Премини към съдържанието
От 1-ви септември 2021 г., вход във форумите ще е възможен само с имейл адрес вместо потребителско име. Ако не помните имейла с който сте се регистрирали, вижте го в настройките на профила си. ×
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Съмнения за зловреден софтуер


Препоръчан отговор


Здравейте.

 

 

От скоро забелязах, че двата диска C и D се пълнят без известна за мен причина.Дори понякога при диск C нямаше и един килобайт свободно пространство.Почистих ги от ненужни файлове и програми, но нямаше голям ефект. По какви ли начини не пробвах - ефекта винаги беше минимален. Последно пробвах да изчистя с програмата CCleaner и успя да ми освободи голяма част пространства при диск C и за момента нямам проблеми с него ( не знам дали отново ще се напълни ), но при диск D нямаше резултат. В момента съм най-близо до истината, че в компютъра ми има зловреден софтуер.

 

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01
Ran by User (administrator) on USER-PC on 16-11-2014 16:29:33
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Български (България)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
() C:\Program Files\Mobogenie\MgAssist.exe
(Mobogenie.com) C:\Program Files\Mobogenie3\MobogenieService.exe
(TorchMedia Inc.) C:\Users\User\AppData\Local\Torch\Update\TorchCrashHandler.exe
(AVG Secure Search) C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
() C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
(Realtek Semiconductor Corp.) C:\Windows\RTHDCPL.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\AVG SafeGuard toolbar\vprot.exe
() C:\Program Files\Mobogenie\DaemonProcess.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
(Bandoo Media Inc.) C:\Users\User\AppData\Local\iLivid\iLivid.exe
(Softonic) C:\Users\User\AppData\Local\Softonic\Softonic.exe
() C:\Program Files\Datecs\FlexType 2K\FType2K.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(mobogenie.com) C:\Program Files\Mobogenie3\mobogenieP2sp.exe
(Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\Windows\RTHDCPL.EXE [16116224 2007-02-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [skyTel] => C:\Windows\SkyTel.EXE [2879488 2006-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\Windows\ALCMTR.EXE [69632 2005-05-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [vProt] => C:\Program Files\AVG SafeGuard toolbar\vprot.exe [2640408 2014-11-06] ()
HKLM\...\Run: [mobilegeni daemon] => C:\Program Files\Mobogenie\DaemonProcess.exe [748736 2014-06-01] ()
HKLM\...\Run: [kbdsprt] => [X]
HKLM\...\Run: [unlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=cfe8a617691547d39ae0d154265d5fc8-89c0334d3c6a5b62b955185ab8fbc974c007b18e /CMPID=1213b
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [iLivid] => C:\Users\User\AppData\Local\iLivid\iLivid.exe [6827008 2013-09-09] (Bandoo Media Inc.)
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [softonic for Windows] => C:\Users\User\AppData\Local\Softonic\Softonic.exe [4170224 2014-04-29] (Softonic)
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [4826904 2014-10-30] (Piriform Ltd)
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {66178fc2-3664-11e3-b5d3-001d60b9b63b} - G:\setup.exe
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {e59f4acc-5383-11e4-95d6-001d60b9b63b} - F:\setup.exe
AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL => C:\PROGRA~2\Wincert\WIN32C~1.DLL File Not Found
IFEO\bitguard.exe: [Debugger] tasklist.exe
IFEO\bprotect.exe: [Debugger] tasklist.exe
IFEO\bpsvc.exe: [Debugger] tasklist.exe
IFEO\browsemngr.exe: [Debugger] tasklist.exe
IFEO\browserdefender.exe: [Debugger] tasklist.exe
IFEO\browsermngr.exe: [Debugger] tasklist.exe
IFEO\browserprotect.exe: [Debugger] tasklist.exe
IFEO\browsersafeguard.exe: [Debugger] tasklist.exe
IFEO\bundlesweetimsetup.exe: [Debugger] tasklist.exe
IFEO\cltmngsvc.exe: [Debugger] tasklist.exe
IFEO\delta babylon.exe: [Debugger] tasklist.exe
IFEO\delta tb.exe: [Debugger] tasklist.exe
IFEO\delta2.exe: [Debugger] tasklist.exe
IFEO\deltainstaller.exe: [Debugger] tasklist.exe
IFEO\deltasetup.exe: [Debugger] tasklist.exe
IFEO\deltatb.exe: [Debugger] tasklist.exe
IFEO\deltatb_2501-c733154b.exe: [Debugger] tasklist.exe
IFEO\dprotectsvc.exe: [Debugger] tasklist.exe
IFEO\iminentsetup.exe: [Debugger] tasklist.exe
IFEO\protectedsearch.exe: [Debugger] tasklist.exe
IFEO\rjatydimofu.exe: [Debugger] tasklist.exe
IFEO\searchprotection.exe: [Debugger] tasklist.exe
IFEO\searchprotector.exe: [Debugger] tasklist.exe
IFEO\snapdo.exe: [Debugger] tasklist.exe
IFEO\stinst32.exe: [Debugger] tasklist.exe
IFEO\stinst64.exe: [Debugger] tasklist.exe
IFEO\sweetimsetup.exe: [Debugger] tasklist.exe
IFEO\tbdelta.exetoolbar783881609.exe: [Debugger] tasklist.exe
IFEO\utiljumpflip.exe: [Debugger] tasklist.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FlexType 2K.lnk
ShortcutTarget: FlexType 2K.lnk -> C:\Program Files\Datecs\FlexType 2K\FType2K.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\McAfee Security Scan Plus.lnk
ShortcutTarget: McAfee Security Scan Plus.lnk -> C:\Program Files\McAfee Security Scan\3.8.150\SSScheduler.exe (McAfee, Inc.)
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2007.lnk
ShortcutTarget: Изрязване на екран и стартиране на OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
HKLM\...\AppCertDlls: [x64] -> c:\program files\movies toolbar\datamngr\x64\apcrtldr.dll <===== ATTENTION
HKLM\...\AppCertDlls: [x86] -> C:\Program Files\Movies Toolbar\Datamngr\apcrtldr.dll <===== ATTENTION
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW
SearchScopes: HKCU - {0773FA4C-3093-46A9-9E15-92E8BB088A57} URL = http://www.mysearchresults.com/search?c=8004&t=11&q={searchTerms}
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: MSS+ Identifier -> {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} -> C:\Program Files\McAfee Security Scan\3.8.150\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Zula Games -> {2A836234-186C-41A0-9863-40BECDEDED9F} -> C:\Program Files\Zula Games\ScriptHost.dll No File
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
BHO: AVG SafeGuard toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files\AVG SafeGuard toolbar\18.1.5.512\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Toolbar: HKLM - AVG SafeGuard toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG SafeGuard toolbar\18.1.5.512\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Handler: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
Tcpip\..\Interfaces\{11412AFA-D2F1-4B36-B258-39C0F2202FC1}: [NameServer] 192.168.15.12,195.24.48.5
 
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default
FF NewTab: chrome://quick_start/content/index.html
FF DefaultSearchEngine: webssearches
FF SelectedSearchEngine: webssearches
FF Homepage: hxxp://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: TorchVLC -> C:\Users\User\AppData\Local\Torch\Plugins\Video\VLC\npvlc.dll (VideoLAN)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: VideoDownloadConverter - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\[email protected]_4z.com [2014-11-12]
FF Extension: Fast Start - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\[email protected] [2014-07-13]
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-15]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: Zula Games - C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected] [2013-10-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected] [2013-10-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799
FF Extension: AVG SafeGuard toolbar - C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\18.1.9.799 [2014-08-28]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\extensions\[email protected]
 
Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (VideoDownloadConverter) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\aeljlhkkoipjimklndofjoafhpccdfjo [2014-08-02]
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07]
CHR HKLM\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\[email protected] []
CHR HKLM\...\Chrome\Extension: [dhkplhfnhceodhffomolpfigojocbpcb] - C:\Users\User\AppData\Roaming\BabSolution\CR\BabylonChrome1.crx []
CHR HKLM\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files\DefaultTab\DefaultTab.crx []
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.150\McCHSvc.exe [235696 2014-04-09] (McAfee, Inc.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MgAssistService; C:\Program Files\Mobogenie\MgAssist.exe [105664 2014-07-22] ()
R2 MobogenieService; C:\Program Files\Mobogenie3\MobogenieService.exe [116928 2014-11-12] (Mobogenie.com)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
R2 TorchCrashHandler; C:\Users\User\AppData\Local\Torch\Update\TorchCrashHandler.exe [1217032 2014-10-29] (TorchMedia Inc.) <==== ATTENTION
R2 vToolbarUpdater18.1.9; C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-10-15] (Disc Soft Ltd)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc.              )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S1 MpKslb3189f59; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4CFFD5A-C876-4E80-B999-7C2C8B1B1C08}\MpKslb3189f59.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-16 16:28 - 2014-11-16 16:29 - 00022048 _____ () C:\Users\User\Downloads\Addition.txt
2014-11-16 16:27 - 2014-11-16 16:29 - 00022066 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-16 16:26 - 2014-11-16 16:29 - 00000000 ____D () C:\FRST
2014-11-16 16:26 - 2014-11-16 16:26 - 01108992 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-11-16 16:13 - 2014-11-16 16:13 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-16 16:13 - 2014-11-16 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-16 16:12 - 2014-11-16 16:13 - 00000000 ____D () C:\Program Files\CCleaner
2014-11-16 16:10 - 2014-11-16 16:11 - 04976136 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup419pro.exe
2014-11-15 22:30 - 2014-11-15 22:30 - 00000011 ____R () C:\Windows\amunres.lsl
2014-11-15 22:12 - 2014-11-16 16:19 - 00000000 ____D () C:\Program Files\Steam
2014-11-15 22:10 - 2014-11-15 22:11 - 01142392 _____ () C:\Users\User\Downloads\SteamSetup.exe
2014-11-15 14:16 - 2014-11-15 14:16 - 38381556 _____ () C:\Users\User\Downloads\HideNSeek_BM.dem
2014-11-14 23:09 - 2014-11-15 13:09 - 48651703 _____ () C:\Users\User\Downloads\flipeR.dem
2014-11-13 01:53 - 2014-11-13 01:53 - 00000000 ____D () C:\Users\User\mobogenieP2sp
2014-11-06 22:11 - 2014-11-06 22:11 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb
2014-11-03 00:05 - 2014-11-03 00:05 - 00017101 _____ () C:\Users\User\Downloads\Deja.Vu.2006.480p.BRRip.AC3.BGAUDIO-SlzD.torrent
2014-11-01 14:41 - 2014-11-01 14:41 - 222995856 _____ () C:\Users\User\cstrike 2014-11-01 14-41-20-99.avi
2014-11-01 14:40 - 2014-11-01 14:40 - 220153856 _____ () C:\Users\User\cstrike 2014-11-01 14-40-25-02.avi
2014-11-01 14:39 - 2014-11-01 14:40 - 221507616 _____ () C:\Users\User\cstrike 2014-11-01 14-39-52-28.avi
2014-11-01 14:39 - 2014-11-01 14:39 - 224203344 _____ () C:\Users\User\cstrike 2014-11-01 14-39-19-88.avi
2014-11-01 14:38 - 2014-11-01 14:39 - 219093188 _____ () C:\Users\User\cstrike 2014-11-01 14-38-42-11.avi
2014-11-01 14:38 - 2014-11-01 14:38 - 215116608 _____ () C:\Users\User\cstrike 2014-11-01 14-38-09-40.avi
2014-11-01 14:37 - 2014-11-01 14:38 - 228522404 _____ () C:\Users\User\cstrike 2014-11-01 14-37-36-12.avi
2014-11-01 14:37 - 2014-11-01 14:37 - 212516652 _____ () C:\Users\User\cstrike 2014-11-01 14-37-03-47.avi
2014-11-01 14:36 - 2014-11-01 14:37 - 230608452 _____ () C:\Users\User\cstrike 2014-11-01 14-36-30-17.avi
2014-11-01 14:33 - 2014-11-01 14:33 - 16519164 _____ () C:\Users\User\cstrike 2014-11-01 14-33-08-79.avi
2014-11-01 14:31 - 2014-11-01 14:31 - 224039848 _____ () C:\Users\User\cstrike 2014-11-01 14-31-25-65.avi
2014-11-01 14:13 - 2014-11-16 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-11-01 14:13 - 2014-11-01 14:13 - 00036079 _____ (Beepa Pty Ltd) C:\Users\Fraps\uninstall.exe
2014-11-01 14:13 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps\HELP
2014-11-01 14:12 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps
2014-11-01 14:11 - 2014-11-01 14:12 - 02326976 _____ (Beepa Pty Ltd) C:\Users\User\Downloads\setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-16 16:27 - 2013-10-16 15:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-11-16 16:22 - 2014-04-20 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2014
2014-11-16 16:22 - 2014-03-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Custom Strike
2014-11-16 16:22 - 2013-12-16 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-11-16 16:22 - 2013-12-12 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-11-16 16:22 - 2013-10-30 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino at bet365
2014-11-16 16:22 - 2013-10-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2014-11-16 16:22 - 2013-10-17 15:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
2014-11-16 16:22 - 2013-10-16 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-11-16 16:22 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-11-16 16:19 - 2013-12-21 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\TeamViewer
2014-11-16 16:19 - 2013-10-16 15:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-11-16 16:19 - 2013-10-16 15:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-11-16 16:18 - 2014-09-13 22:05 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-16 16:18 - 2013-10-16 15:49 - 00000000 ____D () C:\Windows\Panther
2014-11-16 15:59 - 2013-10-16 15:31 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-16 15:56 - 2013-10-16 15:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-16 14:37 - 2013-10-16 04:53 - 01106300 ____N () C:\Windows\WindowsUpdate.log
2014-11-16 07:55 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-16 07:55 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-16 07:54 - 2010-11-20 23:01 - 00782154 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-16 07:48 - 2014-07-17 08:40 - 00000000 ____D () C:\Program Files\Mobogenie3
2014-11-16 07:48 - 2014-02-06 10:25 - 00000000 ____D () C:\ProgramData\TorchCrashHandler
2014-11-16 07:48 - 2013-10-16 16:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-16 07:48 - 2013-10-16 15:31 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-16 07:48 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-15 22:30 - 2014-09-05 03:25 - 00000000 ____D () C:\Users\User\AppData\Roaming\Software Informer
2014-11-15 22:12 - 2014-02-06 17:52 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-11-14 22:22 - 2014-09-30 15:03 - 00000000 ____D () C:\Program Files\mozilla firefox
2014-11-13 23:56 - 2013-10-16 15:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-13 23:56 - 2013-10-16 15:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-10 23:06 - 2014-10-16 14:53 - 00000749 _____ () C:\Users\User\Desktop\Нов текстов документ.txt
2014-11-06 22:11 - 2014-08-28 13:53 - 00000000 ____D () C:\Program Files\AVG Security Toolbar
2014-11-05 10:54 - 2014-06-13 04:39 - 00002000 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-05 10:54 - 2014-06-13 04:39 - 00001998 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-05 10:54 - 2014-06-13 04:39 - 00001988 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-05 10:54 - 2014-01-27 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-04 10:51 - 2014-03-29 11:56 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-11-03 21:41 - 2014-02-06 10:24 - 00000000 ____D () C:\Users\User\AppData\Local\Torch
2014-11-03 21:40 - 2014-02-06 10:25 - 00001206 _____ () C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
2014-11-03 21:23 - 2013-11-28 23:17 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 13:24 - 2013-10-16 15:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-10-27 23:55 - 2014-06-03 15:33 - 00002327 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
 
Files to move or delete:
====================
C:\Users\Fraps\fraps.exe
C:\Users\Fraps\fraps32.dll
C:\Users\Fraps\fraps64.dat
C:\Users\Fraps\fraps64.dll
C:\Users\Fraps\frapslcd.dll
C:\Users\Fraps\uninstall.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-15 04:51
 
==================== End Of Log ============================
 
 

Addition_16-11-2014_16-30-43.txt

Линк към коментара
Сподели в други сайтове

Здравейте..!
 
remove%20outdated.jpg Деинсталиране нa програми
 
Изтеглете програмата GeekUninstaller и я запазете на десктопа.
Разархивирайте я и стартирайте файла geek.exe IxXO5oO.jpg  От списъка намерете и деинсталирайте всички програми които съм ви написал в карето:
 

Babylon Chrome Toolbar

McAfee Security Scan Plus

Mobogenie

Mobogenie3

MyPC Backup

OffersWizard Network System Driver

webssearches uninstal

WindowsMangerProtect20.0.0.502

 
 
Кликнете с десен бутон върху програмата и изберете Uninstall
 
XhV2QLa.png
 
 
След края на всяка деинсталацията ще се отвори прозорец подканващ ви да премахнете всички остатъци от програмата (ако има такива, ако няма този прозорец няма да се появи):
 
Пример:
 
geek-uninstaller-remove-leftovers.png
 
Натиснете бутона Finish за да изтриете останките от програмата.
 
 
adwcleaner_new.png Сканиране с AdwCleaner
 
Моля, изтеглете и стартирайте програмата AdwCleaner (by Xplode):

  • Затворете всички стартирани програми и браузъри
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
  • Маркирайте Clean
  • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
  • Моля, да публикувате съдържанието на този лог в отговора си
  • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

 

 

JRTbythisisu.png Сканиране с Junkware Removal Tool
 
Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

  • Спрете временно работата на защитните програми.
  • Стартирайте инструмента JRT.exe
  • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
  • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
  • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
  • Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

FRST.gif Сканиране с Farbar Recovery Scan Tool

Повторете сканирането с Farbar Recovery Scan Tool

 

 
 
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FRST.txt
  • Addition.txt
  • JRT.txt
  • AdwCleaner[s0].txt
Линк към коментара
Сподели в други сайтове

Ето първо съдържанието на AdwCleaner[s0].txt

 

 

# AdwCleaner v4.101 - Създаден отчет 18/11/2014 на 16:09:27
# Актуализиран 09/11/2014 от Xplode
# Database : 2014-11-16.1 [Live]
# Операционна система : Windows 7 Ultimate Service Pack 1 (32 bits)
# Потребителско име : User - USER-PC
# Стартиран от : C:\Users\User\Downloads\adwcleaner_4.101.exe
# Настройка : Почистване
 
***** [ Услуги ] *****
 
Услуа Изтритa : torchcrashhandler
Услуа Изтритa : vToolbarUpdater18.1.9
 
***** [ Файлове / Папки ] *****
 
Папка Изтритa : C:\ProgramData\AVG SafeGuard toolbar
Папка Изтритa : C:\ProgramData\AVG Secure Search
Папка Изтритa : C:\ProgramData\AVG Security Toolbar
[#] Папка Изтритa : C:\ProgramData\BitGuard
[#] Папка Изтритa : C:\ProgramData\Browser Manager
[#] Папка Изтритa : C:\ProgramData\BrowserProtect
Папка Изтритa : C:\ProgramData\QuickSet
Папка Изтритa : C:\ProgramData\torchcrashhandler
Папка Изтритa : C:\ProgramData\wincert
Папка Изтритa : C:\Program Files\AVG SafeGuard toolbar
Папка Изтритa : C:\Program Files\AVG Security Toolbar
Папка Изтритa : C:\Program Files\iMesh Applications
Папка Изтритa : C:\Program Files\Movies Toolbar
Папка Изтритa : C:\Program Files\Common Files\AVG Secure Search
Папка Изтритa : C:\Windows\system32\config\systemprofile\AppData\Roaming\defaulttab
Папка Изтритa : C:\Users\User\AppData\Local\AVG SafeGuard toolbar
Папка Изтритa : C:\Users\User\AppData\Local\genienext
Папка Изтритa : C:\Users\User\AppData\Local\iac
Папка Изтритa : C:\Users\User\AppData\Local\iLivid
Папка Изтритa : C:\Users\User\AppData\Local\ilividmoviestoolbar181
Папка Изтритa : C:\Users\User\AppData\Local\Softonic
Папка Изтритa : C:\Users\User\AppData\Local\torch
Папка Изтритa : C:\Users\User\AppData\Local\VideoDownloadConverter_4z
Папка Изтритa : C:\Users\User\AppData\Local\CrashRpt
Папка Изтритa : C:\Users\User\AppData\LocalLow\AVG SafeGuard toolbar
Папка Изтритa : C:\Users\User\AppData\LocalLow\buenosearch LTD
Папка Изтритa : C:\Users\User\AppData\LocalLow\DataMngr
Папка Изтритa : C:\Users\User\AppData\LocalLow\ilividmoviestoolbar181
Папка Изтритa : C:\Users\User\AppData\LocalLow\searchresultstb
Папка Изтритa : C:\Users\User\AppData\LocalLow\VideoDownloadConverter_4z
Папка Изтритa : C:\Users\User\AppData\Roaming\BabSolution
Папка Изтритa : C:\Users\User\AppData\Roaming\defaulttab
Папка Изтритa : C:\Users\User\AppData\Roaming\SimilarSites
Папка Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Папка Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Mobogenie
Папка Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Softonic
Папка Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\torch
Папка Изтритa : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\[email protected]_4z.com
Папка Изтритa : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\[email protected]
Файл Изтритa : C:\Users\Public\Desktop\Free Games.lnk
Файл Изтритa : C:\Windows\system32\installd.exe
Файл Изтритa : C:\Users\User\daemonprocess.txt
Файл Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
Файл Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Torch.lnk
Файл Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
Файл Изтритa : C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Torch.lnk
Файл Изтритa : C:\Users\User\Desktop\iLivid.lnk
 
***** [ задачи ] *****
 
задачa Изтрит : DTChk
задачa Изтрит : DTReg
 
***** [ Преки пътища ] *****
 
Пряк път Почистени : C:\Users\Public\Desktop\Google Chrome.lnk
Пряк път Почистени : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Пряк път Почистени : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Пряк път Почистени : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Пряк път Почистени : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
Пряк път Почистени : C:\Users\User\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
 
***** [ Системен регистър ] *****
 
Стойност Изтрит : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Стойност Изтрит : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Стойност Изтрит : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
Стойност Изтрит : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Стойност Изтрит : HKCU\Software\Mozilla\Firefox\Extensions [[email protected]]
Стойност Изтрит : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Ключ Изтрит : HKLM\SOFTWARE\Google\Chrome\Extensions\dhkplhfnhceodhffomolpfigojocbpcb
Ключ Изтрит : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
Ключ Изтрит : HKCU\Software\Classes\iLivid.torrent
Стойност Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Стойност Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [softonic For Windows]
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\AddonsFramework.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\ButtonSite.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\ScriptHost.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Ключ Изтрит : HKLM\SOFTWARE\Classes\Applications\Torch.exe
Ключ Изтрит : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Ключ Изтрит : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Ключ Изтрит : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\iLivid.torrent
Ключ Изтрит : HKLM\SOFTWARE\Classes\Prod.cap
Ключ Изтрит : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Ключ Изтрит : HKLM\SOFTWARE\Classes\S
Ключ Изтрит : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Ключ Изтрит : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.FeedManager.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLMenu.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.HTMLPanel.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.MultipleButton.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.PseudoTransparentPlugin.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.Radio.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.RadioSettings.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ScriptButton.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.SettingsPlugin.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ThirdPartyInstaller.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector
Ключ Изтрит : HKLM\SOFTWARE\Classes\VideoDownloadConverter_4z.ToolbarProtector.1
Ключ Изтрит : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Ключ Изтрит : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\torch.exe
Стойност Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Стойност Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [vProt]
Ключ Изтрит : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Ключ Изтрит : HKLM\SOFTWARE\MozillaPlugins\TorchVLC
Стойност Изтрит : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Стойност Изтрит : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Стойност Изтрит : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Стойност Изтрит : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Ключ Изтрит : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WindowsMangerProtect
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\BackgroundHost.EXE
Ключ Изтрит : HKCU\Software\5228dd8e53ee441
Ключ Изтрит : HKLM\SOFTWARE\5228dd8e53ee441
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{18B9B16E-716F-43DF-A6AD-512C7D2EB983}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{19975B78-1907-4DD6-A437-4C48120F46A4}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{37EB75F2-7392-4DBE-B5AD-147EC6D7BF5F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{562B9317-C08A-444A-9482-62080DD851AE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{67FCE87F-F3EF-4A3C-87C2-8BD46E68807B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Ключ Изтрит : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{2A1260C1-2964-453F-B0BA-FA429472EB5F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{2A836234-186C-41A0-9863-40BECDEDED9F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{363D5C92-10DC-4287-93E5-1832EECC48EC}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{3719959C-1CCD-4FA7-8EBB-7D9DED86FCCB}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{3B41BE90-F731-4137-AFF3-2CA951E7F0D9}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{4128C64D-F0DD-4811-9405-D22294E8151F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{5B6E533F-F78F-4525-B316-312BAF1295D1}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{69407823-3494-4400-8D49-612549E8F4EE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{84B7B98F-E018-4DBB-AB4C-4DDD3DFCB5FB}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{8FCA5302-6D6D-4645-BF99-D43CF76CE474}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{DD385519-22E7-4BE2-8A8D-35C66DF4858E}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{ED345812-2722-4DCA-9976-D01832DB44EE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Ключ Изтрит : HKLM\SOFTWARE\Classes\CLSID\{FF48DBA6-5DD8-4D10-9EB0-0FA968502E66}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{0BDDE35F-64F7-49C3-99B2-404E899C49F7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{1AD2049E-E483-4425-8555-8E0775ACB631}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{24236608-609C-42C5-B13C-A8A3EC921850}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{28B1A706-4B97-4EB1-8B32-125042685AD9}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{2D73F2D0-2FAB-458E-977D-2F9050E0ED60}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{33575A26-D9CF-40C6-8A3E-116F17201C7F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{3E9469AF-E866-4476-B767-810630F1F6E7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{47700C35-9E3E-4DAD-934C-0CE28A87237C}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{4BDFD19F-93D7-49CE-B554-5C215FDC0136}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{716E443D-7CAA-44F1-866B-F45D00E712CC}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{72063D77-7590-4DA9-A7F8-F5ECAF3632C4}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{7307CF0F-7173-4FBF-8649-B149916DD322}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{7FC87AC5-FA93-476E-A32C-A941229DED0B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{80A5E38C-5F6B-485F-BD97-0B5BE991FAD5}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{9544D727-A26F-4D57-AF38-4496088640EA}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{AC4C30BF-7D5F-4EAB-9C2A-454178F079AA}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{BC6F9C26-93EA-4C6D-A4A7-C1FA333B4BBE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{E975527B-ABE7-40B3-B5C1-385016913E3B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\Interface\{EFA4B5B1-6C76-4B20-BCDB-D41A93E79053}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{192F487E-E812-40C0-B0DE-CB4BFA20F37B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{2D3826A1-F3E8-45D6-94B5-C26D8EC0073B}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{37923200-6887-4B44-95D4-CAE8F83ECFEE}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{3EE17DD1-E28B-4AED-A3B2-9C29CB2C19D6}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{79332472-47F3-4E32-B07F-CF8DF4C58499}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{886F93AD-3CBB-4424-8442-A7340243540F}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{AA289DBC-59B6-40A5-AC7D-C90DF850289C}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{BC153A3C-0BB7-4EED-83AE-28E6E398F56E}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{CA723163-6FAD-43D4-8B93-0D8C52BD9974}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{E6772887-C1E1-405E-94BB-D8760A1CF8DF}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{F1F328EB-F5A5-432B-A54C-05F3EF5B0BD8}
Ключ Изтрит : HKLM\SOFTWARE\Classes\TypeLib\{FE8DBB09-C3D3-4477-80CB-D38914B94BB8}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2A836234-186C-41A0-9863-40BECDEDED9F}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2A836234-186C-41A0-9863-40BECDEDED9F}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2A836234-186C-41A0-9863-40BECDEDED9F}
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{95B7759C-8C7F-4BF1-B163-73684A933233}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{1F6F39C1-00A8-4752-A94C-D0EA92D978B6}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5354D921-3F52-47C5-938D-77A2FB6DEFE7}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{71144427-1368-4D18-8DC9-2AE3CC4C4F83}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{A86782D8-7B41-452F-A217-1854F72DBA54}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{ED345812-2722-4DCA-9976-D01832DB44EE}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3D429207-4689-492D-A0E5-CDC5DFBB5005}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{708D0DD7-FBC0-4437-B525-C098F450A62C}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Стойност Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Стойност Изтрит : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9}
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Ключ Изтрит : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{cf6e4b1c-dbde-457e-9cef-ab8ecac8a5e8}
Ключ Изтрит : HKCU\Software\APNDTX
Ключ Изтрит : HKCU\Software\AVG SafeGuard toolbar
Ключ Изтрит : HKCU\Software\AVG Security Toolbar
Ключ Изтрит : HKCU\Software\BABSOLUTION
Ключ Изтрит : HKCU\Software\Conduit
Ключ Изтрит : HKCU\Software\DefaultTab
Ключ Изтрит : HKCU\Software\ilivid
Ключ Изтрит : HKCU\Software\Softonic
Ключ Изтрит : HKCU\Software\systweak
Ключ Изтрит : HKCU\Software\torch
Ключ Изтрит : HKCU\Software\usyndication.com
Ключ Изтрит : HKCU\Software\USyndication
Ключ Изтрит : HKCU\Software\AppDataLow\Software\ilividmoviestoolbar181
Ключ Изтрит : HKCU\Software\AppDataLow\Software\SmartBar
Ключ Изтрит : HKLM\SOFTWARE\AVG SafeGuard toolbar
Ключ Изтрит : HKLM\SOFTWARE\AVG Security Toolbar
Ключ Изтрит : HKLM\SOFTWARE\Conduit
Ключ Изтрит : HKLM\SOFTWARE\DefaultTab
Ключ Изтрит : HKLM\SOFTWARE\supWindowsMangerProtect
Ключ Изтрит : HKLM\SOFTWARE\systweak
Ключ Изтрит : HKLM\SOFTWARE\torch
Ключ Изтрит : HKLM\SOFTWARE\webssearchesSoftware
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Softonic for Windows
Ключ Изтрит : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\torch
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Firefox
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\zulagames
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VideoDownloadConverter_4zbar Uninstall Internet Explorer
Данни Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - C:\PROGRA~2\Wincert\WIN32C~1.DLL
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Ключ Изтрит : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
 
***** [ Браузъри ] *****
 
-\\ Internet Explorer v0.0.0.0
 
Настройки Възстановен : HKCU\Software\Microsoft\Internet Explorer\Main [start Page]
Настройки Възстановен : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Page_URL]
Настройки Възстановен : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Настройки Възстановен : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
Настройки Възстановен : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [start Page]
Настройки Възстановен : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [search Page]
 
-\\ Mozilla Firefox v33.1 (x86 bg)
 
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("browser.search.defaultenginename", "webssearches");
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("browser.search.selectedEngine", "webssearches");
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("browser.startup.homepage", "hxxp://istart.webssearches.com/?type=hp&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW");
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("extensions.quick_start.enable_search1", false);
[tg6aayzy.default\prefs.js] - Елемент изтрит : user_pref("extensions.quick_start.sd.closeWindowWithLastTab_prev_state", false);
 
-\\ Google Chrome v38.0.2125.111
 
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://www.ask.com/web?q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss&mntrId=94C1001D60B9B63B&affID=122666&tsp=5038
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://search.babylon.com/?q={searchTerms}&babsrc=SP_ss&mntrId=94C1001D60B9B63B&affID=122666&tsp=5038
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?st=kwd&ptb=D054AA05-D908-4A6D-BB4F-A636FB438A90&n=77fda6c7&ind=2013112007&p2=^HJ^xdm007^YYA^bg&si=CO7air2s87oCFc1V3god8XQAeg&searchfor={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://en.softonic.com/s/{searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=1235&systemid=406&v=u11465-250&apn_uid=8953571358224052&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms}
[C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Изтрит [search Provider] : hxxp://istart.webssearches.com/web/?type=ds&ts=1404993434&from=amt&uid=ST3160815AS_5RA2LTSWXXXX5RA2LTSW&q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [29853 octets] - [18/11/2014 16:05:41]
AdwCleaner[s0].txt - [27413 octets] - [18/11/2014 16:09:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [27474 octets] ##########
 
 
Сега съдържанието на JRT.txt 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.3.9 (11.15.2014:2)
OS: Windows 7 Ultimate x86
Ran by User on ўІ 18.11.2014 Ј. at 16:27:57,75
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{0773FA4C-3093-46A9-9E15-92E8BB088A57}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\User\AppData\Roaming\software informer"
 
 
 
~~~ FireFox
 
Emptied folder: C:\Users\User\AppData\Roaming\mozilla\firefox\profiles\tg6aayzy.default\minidumps [39 files]
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ўІ 18.11.2014 Ј. at 16:30:34,71
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Съдържанието на FRST.txt
 
 
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 16-11-2014 01
Ran by User (administrator) on USER-PC on 18-11-2014 16:42:46
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User)
Platform: Microsoft Windows 7 Ultimate  Service Pack 1 (X86) OS Language: Български (България)
Internet Explorer Version 10
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG2014\avgcsrvx.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\mdm.exe
(Google Inc.) C:\Program Files\Google\Update\1.3.25.11\GoogleCrashHandler.exe
(Realtek Semiconductor Corp.) C:\Windows\RTHDCPL.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
() C:\Program Files\Unlocker\UnlockerAssistant.exe
() C:\Program Files\Datecs\FlexType 2K\FType2K.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDCPL] => C:\Windows\RTHDCPL.EXE [16116224 2007-02-06] (Realtek Semiconductor Corp.)
HKLM\...\Run: [skyTel] => C:\Windows\SkyTel.EXE [2879488 2006-05-23] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Alcmtr] => C:\Windows\ALCMTR.EXE [69632 2005-05-10] (Realtek Semiconductor Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31072 2008-10-25] (Microsoft Corporation)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [995184 2013-07-18] (Microsoft Corporation)
HKLM\...\Run: [AVG_UI] => C:\Program Files\AVG\AVG2014\avgui.exe [5188112 2014-08-25] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [kbdsprt] => [X]
HKLM\...\Run: [unlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] ()
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [EA Core] => "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [AVG-Secure-Search-Update_1213b] => C:\Users\User\AppData\Roaming\AVG 1213b Campaign\AVG-Secure-Search-Update-1213b.exe /PROMPT /mid=cfe8a617691547d39ae0d154265d5fc8-89c0334d3c6a5b62b955185ab8fbc974c007b18e /CMPID=1213b
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\Run: [CCleaner Monitoring] => "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {66178fc2-3664-11e3-b5d3-001d60b9b63b} - G:\setup.exe
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {e59f4acc-5383-11e4-95d6-001d60b9b63b} - F:\setup.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FlexType 2K.lnk
ShortcutTarget: FlexType 2K.lnk -> C:\Program Files\Datecs\FlexType 2K\FType2K.exe ()
Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изрязване на екран и стартиране на OneNote 2007.lnk
ShortcutTarget: Изрязване на екран и стартиране на OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation)
ShellIconOverlayIdentifiers: [GDriveBlacklistedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedEditOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSharedViewOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncedOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
ShellIconOverlayIdentifiers: [GDriveSyncingOverlay] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKLM - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = 
SearchScopes: HKCU - {483830EE-A4CD-4b71-B0A3-3D82E62A6909} URL = 
BHO: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\..\Interfaces\{11412AFA-D2F1-4B36-B258-39C0F2202FC1}: [NameServer] 192.168.15.12,195.24.48.5
 
FireFox:
========
FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_15_0_0_223.dll ()
FF Plugin: @Google.com/GoogleEarthPlugin -> C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll No File
FF Plugin: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files\Google\Picasa3\npPicasa3.dll No File
FF Plugin: @nvidia.com/3DVision -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin: @nvidia.com/3DVisionStreaming -> C:\Program Files\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.25.11\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\safeguard-secure-search.xml
FF SearchPlugin: C:\Program Files\mozilla firefox\browser\searchplugins\webssearches.xml
FF Extension: DownloadHelper - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\Extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d} [2014-09-15]
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\extensions\[email protected] [Not Found]
FF Extension: No Name - [email protected] [Not Found]
 
Chrome: 
=======
CHR Profile: C:\Users\User\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Wallet) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-05-07]
CHR HKLM\...\Chrome\Extension: [adldappccjhelkmbkpiibilgnnjakieg] - C:\Program Files\VideoDownloadConverter_4z Chrome Extension\bar\[email protected] []
 
========================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AVGIDSAgent; C:\Program Files\AVG\AVG2014\avgidsagent.exe [3242000 2014-08-25] (AVG Technologies CZ, s.r.o.)
S2 avgwd; C:\Program Files\AVG\AVG2014\avgwdsvc.exe [289328 2014-08-25] (AVG Technologies CZ, s.r.o.)
R2 MDM; C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe [335872 2006-10-26] (Microsoft Corporation) [File not signed]
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22216 2013-07-18] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [295376 2013-07-18] (Microsoft Corporation)
S3 gusvc; "C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe" [X]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R1 Avgdiskx; C:\Windows\System32\DRIVERS\avgdiskx.sys [121624 2014-06-30] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdriverx.sys [200984 2014-07-21] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHX; C:\Windows\System32\DRIVERS\avgidshx.sys [147736 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSShim; C:\Windows\System32\DRIVERS\avgidsshimx.sys [21272 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [188696 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avglogx; C:\Windows\System32\DRIVERS\avglogx.sys [241944 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [98584 2014-08-06] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [27416 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [197400 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 avgtp; C:\Windows\system32\drivers\avgtpx86.sys [42784 2014-08-11] (AVG Technologies)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [243128 2014-10-15] (Disc Soft Ltd)
R3 FETNDIS; C:\Windows\System32\DRIVERS\fetnd6.sys [44032 2009-07-14] (VIA Technologies, Inc.              )
S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [110296 2014-06-14] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [211560 2013-06-18] (Microsoft Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [6504 2009-05-13] ()
S1 MpKslb3189f59; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{E4CFFD5A-C876-4E80-B999-7C2C8B1B1C08}\MpKslb3189f59.sys [X]
S4 nvvad_WaveExtensible; system32\drivers\nvvad32v.sys [X]
U5 UnlockerDriver5; C:\Program Files\Unlocker\UnlockerDriver5.sys [4096 2010-07-04] () [File not signed]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 16:42 - 2014-11-18 16:42 - 00012193 _____ () C:\Users\User\Downloads\FRST.txt
2014-11-18 16:30 - 2014-11-18 16:30 - 00001139 _____ () C:\Users\User\Desktop\JRT.txt
2014-11-18 16:27 - 2014-11-18 16:27 - 00000000 ____D () C:\Windows\ERUNT
2014-11-18 16:15 - 2014-11-18 16:15 - 01707532 _____ (Thisisu) C:\Users\User\Desktop\JRT.exe
2014-11-18 16:02 - 2014-11-18 16:10 - 00000000 ____D () C:\AdwCleaner
2014-11-18 16:00 - 2014-11-18 16:01 - 02140160 _____ () C:\Users\User\Downloads\adwcleaner_4.101.exe
2014-11-18 15:49 - 2014-11-02 12:28 - 06310920 _____ (Geek Uninstaller) C:\Users\User\Desktop\geek.exe
2014-11-18 15:46 - 2014-11-18 15:46 - 02571115 _____ () C:\Users\User\Desktop\geek.zip
2014-11-16 17:06 - 2014-11-18 16:12 - 00003234 _____ () C:\Windows\PFRO.log
2014-11-16 17:06 - 2014-11-18 16:12 - 00000336 _____ () C:\Windows\setupact.log
2014-11-16 17:06 - 2014-11-16 17:07 - 00418424 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-11-16 17:06 - 2014-11-16 17:06 - 00109928 _____ () C:\Users\User\AppData\Local\GDIPFONTCACHEV1.DAT
2014-11-16 17:06 - 2014-11-16 17:06 - 00000000 _____ () C:\Windows\setuperr.log
2014-11-16 16:26 - 2014-11-18 16:42 - 00000000 ____D () C:\FRST
2014-11-16 16:26 - 2014-11-16 16:26 - 01108992 _____ (Farbar) C:\Users\User\Downloads\FRST.exe
2014-11-16 16:13 - 2014-11-16 16:13 - 00000965 _____ () C:\Users\Public\Desktop\CCleaner.lnk
2014-11-16 16:13 - 2014-11-16 16:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-11-16 16:10 - 2014-11-16 16:11 - 04976136 _____ (Piriform Ltd) C:\Users\User\Downloads\ccsetup419pro.exe
2014-11-15 22:30 - 2014-11-15 22:30 - 00000011 ____R () C:\Windows\amunres.lsl
2014-11-15 22:12 - 2014-11-17 17:32 - 00000000 ____D () C:\Program Files\Steam
2014-11-15 22:10 - 2014-11-15 22:11 - 01142392 _____ () C:\Users\User\Downloads\SteamSetup.exe
2014-11-15 14:16 - 2014-11-15 14:16 - 38381556 _____ () C:\Users\User\Downloads\HideNSeek_BM.dem
2014-11-14 23:09 - 2014-11-15 13:09 - 48651703 _____ () C:\Users\User\Downloads\flipeR.dem
2014-11-14 22:21 - 2014-11-14 22:22 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-11-06 22:11 - 2014-11-06 22:11 - 00000000 ____D () C:\ProgramData\Avg_Update_1114tb
2014-11-03 00:05 - 2014-11-03 00:05 - 00017101 _____ () C:\Users\User\Downloads\Deja.Vu.2006.480p.BRRip.AC3.BGAUDIO-SlzD.torrent
2014-11-01 14:41 - 2014-11-01 14:41 - 222995856 _____ () C:\Users\User\cstrike 2014-11-01 14-41-20-99.avi
2014-11-01 14:40 - 2014-11-01 14:40 - 220153856 _____ () C:\Users\User\cstrike 2014-11-01 14-40-25-02.avi
2014-11-01 14:39 - 2014-11-01 14:40 - 221507616 _____ () C:\Users\User\cstrike 2014-11-01 14-39-52-28.avi
2014-11-01 14:39 - 2014-11-01 14:39 - 224203344 _____ () C:\Users\User\cstrike 2014-11-01 14-39-19-88.avi
2014-11-01 14:38 - 2014-11-01 14:39 - 219093188 _____ () C:\Users\User\cstrike 2014-11-01 14-38-42-11.avi
2014-11-01 14:38 - 2014-11-01 14:38 - 215116608 _____ () C:\Users\User\cstrike 2014-11-01 14-38-09-40.avi
2014-11-01 14:37 - 2014-11-01 14:38 - 228522404 _____ () C:\Users\User\cstrike 2014-11-01 14-37-36-12.avi
2014-11-01 14:37 - 2014-11-01 14:37 - 212516652 _____ () C:\Users\User\cstrike 2014-11-01 14-37-03-47.avi
2014-11-01 14:36 - 2014-11-01 14:37 - 230608452 _____ () C:\Users\User\cstrike 2014-11-01 14-36-30-17.avi
2014-11-01 14:33 - 2014-11-01 14:33 - 16519164 _____ () C:\Users\User\cstrike 2014-11-01 14-33-08-79.avi
2014-11-01 14:31 - 2014-11-01 14:31 - 224039848 _____ () C:\Users\User\cstrike 2014-11-01 14-31-25-65.avi
2014-11-01 14:13 - 2014-11-16 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Fraps
2014-11-01 14:13 - 2014-11-01 14:13 - 00036079 _____ (Beepa Pty Ltd) C:\Users\Fraps\uninstall.exe
2014-11-01 14:13 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps\HELP
2014-11-01 14:12 - 2014-11-01 14:13 - 00000000 ____D () C:\Users\Fraps
2014-11-01 14:11 - 2014-11-01 14:12 - 02326976 _____ (Beepa Pty Ltd) C:\Users\User\Downloads\setup.exe
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-11-18 16:19 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-11-18 16:19 - 2009-07-14 06:34 - 00026352 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-11-18 16:17 - 2010-11-20 23:01 - 00782154 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-11-18 16:15 - 2013-10-16 04:53 - 01175134 _____ () C:\Windows\WindowsUpdate.log
2014-11-18 16:12 - 2013-10-16 16:24 - 00000000 ____D () C:\ProgramData\NVIDIA
2014-11-18 16:12 - 2013-10-16 15:31 - 00000982 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-11-18 16:12 - 2009-07-14 06:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-11-18 16:10 - 2014-06-03 15:33 - 00001242 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-11-18 16:10 - 2014-03-01 13:26 - 00001019 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-11-18 16:10 - 2014-03-01 13:26 - 00001007 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-11-18 16:10 - 2013-10-16 15:35 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-11-18 16:05 - 2013-10-16 15:33 - 00000000 ____D () C:\Users\User\AppData\Roaming\Skype
2014-11-18 16:03 - 2014-03-29 11:56 - 00000069 _____ () C:\Windows\NeroDigital.ini
2014-11-18 15:59 - 2013-10-16 15:31 - 00000986 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-11-18 15:56 - 2013-10-16 15:12 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-11-17 07:19 - 2014-03-01 13:25 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-11-16 19:00 - 2009-07-14 04:37 - 00000000 ____D () C:\Windows\system32\LogFiles
2014-11-16 16:22 - 2014-04-20 11:44 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Pro Evolution Soccer 2014
2014-11-16 16:22 - 2014-03-15 19:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Custom Strike
2014-11-16 16:22 - 2013-12-16 05:55 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Earth
2014-11-16 16:22 - 2013-12-12 17:24 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Counter-Strike 1.6
2014-11-16 16:22 - 2013-10-30 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Casino at bet365
2014-11-16 16:22 - 2013-10-20 16:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Resource Hacker
2014-11-16 16:22 - 2013-10-16 15:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Picasa 3
2014-11-16 16:19 - 2013-12-21 14:56 - 00000000 ____D () C:\Users\User\AppData\Roaming\TeamViewer
2014-11-16 16:19 - 2013-10-16 15:32 - 00000000 ____D () C:\Users\User\AppData\Roaming\uTorrent
2014-11-16 16:19 - 2013-10-16 15:28 - 00000000 ____D () C:\Users\User\AppData\Roaming\DAEMON Tools Lite
2014-11-16 16:18 - 2014-09-13 22:05 - 00000000 ____D () C:\Users\User\AppData\Local\CrashDumps
2014-11-16 16:18 - 2013-10-16 15:49 - 00000000 ____D () C:\Windows\Panther
2014-11-15 22:12 - 2014-02-06 17:52 - 00000921 _____ () C:\Users\Public\Desktop\Steam.lnk
2014-11-13 23:56 - 2013-10-16 15:12 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-11-13 23:56 - 2013-10-16 15:12 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-11-10 23:06 - 2014-10-16 14:53 - 00000749 _____ () C:\Users\User\Desktop\Нов текстов документ.txt
2014-11-05 10:54 - 2014-06-13 04:39 - 00002000 _____ () C:\Users\Public\Desktop\Google Slides.lnk
2014-11-05 10:54 - 2014-06-13 04:39 - 00001998 _____ () C:\Users\Public\Desktop\Google Sheets.lnk
2014-11-05 10:54 - 2014-06-13 04:39 - 00001988 _____ () C:\Users\Public\Desktop\Google Docs.lnk
2014-11-05 10:54 - 2014-01-27 16:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-11-03 21:23 - 2013-11-28 23:17 - 00000000 ____D () C:\Windows\Minidump
2014-10-30 13:24 - 2013-10-16 15:28 - 00229000 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
 
Files to move or delete:
====================
C:\Users\Fraps\fraps.exe
C:\Users\Fraps\fraps32.dll
C:\Users\Fraps\fraps64.dat
C:\Users\Fraps\fraps64.dll
C:\Users\Fraps\frapslcd.dll
C:\Users\Fraps\uninstall.exe
 
 
Some content of TEMP:
====================
C:\Users\User\AppData\Local\Temp\Quarantine.exe
C:\Users\User\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-11-15 04:51
 
==================== End Of Log ============================
 
Съдържанието на Addition.txt
 
 
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 16-11-2014 01
Ran by User at 2014-11-18 16:43:18
Running from C:\Users\User\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}
AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}
FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
µTorrent (HKLM\...\uTorrent) (Version: 3.0.0 - )
2007 Microsoft Office Suite Service Pack 2 (SP2) (HKLM\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}) (Version:  - Microsoft)
2007 Microsoft Office Suite Service Pack 2 (SP2) (Version:  - Microsoft) Hidden
Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Flash Player 15 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 15.0.0.223 - Adobe Systems Incorporated)
Adobe Reader 9 - Bulgarian (HKLM\...\{AC76BA86-7AD7-1026-7B44-A90000000001}) (Version: 9.0.0 - Adobe Systems Incorporated)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4765 - AVG Technologies)
AVG 2014 (Version: 14.0.4040 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4259 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4765 - AVG Technologies) Hidden
BS.Player FREE (HKLM\...\BSPlayerf) (Version: 2.66.1075 - AB Team, d.o.o.)
BS.Player PRO (HKLM\...\BSPlayerp) (Version: 2.51.1022 - Webteh, d.o.o.)
Casino at bet365 (HKLM\...\bet365casino) (Version:  - )
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
Counter-Strike (HKLM\...\Steam App 10) (Version:  - Valve)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 4.49.1.0356 - Disc Soft Ltd)
Decal Converter (HKLM\...\{5BB207D6-0E1E-11D5-9B6A-00C04F7EC248}) (Version:  - )
FlexType 2K (HKLM\...\FlexType 2K) (Version:  - )
Fraps (HKLM\...\Fraps) (Version:  - )
Google Chrome (HKLM\...\Google Chrome) (Version: 38.0.2125.111 - Google Inc.)
Google Drive (HKLM\...\{C60F3836-333A-4AE2-B526-CFDBA143A9BA}) (Version: 1.18.7821.2489 - Google, Inc.)
Google Earth (HKLM\...\{4D2A6330-2F8B-11E3-9C40-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Malwarebytes Anti-Malware, версия 2.0.2.1012 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Extended (HKLM\...\Microsoft .NET Framework 4 Extended) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISE) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.3.216.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 33.1 (x86 bg) (HKLM\...\Mozilla Firefox 33.1 (x86 bg)) (Version: 33.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
Nero 8 Lite 8.1.1.0 (HKLM\...\Nero8Lite_is1) (Version: 8.1.1.0 - Updatepack.nl)
NVIDIA 3D Vision Controller Driver 326.01 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 326.01 - NVIDIA Corporation)
NVIDIA 3D Vision Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 327.23 - NVIDIA Corporation)
NVIDIA Graphics Driver 327.23 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 327.23 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.26.4 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.26.4 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
Picasa 3 (HKLM\...\Picasa 3) (Version: 3.8 - Google, Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 5.10.0.5366 - Realtek Semiconductor Corp.)
Skype™ 6.18 (HKLM\...\{7A3C7E05-EE37-47D6-99E1-2EB05A3DA3F7}) (Version: 6.18.106 - Skype Technologies S.A.)
Steam (HKLM\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Unlocker 1.9.2 (HKLM\...\Unlocker) (Version: 1.9.2 - Cedrick Collomb)
UPDF (HKLM\...\UPDF) (Version:  - )
Winamp (HKLM\...\Winamp) (Version: 5.551  - Nullsoft, Inc)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version:  - )
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
CustomCLSID: HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}\InprocServer32 -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll No File
CustomCLSID: HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\User\AppData\Local\Torch\Application\36.0.0.8226\delegate_execute.exe" No File
 
==================== Restore Points  =========================
 
12-11-2014 05:34:28 Windows Update
15-11-2014 19:26:24 Windows Update
16-11-2014 17:00:25 Архивиране в Windows
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 04:04 - 2009-06-10 23:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {09439865-C0CE-45DD-8B3F-3BC6BEF20657} - System32\Tasks\{C44C7B37-5B9D-4DCE-8160-392D4E6272A0} => Firefox.exe http://ui.skype.com/ui/0/6.20.0.104/bg/abandoninstall?page=tsMain
Task: {16F522D8-4FC7-4313-802B-222AD44A5159} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {5FEEFCCA-B63A-4170-8DB4-B8BF7D139EE0} - System32\Tasks\Open Chrome => Chrome.exe --new-window
Task: {A92F01F7-15F0-43B3-921A-43E54A773294} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-13] (Adobe Systems Incorporated)
Task: {A9DD1178-9744-49CC-9B8C-DACD6B860060} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2014-06-03] (Google Inc.)
Task: {C7F1407D-13B6-4109-BCAE-FF4C175B6ECA} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe
 
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
 
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Open Chrome.job => c:\program files\Google\Chrome\Application\chrome.exe
 
==================== Loaded Modules (whitelisted) =============
 
2013-10-16 16:23 - 2013-09-12 08:28 - 00088864 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax.dll
2010-07-04 23:32 - 2010-07-04 23:32 - 00004608 _____ () C:\Program Files\Unlocker\UnlockerHook.dll
2013-10-17 10:11 - 2002-04-22 23:17 - 00045056 _____ () C:\Windows\system32\newdll.dll
2010-07-04 21:51 - 2010-07-04 21:51 - 00017408 _____ () C:\Program Files\Unlocker\UnlockerAssistant.exe
2013-10-17 10:11 - 2002-05-19 08:24 - 00095232 _____ () C:\Program Files\Datecs\FlexType 2K\FType2K.exe
2014-10-27 23:55 - 2014-10-22 06:04 - 01042760 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libglesv2.dll
2014-10-27 23:55 - 2014-10-22 06:04 - 00211272 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\libegl.dll
2014-10-27 23:55 - 2014-10-22 06:04 - 08910664 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\pdf.dll
2014-10-27 23:55 - 2014-10-22 06:04 - 01681224 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\ffmpegsumo.dll
2014-10-27 23:55 - 2014-10-22 06:05 - 14902600 _____ () C:\Program Files\Google\Chrome\Application\38.0.2125.111\PepperFlash\pepflashplayer.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
========================= Accounts: ==========================
 
Administrator (S-1-5-21-2270866911-400411527-1567922316-500 - Administrator - Disabled)
Guest (S-1-5-21-2270866911-400411527-1567922316-501 - Limited - Disabled)
User (S-1-5-21-2270866911-400411527-1567922316-1000 - Administrator - Enabled) => C:\Users\User
 
==================== Faulty Device Manager Devices =============
 
Name: MpKslb3189f59
Description: MpKslb3189f59
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer: 
Service: MpKslb3189f59
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Processor: AMD Athlon 64 X2 Dual Core Processor 4000+
Percentage of memory in use: 36%
Total physical RAM: 2047.29 MB
Available physical RAM: 1308.79 MB
Total Pagefile: 4094.58 MB
Available Pagefile: 3114.98 MB
Total Virtual: 2047.88 MB
Available Virtual: 1895.09 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:68.26 GB) (Free:40.89 GB) NTFS
Drive d: () (Fixed) (Total:80.68 GB) (Free:1.03 GB) NTFS
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: 9B789B78)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=68.3 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=80.7 GB) - (Type=OF Extended)
 
==================== End Of Log ============================

Линк към коментара
Сподели в други сайтове

AV: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}

AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F}

AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AS: AVG AntiVirus Free Edition 2014 (Disabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}

FW: AVG Internet Security 2014 (Disabled) {36AFA1E1-4CDC-7EF8-11EE-C77C3581ABA2}

 

Здравейте..Това е голяма грешка..Две антивирусни програми...Писали сме надълго и нашироко защо това е така..!

Деинсталирайте едната програма задължително по правилния начин..!Какво имам впредвид.

 

1.Ако решите да премахнете Microsoft Security Essentials..:

 

 

2.Ако решите да премахнете AVG Internet Security 2014..:

 

  • Изтеглете и стартирайте инструмента съответстващ на вашата версия от тук
  • След завършване на процедурата рестартирайте компютъра си.

 

FRST.gif Фикс с Farbar Recovery Scan Tool

 

icon13.gif Изтеглете прикачения файл и го запазете там, където сте свалили FRST.exe => fixlist.txt

 

Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.

 

ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници

 

В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt
Линк към коментара
Сподели в други сайтове

Деинсталирах едната антивирусна програма, по начина, който казахте. Ето и това, което поискахте.

 

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 16-11-2014 01
Ran by User at 2014-11-18 20:07:31 Run:1
Running from C:\Users\User\Downloads
Loaded Profile: User (Available profiles: User)
Boot Mode: Normal
 
==============================================
 
Content of fixlist:
*****************
start
closeprocesses:
HKLM\...\Run: [kbdsprt] => [X]
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {66178fc2-3664-11e3-b5d3-001d60b9b63b} - G:\setup.exe
HKU\S-1-5-21-2270866911-400411527-1567922316-1000\...\MountPoints2: {e59f4acc-5383-11e4-95d6-001d60b9b63b} - F:\setup.exe
FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\extensions\[email protected] [Not Found]
FF Extension: No Name - [email protected] [Not Found]
CustomCLSID: HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\CLSID\{A2DF06F9-A21A-44A8-8A99-8B9C84F29160}\localserver32 -> "C:\Users\User\AppData\Local\Torch\Application\36.0.0.8226\delegate_execute.exe" No File
C:\Users\User\AppData\Local\Torch\Application\36.0.0.8226\delegate_execute.exe
CustomCLSID: HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\CLSID\{93a3111f-4f74-4ed8-895e-d9708497629e}\InprocServer32 -> C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll No File
C:\Program Files\VideoDownloadConverter_4z\bar\1.bin\4zSrcAs.dll No File
EmptyTemp:
end
Линк към коментара
Сподели в други сайтове

Какво е моментното състояние на системата ви..? Наблюдавате ли някои от първоначалните проблеми..?

Между другото това не е пълен дневник..копирали се само половината...

Линк към коментара
Сподели в други сайтове

Няма промяна от това, което написах в първия пост на темата.Както казах, още преди да създам тази тема успях да изчистя диск C и при него няма проблеми, но положението при диск D остава много сериозно. Имам едва 1,03 ГБ свободно пространство от 80,6 ГБ.

Линк към коментара
Сподели в други сайтове

Нали не мислите че проблема с локален диск "D" ..е породен от зловреден софтуер....?

 

Изтеглете програмата TreeSizeFree. и я инсталирате.Стартирате я и след като си свърши работата направете снимки и ги публикувайте в следващия си пост.

Линк към коментара
Сподели в други сайтове

Цъкнах на Scan и избрах Локален диск (D:). Ето резултата:

 

http://prikachi.com/images.php?images/125/7734125H.png( извинете ме, но не знам как да публикувам самата снимка тук и за това я качих в този сайт).

Линк към коментара
Сподели в други сайтове

Покажете съдържанието на папката USER - PC...Тази папка е около 70 GB...!?! По името на папката имам съмнения че това е папка на системен бекъп..Но да не бързаме с изводите.

Линк към коментара
Сподели в други сайтове

Оказах се прав..папка със с бекъпи...!Съхранявате копие от юли месец...а имате по нов. Спокойно можете да изтриете едната папка - тази с 41 gb.След това прочетете внимателно тази статия:

 

http://vmrejata.info/os/windows-7/392-backup-user-and-system-files-in-windows-7.html

 

и си конфигурирайте правилно компютъра.Други добри статии:

http://pcworld.bg/22855_absurdno_prost_narachnik_za_bekap_na_cenni_danni&ref=more

 

Относно почистването на компютъра ви направете следното:

 

GUZVCQN.jpg  Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .
  Кликнете два пъти върху mbam-setup-consumer-2.0.0.1хххх.exe и следвайте инструкциите, за да инсталирате програмата .

  • В секцията Settings = > Detection and Protection => Detection Options, се поставя отметка в квадратчето 'Scan for rootkits'.

MBAMsettings.JPG

  • В главния прозорец на програмата , щракнете върху 'Update Now'
  • След актуализацията завърши, кликнете на бутона " 'Scan Now  " .
  • Ако има налична актуализация , щракнете върху бутона Update Now button .
  • Ще стартира Threat Scan.
  • Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Apply Actions за да се позволи на Mbam да почисти засеченото. .

MBAMReboot.JPG

  •   След рестарта ,стартирайте Mbam още веднъж.
  •   Кликнете на History tab > Application Logs .
  •   Кликнете два пъти върху реда , който показва датата и часа на сканирането или View Detailed Log .
  •   Кликнете върху " Copy да Clipboard "

MBAMLog.JPG

  •   Поставете  съдържанието на клипборда в следващия си  отговор.

 

 

 

Hitman-Pro-Logo.png Сканиране с HitmanPro

 

1.Изтеглете Hitman Pro.
 

  • За 32-битова система - dEMD6.gif.
  • За 64-битова система - Download-button3.gif
    2.Стартирайте програмата.

3.След като сте стартирали програмата като кликнете върху иконата 5vo5F.jpg и натиснете бутона „Напред“ като се съгласите с лицензионното споразумение (EULA).
4.Сложете отметка пред "Не, искам да завърша еднократно сканиране на компютъра".

5.Натиснете бутона „Напред“.

6.Програмата ще започне да сканира. Времето за сканиране е около 2 минути.

7.След завършване на сканирането от списъка с намерените неща (ако има такива) изберете Apply to all => Ignore.

8.Натиснете "Next" и след това натиснете "Изнеси резултата в XML file" и запазете лог файла на десктопа.

9.Архивирайте файла и го прикачете в следващия си коментар или копирайте съдържанието му в следващия си коментар.
 
Забележка: Ако няма падащо меню, където да изберете ignore както на снимката:
 
6-scanfin-choose.jpg
 
Тогава просто затворете програмата след края на проверката (без да премахвате нищо)...след това отворете C:ProgramdataHitmanProLogs, отворете и публикувайте съдържанието на лог файла в следващия си коментар.

Линк към коментара
Сподели в други сайтове

Мисля, че обърках след сканирането на втората програма HitmanPro. Без да искам изтрих намарените файлове. Кликнах на Приложи на всички (Apply to all) -=> Изтриване ( Delete ). Много съжалявам, надявам се, че грешката ми няма да обърка нещата. А от първата програма, не разбрах, искате да копирам съдържанието от първото сканиране или от второто? Все пак ще ви дам съдържанието и от двете сканирания.

 

 

Първото сканиране: 
 
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 22.11.2014 г.
Scan Time: 17:22:28 ч.
Logfile: 
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.09.19.05
Rootkit Database: v2014.11.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 284528
Time Elapsed: 14 min, 55 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 2
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, Quarantined, [254645f98cf039fd09386c057292be42], 
PUP.Optional.FastStart.A, HKU\S-1-5-21-2270866911-400411527-1567922316-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS, Quarantined, [4724a49ae29ac1753288fd084ab9e020], 
 
Registry Values: 1
PUP.Optional.FastStart.A, HKU\S-1-5-21-2270866911-400411527-1567922316-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\EXTENDS|appid, [email protected], Quarantined, [4724a49ae29ac1753288fd084ab9e020]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 6
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config, Quarantined, [8cdf18262c500d296c1a729f41c2db25], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected], Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\mz, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\skin, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
 
Files: 31
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\ver.xml, Quarantined, [8cdf18262c500d296c1a729f41c2db25], 
PUP.Optional.OffersWizard.A, C:\Program Files\Common Files\Config\uninstinethnfd.exe, Quarantined, [8cdf18262c500d296c1a729f41c2db25], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome.manifest, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\icon.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\install.rdf, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\background.html, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\bg.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\button.xml, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\config.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\content.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\framework.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\framework.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\framework.xul, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon128.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon128.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon16.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon16.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon18.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon18.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon24.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon24.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon32.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon32.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon48.ico, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\icon48.png, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\jquery-1.9.1.min.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\options.xul, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\settings.json, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\mz\background.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\content\mz\content.js, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
PUP.Optional.ZulaGames.A, C:\Users\User\AppData\Roaming\Mozilla\Extensions\[email protected]\chrome\skin\framework.css, Quarantined, [4625a39b7efe53e39ab058992dd59967], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
И това е резултата от второто пускане на програмата:
 
Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 22.11.2014 г.
Scan Time: 17:45:02 ч.
Logfile: 
Administrator: Yes
 
Version: 2.00.3.1025
Malware Database: v2014.11.22.09
Rootkit Database: v2014.11.21.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: User
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 293707
Time Elapsed: 14 min, 40 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 0
(No malicious items detected)
 
Registry Values: 0
(No malicious items detected)
 
Registry Data: 0
(No malicious items detected)
 
Folders: 0
(No malicious items detected)
 
Files: 0
(No malicious items detected)
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)
 
Ето ви и съдържанието на файла от програмата HitmanPro
 
HitmanPro 3.7.9.232
www.hitmanpro.com
 
   Computer name . . . . : USER-PC
   Windows . . . . . . . : 6.1.1.7601.X86/2
   User name . . . . . . : User-PC\User
   UAC . . . . . . . . . : Disabled
   License . . . . . . . : Trial (30 days left)
 
   Scan date . . . . . . : 2014-11-23 15:35:06
   Scan mode . . . . . . : Normal
   Scan duration . . . . : 4m 43s
   Disk access mode  . . : Direct disk access (SRB)
   Cloud . . . . . . . . : Internet
   Reboot  . . . . . . . : Yes
 
   Threats . . . . . . . : 1
   Traces  . . . . . . . : 107
 
   Objects scanned . . . : 883 867
   Files scanned . . . . : 16 796
   Remnants scanned  . . : 242 883 files / 624 188 keys
 
Suspicious files ____________________________________________________________
 
   C:\Program Files\Datecs\FlexType 2K\FType2K.exe -> Deleted
      Size . . . . . . . : 95 232 bytes
      Age  . . . . . . . : 402.2 days (2013-10-17 10:11:26)
      Entropy  . . . . . : 7.9
      SHA-256  . . . . . : BD5C0D3BC913D7BC3C303EC6AD63A74E754A50AF8CF8B7F1CCB5D02F7C040FAE
      Gossip . . . . . . : FlexType 2K
      Parent Name  . . . : C:\Windows\Explorer.EXE
      Running processes  : 3040
      Fuzzy  . . . . . . : 23.0
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Uses the Startup folder in the Start Menu to run each time the user logs on.
         Program is running but currently exposes no human-computer interface (GUI).
         The Entry Point of this file lies in a resource section. This is an indication of malware infection.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Program starts automatically without user intervention.
         Program contains PE structure anomalies. This is not typical for most programs.
         The file is in use by one or more active processes.
         The file appears to be part of an installation package or setup program. This is typical for most programs.
      Startup
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FlexType 2K.lnk
      References
         C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Datecs Applications\FlexType 2K.lnk
 
   C:\Users\User\Downloads\FRST.exe -> Deleted
      Size . . . . . . . : 1 108 992 bytes
      Age  . . . . . . . : 7.0 days (2014-11-16 16:26:23)
      Entropy  . . . . . : 8.0
      SHA-256  . . . . . : A71EBE86171BEE392F3CFD906AA3F708F92C340FE704DF3C3D618E4ED47239E1
      Needs elevation  . : Yes
      Fuzzy  . . . . . . : 24.0
         Program has no publisher information but prompts the user for permission elevation.
         Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
         Authors name is missing in version info. This is not common to most programs.
         Version control is missing. This file is probably created by an individual. This is not typical for most programs.
         Time indicates that the file appeared recently on this computer.
 
 
Malware remnants ____________________________________________________________
 
   HKLM\SOFTWARE\Classes\Interface\{EFC32678-546B-4367-8B25-B40BF45CC1A3}\ (BuenoSearch) -> Deleted
 
Potential Unwanted Programs _________________________________________________
 
   askws
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data
 
   webssearches
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Web Data
 
   HKLM\SOFTWARE\Classes\Interface\{34AD1EA7-8B9E-4D8B-B3ED-365D12C8EE73}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{35144E32-8E4C-4152-9B8C-3E2D4B46228E}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{35BBB95B-2CE4-4A9E-BDED-50EFD632AC00}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{3BA6794F-1E38-4460-949A-0DE97D8EF5C2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{3CBA93EA-AEC3-4EC3-9EFD-D96A661B639D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{5A96E574-F8A6-4F6A-B58D-79C14B698017}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{6605E3BD-7BC3-479C-BF0A-E5D5E954EA52}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{8B8BB3A7-2ADE-4995-931D-60B430A9B44E}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{93F0AC70-20D8-4AE8-A02F-6812EFFB6B58}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{94E98D20-156E-4C53-BD7F-972C96E680B2}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{A266567F-8E5D-480C-BCE2-C360FA669FD5}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{CE4F67F6-4FD4-49DB-9D71-713CCD3D00CD}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{E14CDC24-4BE1-4B65-8452-4BFA0DCEF274}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Classes\Interface\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{66d59105-fe06-43a4-b292-eb0097e9eb74}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{8aadc8b2-562b-407b-88b3-916140226cbc}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9103c314-c4e2-4463-8934-b19bcb46236d}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{97cef41c-5055-474a-855a-892d4fe3e596}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d375ee64-f893-498a-a0e9-0e9829c88c3d}\ (MindSpark) -> Deleted
   HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) -> Deleted
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000\Software\Classes\.torrent\iLivid.torrent_backup (iLivid) -> Deleted
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000\Software\Classes\softonic\ (Softonic) -> Deleted
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} (iLivid) -> Deleted
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}\ (MindSpark) -> Deleted
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\.torrent\iLivid.torrent_backup (iLivid) -> PendingDelete
   HKU\S-1-5-21-2270866911-400411527-1567922316-1000_Classes\softonic\ (Softonic) -> PendingDelete
 
Cookies _____________________________________________________________________
 
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.360yield.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.mlnadvertising.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ad.zanox.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.kaldata.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.novsport.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.p161.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.pubmatic.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.stickyadstv.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ads.trafficjunky.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adserver.abv.bg
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtech.de
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:adtechus.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:advertising.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:atdmt.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:casalemedia.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:diff3.smartadserver.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:doubleclick.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:engine.phn.doublepimp.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:exoclick.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:porn-xnick.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:pornhub.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:revsci.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:ru4.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:serving-sys.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexad.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:sexyloca.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:smartadserver.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:statcounter.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:track.adform.net
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:tribalfusion.com
   C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Cookies:yadro.ru
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ad.360yield.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.ad4game.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.creative-serving.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.kaldata.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.mediade.sk
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.p161.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.pio.bg
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.pubmatic.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.stickyadstv.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ads.trafficjunky.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:adserver.abv.bg
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:adtech.de
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:adtechus.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:advertising.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:at.atwola.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:atdmt.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:bs.serving-sys.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:burstnet.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:casalemedia.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:diff3.smartadserver.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:doubleclick.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:engine.phn.doublepimp.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ero-advertising.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:exoclick.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:fastclick.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:media6degrees.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:porn-xnick.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:pornhub.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:revsci.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:ru4.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:serving-sys.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:smartadserver.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:track.adform.net
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:www.burstnet.com
   C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\tg6aayzy.default\cookies.sqlite:www.googleadservices.com
 
 
 
 
Линк към коментара
Сподели в други сайтове

Има голямо подобрение. Дискът вече не е препълнен. 45 ГБ свободно място от 80 . В момента всичко е наред.

 

 

Прекрасно..! :) Да премахнем инструментите които използвахме..:

 

 

icon_arrow.gif Изтеглете следния файл и го запазете в папката от която стартирахте FRST.exe.

Стартирайте FRST.exe и натиснете бутона Fix веднъж!

След като приключи публикувайте лог файла - fixlog.txt, който ще се създаде след работата. Той трябва да изтрие карантинната папка на инструмента разположена в C:FRSTQuarantine.

 

 

icon_arrow.gif Изтеглете DelFix и го стартирайте. Сложете отметка пред Remove disinfection tools и след това натиснете бутона Run

Инструмента ще се самоизтрие след като приключи своята задача!

 

1_tmb_68929169_delfix.gif.jpg

 

 

icon_exclaim.gif Деинсталирайте adwcleaner.exe

  • Моля, затворете всички отворени програми и интернет браузъри.
  • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
  • Кликнете върху Uninstall .
  • Щракнете върху Yes за да деинсталирате Adwcleaner

 

icon_arrow.gif Препоръчвам програмата Malwarebytes' Anti-Malware да остане на вашия компютър и периодично да сканирате системата си с нея (поне един -два пъти в седмицата),като не забравяйте да обновите дефинициите и преди всяко сканиране..!Напомням че това не е антивирусна програма а едно изключително добро допълнение към нея..!

 

 

vxyzw0.gifИзползвайте програмите PatchMyPC или Secunia Personal Software Inspector за да инсталирайте всички ъпдейти и последни версии на софтуер, които инструментите ви предложат.

 

Предлагам ви да използвате тази много добра малка програма, която автоматично ще премахва всички нежелани допълнения  по време на инсталирането на софтуера. Това помага за предотвратяване на инсталиране на зловреден код.

 

Кликнете тук за да изтеглите програмата и я инсталирайте..!

 

xunchecky1_zps667e512d.jpg.pagespeed.ic.

xunchecky2_zpsca4e7d0d.jpg.pagespeed.ic.

 

 

Ако има инструменти, папки или логове от използваните от нас неща и те не са се изтрили при горе-споменатите процедури, ги изтрийте ръчно.

 

Ако нямате други въпроси маркирам случая за "Решен"...! Пожелавам лек ден и безопасен интернет..! :)

Линк към коментара
Сподели в други сайтове

.Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version: 23-11-2014
Ran by User at 2014-11-24 21:02:57 Run:2
Running from C:\Users\User\Downloads\Нова папка
Loaded Profile: User (Available profiles: User)
Boot Mode: Normal

==============================================

Content of fixlist:
*****************
start
DeleteQuarantine:
end
*****************

"C:\FRST\Quarantine" => Removed successfully.

==== End of Fixlog ====

 

Изчистих и всичко останало, следвайки вашите инструкции.

 

 

Безкрайно съм ви благодарен! :) Без вашата помощ, не си и представях как ще се справя

 

И аз ви пожелавам всичко най - хубаво за напред. и благодаря за всичко!

Линк към коментара
Сподели в други сайтове

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Подобни теми

    • от CaptainJord
      Здравейте, от известно време системата ми не работи както обикновенно. Много често процесора е към 100%, както и другите статистики. Също така, докато съм пуснал някоя игра получавам рязки спадове на FPS, което не е нормално за компютъра ми. Имам стабилна конфигурация GTX 1050 TI 4gb I5 6600k. Теглих какви ли не програми за сканиране на malware - намираха доста зловредни файлове, но уж ги чистят, а пак продължава проблема...
       

       
      Addition.txt FRST.txt

    • от FrankyF
      Здравейте, на скоро ми излезе един попъп :

      И понеже нямах антивирусна преди това исках да направя профилактична проверка.
      Прикачвам FRST & Adition.
      Adition - https://dox.abv.bg/download?id=ec814d8d64# - Линк за сваляне
      ckfiles - https://dox.abv.bg/download?id=e280a29d87# - Линк за сваляне
      FRST - https://dox.abv.bg/download?id=bb2866b435# - Линк за сваляне
      Днес като стартирах PC  видях за около части от секундата 4 терминала които се отвориха и затвориха.
       
      Благодаря предварително.
      Поздрави
    • от blazarow09
      От скоро ползвам машината и след като я закупих(нова) Windows defender беше спрян по подразбиране и на негово място имаше Norton Security, като аз прецених да го оставя, въпреки, че винаги съм ползвал Windows Defender. Преди седмица-две, след сканиране на системата ми излязоха няколко зловредни файла и антивирусната започна да спрами за някакви BitCoin Miners, аз мислех, че съм ги зачистил, но явно все още има останали зловредни файлове и днес ми се наложи да отворя Device Manager-a, като получих това съобщение.
       
      Не усещам разлика в performance-a на самата машина, но искам да съм сигурен, че всичко е наред и няма файлове, които могат да ми навредят за в бъдеще.

      Прикачвам логовете от Farbar и се надявам да ми помогнете. Благодаря предварително!
      Addition.txt FRST.txt
    • от Yanichka
      Здравейте. Имам проблеми с лаптопа ми от известно време - много е бавен, пренатоварва се и CPU-то работи на по-малко от  50%.. Бях посъветвана първо да проверя за вируси и нежелани софтуери, преди да предприема други мерки. Лаптопът е DELL Latitude E5540, Intel inside core i7 vPro. Да кажем, че  е средно на около 6 годинки :)) Коя антивирусна програма бихте ми препоръчали? Ако имате нужда от още информация за лаптопа, само пишете ;))  Благодаря предварително
  • Дарение

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване