане на информационните технологии, бе създадена една нова социална прослойка, на която Илюминатския елит възлага изключителни надежди да стане гръбнака на Трансхуманизма – въображаемото технологично осъществяване на новия вид „еволюирал” човек. "Информация, пропаганда и когнитивен дисонанс – Светът на Оруел и Бърнейз - СТАМАТ" - https://docs.google.com/document/d/10... Тъй като пренебрежението, присмеха, подигравките, обидните забележки, оскърбленията, ругатните и голословното невежо празнодумство не са от полза за разпространяването на Истината за Плоската Земя и не облагодетелстват израстването на Духа у Човека, на 28-ми Октомври 2016 година забраних коментариите на публикуваните от мен в Ю Тюб видеоматериали. Коментариите до тази дата публикувам в моя блог: http://stamat2015.blog.bg/ и в моя Google+ акаунт.
      • от unrealizable
        Здравейте,и двата шифта не работят както трябва.Работят с някои клавиши,но като цъкам тези клавиши и другите се оправят.Въпроса ми е да не би да е вирус,защото теглих autodata и след това мисля,че се получи проблема,а TS360 ми изпищя,че има троянец във торента,разбира се предполагах от краковете.Също и фпс-то на цс-а падна на 70-80 от 160-200.Прикачвам лог от FRST.
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-10-2017
        Ran by bobby (administrator) on BOBY (02-10-2017 13:00:48)
        Running from C:\Users\bobby\Downloads
        Loaded Profiles: bobby (Available Profiles: bobby)
        Platform: Windows 8.1 (Update) (X64) Language: English (United States)
        Internet Explorer Version 11 (Default browser: Chrome)
        Boot Mode: Normal
        Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
        ==================== Processes (Whitelisted) =================
        (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
        (Microsoft Corporation) C:\Windows\System32\wlanext.exe
        (Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
        (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
        (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
        (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
        (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
        (@ByELDI) D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe
        (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
        (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
        (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
        (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
        (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\System32\cmd.exe
        (Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        ==================== Registry (Whitelisted) ===========================
        (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
        HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-10-13] (Conexant Systems, Inc.)
        HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
        HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
        HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-09-27] (Valve Corporation)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {0380623e-8e5a-11e7-8251-28c2dd571342} - "G:\Inst.exe" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {038063b1-8e5a-11e7-8251-28c2dd571342} - "H:\SETUP.EXE" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {23735b35-8e79-11e7-8253-28c2dd571342} - "I:\SETUP.EXE" 
        GroupPolicy: Restriction <==== ATTENTION
        ==================== Internet (Whitelisted) ====================
        (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
        Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
        Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9683ECB9-59D8-4E91-BF28-375C96FC72EE}: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9ADF9BFB-322E-4398-8E1F-99E9E89E7B3E}: [DhcpNameServer] 192.168.31.1
        Internet Explorer:
        ==================
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
        BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
        BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        FireFox:
        ========
        FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
        FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        Chrome: 
        =======
        CHR HomePage: Default -> hxxp://www.google.bg/
        CHR StartupUrls: Default -> "hxxps://www.google.bg/"
        CHR Profile: C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default [2017-10-02]
        CHR Extension: (Easy Auto Refresh) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2017-09-26]
        CHR Extension: (Steam Community SteamRep Integration) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaclmldkenecanphogeaacolljiphmnk [2017-08-31]
        CHR Extension: (Google Презентации) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-31]
        CHR Extension: (Google Документи) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-31]
        CHR Extension: (Google Диск) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-31]
        CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2017-08-31]
        CHR Extension: (YouTube) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-31]
        CHR Extension: (Steam Inventory Helper) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-10-02]
        CHR Extension: (Lounge Assistant) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2017-08-31]
        CHR Extension: (uBlock) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2017-08-31]
        CHR Extension: (Електронни таблици от Google) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-31]
        CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-31]
        CHR Extension: (LoungeDestroyer) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-08-31]
        CHR Extension: (Google Документи офлайн) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-31]
        CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-09-15]
        CHR Extension: (360 Internet Protection) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-31]
        CHR Extension: (Invite All Friends on Facebook) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2017-09-27]
        CHR Extension: (CS:GO Lounge Bump Bot) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfkidfnhjcjjamcbdepeohblphlamgk [2017-08-31]
        CHR Extension: (Floating for YouTube™) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2017-08-31]
        CHR Extension: (Message/Chat Downloader) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2017-08-31]
        CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
        CHR Extension: (NeoBux AdAlert) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaepeijninfcgjdnighjnlgdkkgpnaen [2017-09-30]
        CHR Extension: (Gmail) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-31]
        CHR Extension: (Chrome Media Router) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
        CHR Extension: (Abstract Blue) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2017-08-31]
        ==================== Services (Whitelisted) ====================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2017-09-28] (Autodata Limited) [File not signed]
        S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)
        S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-09-15] (EasyAntiCheat Ltd)
        S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
        R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
        S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
        R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
        R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
        R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
        R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        R2 Service KMSELDI; D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [File not signed]
        R3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)
        S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
        S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
        ===================== Drivers (Whitelisted) ======================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [175040 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-08-29] (360.cn)
        R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2017-08-29] (360.cn)
        R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [423360 2017-08-29] (360.cn)
        R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-12-31] (ASUS Corporation)
        R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [190400 2017-08-29] (360.cn)
        R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-08-31] (Disc Soft Ltd)
        R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-08-31] (Disc Soft Ltd)
        R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation)
        R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
        S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
        R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
        R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
        R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation)
        R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
        S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
        S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
        S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
        ==================== NetSvcs (Whitelisted) ===================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        ==================== One Month Created files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:00 - 2017-10-02 13:01 - 000019333 _____ C:\Users\bobby\Downloads\FRST.txt
        2017-10-02 13:00 - 2017-10-02 13:00 - 000000000 ____D C:\FRST
        2017-10-02 12:59 - 2017-10-02 12:59 - 002399744 _____ (Farbar) C:\Users\bobby\Downloads\FRST64.exe
        2017-09-30 13:11 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
        2017-09-30 11:40 - 2017-09-30 11:40 - 001790024 _____ (Malwarebytes) C:\Users\bobby\Downloads\Непотвърдено 889483.crdownload
        2017-09-30 11:39 - 2017-09-30 11:41 - 000000000 ____D C:\AdwCleaner
        2017-09-30 11:39 - 2017-09-30 11:39 - 008250832 _____ (Malwarebytes) C:\Users\bobby\Downloads\adwcleaner_7.0.3.1.exe
        2017-09-30 11:26 - 2017-09-30 11:26 - 000000000 ____D C:\ProgramData\Malwarebytes
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\ProgramData\MB2Migration
        2017-09-30 11:24 - 2017-09-30 11:24 - 000011576 _____ C:\Users\bobby\Downloads\Malwarebytes Anti-Malware Premium v3.2.2.2029 RePack.torrent
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000600 _____ C:\Users\Public\Desktop\Autodata CDA-3.lnk
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodata
        2017-09-28 17:59 - 2017-09-28 18:00 - 000000000 ____D C:\ADCDA2
        2017-09-28 17:59 - 2017-09-28 17:59 - 000000000 ____D C:\ADCDTEMP
        2017-09-28 15:04 - 2017-09-28 18:00 - 000000000 ____D C:\Users\bobby\Documents\Autodata
        2017-09-28 15:04 - 2017-09-28 15:04 - 000003022 _____ C:\Windows\System32\Tasks\{F057C150-4601-40D5-93CB-FB66F88AA4FC}
        2017-09-28 14:59 - 2017-09-28 14:59 - 000018978 _____ C:\Users\bobby\Downloads\Autodata_3.18.iso.torrent
        2017-09-28 14:54 - 2017-09-28 14:54 - 000014138 _____ C:\Users\bobby\Downloads\AD3.38EN.torrent
        2017-09-27 20:01 - 2017-09-27 20:01 - 000017910 _____ C:\Users\bobby\Downloads\AutoData CDA 3.45.torrent
        2017-09-23 21:06 - 2017-09-23 21:06 - 082471739 _____ C:\Users\bobby\Downloads\facebook-bobito981.zip
        2017-09-18 17:58 - 2017-09-18 17:58 - 000001402 _____ C:\Users\bobby\Desktop\aida64 - Shortcut.lnk
        2017-09-18 17:57 - 2017-09-18 17:57 - 000000000 ____D C:\Program Files (x86)\AIDA64
        2017-09-18 17:12 - 2017-09-18 17:12 - 000007908 _____ C:\Users\bobby\Downloads\AIDA64-5.75.3900.torrent
        2017-09-15 22:08 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\EasyAntiCheat
        2017-09-15 22:06 - 2017-09-15 22:07 - 000000000 ____D C:\Users\bobby\AppData\Local\HirezLauncherUI
        2017-09-15 22:05 - 2017-10-02 12:28 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
        2017-09-15 22:05 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
        2017-09-15 21:33 - 2017-09-15 21:33 - 000000222 _____ C:\Users\bobby\Desktop\Paladins.url
        2017-09-15 19:28 - 2017-09-15 19:28 - 000000222 _____ C:\Users\bobby\Desktop\PlanetSide 2.url
        2017-09-14 22:08 - 2017-09-14 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Shooter
        2017-09-14 22:06 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\Documents\My Games
        2017-09-14 21:59 - 2017-09-15 21:33 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
        2017-09-14 20:32 - 2017-09-14 20:32 - 000000222 _____ C:\Users\bobby\Desktop\Dirty Bomb.url
        2017-09-13 11:06 - 2017-08-19 20:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
        2017-09-13 11:06 - 2017-08-19 19:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
        2017-09-13 11:06 - 2017-08-18 01:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
        2017-09-13 11:06 - 2017-08-15 17:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
        2017-09-13 11:06 - 2017-08-15 16:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
        2017-09-13 11:06 - 2017-08-13 21:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 20:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
        2017-09-13 11:06 - 2017-08-13 20:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 20:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 19:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 19:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 19:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
        2017-09-13 11:06 - 2017-08-13 19:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
        2017-09-13 11:06 - 2017-08-13 19:21 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
        2017-09-13 11:06 - 2017-08-13 19:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
        2017-09-13 11:06 - 2017-08-13 19:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:15 - 007078912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 19:14 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 19:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 19:05 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
        2017-09-13 11:06 - 2017-08-13 19:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:52 - 005274624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 18:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
        2017-09-13 11:06 - 2017-08-13 18:51 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 18:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 18:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 18:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
        2017-09-13 11:06 - 2017-08-13 18:25 - 007797248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 005270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
        2017-09-13 11:06 - 2017-08-12 12:30 - 022361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
        2017-09-13 11:06 - 2017-08-12 12:26 - 019789736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
        2017-09-13 11:06 - 2017-08-12 03:39 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
        2017-09-13 11:06 - 2017-08-12 02:59 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
        2017-09-13 11:06 - 2017-08-12 02:58 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
        2017-09-13 11:06 - 2017-08-12 02:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
        2017-09-13 11:06 - 2017-08-11 23:46 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:29 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
        2017-09-13 11:06 - 2017-08-11 06:30 - 004170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
        2017-09-13 11:06 - 2017-08-11 05:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
        2017-09-13 11:06 - 2017-08-11 05:02 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
        2017-09-13 11:06 - 2017-08-11 04:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 04:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
        2017-09-13 11:06 - 2017-08-11 04:44 - 001095680 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
        2017-09-13 11:06 - 2017-08-11 04:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
        2017-09-13 11:06 - 2017-08-11 04:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
        2017-09-13 11:06 - 2017-08-07 00:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
        2017-09-13 11:06 - 2017-08-06 10:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
        2017-09-13 11:06 - 2017-07-22 21:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
        2017-09-13 11:06 - 2017-07-22 20:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
        2017-09-13 11:06 - 2017-07-17 22:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-17 02:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-14 02:03 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
        2017-09-13 11:06 - 2017-07-12 23:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
        2017-09-13 11:06 - 2017-07-08 22:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
        2017-09-13 11:06 - 2017-07-08 21:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
        2017-09-13 11:06 - 2017-07-08 21:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
        2017-09-13 11:06 - 2017-07-08 21:20 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
        2017-09-13 11:06 - 2017-07-08 20:25 - 001436160 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
        2017-09-13 11:06 - 2017-07-08 20:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
        2017-09-13 11:06 - 2017-07-08 06:14 - 000100184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
        2017-09-11 11:53 - 2017-09-11 11:53 - 000066783 _____ C:\Users\bobby\Downloads\CV - Български.pdf
        2017-09-08 16:21 - 2017-09-08 16:21 - 001130328 _____ (Google Inc.) C:\Users\bobby\Downloads\ChromeSetup.exe
        2017-09-08 12:11 - 2017-10-02 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
        2017-09-06 11:27 - 2017-09-06 11:27 - 000000000 ____D C:\Users\bobby\AppData\Roaming\vlc
        2017-09-06 09:46 - 2017-09-06 09:46 - 000000000 ____D C:\Users\bobby\AppData\Roaming\dvdcss
        2017-09-04 13:20 - 2017-09-04 13:23 - 000000000 ____D C:\Users\bobby\Documents\ETS2MP
        2017-09-04 13:15 - 2017-09-04 13:17 - 000000000 ____D C:\ProgramData\TruckersMP
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000901 _____ C:\Users\Public\Desktop\TruckersMP.lnk
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\Program Files\TruckersMP Launcher
        2017-09-04 13:14 - 2017-09-04 13:14 - 000667351 _____ C:\Users\bobby\Downloads\launcher_1004.zip
        2017-09-04 13:10 - 2017-09-04 23:19 - 000000000 ____D C:\Users\bobby\Documents\Euro Truck Simulator 2
        2017-09-03 19:02 - 2017-09-03 19:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
        ==================== One Month Modified files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:01 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\360WD
        2017-10-02 12:55 - 2017-09-01 19:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\TeamViewer
        2017-10-02 12:55 - 2017-09-01 04:04 - 000000000 ____D C:\Windows\Panther
        2017-10-02 12:55 - 2017-08-31 18:17 - 000000000 ____D C:\Users\bobby\AppData\Local\CrashDumps
        2017-10-02 12:55 - 2017-08-31 18:10 - 000000000 ____D C:\ProgramData\ClassicShell
        2017-10-02 12:55 - 2017-08-31 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
        2017-10-02 12:55 - 2017-08-31 17:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\uTorrent
        2017-10-02 12:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
        2017-10-02 12:54 - 2017-08-31 23:46 - 000000000 ____D C:\ProgramData\360Quarant
        2017-10-02 12:54 - 2017-08-31 18:18 - 000000000 ____D C:\Users\bobby\AppData\Local\ClassicShell
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003430 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003302 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
        2017-10-02 12:34 - 2017-08-31 17:20 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3041877358-191924833-3829036719-1001
        2017-10-02 12:32 - 2017-08-31 17:30 - 000000000 ____D C:\ProgramData\NVIDIA
        2017-10-02 12:32 - 2017-08-31 17:18 - 000003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C64354CA-BA3D-40EC-B714-8157E7D25B88}
        2017-10-02 12:28 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
        2017-10-02 01:14 - 2017-08-31 17:49 - 000000000 ____D C:\Users\bobby\AppData\Roaming\AIMP
        2017-10-01 23:35 - 2014-11-21 11:44 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
        2017-10-01 12:32 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\AppReadiness
        2017-09-30 14:05 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\Roaming\360safe
        2017-09-30 13:11 - 2017-08-31 17:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
        2017-09-30 11:24 - 2017-08-31 21:23 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\uTorrent
        2017-09-29 22:56 - 2017-08-31 23:48 - 000000000 __SHD C:\$360Section
        2017-09-29 22:56 - 2017-08-31 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
        2017-09-28 23:56 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby
        2017-09-28 18:00 - 2013-08-22 16:25 - 000000240 _____ C:\Windows\win.ini
        2017-09-28 15:04 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby\AppData\Local\VirtualStore
        2017-09-25 22:16 - 2017-08-31 17:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
        2017-09-23 14:41 - 2013-08-22 18:36 - 000000000 ___HD C:\Program Files\WindowsApps
        2017-09-22 12:52 - 2017-08-31 17:19 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003740 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003732 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003556 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:40 - 000000000 ____D C:\Users\bobby\AppData\Local\NVIDIA Corporation
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
        2017-09-21 22:18 - 2017-08-31 17:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
        2017-09-21 22:17 - 2017-08-31 17:31 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
        2017-09-19 10:23 - 2017-08-31 17:31 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
        2017-09-19 00:29 - 2017-08-31 17:31 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
        2017-09-18 17:02 - 2017-08-31 21:18 - 000000000 _RSHD C:\360SANDBOX
        2017-09-16 14:29 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\rescache
        2017-09-15 22:06 - 2017-08-31 17:29 - 000000000 ____D C:\ProgramData\Package Cache
        2017-09-15 21:33 - 2017-08-31 20:17 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
        2017-09-15 00:22 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
        2017-09-15 00:20 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData
        2017-09-13 13:27 - 2017-08-31 19:06 - 000000000 ____D C:\Windows\system32\MRT
        2017-09-13 13:25 - 2017-08-31 19:06 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
        2017-09-13 13:25 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
        2017-09-10 17:28 - 2017-08-31 18:14 - 000000000 ____D C:\Users\bobby\AppData\Local\Steam
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
        2017-09-04 11:03 - 2017-08-31 17:38 - 000000000 __SHD C:\Users\bobby\IntelGraphicsProfiles
        2017-09-03 19:09 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\System
        2017-09-02 02:54 - 2017-08-31 20:27 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
        2017-09-02 02:54 - 2017-08-31 20:27 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
        ==================== Bamital & volsnap ======================
        (There is no automatic fix for files that do not pass verification.)
        C:\Windows\system32\winlogon.exe => File is digitally signed
        C:\Windows\system32\wininit.exe => File is digitally signed
        C:\Windows\explorer.exe => File is digitally signed
        C:\Windows\SysWOW64\explorer.exe => File is digitally signed
        C:\Windows\system32\svchost.exe => File is digitally signed
        C:\Windows\SysWOW64\svchost.exe => File is digitally signed
        C:\Windows\system32\services.exe => File is digitally signed
        C:\Windows\system32\User32.dll => File is digitally signed
        C:\Windows\SysWOW64\User32.dll => File is digitally signed
        C:\Windows\system32\userinit.exe => File is digitally signed
        C:\Windows\SysWOW64\userinit.exe => File is digitally signed
        C:\Windows\system32\rpcss.dll => File is digitally signed
        C:\Windows\system32\dnsapi.dll => File is digitally signed
        C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
        C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
        LastRegBack: 2017-09-30 12:38
        ==================== End of FRST.txt ============================
         
         
        Addition_02-10-2017 13.01.49.txt
      • от septemberrain
        Здравейте, преди малко влязох във фейсбук профила си, където повечето ми приятели съм ги отпоследвала, за да не ми излизат постоянно техните постове, а когато искам да видя постовете на определени хора просто влизах в листата ми с приятели и цъках на бутона ,,new posts'', който се намираше между  ,,all friends'' / ,,birthdays'' и ,,followers'.' Но днес с доста неприятна изненада открих, че бутонът new posts в friend list-a просто го няма.. нито при компютъра, нито при телефона.
        Искам да попитам и при вас ли е по този начин, и това съответно някаква поредна скапана фейсбук промяна ли е, целяща досадно последване или е някакъв бъг специално появил се при мен? Ще се радвам да помогнете, защото е много дразнещо.
    • Разглеждащи в момента   0 потребители

      Няма регистрирани потребители разглеждащи тази страница.

    • Дарение

    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.