Премини към съдържанието

    Препоръчан отговор


    Здравейте. Преди 4 дена ми изтече windows 8.1-цата и ми трябваше да я възобновя, изтеглих KMSpico ,обаче с него ми инсталира разни подобни на google chrome, firefox браузъри,за това го изтрих, след ,което почистих регистрито,ccleaner пуснах. Изтеглих KMSpico от замунда и всичко си беше Окей. Преди 2 дена обаче започнаха да ми излизат в мозилата разни адове,поп-ъпс на offersbycontent . Какво ли не опитвах,за да ги премахна,но безуспешно. Първо сканирах с аваст,махнах,каквото намери , След което trojan killer , също, сканирах с malwarebytes anti malware ,премахнах,каквото има, със spyhunter ,също. Почистих %temp% ,регистри , погледнах за приставки в мозилата  - няма . Връщах настройки, чистих ,преинсталирах, пак чистих с Ccleaner - безуспешно. В control panel няма програма ,поне не видно, която да е причината . Ако може да помогнете :)

    П.П. забравих да допълня,че опитах и с adblocker , pop-up blocker и нямаше разлика

    Редактирано от icotonev (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Постъпили сте изключително грешно...!Много хора се опитват да се справят сами....което е по- скоро нож с две остриета....вашия случай е такъв..използвали сте различен софтуер..и какво постигнахте..!?! То ако ставаше така лесно...!Като отидете на лекар, той какво прави....почва да ви изписва произволно лекарства и с което стане... или ви назначава необходимите изследвания и на тяхна база  взема решение за лечението ви..! Така ли е..? :)

     

    Следвайте стъпките на темата:

     

    Системата ми е инфектирана - Какво да правя сега?
    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:28-06-2015 01
    Ran by bgmafio7a (administrator) on REDZERG on 30-06-2015 19:09:51
    Running from C:\Users\bgmafio7a\Downloads
    Loaded Profiles: bgmafio7a (Available Profiles: bgmafio7a)
    Platform: Windows 8.1 Pro N (X64) OS Language: English (United States)
    Internet Explorer Version 11 (Default browser: FF)
    Boot Mode: Normal
     
    ==================== Processes (Whitelisted) =================
     
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
     
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
    (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    () D:\EslWire\service\WireHelperSvc.exe
    (Microsoft Corporation) C:\Windows\System32\dasHost.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
    () C:\ProgramData\DatacardService\HWDeviceService64.exe
    () C:\ProgramData\M-Tel NETAGENT\OnlineUpdate\ouc.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    () C:\Windows\System32\PnkBstrA.exe
    (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamNetworkService.exe
    (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
    (Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
    (Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\ng\ngservice.exe
    (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
    (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
    (Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe
    (Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr.exe
    (Raptr, Inc) C:\Program Files (x86)\Raptr\raptr_im.exe
    (Raptr Inc.) C:\Program Files (x86)\Raptr\raptr_ep64.exe
    (Enigma Software Group USA, LLC.) C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe
    (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Blizzard Entertainment) E:\Games\WoW Warmane Pandaria\World of Warcraft - Mists of Pandaria 5.4.2 (17688)\Wow.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
     
     
    ==================== Registry (Whitelisted) ==================
     
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
     
    HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2754704 2015-05-23] (NVIDIA Corporation)
    HKLM\...\Run: [shadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
    HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [557768 2015-02-03] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5515496 2015-05-23] (Avast Software s.r.o.)
    HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [55568 2015-05-15] (Raptr, Inc)
    HKLM-x32\...\Run: [NCUpdateHelper] => C:\Program Files (x86)\NCWest\NCLauncher\NCUpdateHelper.exe [526240 2015-02-10] (NCSOFT Corporation)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-06-18] (Malwarebytes Corporation)
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\Run: [skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [28787840 2015-06-02] (Skype Technologies S.A.)
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\Run: [OscarEditor] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\\OscarEditor.exe [3543040 2010-12-18] ()
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\Run: [OscarKeyboard] => C:\Program Files (x86)\X7 Oscar Keyboard Editor\OscarEditor.exe [3543040 2010-12-18] ()
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8358680 2015-06-01] (Piriform Ltd)
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {2dd22da7-d520-11e4-9c58-002215ef373a} - "H:\HTC_Sync_Manager_PC.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {2dd22e5b-d520-11e4-9c58-002215ef373a} - "H:\HTC_Sync_Manager_PC.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {67b8bdde-8d50-11e4-9bf6-806e6f6e6963} - "F:\BlueBirds.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {e4cf09a0-b808-11e4-9c33-002215ef373a} - "H:\Startme.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {e52eb0d9-d136-11e4-9c55-0022431f5a55} - "H:\AutoRun.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {e52eb127-d136-11e4-9c55-0022431f5a55} - "H:\AutoRun.exe" 
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\...\MountPoints2: {ef6f4e7f-db91-11e4-9c5e-0022431f5a55} - "H:\Startme.exe" 
    AppInit_DLLs-x32: => "" File not found
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-05-23] (Avast Software s.r.o.)
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
     
    ==================== Internet (Whitelisted) ====================
     
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
     
    HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
    HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com
    HKU\S-1-5-21-3736983327-3528880480-2084376208-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-05-23] (Avast Software s.r.o.)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-05-23] (Avast Software s.r.o.)
    Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
    Tcpip\..\Interfaces\{4324A468-6F5F-477A-940D-0A7D873801E2}: [DhcpNameServer] 192.168.0.1
     
    FireFox:
    ========
    FF ProfilePath: C:\Users\bgmafio7a\AppData\Roaming\Mozilla\Firefox\Profiles\y9umdq66.default-1435623429873
    FF Homepage: google.bg
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_194.dll [2015-06-23] ()
    FF Plugin: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelogx64.dll [2015-01-13] (EA Digital Illusions CE AB)
    FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_194.dll [2015-06-23] ()
    FF Plugin-x32: @esn/npbattlelog,version=2.6.2 -> C:\Program Files (x86)\Battlelog Web Plugins\2.6.2\npbattlelog.dll [2015-01-13] (EA Digital Illusions CE AB)
    FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-01-27] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-01-27] (Oracle Corporation)
    FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2015-02-04] (NVIDIA Corporation)
    FF Plugin-x32: @raidcall.en/RCplugin -> C:\Users\bgmafio7a\AppData\Roaming\raidcall\plugins\nprcplugin.dll [2014-05-27] (Raidcall)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-18] (Google Inc.)
    FF Plugin HKU\S-1-5-21-3736983327-3528880480-2084376208-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\bgmafio7a\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-03-27] (Unity Technologies ApS)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml [2015-05-26]
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml [2015-05-26]
    FF Extension: Adblock Plus Pop-up Addon - C:\Users\bgmafio7a\AppData\Roaming\Mozilla\Firefox\Profiles\y9umdq66.default-1435623429873\Extensions\adblockpopups@jessehakanen.net.xpi [2015-06-30]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-26]
    FF ExtraCheck: C:\Program Files (x86)\mozilla firefox\browser\defaults\preferences\prefs.js [2015-06-29]
     
    Chrome: 
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (Google Slides) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-30]
    CHR Extension: (Google Docs) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-30]
    CHR Extension: (Google Drive) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-30]
    CHR Extension: (YouTube) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-30]
    CHR Extension: (Google Search) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-30]
    CHR Extension: (Google Sheets) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-30]
    CHR Extension: (Avast Online Security) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-06-18]
    CHR Extension: (Chrome Hotword Shared Module) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-04-03]
    CHR Extension: (Google Wallet) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-04-03]
    CHR Extension: (Gmail) - C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-30]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-14]
     
    ==================== Services (Whitelisted) =================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-05-23] (Avast Software s.r.o.)
    R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4034896 2015-05-23] (Avast Software)
    S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
    S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [237864 2015-03-06] (EasyAntiCheat Ltd)
    R2 EslWireHelper; D:\EslWire\service\WireHelperSvc.exe [663056 2014-01-28] ()
    S3 EvoSvc; C:\Program Files\Echobit\Evolve\EvoSvc.exe [1580448 2015-01-08] (Echobit LLC)
    R2 GfExperienceService; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [1152656 2015-05-23] (NVIDIA Corporation)
    R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
    S2 M-Tel NETAGENT. RunOuc; C:\Program Files (x86)\M-Tel NETAGENT\UpdateDog\ouc.exe [655712 2015-03-24] ()
    S4 MBAMScheduler; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamscheduler.exe [1871160 2015-06-18] (Malwarebytes Corporation)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1133880 2015-06-18] (Malwarebytes Corporation)
    R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1893008 2015-05-23] (NVIDIA Corporation)
    R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [23006864 2015-05-23] (NVIDIA Corporation)
    S3 Origin Client Service; E:\Games\Origin\OriginClientService.exe [1931632 2015-04-12] (Electronic Arts)
    R2 PnkBstrA; C:\Windows\system32\PnkBstrA.exe [76152 2015-04-13] ()
    R2 PnkBstrA; C:\Windows\SysWOW64\PnkBstrA.exe [76888 2015-04-12] ()
    R2 SpyHunter 4 Service; C:\Program Files (x86)\Enigma Software Group\SpyHunter\SH4Service.exe [770432 2014-01-09] (Enigma Software Group USA, LLC.)
    R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [741640 2014-06-16] (DEVGURU Co., LTD.)
    S3 Survarium-Steam Update Service; E:\Steam\steamapps\common\Survarium\game\binaries\x86\survarium_service.exe [97912 2015-05-08] ()
    R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5426448 2014-12-15] (TeamViewer GmbH)
    S3 TunngleService; C:\Program Files (x86)\Tunngle\TnglCtrl.exe [792016 2015-02-09] (Tunngle.net GmbH)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)
     
    ==================== Drivers (Whitelisted) ====================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-05-23] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [89944 2015-05-23] (Avast Software s.r.o.)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-05-23] (Avast Software s.r.o.)
    R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-05-23] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-05-23] (Avast Software s.r.o.)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [442264 2015-06-26] (Avast Software s.r.o.)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [137288 2015-05-23] (Avast Software s.r.o.)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [272248 2015-05-23] ()
    R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2014-12-26] (Disc Soft Ltd)
    R3 esgiguard; C:\Program Files (x86)\Enigma Software Group\SpyHunter\esgiguard.sys [14872 2014-01-07] ()
    S3 EsgScanner; C:\Windows\SysWOW64\DRIVERS\EsgScanner.sys [19984 2012-06-22] ()
    R0 ESLWireAC; C:\Windows\System32\drivers\ESLWireACD.sys [96544 2015-05-05] (<Turtle Entertainment>)
    R3 EvolveVirtualAdapter; C:\Windows\system32\DRIVERS\evolve.sys [21656 2015-01-08] (Echobit, LLC)
    U5 ew_hwusbdev; C:\Windows\System32\Drivers\ew_hwusbdev.sys [117248 2015-03-24] (Huawei Technologies Co., Ltd.)
    S3 HtcVCom32; C:\Windows\system32\DRIVERS\HtcVComV64.sys [121800 2010-03-09] (QUALCOMM Incorporated)
    S3 huawei_wwanecm; C:\Windows\system32\DRIVERS\ew_juwwanecm.sys [218624 2015-03-24] (Huawei Technologies Co., Ltd.)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25816 2015-06-18] (Malwarebytes Corporation)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64216 2015-06-18] (Malwarebytes Corporation)
    R3 MTsensor; C:\Windows\system32\DRIVERS\ASACPI.sys [17280 2013-05-17] ()
    R0 mv61xx; C:\Windows\System32\drivers\mv61xx.sys [181040 2011-02-09] (Marvell Semiconductor, Inc.)
    R3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [19600 2015-05-23] (NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [38032 2015-04-03] (NVIDIA Corporation)
    U0 rfcklef; C:\Windows\System32\drivers\moxer.sys [79064 2015-06-30] (Malwarebytes Corporation)
    R3 tap0901t; C:\Windows\system32\DRIVERS\tap0901t.sys [31232 2009-09-16] (Tunngle.net)
    S3 TrojanKillerDriver; C:\Windows\System32\DRIVERS\gtkdrv.sys [16640 2013-11-13] (Windows ® Win 7 DDK provider)
    R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-05-23] (Avast Software)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
    S3 XSplit_Dummy; C:\Windows\system32\drivers\xspltspk.sys [26200 2014-07-02] (SplitmediaLabs Limited)
    R3 yukonw8; C:\Windows\system32\DRIVERS\yk63x64.sys [295216 2013-06-18] (Marvell)
    S3 FairplayKD; \??\C:\ProgramData\MTA San Andreas All\Common\temp\FairplayKD.sys [X]
    U4 nxfs; No ImagePath
    U4 nxpcap; No ImagePath
    U4 nxsshd; No ImagePath
    U4 nxusbd; No ImagePath
    U4 nxusbh; No ImagePath
    U4 nxusbs; No ImagePath
    S3 X6va029; \??\C:\Windows\SysWOW64\Drivers\X6va029 [X]
     
    ==================== NetSvcs (Whitelisted) ===================
     
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
     
     
    ==================== One Month Created files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2015-06-30 19:09 - 2015-06-30 19:09 - 00019509 _____ C:\Users\bgmafio7a\Downloads\FRST.txt
    2015-06-30 19:08 - 2015-06-30 19:09 - 00000000 ____D C:\FRST
    2015-06-30 19:08 - 2015-06-30 19:08 - 02112512 _____ (Farbar) C:\Users\bgmafio7a\Downloads\FRST64.exe
    2015-06-30 17:13 - 2015-06-30 17:13 - 00079064 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\moxer.sys
    2015-06-30 16:47 - 2015-06-30 16:47 - 00027989 _____ C:\Users\bgmafio7a\Downloads\Addition.txt
    2015-06-30 16:09 - 2015-06-30 16:09 - 00001175 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2015-06-30 16:09 - 2015-06-30 16:09 - 00001163 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2015-06-30 16:09 - 2015-06-30 16:09 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2015-06-30 16:06 - 2015-06-30 16:06 - 00243656 _____ C:\Users\bgmafio7a\Downloads\Firefox Setup Stub 38.0.5.exe
    2015-06-30 15:47 - 2015-06-30 16:08 - 00000878 _____ C:\Users\Public\Desktop\CCleaner.lnk
    2015-06-30 15:47 - 2015-06-30 15:48 - 00000000 ____D C:\Program Files\CCleaner
    2015-06-30 15:47 - 2015-06-30 15:47 - 00002796 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
    2015-06-30 15:47 - 2015-06-30 15:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
    2015-06-30 12:36 - 2015-06-30 12:36 - 00003352 _____ C:\Windows\System32\Tasks\SpyHunter4Startup
    2015-06-30 12:36 - 2015-06-30 12:36 - 00002312 _____ C:\Users\bgmafio7a\Desktop\SpyHunter.lnk
    2015-06-30 12:36 - 2015-06-30 12:36 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SpyHunter
    2015-06-30 12:36 - 2015-06-30 12:36 - 00000000 ____D C:\sh4ldr
    2015-06-30 12:35 - 2015-06-30 12:36 - 00000000 ____D C:\Windows\AF54923662584AC6A0435B5B89C6EB61.TMP
    2015-06-30 12:22 - 2015-06-30 12:22 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\bgmafio7a\Downloads\SpyHunter-Installer.exe
    2015-06-30 03:26 - 2015-06-30 03:26 - 00000000 ____D C:\Windows\system32\log
    2015-06-30 03:17 - 2015-06-30 03:17 - 00000000 ____D C:\Users\bgmafio7a\Desktop\Стари данни Firefox
    2015-06-29 22:38 - 2015-06-29 22:38 - 00003756 _____ C:\Windows\System32\Tasks\AutoKMS
    2015-06-27 13:28 - 2015-06-27 23:46 - 00000364 _____ C:\Users\bgmafio7a\Desktop\toes 10.txt
    2015-06-25 12:35 - 2015-06-30 11:56 - 00000000 ____D C:\Program Files\KMSpico
    2015-06-25 12:35 - 2015-06-25 12:35 - 00004608 _____ C:\Windows\SECOH-QAD.exe
    2015-06-25 12:35 - 2015-06-25 12:35 - 00003584 _____ C:\Windows\SECOH-QAD.dll
    2015-06-25 12:34 - 2015-06-25 12:34 - 00000000 _____ C:\Users\bgmafio7a\Desktop\KMS.txt
    2015-06-25 12:30 - 2015-06-25 12:31 - 00004840 _____ C:\Windows\SysWOW64\Cubwulpevf.ini
    2015-06-25 12:26 - 2015-06-25 12:28 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Opera Software
    2015-06-25 12:26 - 2015-06-25 12:28 - 00000000 ____D C:\Users\bgmafio7a\AppData\Local\Opera Software
    2015-06-25 12:25 - 2015-06-25 12:28 - 00000000 ____D C:\Program Files (x86)\Opera
    2015-06-25 12:24 - 2015-06-25 12:24 - 00000000 ____D C:\Users\bgmafio7a\AppData\Local\CrashRpt
    2015-06-25 12:23 - 2015-06-29 23:14 - 00000000 ____D C:\Program Files (x86)\Windows 8 n 8.1 Activator
    2015-06-25 12:23 - 2015-06-25 12:25 - 00000004 _____ C:\Windows\SysWOW64\029B560A371F4E00AB32838EBC01B9E7
    2015-06-18 02:06 - 2015-06-18 02:06 - 00001148 _____ C:\ProgramData\Microsoft\Windows\Start Menu\BS.Player FREE.lnk
    2015-06-18 02:06 - 2015-06-18 02:06 - 00001142 _____ C:\Users\Public\Desktop\BS.Player FREE.lnk
    2015-06-18 02:06 - 2015-06-18 02:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BS.Player
    2015-06-18 02:05 - 2015-06-25 18:09 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\BSplayer
    2015-06-18 02:05 - 2015-06-18 02:05 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\BSplayer Pro
    2015-06-18 02:05 - 2015-06-18 02:05 - 00000000 ____D C:\Program Files (x86)\Webteh
    2015-06-18 02:04 - 2015-06-30 03:48 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\MPC-HC
    2015-06-16 14:34 - 2015-06-16 14:34 - 00000072 _____ C:\Users\bgmafio7a\Desktop\dudu.txt
    2015-06-14 12:13 - 2015-06-14 12:13 - 00000552 _____ C:\Users\bgmafio7a\Desktop\RaidCall.lnk
    2015-06-14 12:13 - 2015-06-14 12:13 - 00000552 _____ C:\Users\bgmafio7a\AppData\Roaming\Microsoft\Windows\Start Menu\RaidCall.lnk
    2015-06-14 12:13 - 2015-06-14 12:13 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\raidcall
    2015-06-14 12:13 - 2015-06-14 12:13 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\RaidCall
    2015-06-14 12:13 - 2015-06-14 12:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\RaidCall
    2015-06-10 12:07 - 2015-05-27 17:35 - 24917504 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2015-06-10 12:07 - 2015-05-27 17:08 - 19607040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2015-06-10 12:07 - 2015-05-25 16:23 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\UtcResources.dll
    2015-06-10 12:07 - 2015-05-25 16:07 - 01430528 _____ (Microsoft Corporation) C:\Windows\system32\diagtrack.dll
    2015-06-10 12:07 - 2015-05-23 06:15 - 00503808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2015-06-10 12:07 - 2015-05-23 06:14 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2015-06-10 12:07 - 2015-05-23 06:10 - 02278912 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2015-06-10 12:07 - 2015-05-23 06:05 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2015-06-10 12:07 - 2015-05-23 06:04 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2015-06-10 12:07 - 2015-05-23 05:48 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2015-06-10 12:07 - 2015-05-23 05:47 - 04305920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2015-06-10 12:07 - 2015-05-23 05:47 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2015-06-10 12:07 - 2015-05-23 05:47 - 00128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
    2015-06-10 12:07 - 2015-05-23 05:43 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
    2015-06-10 12:07 - 2015-05-23 05:38 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2015-06-10 12:07 - 2015-05-23 05:38 - 00327168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2015-06-10 12:07 - 2015-05-23 05:37 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2015-06-10 12:07 - 2015-05-23 05:28 - 12829696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2015-06-10 12:07 - 2015-05-23 05:28 - 01042944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
    2015-06-10 12:07 - 2015-05-23 05:20 - 01950720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2015-06-10 12:07 - 2015-05-23 05:16 - 01309696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2015-06-10 12:07 - 2015-05-23 05:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2015-06-10 12:07 - 2015-05-22 22:00 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2015-06-10 12:07 - 2015-05-22 22:00 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2015-06-10 12:07 - 2015-05-22 22:00 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2015-06-10 12:07 - 2015-05-22 21:52 - 06026240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2015-06-10 12:07 - 2015-05-22 21:48 - 00633856 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2015-06-10 12:07 - 2015-05-22 21:47 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2015-06-10 12:07 - 2015-05-22 21:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2015-06-10 12:07 - 2015-05-22 21:24 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2015-06-10 12:07 - 2015-05-22 21:23 - 00145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
    2015-06-10 12:07 - 2015-05-22 21:21 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2015-06-10 12:07 - 2015-05-22 21:15 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
    2015-06-10 12:07 - 2015-05-22 21:09 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2015-06-10 12:07 - 2015-05-22 21:08 - 00374272 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2015-06-10 12:07 - 2015-05-22 21:06 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2015-06-10 12:07 - 2015-05-22 21:05 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2015-06-10 12:07 - 2015-05-22 20:57 - 14404096 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2015-06-10 12:07 - 2015-05-22 20:50 - 02426880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2015-06-10 12:07 - 2015-05-22 20:49 - 02865152 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
    2015-06-10 12:07 - 2015-05-22 20:38 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2015-06-10 12:07 - 2015-05-22 20:26 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2015-06-10 12:07 - 2015-05-22 16:08 - 00700416 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
    2015-06-10 12:07 - 2015-05-21 19:47 - 04177920 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2015-06-10 12:07 - 2015-05-21 16:08 - 01119232 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
    2015-06-10 12:07 - 2015-05-21 16:08 - 01020928 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
    2015-06-10 12:07 - 2015-05-21 16:08 - 00756736 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
    2015-06-10 12:07 - 2015-05-21 16:08 - 00422912 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
    2015-06-10 12:07 - 2015-05-21 16:08 - 00193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
    2015-06-10 12:07 - 2015-05-21 16:08 - 00045568 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
    2015-06-10 12:07 - 2015-04-25 05:34 - 00653824 _____ (Microsoft Corporation) C:\Windows\system32\comctl32.dll
    2015-06-10 12:07 - 2015-04-25 05:33 - 00549888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comctl32.dll
    2015-06-10 12:07 - 2015-04-17 01:07 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
    2015-06-10 12:07 - 2015-04-16 09:17 - 00325464 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
    2015-06-10 12:07 - 2015-04-14 01:37 - 00275968 _____ (Microsoft Corporation) C:\Windows\system32\authz.dll
    2015-06-10 12:07 - 2015-04-14 01:34 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authz.dll
    2015-06-10 12:07 - 2015-04-10 03:40 - 01249280 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
    2015-06-10 12:07 - 2015-04-10 03:17 - 01018880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
    2015-06-10 12:07 - 2015-04-09 01:41 - 00158720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rgb9rast.dll
    2015-06-10 12:07 - 2015-04-09 01:07 - 00410336 _____ C:\Windows\system32\ApnDatabase.xml
    2015-06-10 12:07 - 2015-04-02 01:42 - 03097600 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
    2015-06-10 12:07 - 2015-04-02 01:30 - 02483712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
    2015-06-10 12:07 - 2015-04-01 07:21 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
    2015-06-10 12:07 - 2015-04-01 07:18 - 00468480 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
    2015-06-10 12:07 - 2015-04-01 07:17 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
    2015-06-10 12:07 - 2015-04-01 07:08 - 00774144 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
    2015-06-10 12:07 - 2015-04-01 06:46 - 03633664 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
    2015-06-10 12:07 - 2015-04-01 06:17 - 02551808 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
    2015-06-10 12:07 - 2015-04-01 06:17 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
    2015-06-10 12:07 - 2015-04-01 05:53 - 00391680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
    2015-06-10 12:07 - 2015-04-01 05:53 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
    2015-06-10 12:07 - 2015-04-01 05:45 - 02749952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
    2015-06-10 12:07 - 2015-04-01 05:45 - 00699392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
    2015-06-10 12:07 - 2015-04-01 05:14 - 01920000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
    2015-06-10 12:07 - 2015-04-01 05:12 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
    2015-06-10 12:07 - 2015-03-20 06:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\compstui.dll
    2015-06-10 12:07 - 2015-03-20 06:08 - 00477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
    2015-06-10 12:07 - 2015-03-20 05:37 - 00367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\puiobj.dll
    2015-06-10 12:07 - 2015-03-20 05:07 - 01091072 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
    2015-06-10 12:07 - 2015-03-02 04:43 - 00222208 _____ (Microsoft Corporation) C:\Windows\system32\rastapi.dll
    2015-06-10 12:07 - 2015-03-02 04:21 - 00207872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastapi.dll
    2015-06-04 22:26 - 2015-06-04 22:26 - 00001241 _____ C:\Users\bgmafio7a\Desktop\Viy new One English Multiplayer 2.exe - Shortcut.lnk
    2015-06-04 22:26 - 2015-06-04 22:26 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Survivors Viy
    2015-06-01 12:14 - 2015-06-01 12:14 - 00000000 ____D C:\Users\bgmafio7a\AppData\Local\GWX
     
    ==================== One Month Modified files and folders ========
     
    (If an entry is included in the fixlist, the file/folder will be moved.)
     
    2015-06-30 19:03 - 2014-12-26 16:08 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Skype
    2015-06-30 19:00 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\system32\sru
    2015-06-30 18:51 - 2014-12-26 18:38 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2015-06-30 18:20 - 2014-12-26 16:04 - 00000922 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-06-30 17:39 - 2014-12-26 16:06 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\uTorrent
    2015-06-30 17:13 - 2014-03-18 12:47 - 00000000 __SHD C:\Windows\BitLockerDiscoveryVolumeContents
    2015-06-30 16:57 - 2014-12-26 15:54 - 00003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3736983327-3528880480-2084376208-1001
    2015-06-30 16:51 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\AppReadiness
    2015-06-30 16:46 - 2015-03-07 03:44 - 00113880 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
    2015-06-30 16:44 - 2015-01-08 13:26 - 01085952 ___SH C:\Users\bgmafio7a\Desktop\Thumbs.db
    2015-06-30 16:42 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\LiveKernelReports
    2015-06-30 16:09 - 2014-12-26 18:35 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2015-06-30 15:50 - 2015-01-14 20:54 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\TS3Client
    2015-06-30 15:50 - 2015-01-12 18:08 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\TeamViewer
    2015-06-30 15:50 - 2014-12-26 19:53 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\DAEMON Tools Lite
    2015-06-30 15:49 - 2015-01-10 17:53 - 00000000 ____D C:\Windows\Minidump
    2015-06-30 15:40 - 2014-12-26 16:29 - 00000000 ____D C:\Users\bgmafio7a\AppData\Local\qb189E3F.B3
    2015-06-30 12:33 - 2014-12-26 16:04 - 00000918 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-06-30 12:32 - 2014-12-26 20:24 - 00000000 ____D C:\Users\bgmafio7a\AppData\Roaming\Raptr
    2015-06-30 12:31 - 2014-12-26 16:17 - 00000000 ____D C:\ProgramData\NVIDIA
    2015-06-30 12:31 - 2013-08-22 17:45 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-06-30 12:30 - 2014-12-26 15:49 - 00000000 ____D C:\Users\bgmafio7a
    2015-06-30 11:58 - 2014-12-26 20:12 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
    2015-06-30 03:48 - 2014-12-27 01:41 - 00000000 ____D C:\Windows\Panther
    2015-06-30 03:48 - 2013-08-22 16:36 - 00000000 __RHD C:\Users\Default
    2015-06-30 03:08 - 2015-03-07 03:44 - 00001118 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2015-06-30 03:08 - 2015-03-07 03:44 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2015-06-30 03:08 - 2015-03-07 03:43 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
    2015-06-28 02:17 - 2013-08-22 16:25 - 00262144 ___SH C:\Windows\system32\config\BBI
    2015-06-26 17:15 - 2014-12-26 18:54 - 00442264 _____ (Avast Software s.r.o.) C:\Windows\system32\Drivers\aswsp.sys
    2015-06-25 12:37 - 2015-01-13 00:37 - 00000000 ____D C:\Program Files (x86)\Adobe
    2015-06-25 12:34 - 2015-05-11 19:18 - 00000000 ____D C:\Program Files (x86)\AGEIA Technologies
    2015-06-25 12:29 - 2013-08-22 18:36 - 00000000 ____D C:\Program Files\Common Files\System
    2015-06-25 12:28 - 2015-01-08 23:46 - 00000000 __SHD C:\Users\bgmafio7a\AppData\Local\EmieBrowserModeList
    2015-06-25 12:28 - 2014-12-26 16:04 - 00000000 __SHD C:\Users\bgmafio7a\AppData\Local\EmieUserList
    2015-06-25 12:28 - 2014-12-26 16:04 - 00000000 __SHD C:\Users\bgmafio7a\AppData\Local\EmieSiteList
    2015-06-25 12:28 - 2013-08-22 18:36 - 00000000 ___HD C:\Windows\system32\GroupPolicy
    2015-06-25 12:28 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\SysWOW64\GroupPolicy
    2015-06-25 12:27 - 2013-08-22 16:25 - 00000194 _____ C:\Windows\win.ini
    2015-06-25 02:36 - 2013-08-22 18:20 - 00000000 ____D C:\Windows\CbsTemp
    2015-06-23 23:51 - 2014-12-26 18:38 - 00003718 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2015-06-22 22:26 - 2014-12-26 16:05 - 00002203 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-06-20 06:02 - 2015-04-17 10:21 - 00792568 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2015-06-20 06:02 - 2015-04-17 10:21 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2015-06-18 08:42 - 2015-03-07 03:43 - 00064216 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
    2015-06-18 08:41 - 2015-03-07 03:43 - 00109272 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
    2015-06-18 08:41 - 2015-03-07 03:43 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
    2015-06-17 10:22 - 2014-12-26 18:38 - 00000000 ____D C:\Users\bgmafio7a\AppData\Local\Adobe
    2015-06-13 18:03 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\rescache
    2015-06-11 11:11 - 2014-12-26 18:54 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
    2015-06-10 14:08 - 2015-04-17 01:43 - 00000000 ___SD C:\Windows\system32\CompatTel
    2015-06-10 14:08 - 2015-04-17 01:43 - 00000000 ____D C:\Windows\system32\appraiser
    2015-06-10 14:08 - 2013-08-22 18:36 - 00000000 ___RD C:\Windows\ToastData
    2015-06-10 14:08 - 2013-08-22 18:36 - 00000000 ____D C:\Windows\PolicyDefinitions
    2015-06-10 12:14 - 2014-12-27 12:50 - 00000000 ____D C:\Windows\system32\MRT
    2015-06-10 12:10 - 2014-12-27 12:50 - 140135120 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2015-05-31 13:10 - 2015-03-18 23:42 - 00000020 _____ C:\Users\bgmafio7a\Desktop\lyrics.txt
     
    ==================== Files in the root of some directories =======
     
    2015-01-06 21:54 - 2015-01-06 21:54 - 10124389 _____ () C:\Users\bgmafio7a\AppData\Roaming\xulrunner.zip
     
    ==================== Bamital & volsnap Check =================
     
    (There is no automatic fix for files that do not pass verification.)
     
    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
     
     
    LastRegBack: 2015-06-30 10:55
     
    ==================== End of log ============================

    Addition.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    remove%20outdated.jpg Деинсталиране нa програми

    • Натиснете WindowsKey.png + R на клавиатурата си по едно и също време. Въведете appwiz.cpl и щракнете върху OK.

     

    Private Folder Packages

    SpyHunter

     

     

    adwcleaner_new.png Сканиране с AdwCleaner
     
    Моля, изтеглете и стартирайте програмата AdwCleaner (by Xplode):

    • Затворете всички стартирани програми и браузъри
    • Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
    • Натиснете OK, за да потвърдите, че всички стартирани програми ще бъдат затворени.
    • Маркирайте Clean
    • Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
    • Моля, да публикувате съдържанието на този лог в отговора си
    • Можете да намерите лога,който автоматично се запомня тук C:AdwCleaner[s0].txt

     

     

    JRTbythisisu.png Сканиране с Junkware Removal Tool
     
    Моля, изтеглете Junkware Removal Tool (by Thisisu ) и запазете на вашия десктоп.

    • Спрете временно работата на защитните програми.
    • Стартирайте инструмента JRT.exe
    • Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата.
    • Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши.
    • Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt).
    • Моля копирайте съдържанието на лог файла в следващия си пост.

     

     

    ATTENTION: System Restore is disabled

     

    Това ваше творение ли е..?

     

     

    xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • AdwCleaner[s0].txt
    • JRT.txt
    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    1.в деинстал-а не намерих " Private Folder Packages"  
    2. деинсталирах spyhunter
    3. ето логовете:
    AdwClear:

    # AdwCleaner v4.207 - Logfile created 30/06/2015 at 23:42:57
    # Updated 21/06/2015 by Xplode
    # Database : 2015-06-29.1 [server]
    # Operating system : Windows 8.1 Pro N  (x64)
    # Username : bgmafio7a - REDZERG
    # Running from : C:\Users\bgmafio7a\Downloads\adwcleaner_4.207.exe
    # Option : Cleaning
     
    ***** [ Services ] *****
     
     
    ***** [ Files / Folders ] *****
     
    Folder Deleted : C:\ProgramData\6824241546072008962
    Folder Deleted : C:\ProgramData\{0ec880f9-542e-87ae-0ec8-880f954203e5}
    Folder Deleted : C:\Users\bgmafio7a\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg
    File Deleted : C:\Program Files\Common Files\System\SysMenu.dll
    File Deleted : C:\Program Files\Common Files\System\SysMenu64.dll
    File Deleted : C:\Windows\System32\log\iSafeKrnlCall.log
    File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\defaults\preferences\prefs.js
     
    ***** [ Scheduled tasks ] *****
     
     
    ***** [ Shortcuts ] *****
     
     
    ***** [ Registry ] *****
     
    Key Deleted : HKCU\Software\Softonic
     
    ***** [ Web browsers ] *****
     
    -\\ Internet Explorer v11.0.9600.17840
     
     
    -\\ Mozilla Firefox v38.0.5 (x86 bg)
     
     
    -\\ Google Chrome v43.0.2357.130
     
     
    *************************
     
    AdwCleaner[R0].txt - [1385 bytes] - [30/06/2015 23:36:49]
    AdwCleaner[R1].txt - [1444 bytes] - [30/06/2015 23:41:43]
    AdwCleaner[s0].txt - [1343 bytes] - [30/06/2015 23:42:57]
     
    ########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [1402  bytes] ##########
    JRT:
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Malwarebytes
    Version: 7.2.3 (06.30.2015:1)
    OS: Windows 8.1 Pro N x64
    Ran by bgmafio7a on Tue 06/30/2015 at 23:48:04.08
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     
     
     
     
    ~~~ Services
     
     
     
    ~~~ Tasks
     
     
     
    ~~~ Registry Values
     
     
     
    ~~~ Registry Keys
     
     
     
    ~~~ Files
     
     
     
    ~~~ Folders
     
    Successfully deleted: [Folder] C:\Users\bgmafio7a\appdata\local\crashrpt
    Successfully deleted: [Folder] C:\Windows\system32\tasks\update
     
     
     
    ~~~ Chrome
     
     
    [C:\Users\bgmafio7a\appdata\local\Google\Chrome\User Data\Default\Preferences] - default search provider reset
     
    [C:\Users\bgmafio7a\appdata\local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:
     
    [C:\Users\bgmafio7a\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset
     
    [C:\Users\bgmafio7a\appdata\local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:
    []
     
     
     
     
     
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Tue 06/30/2015 at 23:52:18.71
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    П.П. Мисля,че вече е премахнат или поне така ми се струва. Сега пуснах мозила-та , рових се ,нямаше поп-ъпс
    П.П.2 "ATTENTION: System Restore is disabled

     

    Това ваше творение ли е..?" - Не.

    Редактирано от deqn_0000 (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Контролни сканирания:

     

    GUZVCQN.jpg Моля, изтеглете Malwarebytes Anti -Malware и го запомнете на вашия работен плот .

    Кликнете два пъти върху mbam-setup - 2.1.4.1018.exe и следвайте инструкциите, за да инсталирате програмата . Убедете се че преди края на инсталацията има отметка тук:

    • Launch Malwarebytes Anti-Malware
    • 14-дневен пробен период е предварително избран. Можете да премахнете отметката ако желаете, при което няма да се ограничат възможностите за сканиране и премахване на зловреден софтуер с програмата.
    • Натиснете Finish
    • В края на инсталацията, ще се извърши актуализация на база данни.
    • Отидете до табът Settings > Detection and Protection > и под категорията Detection Options включете опцията "Scan for rootkits".
    • Отидете до табът Scan, сложете радио-бутона пред Threat Scan и кликнете върху Scan Now и ще започне сканиране за зловреден софтуер.
    • При някои инфекции можете да видите съобщението:

                                          "Could not load DDA driver"

    • Натиснете "Yes" на това съобщение за да позволите драйвера да се зареди след рестарт.
    • Когато сканирането приключи, ако има някакви открити зарази , щракнете върху Remove Selected за да се позволи на Mbam да почисти засеченото. .
    • В повечето случаи, ще се поиска рестартиране
    • Изчакайте подканата за рестартиране на компютъра, за да се появи, след това кликнете върху Yes
    • След рестарта ,стартирайте Mbam още веднъж.
    • Кликнете на History tab > Application Logs .
    • Кликнете два пъти върху реда , който показва датата и часа на сканирането и натиснете бутона "Copy to Clipboard"
    • Поставете съдържанието на лог файла с клавишната комбинация Ctrl + V и го публикувайте в следващия си коментар.

     

     

    GzlsbnV.png.pagespeed.ce.SLxxSJVib_axmA6 Сканиране с ESET Online Scan
     
     
    i_arrow-r.gif Изтеглете програмата: ESET Online Scanner

    • Стартирайте esetsmartinstaller_enu.exe 7c9e83b53227ef3d.jpg
    • Сложете отметка на YES, I accept the Terms of Use и изберете Start:

    04ed1c15c0abe843.jpg

    • Скенерът ще започне да изтегля компонентите, които са му необходими:

    3b734079c5ccd713.jpg

    • Уверете се, че Enable detection of potentially unwanted applications е избран.

    Уверете се, че е премахната отметката от:

    • Remove found threats

    Уверете се че са маркирани следните позиции:

    • Scan Archives

    Кликнете върху Advanced Settings и маркирайте следните опции:

    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology

    Накрая изберете Start
     
    2.JPG
     
    Скенерът ще започне да изтегля последните дефиниции и ще започне сканиране на вашия компютър.
    Моля, бъдете търпеливи, тъй като това може да отнеме известно време.

    • След, като сканирането завърши кликнете на List of found threats.
    • Щракнете върху Export, и запишете файла на вашия работен плот с  име  ESETScan. Копирайте съдържанието на този доклад, в следващия си отговор.
    • Изберете бутона Back.
    • Изберете бутона Finish.

     

    xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg  Дневници
     
    В следващия си отговор, моля да включите следните дневници:

     

    • Дневник от Malwarebytes Anti -Malware
    • Дневник от ESET Online Scanner ( List of found threats )
    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Извинявам се,за забавянето. Сега ще ви пратя логовете и да спомена,нещата,които УЖ е намерило от ESET ми трябват,не са троянци и т.н. , просто са ,като зловреден софтуер и за това ги намира. GUI Booter - DDOS програма , другото са кракове и прочие.

    Malwarebytes Anti-Malware
    www.malwarebytes.org
     
    Scan Date: 7/5/2015
    Scan Time: 9:49 AM
    Logfile: malware.txt
    Administrator: Yes
     
    Version: 2.1.8.1057
    Malware Database: v2015.07.04.04
    Rootkit Database: v2015.07.03.01
    License: Premium
    Malware Protection: Enabled
    Malicious Website Protection: Enabled
    Self-protection: Disabled
     
    OS: Windows 8.1
    CPU: x64
    File System: NTFS
    User: bgmafio7a
     
    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 358433
    Time Elapsed: 16 min, 31 sec
     
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
     
    Processes: 0
    (No malicious items detected)
     
    Modules: 0
    (No malicious items detected)
     
    Registry Keys: 0
    (No malicious items detected)
     
    Registry Values: 0
    (No malicious items detected)
     
    Registry Data: 0
    (No malicious items detected)
     
    Folders: 0
    (No malicious items detected)
     
    Files: 0
    (No malicious items detected)
     
    Physical Sectors: 0
    (No malicious items detected)
     
     
    (end)
    ==========
    C:\Program Files\KMSpico\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application
    C:\Program Files (x86)\Cheat Engine 6.4\standalonephase1.dat a variant of Win32/HackTool.CheatEngine.AF potentially unsafe application
    C:\Users\bgmafio7a\AppData\Roaming\uTorrent\updates\3.4.2_37594.exe a variant of Win32/OpenCandy.C potentially unsafe application
    C:\Users\bgmafio7a\AppData\Roaming\uTorrent\updates\3.4.2_37754.exe a variant of Win32/OpenCandy.C potentially unsafe application
    C:\Users\bgmafio7a\Desktop\drivers\CRACK ONLY V3.rar a variant of Win64/HackTool.Crack.C potentially unsafe application
    C:\Users\bgmafio7a\Desktop\drivers\Crack\3dmgame.dll a variant of Win64/HackTool.Crack.C potentially unsafe application
    C:\Users\bgmafio7a\Downloads\uTorrent.exe a variant of Win32/OpenCandy.C potentially unsafe application
    C:\Windows\SECOH-QAD.dll Win64/HackKMS.D potentially unsafe application
    C:\Windows\SECOH-QAD.exe Win64/HackKMS.C potentially unsafe application
    D:\Browser Download\ccsetup501pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Browser Download\CheatEngine64.exe a variant of Win32/OpenCandy.C potentially unsafe application
    D:\Downloads\Adobe Photoshop CC 2014.2.2 Final by m0nkrus\Adobe.Photoshop.CC.2014.u2.x86-x64.RU-EN.iso a variant of Win32/Keygen.HA potentially unsafe application
    D:\Downloads\CCleaner Professional v5.07.5261 Final\ccsetup507pro.exe Win32/Bundled.Toolbar.Google.D potentially unsafe application
    D:\Downloads\DAEMON Tools Lite 4.49.1.0356\DTLite4491-0356.exe Win32/OpenCandy potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\flstudio_11.1.exe Win32/OpenCandy potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.DirectWave.v1.6.0.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.DrumSynth.Live.v1.1.30.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Edison.v2.2.23.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Gross.Beat.v1.0.19.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Harmless.v1.0.29.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Harmor.v1.3.8.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Juice.Pack.v2.1.16.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Maximus.v1.0.20.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Ogun.v1.1.24.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.SliceX.v1.0.24.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Sytrus.v2.6.74.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\FL Studio Producer Edition 11.1.0 + Plug-ins Bundle\Image-Line Plugins Pack 2014.02.20 By R2R\Image-Line.Vocodex.v1.0.14.Incl.Keygen-R2R\R2R\ImageLine_Keygen.exe Win32/Keygen.JV potentially unsafe application
    D:\Downloads\KMSpico v10.0.4 Stable + Portable\KMSpico Install\KMSpico_setup.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application
    D:\Downloads\KMSpico v10.0.4 Stable + Portable\KMSpico Portable\AutoPico.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application
    D:\Downloads\KMSpico v10.0.4 Stable + Portable\KMSpico Portable\KMSELDI.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application
    D:\Downloads\KMSpico v10.0.4 Stable + Portable\KMSpico Portable\Service_KMS.exe a variant of MSIL/HackTool.IdleKMS.E potentially unsafe application
    D:\Downloads\Platinum Hide IP 3.2.2.6\PlatinumHideIP-3.2.2.6.Setup.exe a variant of Win32/Bundled.Toolbar.Ask.G potentially unsafe application
    D:\Downloads\SpyHunter v4.17.6.4336\Patch.rar a variant of Win32/HackTool.Patcher.T potentially unsafe application
    D:\Downloads\SpyHunter v4.17.6.4336\Patch\spyhunter.4.3.32-patch.exe a variant of Win32/HackTool.Patcher.T potentially unsafe application
    D:\Downloads\W7Loader by Orbit30 & Hazar v1.4\7Loader 1.4.exe a variant of MSIL/HackTool.WinActivator.A potentially unsafe application
    D:\Hacking\DDoS\GUI Booter[1.3.1].exe a variant of MSIL/Injector.AWA trojan
    D:\Hacking\DDoS\GUI-Booter[1.4.1].exe a variant of MSIL/Injector.AWA trojan
    D:\Hacking\KeyLoggers\Agent Tesla [beta]\Agent Tesla [beta]\Agent Tesla.exe a variant of MSIL/Injector.FPT trojan
     

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Вие на хакер ли ми се правите.....Дайте логично обяснение ...?

     

    Аз бях до тук..!

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове
    Гост
    Тази тема е заключена за нови отговори.

    • Подобни теми

      • от qqrr
        Здравейте.От няколко дни компютъра ми блокира по време на работа,отблокирването става само ,като включа task manager.Тръгва всичко нормално,но след няколко минути отново забива.С windows 8.1 съм.Mawlarebytes я инсталирам ,но не ми дава да се стартира.Очаквам помощ дали проблема е от вирус или проблем в хардуера.
        Addition.txt
        FRST.txt
      • от ForzaInter1908
        Добър вечер!
         
        Занимавах се с едни несигурни програми за gta и май сам прихванал вирус,постояно се товари се товари и забива на отваряне на папка
        Може ли да проверим регистрите дали има нещо защото имам много важни програми.
        Благодаря!
         
         
         
        f.txt
        HitmanPro_20171016_2331.log
        AdwCleaner[S0].txt
      • от unrealizable
        Здравейте,и двата шифта не работят както трябва.Работят с някои клавиши,но като цъкам тези клавиши и другите се оправят.Въпроса ми е да не би да е вирус,защото теглих autodata и след това мисля,че се получи проблема,а TS360 ми изпищя,че има троянец във торента,разбира се предполагах от краковете.Също и фпс-то на цс-а падна на 70-80 от 160-200.Прикачвам лог от FRST.
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-10-2017
        Ran by bobby (administrator) on BOBY (02-10-2017 13:00:48)
        Running from C:\Users\bobby\Downloads
        Loaded Profiles: bobby (Available Profiles: bobby)
        Platform: Windows 8.1 (Update) (X64) Language: English (United States)
        Internet Explorer Version 11 (Default browser: Chrome)
        Boot Mode: Normal
        Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
        ==================== Processes (Whitelisted) =================
        (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
        (Microsoft Corporation) C:\Windows\System32\wlanext.exe
        (Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
        (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
        (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
        (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
        (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
        (@ByELDI) D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe
        (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
        (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
        (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
        (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
        (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\System32\cmd.exe
        (Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        ==================== Registry (Whitelisted) ===========================
        (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
        HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-10-13] (Conexant Systems, Inc.)
        HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
        HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
        HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-09-27] (Valve Corporation)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {0380623e-8e5a-11e7-8251-28c2dd571342} - "G:\Inst.exe" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {038063b1-8e5a-11e7-8251-28c2dd571342} - "H:\SETUP.EXE" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {23735b35-8e79-11e7-8253-28c2dd571342} - "I:\SETUP.EXE" 
        GroupPolicy: Restriction <==== ATTENTION
        ==================== Internet (Whitelisted) ====================
        (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
        Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
        Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9683ECB9-59D8-4E91-BF28-375C96FC72EE}: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9ADF9BFB-322E-4398-8E1F-99E9E89E7B3E}: [DhcpNameServer] 192.168.31.1
        Internet Explorer:
        ==================
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
        BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
        BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        FireFox:
        ========
        FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
        FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        Chrome: 
        =======
        CHR HomePage: Default -> hxxp://www.google.bg/
        CHR StartupUrls: Default -> "hxxps://www.google.bg/"
        CHR Profile: C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default [2017-10-02]
        CHR Extension: (Easy Auto Refresh) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2017-09-26]
        CHR Extension: (Steam Community SteamRep Integration) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaclmldkenecanphogeaacolljiphmnk [2017-08-31]
        CHR Extension: (Google Презентации) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-31]
        CHR Extension: (Google Документи) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-31]
        CHR Extension: (Google Диск) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-31]
        CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2017-08-31]
        CHR Extension: (YouTube) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-31]
        CHR Extension: (Steam Inventory Helper) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-10-02]
        CHR Extension: (Lounge Assistant) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2017-08-31]
        CHR Extension: (uBlock) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2017-08-31]
        CHR Extension: (Електронни таблици от Google) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-31]
        CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-31]
        CHR Extension: (LoungeDestroyer) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-08-31]
        CHR Extension: (Google Документи офлайн) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-31]
        CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-09-15]
        CHR Extension: (360 Internet Protection) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-31]
        CHR Extension: (Invite All Friends on Facebook) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2017-09-27]
        CHR Extension: (CS:GO Lounge Bump Bot) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfkidfnhjcjjamcbdepeohblphlamgk [2017-08-31]
        CHR Extension: (Floating for YouTube™) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2017-08-31]
        CHR Extension: (Message/Chat Downloader) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2017-08-31]
        CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
        CHR Extension: (NeoBux AdAlert) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaepeijninfcgjdnighjnlgdkkgpnaen [2017-09-30]
        CHR Extension: (Gmail) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-31]
        CHR Extension: (Chrome Media Router) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
        CHR Extension: (Abstract Blue) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2017-08-31]
        ==================== Services (Whitelisted) ====================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2017-09-28] (Autodata Limited) [File not signed]
        S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)
        S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-09-15] (EasyAntiCheat Ltd)
        S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
        R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
        S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
        R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
        R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
        R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
        R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        R2 Service KMSELDI; D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [File not signed]
        R3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)
        S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
        S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
        ===================== Drivers (Whitelisted) ======================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [175040 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-08-29] (360.cn)
        R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2017-08-29] (360.cn)
        R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [423360 2017-08-29] (360.cn)
        R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-12-31] (ASUS Corporation)
        R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [190400 2017-08-29] (360.cn)
        R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-08-31] (Disc Soft Ltd)
        R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-08-31] (Disc Soft Ltd)
        R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation)
        R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
        S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
        R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
        R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
        R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation)
        R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
        S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
        S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
        S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
        ==================== NetSvcs (Whitelisted) ===================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        ==================== One Month Created files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:00 - 2017-10-02 13:01 - 000019333 _____ C:\Users\bobby\Downloads\FRST.txt
        2017-10-02 13:00 - 2017-10-02 13:00 - 000000000 ____D C:\FRST
        2017-10-02 12:59 - 2017-10-02 12:59 - 002399744 _____ (Farbar) C:\Users\bobby\Downloads\FRST64.exe
        2017-09-30 13:11 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
        2017-09-30 11:40 - 2017-09-30 11:40 - 001790024 _____ (Malwarebytes) C:\Users\bobby\Downloads\Непотвърдено 889483.crdownload
        2017-09-30 11:39 - 2017-09-30 11:41 - 000000000 ____D C:\AdwCleaner
        2017-09-30 11:39 - 2017-09-30 11:39 - 008250832 _____ (Malwarebytes) C:\Users\bobby\Downloads\adwcleaner_7.0.3.1.exe
        2017-09-30 11:26 - 2017-09-30 11:26 - 000000000 ____D C:\ProgramData\Malwarebytes
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\ProgramData\MB2Migration
        2017-09-30 11:24 - 2017-09-30 11:24 - 000011576 _____ C:\Users\bobby\Downloads\Malwarebytes Anti-Malware Premium v3.2.2.2029 RePack.torrent
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000600 _____ C:\Users\Public\Desktop\Autodata CDA-3.lnk
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodata
        2017-09-28 17:59 - 2017-09-28 18:00 - 000000000 ____D C:\ADCDA2
        2017-09-28 17:59 - 2017-09-28 17:59 - 000000000 ____D C:\ADCDTEMP
        2017-09-28 15:04 - 2017-09-28 18:00 - 000000000 ____D C:\Users\bobby\Documents\Autodata
        2017-09-28 15:04 - 2017-09-28 15:04 - 000003022 _____ C:\Windows\System32\Tasks\{F057C150-4601-40D5-93CB-FB66F88AA4FC}
        2017-09-28 14:59 - 2017-09-28 14:59 - 000018978 _____ C:\Users\bobby\Downloads\Autodata_3.18.iso.torrent
        2017-09-28 14:54 - 2017-09-28 14:54 - 000014138 _____ C:\Users\bobby\Downloads\AD3.38EN.torrent
        2017-09-27 20:01 - 2017-09-27 20:01 - 000017910 _____ C:\Users\bobby\Downloads\AutoData CDA 3.45.torrent
        2017-09-23 21:06 - 2017-09-23 21:06 - 082471739 _____ C:\Users\bobby\Downloads\facebook-bobito981.zip
        2017-09-18 17:58 - 2017-09-18 17:58 - 000001402 _____ C:\Users\bobby\Desktop\aida64 - Shortcut.lnk
        2017-09-18 17:57 - 2017-09-18 17:57 - 000000000 ____D C:\Program Files (x86)\AIDA64
        2017-09-18 17:12 - 2017-09-18 17:12 - 000007908 _____ C:\Users\bobby\Downloads\AIDA64-5.75.3900.torrent
        2017-09-15 22:08 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\EasyAntiCheat
        2017-09-15 22:06 - 2017-09-15 22:07 - 000000000 ____D C:\Users\bobby\AppData\Local\HirezLauncherUI
        2017-09-15 22:05 - 2017-10-02 12:28 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
        2017-09-15 22:05 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
        2017-09-15 21:33 - 2017-09-15 21:33 - 000000222 _____ C:\Users\bobby\Desktop\Paladins.url
        2017-09-15 19:28 - 2017-09-15 19:28 - 000000222 _____ C:\Users\bobby\Desktop\PlanetSide 2.url
        2017-09-14 22:08 - 2017-09-14 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Shooter
        2017-09-14 22:06 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\Documents\My Games
        2017-09-14 21:59 - 2017-09-15 21:33 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
        2017-09-14 20:32 - 2017-09-14 20:32 - 000000222 _____ C:\Users\bobby\Desktop\Dirty Bomb.url
        2017-09-13 11:06 - 2017-08-19 20:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
        2017-09-13 11:06 - 2017-08-19 19:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
        2017-09-13 11:06 - 2017-08-18 01:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
        2017-09-13 11:06 - 2017-08-15 17:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
        2017-09-13 11:06 - 2017-08-15 16:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
        2017-09-13 11:06 - 2017-08-13 21:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 20:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
        2017-09-13 11:06 - 2017-08-13 20:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 20:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 19:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 19:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 19:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
        2017-09-13 11:06 - 2017-08-13 19:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
        2017-09-13 11:06 - 2017-08-13 19:21 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
        2017-09-13 11:06 - 2017-08-13 19:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
        2017-09-13 11:06 - 2017-08-13 19:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:15 - 007078912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 19:14 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 19:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 19:05 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
        2017-09-13 11:06 - 2017-08-13 19:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:52 - 005274624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 18:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
        2017-09-13 11:06 - 2017-08-13 18:51 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 18:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 18:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 18:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
        2017-09-13 11:06 - 2017-08-13 18:25 - 007797248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 005270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
        2017-09-13 11:06 - 2017-08-12 12:30 - 022361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
        2017-09-13 11:06 - 2017-08-12 12:26 - 019789736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
        2017-09-13 11:06 - 2017-08-12 03:39 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
        2017-09-13 11:06 - 2017-08-12 02:59 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
        2017-09-13 11:06 - 2017-08-12 02:58 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
        2017-09-13 11:06 - 2017-08-12 02:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
        2017-09-13 11:06 - 2017-08-11 23:46 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:29 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
        2017-09-13 11:06 - 2017-08-11 06:30 - 004170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
        2017-09-13 11:06 - 2017-08-11 05:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
        2017-09-13 11:06 - 2017-08-11 05:02 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
        2017-09-13 11:06 - 2017-08-11 04:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 04:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
        2017-09-13 11:06 - 2017-08-11 04:44 - 001095680 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
        2017-09-13 11:06 - 2017-08-11 04:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
        2017-09-13 11:06 - 2017-08-11 04:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
        2017-09-13 11:06 - 2017-08-07 00:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
        2017-09-13 11:06 - 2017-08-06 10:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
        2017-09-13 11:06 - 2017-07-22 21:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
        2017-09-13 11:06 - 2017-07-22 20:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
        2017-09-13 11:06 - 2017-07-17 22:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-17 02:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-14 02:03 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
        2017-09-13 11:06 - 2017-07-12 23:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
        2017-09-13 11:06 - 2017-07-08 22:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
        2017-09-13 11:06 - 2017-07-08 21:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
        2017-09-13 11:06 - 2017-07-08 21:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
        2017-09-13 11:06 - 2017-07-08 21:20 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
        2017-09-13 11:06 - 2017-07-08 20:25 - 001436160 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
        2017-09-13 11:06 - 2017-07-08 20:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
        2017-09-13 11:06 - 2017-07-08 06:14 - 000100184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
        2017-09-11 11:53 - 2017-09-11 11:53 - 000066783 _____ C:\Users\bobby\Downloads\CV - Български.pdf
        2017-09-08 16:21 - 2017-09-08 16:21 - 001130328 _____ (Google Inc.) C:\Users\bobby\Downloads\ChromeSetup.exe
        2017-09-08 12:11 - 2017-10-02 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
        2017-09-06 11:27 - 2017-09-06 11:27 - 000000000 ____D C:\Users\bobby\AppData\Roaming\vlc
        2017-09-06 09:46 - 2017-09-06 09:46 - 000000000 ____D C:\Users\bobby\AppData\Roaming\dvdcss
        2017-09-04 13:20 - 2017-09-04 13:23 - 000000000 ____D C:\Users\bobby\Documents\ETS2MP
        2017-09-04 13:15 - 2017-09-04 13:17 - 000000000 ____D C:\ProgramData\TruckersMP
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000901 _____ C:\Users\Public\Desktop\TruckersMP.lnk
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\Program Files\TruckersMP Launcher
        2017-09-04 13:14 - 2017-09-04 13:14 - 000667351 _____ C:\Users\bobby\Downloads\launcher_1004.zip
        2017-09-04 13:10 - 2017-09-04 23:19 - 000000000 ____D C:\Users\bobby\Documents\Euro Truck Simulator 2
        2017-09-03 19:02 - 2017-09-03 19:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
        ==================== One Month Modified files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:01 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\360WD
        2017-10-02 12:55 - 2017-09-01 19:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\TeamViewer
        2017-10-02 12:55 - 2017-09-01 04:04 - 000000000 ____D C:\Windows\Panther
        2017-10-02 12:55 - 2017-08-31 18:17 - 000000000 ____D C:\Users\bobby\AppData\Local\CrashDumps
        2017-10-02 12:55 - 2017-08-31 18:10 - 000000000 ____D C:\ProgramData\ClassicShell
        2017-10-02 12:55 - 2017-08-31 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
        2017-10-02 12:55 - 2017-08-31 17:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\uTorrent
        2017-10-02 12:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
        2017-10-02 12:54 - 2017-08-31 23:46 - 000000000 ____D C:\ProgramData\360Quarant
        2017-10-02 12:54 - 2017-08-31 18:18 - 000000000 ____D C:\Users\bobby\AppData\Local\ClassicShell
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003430 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003302 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
        2017-10-02 12:34 - 2017-08-31 17:20 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3041877358-191924833-3829036719-1001
        2017-10-02 12:32 - 2017-08-31 17:30 - 000000000 ____D C:\ProgramData\NVIDIA
        2017-10-02 12:32 - 2017-08-31 17:18 - 000003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C64354CA-BA3D-40EC-B714-8157E7D25B88}
        2017-10-02 12:28 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
        2017-10-02 01:14 - 2017-08-31 17:49 - 000000000 ____D C:\Users\bobby\AppData\Roaming\AIMP
        2017-10-01 23:35 - 2014-11-21 11:44 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
        2017-10-01 12:32 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\AppReadiness
        2017-09-30 14:05 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\Roaming\360safe
        2017-09-30 13:11 - 2017-08-31 17:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
        2017-09-30 11:24 - 2017-08-31 21:23 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\uTorrent
        2017-09-29 22:56 - 2017-08-31 23:48 - 000000000 __SHD C:\$360Section
        2017-09-29 22:56 - 2017-08-31 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
        2017-09-28 23:56 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby
        2017-09-28 18:00 - 2013-08-22 16:25 - 000000240 _____ C:\Windows\win.ini
        2017-09-28 15:04 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby\AppData\Local\VirtualStore
        2017-09-25 22:16 - 2017-08-31 17:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
        2017-09-23 14:41 - 2013-08-22 18:36 - 000000000 ___HD C:\Program Files\WindowsApps
        2017-09-22 12:52 - 2017-08-31 17:19 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003740 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003732 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003556 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:40 - 000000000 ____D C:\Users\bobby\AppData\Local\NVIDIA Corporation
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
        2017-09-21 22:18 - 2017-08-31 17:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
        2017-09-21 22:17 - 2017-08-31 17:31 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
        2017-09-19 10:23 - 2017-08-31 17:31 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
        2017-09-19 00:29 - 2017-08-31 17:31 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
        2017-09-18 17:02 - 2017-08-31 21:18 - 000000000 _RSHD C:\360SANDBOX
        2017-09-16 14:29 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\rescache
        2017-09-15 22:06 - 2017-08-31 17:29 - 000000000 ____D C:\ProgramData\Package Cache
        2017-09-15 21:33 - 2017-08-31 20:17 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
        2017-09-15 00:22 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
        2017-09-15 00:20 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData
        2017-09-13 13:27 - 2017-08-31 19:06 - 000000000 ____D C:\Windows\system32\MRT
        2017-09-13 13:25 - 2017-08-31 19:06 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
        2017-09-13 13:25 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
        2017-09-10 17:28 - 2017-08-31 18:14 - 000000000 ____D C:\Users\bobby\AppData\Local\Steam
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
        2017-09-04 11:03 - 2017-08-31 17:38 - 000000000 __SHD C:\Users\bobby\IntelGraphicsProfiles
        2017-09-03 19:09 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\System
        2017-09-02 02:54 - 2017-08-31 20:27 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
        2017-09-02 02:54 - 2017-08-31 20:27 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
        ==================== Bamital & volsnap ======================
        (There is no automatic fix for files that do not pass verification.)
        C:\Windows\system32\winlogon.exe => File is digitally signed
        C:\Windows\system32\wininit.exe => File is digitally signed
        C:\Windows\explorer.exe => File is digitally signed
        C:\Windows\SysWOW64\explorer.exe => File is digitally signed
        C:\Windows\system32\svchost.exe => File is digitally signed
        C:\Windows\SysWOW64\svchost.exe => File is digitally signed
        C:\Windows\system32\services.exe => File is digitally signed
        C:\Windows\system32\User32.dll => File is digitally signed
        C:\Windows\SysWOW64\User32.dll => File is digitally signed
        C:\Windows\system32\userinit.exe => File is digitally signed
        C:\Windows\SysWOW64\userinit.exe => File is digitally signed
        C:\Windows\system32\rpcss.dll => File is digitally signed
        C:\Windows\system32\dnsapi.dll => File is digitally signed
        C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
        C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
        LastRegBack: 2017-09-30 12:38
        ==================== End of FRST.txt ============================
         
         
        Addition_02-10-2017 13.01.49.txt
      • от D101149
        Здравейте! Нещо имам проблем с игрите, но проблемът не се дължи на хардуера. След преинсталация се оправя, но не мога през месец да го преинсталирам просто не ми се занимава Съмнява ме нещо вирус или някакви временни файлове. Много пъти съм се доверявал на вашата помощ. Благодаря
        Addition.txt
        FRST.txt
      • от ivan_pop
        Здравейте!
        Имах вируси на USB флашки и на един лаптоп.Там проблемите мисля че ги реших.За това бях писал в една друга тема.
        Имам една стара машина декстоп,която ползвам всеки ден.Тази машина работи нормално според мен.Проблема е,че като включа флашка на този декстоп,на флашката се качва някакъв вирус.Флашката проверявам на един лаптоп с MCShield в параноиден режим.Качих на заразения декстоп MCShield,тази програма не намира проблеми там.
        Сканирах декстопа с Farbar Recovery Scan Tool.Накрая на сканирането тулчето изписа някаква грешка.
        Прилагам двата файла от сканирането.Ако може да окажете помощ ще съм благодарен!
        Благодаря за вниманието!
        FRST.txt
        Addition.txt
    • Разглеждащи в момента   0 потребители

      Няма регистрирани потребители разглеждащи тази страница.

    • Дарение

    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.