Премини към съдържанието

Препоръчан отговор


Здравейте, проблемът ми е такъв, че когато се отворя нещо с свързано (било то сайт, процес и т.н.) с антивирусна програма само се прекратява, изтрива, премахва...Видях потребител, който е имал същия проблем, но разбрах, че се работи индивидуално по проблема. Моят проблем е абсолютно същият като във тази тема.

http://www.kaldata.com/forums/topic/151861-%D0%B8%D0%BC%D0%B0%D0%BC-%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BA%D0%BE%D0%B9%D1%82%D0%BE-%D0%B8%D0%B7%D1%82%D1%80%D0%B8-%D0%B0%D0%BD%D1%82%D0%B8%D0%B2%D0%B8%D1%80%D1%83%D1%81%D0%BD%D0%B0%D1%82%D0%B0-%D0%BF%D1%80%D0%BE%D0%B3%D1%80%D0%B0%D0%BC%D0%B0/

 

Докладите:

DDS.txt

 

 

DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 10.17.2 Run by qwerty at 22:53:05 on 2013-08-03 Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.894.106 [GMT 3:00] . AV: Avira Desktop *Disabled/Outdated* {AD166499-45F9-482A-A743-FDD3350758C7} . ============== Running Processes ================ . C:WINDOWSsystem32Ati2evxx.exe C:WINDOWSsystem32spoolsv.exe C:WINDOWSsystem32Ati2evxx.exe C:Program FilesAviraAntiVir Desktopsched.exe C:WINDOWSExplorer.EXE C:Program FilesGoogleUpdate1.3.21.153GoogleCrashHandler.exe C:Program FilesMicrosoft OfficeOffice12GrooveMonitor.exe C:Program FilesCommon FilesABBYYFineReader11.00LicensingCENetworkLicenseServer.exe C:WINDOWSsystem32ctfmon.exe C:Program FilesJavajre7binjqs.exe C:Program FilesNeroUpdateNASvc.exe C:Documents and SettingsAll UsersApplication DataSkypeToolbarsSkype C2C Servicec2c_service.exe C:DOCUME~1qwertyLOCALS~1Tempwinwqjuvd.exe C:DOCUME~1qwertyLOCALS~1Tempwinksxqtd.exe C:DOCUME~1qwertyLOCALS~1Tempwinscyeo.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Program FilesSkypePhoneSkype.exe C:WINDOWSsystem32rundll32.exe C:WINDOWSsystem32sndrec32.exe C:WINDOWSsystem32wbemwmiprvse.exe C:WINDOWSSystem32svchost.exe -k netsvcs C:WINDOWSsystem32svchost.exe -k NetworkService C:WINDOWSsystem32svchost.exe -k LocalService C:WINDOWSsystem32svchost.exe -k LocalService C:WINDOWSsystem32svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - c:program filescanoneasy-webprint exewpexbho.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:program filescommon filesmicrosoft sharedwindows liveWindowsLiveLogin.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:program filescanoneasy-webprint exewpexhlp.dll TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - c:program filescanoneasy-webprint exewpexhlp.dll EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - c:program filescanoneasy-webprint exewpexhlp.dll uRun: [CTFMON.EXE] c:windowssystem32ctfmon.exe uRun: [DAEMON Tools Lite] "d:daemon tools liteDTLite.exe" -autorun uRun: [Google Update] "c:documents and settingsqwertylocal settingsapplication datagoogleupdateGoogleUpdate.exe" /c uRun: [northbridge] c:intelnorthbridge.bat uRunOnce: [FlashPlayerUpdate] c:windowssystem32macromedflashFlashUtil32_11_7_700_224_Plugin.exe -update plugin mRun: [DWPersistentQueuedReporting] c:program filescommon filesmicrosoft shareddwDWTRIG20.EXE -a mRun: [ATICCC] "c:program filesati technologiesati.aceCLIStart.exe" mRun: [NeroFilterCheck] c:windowssystem32NeroCheck.exe mRun: [GrooveMonitor] "c:program filesmicrosoft officeoffice12GrooveMonitor.exe" mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe" mRun: [bonus.SSR.FR11] "d:fine readernew folderBonus.ScreenshotReader.exe" /autorun mRun: [CanonSolutionMenu] c:program filescanonsolutionmenuCNSLMAIN.exe /logon mRun: [LogMeIn Hamachi Ui] "D:hamachi-2-ui.exe" --auto-start mRun: [avgnt] "c:program filesaviraantivir desktopavgnt.exe" /min mRun: [FixCamera] c:windowsFixCamera.exe mRun: [tsnp2std] c:windowstsnp2std.exe mRun: [snpstd3] c:windowsvsnpstd3.exe mRun: [tsnpstd3] c:windowstsnpstd3.exe dRun: [CTFMON.EXE] c:windowssystem32CTFMON.EXE StartupFolder: c:docume~1qwertystartm~1programsstartupon-scr~1.lnk - c:windowssystem32osk.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 uPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableLUA = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: E&xport to Microsoft Excel - c:progra~1micros~4office12EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice12ONBttnIE.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe TCP: NameServer = 172.16.1.1 TCP: Interfaces{F615EF8F-D91B-41ED-AED3-73B03AE098FD} : DHCPNameServer = 172.16.1.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:program filesmicrosoft officeoffice12GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll Notify: AtiExtEvent - Ati2evxx.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:windowssystem32WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:program filesmicrosoft officeoffice12GrooveShellExtensions.dll mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication28.0.1500.95installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:documents and settingsqwertyapplication datamozillafirefoxprofileswahsbg9c.default-1373472550146 FF - plugin: c:documents and settingsqwertyapplication datamozillapluginsnpgoogletalk.dll FF - plugin: c:documents and settingsqwertyapplication datamozillapluginsnpgtpo3dautoplugin.dll FF - plugin: c:documents and settingsqwertyapplication datamozillapluginsnpo1d.dll FF - plugin: c:documents and settingsqwertylocal settingsapplication datagoogleupdate1.3.21.153npGoogleUpdate3.dll FF - plugin: c:progra~1common~1nerobrowse~1npBrowserPlugin.dll FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dll FF - plugin: c:program filesgoogleupdate1.3.21.153npGoogleUpdate3.dll FF - plugin: c:program filesjavajre7binplugin2npjp2.dll FF - plugin: c:program filesmicrosoft silverlight5.1.20513.0npctrlui.dll FF - plugin: c:windowssystem32macromedflashNPSWF32_11_7_700_224.dll FF - plugin: c:windowssystem32npDeployJava1.dll FF - plugin: c:windowssystem32npptools.dll FF - plugin: d:winamp detectnpwachk.dll . ============= SERVICES / DRIVERS =============== . R1 avkmgr;avkmgr;c:windowssystem32driversavkmgr.sys [2013-7-28 37352] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32driversdtsoftbus01.sys [2013-3-4 242240] R2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:program filescommon filesabbyyfinereader11.00licensingceNetworkLicenseServer.exe [2011-12-22 818952] R2 AntiVirSchedulerService;Avira Scheduler;c:program filesaviraantivir desktopsched.exe [2013-7-28 84024] R2 avgntflt;avgntflt;c:windowssystem32driversavgntflt.sys [2013-7-28 84744] R2 NAUpdate;Nero Update;c:program filesneroupdateNASvc.exe [2012-7-13 769432] R2 Skype C2C Service;Skype C2C Service;c:documents and settingsall usersapplication dataskypetoolbarsskype c2c servicec2c_service.exe [2013-1-31 3289208] R3 amsint32;amsint32;??c:windowssystem32driversfknskq.sys --> c:windowssystem32driversfknskq.sys [?] S2 AntiVirService;Avira Real-Time Protection;c:program filesaviraantivir desktopavguard.exe [2013-7-28 108088] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2013-7-28 116648] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:hamachi-2.exe -s --> d:hamachi-2.exe -s [?] S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2013-2-28 161384] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32macromedflashFlashPlayerUpdateService.exe [2013-2-19 256904] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2013-7-28 116648] S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [2013-8-3 40776] S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesmozilla maintenance servicemaintenanceservice.exe [2013-2-18 117144] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2013-4-18 754856] S4 AntiVirWebService;Avira Web Protection;c:program filesaviraantivir desktopavwebgrd.exe [2013-7-28 589368] . =============== Created Last 30 ================ . 2013-08-03 06:20:17  --------  d-----w-  c:program filesSHOUTcast 2013-08-03 05:46:41  40776  ----a-w-  c:windowssystem32driversmbamswissarmy.sys 2013-08-03 05:35:04  --------  d-----w-  c:documents and settingsqwertyapplication dataURSoft 2013-08-02 11:32:59  53760  -c--a-w-  c:windowssystem32dllcachevfwwdm32.dll 2013-08-02 11:32:59  53760  ----a-w-  c:windowssystem32vfwwdm32.dll 2013-07-30 19:08:11  913408  ----a-w-  c:windowsvsnpstd3.exe 2013-07-30 19:08:11  348160  ----a-w-  c:windowstsnpstd3.exe 2013-07-30 19:08:10  3968  ----a-w-  c:windowssystem32driversDeNoise.sys 2013-07-30 19:08:10  10423936  ----a-w-  c:windowssystem32driverssnpstd3.sys 2013-07-30 19:08:08  61440  ----a-w-  c:windowssystem32vsnpstd3.dll 2013-07-30 19:08:08  53248  ----a-w-  c:windowssystem32csnpstd3.dll 2013-07-30 19:08:08  53248  ----a-w-  c:windowscsnpstd3.dll 2013-07-30 19:08:08  155648  ----a-w-  c:windowssystem32rsnpstd3.dll 2013-07-30 19:08:07  --------  d-----w-  c:program filescommon filessnpstd3 2013-07-30 18:44:44  423200  ----a-w-  c:windowsWindowsXP-KB822603-x86.exe 2013-07-30 18:44:43  675840  ----a-w-  c:windowsvsnp2std.exe 2013-07-30 18:44:43  331776  ----a-w-  c:windowstsnp2std.exe 2013-07-30 18:44:43  25472  ----a-w-  c:windowssystem32driverssncamd.sys 2013-07-30 18:44:40  12033024  ----a-w-  c:windowssystem32driverssnp2sxp.sys 2013-07-30 18:44:38  77824  ----a-w-  c:windowssystem32csnp2std.dll 2013-07-30 18:44:38  249856  ----a-w-  c:windowssystem32vsnp2std.dll 2013-07-30 18:44:38  151552  ----a-w-  c:windowssystem32rsnp2std.dll 2013-07-30 18:44:38  --------  d-----w-  c:program filescommon filessnp2std 2013-07-30 18:21:01  98304  ----a-w-  c:windowsamcap.exe 2013-07-30 18:21:01  90112  ----a-w-  c:windowsFixCamera.exe 2013-07-30 14:59:20  --------  d-----w-  c:documents and settingsqwertyapplication dataAvira 2013-07-27 21:56:11  84744  ----a-w-  c:windowssystem32driversavgntflt.sys 2013-07-27 21:56:11  37352  ----a-w-  c:windowssystem32driversavkmgr.sys 2013-07-27 21:56:01  --------  d-----w-  c:program filesAvira 2013-07-27 21:56:01  --------  d-----w-  c:documents and settingsall usersapplication dataAvira 2013-07-11 20:00:54  --------  d-----w-  c:documents and settingsqwertyapplication dataMalwarebytes 2013-07-11 20:00:44  --------  d-----w-  c:documents and settingsall usersapplication dataMalwarebytes 2013-07-11 20:00:42  22856  ----a-w-  c:windowssystem32driversmbam.sys 2013-07-11 20:00:42  --------  d-----w-  c:program filesMalwarebytes' Anti-Malware . ==================== Find3M  ==================== . 2013-06-12 05:08:13  71048  ----a-w-  c:windowssystem32FlashPlayerCPLApp.cpl 2013-06-12 05:08:13  692104  ----a-w-  c:windowssystem32FlashPlayerApp.exe 2013-06-07 21:56:06  920064  ----a-w-  c:windowssystem32wininet.dll 2013-06-07 21:56:06  43520  ----a-w-  c:windowssystem32licmgr10.dll 2013-06-07 21:56:05  1469440  ----a-w-  c:windowssystem32inetcpl.cpl 2013-06-07 20:55:44  385024  ----a-w-  c:windowssystem32html.iec 2013-06-04 07:23:02  562688  ----a-w-  c:windowssystem32qedit.dll 2013-06-04 01:40:45  1876736  ----a-w-  c:windowssystem32win32k.sys 2013-05-08 21:28:02  1543680  ----a-w-  c:windowssystem32wmvdecod.dll . ============= FINISH: 22:58:56,27 ===============  

 

Attach.exe

 

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: DeviceHarddiskVolume1 Install Date: 18.2.2013 г. 14:17:32 System Uptime: 03.8.2013 г. 10:49:58 (12 hours ago) . Motherboard: MSI |  | 0A48 Processor: Intel® Pentium® D CPU 3.00GHz |  | 3000/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 30 GiB total, 14,452 GiB free. D: is FIXED (NTFS) - 119 GiB total, 105,728 GiB free. E: is CDROM () F: is Removable G: is Removable H: is Removable I: is Removable J: is CDROM (UDF) . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E96B-E325-11CE-BFC1-08002BE10318} Description: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard Device ID: ACPIPNP03033&61AAA01&0 Manufacturer: (Standard keyboards) Name: Standard 101/102-Key or Microsoft Natural PS/2 Keyboard PNP Device ID: ACPIPNP03033&61AAA01&0 Service: i8042prt . Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: Hamachi Network Interface Device ID: ROOTNET0000 Manufacturer: LogMeIn, Inc. Name: Hamachi Network Interface PNP Device ID: ROOTNET0000 Service: hamachi . ==== System Restore Points =================== . RP135: 12.7.2013 г. 14:00:19 - Software Distribution Service 3.0 RP136: 13.7.2013 г. 14:00:18 - Software Distribution Service 3.0 RP137: 27.7.2013 г. 17:44:44 - Software Distribution Service 3.0 RP138: 28.7.2013 г. 14:00:21 - Software Distribution Service 3.0 RP139: 29.7.2013 г. 14:00:24 - Software Distribution Service 3.0 RP140: 30.7.2013 г. 14:00:20 - Software Distribution Service 3.0 RP141: 30.7.2013 г. 21:20:52 - Installed USB PC Camera RP142: 30.7.2013 г. 21:23:13 - Installed USB PC Camera RP143: 30.7.2013 г. 21:44:37 - Installed USB2.0 PC Camera (SN9C201&202) RP144: 30.7.2013 г. 21:50:15 - Removed USB PC Camera RP145: 30.7.2013 г. 22:08:07 - Installed USB PC Camera RP146: 31.7.2013 г. 14:00:23 - Software Distribution Service 3.0 RP147: 01.8.2013 г. 14:00:17 - Software Distribution Service 3.0 RP148: 02.8.2013 г. 14:00:50 - Software Distribution Service 3.0 RP149: 03.8.2013 г. 08:49:12 - Before uninstalling USB2.0 PC Camera (SN9C201&202) RP150: 03.8.2013 г. 08:50:06 - Before uninstalling USB PC Camera RP151: 03.8.2013 г. 14:00:18 - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Архиватор WinRAR µTorrent ABBYY FineReader 11 Corporate Edition Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.7) ATI - Software Uninstall Utility ATI Catalyst Control Center ATI Display Driver Avira Free Antivirus Bulgarian Keyboards XP by G. Atanasov BulgarianPhonetic XP by G. Atanasov Canon Easy-PhotoPrint EX Canon Easy-WebPrint EX Canon MP Navigator EX 1.0 Canon MP210 series Canon My Printer Canon Utilities Solution Menu CDBurnerXP Cheat Engine 6.3 Choice Guard Counter-Strike 1.6 Professional Edition v2.0 DAEMON Tools Lite EA SPORTS online 2007 FIFA 07 GameRanger Google Chrome Google Talk Plugin Google Update Helper Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows XP (KB2779562) Hotfix for Windows XP (KB954550-v5) Java 7 Update 17 K-Lite Codec Pack 9.7.0 (Full) LogMeIn Hamachi Malwarebytes Anti-Malware, версия 1.75.0.1300 Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB2833941) Microsoft .NET Framework 1.1 Service Pack 1 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft .NET Framework 4 Multi-Targeting Pack Microsoft Application Error Reporting Microsoft Help Viewer 1.0 Microsoft Office 2007 Service Pack 3 (SP3) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Software Update for Web Folders  (English) 12 Microsoft SQL Server 2008 R2 Management Objects Microsoft SQL Server Compact 3.5 SP2 ENU Microsoft SQL Server System CLR Types Microsoft Visual Basic 2010 Express - ENU Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools Mouse Recorder Pro 2.0.7.4 Mozilla Firefox 22.0 (x86 bg) Mozilla Maintenance Service MSXML 4.0 SP3 Parser MSXML 4.0 SP3 Parser (KB2758694) MSXML 6.0 Parser MultiBit 0.4.21 Nero Audio Pack 1 Nero Blu-ray Player Nero Blu-ray Player Help (CHM) Nero Core Components Nero Kwik Media Nero Kwik Media Help (CHM) Nero Kwik Themes Basic Nero OEM Nero SharedVideoCodecs Nero Update Prerequisite installer Realtek High Definition Audio Driver SafeSaver 1.74 Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2736428) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2736428) Security Update for Microsoft .NET Framework 4 Extended (KB2742595) Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition Security Update for Microsoft Visual Basic 2010 Express - ENU (KB2251489) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2792100) Security Update for Windows Internet Explorer 8 (KB2797052) Security Update for Windows Internet Explorer 8 (KB2809289) Security Update for Windows Internet Explorer 8 (KB2817183) Security Update for Windows Internet Explorer 8 (KB2829530) Security Update for Windows Internet Explorer 8 (KB2838727) Security Update for Windows Internet Explorer 8 (KB2846071) Security Update for Windows Internet Explorer 8 (KB2847204) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB2834904) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2705219-v2) Security Update for Windows XP (KB2712808) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB2723135-v2) Security Update for Windows XP (KB2727528) Security Update for Windows XP (KB2753842-v2) Security Update for Windows XP (KB2757638) Security Update for Windows XP (KB2758857) Security Update for Windows XP (KB2770660) Security Update for Windows XP (KB2778344) Security Update for Windows XP (KB2780091) Security Update for Windows XP (KB2799494) Security Update for Windows XP (KB2802968) Security Update for Windows XP (KB2807986) Security Update for Windows XP (KB2808735) Security Update for Windows XP (KB2813170) Security Update for Windows XP (KB2820197) Security Update for Windows XP (KB2820917) Security Update for Windows XP (KB2829361) Security Update for Windows XP (KB2834886) Security Update for Windows XP (KB2839229) Security Update for Windows XP (KB2845187) Security Update for Windows XP (KB2850851) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982665) Segoe UI SHOUTcast DNAS Server v2 SHOUTcast Source DSP Plug-in v2 Skype Click to Call Skype™ 6.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition Update for Windows XP (KB2345886) Update for Windows XP (KB2661254-v2) Update for Windows XP (KB2736233) Update for Windows XP (KB2749655) Update for Windows XP (KB955759) Update for Windows XP (KB968389) Update for Windows XP (KB971029) Update for Windows XP (KB973815) VirtualCamera Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU VobSub v2.23 (Remove Only) WebFldrs XP Winamp Winamp Detector Plug-in Windows Live Call Windows Live Communications Platform Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Rights Management Client Backwards Compatibility SP2 Windows Rights Management Client with Service Pack 2 Your Uninstaller! 7 . ==== Event Viewer Messages From Past Week ======== . 31.7.2013 г. 19:07:23, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 5 time(s). 31.7.2013 г. 14:59:05, error: Service Control Manager [7034]  - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly.  It has done this 1 time(s). 31.7.2013 г. 14:02:28, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 31.7.2013 г. 13:06:59, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 4 time(s). 31.7.2013 г. 13:01:46, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s). 31.7.2013 г. 13:01:38, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 31.7.2013 г. 13:01:36, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 31.7.2013 г. 13:00:10, error: ati2mtag [44044]  - I2c return failed 31.7.2013 г. 13:00:10, error: ati2mtag [44044]  - I2c return failed 31.7.2013 г. 01:07:04, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 5 time(s). 30.7.2013 г. 19:06:49, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 4 time(s). 30.7.2013 г. 17:59:23, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s). 30.7.2013 г. 17:59:15, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 30.7.2013 г. 17:59:08, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 30.7.2013 г. 17:57:51, error: ati2mtag [44044]  - I2c return failed 30.7.2013 г. 17:57:51, error: ati2mtag [44044]  - I2c return failed 30.7.2013 г. 14:01:32, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 30.7.2013 г. 13:06:20, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 5 time(s). 30.7.2013 г. 01:06:21, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 4 time(s). 29.7.2013 г. 22:40:18, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s). 29.7.2013 г. 22:40:09, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 29.7.2013 г. 22:40:01, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 29.7.2013 г. 22:38:45, error: ati2mtag [44044]  - I2c return failed 29.7.2013 г. 22:38:45, error: ati2mtag [44044]  - I2c return failed 29.7.2013 г. 19:06:22, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 8 time(s). 29.7.2013 г. 14:01:58, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 29.7.2013 г. 07:03:39, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 7 time(s). 28.7.2013 г. 23:29:27, error: Service Control Manager [7034]  - The LogMeIn Hamachi Tunneling Engine service terminated unexpectedly.  It has done this 1 time(s). 28.7.2013 г. 19:03:44, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 6 time(s). 28.7.2013 г. 14:01:35, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 28.7.2013 г. 13:04:12, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 5 time(s). 28.7.2013 г. 00:59:22, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 4 time(s). 28.7.2013 г. 00:59:22, error: Service Control Manager [7022]  - The Avira Real-Time Protection service hung on starting. 28.7.2013 г. 00:59:22, error: Service Control Manager [7001]  - The Avira Web Protection service depends on the Avira Real-Time Protection service which failed to start because of the following error:  After starting, the service hung in a start-pending state. 28.7.2013 г. 00:57:20, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s). 28.7.2013 г. 00:57:12, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 28.7.2013 г. 00:57:03, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 28.7.2013 г. 00:54:29, error: ati2mtag [44044]  - I2c return failed 28.7.2013 г. 00:54:29, error: ati2mtag [44044]  - I2c return failed 27.7.2013 г. 18:47:42, error: i8042prt [22]  - Could not set the mouse sample rate. 27.7.2013 г. 17:47:32, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 27.7.2013 г. 17:46:05, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Avira AntiVir Guard service to connect. 27.7.2013 г. 17:46:05, error: Service Control Manager [7000]  - The Avira AntiVir Guard service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion. 27.7.2013 г. 17:44:23, error: Service Control Manager [7034]  - The Avira AntiVir Guard service terminated unexpectedly.  It has done this 3 time(s). 27.7.2013 г. 17:44:15, error: Service Control Manager [7031]  - The Avira AntiVir Guard service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 27.7.2013 г. 17:44:07, error: Service Control Manager [7031]  - The Avira AntiVir Guard service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 27.7.2013 г. 17:42:44, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume. 27.7.2013 г. 17:42:44, error: ati2mtag [44044]  - I2c return failed 27.7.2013 г. 17:42:44, error: ati2mtag [44044]  - I2c return failed 03.8.2013 г. 19:07:14, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 5 time(s). 03.8.2013 г. 14:01:44, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 03.8.2013 г. 13:07:46, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 4 time(s). 03.8.2013 г. 10:52:37, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 3 time(s). 03.8.2013 г. 10:52:34, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 2 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 03.8.2013 г. 10:52:33, error: Service Control Manager [7031]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 0 milliseconds: Restart the service. 03.8.2013 г. 10:52:33, error: Service Control Manager [7000]  - The LogMeIn Hamachi Tunneling Engine service failed to start due to the following error:  The system cannot find the file specified. 03.8.2013 г. 10:51:17, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume2'.  It has stopped monitoring the volume. 03.8.2013 г. 10:51:17, error: sr [1]  - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'.  It has stopped monitoring the volume. 03.8.2013 г. 10:51:17, error: ati2mtag [44044]  - I2c return failed 03.8.2013 г. 10:51:17, error: ati2mtag [44044]  - I2c return failed 03.8.2013 г. 07:07:24, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 14 time(s). 03.8.2013 г. 01:07:31, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 13 time(s). 02.8.2013 г. 19:07:51, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 12 time(s). 02.8.2013 г. 14:07:25, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 02.8.2013 г. 13:08:06, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 11 time(s). 02.8.2013 г. 07:07:33, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 10 time(s). 02.8.2013 г. 01:07:22, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 9 time(s). 01.8.2013 г. 19:07:23, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 8 time(s). 01.8.2013 г. 14:01:45, error: Windows Update Agent [20]  - Installation Failure: Windows failed to install the following update with error 0x8007f0f4: Security Update for Windows XP (KB2481109). 01.8.2013 г. 07:07:11, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 7 time(s). 01.8.2013 г. 01:07:32, error: Service Control Manager [7034]  - The Avira Real-Time Protection service terminated unexpectedly.  It has done this 6 time(s). . ==== End Of File ===========================  

 

Редактирано от icotonev (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!Като за начало следвайте стъпките от тази тема:

 

Системата ми е инфектирана - Какво да правя сега?

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!Не мисля така..по логовете се вижда зараза с полиморфен вирус Sality..
 
 
1. Спрете Autorun функцията.
Изтеглете и стартирайте следния файл Публикувано изображение
Стартирайте го и се съгласете с лицензионното споразумение.
Натиснете Next и изчакайте да си свърпи работата.


2. Спрете System Restore функцията.
Щракнете с десен бутон върху My Computer, след това изберете Properties => отидете на System Restore => изберете опцията Turn off System Restore on all drives => натиснете Apply и затворете прозореца
.
Публикувано изображение
 


3. Изтеглете SalityKiller и го запазете на десктопа.
Изключете интернет достъпа и след това сканирайте с него по описания по-надолу начин:

  • [*]Изтеглете
SalityKiller Версия 1.3.6.0 и запазете инструмента на десктопа. [*]Отворете Start => Run в полето въведете CMD => натиснете Enter => след това  с copy/paste копирайте командата и я поставете в черния прозорец на CMD с десен бутон на мишката => paste "%userprofile%desktopsalitykiller.exe" -n -r -x -a -j -k -l c:report.txt [*]Изчакайте проверката да завърши. [*]След като тя приключи, публикувайте съдържанието на лог файла C:report.txt в следващия си пост.

 

4.Направете една проверка с Kaspersky Virus Removal Tool
След като изтеглите инструмента, изключете достъпа до интернет.
След като стартирате инструмента, отидете до Settings (Иконата, която прилича на звездичка) сложете отметка пред My Computer.
 
Публикувано изображение
 
От опциите за почистване изберете Disinfect => но не избирайте delete if disinfection fails.
 
Публикувано изображение
 
Върнете се до Automatic Scan и натиснете Start Scanning.
 
Публикувано изображение
 
Ако по време на сканирането ви попита за дадено действие изберете skip.
След като приключи проверката изберете Report (Иконата която прилича на листче) => Detected Threats изберете SAVE и запазете документа на десктопа.
 
Публикувано изображение
 
Kопирайте съдържанието му в следващия си пост.
Затворете инструмента - това ще до деинсталира автоматично.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Мисля, че проблема се оправи, ето ви логовете, само че размених стъпка 3 и 4, тъй като SalityKillera отначало не искаше да се пусне.

kaspersky.txt

 

Status: Disinfected   (events: 221)

04.8.2013 г. 12:29:19 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyApplication Datajxpiinstall.exe High
04.8.2013 г. 12:03:53 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyDesktopMinecraftSP.exe High
04.8.2013 г. 12:04:16 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyDesktopRootKit.exe High
04.8.2013 г. 12:04:18 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyDesktopSimilarBundleGenericDl.exe High
04.8.2013 г. 12:04:27 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyDesktopWinsockxpFix.exe High
04.8.2013 г. 12:05:16 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyDesktopyusetup7.exe High
04.8.2013 г. 12:08:23 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00B105FE_RarMinecraftSP.exe High
04.8.2013 г. 12:30:41 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00B1062D_RarMinecraftSP.exe High
04.8.2013 г. 12:10:34 Disinfected virus Virus.Win32.Sality.gen d:hxeg.pif High
04.8.2013 г. 12:10:49 Disinfected virus Virus.Win32.Sality.gen c:Program FilesATI TechnologiesATI.ACECLIStart.exe High
04.8.2013 г. 12:11:01 Disinfected virus Virus.Win32.Sality.gen c:WINDOWSsystem32NeroCheck.exe High
04.8.2013 г. 12:11:17 Disinfected virus Virus.Win32.Sality.gen d:Fine ReaderNew FolderBonus.ScreenshotReader.exe High
04.8.2013 г. 12:11:29 Disinfected virus Virus.Win32.Sality.gen c:Program FilesCanonSolutionMenuCNSLMAIN.EXE High
04.8.2013 г. 12:11:40 Disinfected virus Virus.Win32.Sality.gen c:WINDOWSFixCamera.exe High
04.8.2013 г. 12:11:52 Disinfected virus Virus.Win32.Sality.gen c:WINDOWStsnp2std.exe High
04.8.2013 г. 12:12:04 Disinfected virus Virus.Win32.Sality.gen c:WINDOWSvsnpstd3.exe High
04.8.2013 г. 12:12:16 Disinfected virus Virus.Win32.Sality.gen c:WINDOWStsnpstd3.exe High
04.8.2013 г. 12:12:31 Disinfected virus Virus.Win32.Sality.gen d:DAEMON Tools LiteDTLite.exe High
04.8.2013 г. 12:12:44 Disinfected virus Virus.Win32.Sality.gen c:Intelstart.exe High
04.8.2013 г. 12:13:44 Disinfected virus Virus.Win32.Sality.gen d:uTorrent.exe High
04.8.2013 г. 12:14:04 Disinfected virus Virus.Win32.Sality.gen c:Documents and SettingsqwertyApplication DataGameRangerGameRangerGameRanger.exe High
04.8.2013 г. 12:14:17 Disinfected virus Virus.Win32.Sality.gen d:FIFA 07 - RELOADEDfifa07.exe High
04.8.2013 г. 12:15:56 Disinfected virus Virus.Win32.Sality.gen c:Program FilesAheadNero BackItUpBackItUp.exe High
04.8.2013 г. 12:16:16 Disinfected virus Virus.Win32.Sality.gen d:Fine ReaderNew FolderFineReader.exe High
04.8.2013 г. 12:16:34 Disinfected virus Virus.Win32.Sality.gen c:Program FilesAheadImageDriveImageDrive.exe High
04.8.2013 г. 12:16:52 Disinfected virus Virus.Win32.Sality.gen c:Program FilesMalwarebytes' Anti-Malwarembam.exe High
04.8.2013 г. 12:17:28 Disinfected virus Virus.Win32.Sality.gen c:Program FilesCanonMP Navigator EX 1.0mpnex10.exe High
04.8.2013 г. 12:17:44 Disinfected virus Virus.Win32.Sality.gen c:Program FilesAheadCoverDesignerCoverDes.exe High
04.8.2013 г. 12:17:59 Disinfected virus Virus.Win32.Sality.gen c:Program FilesAheadNero StartSmartNeroStartSmart.exe High
04.8.2013 г. 12:18:13 Disinfected virus Virus.Win32.Sality.gen d:VirtualCameraVCamera.exe High
04.8.2013 г. 12:18:27 Disinfected virus Virus.Win32.Sality.gen c:Program FilesAheadWMPBurnWMPBurn.exe High
04.8.2013 г. 12:18:54 Disinfected virus Virus.Win32.Sality.gen d:Printer FilesCNEZMAIN.EXE High
04.8.2013 г. 12:19:07 Disinfected virus Virus.Win32.Sality.gen c:Program FilesATI TechnologiesATI.ACEthunk.exe High
04.8.2013 г. 12:19:28 Disinfected virus Virus.Win32.Sality.gen d:Your Uninstaller! 7urmain.exe High
04.8.2013 г. 12:30:52 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00D510BD_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:31:11 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00D516B8_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:31:23 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00D51F92_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:31:36 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00E5AE08_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:31:46 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00E5AF60_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:31:57 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp00E5AF9F_Rar200804141307_USB PC Camera_v5.18.1207.000.exe High
04.8.2013 г. 12:32:12 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0167E0B9_Raruninstall.exe High
04.8.2013 г. 12:32:09 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0167E193_RarAu_.exe High
04.8.2013 г. 12:32:12 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0169900F_Raruninstall.exe High
04.8.2013 г. 12:32:17 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0713CD3A_RarMinecraftSP.exe High
04.8.2013 г. 12:32:25 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp016990F9_RarAu_.exe High
04.8.2013 г. 12:32:25 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp028B8A8E_Rarhelper.exe High
04.8.2013 г. 12:32:25 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp028B8AAD_Rarmaintenanceservice_installer.exe High
04.8.2013 г. 12:32:33 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0713CD4A_RarMinecraftSP.exe High
04.8.2013 г. 12:32:49 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp028B8E76_Rarhelper.exe High
04.8.2013 г. 12:32:37 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp05053761_Raruninstall.exe High
04.8.2013 г. 12:32:38 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0505385B_RarAu_.exe High
04.8.2013 г. 12:32:47 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp07143CBD_RarMinecraftSP.exe High
04.8.2013 г. 12:32:50 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp05061907_Raruninstall.exe High
04.8.2013 г. 12:32:51 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp05061A5E_RarAu_.exe High
04.8.2013 г. 12:33:04 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp07143E63_RarMinecraftSP.exe High
04.8.2013 г. 12:32:58 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp050627EB_Raruninstall.exe High
04.8.2013 г. 12:32:58 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp050628A7_RarAu_.exe High
04.8.2013 г. 12:33:12 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp08626701_RarMinecraftSP.exe High
04.8.2013 г. 12:33:19 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0862675E_RarMinecraftSP.exe High
04.8.2013 г. 12:33:27 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0863CAD6_RarMinecraftSP.exe High
04.8.2013 г. 12:33:39 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8E25EB_Rarsetup.exe High
04.8.2013 г. 12:33:45 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8E25FB_Rarsetup.exe High
04.8.2013 г. 12:33:44 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp092BC0D7_Rarhelper.exe High
04.8.2013 г. 12:33:51 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8E2D00_Rar_is429.exe High
04.8.2013 г. 12:33:55 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8E2D0F_Rar_is429.exe High
04.8.2013 г. 12:33:55 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8EF6C8_Rarsetup.exe High
04.8.2013 г. 12:34:01 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8EF6E7_Rarsetup.exe High
04.8.2013 г. 12:34:07 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8EFE0B_Rar_is42A.exe High
04.8.2013 г. 12:34:07 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8EFE1B_Rar_is42A.exe High
04.8.2013 г. 12:34:13 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp0E8EFE2B_Rar_is42A.exe High
04.8.2013 г. 12:35:35 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemp7zS4B0.tmp51bd882b85041.exe High
04.8.2013 г. 12:35:35 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTempjrteruntERUNT.EXE High
04.8.2013 г. 12:35:40 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTempMth9BA.tmp~inst.exe High
04.8.2013 г. 12:36:00 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemporary Internet FilesContent.IE59SZH2FK0emusic_qualifier[1].exe High
04.8.2013 г. 12:36:27 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemporary Internet FilesContent.IE59ZGJYWHXsearch_defender_166[1].exe High
04.8.2013 г. 12:36:25 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyLocal SettingsTemporary Internet FilesContent.IE5E8OE9060ezdownloader[1].exe High
04.8.2013 г. 12:36:36 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsadwcleaner.exe High
04.8.2013 г. 12:36:43 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsdds.exe High
04.8.2013 г. 12:36:56 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsmbam-setup-1.75.0.1300.exe High
04.8.2013 г. 12:37:07 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsMinecraft.exe High
04.8.2013 г. 12:37:17 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsnamebench-1.3.1-Windows.exe High
04.8.2013 г. 12:37:34 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsOTL.exe High
04.8.2013 г. 12:37:55 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadssambc_lite-fb.exe High
04.8.2013 г. 12:38:17 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadssc_serv2_win32_07_31_2011(1).exe High
04.8.2013 г. 12:38:25 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadssc_serv2_win32_07_31_2011.exe High
04.8.2013 г. 12:38:51 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsshoutcast-dsp-2-1-3-windows.exe High
04.8.2013 г. 12:38:58 Disinfected virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyMy DocumentsDownloadsshoutcast-dsp-2-3-2-windows.exe High
04.8.2013 г. 12:40:35 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAdobeReader 10.0Readerreader_sl.exe High
04.8.2013 г. 12:40:24 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNeroNeroCmd.exe High
04.8.2013 г. 12:40:29 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNeroUninstallUNNero.exe High
04.8.2013 г. 12:40:41 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero BackItUpNBJ.exe High
04.8.2013 г. 12:40:40 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero BackItUpNBR.exe High
04.8.2013 г. 12:40:50 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero SoundTraxSoundTrax.exe High
04.8.2013 г. 12:40:54 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero ToolkitCDSpeed.exe High
04.8.2013 г. 12:40:59 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero ToolkitDriveSpeed.exe High
04.8.2013 г. 12:41:04 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero Wave EditorDXEnum.exe High
04.8.2013 г. 12:41:09 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero ToolkitInfoTool.exe High
04.8.2013 г. 12:41:13 Disinfected virus Virus.Win32.Sality.gen C:Program FilesAheadNero Wave EditorWaveEdit.exe High
04.8.2013 г. 12:41:17 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesATI.ACEatishlx.exe High
04.8.2013 г. 12:41:45 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesATI.ACEPreview.exe High
04.8.2013 г. 12:41:33 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesATI.ACEDXStress.exe High
04.8.2013 г. 12:42:08 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesATI.ACEMMACEPrev.exe High
04.8.2013 г. 12:41:47 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesATI.ACEPreview_FS.exe High
04.8.2013 г. 12:43:47 Disinfected virus Virus.Win32.Sality.gen C:Program FilesATI TechnologiesUninstallAllAtiCimUn.exe High
04.8.2013 г. 12:43:58 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCanonEasy-WebPrint EXMaint.exe High
04.8.2013 г. 12:43:58 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCanonMP Navigator EX 1.0MPNScan.exe High
04.8.2013 г. 12:44:06 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCanonMP Navigator EX 1.0mpncopy.exe High
04.8.2013 г. 12:44:07 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCanonBJIJPrinterCanon MP210 seriescnmvs.exe High
04.8.2013 г. 12:44:22 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCanonSolutionMenuuninst.exe High
04.8.2013 г. 12:44:31 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCheat Engine 6.3unins000.exe High
04.8.2013 г. 12:44:41 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon FilesInstallShieldDriver9Intel 32IDriver.exe High
04.8.2013 г. 12:44:34 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon FilesInstallShieldDriver9Intel 32IDriver2.exe High
04.8.2013 г. 12:44:49 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon FilesInstallShieldengine6Intel 32IKernel.exe High
04.8.2013 г. 12:44:56 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon FilesMicrosoft SharedOFFICE12ACECNFLT.EXE High
04.8.2013 г. 12:45:05 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon FilesMicrosoft SharedWindows LiveWLLoginProxy.exe High
04.8.2013 г. 12:45:12 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon Filessnp2stdtsnp2std.exe High
04.8.2013 г. 12:45:06 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon Filessnp2stdvsnp2std.exe High
04.8.2013 г. 12:45:23 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon Filessnpstd3tsnpstd3.exe High
04.8.2013 г. 12:45:15 Disinfected virus Virus.Win32.Sality.gen C:Program FilesCommon Filessnpstd3vsnpstd3.exe High
04.8.2013 г. 12:45:43 Disinfected virus Virus.Win32.Sality.gen C:Program FilesGoogleUpdateDownload{4DC8B4CA-1BDA-483E-B5FA-D3C12E15B62D}28.0.1500.9528.0.1500.95_28.0.1500.72_chrome_updater.exe High
04.8.2013 г. 12:45:54 Disinfected virus Virus.Win32.Sality.gen C:Program FilesInstallShield Installation Information{1735AD57-FD6E-4EB5-A276-56C2574D6412}setup.exe High
04.8.2013 г. 12:46:04 Disinfected virus Virus.Win32.Sality.gen C:Program FilesInstallShield Installation Information{43801800-CFEE-11D2-A41B-006097B55AD3}Setup.exe High
04.8.2013 г. 12:46:24 Disinfected virus Virus.Win32.Sality.gen C:Program FilesInstallShield Installation Information{9B94BE6F-7CA3-4C40-A266-62667FF746CC}Setup.exe High
04.8.2013 г. 12:46:24 Disinfected virus Virus.Win32.Sality.gen C:Program FilesInstallShield Installation Information{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}setup.exe High
04.8.2013 г. 12:46:55 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMalwarebytes' Anti-Malwareunins000.exe High
04.8.2013 г. 12:47:23 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft OfficeOffice12DRAT.EXE High
04.8.2013 г. 12:47:22 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft OfficeOffice12GrooveClean.exe High
04.8.2013 г. 12:47:36 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft OfficeOffice12GrooveMigrator.exe High
04.8.2013 г. 12:47:31 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft OfficeOffice12GrooveStdURLLauncher.exe High
04.8.2013 г. 12:48:36 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft SDKsWindowsv7.0Abinmt.exe High
04.8.2013 г. 12:48:34 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMicrosoft SDKsWindowsv7.0ABootstrapperPackagesVBPowerPacksenVisualBasicPowerPacksSetup.exe High
04.8.2013 г. 12:49:01 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMozilla Firefoxwebapp-uninstaller.exe High
04.8.2013 г. 12:49:24 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMozilla Firefoxmaintenanceservice_installer.exe High
04.8.2013 г. 12:49:19 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMozilla Firefoxuninstallhelper.exe High
04.8.2013 г. 12:49:10 Disinfected virus Virus.Win32.Sality.gen C:Program FilesMozilla Maintenance ServiceUninstall.exe High
04.8.2013 г. 12:50:02 Disinfected virus Virus.Win32.Sality.gen C:Program FilesRealtekInstallShieldChCfg.exe High
04.8.2013 г. 12:49:53 Disinfected virus Virus.Win32.Sality.gen C:Program FilesRealtekInstallShieldRtlUpd.exe High
04.8.2013 г. 12:50:16 Disinfected virus Virus.Win32.Sality.gen C:Program FilesSafeSaveruninstall.exe High
04.8.2013 г. 12:50:33 Disinfected virus Virus.Win32.Sality.gen C:Program FilesSHOUTcastuninstall_shoutcast-dnas-v2.exe High
04.8.2013 г. 12:50:39 Disinfected virus Virus.Win32.Sality.gen C:Program FilesSHOUTcastsc_serv.exe High
04.8.2013 г. 12:50:38 Disinfected virus Virus.Win32.Sality.gen C:Program FilesWindows LiveMessengermsvs.exe High
04.8.2013 г. 12:51:00 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP33461ChCfg.exe High
04.8.2013 г. 12:50:53 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP33461RtlUpd.exe High
04.8.2013 г. 12:51:18 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP33461SetCDfmt.exe High
04.8.2013 г. 12:51:01 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP33461Setup.exe High
04.8.2013 г. 12:51:31 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP33461WDMRtlUpd.exe High
04.8.2013 г. 12:51:12 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34019setup.exe High
04.8.2013 г. 12:51:19 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556AtiCimUn.exe High
04.8.2013 г. 12:51:47 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556CheckVer.exe High
04.8.2013 г. 12:51:29 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556issetup.exe High
04.8.2013 г. 12:51:36 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556Setup.exe High
04.8.2013 г. 12:51:56 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556ACEsetup.exe High
04.8.2013 г. 12:51:46 Disinfected virus Virus.Win32.Sality.gen C:SWSetupSP34556DriverSetup.exe High
04.8.2013 г. 12:52:09 Disinfected virus Virus.Win32.Sality.gen C:SWSetupsp40751BIOSTools.exe High
04.8.2013 г. 12:52:07 Disinfected virus Virus.Win32.Sality.gen C:WINDOWSWindowsXP-KB822603-x86.exe High
04.8.2013 г. 12:56:31 Disinfected virus Virus.Win32.Sality.gen C:WINDOWSMicrosoft.NETFrameworkv1.1.4322aspnet_regiis.exe High
04.8.2013 г. 12:58:39 Disinfected virus Virus.Win32.Sality.gen C:WINDOWSsystem32rspndr.exe High
04.8.2013 г. 12:58:50 Disinfected virus Virus.Win32.Sality.gen C:WINDOWSsystem32spupdsvc.exe High
04.8.2013 г. 13:01:28 Disinfected virus Virus.Win32.Sality.gen D:Counter-Strike 1.6 Professional Edition v2.0hl.exe High
04.8.2013 г. 13:01:27 Disinfected virus Virus.Win32.Sality.gen D:Counter-Strike 1.6 Professional Edition v2.0hlds.exe High
04.8.2013 г. 13:01:36 Disinfected virus Virus.Win32.Sality.gen D:Counter-Strike 1.6 Professional Edition v2.0hltv.exe High
04.8.2013 г. 13:02:24 Disinfected virus Virus.Win32.Sality.gen D:Counter-Strike 1.6 Professional Edition v2.0platformsteamcachedsteambackup.exe High
04.8.2013 г. 13:02:58 Disinfected virus Virus.Win32.Sality.gen D:DAEMON Tools LiteDTHelper.exe High
04.8.2013 г. 13:03:06 Disinfected virus Virus.Win32.Sality.gen D:DAEMON Tools LiteDTShellHlp.exe High
04.8.2013 г. 13:03:32 Disinfected virus Virus.Win32.Sality.gen D:DAEMON Tools Liteuninst.exe High
04.8.2013 г. 13:03:17 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDATLJabber.exe High
04.8.2013 г. 13:03:25 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDEASOUNInstaller.exe High
04.8.2013 г. 13:03:33 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDeauninstall.exe High
04.8.2013 г. 13:07:16 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDSportsWrapper.exe High
04.8.2013 г. 13:07:59 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDSupportFIFA 07_uninst.exe High
04.8.2013 г. 13:07:59 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDSupportFIFA 07_code.exe High
04.8.2013 г. 13:08:17 Disinfected virus Virus.Win32.Sality.gen D:FIFA 07 - RELOADEDSupportEReg.exe High
04.8.2013 г. 13:08:35 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderAbbyySTI.exe High
04.8.2013 г. 13:08:43 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderAdminSetup.exe High
04.8.2013 г. 13:08:44 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderAInfo.exe High
04.8.2013 г. 13:08:52 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderAutoRun.exe High
04.8.2013 г. 13:09:02 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderBusinessCardReader.exe High
04.8.2013 г. 13:09:05 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderFineExec.exe High
04.8.2013 г. 13:09:01 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderFineCmd.exe High
04.8.2013 г. 13:09:17 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderHotFolder.exe High
04.8.2013 г. 13:09:23 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew Folderinstmsiw.exe High
04.8.2013 г. 13:09:28 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderRegistrator.exe High
04.8.2013 г. 13:09:26 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderScanTwain.exe High
04.8.2013 г. 13:09:37 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderScanWia.exe High
04.8.2013 г. 13:09:35 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderSetup.exe High
04.8.2013 г. 13:09:44 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderTrigrammsInstaller.exe High
04.8.2013 г. 13:09:43 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11AbbyySTI.exe High
04.8.2013 г. 13:09:51 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11AInfo.exe High
04.8.2013 г. 13:09:51 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11Bonus.ScreenshotReader.exe High
04.8.2013 г. 13:10:00 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11BusinessCardReader.exe High
04.8.2013 г. 13:10:01 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11FineExec.exe High
04.8.2013 г. 13:10:08 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11FineCmd.exe High
04.8.2013 г. 13:10:19 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11FineReader.exe High
04.8.2013 г. 13:10:12 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11HotFolder.exe High
04.8.2013 г. 13:10:23 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11Registrator.exe High
04.8.2013 г. 13:10:21 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11ScanTwain.exe High
04.8.2013 г. 13:10:30 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11ScanWia.exe High
04.8.2013 г. 13:10:35 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderABBYY FineReader 11TrigrammsInstaller.exe High
04.8.2013 г. 13:10:43 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderCommonABBYYFineReader11.00LicensingCENetworkLicenseServer.exe High
04.8.2013 г. 13:10:46 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderLicense ServerSetup.exe High
04.8.2013 г. 13:10:57 Disinfected virus Virus.Win32.Sality.gen D:Microsoft Office 2007 Complete Version Incl CD_KeyLauncher.exe High
04.8.2013 г. 13:11:02 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderLicense ServerABBYY FineReader 11 License ServerAInfo.exe High
04.8.2013 г. 13:11:03 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderLicense ServerABBYY FineReader 11 License ServerLicenseManager.exe High
04.8.2013 г. 13:10:58 Disinfected virus Virus.Win32.Sality.gen D:Fine ReaderNew FolderLicense ServerCommonABBYYFineReader11.00LicensingCENetworkLicenseServer.exe High
04.8.2013 г. 13:11:11 Disinfected virus Virus.Win32.Sality.gen D:Hamachihamachi-2-ui.exe High
04.8.2013 г. 13:11:17 Disinfected virus Virus.Win32.Sality.gen D:Hamachihamachi-2.exe High
04.8.2013 г. 13:13:48 Disinfected virus Virus.Win32.Sality.gen D:Printer FilesCNELMAIN.EXE High
04.8.2013 г. 13:13:56 Disinfected virus Virus.Win32.Sality.gen D:Mouse Recorder Pro 2unins000.exe High
04.8.2013 г. 13:14:00 Disinfected virus Virus.Win32.Sality.gen D:Printer Filesuninst.exe High
04.8.2013 г. 13:14:24 Disinfected virus Virus.Win32.Sality.gen D:VirtualCamerauninst.exe High
04.8.2013 г. 13:14:26 Disinfected virus Virus.Win32.Sality.gen D:VirtualCameradrivervcsetup.exe High
04.8.2013 г. 13:14:32 Disinfected virus Virus.Win32.Sality.gen D:Winampuninstall_shoutcast-source-dsp-v2.exe High
04.8.2013 г. 13:14:43 Disinfected virus Virus.Win32.Sality.gen D:WinampUninstWA.exe High
04.8.2013 г. 13:14:33 Disinfected virus Virus.Win32.Sality.gen D:Winampwinampa.exe High
04.8.2013 г. 13:14:56 Disinfected virus Virus.Win32.Sality.gen D:WinampSHOUTcastuninstall_shoutcast-dnas-v2.exe High
04.8.2013 г. 13:14:53 Disinfected virus Virus.Win32.Sality.gen D:WinampSHOUTcastsc_serv.exe High
04.8.2013 г. 13:19:24 Disinfected virus Virus.Win32.Sality.gen D:Your Uninstaller! 7fos.exe High
04.8.2013 г. 13:19:17 Disinfected virus Virus.Win32.Sality.gen D:Winamp DetectUninstWaDetect.exe High
04.8.2013 г. 13:19:17 Disinfected virus Virus.Win32.Sality.gen D:Your Uninstaller! 7autoupdater.exe High
04.8.2013 г. 13:19:24 Disinfected virus Virus.Win32.Sality.gen D:Your Uninstaller! 7inimerge.exe High
04.8.2013 г. 13:19:31 Disinfected virus Virus.Win32.Sality.gen D:Your Uninstaller! 7unins000.exe High
Status: Absent   (events: 14)
04.8.2013 г. 14:20:53 Not found virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyApplication DataGameRangerGameRangerGameRanger.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Backdoor.PHP.C99Shell.h C:Documents and SettingsqwertyDesktopc99_PSych0.php High
04.8.2013 г. 14:20:53 Not found Trojan program Backdoor.ASP.Ace.so C:Documents and SettingsqwertyDesktopUmer.asp.txt High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-Proxy.Win32.Agent.gml C:Documents and SettingsqwertyLocal SettingsTempnafycs.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-PSW.Win32.Agent.aeuw C:Documents and SettingsqwertyLocal SettingsTempwinagfk.exe//UPX High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan.Win32.Agent.hwqm C:Documents and SettingsqwertyLocal SettingsTempwinfgwh.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-Proxy.Win32.Agent.gml c:documents and settingsqwertylocal settingstempnafycs.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan.Win32.Agent.hwqm c:documents and settingsqwertylocal settingstempwinfgwh.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-PSW.Win32.Agent.aeuw c:documents and settingsqwertylocal settingstempwinagfk.exe//UPX High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-PSW.Win32.Agent.aeuw c:Documents and SettingsqwertyLocal SettingsTempwinagfk.exe//UPX High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan.Win32.Agent.hwqm c:Documents and SettingsqwertyLocal SettingsTempwinfgwh.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Trojan-Proxy.Win32.Agent.gml c:Documents and SettingsqwertyLocal SettingsTempnafycs.exe High
04.8.2013 г. 14:20:53 Not found Trojan program Backdoor.PHP.C99Shell.h c:Documents and SettingsqwertyDesktopc99_PSych0.php High
04.8.2013 г. 14:20:53 Not found Trojan program Backdoor.ASP.Ace.so c:Documents and SettingsqwertyDesktopUmer.asp.txt High
Status: Deleted   (events: 10)
04.8.2013 г. 14:13:35 Deleted adware not-a-virus:AdWare.Win32.MegaSearch.am C:Documents and SettingsqwertyDesktopСтари данни Firefox-1extensionsmfmpzzh@s-piu.orgcontentbg.js Medium
04.8.2013 г. 14:13:38 Deleted adware not-a-virus:AdWare.Win32.MegaSearch.am C:Documents and SettingsqwertyDesktopСтари данни Firefox-1extensionsqorrrsl@rwpm-.orgcontentbg.js Medium
04.8.2013 г. 14:31:22 Deleted virus HEUR:HackTool.MSIL.Flooder.gen C:Documents and SettingsqwertyLocal SettingsTempsms.iso//sms bomber.exe High
04.8.2013 г. 14:29:14 Deleted Trojan program Trojan.Win32.AutoRun.gen d:autorun.inf High
04.8.2013 г. 12:23:53 Deleted virus Virus.Win32.Sality.gen C:Documents and SettingsqwertyApplication Datajxpiinstall.exe High
04.8.2013 г. 14:13:40 Deleted adware not-a-virus:AdWare.Win32.MegaSearch.am C:Documents and SettingsqwertyLocal SettingsTemp7zS4B0.tmpla_ihy@lsl-iiey.netcontentbg.js Medium
04.8.2013 г. 14:16:07 Deleted Trojan program Backdoor.ASP.Ace.so C:RECYCLERS-1-5-21-839522115-507921405-1417001333-1004Dc66.txt High
04.8.2013 г. 14:15:44 Deleted Trojan program Backdoor.PHP.C99Shell.h C:RECYCLERS-1-5-21-839522115-507921405-1417001333-1004Dc64.php High
04.8.2013 г. 14:29:14 Deleted Trojan program Trojan.Win32.AutoRun.gen D:autorun.inf High
04.8.2013 г. 14:31:22 Deleted virus HEUR:HackTool.MSIL.Flooder.gen C:Documents and SettingsqwertyLocal SettingsTempsms.iso High
Status: Quarantined   (events: 1)
04.8.2013 г. 13:03:52 Quarantined virus HEUR:Virus.Win32.Generic D:hxeg.pif High
 

report.txt

 

14:40:33:937 0692 scanning threads ...

14:40:48:703 0692
14:40:48:703 0692 scanning processes ...
14:40:48:734 0692
14:40:48:734 0692 removing autorun.inf files ...
14:40:48:921 0692
14:40:48:921 0692 Restoring show hidden and system files
14:40:48:921 2096
Monitoring thread started
14:40:48:921 0692
14:40:48:921 0692 Disabling autorun on all drive types
14:40:48:921 0692
14:40:48:937 0692 restoring SafeBoot registry node
14:40:48:937 0692 Restoring safe/network boot registry branches for windows XP
14:40:49:140 0692
14:40:49:140 0692 fixing registry ...
14:40:49:140 0692 SalityRegCure: Restoring general registry keys
14:40:49:140 0692 SalityRegCure: Fixing system.ini
14:40:49:140 0692
14:40:49:140 0692 scanning drives ...
14:40:49:140 0692 scanning C: ...
15:08:04:750 0692 scanning D: ...
15:14:37:609 0692
15:14:37:609 2096
Monitoring thread stopped
15:14:37:640 0692
completed
15:14:37:640 0692 Infected files: 0
15:14:37:640 0692 Infected processes: 0
15:14:37:640 0692 Infected threads: 0
15:14:37:640 0692 Cured files: 0
15:14:37:656 0692 Will be cured on reboot: 0
15:14:37:656 0692 Executed registry scripts: 6
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Aaaa ..не сме приключили..:
 
Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук и го запазете на десктопа си
Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs
Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.
Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repai режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.

  • [*]Следвайте инструкциите, за да позволите на
ComboFix да изтегли и инсталира Microsoft Windows Recovery Console.В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.

** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.
 
Публикувано изображение
 
След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:
 
Публикувано изображение
Изберете Yes, за да продължи сканирането за зловреден софтуер.
Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:ComboFix.txt в следващия Ви коментар в тази тема.
Бележка:

  • [*]Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа. [*]ComboFix ще нулира всички настройки на
Microsoft Internet Explorer, включително да направи IE браузър по подразбиране. [*]ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразява чрез autorun. Ако това е проблем за вас - моля, уведомете ме. [*]ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си. [*]В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:BUG.txt в следващия Ви коментар в тази тема.

Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 

ComboFix 13-08-04.01 - qwerty 08.2013 г.  23:01:27.1.2 - x86 Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.894.68 [GMT 3:00] Running from: c:documents and settingsqwertyMy DocumentsDownloadsComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . C:autorun.inf c:documents and settingsAll UsersApplication DataTEMP c:documents and settingsqwertyApplication Datajxpiinstall.exe c:windowssystem32SET12.tmp c:windowssystem32SET13.tmp c:windowsXSxS . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------Legacy_AMSINT32 -------Service_amsint32 . . ((((((((((((((((((((((((( Files Created from 2013-07-04 to 2013-08-04  ))))))))))))))))))))))))))))))) . . 2013-08-04 18:02 . 2013-08-04 18:35  --------  d-----w-  c:program filesSHOUTcast 2013-08-04 16:32 . 2013-08-04 16:32  --------  d-----w-  c:program filesShoutCastGUI 2013-08-04 15:56 . 2013-08-04 16:17  --------  d-----w-  c:documents and settingsqwertyApplication DataWinamp 2013-08-04 15:52 . 2013-08-04 15:57  --------  d-----w-  c:documents and settingsAll UsersApplication Datafirebird 2013-08-04 15:52 . 2013-08-04 15:52  --------  d-----w-  c:documents and settingsqwertyLocal SettingsApplication DataSpacialAudio 2013-08-04 15:48 . 2013-03-19 08:02  552960  ----a-w-  c:windowssystem32GDS32.DLL 2013-08-04 15:47 . 2013-08-04 15:47  --------  d-----w-  c:program filesFirebird 2013-08-04 12:42 . 2013-08-04 12:42  --------  d-----w-  c:program filesCommon FilesJava 2013-08-04 12:41 . 2013-08-04 12:41  144896  ----a-w-  c:windowssystem32javacpl.cpl 2013-08-04 12:41 . 2013-08-04 12:41  94632  ----a-w-  c:windowssystem32WindowsAccessBridge.dll 2013-08-04 12:41 . 2013-08-04 12:41  --------  d-----w-  c:program filesJava 2013-08-04 12:33 . 2013-08-04 12:33  --------  d-----w-  c:documents and settingsqwertyApplication DataRoboForm 2013-08-04 12:31 . 2013-08-04 12:31  --------  d-----w-  c:documents and settingsAll UsersApplication DataRoboForm 2013-08-04 12:29 . 2013-08-04 12:29  --------  d-----w-  c:program filesSiber Systems 2013-08-04 12:27 . 2013-08-04 12:27  369584  ----a-w-  c:windowssystem32driversaswSP.sys 2013-08-04 12:27 . 2013-05-09 08:59  29816  ----a-w-  c:windowssystem32driversaswFsBlk.sys 2013-08-04 12:27 . 2013-05-09 08:59  49760  ----a-w-  c:windowssystem32driversaswRdr.sys 2013-08-04 12:27 . 2013-08-04 12:27  770344  ----a-w-  c:windowssystem32driversaswSnx.sys 2013-08-04 12:27 . 2013-05-09 08:59  56080  ----a-w-  c:windowssystem32driversaswTdi.sys 2013-08-04 12:27 . 2013-08-04 12:27  175176  ----a-w-  c:windowssystem32driversaswVmm.sys 2013-08-04 12:27 . 2013-05-09 08:59  49376  ----a-w-  c:windowssystem32driversaswRvrt.sys 2013-08-04 12:27 . 2013-05-09 08:59  66336  ----a-w-  c:windowssystem32driversaswMonFlt.sys 2013-08-04 12:27 . 2013-05-09 08:58  229648  ----a-w-  c:windowssystem32aswBoot.exe 2013-08-04 12:24 . 2013-05-09 08:58  41664  ----a-w-  c:windowsavastSS.scr 2013-08-04 12:23 . 2013-08-04 12:23  --------  d-----w-  c:program filesAVAST Software 2013-08-04 12:23 . 2013-08-04 12:23  --------  d-----w-  c:documents and settingsAll UsersApplication DataAVAST Software 2013-08-04 11:27 . 2013-08-04 11:27  --------  d-----w-  c:windowsLastGood.Tmp 2013-08-04 09:29 . 2013-08-04 09:29  --------  d--h--w-  c:windowsPIF 2013-08-03 05:46 . 2013-08-03 05:46  40776  ----a-w-  c:windowssystem32driversmbamswissarmy.sys 2013-08-03 05:35 . 2013-08-03 05:35  --------  d-----w-  c:documents and settingsqwertyApplication DataURSoft 2013-08-02 11:32 . 2008-04-14 02:42  53760  -c--a-w-  c:windowssystem32dllcachevfwwdm32.dll 2013-08-02 11:32 . 2008-04-14 02:42  53760  ----a-w-  c:windowssystem32vfwwdm32.dll 2013-08-01 06:29 . 2013-08-01 06:29  --------  d-----w-  c:program filesGabest 2013-07-30 19:08 . 2013-08-04 09:22  270336  ----a-w-  c:windowstsnpstd3.exe 2013-07-30 19:08 . 2013-08-04 09:21  835584  ----a-w-  c:windowsvsnpstd3.exe 2013-07-30 19:08 . 2008-04-14 09:59  10423936  ----a-w-  c:windowssystem32driverssnpstd3.sys 2013-07-30 19:08 . 2008-02-21 14:15  3968  ----a-w-  c:windowssystem32driversDeNoise.sys 2013-07-30 19:08 . 2008-04-09 11:30  61440  ----a-w-  c:windowssystem32vsnpstd3.dll 2013-07-30 19:08 . 2007-07-23 15:04  155648  ----a-w-  c:windowssystem32rsnpstd3.dll 2013-07-30 19:08 . 2005-11-23 10:55  53248  ----a-w-  c:windowssystem32csnpstd3.dll 2013-07-30 19:08 . 2005-11-23 10:55  53248  ----a-w-  c:windowscsnpstd3.dll 2013-07-30 19:08 . 2013-07-30 19:08  --------  d-----w-  c:program filesCommon Filessnpstd3 2013-07-30 19:07 . 2013-07-30 19:07  --------  d-----w-  c:documents and settingsqwertyApplication DataInstallShield 2013-07-30 18:44 . 2013-08-04 09:52  349472  ----a-w-  c:windowsWindowsXP-KB822603-x86.exe 2013-07-30 18:44 . 2013-08-04 09:21  258048  ----a-w-  c:windowstsnp2std.exe 2013-07-30 18:44 . 2007-01-25 15:48  25472  ----a-w-  c:windowssystem32driverssncamd.sys 2013-07-30 18:44 . 2006-09-15 10:21  675840  ----a-w-  c:windowsvsnp2std.exe 2013-07-30 18:44 . 2007-03-30 11:41  12033024  ----a-w-  c:windowssystem32driverssnp2sxp.sys 2013-07-30 18:44 . 2013-07-30 18:44  --------  d-----w-  c:program filesCommon Filessnp2std 2013-07-30 18:44 . 2007-03-29 13:04  249856  ----a-w-  c:windowssystem32vsnp2std.dll 2013-07-30 18:44 . 2006-11-16 12:57  77824  ----a-w-  c:windowssystem32csnp2std.dll 2013-07-30 18:44 . 2006-10-12 14:21  151552  ----a-w-  c:windowssystem32rsnp2std.dll 2013-07-30 18:21 . 2013-08-04 09:21  20480  ----a-w-  c:windowsFixCamera.exe 2013-07-30 18:21 . 2007-09-06 13:56  98304  ----a-w-  c:windowsamcap.exe 2013-07-27 22:06 . 2013-07-27 22:59  --------  d-----w-  c:program filesGoogle 2013-07-27 21:56 . 2013-08-04 12:45  --------  d-----w-  c:documents and settingsAll UsersApplication DataAvira 2013-07-11 20:00 . 2013-07-11 20:00  --------  d-----w-  c:documents and settingsqwertyApplication DataMalwarebytes 2013-07-11 20:00 . 2013-07-11 20:00  --------  d-----w-  c:documents and settingsAll UsersApplication DataMalwarebytes 2013-07-11 20:00 . 2013-08-04 09:22  --------  d-----w-  c:program filesMalwarebytes' Anti-Malware 2013-07-11 20:00 . 2013-04-04 11:50  22856  ----a-w-  c:windowssystem32driversmbam.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2013-08-04 12:41 . 2013-03-06 15:30  867240  ----a-w-  c:windowssystem32npDeployJava1.dll 2013-08-04 12:41 . 2013-03-06 15:30  789416  ----a-w-  c:windowssystem32deployJava1.dll 2013-08-04 09:58 . 2013-02-18 12:00  26144  ----a-w-  c:windowssystem32spupdsvc.exe 2013-08-04 09:58 . 2008-05-29 10:04  10752  ----a-w-  c:windowssystem32rspndr.exe 2013-08-04 09:21 . 2013-03-05 12:40  155648  ----a-w-  c:windowssystem32NeroCheck.exe 2013-06-30 11:06 . 2013-06-28 08:42  205984  ----a-w-  c:documents and settingsAll UsersApplication DataMicrosoftVBExpress10.01033ResourceCache.dll 2013-06-12 05:08 . 2013-02-19 09:45  71048  ----a-w-  c:windowssystem32FlashPlayerCPLApp.cpl 2013-06-12 05:08 . 2013-02-19 09:45  692104  ----a-w-  c:windowssystem32FlashPlayerApp.exe 2013-06-07 21:56 . 2009-03-08 03:34  920064  ----a-w-  c:windowssystem32wininet.dll 2013-06-07 21:56 . 2009-03-08 03:34  43520  ----a-w-  c:windowssystem32licmgr10.dll 2013-06-07 21:56 . 2009-03-08 03:34  1469440  ----a-w-  c:windowssystem32inetcpl.cpl 2013-06-07 20:55 . 2009-03-08 03:35  385024  ----a-w-  c:windowssystem32html.iec 2013-06-04 07:23 . 2008-04-14 12:00  562688  ----a-w-  c:windowssystem32qedit.dll 2013-06-04 01:40 . 2009-02-09 11:08  1876736  ----a-w-  c:windowssystem32win32k.sys 2013-05-08 21:28 . 2008-06-17 08:38  1543680  ----a-w-  c:windowssystem32wmvdecod.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionexplorershelliconoverlayidentifiers00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOTCLSID{472083B0-C522-11CF-8763-00608CC02F24}] 2013-05-09 08:58  121968  ----a-w-  c:program filesAVAST SoftwareAvastashShell.dll . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "DAEMON Tools Lite"="d:daemon tools liteDTLite.exe" [2013-08-04 3674320] "northbridge"="c:intelnorthbridge.bat" [2013-06-04 50] "RoboForm"="c:program filesSiber SystemsAI RoboFormRoboTaskBarIcon.exe" [2013-08-04 96056] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "DWPersistentQueuedReporting"="c:program filesCommon FilesMicrosoft SharedDWDWTRIG20.EXE" [2011-07-27 434080] "ATICCC"="c:program filesATI TechnologiesATI.ACECLIStart.exe" [2013-08-04 90112] "NeroFilterCheck"="c:windowssystem32NeroCheck.exe" [2013-08-04 155648] "GrooveMonitor"="c:program filesMicrosoft OfficeOffice12GrooveMonitor.exe" [2009-02-26 30040] "Adobe ARM"="c:program filesCommon FilesAdobeARM1.0AdobeARM.exe" [2013-05-10 958576] "Bonus.SSR.FR11"="d:fine readerNew FolderBonus.ScreenshotReader.exe" [2013-08-04 933640] "CanonSolutionMenu"="c:program filesCanonSolutionMenuCNSLMAIN.exe" [2013-08-04 767312] "FixCamera"="c:windowsFixCamera.exe" [2013-08-04 20480] "tsnp2std"="c:windowstsnp2std.exe" [2013-08-04 258048] "snpstd3"="c:windowsvsnpstd3.exe" [2013-08-04 835584] "tsnpstd3"="c:windowstsnpstd3.exe" [2013-08-04 270336] "avast"="c:program filesAVAST SoftwareAvastavastUI.exe" [2013-05-09 4858968] "SunJavaUpdateSched"="c:program filesCommon FilesJavaJava Updatejusched.exe" [2013-03-12 253816] . [HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun] "CTFMON.EXE"="c:windowssystem32CTFMON.EXE" [2008-04-14 15360] . c:documents and settingsqwertyStart MenuProgramsStartup On-Screen Keyboard.lnk - c:windowssystem32osk.exe [2008-6-13 215552] . [HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciessystem] "EnableLUA"= 0 (0x0) . [HKEY_LOCAL_MACHINEsoftwaremicrosoftshared toolsmsconfigservices] "Hamachi2Svc"=2 (0x2) . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) "DisableNotifications"= 1 (0x1) . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe"= "c:Program FilesWindows LiveMessengerwlcsdk.exe"= "c:Program FilesWindows LiveMessengermsnmsgr.exe"= "%windir%system32sessmgr.exe"= "d:uTorrent.exe"= "c:Program FilesNeroNero Blu-ray PlayerBlu-rayPlayer.exe"= "c:Program FilesNeroKMKwikMedia.exe"= "c:Program FilesMicrosoft OfficeOffice12OUTLOOK.EXE"= "c:Program FilesMicrosoft OfficeOffice12GROOVE.EXE"= "c:Program FilesMicrosoft OfficeOffice12ONENOTE.EXE"= "c:Program FilesJavajre7binjavaw.exe"= "c:WINDOWSsystem32java.exe"= "c:WINDOWSsystem32javaw.exe"= "c:Documents and SettingsqwertyApplication DataGameRangerGameRangerGameRanger.exe"= "d:FIFA 07 - RELOADEDfifa07.exe"= "c:Documents and SettingsqwertyLocal SettingsApplication DataGoogleGoogle Talk Plugingoogletalkplugin.exe"= "c:Program FilesSkypePhoneSkype.exe"= "c:Program FilesATI TechnologiesATI.ACECLIStart.exe"= "c:WINDOWSsystem32wuauclt.exe"= "c:Program FilesATI TechnologiesATI.ACECLI.EXE"= "c:WINDOWSsystem32taskmgr.exe"= "c:Program FilesMozilla Firefoxfirefox.exe"= "c:Intelintel.exe"= "c:WINDOWSFixCamera.exe"= "c:Documents and SettingsqwertyDesktopWinsockxpFix.exe"= "c:WINDOWStsnp2std.exe"= "c:Program FilesGoogleChromeApplicationchrome.exe"= "c:Program FilesMozilla Firefoxplugin-container.exe"= "c:Program FilesAdobeReader 10.0ReaderReader_sl.exe"= "c:WINDOWSvsnpstd3.exe"= . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileGloballyOpenPortsList] "25565:TCP"= 25565:TCP:Minecraft "8000:TCP"= 8000:TCP:Радио "8001:TCP"= 8001:TCP:Радио "8000:UDP"= 8000:UDP:Радио "8001:UDP"= 8001:UDP:Радио . R0 aswRvrt;aswRvrt;c:windowssystem32driversaswRvrt.sys [04.8.2013 г. 15:27 49376] R0 aswVmm;aswVmm;c:windowssystem32driversaswVmm.sys [04.8.2013 г. 15:27 175176] R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [04.8.2013 г. 15:27 770344] R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [04.8.2013 г. 15:27 369584] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:windowssystem32driversdtsoftbus01.sys [04.3.2013 г. 22:36 242240] R2 ABBYY.Licensing.FineReader.Corporate.11.0;ABBYY FineReader 11 CE Licensing Service;c:program filesCommon FilesABBYYFineReader11.00LicensingCENetworkLicenseServer.exe [22.12.2011 г. 19:11 818952] R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [04.8.2013 г. 15:27 29816] R2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [04.8.2013 г. 15:27 66336] R2 FirebirdGuardianDefaultInstance;Firebird Guardian - DefaultInstance;c:program filesFirebirdFirebird_2_5binfbguard.exe [04.8.2013 г. 18:47 98304] R2 NAUpdate;Nero Update;c:program filesNeroUpdateNASvc.exe [13.7.2012 г. 17:27 769432] R2 Skype C2C Service;Skype C2C Service;c:documents and settingsAll UsersApplication DataSkypeToolbarsSkype C2C Servicec2c_service.exe [31.1.2013 г. 10:38 3289208] R3 FirebirdServerDefaultInstance;Firebird Server - DefaultInstance;c:program filesFirebirdFirebird_2_5binfbserver.exe [04.8.2013 г. 18:47 3784704] S2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [28.7.2013 г. 01:06 116648] S2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;d:hamachi-2.exe -s --> d:hamachi-2.exe -s [?] S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [28.2.2013 г. 18:45 161384] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [28.7.2013 г. 01:06 116648] S3 MBAMSwissArmy;MBAMSwissArmy;c:windowssystem32driversmbamswissarmy.sys [03.8.2013 г. 08:46 40776] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - ASWRVRT *NewlyCreated* - ASWSNX *NewlyCreated* - WS2IFSL *Deregistered* - 41789940 . [HKEY_LOCAL_MACHINEsoftwaremicrosoftactive setupinstalled components{8A69D345-D564-463c-AFF1-A69D9E530F96}] 2013-07-31 23:43  1173456  ----a-w-  c:program filesGoogleChromeApplication28.0.1500.95Installerchrmstp.exe . Contents of the 'Scheduled Tasks' folder . 2013-08-04 c:windowsTasksAdobe Flash Player Updater.job - c:windowssystem32MacromedFlashFlashPlayerUpdateService.exe [2013-02-19 05:08] . 2013-08-04 c:windowsTasksavast! Emergency Update.job - c:program filesAVAST SoftwareAvastAvastEmUpdate.exe [2013-08-04 08:58] . 2013-08-03 c:windowsTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2013-07-27 16:48] . 2013-08-04 c:windowsTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2013-07-27 16:48] . 2013-08-03 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-839522115-507921405-1417001333-1004Core.job - c:documents and settingsqwertyLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2013-04-08 12:10] . 2013-08-04 c:windowsTasksGoogleUpdateTaskUserS-1-5-21-839522115-507921405-1417001333-1004UA.job - c:documents and settingsqwertyLocal SettingsApplication DataGoogleUpdateGoogleUpdate.exe [2013-04-08 12:10] . . ------- Supplementary Scan ------- . IE: E&xport to Microsoft Excel - c:progra~1MICROS~4Office12EXCEL.EXE/3000 TCP: DhcpNameServer = 172.16.1.1 FF - ProfilePath - c:documents and settingsqwertyApplication DataMozillaFirefoxProfileswahsbg9c.default-1373472550146 FF - ExtSQL: 2013-08-04 15:25; wrc@avast.com; c:program filesAVAST SoftwareAvastWebRepFF FF - ExtSQL: 2013-08-04 15:31; {22119944-ED35-4ab1-910B-E619EA06A115}; c:program filesSiber SystemsAI RoboFormFirefox . - - - - ORPHANS REMOVED - - - - . HKLM-Run-LogMeIn Hamachi Ui - D:hamachi-2-ui.exe c:documents and settingsqwertyStart MenuProgramsStartup_uninst_22855274.lnk - c:documents and settingsqwertyLocal SettingsTemp_uninst_22855274.bat MSConfigStartUp-LogMeIn Hamachi Ui - D:hamachi-2-ui.exe AddRemove-CanonMyPrinter - d:printeruninst.exe AddRemove-Counter-Strike 1.6 Professional Edition v2.0 - d:new folder (3)Counter-Strike 1.6 Professional Edition v2.0Uninstall.exe AddRemove-Easy-PhotoPrint EX - D:uninst.exe AddRemove-{46541929-EDB0-6A3B-9ECE-756E0CAE49F4} - c:docume~1ALLUSE~1APPLIC~1INSTAL~1{7AE2C~1Setup.exe AddRemove-{AB583BA2-DCFA-2C80-4F6E-E3716F4A541F} - c:docume~1ALLUSE~1APPLIC~1INSTAL~1{A9178~1Setup.exe AddRemove-{F3D81B4B-8243-1399-699B-71FF5793B73A} - c:docume~1ALLUSE~1APPLIC~1INSTAL~1{76A09~1Setup.exe AddRemove-Winamp Detect - d:winamp detectUninstWaDetect.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2013-08-04 23:17 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ...   . scanning hidden autostart entries ... . scanning hidden files ...   . . c:windowsTEMP_avast_unp183608098.tmp 131388 bytes . scan completed successfully hidden files: 1 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:WINDOWSsystem32MacromedFlashFlashUtil32_11_7_700_224_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}LocalServer32] @="c:WINDOWSsystem32MacromedFlashFlashUtil32_11_7_700_224_ActiveX.exe" . [HKEY_LOCAL_MACHINEsoftwareClassesCLSID{73C9DFA0-750D-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}] @Denied: (A 2) (Everyone) @="IFlashBroker5" . [HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINEsoftwareClassesInterface{6AE38AE0-750C-11E1-B0C4-0800200C9A66}TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(616) c:windowssystem32Ati2evxx.dll . - - - - - - - > 'explorer.exe'(1524) c:windowssystem32WININET.dll c:windowssystem32msi.dll c:windowsWinSxSx86_Microsoft.VC80.CRT_1fc8b3b9a1e18e3b_8.0.50727.6195_x-ww_44262b86MSVCR80.dll c:progra~1WINDOW~4wmpband.dll c:windowssystem32ieframe.dll c:windowssystem32webcheck.dll c:windowssystem32WPDShServiceObj.dll c:windowssystem32PortableDeviceTypes.dll c:windowssystem32PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:windowssystem32Ati2evxx.exe c:program filesAVAST SoftwareAvastAvastSvc.exe c:windowssystem32Ati2evxx.exe c:program filesJavajre7binjqs.exe c:program filesGoogleUpdate1.3.21.153GoogleCrashHandler.exe c:intelintel.exe c:windowssystem32MSSWCHX.EXE c:windowssystem32wscntfy.exe c:program filesATI TechnologiesATI.ACECLI.EXE c:program filesATI TechnologiesATI.ACEcli.exe c:windowssystem32wbemwmiapsrv.exe . ************************************************************************** . Completion time: 2013-08-04  23:22:39 - machine was rebooted ComboFix-quarantined-files.txt  2013-08-04 20:22 . Pre-Run: 17 428 692 992 bytes free Post-Run: 18 910 593 024 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)WINDOWS [operating systems] c:cmdconsBOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - AC428D7446CA42498A9AF63091C55ACC 8F558EB6672622401DA993E1E865C861  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..извинявам се за закъснението..но бях ангажиран..!
 
Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук (не забравяйте да обновите програмата с нови дефиниции)
* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
* Ако има намерени обновявания, тя ще ги изтегли и инсталира.
* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата
* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.
Копирайте този лог и го публикувайте в следващия си коментар по темата.
  Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.
 

Публикувано изображение Изтеглете програмата: ESET Online Scanner

  • [*]Стартирайте esetsmartinstaller_enu.exe Публикувано изображение [*]Сложете отметка на
YES, I accept the Terms of Use и изберете Start:

  • [*]Публикувано изображение

  • [*]Скенерът ще започне да изтегля компонентите, които са му необходими:

  • [*]Публикувано изображение

Уверете се, че е премахната отметката от:

  • [*]
Remove found threats

Уверете се че са маркирани следните позиции:

  • [*]
Scan Archives

Кликнете върху Advanced Settings и маркирайте следните опции:

  • [*]
Scan for potentially unwanted applications [*]Scan for potentially unsafe applications [*]Enable Anti-Stealth Technology

Накрая изберете Start
Скенерът ще започне да изтегля последните дефиниции.

  • [*]След, като сканирането завърши изберете
Finish. [*]Отидете в: C:Program FilesESETESET Online Scanner [*]Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

MBAM

 

Malwarebytes Anti-Malware 1.75.0.1300

www.malwarebytes.org
 
Версия на базата от данни: v2013.08.09.02
 
Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
qwerty :: PCV [администратор]
 
09.8.2013 г. 10:08:48
MBAM-log-2013-08-09 (13-07-31).txt
 
Тип сканиране: Пълно сканиране (C:|D:|E:|F:|G:|H:|I:|J:|)
Включени опции за сканиране: Памет | Автоматично зареждане | Системен регистър | Файлова система | Евристики/Допълнителни | Евристики/Shuriken | PUP | PUM
Изключени опции за сканиране: P2P
Сканирани обекти: 286770
Изминало време: 1 час(а), 2 минута(и), 58 секунда(и)
 
Открити процеси в паметта: 0
(Не бяха открити зловредни обекти)
 
Открити модули в паметта: 0
(Не бяха открити зловредни обекти)
 
Открити ключове в системния регистър: 0
(Не бяха открити зловредни обекти)
 
Открити стойности в системния регистър: 0
(Не бяха открити зловредни обекти)
 
Открити информационни обекти в системния регистър: 0
(Не бяха открити зловредни обекти)
 
Открити папки: 0
(Не бяха открити зловредни обекти)
 
Открити файлове: 1
C:Documents and SettingsqwertyMy DocumentsDownloadssam broadcaster v 4.2.2.zip (RiskWare.Tool.HCK) -> Не беше предприето действие.
 
(край)
 

 

 

ESET

C:Documents and SettingsAll UsersApplication DataSecTaskManFixCamera.exe.q_Quarantine_2CF5000_q a variant of Win32/KillProc.A application

C:Documents and SettingsAll UsersApplication DataSecTaskManintel.exe.q_Quarantine_149DC04_q a variant of Win32/BitCoinMiner.W application
C:Documents and SettingsqwertyDesktopyusetup7.exe Win32/Toolbar.Zugo application
C:Documents and SettingsqwertyMy DocumentsDownloadsPCMAX_AF_ErrorsFix_Setup.exe a variant of Win32/RegistryNuke application
C:Documents and SettingsqwertyMy DocumentsDownloadsSoftonicDownloader_for_process-scanner.exe Win32/SoftonicDownloader.E application
C:Documents and SettingsqwertyMy DocumentsDownloadsspam.vbs VBS/HackTool.Skype.B trojan
C:Documents and SettingsqwertyMy DocumentsDownloadswinamp565_full_emusic-7plus_all.exe Win32/OpenCandy application
C:Intelintel32.exe a variant of Win32/BitCoinMiner.W application
C:Intelstart.exe a variant of Win32/HiddenStart.B application
C:Program FilesCheat Engine 6.3cheatengine-i386.exe a variant of Win32/HackTool.CheatEngine.AB application
C:Program FilesCheat Engine 6.3standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF application
C:Program FilesSafeSaversprotector.dll a variant of Win32/SProtector.A application
C:System Volume Information_restore{49383A7A-558A-4A7A-9EC8-CD0AC878EC6E}RP2A0000109.exe a variant of Win32/BitCoinMiner.W application
C:System Volume Information_restore{49383A7A-558A-4A7A-9EC8-CD0AC878EC6E}RP4A0000112.exe a variant of Win32/KillProc.A application
D:Advanced Fix 2013AdvancedFix.exe a variant of Win32/RegistryNuke application
 

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:

 

KILLALL::File::C:Documents and SettingsAll UsersApplication DataSecTaskManFixCamera.exe.q_Quarantine_2CF5000_qC:Documents and SettingsAll UsersApplication DataSecTaskManintel.exe.q_Quarantine_149DC04_q C:Intelintel32.exe C:System Volume Information_restore{49383A7A-558A-4A7A-9EC8-CD0AC878EC6E}RP2A0000109.exeC:System Volume Information_restore{49383A7A-558A-4A7A-9EC8-CD0AC878EC6E}RP4A0000112.exe 
След съхранението преместете  CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт копирайте  и го поставете в следващия си коментар...!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Тогава да считам че проблема ви е решен...!
 
Деинсталирайте ComboFix така:

  • [*]Натиснете Start ==> Run ==> въведете командата
Combofix /Uninstall ==> OK

  • [*]Публикувано изображение

  • [*]Моля, следвайте инструкциите, за да деинсталирате ComboFix. Ще получите съобщение, в което се казва ComboFix е деинсталиран успешно.

Публикувано изображение Изтеглете Публикувано изображениеOTCleanIt или от тук,стартирайте и натиснете Публикувано изображение

 
Публикувано изображение Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools => натиснете бутона Run Инструмента ще се самоизтрие след като приключи своята задача!

 
Публикувано изображение Деинсталирайте ESET Online Scaner.

  • [*]
Start => Run, въведете control appwiz.cpl в полето.След това натиснете ENTER. [*]Изберете ESET Online Scanner от списъка с приложения, а след това маркирайте Remove. Aко бъдете подканени рестартирайте компютъра си.

 

Публикувано изображение Изтрийте всичко друго което е останало след процедурите (използвано в лечението).Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!

 

Стартирайте PatchMyPC и инсталирайте всички ъпдейти, които инструмента ви предложи.

 

Маркирам случая като "Решен"..! Пожелавам ви лек ден и безопасен интернет..! :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Преди 3 години имах проблем с полиморфен вирус и тия неща, които сте му написали няма да оправят проблема перманентно. Полиморфните вируси се самокопират по системните папки на всички дялове (System Volume Information и т.н.) и дори да намериш антивирусна, която да го изтрие от един дял, вирусът автоматично се копира обратно от другите дялове. Единственото генерално и бързо решение на проблема е да си качиш важните неща на ДВД дискове (не на преносим хард или флашка, защото вирусът ще отиде и там) и да направиш цялостен формат на хард диска (или хард дисковете, ако са повече от един), като промениш размера на дяловете. Просто форматиране на дяловете без промяна на размера им не помага - знам го от личен опит. След като форматирах и двата дяла и инсталирах ОС въпросната гадина пак се появи. Единственото, което помогна беше да променя размерите. Преди формата дяловете ми бяха с размери съответно 35000 MB и 85000 MB. За да изчезне вирусът ги направих 34999 и 84999 MB. Това ми реши проблема перманентно.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Преди 3 години имах проблем с полиморфен вирус и тия неща, които сте му написали няма да оправят проблема перманентно. Полиморфните вируси се самокопират по системните папки на всички дялове (System Volume Information и т.н.) и дори да намериш антивирусна, която да го изтрие от един дял, вирусът автоматично се копира обратно от другите дялове. Единственото генерално и бързо решение на проблема е да си качиш важните неща на ДВД дискове (не на преносим хард или флашка, защото вирусът ще отиде и там) и да направиш цялостен формат на хард диска (или хард дисковете, ако са повече от един), като промениш размера на дяловете. Просто форматиране на дяловете без промяна на размера им не помага - знам го от личен опит. След като форматирах и двата дяла и инсталирах ОС въпросната гадина пак се появи. Единственото, което помогна беше да променя размерите. Преди формата дяловете ми бяха с размери съответно 35000 MB и 85000 MB. За да изчезне вирусът ги направих 34999 и 84999 MB. Това ми реши проблема перманентно.

Момчетата от HJT Team неведнъж са се справяли успешно с вируси Sality без нужда от преинсталация. Те знаят какви инструменти да използват и в каква последователност, за разлика от вас или от мен, за да изчистят системата без преинсталация. ;)

  • Харесва ми 6

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Подкрепям момчетата от отбора са много добре подготвени, мисля, че заслужават доверие и уважение ;) 

  • Харесва ми 4

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Преди 3 години имах проблем с полиморфен вирус и тия неща, които сте му написали няма да оправят проблема перманентно. Полиморфните вируси се самокопират по системните папки на всички дялове (System Volume Information и т.н.) и дори да намериш антивирусна, която да го изтрие от един дял, вирусът автоматично се копира обратно от другите дялове. Единственото генерално и бързо решение на проблема е да си качиш важните неща на ДВД дискове (не на преносим хард или флашка, защото вирусът ще отиде и там) и да направиш цялостен формат на хард диска (или хард дисковете, ако са повече от един), като промениш размера на дяловете. Просто форматиране на дяловете без промяна на размера им не помага - знам го от личен опит. След като форматирах и двата дяла и инсталирах ОС въпросната гадина пак се появи. Единственото, което помогна беше да променя размерите. Преди формата дяловете ми бяха с размери съответно 35000 MB и 85000 MB. За да изчезне вирусът ги направих 34999 и 84999 MB. Това ми реши проблема перманентно.

 

 

Преди три години нещата изглеждаха съвсем различно.....!Само това ще кажа и ще приключа с дискусията по въпроса..Нека автора на темата да каже има ли проблеми след процедурите..!Лека вечер на всички....!

  • Харесва ми 6

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход


  • Горещи теми в момента

  • Подобни теми

    • от Katrin4i
      Здравейте, мисля че компютърът ми има някакъв вирус. На два пъти ми се случи да опитам да инсталирам нещо и не става, а днес се опитах да деинсталирам Malwarebites и пак не става. След сканиране с Windows Defender Antiwirus  откри нещо, което се казва ""Misleading:Win32/Corenore"
      Моля ви за съдействие, не бих могла да се справя сама, благодаря!
       
    • от beemer
      Здравейте, както съм споделил тук, имам съмнение за заразен компютър, като опитвайки се да инсталирам Malwarebytes не успявам да го отворя по никакъв начин, което ме навява още по-силно на съмнението, че съм барнал вирус.
      Прикачвам репорт файловете.
      Ще помоля за вашето съдействие.
       
      Addition.txt
      FRST.txt
    • от porata
      Добър ден. Мисля че съм се заразил от някъде с доста неприятни вируси
      Днес забелязах че след рестарт на машината първото нещо което стартира след като се пусне лин-а е някакъв произволен сайт в този случай сайт с няккакви реклами..
      Както и самата машина някак си започна да забива и насича 
      Ети логовете



       
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02.01.2018
      Ran by GAMEPC (administrator) on GAMEPC-PC (10-01-2018 17:49:26)
      Running from C:\Users\GAMEPC\Downloads
      Loaded Profiles: GAMEPC (Available Profiles: GAMEPC)
      Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: Български (България)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      (Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [AutoKMS] => C:\Windows\AutoKMS.exe [615936 2017-09-08] ()
      HKLM-x32\...\Run: [BCSSync] => C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-01-21] (Microsoft Corporation)
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27832264 2017-10-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3111712 2017-12-15] (Valve Corporation)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Viber] => C:\Users\GAMEPC\AppData\Local\Viber\Viber.exe [34472016 2017-12-12] (Viber Media S.à r.l.)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [Discord] => C:\Users\GAMEPC\AppData\Local\Discord\app-0.0.300\Discord.exe [57821176 2018-01-08] (Discord Inc.)
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\Run: [GAMEPC] => explorer.exe hxxp://ozirizsoos.info <==== ATTENTION
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\...\MountPoints2: {609d2171-c4d2-11e7-a1c0-048d38748987} - E:\Lenovo_Suite.exe
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 87.121.24.12
      Tcpip\..\Interfaces\{F8E6BFBF-08DD-4CEC-8468-25670AF9DFE4}: [DhcpNameServer] 87.121.24.12
      Internet Explorer:
      ==================
      HKU\S-1-5-21-2297230751-1021565052-1431566534-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-21] (Oracle Corporation)
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-21] (Oracle Corporation)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-10-21] (Oracle Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-21] (Oracle Corporation)
      FireFox:
      ========
      FF DefaultProfile: mrpwyf7s.default
      FF ProfilePath: C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default [2018-01-10]
      FF Homepage: Mozilla\Firefox\Profiles\mrpwyf7s.default -> google.bg
      FF Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Mozilla\Firefox\Profiles\mrpwyf7s.default\Extensions\uBlock0@raymondhill.net.xpi [2017-12-26]
      FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-21] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-21] (Oracle Corporation)
      FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-21] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-21] (Oracle Corporation)
      FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-01-04] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-01-04] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-15] (Google Inc.)
      Chrome: 
      =======
      CHR StartupUrls: Default -> "hxxp://google.bg/"
      CHR Profile: C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default [2018-01-10]
      CHR Extension: (Презентации) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-08]
      CHR Extension: (YouTube) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-08]
      CHR Extension: (Таблици) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Документи офлайн) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-08]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-08]
      CHR Extension: (Gmail) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-08]
      CHR Extension: (Chrome Media Router) - C:\Users\GAMEPC\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-12]
      Opera: 
      =======
      OPR Extension: (uBlock Origin) - C:\Users\GAMEPC\AppData\Roaming\Opera Software\Opera Stable\Extensions\kccohkcpppjjkkjppopfnflnebibpida [2017-12-16]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [6971400 2017-11-16] ()
      R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [526888 2017-12-08] (EasyAntiCheat Ltd)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [519104 2017-11-16] (NVIDIA Corporation)
      S2 SetupARService; C:\Program Files (x86)\Realtek\Audio\SetupAfterRebootService.exe [24576 2017-09-08] (Realtek Semiconductor.) [File not signed]
      S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2017-06-20] (Microsoft Corporation)
      R2 wuauserv; C:\Windows\system32\wuaueng2.dll [2651136 2017-09-08] (Microsoft Corporation) [File not signed]
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R0 amdide64; C:\Windows\System32\DRIVERS\amdide64.sys [11944 2017-09-08] (Advanced Micro Devices Inc.)
      R3 dtlitescsibus; C:\Windows\System32\DRIVERS\dtlitescsibus.sys [30264 2017-09-11] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\Windows\System32\DRIVERS\dtliteusbbus.sys [47672 2017-09-11] (Disc Soft Ltd)
      R1 HWiNFO32; C:\Windows\SysWOW64\drivers\HWiNFO64A.SYS [27552 2017-09-08] (REALiX(tm))
      S3 L1C; C:\Windows\System32\DRIVERS\L1C62x64.sys [129224 2017-09-08] (Qualcomm Atheros Co., Ltd.)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-11-16] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [50624 2017-11-16] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [57792 2017-11-16] (NVIDIA Corporation)
      R3 RTL8023x64; C:\Windows\System32\DRIVERS\Rtnic64.sys [61656 2017-09-08] (Realtek Semiconductor Corporation )
      S3 BEDaisy; \??\C:\Program Files (x86)\Common Files\BattlEye\BEDaisy.sys [X]
      S3 IntcAzAudAddService; system32\drivers\RTKVHD64.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-01-10 17:49 - 2018-01-10 17:49 - 000013425 _____ C:\Users\GAMEPC\Downloads\FRST.txt
      2018-01-10 17:48 - 2018-01-10 17:49 - 000000000 ____D C:\FRST
      2018-01-10 17:47 - 2018-01-10 17:47 - 002393088 _____ (Farbar) C:\Users\GAMEPC\Downloads\FRST64.exe
      2018-01-10 16:50 - 2018-01-10 16:50 - 000047308 _____ C:\Users\GAMEPC\Downloads\Malcolm.S05.BGAUDIO.torrent
      2018-01-10 15:52 - 2018-01-09 21:50 - 000000230 ___SH C:\Users\Public\Libraries.ini
      2018-01-08 22:48 - 2018-01-08 22:48 - 000025438 _____ C:\Users\GAMEPC\Downloads\Malcolm in the Middle Season 4 TVRip BGAudio [***].torrent
      2018-01-08 18:01 - 2018-01-08 18:01 - 000000000 ____D C:\Program Files (x86)\VulkanRT
      2018-01-08 18:01 - 2018-01-04 02:01 - 000137528 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvStreaming.exe
      2018-01-08 18:01 - 2017-11-02 22:15 - 000928568 _____ C:\Windows\system32\vulkan-1.dll
      2018-01-08 18:01 - 2017-11-02 22:15 - 000798520 _____ C:\Windows\SysWOW64\vulkan-1.dll
      2018-01-08 18:01 - 2017-11-02 22:15 - 000490808 _____ C:\Windows\SysWOW64\vulkaninfo.exe
      2018-01-08 18:01 - 2017-11-02 22:14 - 000591672 _____ C:\Windows\system32\vulkaninfo.exe
      2018-01-08 18:00 - 2018-01-08 18:00 - 000000000 ____D C:\Windows\system32\Drivers\NVIDIA Corporation
      2018-01-08 17:58 - 2018-01-04 03:39 - 040269624 _____ (NVIDIA Corporation) C:\Windows\system32\nvcompiler.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 035278136 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglv64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 035179080 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcompiler.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 027856456 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglv32.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 019796008 _____ (NVIDIA Corporation) C:\Windows\system32\nvopencl.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 018730328 _____ (NVIDIA Corporation) C:\Windows\system32\nvd3dumx.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 017303112 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvlddmkm.sys
      2018-01-08 17:58 - 2018-01-04 03:39 - 016450056 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvopencl.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 015408072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvd3dum.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 013430632 _____ (NVIDIA Corporation) C:\Windows\system32\nvptxJitCompiler.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 012842984 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuda.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 011015584 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvptxJitCompiler.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 010900248 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuda.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 003902448 _____ (NVIDIA Corporation) C:\Windows\system32\nvcuvid.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 003874728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvapi.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 003432944 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvcuvid.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 001975184 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6439065.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 001674544 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6439065.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 001134952 _____ (NVIDIA Corporation) C:\Windows\system32\nvfatbinaryLoader.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 001125688 _____ (NVIDIA Corporation) C:\Windows\system32\NvFBC64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 001054512 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvFBC.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000988144 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFR64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000939504 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFR.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000885680 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvfatbinaryLoader.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000616240 _____ (NVIDIA Corporation) C:\Windows\system32\NvIFROpenGL.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000528312 _____ (NVIDIA Corporation) C:\Windows\system32\nvEncodeAPI64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000506672 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\NvIFROpenGL.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000447424 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvEncodeAPI.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000407064 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvumdshim.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000226760 _____ (NVIDIA Corporation) C:\Windows\system32\Drivers\nvhda64v.sys
      2018-01-08 17:58 - 2018-01-04 03:39 - 000171896 _____ (NVIDIA Corporation) C:\Windows\system32\nvinitx.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000154208 _____ (NVIDIA Corporation) C:\Windows\system32\nvoglshim64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000149736 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvinit.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000132072 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvoglshim32.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000045600 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdap64.dll
      2018-01-08 17:58 - 2018-01-04 03:39 - 000000669 _____ C:\Windows\SysWOW64\nv-vk32.json
      2018-01-08 17:58 - 2018-01-04 03:39 - 000000669 _____ C:\Windows\system32\nv-vk64.json
      2018-01-06 18:55 - 2018-01-06 18:55 - 000019998 _____ C:\Users\GAMEPC\Downloads\Malcolm in the Middle Season 3 TVRip BGAudio [***].torrent
      2018-01-05 18:31 - 2018-01-05 18:31 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Electronic Arts
      2018-01-05 18:13 - 2018-01-05 18:13 - 000000000 ____D C:\Users\GAMEPC\Documents\PCSX2
      2018-01-05 18:12 - 2018-01-05 18:12 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\PCSX2
      2018-01-05 18:02 - 2018-01-05 18:02 - 000039666 _____ C:\Users\GAMEPC\Downloads\Harry.Potter.and.the.Deathly.Hallows.Part.2-SKIDROW.torrent
      2018-01-05 18:02 - 2018-01-05 18:02 - 000039666 _____ C:\Users\GAMEPC\Downloads\Harry.Potter.and.the.Deathly.Hallows.Part.2-SKIDROW (1).torrent
      2018-01-05 18:02 - 2018-01-05 18:02 - 000006830 _____ C:\Users\GAMEPC\Downloads\Harry.Potter.and.The.Deathly.Hallows.Part.2.Proper.CRACK.ONLY-RELOADED.torrent
      2018-01-05 17:59 - 2018-01-05 17:59 - 000060214 _____ C:\Users\GAMEPC\Downloads\Crash_titans_pc_rus.iso (1).torrent
      2018-01-05 17:58 - 2018-01-05 17:58 - 000060214 _____ C:\Users\GAMEPC\Downloads\Crash_titans_pc_rus.iso.torrent
      2018-01-04 22:15 - 2018-01-04 22:15 - 000024355 _____ C:\Users\GAMEPC\Downloads\Malcolm.In.Тhe.Middle.S02.TVRiP.BGAUDiO-GOMBO.torrent
      2018-01-03 21:18 - 2018-01-03 21:18 - 000016750 _____ C:\Users\GAMEPC\Downloads\Malcolm.In.Тhe.Middle.S01.TVRiP.BGAUDiO-GOMBO.torrent
      2018-01-02 14:13 - 2018-01-02 14:13 - 000014967 _____ C:\Users\GAMEPC\Downloads\The.X.Files.I.Want.to.Believe.2008.DVDRip.XviD.BGAUDiO-SiSO.torrent
      2018-01-02 14:12 - 2018-01-02 14:12 - 000034573 _____ C:\Users\GAMEPC\Downloads\The.X.Files.I.Want.to.Believe.2008.DC.480p.BDRip.XviD.AC3-AsA.torrent
      2018-01-02 14:12 - 2018-01-02 14:12 - 000025883 _____ C:\Users\GAMEPC\Downloads\The.X.Files.I.Want.to.Believe.2008.DirCut.720p.BluRay.DTS.x264_ESiR.(subs.sab.bz).rar
      2018-01-02 13:49 - 2018-01-02 13:49 - 000014977 _____ C:\Users\GAMEPC\Downloads\The.X.Files.1998.BDRip.XviD.Dual.Audio[Bul-Eng]-TBO (1).torrent
      2018-01-02 13:47 - 2018-01-02 13:47 - 000014977 _____ C:\Users\GAMEPC\Downloads\The.X.Files.1998.BDRip.XviD.Dual.Audio[Bul-Eng]-TBO.torrent
      2018-01-02 09:53 - 2018-01-02 09:53 - 000114625 _____ C:\Users\GAMEPC\Downloads\Bright.2017.HDRip.XviD.AC3-EVO.torrent
      2018-01-02 09:53 - 2018-01-02 09:53 - 000039426 _____ C:\Users\GAMEPC\Downloads\bright.2017.1080p.nf.web-dl.dd5.1.h.264-ika(subsunacs.net).rar
      2017-12-28 21:02 - 2017-12-28 21:02 - 000035829 _____ C:\Users\GAMEPC\Downloads\The X Files S01 ep10-12.torrent
      2017-12-28 21:02 - 2017-12-28 21:02 - 000034149 _____ C:\Users\GAMEPC\Downloads\The X Files S01 ep07-09.torrent
      2017-12-28 18:17 - 2017-12-28 18:17 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\TslGame
      2017-12-28 17:03 - 2017-12-28 17:03 - 000000222 _____ C:\Users\GAMEPC\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS.url
      2017-12-28 17:03 - 2017-12-28 17:03 - 000000222 _____ C:\Users\GAMEPC\Desktop\PLAYERUNKNOWN'S BATTLEGROUNDS (Test Server).url
      2017-12-27 21:05 - 2017-12-27 21:05 - 000034969 _____ C:\Users\GAMEPC\Downloads\The X Files S01 ep04-06.torrent
      2017-12-27 21:04 - 2017-12-27 21:04 - 000070165 _____ C:\Users\GAMEPC\Downloads\The X Files S01 ep01-03 (1).torrent
      2017-12-27 19:01 - 2017-12-27 19:01 - 000070165 _____ C:\Users\GAMEPC\Downloads\The X Files S01 ep01-03.torrent
      2017-12-27 17:54 - 2017-12-27 17:54 - 000068903 _____ C:\Users\GAMEPC\Downloads\The.X-Files.S10.1080p.BluRay.AVC.x264.MULTi.AC3-STM.torrent
      2017-12-26 18:47 - 2017-12-26 18:47 - 001204720 _____ (Adobe Systems Incorporated) C:\Users\GAMEPC\Downloads\flashplayer28_ka_install.exe
      2017-12-25 18:43 - 2017-12-25 18:43 - 000014387 _____ C:\Users\GAMEPC\Downloads\Scooby.Doo.And.The.Loch.Ness.Monster.2004.DVDRip.XviD.BGAUDIO-RRGroup.torrent
      2017-12-25 18:42 - 2017-12-25 18:42 - 000014469 _____ C:\Users\GAMEPC\Downloads\Scooby.Doo.Pirates.Ahoy.2006.DVDRip.XviD.BGAUDIO-RRGroup.torrent
      2017-12-25 18:41 - 2017-12-25 18:41 - 000016605 _____ C:\Users\GAMEPC\Downloads\Scooby-Doo.and.the.Alien.Invaders(2000)[BGAudio]TVRip.XviD-CoveR.avi.torrent
      2017-12-25 18:40 - 2017-12-25 18:40 - 000015973 _____ C:\Users\GAMEPC\Downloads\Scooby-Doo! and the Monster of Mexico (2003) [BG Audio] TVRip.XviD-CoveR.avi.torrent
      2017-12-25 18:40 - 2017-12-25 18:40 - 000015973 _____ C:\Users\GAMEPC\Downloads\Scooby-Doo! and the Monster of Mexico (2003) [BG Audio] TVRip.XviD-CoveR.avi (1).torrent
      2017-12-24 20:09 - 2017-12-24 20:09 - 000014490 _____ C:\Users\GAMEPC\Downloads\The.Nut.Job.2014.BDRip.XviD.BGaudio-REFLUX.torrent
      2017-12-24 14:27 - 2017-12-24 14:27 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Adobe
      2017-12-23 21:42 - 2017-12-23 21:42 - 001556480 _____ C:\Users\GAMEPC\Downloads\Непотвърдено 653969.crdownload
      2017-12-21 16:16 - 2017-12-16 02:21 - 001990128 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispco6438871.dll
      2017-12-21 16:16 - 2017-12-16 02:21 - 001674736 _____ (NVIDIA Corporation) C:\Windows\system32\nvdispgenco6438871.dll
      2017-12-17 17:07 - 2017-12-17 17:47 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Might & Magic Heroes VI
      2017-12-17 17:07 - 2017-12-17 17:17 - 000000000 ____D C:\Users\GAMEPC\Documents\Might & Magic Heroes VI
      2017-12-17 17:07 - 2017-12-17 17:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Repack by Fenixx
      2017-12-17 16:27 - 2017-12-17 16:27 - 000038163 _____ C:\Users\GAMEPC\Downloads\Might & Magic.Heroes 6.Gold Edition.v 2.1.1.0 + 4 DLC.(Бука).(2012).Repack.torrent
      2017-12-17 15:54 - 2017-12-17 15:54 - 000003429 _____ C:\Users\GAMEPC\Downloads\DiRT Rally Hotfix v1.0.109.3940 - BAT.torrent
      2017-12-17 15:53 - 2017-12-17 15:53 - 000105021 _____ C:\Users\GAMEPC\Downloads\DiRT.Rally-RELOADED.torrent
      2017-12-16 22:49 - 2017-12-16 22:50 - 004228256 _____ (Husdawg, LLC) C:\Users\GAMEPC\Downloads\Detection.exe
      2017-12-16 16:33 - 2017-12-16 16:33 - 000000000 ____D C:\Users\GAMEPC\Documents\Diablo III
      2017-12-16 13:58 - 2017-12-16 13:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StarCraft II
      2017-12-16 13:53 - 2017-12-16 15:13 - 000000000 ____D C:\Users\GAMEPC\Documents\StarCraft II
      2017-12-16 13:52 - 2017-12-16 14:34 - 000000000 ____D C:\ProgramData\Blizzard Entertainment
      2017-12-16 13:48 - 2017-12-16 14:38 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Blizzard Entertainment
      2017-12-16 13:47 - 2017-12-16 13:47 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Blizzard
      2017-12-16 13:46 - 2017-12-16 13:47 - 000000000 ____D C:\ProgramData\Battle.net
      2017-12-16 13:46 - 2017-12-16 13:46 - 004215792 _____ (Blizzard Entertainment) C:\Users\GAMEPC\Downloads\StarCraft-II-Setup.exe
      2017-12-14 14:20 - 2017-12-14 14:21 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Viber
      2017-12-11 21:56 - 2018-01-10 16:01 - 000002131 _____ C:\Users\GAMEPC\Desktop\Discord.lnk
      2017-12-11 21:55 - 2018-01-10 16:01 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\Discord
      2017-12-11 21:55 - 2017-12-11 21:55 - 054332920 _____ (Discord Inc.) C:\Users\GAMEPC\Downloads\DiscordSetup (1).exe
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-01-10 17:45 - 2009-07-14 07:13 - 000781298 _____ C:\Windows\system32\PerfStringBackup.INI
      2018-01-10 17:45 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2018-01-10 17:41 - 2017-12-06 18:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\ViberPC
      2018-01-10 17:41 - 2017-09-23 17:42 - 000000000 ____D C:\Program Files (x86)\Steam
      2018-01-10 17:41 - 2017-09-08 13:25 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Skype
      2018-01-10 17:40 - 2017-09-08 13:03 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-01-10 17:39 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2018-01-10 17:32 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2018-01-10 17:32 - 2009-07-14 06:45 - 000028352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2018-01-10 17:30 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Opera
      2018-01-10 17:16 - 2017-09-10 00:33 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\qBittorrent
      2018-01-10 16:34 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\LocalLow\Mozilla
      2018-01-10 16:01 - 2017-10-13 15:36 - 000000000 ____D C:\Users\GAMEPC\Documents\ViberDownloads
      2018-01-10 16:01 - 2017-09-09 21:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Discord Inc
      2018-01-10 16:01 - 2017-09-09 21:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\discord
      2018-01-10 16:01 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA
      2018-01-10 15:58 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2018-01-10 15:58 - 2017-09-08 12:34 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2018-01-09 21:27 - 2017-09-18 18:14 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2018-01-09 21:27 - 2017-09-18 18:14 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2018-01-09 21:27 - 2017-09-18 18:14 - 000004478 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2018-01-09 21:27 - 2017-09-18 18:14 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2018-01-09 21:27 - 2017-09-18 18:14 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2018-01-09 21:27 - 2017-09-18 18:14 - 000000000 ____D C:\Windows\system32\Macromed
      2018-01-09 17:15 - 2017-09-08 12:35 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-01-09 17:15 - 2017-09-08 12:35 - 000002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-01-08 18:02 - 2017-09-08 13:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NVIDIA Corporation
      2018-01-08 18:02 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
      2018-01-08 18:02 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files\NVIDIA Corporation
      2018-01-05 18:41 - 2017-09-08 14:54 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\CrashDumps
      2018-01-05 18:28 - 2009-07-14 07:32 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
      2018-01-04 16:47 - 2017-09-27 00:35 - 000000000 ____D C:\Users\GAMEPC\Documents\Euro Truck Simulator 2
      2018-01-04 03:39 - 2017-09-08 13:02 - 019677112 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvwgf2um.dll
      2018-01-04 03:39 - 2017-09-08 13:02 - 004375648 _____ (NVIDIA Corporation) C:\Windows\system32\nvapi64.dll
      2018-01-04 03:39 - 2017-09-08 13:02 - 000492048 _____ (NVIDIA Corporation) C:\Windows\system32\nvumdshimx.dll
      2018-01-04 03:39 - 2017-09-08 12:22 - 022573984 _____ (NVIDIA Corporation) C:\Windows\system32\nvwgf2umx.dll
      2018-01-04 03:39 - 2017-09-08 12:21 - 000045386 _____ C:\Windows\system32\nvinfo.pb
      2018-01-04 03:39 - 2017-09-08 12:19 - 001682288 _____ (NVIDIA Corporation) C:\Windows\system32\nvhdagenco6420103.dll
      2018-01-04 02:33 - 2017-09-08 13:03 - 000001951 _____ C:\Windows\NvContainerRecovery.bat
      2018-01-04 01:50 - 2017-09-08 13:03 - 005951336 _____ (NVIDIA Corporation) C:\Windows\system32\nvcpl.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 002588232 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvc64.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 001768480 _____ (NVIDIA Corporation) C:\Windows\system32\nvsvcr.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 000631880 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshext.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 000450352 _____ (NVIDIA Corporation) C:\Windows\system32\nvmctray.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 000123704 _____ (NVIDIA Corporation) C:\Windows\system32\nvshext.dll
      2018-01-04 01:50 - 2017-09-08 13:03 - 000081992 _____ (NVIDIA Corporation) C:\Windows\system32\nv3dappshextr.dll
      2017-12-28 18:18 - 2017-09-08 13:05 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\NVIDIA Corporation
      2017-12-28 18:17 - 2017-09-08 12:20 - 000000000 ____D C:\ProgramData\Package Cache
      2017-12-25 18:46 - 2017-09-10 00:39 - 000000973 _____ C:\Users\GAMEPC\Desktop\PotPlayer 64 bit.lnk
      2017-12-24 21:07 - 2017-09-08 13:03 - 007928821 _____ C:\Windows\system32\nvcoproc.bin
      2017-12-21 16:10 - 2017-09-08 12:35 - 000003864 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1504866897
      2017-12-17 17:48 - 2017-11-29 18:58 - 000000000 ____D C:\ProgramData\Codemasters
      2017-12-17 17:48 - 2017-09-28 19:51 - 000000000 ____D C:\Users\GAMEPC\Documents\My Games
      2017-12-17 17:07 - 2017-11-28 17:35 - 000000000 ____D C:\ProgramData\Orbit
      2017-12-16 21:51 - 2017-09-08 12:51 - 000000000 ____D C:\Users\GAMEPC\AppData\Roaming\Mozilla
      2017-12-15 15:29 - 2017-09-08 12:20 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
      2017-12-11 21:56 - 2017-09-09 21:09 - 000000000 ____D C:\Users\GAMEPC\AppData\Local\SquirrelTemp
      Some files in TEMP:
      ====================
      2017-12-28 18:19 - 2017-12-28 18:19 - 000000180 _____ () C:\Users\GAMEPC\AppData\Local\Temp\00e481b5e22dbe1f649fcddd505d3eb7.dll
      2017-12-28 18:19 - 2018-01-09 18:20 - 000000016 _____ () C:\Users\GAMEPC\AppData\Local\Temp\9cfeec25b194d212cb1a549f559db4ab.dll
      2011-04-29 03:10 - 2011-04-29 03:10 - 002027328 _____ (Electronic Arts, Inc.) C:\Users\GAMEPC\AppData\Local\Temp\installerdll1824963827.dll
      2011-04-29 03:10 - 2011-04-29 03:10 - 002027328 _____ (Electronic Arts, Inc.) C:\Users\GAMEPC\AppData\Local\Temp\installerdll1824966448.dll
      2017-10-21 13:00 - 2017-10-21 13:00 - 001856576 _____ (Oracle Corporation) C:\Users\GAMEPC\AppData\Local\Temp\jre-8u151-windows-au.exe
      2017-11-15 00:12 - 2017-10-27 18:06 - 000760032 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvSCPAPI.dll
      2017-09-08 13:03 - 2017-12-16 00:47 - 000874880 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvSCPAPI64.dll
      2017-11-15 00:09 - 2017-12-16 00:47 - 000371000 _____ (NVIDIA Corporation) C:\Users\GAMEPC\AppData\Local\Temp\nvStInst.exe
      2011-04-29 03:31 - 2011-04-29 03:31 - 034523568 _____ (Electronic Arts, Inc.) C:\Users\GAMEPC\AppData\Local\Temp\Setup.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-01-10 17:08
      ==================== End of FRST.txt ============================











       
      Addition_10-01-2018 17.50.21.txt
    • от Васил Джамбазов
      Както казва заглавието когато влизам в различни страници и трябва да ми излезе това captcha дето проверавя дали съм робот но не ми излиза нищо. Или само си върти или напълно нищо не показва. Пробвал съм със 4 различни браузъри и наквсякъде е същото. Рових в нета сумати време и нищо не ми помага. Де-инсталирах антивирусна, махах всички екстенжъни на браузърите и няма резултат. Мисля че проблема ми е в самия компютър някъде.  
      - Не разполагам с компакт диск за ОС. 
       
       
      Addition.txt
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-12-2017 01
      Ran by userr (administrator) on USERR-PC (24-12-2017 01:13:05)
      Running from E:\scoped_dir3952_30355
      Loaded Profiles: userr (Available Profiles: userr)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Bulgarian (Bulgaria)
      Internet Explorer Version 11 (Default browser: Opera)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      (ABBYY Production LLC) C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe
      (Autodesk) C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe
      () C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      () C:\Windows\SysWOW64\PnkBstrA.exe
      (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
      () C:\Program Files (x86)\qBittorrent\qbittorrent.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Gaijin Entertainment) C:\Users\userr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe
      (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
      (Wondershare) C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
      () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
      (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
      (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Opera Software) C:\Program Files (x86)\Opera\49.0.2725.64\opera.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
      HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
      HKLM\...\Run: [XboxStat] => C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe [825184 2009-09-30] (Microsoft Corporation)
      HKLM\...\Run: [ShadowPlay] => "C:\Windows\system32\rundll32.exe" C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [246120 2017-12-23] (AVAST Software)
      HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe [41056 2013-05-08] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
      HKLM-x32\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2087264 2014-09-11] (Wondershare)
      HKLM-x32\...\Run: [Bonus.SSR.FR12] => C:\Program Files (x86)\ABBYY FineReader 12\Bonus.ScreenshotReader.exe [1472312 2014-01-30] (ABBYY Production LLC.)
      HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [73216 2016-03-03] ()
      HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => "D:\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
      HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [15377920 2014-04-29] ()
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3672640 2013-03-14] (Disc Soft Ltd)
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\...\Run: [GalaxyClient] => C:\Program Files (x86)\GalaxyClient\GalaxyClient.exe /launchViaAutoStart
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\...\Run: [Gaijin.Net Agent] => C:\Users\userr\AppData\Local\Gaijin\Program Files (x86)\NetAgent\gjagent.exe [2268232 2017-11-01] (Gaijin Entertainment)
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\...\MountPoints2: {87819dae-0c57-11e4-9eea-d050991a0dfa} - G:\setup.exe
      AppInit_DLLs: C:\Users\userr\AppData\Local\Linkey\IEEXTE~1\iedll64.dll => No File
      IFEO\bitguard.exe: [Debugger] tasklist.exe
      IFEO\bprotect.exe: [Debugger] tasklist.exe
      IFEO\bpsvc.exe: [Debugger] tasklist.exe
      IFEO\browserdefender.exe: [Debugger] tasklist.exe
      IFEO\browserprotect.exe: [Debugger] tasklist.exe
      IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
      IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
      IFEO\jumpflip: [Debugger] tasklist.exe
      IFEO\protectedsearch.exe: [Debugger] tasklist.exe
      IFEO\searchinstaller.exe: [Debugger] tasklist.exe
      IFEO\searchprotection.exe: [Debugger] tasklist.exe
      IFEO\searchprotector.exe: [Debugger] tasklist.exe
      IFEO\searchsettings.exe: [Debugger] tasklist.exe
      IFEO\searchsettings64.exe: [Debugger] tasklist.exe
      IFEO\snapdo.exe: [Debugger] tasklist.exe
      IFEO\stinst32.exe: [Debugger] tasklist.exe
      IFEO\stinst64.exe: [Debugger] tasklist.exe
      IFEO\umbrella.exe: [Debugger] tasklist.exe
      IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
      IFEO\volaro: [Debugger] tasklist.exe
      IFEO\vonteera: [Debugger] tasklist.exe
      IFEO\websteroids.exe: [Debugger] tasklist.exe
      IFEO\websteroidsservice.exe: [Debugger] tasklist.exe
      Startup: C:\Users\userr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2010.lnk [2017-04-19]
      ShortcutTarget: Изрязване на екран и стартиране на OneNote 2010.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      AutoConfigURL: [S-1-5-21-845983760-1135253478-3104952537-1000] => hxxp://un-stop.net/wpad.dat?c88dfa84e125e454a786d466e2e3db8a7686672
      Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
      Tcpip\Parameters: [DhcpNameServer] 192.168.100.1
      Tcpip\..\Interfaces\{5650381A-159B-4673-BC63-260706D9F749}: [DhcpNameServer] 192.168.100.1
      ManualProxies: 0hxxp://un-stop.net/wpad.dat?c88dfa84e125e454a786d466e2e3db8a7686672
      Internet Explorer:
      ==================
      HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/?pc=MSSE
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1431722512&z=0e848d89476fca2279bb4ddg5z8c2g4m8o3o2w1gcq&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&q={searchTerms}
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.oursurfing.com/web/?type=ds&ts=1431722512&z=0e848d89476fca2279bb4ddg5z8c2g4m8o3o2w1gcq&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&q={searchTerms}
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.istartsurf.com/?type=hppp&ts=1431722435&z=60bd0491cc64661fd12a8edg0zcc0g3m0oeo1zbcat&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
      HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.oursurfing.com/web/?type=ds&ts=1431722512&z=0e848d89476fca2279bb4ddg5z8c2g4m8o3o2w1gcq&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&q={searchTerms}
      HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\Software\Microsoft\Internet Explorer\Main,Search Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.google.com/?bcutc=sp-006
      HKU\S-1-5-21-845983760-1135253478-3104952537-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      SearchScopes: HKLM -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13800&tm=449&src=ds&p={searchTerms}
      SearchScopes: HKLM-x32 -> DefaultScope {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKLM-x32 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.default-search.net/search?sid=503&aid=100&itype=n&ver=13800&tm=449&src=ds&p={searchTerms}
      SearchScopes: HKLM-x32 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&ts=1431722566&type=default&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&ts=1431722566&type=default&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {2023ECEC-E06A-4372-A1C7-0B49F9E0FFF0} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSSE
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&ts=1431722566&type=default&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {9BB47C17-9C68-4BB3-B188-DD9AF0FD2503} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&ts=1431722566&type=default&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {E733165D-CBCF-4FDA-883E-ADEF965B476C} URL = hxxp://www.oursurfing.com/web/?utm_source=b&utm_medium=smt&utm_campaign=install_ie&utm_content=ds&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX&ts=1431722566&type=default&q={searchTerms}
      SearchScopes: HKU\S-1-5-21-845983760-1135253478-3104952537-1000 -> {E9410C70-B6AE-41FF-AB71-32F4B279EA5F} URL = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}
      BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
      BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-11-15] (Oracle Corporation)
      BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2017-12-23] (AVAST Software)
      BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
      BHO: No Name -> {A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} -> No File
      BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-15] (Oracle Corporation)
      BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
      BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-03-09] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\ssv.dll [2017-11-15] (Oracle Corporation)
      BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2017-12-23] (AVAST Software)
      BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2009-08-18] (Microsoft Corporation)
      BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
      BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-11-15] (Oracle Corporation)
      StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.istartsurf.com/?type=sc&ts=1431722400&z=cc566e9454f28cf2ca26295g0z7cdgamco6odz3eec&from=smt&uid=TOSHIBAXDT01ACA200_44G39EWGSXX44G39EWGSX
      FireFox:
      ========
      FF ProfilePath: C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\1cbzl9mj.default [2017-12-24]
      FF user.js: detected! => C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\1cbzl9mj.default\user.js [2016-03-15]
      FF Extension: (Avast SafePrice) - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\1cbzl9mj.default\Extensions\sp@avast.com.xpi [2017-12-23]
      FF Extension: (Avast Online Security) - C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\1cbzl9mj.default\Extensions\wrc@avast.com.xpi [2017-12-23]
      FF SearchPlugin: C:\Users\userr\AppData\Roaming\Mozilla\Firefox\Profiles\1cbzl9mj.default\searchplugins\default-search.xml [2014-08-24]
      FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-15] (Oracle Corporation)
      FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-15] (Oracle Corporation)
      FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
      FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll [2013-12-05] (Adobe Systems, Inc.)
      FF Plugin-x32: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-11-15] (Oracle Corporation)
      FF Plugin-x32: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files (x86)\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-11-15] (Oracle Corporation)
      FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
      FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2017-04-01] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2017-04-01] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08] (Adobe Systems Inc.)
      Chrome: 
      =======
      CHR DefaultProfile: Default
      CHR Profile: C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default [2017-12-24]
      CHR Extension: (Assassin's Creed IV Black Flag) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\agibflpbghgmiinfaefgnldmfajdance [2017-06-01]
      CHR Extension: (Docs) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-03-19]
      CHR Extension: (YouTube) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-03-20]
      CHR Extension: (Google Docs Offline) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-03-19]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-23]
      CHR Extension: (Gmail) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-03-19]
      CHR Extension: (Chrome Media Router) - C:\Users\userr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-13]
      CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [fpmeembnagmagppkgghhfjfdfajdfcah] - C:\Users\userr\AppData\Local\Linkey\ChromeExtension\ChromeExtension.crx [2014-08-24]
      CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
      Opera: 
      =======
      OPR Extension: (Adblock Plus) - C:\Users\userr\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2017-09-29]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 ABBYY.Licensing.FineReader.Professional.12.0; C:\Program Files (x86)\ABBYY FineReader 12\NetworkLicenseServer.exe [925904 2014-01-23] (ABBYY Production LLC)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7538536 2017-12-23] (AVAST Software)
      R2 Autodesk Licensing Service; C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe [79360 2015-09-25] (Autodesk) [File not signed]
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [301168 2017-12-23] (AVAST Software)
      S3 BRSptStub; C:\ProgramData\BitRaider\BRSptStub.exe [363208 2016-01-26] (BitRaider, LLC)
      S3 GalaxyCommunication; C:\ProgramData\GOG.com\Galaxy\redists\GalaxyCommunication.exe [6532664 2016-08-06] (GOG.com)
      S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
      R2 mi-raysat_3dsMax2009_64; C:\Program Files\Autodesk\3ds Max 2009\mentalray\satellite\raysat_3dsMax2009_64server.exe [65536 2008-03-09] () [File not signed]
      S3 npggsvc; C:\Windows\SysWOW64\GameMon.des [4121080 2011-06-13] (INCA Internet Co., Ltd.) [File not signed]
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [495224 2017-06-21] (NVIDIA Corporation)
      R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-04-01] (NVIDIA Corporation)
      R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [450168 2017-06-21] (NVIDIA Corporation)
      R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2014-10-24] ()
      S3 TunngleService; D:\Tunngle\TnglCtrl.exe [809424 2015-10-27] (Tunngle.net GmbH) [File not signed]
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
      S2 Ds3Service; "D:\Downloads\SCP DS3 Driver Package\ScpServer\bin\ScpService.exe" [X]
      S3 GalaxyClientService; "C:\Program Files (x86)\GalaxyClient\GalaxyClientService.exe" [X]
      S2 Hamachi2Svc; "D:\LogMeIn Hamachi\x64\hamachi-2.exe" -s [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [185096 2017-12-23] (AVAST Software)
      S3 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdrivera.sys [321512 2017-12-23] (AVAST Software)
      S3 aswbidsh; C:\Windows\System32\drivers\aswbidsha.sys [199448 2017-12-23] (AVAST Software)
      S3 aswblog; C:\Windows\System32\drivers\aswbloga.sys [343768 2017-12-23] (AVAST Software)
      S3 aswbuniv; C:\Windows\System32\drivers\aswbuniva.sys [57696 2017-12-23] (AVAST Software)
      R1 aswHdsKe; C:\Windows\System32\drivers\aswHdsKe.sys [149344 2017-12-23] (AVAST Software)
      S3 aswHwid; C:\Windows\System32\drivers\aswHwid.sys [46976 2017-12-23] (AVAST Software)
      R2 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [146664 2017-12-23] (AVAST Software)
      S3 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [110336 2017-12-23] (AVAST Software)
      R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [84384 2017-12-23] (AVAST Software)
      S3 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [1025176 2017-12-23] (AVAST Software)
      R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [457400 2017-12-23] (AVAST Software)
      S3 aswStm; C:\Windows\System32\drivers\aswStm.sys [204456 2017-12-23] (AVAST Software)
      S3 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [358672 2017-12-23] (AVAST Software)
      S2 atksgt; C:\Windows\System32\DRIVERS\atksgt.sys [312480 2016-06-30] ()
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2014-07-15] (DT Soft Ltd)
      S3 hxsyol; C:\Windows\system32\hxsy64.sys [86352 2015-01-24] ()
      R2 lirsgt; C:\Windows\System32\DRIVERS\lirsgt.sys [43168 2016-06-30] ()
      R3 MotioninJoyXFilter; C:\Windows\System32\DRIVERS\MijXfilt.sys [121416 2014-09-16] (MotioninJoy) [File not signed]
      S3 NPPTNT2; C:\Windows\SysWOW64\npptNT2.sys [4682 2005-01-04] (INCA Internet Co., Ltd.) [File not signed]
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30328 2017-06-21] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [48248 2017-06-21] (NVIDIA Corporation)
      R3 nvvhci; C:\Windows\System32\DRIVERS\nvvhci.sys [76840 2017-04-01] (NVIDIA Corporation)
      R3 ScpVBus; C:\Windows\System32\DRIVERS\ScpVBus.sys [39168 2013-05-05] (Scarlet.Crush Productions)
      S3 SynasUSB; C:\Windows\System32\drivers\SynUSB64.sys [21888 2006-01-29] (Syncrosoft GmbH) [File not signed]
      R3 tap0901t; C:\Windows\System32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
      U3 aswbdisk; no ImagePath
      S3 BRDriver64_1_3_3_E02B25FC; \??\C:\ProgramData\BitRaider\support\1.3.3\E02B25FC\BRDriver64.sys [X]
      S3 dump_wmimmc; \??\D:\Phantasy Star Universe\PHANTASY STAR UNIVERSE\GameGuard\dump_wmimmc.sys [X]
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-24 01:12 - 2017-12-24 01:13 - 000000000 ____D C:\FRST
      2017-12-23 12:34 - 2017-12-23 12:34 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-12-23 03:20 - 2017-12-23 03:20 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-12-23 03:20 - 2017-12-23 03:20 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-12-23 03:20 - 2017-12-23 03:20 - 000004474 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
      2017-12-23 03:20 - 2017-12-23 03:20 - 000004324 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-12-23 02:44 - 2017-12-23 02:44 - 000003914 _____ C:\Windows\System32\Tasks\Avast Emergency Update
      2017-12-23 02:44 - 2017-12-23 02:44 - 000001882 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-12-23 02:44 - 2017-12-23 02:44 - 000000000 ____D C:\Users\userr\AppData\Roaming\AVAST Software
      2017-12-23 02:44 - 2017-12-23 02:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-12-23 02:43 - 2017-12-23 02:41 - 000457400 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000365680 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
      2017-12-23 02:43 - 2017-12-23 02:41 - 000358672 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000204456 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000185096 _____ (AVAST Software) C:\Windows\system32\Drivers\aswArPot.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000146664 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000110336 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000084384 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
      2017-12-23 02:43 - 2017-12-23 02:41 - 000046976 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 001025176 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 000343768 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbloga.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 000321512 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsdrivera.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 000199448 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbidsha.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 000149344 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHdsKe.sys
      2017-12-23 02:43 - 2017-12-23 02:39 - 000057696 _____ (AVAST Software) C:\Windows\system32\Drivers\aswbuniva.sys
      2017-12-23 02:39 - 2017-12-23 02:39 - 000000000 ____D C:\Program Files\AVAST Software
      2017-12-23 02:30 - 2017-12-23 02:38 - 000000000 ____D C:\Users\userr\AppData\Local\AvgSetupLog
      2017-12-23 02:07 - 2017-12-24 01:10 - 000000000 ____D C:\Users\userr\AppData\LocalLow\Mozilla
      2017-12-23 02:06 - 2017-12-23 02:07 - 000000000 ____D C:\Program Files\Mozilla Firefox
      2017-12-23 02:06 - 2017-12-23 02:06 - 000000896 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-12-10 18:50 - 2017-12-10 19:16 - 000000000 ____D C:\Users\userr\AppData\Roaming\Kodi
      2017-12-10 18:50 - 2017-12-10 18:50 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kodi
      2017-12-10 18:49 - 2017-12-10 18:50 - 000000000 ____D C:\Program Files (x86)\Kodi
      2017-12-06 22:46 - 2017-12-06 22:46 - 000000000 ____D C:\Program Files\Common Files\Avast Software
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-24 00:38 - 2014-07-15 18:17 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-12-23 12:42 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-12-23 12:42 - 2009-07-14 06:45 - 000026544 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-12-23 12:34 - 2014-07-15 17:50 - 000000000 ____D C:\ProgramData\NVIDIA
      2017-12-23 12:33 - 2014-08-24 19:53 - 000000000 ____D C:\Users\userr\AppData\Roaming\AVG
      2017-12-23 12:33 - 2014-08-24 19:53 - 000000000 ____D C:\Users\userr\AppData\Local\AVG
      2017-12-23 12:33 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-12-23 03:20 - 2014-08-26 10:46 - 000000000 ____D C:\Users\userr\AppData\Local\Adobe
      2017-12-23 03:20 - 2014-07-15 18:17 - 000000000 ____D C:\Windows\system32\Macromed
      2017-12-23 03:16 - 2016-01-03 00:01 - 000000000 ____D C:\Users\userr\AppData\Local\CrashDumps
      2017-12-23 02:38 - 2016-05-15 19:06 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-12-23 02:38 - 2014-08-24 19:52 - 000000000 ____D C:\ProgramData\AVG
      2017-12-23 02:07 - 2014-07-15 18:21 - 000000000 ____D C:\Users\userr\AppData\Roaming\Mozilla
      2017-12-23 02:06 - 2014-07-15 18:14 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-12-21 04:29 - 2014-10-16 22:00 - 000003846 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1413489654
      2017-12-21 04:29 - 2014-07-15 18:15 - 000003430 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
      2017-12-21 04:29 - 2014-07-15 18:15 - 000003302 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
      2017-12-20 12:42 - 2014-07-15 22:11 - 000000000 ____D C:\Program Files (x86)\Opera
      2017-12-12 02:54 - 2014-07-15 18:15 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-10 19:02 - 2014-07-18 10:15 - 000000000 ____D C:\Program Files (x86)\Winamp
      2017-12-02 15:06 - 2016-02-27 13:58 - 000000000 ____D C:\Users\userr\AppData\Roaming\vlc
      2017-11-30 19:55 - 2009-07-14 07:13 - 000800086 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-11-30 19:55 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      ==================== Files in the root of some directories =======
      2015-06-28 11:25 - 2015-06-28 12:50 - 000003958 _____ () C:\Users\userr\AppData\Roaming\LTspiceIV.ini
      2016-01-01 23:01 - 2016-01-15 22:41 - 000007168 _____ () C:\Users\userr\AppData\Roaming\SQLiteManager3.pref
      2016-03-10 19:19 - 2016-03-10 19:19 - 000003584 _____ () C:\Users\userr\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-07-23 18:59 - 2016-02-24 12:08 - 000000601 _____ () C:\Users\userr\AppData\Local\DialogChoices.xml
      2016-12-14 12:38 - 2016-12-14 12:38 - 000000600 _____ () C:\Users\userr\AppData\Local\PUTTY.RND
      2015-05-29 13:21 - 2015-05-29 13:21 - 000003992 _____ () C:\Users\userr\AppData\Local\recently-used.xbel
      2016-01-01 23:13 - 2009-09-24 21:36 - 000000486 _____ () C:\Users\userr\AppData\Local\uninstall.html
      Some files in TEMP:
      ====================
      2015-09-25 10:11 - 2014-07-31 18:54 - 000015752 _____ (Autodesk, Inc.) C:\Users\userr\AppData\Local\Temp\AcDeltree.exe
      2016-12-09 15:51 - 2016-12-09 15:51 - 000223744 _____ (Un4seen Developments) C:\Users\userr\AppData\Local\Temp\Bass.dll
      2016-12-09 15:51 - 2016-12-09 15:51 - 000647168 _____ (radio42) C:\Users\userr\AppData\Local\Temp\Bass.Net.dll
      2016-04-16 11:05 - 2016-04-16 11:05 - 000385024 _____ (Microsoft Corporation) C:\Users\userr\AppData\Local\Temp\Crysis_Patch_1_2_launcher.exe
      2016-04-22 16:02 - 2016-04-23 19:52 - 000208896 _____ (Sony DADC Austria AG) C:\Users\userr\AppData\Local\Temp\drm_dyndata_7340014.dll
      2016-04-22 16:08 - 2016-04-23 19:41 - 000204800 _____ (Sony DADC Austria AG) C:\Users\userr\AppData\Local\Temp\drm_dyndata_7370014.dll
      2016-04-23 19:57 - 2016-04-24 10:30 - 000204800 _____ (Sony DADC Austria AG) C:\Users\userr\AppData\Local\Temp\drm_dyndata_7390004.dll
      2015-08-04 14:25 - 2015-08-04 14:25 - 000027352 _____ (AVG Technologies) C:\Users\userr\AppData\Local\Temp\DseShExt-x64.dll
      2015-08-04 14:25 - 2015-08-04 14:25 - 000029912 _____ (AVG Technologies) C:\Users\userr\AppData\Local\Temp\DseShExt-x86.dll
      2015-12-15 08:20 - 2015-12-15 08:20 - 000010240 _____ () C:\Users\userr\AppData\Local\Temp\fh2communityupdaterselfupdate.exe
      2016-06-13 18:37 - 2016-06-13 18:37 - 001962752 _____ (Flexera Software LLC) C:\Users\userr\AppData\Local\Temp\FNP_ACT_InstallerCA.dll
      2015-01-29 15:58 - 2006-01-09 06:35 - 000159744 ____R () C:\Users\userr\AppData\Local\Temp\GMfc.dll
      2016-03-21 16:06 - 2016-03-21 16:06 - 001022043 _____ (                                                            ) C:\Users\userr\AppData\Local\Temp\ICReinstall_HDVideoPlayer.exe
      2016-07-28 09:16 - 2016-07-28 09:16 - 000741440 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u101-windows-au.exe
      2016-10-22 10:00 - 2016-10-22 10:00 - 000737856 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u111-windows-au.exe
      2017-01-21 09:41 - 2017-01-21 09:41 - 000739904 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u121-windows-au.exe
      2017-04-25 10:50 - 2017-04-25 10:50 - 000739904 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u131-windows-au.exe
      2017-07-21 08:54 - 2017-07-21 08:54 - 000739904 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u141-windows-au.exe
      2017-11-15 11:43 - 2017-11-15 11:43 - 001856576 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u151-windows-au.exe
      2016-03-27 09:48 - 2016-03-27 09:48 - 000736320 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u77-windows-au.exe
      2016-04-24 10:15 - 2016-04-24 10:15 - 000739904 _____ (Oracle Corporation) C:\Users\userr\AppData\Local\Temp\jre-8u91-windows-au.exe
      2015-01-29 15:58 - 1999-12-17 14:00 - 000995383 ____R (Microsoft Corporation) C:\Users\userr\AppData\Local\Temp\Mfc42.dll
      2015-01-29 15:58 - 1999-12-17 14:00 - 000295000 ____R (Microsoft Corporation) C:\Users\userr\AppData\Local\Temp\MSVCRT.dll
      2016-03-07 10:20 - 2016-03-07 10:20 - 005495448 _____ (Black Tree Gaming                                           ) C:\Users\userr\AppData\Local\Temp\Nexus Mod Manager-0.61.14.exe
      2016-08-16 17:42 - 2016-08-16 17:42 - 006359496 _____ (Black Tree Gaming                                           ) C:\Users\userr\AppData\Local\Temp\Nexus Mod Manager-0.61.23.exe
      2016-01-25 13:38 - 2016-01-25 13:38 - 006350128 _____ (Black Tree Gaming                                           ) C:\Users\userr\AppData\Local\Temp\Nexus Mod Manager-0.61.6.exe
      2017-01-02 12:39 - 2017-01-02 12:39 - 006456560 _____ (Black Tree Gaming                                           ) C:\Users\userr\AppData\Local\Temp\Nexus Mod Manager-0.63.11.exe
      2017-06-14 10:20 - 2017-06-14 10:20 - 006441096 _____ (Black Tree Gaming                                           ) C:\Users\userr\AppData\Local\Temp\Nexus Mod Manager-0.63.14.exe
      2015-09-01 18:07 - 2016-08-25 22:50 - 000746088 _____ (NVIDIA Corporation) C:\Users\userr\AppData\Local\Temp\nvSCPAPI.dll
      2015-11-22 12:40 - 2015-11-14 07:54 - 000835776 _____ (NVIDIA Corporation) C:\Users\userr\AppData\Local\Temp\nvSCPAPI64.dll
      2015-10-13 12:53 - 2015-07-23 02:46 - 000783688 _____ (NVIDIA Corporation) C:\Users\userr\AppData\Local\Temp\nvStInst.exe
      2015-08-04 14:25 - 2015-08-04 14:25 - 000032984 _____ (AVG Technologies) C:\Users\userr\AppData\Local\Temp\SDShelEx-win32.dll
      2015-08-04 14:25 - 2015-08-04 14:25 - 000031960 _____ (AVG Technologies) C:\Users\userr\AppData\Local\Temp\SDShelEx-x64.dll
      2006-01-04 09:04 - 2006-01-04 09:04 - 000098304 ____R () C:\Users\userr\AppData\Local\Temp\Setup.exe
      2016-06-23 10:10 - 2016-07-05 21:28 - 000192512 _____ () C:\Users\userr\AppData\Local\Temp\sfamcc00001.dll
      2015-02-10 19:56 - 2015-02-10 19:56 - 000105984 _____ () C:\Users\userr\AppData\Local\Temp\sfextra.dll
      2016-09-12 19:41 - 2016-09-12 19:42 - 036634172 _____ (Bogdan Ureche                                               ) C:\Users\userr\AppData\Local\Temp\SQLiteExpertPersSetup.exe
      2015-01-29 15:58 - 2006-01-09 18:37 - 000393216 ____R () C:\Users\userr\AppData\Local\Temp\UnivUI.dll
      2015-12-20 20:03 - 2015-12-20 20:03 - 013977352 _____ (Microsoft Corporation) C:\Users\userr\AppData\Local\Temp\vcredist_2015_Update_1_x86.exe
      2016-09-02 18:27 - 2016-09-02 18:28 - 000003584 _____ () C:\Users\userr\AppData\Local\Temp\_j5iljyu.dll
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe => File is digitally signed
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll => File is digitally signed
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2017-12-19 00:16
      ==================== End of FRST.txt ============================
      FRST.txt
    • от Емилиян Радоев
      Лаптома ми се товарии загрява мисля, че имам вируси в системата
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 17-12-2017
      Ran by Emiliyan (administrator) on WISE (20-12-2017 16:03:52)
      Running from C:\Users\Emiliyan\Downloads
      Loaded Profiles: Emiliyan (Available Profiles: Emiliyan)
      Platform: Windows 8 (X64) Language: English (United States)
      Internet Explorer Version 10 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (AMD) C:\Windows\System32\atiesrxx.exe
      (AMD) C:\Windows\System32\atieclxx.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
      (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
      (McAfee, Inc.) C:\Windows\System32\mfevtps.exe
      (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McTkSchedulerService.exe
      (McAfee, Inc.) C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe
      (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (TOSHIBA Corporation) C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe
      (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
      (SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
      (Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
      (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
      (McAfee, Inc.) C:\Program Files\Common Files\mcafee\systemcore\mcshield.exe
      (Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
      (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
      (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [] => [X]
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
      HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
      HKLM\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\System Setting\TSleepSrv.exe [1548952 2012-08-04] (TOSHIBA Corporation)
      HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
      HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
      HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
      HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
      HKLM\...\Run: [Toshiba TEMPRO] => C:\Program Files (x86)\Toshiba TEMPRO\TemproTray.exe
      HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [253344 2017-12-19] (AVAST Software)
      HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
      HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
      HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
      HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-22] (Pegatron Corporation)
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\...\Run: [Chromium] => "c:\users\emiliyan\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory=Default --restore-last-session
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\...\MountPoints2: {3200876f-a128-11e7-be97-74e543b067e1} - "E:\stp-fifa17.exe" 
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\...\MountPoints2: {5d49cdaf-cde8-11e7-bea2-74e543b067e1} - "F:\Install.exe" 
      Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 88.87.0.2 88.87.10.2
      Tcpip\..\Interfaces\{4162F2B5-AEAE-42DB-9CD1-CF34657B6E2D}: [DhcpNameServer] 88.87.0.2 88.87.10.2
      Tcpip\..\Interfaces\{72560D0F-2D93-4ECB-9356-DBA41E983165}: [DhcpNameServer] 88.87.0.2 88.87.10.2
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://toshiba13.msn.com
      HKU\S-1-5-21-3433298263-1705697951-3842491668-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
      SearchScopes: HKU\S-1-5-21-3433298263-1705697951-3842491668-1001 -> DefaultScope {0117524D-8F49-4D9B-B308-983D78D06507} URL = 
      BHO: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
      BHO-x32: True Key Helper -> {0F4B8786-5502-4803-8EBC-F652A1153BB6} -> C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
      Toolbar: HKLM - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll [2017-06-05] (Intel Security)
      Toolbar: HKLM-x32 - True Key - {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll [2017-06-05] (Intel Security)
      FireFox:
      ========
      FF DefaultProfile: 1dnbjirw.default
      FF ProfilePath: C:\Users\Emiliyan\AppData\Roaming\Mozilla\Firefox\Profiles\1dnbjirw.default [2017-12-20]
      FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-12] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-12] ()
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
      FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-19] (Google Inc.)
      FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [2011-09-28] ()
      Chrome: 
      =======
      CHR Profile: C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default [2017-12-20]
      CHR Extension: (Slides) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
      CHR Extension: (Docs) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
      CHR Extension: (Google Drive) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-09-21]
      CHR Extension: (YouTube) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-09-21]
      CHR Extension: (Google Docs Offline) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-09-21]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-09-21]
      CHR Extension: (Gmail) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-09-21]
      CHR Extension: (Chrome Media Router) - C:\Users\Emiliyan\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-12-14]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [7549928 2017-12-19] (AVAST Software)
      R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [281416 2017-12-19] (AVAST Software)
      R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)
      R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
      R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
      R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
      R2 McShield; C:\Program Files\Common Files\McAfee\SystemCore\\mcshield.exe [237920 2012-08-03] (McAfee, Inc.)
      R2 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe [218320 2012-08-03] (McAfee, Inc.)
      R2 mfevtp; C:\Windows\system32\mfevtps.exe [177144 2012-08-03] (McAfee, Inc.)
      S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
      R2 TrueKey; C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [1001920 2017-05-26] (McAfee, Inc.)
      R2 TrueKeyScheduler; C:\Program Files\TrueKey\McTkSchedulerService.exe [16928 2017-05-26] (McAfee, Inc.)
      R2 TrueKeyServiceHelper; C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [87760 2017-05-26] (McAfee, Inc.)
      S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2015-07-06] (Microsoft Corporation)
      S2 InstallerService; C:\Program Files\TrueKey\Mcafee.TrueKey.InstallerService.exe [X]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [183584 2017-12-19] (AVAST Software)
      S1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [321032 2017-12-19] (AVAST Software s.r.o.)
      R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsha.sys [198968 2017-12-19] (AVAST Software s.r.o.)
      R0 aswblog; C:\WINDOWS\System32\drivers\aswbloga.sys [343288 2017-12-19] (AVAST Software s.r.o.)
      R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniva.sys [57728 2017-12-19] (AVAST Software s.r.o.)
      S3 aswHwid; C:\WINDOWS\System32\drivers\aswHwid.sys [47008 2017-12-19] (AVAST Software)
      R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [148288 2017-12-19] (AVAST Software)
      R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110376 2017-12-19] (AVAST Software)
      R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [84416 2017-12-19] (AVAST Software)
      R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [1026232 2017-12-19] (AVAST Software)
      R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [455376 2017-12-19] (AVAST Software)
      R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [203976 2017-12-19] (AVAST Software)
      R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [364464 2017-12-19] (AVAST Software)
      R3 AtiHDAudioService; C:\WINDOWS\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
      S3 cfwids; C:\WINDOWS\System32\drivers\cfwids.sys [69672 2012-08-03] (McAfee, Inc.)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [30264 2017-09-24] (Disc Soft Ltd)
      R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [47672 2017-09-24] (Disc Soft Ltd)
      R3 mfeapfk; C:\WINDOWS\System32\drivers\mfeapfk.sys [169320 2012-08-03] (McAfee, Inc.)
      R3 mfeavfk; C:\WINDOWS\System32\drivers\mfeavfk.sys [300392 2012-08-03] (McAfee, Inc.)
      S0 mfeelamk; C:\WINDOWS\System32\drivers\mfeelamk.sys [66736 2012-07-19] (McAfee, Inc.)
      R3 mfefirek; C:\WINDOWS\System32\drivers\mfefirek.sys [513456 2012-08-03] (McAfee, Inc.)
      R0 mfehidk; C:\WINDOWS\System32\drivers\mfehidk.sys [752672 2012-08-03] (McAfee, Inc.)
      S3 mferkdet; C:\WINDOWS\System32\drivers\mferkdet.sys [106112 2012-08-03] (McAfee, Inc.)
      R0 mfewfpk; C:\WINDOWS\System32\drivers\mfewfpk.sys [335784 2012-08-03] (McAfee, Inc.)
      R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
      R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
      S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-06] (Microsoft Corporation)
      S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [281944 2015-07-06] (Microsoft Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-20 16:03 - 2017-12-20 16:04 - 000015501 _____ C:\Users\Emiliyan\Downloads\FRST.txt
      2017-12-20 16:03 - 2017-12-20 16:03 - 002392064 _____ (Farbar) C:\Users\Emiliyan\Downloads\FRST64.exe
      2017-12-20 16:03 - 2017-12-20 16:03 - 000000000 ____D C:\FRST
      2017-12-20 15:51 - 2017-12-20 15:51 - 001931969 _____ C:\Users\Emiliyan\Downloads\ProcessExplorer.zip
      2017-12-19 22:11 - 2017-12-20 00:14 - 000000000 ____D C:\Users\Emiliyan\Downloads\In.Time.2011.BRRip.XviD.BGAudio-SLSS
      2017-12-19 22:10 - 2017-12-19 22:23 - 000000000 ____D C:\Users\Emiliyan\Downloads\We're.the.Millers.2013.BDRip.XviD.BGAUDiO-SLSS
      2017-12-19 19:41 - 2017-12-19 19:42 - 000000000 ____D C:\Users\Emiliyan\Downloads\Spico
      2017-12-19 19:35 - 2017-12-19 19:44 - 000000000 ____D C:\Users\Emiliyan\Downloads\KMSpico 9.2.3
      2017-12-19 19:32 - 2017-12-19 19:32 - 000000000 ____D C:\ProgramData\SWCUTemp
      2017-12-19 19:27 - 2017-12-19 19:27 - 000000000 ____D C:\Users\Emiliyan\Downloads\KMSpico_10.2.0
      2017-12-19 19:12 - 2017-12-20 15:36 - 000000000 ____D C:\Program Files\KMSpico
      2017-12-19 19:12 - 2017-12-19 19:12 - 000003742 _____ C:\WINDOWS\System32\Tasks\Optimize Thumbnail Cache Files
      2017-12-19 19:12 - 2017-12-19 19:12 - 000003272 _____ C:\WINDOWS\System32\Tasks\InstallShield® Update Service Scheduler
      2017-12-19 18:45 - 2017-12-19 18:45 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\AVAST Software
      2017-12-19 18:43 - 2017-12-19 19:11 - 000000000 ____D C:\WINDOWS\System32\Tasks\Avast Software
      2017-12-19 18:43 - 2017-12-19 18:43 - 000001933 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
      2017-12-19 18:43 - 2017-12-19 18:43 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
      2017-12-19 18:43 - 2017-12-19 18:43 - 000000000 ____D C:\Program Files\Common Files\Avast Software
      2017-12-19 18:42 - 2017-12-19 18:43 - 000455376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
      2017-12-19 18:42 - 2017-12-19 18:42 - 000001087 _____ C:\Users\Emiliyan\Desktop\Your Unin-staller!.lnk
      2017-12-19 18:42 - 2017-12-19 18:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Your Uninstaller! 7
      2017-12-19 18:42 - 2017-12-19 18:42 - 000000000 ____D C:\Program Files (x86)\Your Uninstaller! 7
      2017-12-19 18:42 - 2017-12-19 18:41 - 000364464 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000203976 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000183584 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000148288 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000110376 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000084416 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
      2017-12-19 18:42 - 2017-12-19 18:41 - 000047008 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHwid.sys
      2017-12-19 18:42 - 2017-12-19 18:40 - 001026232 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
      2017-12-19 18:42 - 2017-12-19 18:40 - 000343288 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbloga.sys
      2017-12-19 18:42 - 2017-12-19 18:40 - 000321032 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsdrivera.sys
      2017-12-19 18:42 - 2017-12-19 18:40 - 000198968 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbidsha.sys
      2017-12-19 18:42 - 2017-12-19 18:40 - 000057728 _____ (AVAST Software s.r.o.) C:\WINDOWS\system32\Drivers\aswbuniva.sys
      2017-12-19 18:41 - 2017-12-20 15:36 - 000000000 ____D C:\Users\Emiliyan\AppData\Local\{F5EAC3B6-D142-AF0E-BCDA-8AE698B2767E}
      2017-12-19 18:41 - 2017-12-19 18:54 - 000000000 ____D C:\ProgramData\TEMP
      2017-12-19 18:41 - 2017-12-19 18:41 - 006822592 _____ (URSoft, Inc. ) C:\Users\Emiliyan\Downloads\your_uninstaller [1].exe
      2017-12-19 18:41 - 2017-12-19 18:41 - 000365168 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
      2017-12-19 18:41 - 2017-12-19 18:41 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\URSoft
      2017-12-19 18:39 - 2017-12-20 15:37 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\Opera Software
      2017-12-19 18:39 - 2017-12-20 15:37 - 000000000 ____D C:\Users\Emiliyan\AppData\Local\Opera Software
      2017-12-19 18:39 - 2017-12-19 18:39 - 000000000 ____D C:\Program Files\AVAST Software
      2017-12-19 18:38 - 2017-12-19 18:38 - 007289800 _____ (URSoft, Inc. ) C:\Users\Emiliyan\Downloads\yusetup7.exe
      2017-12-19 18:38 - 2017-12-19 18:38 - 000002657 _____ C:\Users\Emiliyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WarThunder.lnk
      2017-12-19 13:42 - 2017-12-19 13:42 - 000281568 _____ C:\WINDOWS\Minidump\121917-26937-01.dmp
      2017-12-19 13:30 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\DigitalPlayground -  Janice Griffith (50 Ways To Fuck) 12 november 2014 [.mp4]
      2017-12-19 13:28 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\TeensLikeItBig - Elsa Jean, Gia Paige, Gina Valentina (The Cocksuckers Club)
      2017-12-19 13:27 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\Naughty Bookworms - Lexi Diamond
      2017-12-19 13:27 - 2017-12-19 13:27 - 000008240 _____ C:\Users\Emiliyan\Downloads\TeensLikeItBig - Elsa Jean, Gia Paige, Gina Valentina (The Cocksuckers Club).torrent
      2017-12-19 13:26 - 2017-12-19 13:26 - 000017308 _____ C:\Users\Emiliyan\Downloads\Naughty Bookworms - Lexi Diamond.torrent
      2017-12-19 13:26 - 2017-12-19 13:26 - 000013206 _____ C:\Users\Emiliyan\Downloads\DigitalPlayground -  Janice Griffith (50 Ways To Fuck) 12 november 2014 [.mp4].torrent
      2017-12-19 13:22 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\Tiny4K- Elsa Jean - Big Game Tiny Hole
      2017-12-19 13:22 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\KAYLEE HAZE aka Kylie Nicole - Break My Hymen
      2017-12-19 13:22 - 2017-12-19 13:22 - 000019856 _____ C:\Users\Emiliyan\Downloads\Tiny4K- Elsa Jean - Big Game Tiny Hole.torrent
      2017-12-19 13:22 - 2017-12-19 13:22 - 000016441 _____ C:\Users\Emiliyan\Downloads\KAYLEE HAZE aka Kylie Nicole - Break My Hymen.torrent
      2017-12-19 13:18 - 2017-12-19 13:56 - 000000000 ____D C:\Users\Emiliyan\Downloads\RKPrimeReality - Apolonia Lapiedra - Apolonias Blew Movie
      2017-12-19 13:17 - 2017-12-19 13:17 - 000013807 _____ C:\Users\Emiliyan\Downloads\RKPrimeReality - Apolonia Lapiedra - Apolonias Blew Movie.torrent
      2017-12-19 13:15 - 2017-12-19 13:15 - 000019694 _____ C:\Users\Emiliyan\Downloads\TeensLikeItBig - Janice Griffith.torrent
      2017-12-19 13:15 - 2017-12-19 13:15 - 000018341 _____ C:\Users\Emiliyan\Downloads\BangbrosClips - Piper Perri (Pipe Her!! And By Her, We Mean Pipeperr!) NEW February 19 2015 SD MP4s.torrent
      2017-12-19 13:08 - 2017-12-19 13:08 - 000014431 _____ C:\Users\Emiliyan\Downloads\RKPrime - Tiffany Watson (Naughty Trainer).torrent
      2017-12-19 12:57 - 2017-12-19 12:57 - 000016656 _____ C:\Users\Emiliyan\Downloads\Elsa Jean - Bubble Blonde.torrent
      2017-12-19 12:19 - 2017-12-19 12:19 - 018316917 _____ C:\Users\Emiliyan\Downloads\Drift Pack.rar
      2017-12-17 23:39 - 2017-12-17 23:39 - 000000627 _____ C:\Users\Emiliyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\arhiv.lnk
      2017-12-14 00:48 - 2017-12-14 00:48 - 000000000 _____ C:\Users\Emiliyan\Desktop\New Text Document (2).txt
      2017-12-12 14:12 - 2017-12-12 14:12 - 000281512 _____ C:\WINDOWS\Minidump\121217-37562-01.dmp
      2017-12-11 20:22 - 2017-12-11 20:22 - 000000000 ____D C:\Mu BattleZone Hard (No Sound)(1)
      2017-12-11 20:01 - 2017-12-11 20:02 - 092586941 _____ C:\Mu BattleZone Hard (No Sound)(1).rar
      2017-12-07 16:14 - 2017-12-07 16:14 - 000000000 ____D C:\Users\Emiliyan\Downloads\1231
      2017-12-07 16:13 - 2017-12-07 16:14 - 092586941 _____ C:\Users\Emiliyan\Downloads\1231.rar
      2017-12-07 13:12 - 2017-12-07 13:12 - 000015260 _____ C:\Users\Emiliyan\Downloads\ReVolt_17.1124a.exe.torrent
      2017-11-24 14:44 - 2017-11-24 14:44 - 016270006 _____ C:\Users\Emiliyan\Downloads\sa-mp-0.3.7-install (1).exe
      2017-11-24 14:38 - 2017-12-18 18:43 - 000000000 ____D C:\Users\Emiliyan\Documents\GTA San Andreas User Files
      2017-11-24 14:38 - 2017-11-24 14:38 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
      2017-11-24 14:38 - 2017-11-24 14:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\San Andreas Multiplayer
      2017-11-24 14:28 - 2017-11-24 14:28 - 000001914 _____ C:\Users\Public\Desktop\GTA San Andreas.lnk
      2017-11-24 14:28 - 2017-11-24 14:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Rockstar Games
      2017-11-24 14:28 - 2017-11-24 14:28 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
      2017-11-24 14:04 - 2017-11-24 14:04 - 016270006 _____ C:\Users\Emiliyan\Downloads\sa-mp-0.3.7-install.exe
      2017-11-24 14:04 - 2017-11-24 14:04 - 000000000 ____D C:\Users\Emiliyan\Downloads\crack
      2017-11-24 14:03 - 2017-11-24 14:03 - 004811976 _____ C:\Users\Emiliyan\Downloads\crack.rar
      2017-11-24 14:03 - 2017-11-24 14:03 - 000162504 _____ C:\Users\Emiliyan\Downloads\[ArenaBG.com]-Grand Theft Auto (GTA) San Andreas-HOODLUM.torrent
      2017-11-23 17:55 - 2017-12-19 18:51 - 000000000 ____D C:\Program Files\Mozilla Firefox
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-20 15:51 - 2017-06-22 01:33 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\uTorrent
      2017-12-20 15:46 - 2017-06-22 14:55 - 000000000 ____D C:\Users\Emiliyan\AppData\LocalLow\Mozilla
      2017-12-20 12:14 - 2017-06-22 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
      2017-12-19 19:37 - 2012-07-26 09:28 - 000848230 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2017-12-19 19:37 - 2012-07-26 07:37 - 000000000 ____D C:\WINDOWS\Inf
      2017-12-19 19:31 - 2017-06-22 00:51 - 000000000 ____D C:\WINDOWS\System32\Tasks\WPD
      2017-12-19 19:30 - 2012-07-26 09:22 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-12-19 19:12 - 2012-08-29 23:53 - 000000000 ____D C:\WINDOWS\System32\Tasks\Toshiba
      2017-12-19 19:10 - 2017-07-07 21:08 - 000000000 ____D C:\Users\Emiliyan\Downloads\simson
      2017-12-19 18:52 - 2012-08-30 09:14 - 000000000 ____D C:\WINDOWS\Panther
      2017-12-19 18:52 - 2012-07-26 10:12 - 000000000 ___HD C:\Program Files\WindowsApps
      2017-12-19 18:52 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\AUInstallAgent
      2017-12-19 18:41 - 2017-09-24 18:24 - 000000000 ____D C:\ProgramData\AVAST Software
      2017-12-19 13:56 - 2017-11-19 22:13 - 000000000 ____D C:\Users\Emiliyan\Downloads1
      2017-12-19 13:42 - 2017-06-22 12:00 - 000000000 ____D C:\WINDOWS\Minidump
      2017-12-19 13:42 - 2017-06-22 11:59 - 715990818 _____ C:\WINDOWS\MEMORY.DMP
      2017-12-18 21:49 - 2017-10-12 12:37 - 000222208 ___SH C:\Users\Emiliyan\Desktop\Thumbs.db
      2017-12-12 22:20 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\SysWOW64\Macromed
      2017-12-12 22:20 - 2012-07-26 10:12 - 000000000 ____D C:\WINDOWS\system32\Macromed
      2017-12-12 14:11 - 2017-06-22 14:53 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
      2017-12-12 08:49 - 2017-09-21 16:27 - 000002206 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-12 08:49 - 2017-09-21 16:27 - 000002194 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2017-12-11 00:40 - 2017-06-22 14:53 - 000000947 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
      2017-11-24 15:37 - 2017-09-25 19:03 - 000281088 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-11-24 15:36 - 2012-07-26 07:26 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
      2017-11-24 14:28 - 2012-08-29 23:39 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
      2017-11-23 17:56 - 2017-06-22 14:55 - 000000000 ____D C:\Users\Emiliyan\AppData\Roaming\Mozilla
      2017-11-23 17:56 - 2017-06-22 14:53 - 000000935 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
      ==================== Files in the root of some directories =======
      2017-06-22 01:24 - 2017-06-22 01:24 - 000007606 _____ () C:\Users\Emiliyan\AppData\Local\Resmon.ResmonCfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2017-12-15 14:17
      ==================== End of FRST.txt ============================
      Addition.txt
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.