Премини към съдържанието

    Препоръчан отговор


    Здравейте,
    днес хванахме хубаво вирусче, което масово промени файловете с разширение pdf jpg doc exl . след името на файла и разшинението е добавено

    .id-8900841658_file2@openmailbox.org Странното е, че при проверка с F-Secure  се откриват никакви съмнителни или заразени файлове а  и спед преименувана файла в встарото разширение  е всеоще неутваряем           
    Някакви идеи?
    Благодаря предварително           
     

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте,
    днес хванахме хубаво вирусче, което масово промени файловете с разширение pdf jpg doc exl . след името на файла и разшинението е добавено

    .id-8900841658_file2@openmailbox.org Странното е, че при проверка с F-Secure  се откриват никакви съмнителни или заразени файлове а  и спед преименувана файла в встарото разширение  е всеоще неутваряем           
    Някакви идеи?
    Благодаря предварително           
     

    Следвайте инструкциите в тази тема: https://www.kaldata.com/forums/topic/132819-системата-ми-е-инфектирана-какво-да-правя-сега/

    И изчакайте колега да пише в темата ви

    • Харесва ми 4

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Благодаря за бързата реакция
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:30-09-2015
    Ran by Dimitar (administrator) on DIMITAR-I7 (01-10-2015 23:53:03)
    Running from C:\Users\Dimitar\Desktop
    Loaded Profiles: Dimitar (Available Profiles: Dimitar)
    Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
    Internet Explorer Version 9 (Default browser: IE)
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-

    use-farbar-recovery-scan-tool/

     

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
    (Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Device Control\fsdevcon64.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSMA32.EXE
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL32.EXE
    (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
    (Intel Corporation) C:\Windows\System32\IPROSetMonitor.exe
    ( ) C:\Windows\System32\lmabcoms.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    () C:\Program Files\Lexmark\Monitor\ACO\LMabMON.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    () C:\Program Files (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe
    ( ) C:\Program Files\Lexmark\ErrorApp\lmab1err.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Sony) C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanion.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    () C:\Program Files (x86)\Sony\Sony PC Companion\PCCompanionInfo.exe
    () C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSM32.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver

    \Application\iusb3mon.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FSHDLL64.EXE
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\FWES\program\fsdfwd.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FNRB32.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\common\FIH32.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fssm32.exe
    (F-Secure Corporation) C:\Program Files (x86)\F-Secure\Anti-Virus\fsav32.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe


    ==================== Registry (Whitelisted) ===========================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file

    will not be moved.)

    HKLM\...\Run: [LMPSSDMON] => C:\Program Files\Lexmark\Monitor\ACO\LMabMON.exe [753664 2010-02-08] ()
    HKLM\...\Run: [Ashampoo HDD-Control 3 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3

    Corporate\HDDC3Guard.exe [3389312 2014-12-01] (Ashampoo Development GmbH & Co. KG)
    HKLM\...\Run: [Ashampoo HDD Control 3 Guard] => C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3

    Corporate\HDDC3Guard.exe [3389312 2014-12-01] (Ashampoo Development GmbH & Co. KG)
    HKLM-x32\...\Run: [F-Secure Manager] => C:\Program Files (x86)\F-Secure\Common\FSM32.EXE [303824 2011-12-

    14] (F-Secure Corporation)
    HKLM-x32\...\Run: [F-Secure TNB] => C:\Program Files (x86)\F-Secure\FSGUI\TNBUtil.exe [1655504 2011-12-14]

    (F-Secure Corporation)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller

    Driver\Application\iusb3mon.exe [292848 2013-04-26] (Intel Corporation)
    HKLM-x32\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files (x86)\Adobe\Reader 9.0\Reader

    \Reader_sl.exe [41056 2013-05-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576

    2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [HDD Regenerator] => C:\Program Files (x86)\HDD Regenerator\HDD Regenerator.exe [4249872

    2014-12-17] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

    [334896 2015-06-08] (Oracle Corporation)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\...\Run: [TiVme Agent] => C:\Program Files

    (x86)\GIGABYTE\vivoTV\ScheduleAgent.exe [114688 2010-01-25] ()
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\...\Run: [LMab1err] => C:\Program Files\Lexmark

    \ErrorApp\LMab1err.exe [582312 2010-02-08] ( )
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\...\Run: [Sony PC Companion] => C:\Program Files

    (x86)\Sony\Sony PC Companion\PCCompanion.exe [457088 2015-07-24] (Sony)
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone

    \Skype.exe [53725200 2015-08-07] (Skype Technologies S.A.)
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\...\MountPoints2: {8a877d4d-c8e2-11e4-9923-7824af330766}

    - E:\Startme.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Remote Control.lnk [2014-09-28]
    ShortcutTarget: Remote Control.lnk -> C:\Program Files (x86)\GIGABYTE\U8300 Utilities\CONRCtl.exe ()

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to

    default.)

    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{84245858-4A38-464B-9037-A7043F12471A}: [DhcpNameServer] 192.168.1.1

    Internet Explorer:
    ==================
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\Software\Microsoft\Internet Explorer\Main,Start Page =

    hxxps://www.google.bg/?gws_rd=ssl
    HKU\S-1-5-21-3513531985-1848385711-1552276738-1000\Software\Microsoft\Internet Explorer\Main,Start Page

    Redirect Cache = hxxp://www.msn.com/?ocid=iehp
    SearchScopes: HKU\S-1-5-21-3513531985-1848385711-1552276738-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-

    E1416B8B2E3A} URL =
    BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program

    Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common

    Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2013-05-08] (Adobe Systems Incorporated)
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files

    (x86)\Java\jre1.8.0_51\bin\ssv.dll [2015-07-29] (Oracle Corporation)
    BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program

    Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)
    BHO-x32: Browsing Protection Class -> {C6867EB7-8350-4856-877F-93CF8AE3DC9C} -> C:\Program Files (x86)\F-

    Secure\NRS\iescript\baselitmus.dll [2015-01-17] (F-Secure Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files

    (x86)\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-29] (Oracle Corporation)
    Toolbar: HKLM-x32 - Browsing Protection Toolbar - {265EEE8E-3228-44D3-AEA5-F7FDF5860049} - C:\Program Files

    (x86)\F-Secure\NRS\iescript\baselitmus.dll [2015-01-17] (F-Secure Corporation)
    Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet

    Explorer x64\skypeieplugin.dll [2015-05-01] (Microsoft Corporation)
    Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars

    \Internet Explorer\SkypeIEPlugin.dll [2015-05-01] (Microsoft Corporation)

    FireFox:
    ========
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll [2015-09-13]

    ()
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll [2015-

    09-13] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel

    \Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R)

    Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-09-16] (Intel Corporation)
    FF Plugin-x32: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin\dtplugin

    \npDeployJava1.dll [2015-07-29] (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files (x86)\Java\jre1.8.0_51\bin

    \plugin2\npjp2.dll [2015-07-29] (Oracle Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update

    \1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update

    \1.3.28.15\npGoogleUpdate3.dll [2015-09-15] (Google Inc.)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll [2013-05-08]

    (Adobe Systems Inc.)
    FF HKLM-x32\...\Firefox\Extensions: [litmus-ff@f-secure.com] - C:\Program Files (x86)\F-Secure\NRS\litmus-

    ff@f-secure.com
    FF Extension: Browsing Protection - C:\Program Files (x86)\F-Secure\NRS\litmus-ff@f-secure.com [2014-09-28]

    Chrome:
    =======
    CHR Profile: C:\Users\Dimitar\AppData\Local\Google\Chrome\User Data\Default

    ==================== Services (Whitelisted) ========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved

    unless listed separately.)

    R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1394816

    2015-05-01] (Microsoft Corporation)
    R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1772672 2015-05-01]

    (Microsoft Corporation)
    R2 F-Secure Gatekeeper Handler Starter; C:\Program Files (x86)\F-Secure\Anti-Virus\fsgk32st.exe [221904

    2011-12-14] (F-Secure Corporation)
    R3 F-Secure Network Request Broker; C:\Program Files (x86)\F-Secure\Common\FNRB32.EXE [189136 2011-12-14]

    (F-Secure Corporation)
    R2 fsdevcon; C:\Program Files (x86)\F-Secure\Device Control\\fsdevcon64.exe [517840 2011-12-14] (F-Secure

    Corporation)
    R3 FSDFWD; C:\Program Files (x86)\F-Secure\FWES\Program\fsdfwd.exe [855248 2011-12-14] (F-Secure

    Corporation)
    R2 FSMA; C:\Program Files (x86)\F-Secure\Common\FSMA32.EXE [189136 2011-12-14] (F-Secure Corporation)
    R3 FSORSPClient; C:\Program Files (x86)\F-Secure\ORSP Client\fsorsp.exe [60456 2015-03-09] (F-Secure

    Corporation)
    S2 HDDC3Service; C:\Program Files (x86)\Ashampoo\Ashampoo HDD Control 3 Corporate\HDDC3Service.exe [324480

    2014-12-01] ()
    R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe

    [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client

    \SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
    R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe

    [169432 2013-09-16] (Intel Corporation)
    R2 lmab_device; C:\Windows\system32\LMabcoms.exe [1048576 2012-09-28] ( ) [File not signed]
    R2 lmab_device; C:\Windows\SysWOW64\LMabcoms.exe [593920 2012-09-28] ( ) [File not signed]
    R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)

    ===================== Drivers (Whitelisted) ==========================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved

    unless listed separately.)

    R2 CXIR; C:\Windows\System32\drivers\cxcir64.sys [44544 2009-04-23] (Conexant Systems, Inc.)
    R3 CXPOLARIS; C:\Windows\System32\drivers\cxpolar64.sys [416000 2009-11-24] (Conexant Systems, Inc.)
    S2 DgiVecp; C:\Windows\SysWOW64\Drivers\DgiVecp.sys [41984 2007-07-16] (Samsung Electronics Co., Ltd.)

    [File not signed]
    R3 e1dexpress; C:\Windows\System32\DRIVERS\e1d62x64.sys [494864 2013-08-29] (Intel Corporation)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
    S4 F-Secure Filter; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSfilter.sys [42064 2011-12-14] ()
    R3 F-Secure Gatekeeper; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsgk.sys [202176 2015-01-17]

    (F-Secure Corporation)
    R1 F-Secure HIPS; C:\Program Files (x86)\F-Secure\HIPS\drivers\fshs.sys [62032 2011-12-14] (F-Secure

    Corporation)
    S4 F-Secure Recognizer; C:\Program Files (x86)\F-Secure\Anti-Virus\Win2K\FSrec.sys [27344 2011-12-14] ()
    R0 fsbts; C:\Windows\System32\Drivers\fsbts.sys [66736 2015-09-16] ()
    R0 fsbts; C:\Windows\SysWOW64\Drivers\fsbts.sys [33408 2014-09-28] ()
    R1 FSES; C:\Windows\System32\drivers\fses.sys [46864 2011-12-14] (F-Secure Corporation)
    R1 FSFW; C:\Windows\System32\drivers\fsdfw.sys [95152 2011-12-14] (F-Secure Corporation)
    R1 fsvista; C:\Program Files (x86)\F-Secure\Anti-Virus\minifilter\fsvista.sys [15056 2011-12-14] ()
    S3 ggsomc; C:\Windows\System32\DRIVERS\ggsomc.sys [30424 2015-03-29] (Sony Mobile Communications)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [99288 2013-09-16] (Intel Corporation)
    U3 DfSdkS; no ImagePath
    S3 VGPU; System32\drivers\rdvgkmd.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved

    unless listed separately.)


    ==================== One Month Created files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-01 23:47 - 2015-10-01 23:47 - 00029572 _____ C:\Users\Dimitar\Desktop\Addition.txt
    2015-10-01 23:46 - 2015-10-01 23:53 - 00014562 _____ C:\Users\Dimitar\Desktop\FRST.txt
    2015-10-01 23:46 - 2015-10-01 23:53 - 00000000 ____D C:\FRST
    2015-10-01 23:46 - 2015-10-01 23:46 - 02192384 _____ (Farbar) C:\Users\Dimitar\Desktop\FRST64.exe
    2015-10-01 23:37 - 2015-10-01 23:37 - 00000000 ____D C:\Users\Dimitar\AppData\Local\IDTool
    2015-10-01 23:37 - 2014-05-14 19:23 - 02477536 _____ (Microsoft Corporation) C:\Windows

    \system32\wuaueng.dll
    2015-10-01 23:37 - 2014-05-14 19:23 - 00058336 _____ (Microsoft Corporation) C:\Windows

    \system32\wuauclt.exe
    2015-10-01 23:37 - 2014-05-14 19:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
    2015-10-01 23:37 - 2014-05-14 19:21 - 02620928 _____ (Microsoft Corporation) C:\Windows

    \system32\wucltux.dll
    2015-10-01 23:29 - 2015-10-01 23:29 - 00000000 ____D C:\Users\Dimitar\Desktop\idtool
    2015-10-01 23:23 - 2015-10-01 23:29 - 02744965 _____ C:\Users\Dimitar\Desktop\idtool.zip
    2015-09-30 22:52 - 2015-10-01 17:34 - 00079203 _____ C:\Users\Dimitar\Downloads

    \12049300_10206043601943825_2679674211723403289_n.jpg.id-8900841658_file2@openmailbox.org
    2015-09-30 22:43 - 2015-10-01 20:06 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\Smart PDF Converter

    Pro
    2015-09-30 22:29 - 2015-10-01 22:06 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\Opera Software
    2015-09-30 22:29 - 2015-10-01 22:06 - 00000000 ____D C:\Users\Dimitar\AppData\Local\Opera Software
    2015-09-30 22:26 - 2015-10-01 22:07 - 00000000 ____D C:\Users\Dimitar\AppData\Local\Lenovo
    2015-09-30 22:26 - 2015-10-01 22:06 - 00000000 ____D C:\Program Files (x86)\Opera
    2015-09-30 22:25 - 2015-09-30 22:25 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\Icecream
    2015-09-30 22:24 - 2015-10-01 22:11 - 00000000 ____D C:\Program Files (x86)\Lenovo
    2015-09-30 22:24 - 2015-09-30 22:25 - 00000000 ____D C:\Windows\System32\Tasks\Lenovo
    2015-09-30 22:24 - 2015-09-30 22:24 - 00000000 ____D C:\Windows\Downloaded Installations
    2015-09-30 22:23 - 2015-09-30 22:23 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\RPEng
    2015-09-30 22:22 - 2015-09-30 22:22 - 00000000 ____D C:\Users\Dimitar\AppData\Local\Icecream
    2015-09-30 22:19 - 2015-10-01 22:06 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\DVDVideoSoft
    2015-09-30 22:13 - 2015-09-30 22:16 - 30984368 _____ (DVDVideoSoft Ltd. ) C:\Users\Dimitar\Downloads

    \FreeAudioConverter.exe
    2015-09-30 21:53 - 2015-09-30 22:18 - 123884456 _____ (Icecream Apps ) C:\Users\Dimitar\Downloads

    \pdf_converter_setup.exe
    2015-09-30 21:38 - 2015-10-01 20:11 - 00000000 ____D C:\Users\Dimitar\Desktop\ABV T p
    2015-09-28 23:09 - 2015-10-01 17:34 - 00000000 ____D C:\Users\Dimitar\Downloads\ABV M-B
    2015-09-26 22:18 - 2015-10-01 17:09 - 00000000 ____D C:\Users\Dimitar\Desktop\mmm
    2015-09-26 10:11 - 2015-10-01 17:34 - 00042265 _____ C:\Users\Dimitar\Downloads

    \12038313_10153433453248880_8925324860190445889_n.jpg.id-8900841658_file2@openmailbox.org
    2015-09-26 00:07 - 2015-10-01 17:34 - 00059803 _____ C:\Users\Dimitar\Downloads\21.jpg.id-

    8900841658_file2@openmailbox.org
    2015-09-23 22:19 - 2015-10-01 17:34 - 00093743 _____ C:\Users\Dimitar\Downloads

    \11951327_10206280049574241_1449255293664351545_n.jpg.id-8900841658_file2@openmailbox.org
    2015-09-23 21:06 - 2015-09-23 21:08 - 18306248 _____ (Adobe Systems Incorporated) C:\Users\Dimitar

    \Downloads\install_flash_player_ax.exe
    2015-09-22 09:35 - 2015-10-01 17:34 - 00006372 _____ C:\Users\Dimitar\Downloads\photo-328125.jpg.id-

    8900841658_file2@openmailbox.org
    2015-09-21 23:42 - 2015-09-21 23:55 - 201752576 _____ C:\Users\Dimitar\Documents\20150921_2342.mpg
    2015-09-20 09:27 - 2015-10-01 17:34 - 00091439 _____ C:\Users\Dimitar\Downloads

    \10351821_666051146804595_4614870809564325879_n.jpg.id-8900841658_file2@openmailbox.org
    2015-09-19 20:48 - 2015-10-01 17:05 - 00119812 _____ C:\Users\Dimitar\Desktop\Lechenie s med.doc.id-

    8900841658_file2@openmailbox.org


    2015-09-19 12:41 - 2015-10-01 17:09 - 00053764 _____ C:\Users\Dimitar\Desktop\Medovina.doc.id-

    8900841658_file2@openmailbox.org
    2015-09-18 20:36 - 2015-09-18 20:36 - 00000958 _____ C:\Users\Dimitar\Desktop\Hitler - Пряк път.lnk
    2015-09-18 18:31 - 2015-10-01 17:34 - 00068318 _____ C:\Users\Dimitar\Downloads\N i P.jpg.id-

    8900841658_file2@openmailbox.org


    2015-09-14 20:51 - 2015-10-01 16:52 - 02633657 _____ C:\Users\Dimitar\Desktop\DSC_3882.jpg.id-

    8900841658_file2@openmailbox.org
    2015-09-14 20:51 - 2015-10-01 16:52 - 02364951 _____ C:\Users\Dimitar\Desktop\DSC_3883.jpg.id-

    8900841658_file2@openmailbox.org
    2015-09-14 01:00 - 2015-10-01 22:23 - 00001064 _____ C:\Windows\setupact.log
    2015-09-14 01:00 - 2015-09-14 01:00 - 00000000 _____ C:\Windows\setuperr.log
    2015-09-11 22:23 - 2015-10-01 17:34 - 00033796 _____ C:\Users\Dimitar\Downloads\Prilojenie_N_63-

    Deklaracia_kandidat_chl._414_al._1_t._5.doc.id-8900841658_file2@openmailbox.org
    2015-09-11 22:04 - 2015-10-01 17:34 - 00000000 ____D C:\Users\Dimitar\Downloads\ABV T ot desi
    2015-09-07 16:36 - 2015-10-01 17:34 - 00711385 _____ C:\Users\Dimitar\Downloads\Faktura za 3 PC s Win i

    Monitori.pdf.id-8900841658_file2@openmailbox.org
    2015-09-07 11:38 - 2015-10-01 17:34 - 00049668 _____ C:\Users\Dimitar\Downloads\dl.doc.id-

    8900841658_file2@openmailbox.org
    2015-09-07 11:22 - 2015-10-01 17:34 - 00051204 _____ C:\Users\Dimitar\Downloads\Prilojenie_64.doc.id-

    8900841658_file2@openmailbox.org
    2015-09-07 11:22 - 2015-10-01 17:34 - 00050180 _____ C:\Users\Dimitar\Downloads\Prilojenie_62.doc.id-

    8900841658_file2@openmailbox.org
    2015-09-05 10:13 - 2015-09-05 10:13 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
    2015-09-05 10:13 - 2015-09-05 10:13 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs

    \Skype

    ==================== One Month Modified files and folders ========

    (If an entry is included in the fixlist, the file/folder will be moved.)

    2015-10-01 23:51 - 2014-09-28 15:37 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\Skype
    2015-10-01 23:44 - 2009-07-14 07:45 - 00023680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-

    9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2015-10-01 23:44 - 2009-07-14 07:45 - 00023680 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-

    9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2015-10-01 23:41 - 2014-10-07 20:50 - 00373578 _____ C:\ProgramData\LMabscan.log
    2015-10-01 23:38 - 2014-09-28 17:35 - 01569842 _____ C:\Windows\WindowsUpdate.log
    2015-10-01 23:38 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\bg-BG
    2015-10-01 23:35 - 2015-03-26 00:00 - 00000998 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2015-10-01 23:33 - 2014-09-28 19:38 - 00774874 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
    2015-10-01 23:33 - 2009-07-14 08:13 - 00774874 _____ C:\Windows\system32\PerfStringBackup.INI
    2015-10-01 22:23 - 2015-03-26 00:00 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2015-10-01 22:23 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2015-10-01 22:06 - 2014-09-28 17:43 - 00001431 _____ C:\Users\Dimitar\AppData\Roaming\Microsoft\Windows

    \Start Menu\Programs\Internet Explorer.lnk
    2015-10-01 22:06 - 2014-09-28 17:43 - 00001397 _____ C:\Users\Dimitar\AppData\Roaming\Microsoft\Windows

    \Start Menu\Programs\Internet Explorer (64-bit).lnk
    2015-10-01 21:37 - 2014-09-30 22:52 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows

    \SysWOW64\FlashPlayerApp.exe
    2015-10-01 21:37 - 2014-09-30 22:52 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows

    \SysWOW64\FlashPlayerCPLApp.cpl
    2015-10-01 20:48 - 2010-11-21 06:47 - 00057530 _____ C:\Windows\PFRO.log
    2015-10-01 20:32 - 2014-09-28 17:41 - 00000000 ____D C:\Users\Dimitar
    2015-10-01 17:35 - 2015-04-30 22:12 - 00097796 ___SH C:\Users\Dimitar\Thumbs.db.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-31 17:27 - 11130543 _____ C:\Users\Dimitar\Downloads\Lyson_Kat_BG-2013e4

    (3).pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-24 09:23 - 11130543 _____ C:\Users\Dimitar\Downloads\Lyson_Kat_BG-2013e4

    (2).pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-20 23:08 - 00128224 _____ C:\Users\Dimitar\Downloads\Lyson_Kat_BG-2013e4

    (1).pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-18 14:14 - 00175108 _____ C:\Users\Dimitar\Documents\Декларация-за-

    съответствие-на-Инвертиран-захарен-Сироп.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-12 15:46 - 11130543 _____ C:\Users\Dimitar\Downloads\Lyson_Kat_BG-

    2013e4.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-08-05 15:53 - 01519620 _____ C:\Users\Dimitar\Downloads\pravilnik-

    elektrobezopasnost-do-1000v-2014.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-31 18:22 - 00379140 _____ C:\Users\Dimitar\Downloads\Kampania predi

    kampaniata_2.docx.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-30 09:08 - 01447716 _____ C:\Users\Dimitar\Downloads

    \_Presentation_MI_2015.pdf_.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-29 14:09 - 15002283 _____ C:\Users\Dimitar\Documents\WorkCentre_3119_W7.zip.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-23 08:41 - 00229107 _____ C:\Users\Dimitar\Downloads\palnomoshtno.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-21 06:28 - 00030985 _____ C:\Users\Dimitar\Downloads

    \rio.2.2014.720p.bluray.x264-felony(subsunacs.net).rar.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-15 22:47 - 00105476 _____ C:\Users\Dimitar\Downloads\za 18.07.15.doc.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-07-13 08:07 - 00000000 ____D C:\Users\Dimitar\Downloads\liliya
    2015-10-01 17:34 - 2015-07-13 07:35 - 00412019 _____ C:\Users\Dimitar\Downloads

    \11731650_10205429983403925_3052852937821058920_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-10 06:18 - 00000000 ____D C:\Users\Dimitar\Downloads\Yana
    2015-10-01 17:34 - 2015-07-09 22:09 - 00049072 _____ C:\Users\Dimitar\Downloads

    \11071004_10155817129795711_8916045562196305417_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-08 06:01 - 00041155 _____ C:\Users\Dimitar\Downloads

    \11064863_439291339584968_4639517916712102149_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-07 23:28 - 00021972 _____ C:\Users\Dimitar\Downloads

    \11013210_10155814562885711_122589636077116091_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-07 21:57 - 00023684 _____ C:\Users\Dimitar\Downloads

    \400640_626632490707890_1749236689_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-07-06 05:30 - 00097335 _____ C:\Users\Dimitar\Downloads

    \1926930_754153584615549_3073118011627098467_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-28 21:56 - 00017284 _____ C:\Users\Dimitar\Downloads

    \11536072_10153406376549889_5843235602455258566_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-27 23:41 - 00409604 _____ C:\Users\Dimitar\Downloads

    \zaiavlenie_M6.1_SPO_new1.xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-23 22:38 - 00060932 _____ C:\Users\Dimitar\Downloads\Таблица_за_изчисление_СПО

    (1).xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-14 08:06 - 00035617 _____ C:\Users\Dimitar\Downloads

    \10410406_1006417546037132_5032889398247541995_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-12 20:05 - 00000000 ____D C:\Users\Dimitar\Downloads\radi
    2015-10-01 17:34 - 2015-06-03 20:49 - 01003695 _____ C:\Users\Dimitar\Downloads\-       -

    07.06.2015.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-02 20:30 - 00077988 _____ C:\Users\Dimitar\Downloads

    \11392963_10153343811674410_2038122975433018119_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-06-02 20:30 - 00073497 _____ C:\Users\Dimitar\Downloads

    \11124537_10153343811504410_8942286978951714152_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-30 07:53 - 00000000 ____D C:\Users\Dimitar\Downloads\dimetra
    2015-10-01 17:34 - 2015-05-29 21:02 - 00149917 _____ C:\Users\Dimitar\Downloads\A_B_V.docx.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-27 23:40 - 00018132 _____ C:\Users\Dimitar\Downloads

    \11209579_837866602916664_2760203013185837353_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-21 08:09 - 00032053 _____ C:\Users\Dimitar\Downloads\стругар-ok.docx.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 21:31 - 00024580 ___SH C:\Users\Dimitar\Documents\Thumbs.db.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 17:25 - 00264708 _____ C:\Users\Dimitar\Downloads\Инструкции-

    металообработване.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 16:59 - 00154996 _____ C:\Users\Dimitar\Downloads

    \B1tva.za.Sevastopol.DVDRip.Web.Rip.BDRip.(subs.sab.bz).rar.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 14:12 - 00047620 _____ C:\Users\Dimitar\Downloads\6iva4.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 14:04 - 00245831 _____ C:\Users\Dimitar\Downloads

    \3_Dlujnostna_Harakteristika_Operator.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-20 13:12 - 00104172 _____ C:\Users\Dimitar\Downloads\avtogumi.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00062398 _____ C:\Users\Dimitar\Downloads

    \11303441_775869962520581_2115803984_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00060784 _____ C:\Users\Dimitar\Downloads

    \11267280_775869665853944_338322018_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00059090 _____ C:\Users\Dimitar\Downloads

    \11292725_775869822520595_663748369_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00053973 _____ C:\Users\Dimitar\Downloads

    \11291929_775869725853938_2109645771_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00050399 _____ C:\Users\Dimitar\Downloads

    \11267658_775869789187265_561141942_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:54 - 00047523 _____ C:\Users\Dimitar\Downloads

    \11245205_775869882520589_1017092243_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:37 - 00058873 _____ C:\Users\Dimitar\Downloads

    \11271310_1055093387853593_1110451877_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:37 - 00043447 _____ C:\Users\Dimitar\Downloads

    \11287659_1055093317853600_801522910_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:37 - 00042091 _____ C:\Users\Dimitar\Downloads

    \11293593_1055093344520264_900690982_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-18 22:37 - 00038885 _____ C:\Users\Dimitar\Downloads

    \11273819_1055093377853594_908472957_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-17 20:28 - 00122188 _____ C:\Users\Dimitar\Downloads

    \11263714_1054383267924605_1503261595_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-17 20:28 - 00072983 _____ C:\Users\Dimitar\Downloads

    \11287381_1054383701257895_1744968897_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-17 20:28 - 00072023 _____ C:\Users\Dimitar\Downloads

    \11304039_1054384104591188_1152380552_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-14 18:41 - 00031236 _____ C:\Users\Dimitar\Downloads\Теми-нац.кръгли маси

    (2).xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-11 23:39 - 00003988 _____ C:\Users\Dimitar\Downloads\f1572.txt.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-05-10 09:17 - 00080900 _____ C:\Users\Dimitar\Downloads\OfElopar-

    i5x3_09may15.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-04-29 18:55 - 00030724 _____ C:\Users\Dimitar\Downloads\Теми-нац.кръгли маси

    (1).xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-04-22 18:55 - 00030724 _____ C:\Users\Dimitar\Downloads\Отопление.xls.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-04-15 20:22 - 00030724 _____ C:\Users\Dimitar\Downloads\Теми-нац.кръгли

    маси.xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-31 23:06 - 00201620 _____ C:\Users\Dimitar\Downloads\dl1.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-30 22:23 - 00060932 _____ C:\Users\Dimitar\Downloads

    \Таблица_за_изчисление_СПО.xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-30 18:42 - 00358369 _____ C:\Users\Dimitar\Desktop\Шерлок Холмс.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-03-30 18:42 - 00173639 _____ C:\Users\Dimitar\Desktop\Хищникът.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-30 18:41 - 00058294 _____ C:\Users\Dimitar\Desktop\Шест дни, седем нощи.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-03-30 18:40 - 00064020 _____ C:\Users\Dimitar\Desktop\Чиракът на магьосникът  The

    Sorcerer's Apprentice.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-27 19:56 - 00045285 _____ C:\Users\Dimitar\Desktop\Разкрит си.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-03-26 22:35 - 00066725 _____ C:\Users\Dimitar\Downloads\dl.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-23 20:49 - 01232414 _____ C:\Users\Dimitar\Downloads

    \20150318_Spisuk_izlishni_oryjiq_boepr.zip.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-23 20:39 - 00027652 _____ C:\Users\Dimitar\Downloads\Заявление.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-20 23:27 - 00188420 _____ C:\Users\Dimitar\Downloads\dl.xls.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-19 09:42 - 00041837 _____ C:\Users\Dimitar\Downloads

    \Into.the.Woods.2014.1080p.BluRay.x264-SPARKS.srt.zip.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-19 09:41 - 00024340 _____ C:\Users\Dimitar\Downloads

    \Halo_Nightfall_2014_720p_BRRIP_x264_AC3_TiTAN.(subs.sab.bz).zip.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-06 17:37 - 00030724 _____ C:\Users\Dimitar\Downloads\Rabotni-organi_ABV-

    Mladeji.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-03-06 17:36 - 00030212 _____ C:\Users\Dimitar\Downloads\Zaqvlenie_komisii_ABV-

    Mladeji.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-25 00:49 - 00644596 _____ C:\Users\Dimitar\Downloads\Naredba-RD-02-20-9

    (1).doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-25 00:42 - 00194052 _____ C:\Users\Dimitar\Downloads\ЗА ЕЛЕКТРОННО ОБЯВЯВАНЕ

    ТАКСИ И УСЛУГИ (1).doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-25 00:41 - 00031748 _____ C:\Users\Dimitar\Downloads\Pril15.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-25 00:36 - 00644596 _____ C:\Users\Dimitar\Downloads\Naredba-RD-02-20-9.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-25 00:36 - 00194052 _____ C:\Users\Dimitar\Downloads\ЗА ЕЛЕКТРОННО ОБЯВЯВАНЕ

    ТАКСИ И УСЛУГИ.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-24 22:06 - 00027828 _____ C:\Users\Dimitar\Downloads\desire_1

    (subsunacs.net).rar.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-24 22:06 - 00013332 _____ C:\Users\Dimitar\Downloads

    \bez.wstydu.2012.dvdrip.xvid(subsunacs.net).rar.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-17 20:38 - 00458756 _____ C:\Users\Dimitar\Downloads\Chapter 7 - Administrering

    Shared Folders .doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-10 22:51 - 00185015 _____ C:\Users\Dimitar\Downloads

    \10846053_778063272248162_2759858852952439860_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-10 18:15 - 00083080 _____ C:\Users\Dimitar\Downloads

    \10612754_891241654271915_5430035515222652237_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-10 11:32 - 00024772 _____ C:\Users\Dimitar\Downloads

    \10245328_718409361612891_1545675350261322121_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-07 12:35 - 00093907 _____ C:\Users\Dimitar\Downloads

    \1610830_1502067503416344_3446335898335607621_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-07 12:27 - 00311975 _____ C:\Users\Dimitar\Downloads

    \10869789_1506576999632061_1010839556711522307_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-06 20:29 - 00030212 _____ C:\Users\Dimitar\Documents\Zaqvlenie_komisii_ABV-

    Mladeji.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-05 19:18 - 00000000 ____D C:\Users\Dimitar\Downloads\qmbol 01.02.2015
    2015-10-01 17:34 - 2015-02-05 19:17 - 00030724 _____ C:\Users\Dimitar\Documents\Rabotni-organi_ABV-

    Mladeji.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-05 08:18 - 65598488 _____ C:\Users\Dimitar\Downloads\qmbol 01.02.2015.rar.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-02-03 12:17 - 00059673 _____ C:\Users\Dimitar\Downloads

    \1381245_810680812348331_6549212325049030589_n (1).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-03 12:13 - 00059673 _____ C:\Users\Dimitar\Downloads

    \1381245_810680812348331_6549212325049030589_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-02 11:58 - 00059758 _____ C:\Users\Dimitar\Downloads\Системен буфер-2.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-02-01 21:53 - 00020660 _____ C:\Users\Dimitar\Downloads

    \1924674_378103945703287_5156779104016203243_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-02-01 13:57 - 00051689 _____ C:\Users\Dimitar\Downloads

    \10644999_812278788810632_802144686894976835_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-19 23:12 - 00139780 _____ C:\Users\Dimitar\Downloads\1Регистрационна форма за

    региони_new.xls.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-18 00:15 - 00171908 _____ C:\Users\Dimitar\Downloads

    \1399078_1487673191504384_7483646942978108687_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-18 00:14 - 00264772 _____ C:\Users\Dimitar\Downloads

    \10704225_701449236571371_4109347052225475957_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-14 00:14 - 00030212 _____ C:\Users\Dimitar\Downloads

    \Tekushti_priemi_12.01.2015_g.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-10 00:57 - 13015196 _____ C:\Users\Dimitar\Downloads\Lyson_Kat_EN-2014.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-10 00:57 - 03242941 _____ C:\Users\Dimitar\Downloads

    \PPLyson_ProfesionalLine_EN-2013e2_A4_24str.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-10 00:56 - 41379083 _____ C:\Users\Dimitar\Downloads\katalog_2014.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-10 00:56 - 10269405 _____ C:\Users\Dimitar\Downloads

    \Lyson_katalog_swiece_2014.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-10 00:56 - 05156249 _____ C:\Users\Dimitar\Downloads

    \PPLyson_ProfesionalLine_PL_A4.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-09 19:18 - 00104239 _____ C:\Users\Dimitar\Downloads

    \10906515_371399303021091_3281094437397335167_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2015-01-08 20:21 - 00013636 _____ C:\Users\Dimitar\Downloads\Рожден ден_АБВ.docx.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2015-01-08 20:11 - 00033631 _____ C:\Users\Dimitar\Downloads

    \10458311_317181121805069_6497248088276388012_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-12-30 21:49 - 00000000 ____D C:\Users\Dimitar\Downloads\SpeechLab v.2.0 (4etene na

    BG i ENG text ot dokumenti)
    2015-10-01 17:34 - 2014-12-30 21:47 - 28020703 _____ C:\Users\Dimitar\Downloads\SpeechLab v.2.0 (4etene na

    BG i ENG text ot dokumenti).rar.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-12-25 15:28 - 00070154 _____ C:\Users\Dimitar\Downloads

    \10847762_570134523117779_937238064390822212_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-12-20 21:50 - 00080880 _____ C:\Users\Dimitar\Downloads

    \10846956_889928061047422_152714239_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-12-18 17:00 - 00062709 _____ C:\Users\Dimitar\Downloads

    \1549356_10154863730910153_5075319010052729783_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-12-08 14:14 - 00000000 ____D C:\Users\Dimitar\Desktop\Получ.файлове
    2015-10-01 17:34 - 2014-11-17 23:20 - 00042699 _____ C:\Users\Dimitar\Desktop\Стана Катич.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:34 - 2014-11-09 19:03 - 00028164 _____ C:\Users\Dimitar\Desktop\До областните

    координатори на ПП АБВ (1).doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-11-08 06:47 - 02128900 _____ C:\Users\Dimitar\Desktop\Протокол_Ямбол.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:34 - 2014-09-30 22:37 - 00000000 ____D C:\Users\Dimitar\Desktop\Нова папка
    2015-10-01 17:33 - 2015-07-06 08:41 - 00202540 _____ C:\Users\Dimitar\Desktop\Колекция от 50 000

    книги.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:33 - 2015-03-25 08:37 - 00129670 _____ C:\Users\Dimitar\Desktop\Интимни места (2013)

    Интимные места - DVD-Rip.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:33 - 2015-02-11 14:10 - 00090628 _____ C:\Users\Dimitar\Desktop\Кордицепс.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:33 - 2015-02-10 22:55 - 00070148 _____ C:\Users\Dimitar\Desktop\Лекуване с прополис.doc.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:33 - 2015-01-26 16:45 - 00024068 _____ C:\Users\Dimitar\Desktop\Нов Microsoft Word Document

    (2).doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:33 - 2014-12-30 22:52 - 00293862 _____ C:\Users\Dimitar\Desktop\Нов текстов документ.txt.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:33 - 2014-11-27 16:35 - 00000000 ____D C:\Users\Dimitar\Desktop\Изображение
    2015-10-01 17:33 - 2014-10-22 18:12 - 00024580 _____ C:\Users\Dimitar\Desktop\Нов Microsoft Word

    Document.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2015-07-12 07:50 - 00000000 ____D C:\obzavejdane
    2015-10-01 17:32 - 2015-05-12 08:22 - 00493283 _____ C:\Users\Dimitar\Desktop

    \^75E914AD1B8C3ECC0DA3CBC1BCD6AFF75F0C0CE601AEC13FBB^pimgpsh_fullsize_distr.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2015-04-13 21:42 - 00000000 ____D C:\Users\Dimitar\Desktop\Varna
    2015-10-01 17:32 - 2015-03-30 18:39 - 00113452 _____ C:\Users\Dimitar\Desktop\Град на греха (2005)  Sin

    City.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2015-03-11 23:41 - 00111751 _____ C:\Users\Dimitar\Desktop\АВТОМОБИЛНИТЕ ГУМИ - СТАРИ

    ИЛИ ПРЕСНИ.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2015-02-23 11:00 - 00142340 _____ C:\Users\Dimitar\Desktop\z.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2015-01-22 15:43 - 00000000 ____D C:\Users\Dimitar\Desktop\Viber Images
    2015-10-01 17:32 - 2015-01-14 15:22 - 00000000 ____D C:\Users\Dimitar\Desktop\VASKO
    2015-10-01 17:32 - 2014-12-10 22:07 - 00038916 _____ C:\Users\Dimitar\Desktop\заплати за м. Октомври

    2014.xls
    2015-10-01 17:32 - 2014-12-08 14:15 - 00000000 ____D C:\Users\Dimitar\Desktop\Видеоклипове
    2015-10-01 17:32 - 2014-12-08 14:15 - 00000000 ____D C:\Users\Dimitar\Desktop\Видеоклип
    2015-10-01 17:32 - 2014-11-20 19:33 - 02878634 _____ C:\Users\Dimitar\Desktop

    \WC3119_WINXP_VISTA_64_GDI_v3.04.96.01.zip.id-8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2014-11-20 19:26 - 15002283 _____ C:\Users\Dimitar\Desktop\WorkCentre_3119_W7.zip.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2014-10-13 20:03 - 00000180 ____H C:\Users\Dimitar\Desktop\~$рламентарни избори

    2014.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:32 - 2014-10-03 21:29 - 00082635 _____ C:\Users\Dimitar\Desktop\zimnica.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:31 - 2015-06-23 13:08 - 00000000 ____D C:\Mejda stroeja
    2015-10-01 17:28 - 2015-01-19 14:56 - 00000000 ____D C:\garaji
    2015-10-01 17:27 - 2015-07-29 14:12 - 00000000 ____D C:\Age.of.Empires.II.HD.The.Forgotten-RELOADED
    2015-10-01 17:14 - 2015-05-24 00:32 - 00144021 _____ C:\Users\Dimitar\Desktop

    \v11221713_10204410179037072_1911070807547679430_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:14 - 2015-04-05 21:52 - 00000000 ____D C:\Users\Dimitar\Desktop\v
    2015-10-01 17:14 - 2014-10-04 13:33 - 00083548 _____ C:\Users\Dimitar\Desktop\Vanya.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-06-14 22:43 - 00142854 _____ C:\Users\Dimitar\Desktop\The A-Team  А отборът

    (2010).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-05-28 07:31 - 00000000 ____D C:\Users\Dimitar\Desktop\pravilnik-abv-mladeji
    2015-10-01 17:13 - 2015-05-28 07:30 - 04399327 _____ C:\Users\Dimitar\Desktop\pravilnik-abv-

    mladeji.zip.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-04-13 21:52 - 00000000 ____D C:\Users\Dimitar\Desktop\pliska
    2015-10-01 17:13 - 2015-03-22 22:13 - 00047442 _____ C:\Users\Dimitar\Desktop\Salt  Агент Солт

    (2010).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-02-24 22:05 - 00087726 _____ C:\Users\Dimitar\Desktop\Q Sexual Desire  Желание

    (2011).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-02-18 18:13 - 00338722 _____ C:\Users\Dimitar\Desktop

    \Superb_facelift_12012015.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-02-17 20:29 - 00118585 _____ C:\Users\Dimitar\Desktop\sharing1.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-02-17 20:29 - 00117402 _____ C:\Users\Dimitar\Desktop\sharing2.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-02-17 20:29 - 00021140 _____ C:\Users\Dimitar\Desktop\sharing25.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2015-01-22 15:23 - 00158114 _____ C:\Users\Dimitar\Desktop\stoina.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-12-31 00:17 - 00063160 _____ C:\Users\Dimitar\Desktop\Sabotage_Саботаж.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-11-21 21:10 - 00048644 _____ C:\Users\Dimitar\Desktop\programna.deklaraciq.last

    ver.3.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-11-21 19:16 - 00044548 _____ C:\Users\Dimitar\Desktop

    \programna.deklaraciq.last.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-11-18 21:18 - 00039940 _____ C:\Users\Dimitar\Desktop

    \u0414u041Eu041Au041Bu0410u0414 08.11.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-10-10 20:26 - 00441784 _____ C:\Users\Dimitar\Desktop\Price List Land Rover

    Discovery-2014.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:13 - 2014-10-07 00:00 - 00065639 _____ C:\Users\Dimitar\Desktop\razpredelenie.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:09 - 2015-08-11 20:19 - 00000000 ____D C:\Users\Dimitar\Desktop\pcheli
    2015-10-01 17:09 - 2015-05-22 11:33 - 35473268 _____ C:\Users\Dimitar\Desktop\MOV_3258.mp4.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:09 - 2015-02-19 12:05 - 00038404 _____ C:\Users\Dimitar\Desktop\P-l.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:09 - 2015-02-18 18:13 - 00235907 _____ C:\Users\Dimitar\Desktop\Octavia_5E3_12012015.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:09 - 2015-01-20 11:46 - 00023556 _____ C:\Users\Dimitar\Desktop\oferta mitko elopar.xls.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:09 - 2014-12-10 22:27 - 00123033 _____ C:\Users\Dimitar\Desktop\pics.docx.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:09 - 2014-11-29 17:33 - 00000000 ____D C:\Users\Dimitar\Desktop\Maya
    2015-10-01 17:09 - 2014-11-23 16:24 - 75788501 _____ C:\Users\Dimitar\Desktop

    \MovieCreator_20141123135053.mp4.id-8900841658_file2@openmailbox.org
    2015-10-01 17:06 - 2015-01-10 00:39 - 00082970 _____ C:\Users\Dimitar\Desktop\Mariela Ivanova.JPG.id-

    8900841658_file2@openmailbox.org


    2015-10-01 17:05 - 2015-05-16 20:18 - 00000000 ____D C:\Users\Dimitar\Desktop\L
    2015-10-01 17:05 - 2015-02-24 21:52 - 00225503 _____ C:\Users\Dimitar\Desktop\La duena - Abat-jour -

    Стопанката (1988).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:05 - 2015-01-20 21:30 - 00576218 _____ C:\Users\Dimitar\Desktop\Land Rover Discovery-

    2015.pdf.id-8900841658_file2@openmailbox.org


    2015-10-01 17:05 - 2014-11-09 22:01 - 00176810 _____ C:\Users\Dimitar\Desktop\Lucy   Люси (2014).jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 17:05 - 2014-10-10 20:40 - 26061449 _____ C:\Users\Dimitar\Desktop\Land Rover Discovery 4

    2014.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 17:04 - 2015-02-17 22:33 - 00000000 ____D C:\Users\Dimitar\Desktop\k
    2015-10-01 17:03 - 2015-05-20 21:41 - 00000000 ____D C:\Users\Dimitar\Desktop\ivanka
    2015-10-01 17:03 - 2015-03-19 09:42 - 00168052 _____ C:\Users\Dimitar\Desktop\Into the Woods  Вдън горите

    (2014).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 17:03 - 2014-09-28 15:10 - 00000000 ____D C:\Users\Dimitar\Desktop\GIGABYTE u8300
    2015-10-01 17:02 - 2014-12-23 18:26 - 00000000 ____D C:\Users\Dimitar\Desktop\Foto obraboteni
    2015-10-01 16:55 - 2015-01-09 21:22 - 00000000 ____D C:\Users\Dimitar\Desktop\fff
    2015-10-01 16:53 - 2015-05-28 07:30 - 00830980 _____ C:\Users\Dimitar\Desktop\el.registyr_mladeji

    (1).xls.id-8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2015-05-11 23:50 - 00096648 _____ C:\Users\Dimitar\Desktop\f1572.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2015-04-07 08:05 - 00000000 ____D C:\Users\Dimitar\Desktop\Emilia Milenova
    2015-10-01 16:53 - 2015-03-10 18:27 - 00000000 ____D C:\Users\Dimitar\Desktop\e
    2015-10-01 16:53 - 2015-01-28 18:59 - 00026628 _____ C:\Users\Dimitar\Desktop\fakti.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2014-12-30 23:01 - 00293862 _____ C:\Users\Dimitar\Desktop\ezik.txt.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2014-12-30 22:45 - 01017956 _____ C:\Users\Dimitar\Desktop\ezik.rtf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2014-12-30 22:44 - 00670724 _____ C:\Users\Dimitar\Desktop\ezik.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:53 - 2014-10-04 13:35 - 00093030 _____ C:\Users\Dimitar\Desktop\eli.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-06-25 23:29 - 01724520 _____ C:\Users\Dimitar\Desktop\DSC_2583.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-05-28 07:31 - 00000000 ____D C:\Users\Dimitar\Desktop\dneven-red-scenarii-protokol
    2015-10-01 16:52 - 2015-05-28 07:30 - 02035426 _____ C:\Users\Dimitar\Desktop\dneven-red-scenarii-

    protokol.zip.id-8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-05-20 21:34 - 01862622 _____ C:\Users\Dimitar\Desktop\DSC_3291.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-05-20 17:32 - 02797318 _____ C:\Users\Dimitar\Desktop\DSC_3282.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-26 22:59 - 02466218 _____ C:\Users\Dimitar\Desktop\DSC_2830.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-26 22:59 - 02368605 _____ C:\Users\Dimitar\Desktop\DSC_2829.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-17 21:48 - 02957275 _____ C:\Users\Dimitar\Desktop\DSC02655.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-17 21:48 - 02634698 _____ C:\Users\Dimitar\Desktop\DSC02654.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-17 21:48 - 00000004 _____ C:\Users\Dimitar\Desktop\DSC02650.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2015-03-16 22:25 - 02275970 _____ C:\Users\Dimitar\Desktop\DSC_0868.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2014-12-08 16:44 - 03350335 _____ C:\Users\Dimitar\Desktop\DSC_2327.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2014-11-29 17:42 - 01946372 _____ C:\Users\Dimitar\Desktop\DSC_2266.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2014-11-29 17:42 - 01449198 _____ C:\Users\Dimitar\Desktop\DSC_2267.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2014-11-12 17:46 - 00113139 _____ C:\Users\Dimitar\Desktop\Document 1.rtf.id-

    8900841658_file2@openmailbox.org


    2015-10-01 16:52 - 2014-11-08 06:47 - 00046084 _____ C:\Users\Dimitar\Desktop\dneven_red_mladegi-сценарий-

    Ямбол.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 16:52 - 2014-10-09 21:14 - 00909168 _____ C:\Users\Dimitar\Desktop\dsc0920u.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:48 - 2015-08-05 18:47 - 00000000 ____D C:\Users\Dimitar\Desktop\desi
    2015-10-01 16:48 - 2015-07-03 20:21 - 00000000 ____D C:\Users\Dimitar\Desktop\dimo
    2015-10-01 16:31 - 2015-08-21 19:44 - 00000000 ____D C:\Users\Dimitar\Desktop\botevo
    2015-10-01 16:31 - 2015-05-29 07:39 - 00367108 _____ C:\Users\Dimitar\Desktop\d.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:31 - 2015-01-01 13:37 - 00174723 _____ C:\Users\Dimitar\Desktop\cidImage_FOT8F1.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:31 - 2014-12-04 12:27 - 00356356 _____ C:\Users\Dimitar\Desktop\CV-BG dimitar snimka

    04.12.14.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 16:31 - 2014-12-04 11:30 - 00143482 _____ C:\Users\Dimitar\Desktop\CV-obrazec 2.rtf.id-

    8900841658_file2@openmailbox.org


    2015-10-01 16:31 - 2014-10-02 22:15 - 00023524 _____ C:\Users\Dimitar\Desktop\Byah balgarche.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 16:27 - 2015-06-17 22:55 - 00516761 _____ C:\Users\Dimitar\Desktop

    \baykal_em1_kniga_nevidimi_pomoshtnici.pdf.id-8900841658_file2@openmailbox.org
    2015-10-01 16:27 - 2015-04-01 22:14 - 03155855 _____ C:\Users\Dimitar\Desktop\BG_LRWorld_042015.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:26 - 2015-06-23 12:38 - 00000000 ____D C:\Users\Dimitar\Desktop\ABV-M izbori
    2015-10-01 16:26 - 2015-06-23 12:37 - 00297361 _____ C:\Users\Dimitar\Desktop\ABV-M izbori.zip.id-

    8900841658_file2@openmailbox.org


    2015-10-01 16:26 - 2015-03-29 18:33 - 00000000 ____D C:\Users\Dimitar\Desktop\ABV-M burgas
    2015-10-01 16:26 - 2015-02-27 10:14 - 00037892 _____ C:\Users\Dimitar\Desktop\banica.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:21 - 2015-07-09 19:44 - 00128045 _____ C:\Users\Dimitar\Desktop\4v1.JPG.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:21 - 2015-04-13 23:01 - 00000000 ____D C:\Users\Dimitar\Desktop\28.02.15 ABV
    2015-10-01 16:21 - 2015-03-30 22:32 - 00057860 _____ C:\Users\Dimitar\Desktop\4.1.doc.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:21 - 2014-12-04 11:05 - 00039005 _____ C:\Users\Dimitar\Desktop

    \63773_661379930645220_3452431041350184385_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:20 - 2015-03-04 21:24 - 00000000 ____D C:\Users\Dimitar\Desktop\28.02.15
    2015-10-01 16:13 - 2015-04-27 19:45 - 00153328 _____ C:\Users\Dimitar\Desktop\26.04.15 AVB.jpg.id-

    8900841658_file2@openmailbox.org


    2015-10-01 16:13 - 2015-04-07 08:44 - 00142063 _____ C:\Users\Dimitar\Desktop

    \22712_973098492720911_6188066864091245489_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:12 - 2015-01-06 23:36 - 01153767 _____ C:\Users\Dimitar\Desktop\20141203_125052.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:11 - 2015-02-06 11:51 - 00028676 _____ C:\Users\Dimitar\Desktop\20 ЗАБАВНИ РУСКИ

    МЪДРОСТИ.doc.id-8900841658_file2@openmailbox.org
    2015-10-01 16:11 - 2015-01-18 21:47 - 00000000 ____D C:\Users\Dimitar\Desktop\17.01.15
    2015-10-01 16:11 - 2014-10-18 22:52 - 00671060 _____ C:\Users\Dimitar\Desktop\181020141261.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:10 - 2015-03-04 21:26 - 00000000 ____D C:\Users\Dimitar\Desktop\169CANON
    2015-10-01 16:07 - 2015-06-18 18:08 - 00079574 _____ C:\Users\Dimitar\Desktop

    \1506796_920689044656450_2302854741761617171_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:07 - 2015-04-27 19:47 - 00070561 _____ C:\Users\Dimitar\Desktop

    \1525290_977730498906842_1376856265584099949_n (1).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:07 - 2015-04-10 16:52 - 00098107 _____ C:\Users\Dimitar\Desktop

    \1525290_977730498906842_1376856265584099949_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:07 - 2015-03-04 23:01 - 00056398 _____ C:\Users\Dimitar\Desktop

    \1622070_871388529570680_1761209997507212117_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:07 - 2015-02-25 00:57 - 00024564 _____ C:\Users\Dimitar\Desktop\150812-04.pdf.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:07 - 2014-10-05 15:41 - 00049022 _____ C:\Users\Dimitar\Desktop\1412509176_0.jpg.id-

    8900841658_file2@openmailbox.org
    2015-10-01 16:05 - 2014-12-14 13:12 - 00000000 ____D C:\Users\Dimitar\Desktop\13.12.14
    2015-10-01 16:03 - 2015-06-18 18:06 - 00075297 _____ C:\Users\Dimitar\Desktop

    \11401362_947697351917954_7493320744067271220_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-05-10 19:56 - 00181456 _____ C:\Users\Dimitar\Desktop

    \11194393_371953526344248_4904497231235715326_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-05-08 22:27 - 00044736 _____ C:\Users\Dimitar\Desktop

    \11182260_649019185230397_2334546631142420203_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-05-06 20:24 - 00278176 _____ C:\Users\Dimitar\Desktop

    \11201122_906672209399563_2981578859981274067_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-04-30 21:05 - 00066403 _____ C:\Users\Dimitar\Desktop

    \11198481_10152885218196134_1110963247_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-04-19 09:33 - 00038758 _____ C:\Users\Dimitar\Desktop

    \11138559_1576363159312562_8861758369317302816_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:03 - 2015-04-10 16:51 - 00128471 _____ C:\Users\Dimitar\Desktop

    \11136692_978216015524957_2604969949977199679_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-05-21 18:26 - 00059270 _____ C:\Users\Dimitar\Desktop

    \11017531_1397088440617852_8976013890375600188_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-04-27 19:47 - 00072496 _____ C:\Users\Dimitar\Desktop

    \11133704_977730562240169_4402002066632452508_n (1).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-04-27 19:46 - 00004180 _____ C:\Users\Dimitar\Desktop

    \11010496_10200281822284095_6962103938727164961_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-04-10 16:52 - 00107658 _____ C:\Users\Dimitar\Desktop

    \11133704_977730562240169_4402002066632452508_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-03-09 20:49 - 00204955 _____ C:\Users\Dimitar\Desktop

    \11026313_912231138809804_9203729556833968157_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2015-03-09 20:36 - 00184758 _____ C:\Users\Dimitar\Desktop

    \11046722_912229155476669_8266901418218122861_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 16:02 - 2014-10-03 22:41 - 00000000 ____D C:\Users\Dimitar\Desktop\11.09.2014
    2015-10-01 16:00 - 2015-01-11 20:21 - 00000000 ____D C:\Users\Dimitar\Desktop\11.01.15
    2015-10-01 15:59 - 2015-04-03 22:06 - 00046550 _____ C:\Users\Dimitar\Desktop

    \10997983_1128991740459569_1465620941250982473_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:59 - 2015-04-03 22:06 - 00046550 _____ C:\Users\Dimitar\Desktop

    \10997983_1128991740459569_1465620941250982473_n (1).jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:59 - 2015-03-22 23:40 - 00012836 _____ C:\Users\Dimitar\Desktop

    \10881684_753871954695993_1941331668888516303_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:59 - 2015-03-05 10:42 - 00016724 _____ C:\Users\Dimitar\Desktop

    \10994335_802625826440742_8737574765987697102_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:59 - 2014-12-14 13:11 - 00133787 _____ C:\Users\Dimitar\Desktop

    \10867036_970086146354865_1616696007_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:59 - 2014-12-14 13:10 - 00311774 _____ C:\Users\Dimitar\Desktop

    \10865977_10202400150558795_5912910399980694416_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-06-19 23:42 - 00051993 _____ C:\Users\Dimitar\Desktop

    \10848059_10155737355395711_1302820142275615466_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-06-18 18:06 - 00076824 _____ C:\Users\Dimitar\Desktop

    \10410622_947697405251282_8138382864579568852_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-05-16 00:34 - 00042311 _____ C:\Users\Dimitar\Desktop

    \10419547_753805098072283_7495430054082556459_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-05-16 00:33 - 00062761 _____ C:\Users\Dimitar\Desktop

    \10408780_903039269754761_4268806286603406206_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-05-06 20:26 - 00017252 _____ C:\Users\Dimitar\Desktop

    \10409507_1414135418906275_1499531986725793701_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-04-21 20:53 - 00111945 _____ C:\Users\Dimitar\Desktop

    \10475802_10200270959292449_2518947600111749377_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-03-09 20:35 - 00276438 _____ C:\Users\Dimitar\Desktop

    \10862550_912229138810004_5626209794940037137_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-03-05 11:03 - 00015668 _____ C:\Users\Dimitar\Desktop

    \10414451_755022951201030_4306715819374706492_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2015-03-05 11:02 - 00119222 _____ C:\Users\Dimitar\Desktop

    \10425474_755409867829005_7374521855600718304_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2014-12-02 11:41 - 00383936 _____ C:\Users\Dimitar\Desktop

    \10348663_722164201158107_1408982206993915315_o.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2014-10-13 22:28 - 00031624 _____ C:\Users\Dimitar\Desktop

    \10410855_10152767054254183_7395275607164115686_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2014-10-07 20:47 - 00095280 _____ C:\Users\Dimitar\Desktop

    \10388096_661953860520182_4415333716862863295_n.jpg.id-8900841658_file2@openmailbox.org
    2015-10-01 15:58 - 2014-10-03 21:32 - 00000000 ____D C:\Users\Dimitar\Desktop\100NIKON
    2015-10-01 15:51 - 2015-02-07 01:18 - 00000000 ____D C:\Users\Dimitar\Desktop\03.02.15
    2015-10-01 15:50 - 2015-05-29 21:03 - 00295925 _____ C:\Users\Dimitar\A_B_V.docx.id-

    8900841658_file2@openmailbox.org
    2015-10-01 15:40 - 2014-09-28 15:11 - 00000000 ____D C:\Users\Dimitar\AppData\Roaming\Crystal Player
    2015-10-01 15:07 - 2014-12-18 00:53 - 00000000 ____D C:\Users\Dimitar\AppData\Local\Apps\Windows 7 USB DVD

    Download Tool
    2015-10-01 15:07 - 2014-09-28 19:18 - 13414966 ____H C:\Users\Dimitar\AppData\Local\IconCache.db.id-

    8900841658_file2@openmailbox.org
    2015-09-30 22:43 - 2014-09-30 22:52 - 00000000 ____D C:\Users\Dimitar\AppData\Local\Adobe
    2015-09-28 09:05 - 2015-01-01 20:14 - 00000000 ____D C:\Users\Dimitar\Desktop\EasyVoiceRecorder
    2015-09-25 11:39 - 2015-03-26 00:01 - 00002181 _____ C:\Users\Public\Desktop\Google Chrome.lnk
    2015-09-16 11:42 - 2014-09-28 15:07 - 00066736 _____ C:\Windows\system32\Drivers\fsbts.sys
    2015-09-15 18:30 - 2015-03-26 00:00 - 00003994 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
    2015-09-15 18:30 - 2015-03-26 00:00 - 00003742 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
    2015-09-14 20:46 - 2015-07-13 20:41 - 00000000 ____D C:\Users\Dimitar\Desktop\SmartVoiceRecorder
    2015-09-05 10:13 - 2014-09-28 15:37 - 00000000 ___RD C:\Program Files (x86)\Skype
    2015-09-05 10:13 - 2014-09-28 15:37 - 00000000 ____D C:\ProgramData\Skype

    ==================== Files in the root of some directories =======

    2014-10-14 16:28 - 2014-10-27 11:21 - 0000826 _____ () C:\ProgramData\lmab.log
    2014-10-07 20:50 - 2015-10-01 23:41 - 0373578 _____ () C:\ProgramData\LMabscan.log

    Some files in TEMP:
    ====================
    C:\Users\Dimitar\AppData\Local\Temp\ARS.exe
    C:\Users\Dimitar\AppData\Local\Temp\_is41C0.exe


    ==================== Bamital & volsnap =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2015-10-01 00:51

    ==================== End of FRST.txt ============================

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте,
    Имали развитие по темата.
    Някакви идеи?

     

    Редактирано от dimitar1144 (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    За жалост при мен нищо не се получи след 18 часа мислене.
    явно  file2@openmailbox.org  го няма в дефинициите за сега.
    ако някои се пребори да пише.  

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Интересно...версиите на гадината изглеждат еднакво. Тук не става въпрос и за дефиниции. Инструмента се опитва да brute force-не паролата. Ще се опитам да се свържа с автора на декриптора за да видя дали ще може да се направи нещо. Ако получа още рапорти, че инструмента не се справя при file2@openmailbox.org, то тогава ще го премахна от важната тема за да не се подвеждат хората. Засега ви остава да пробвате да сканирате с инструменти като ShadowExplorer, Recuva, TestDisk (Photorec) и други да пробвате да намерите стари, но работещи версии на файловете си.

     

    Поздрави!

    • Харесва ми 5

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    аз също лепнах този вирус с разширението file2@openmailbox.org, но и при мен не стана с rakhnidecryptor след 21 часа търсене

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ясно. Явно инструмента, не става за всички варианти с @ в името. Обнових легендата във важната тема тук.

    Остава да пробвате на късмет с някой от другите им декриптори за всеки случай

    http://support.kaspersky.com/viruses/utility

    Можете да пробвате и дали с функцията Previous Files можете да спасите някои от файловете си:

    За Windows Vista/7

    http://www.howtogeek.com/howto/11130/restore-previous-versions-of-files-in-every-edition-of-windows-7/

    За Windows 8

    http://www.howtogeek.com/209080/how-to-restore-previous-versions-of-a-file-on-any-operating-system/

    или ShadowExplorer:

    http://www.howtogeek.com/howto/windows-vista/recover-files-with-shadow-copies-on-any-version-of-windows-vista/

    Можете да пробвате и с инструмента TestDisk/Photorec. Ето едно добро упътване с картинки:

    http://support.kaspersky.com/viruses/disinfection/1809

    Успех!

     

    • Харесва ми 4

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    здравейте 
    след дълго чакане днес реших да пусна заразения си компутар и да преинсталирам W7 
    речено сторено но след това тръгнах да гледам конкретно щетите от вируса направих някой я проба с прекръстване на файлове и имах успех въпреки че winrar  дава грешка архивите работят и всичко в тях е ок  както и подобен е случая с mp3 файловете просто изтрих .id-8900841658_file2@openmailbox.org и всичко е ок 
    това .vob е също подобен случая но тук файловете работят на медия класик плеър а на vlc неискат докато .mp3 върви и на двата плеъра
    за .avi формат а това за жалост не работи както и за снимките направих опити с различни програми за снимки не става и това си е. 

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Малко несериозно ми звучи с просто преименуване на файловете да се оправят...най-вероятно не са били криптирани като хората а само преименувани или просто сте ги декриптирали с инструмента на Касперски, но той не е върнал истинските им имена...не знам, но определено не би трябвало това да е възможно. Все пак значи имате повод да почерпите. :)

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    и да и не
    мен ме вълнуваха снимките и .doc  .pdf  а там не става с просто преименуване така стой въпроса с .тхт .xls  .mp4 .avi .3gp
    не знам защо но не се получва за  всеки .rar  също  

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ок, но все пак разбирате колко абсурдно звучи...все едно да смените разширението на *.avi файл и да получите *.mp4 без прекодиране на файла. Просто според мен не е успял да криптира файловете или е имало бъг в самия криптиращ вирус (но ако е така то щеше да се е разчуло досега, макар че те често пускат нова версия на вируса и може би просто не са му обърнали внимание, защото той не се задържа дълго "in the wild"). :)

    • Харесва ми 4

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    По Коледа стават чудеса. :ph34r:

    • Харесва ми 4

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    здравейте някой имали  идея по какъв начин да премахна тия добавени .id-8900841658_file2@openmailbox.org разширения от вируса
     и да върна първоначалния вид на mp3 файлове чрез програмаа не с ръчно преименувана.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Тулчето може да смята и повече от няколко дни на по-обикновен компютър.

    Имайте предвид, че ако има и малко проблеми с клъстери или недобре работеща рам и т.н., то съвсем спадат шансовете.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    • Подобни теми

      • от Gufy
        Файловете ли са криптирани с тази гад  johndoe@weekendwarrior55.com, видео, фото, word, pdf почти всички фаилове са засегнати.
        Моля модераторите да махнат дублиращата тема пусната от мен. Поради проблем в интернета пуснах две без да искам
         
      • от petttto
        Здравейте, направих тема
        https://www.kaldata.com/forums/topic/265104-троянец-в-папка-cache-на-google-chrome/
        но ми казаха да направя и тук.
        Набързо ще се повторя, антивирусната Windows Defender ми открива Brocoiner в папка Cache на Chrome. Трия го след което и всички други файлове в папката също ги трия. Но след време пак ми го открива там и си мисля че е от сайт, който посещавам редовно. Има ли вариант да се разбира по някакъв начин, кой файл от кой сайт е създаден в папка Cache на Google Chrome?
      • от qqrr
        Здравейте.От няколко дни компютъра ми блокира по време на работа,отблокирването става само ,като включа task manager.Тръгва всичко нормално,но след няколко минути отново забива.С windows 8.1 съм.Mawlarebytes я инсталирам ,но не ми дава да се стартира.Очаквам помощ дали проблема е от вирус или проблем в хардуера.
        Addition.txt
        FRST.txt
      • от ForzaInter1908
        Добър вечер!
         
        Занимавах се с едни несигурни програми за gta и май сам прихванал вирус,постояно се товари се товари и забива на отваряне на папка
        Може ли да проверим регистрите дали има нещо защото имам много важни програми.
        Благодаря!
         
         
         
        f.txt
        HitmanPro_20171016_2331.log
        AdwCleaner[S0].txt
      • от unrealizable
        Здравейте,и двата шифта не работят както трябва.Работят с някои клавиши,но като цъкам тези клавиши и другите се оправят.Въпроса ми е да не би да е вирус,защото теглих autodata и след това мисля,че се получи проблема,а TS360 ми изпищя,че има троянец във торента,разбира се предполагах от краковете.Също и фпс-то на цс-а падна на 70-80 от 160-200.Прикачвам лог от FRST.
        Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01-10-2017
        Ran by bobby (administrator) on BOBY (02-10-2017 13:00:48)
        Running from C:\Users\bobby\Downloads
        Loaded Profiles: bobby (Available Profiles: bobby)
        Platform: Windows 8.1 (Update) (X64) Language: English (United States)
        Internet Explorer Version 11 (Default browser: Chrome)
        Boot Mode: Normal
        Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
        ==================== Processes (Whitelisted) =================
        (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
        (Microsoft Corporation) C:\Windows\System32\wlanext.exe
        (Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
        (Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
        (Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
        (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
        (Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
        (Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
        (@ByELDI) D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe
        (TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHWatchdog.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
        (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
        (ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
        (IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
        (Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
        (QIHU 360 SOFTWARE CO. LIMITED) C:\Program Files (x86)\360\Total Security\safemon\QHSafeTray.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler.exe
        (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.5\GoogleCrashHandler64.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
        (AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
        (Conexant Systems, Inc) C:\Program Files\CONEXANT\SAII\SmartAudio.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
        (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
        (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\System32\cmd.exe
        (Qihu 360 Software Co., Ltd.) C:\Program Files (x86)\360\Total Security\safemon\chrome\360webshield.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
        ==================== Registry (Whitelisted) ===========================
        (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
        HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-10-13] (Conexant Systems, Inc.)
        HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
        HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [163640 2017-08-13] (IvoSoft)
        HKLM-x32\...\Run: [QHSafeTray] => C:\Program Files (x86)\360\Total Security\safemon\360Tray.exe [345000 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [4836032 2017-08-17] (Disc Soft Ltd)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3074336 2017-09-27] (Valve Corporation)
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {0380623e-8e5a-11e7-8251-28c2dd571342} - "G:\Inst.exe" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {038063b1-8e5a-11e7-8251-28c2dd571342} - "H:\SETUP.EXE" 
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\...\MountPoints2: {23735b35-8e79-11e7-8253-28c2dd571342} - "I:\SETUP.EXE" 
        GroupPolicy: Restriction <==== ATTENTION
        ==================== Internet (Whitelisted) ====================
        (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
        Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
        Tcpip\Parameters: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9683ECB9-59D8-4E91-BF28-375C96FC72EE}: [DhcpNameServer] 192.168.31.1
        Tcpip\..\Interfaces\{9ADF9BFB-322E-4398-8E1F-99E9E89E7B3E}: [DhcpNameServer] 192.168.31.1
        Internet Explorer:
        ==================
        HKU\S-1-5-21-3041877358-191924833-3829036719-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
        BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon64.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2017-08-13] (IvoSoft)
        BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-19] (Microsoft Corporation)
        BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
        BHO-x32: SafeMon Class -> {B69F34DD-F0F9-42DC-9EDD-957187DA688D} -> C:\Program Files (x86)\360\Total Security\safemon\safemon.dll [2017-08-29] (Qihu 360 Software Co., Ltd.)
        BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2017-08-13] (IvoSoft)
        Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2017-08-13] (IvoSoft)
        FireFox:
        ========
        FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-12-09] (Intel Corporation)
        FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
        FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
        FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-08-31] (Google Inc.)
        Chrome: 
        =======
        CHR HomePage: Default -> hxxp://www.google.bg/
        CHR StartupUrls: Default -> "hxxps://www.google.bg/"
        CHR Profile: C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default [2017-10-02]
        CHR Extension: (Easy Auto Refresh) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aabcgdmkeabbnleenpncegpcngjpnjkc [2017-09-26]
        CHR Extension: (Steam Community SteamRep Integration) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaclmldkenecanphogeaacolljiphmnk [2017-08-31]
        CHR Extension: (Google Презентации) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-08-31]
        CHR Extension: (Google Документи) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-08-31]
        CHR Extension: (Google Диск) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-08-31]
        CHR Extension: (Unlocker for WakeLockDetector) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgeplmmblegmdackkcemjkpngngocgjp [2017-08-31]
        CHR Extension: (YouTube) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-08-31]
        CHR Extension: (Steam Inventory Helper) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\cmeakgjggjdlcpncigglobpjbkabhmjl [2017-10-02]
        CHR Extension: (Lounge Assistant) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\enjonnlehciedbcidabdglnnihcncbml [2017-08-31]
        CHR Extension: (uBlock) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\epcnnfbjfcgphgdmggkamkmgojdagdnn [2017-08-31]
        CHR Extension: (Електронни таблици от Google) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-08-31]
        CHR Extension: (Отдалечен работен плот на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2017-08-31]
        CHR Extension: (LoungeDestroyer) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghahcnmfjfckcedfajbhekgknjdplfcl [2017-08-31]
        CHR Extension: (Google Документи офлайн) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-08-31]
        CHR Extension: (Unlimited Free VPN - Hola) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\gkojfkhlekighikafcpjkiklfbnlmeio [2017-09-15]
        CHR Extension: (360 Internet Protection) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\glcimepnljoholdmjchkloafkggfoijh [2017-08-31]
        CHR Extension: (Invite All Friends on Facebook) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\inmmhkeajgflmokoaaoadgkhhmibjbpj [2017-09-27]
        CHR Extension: (CS:GO Lounge Bump Bot) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhfkidfnhjcjjamcbdepeohblphlamgk [2017-08-31]
        CHR Extension: (Floating for YouTube™) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\jjphmlaoffndcnecccgemfdaaoighkel [2017-08-31]
        CHR Extension: (Message/Chat Downloader) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nkinapjekllgfipphkgpmombekfclghe [2017-08-31]
        CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-31]
        CHR Extension: (NeoBux AdAlert) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\oaepeijninfcgjdnighjnlgdkkgpnaen [2017-09-30]
        CHR Extension: (Gmail) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-08-31]
        CHR Extension: (Chrome Media Router) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-09-19]
        CHR Extension: (Abstract Blue) - C:\Users\bobby\AppData\Local\Google\Chrome\User Data\Default\Extensions\plnacehkknmafkjgkikclamogikoiaaa [2017-08-31]
        ==================== Services (Whitelisted) ====================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2017-09-28] (Autodata Limited) [File not signed]
        S3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2291392 2017-08-17] (Disc Soft Ltd)
        S3 EasyAntiCheat; C:\Windows\SysWOW64\EasyAntiCheat.exe [382504 2017-09-15] (EasyAntiCheat Ltd)
        S3 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [355232 2015-08-09] (Intel Corporation)
        R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [747520 2013-08-27] (Intel(R) Corporation) [File not signed]
        S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [828376 2013-08-27] (Intel(R) Corporation)
        R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-12-09] (Intel Corporation)
        R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [512960 2017-09-19] (NVIDIA Corporation)
        R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [462784 2017-08-22] (NVIDIA Corporation)
        R2 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [449984 2017-09-19] (NVIDIA Corporation)
        R2 QHActiveDefense; C:\Program Files (x86)\360\Total Security\safemon\QHActiveDefense.exe [929888 2017-08-29] (QIHU 360 SOFTWARE CO. LIMITED)
        R2 Service KMSELDI; D:\Downloads\KMSpico_10.2.0\KMSpico\Service_KMS.exe [745664 2016-01-12] (@ByELDI) [File not signed]
        R3 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-17] (TeamViewer GmbH)
        S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
        S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
        ===================== Drivers (Whitelisted) ======================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
        R1 360AntiHacker; C:\Windows\System32\Drivers\360AntiHacker64.sys [175040 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R3 360AvFlt; C:\Windows\SysWOW64\DRIVERS\360AvFlt.sys [86248 2017-08-29] (360.cn)
        R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [330472 2017-08-29] (360.cn)
        R1 360Camera; C:\Windows\System32\Drivers\360Camera64.sys [49088 2017-08-29] (360.cn)
        R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [423360 2017-08-29] (360.cn)
        R3 ATP; C:\Windows\System32\drivers\AsusTP.sys [69904 2014-12-31] (ASUS Corporation)
        R1 BAPIDRV; C:\Windows\System32\DRIVERS\BAPIDRV64.sys [190400 2017-08-29] (360.cn)
        R3 dtlitescsibus; C:\Windows\System32\drivers\dtlitescsibus.sys [30264 2017-08-31] (Disc Soft Ltd)
        R3 dtliteusbbus; C:\Windows\System32\drivers\dtliteusbbus.sys [47672 2017-08-31] (Disc Soft Ltd)
        R0 IntelHSWPcc; C:\Windows\System32\drivers\IntelPcc.sys [79528 2014-10-16] (Intel Corporation)
        R3 MEIx64; C:\Windows\system32\DRIVERS\TeeDriverx64.sys [100312 2013-12-09] (Intel Corporation)
        S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30144 2017-09-19] (NVIDIA Corporation)
        R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [48248 2017-08-22] (NVIDIA Corporation)
        R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [57976 2017-08-22] (NVIDIA Corporation)
        R3 RTSPER; C:\Windows\system32\DRIVERS\RtsPer.sys [444632 2013-10-18] (Realsil Semiconductor Corporation)
        R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [3593432 2014-10-07] (Realtek Semiconductor Corporation )
        S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
        S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
        S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
        ==================== NetSvcs (Whitelisted) ===================
        (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

        ==================== One Month Created files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:00 - 2017-10-02 13:01 - 000019333 _____ C:\Users\bobby\Downloads\FRST.txt
        2017-10-02 13:00 - 2017-10-02 13:00 - 000000000 ____D C:\FRST
        2017-10-02 12:59 - 2017-10-02 12:59 - 002399744 _____ (Farbar) C:\Users\bobby\Downloads\FRST64.exe
        2017-09-30 13:11 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Hi-Rez Studios
        2017-09-30 11:40 - 2017-09-30 11:40 - 001790024 _____ (Malwarebytes) C:\Users\bobby\Downloads\Непотвърдено 889483.crdownload
        2017-09-30 11:39 - 2017-09-30 11:41 - 000000000 ____D C:\AdwCleaner
        2017-09-30 11:39 - 2017-09-30 11:39 - 008250832 _____ (Malwarebytes) C:\Users\bobby\Downloads\adwcleaner_7.0.3.1.exe
        2017-09-30 11:26 - 2017-09-30 11:26 - 000000000 ____D C:\ProgramData\Malwarebytes
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\Windows\system32\Drivers\etc\BACKUP
        2017-09-30 11:25 - 2017-09-30 11:25 - 000000000 ____D C:\ProgramData\MB2Migration
        2017-09-30 11:24 - 2017-09-30 11:24 - 000011576 _____ C:\Users\bobby\Downloads\Malwarebytes Anti-Malware Premium v3.2.2.2029 RePack.torrent
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000600 _____ C:\Users\Public\Desktop\Autodata CDA-3.lnk
        2017-09-28 18:00 - 2017-09-28 18:00 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Autodata
        2017-09-28 17:59 - 2017-09-28 18:00 - 000000000 ____D C:\ADCDA2
        2017-09-28 17:59 - 2017-09-28 17:59 - 000000000 ____D C:\ADCDTEMP
        2017-09-28 15:04 - 2017-09-28 18:00 - 000000000 ____D C:\Users\bobby\Documents\Autodata
        2017-09-28 15:04 - 2017-09-28 15:04 - 000003022 _____ C:\Windows\System32\Tasks\{F057C150-4601-40D5-93CB-FB66F88AA4FC}
        2017-09-28 14:59 - 2017-09-28 14:59 - 000018978 _____ C:\Users\bobby\Downloads\Autodata_3.18.iso.torrent
        2017-09-28 14:54 - 2017-09-28 14:54 - 000014138 _____ C:\Users\bobby\Downloads\AD3.38EN.torrent
        2017-09-27 20:01 - 2017-09-27 20:01 - 000017910 _____ C:\Users\bobby\Downloads\AutoData CDA 3.45.torrent
        2017-09-23 21:06 - 2017-09-23 21:06 - 082471739 _____ C:\Users\bobby\Downloads\facebook-bobito981.zip
        2017-09-18 17:58 - 2017-09-18 17:58 - 000001402 _____ C:\Users\bobby\Desktop\aida64 - Shortcut.lnk
        2017-09-18 17:57 - 2017-09-18 17:57 - 000000000 ____D C:\Program Files (x86)\AIDA64
        2017-09-18 17:12 - 2017-09-18 17:12 - 000007908 _____ C:\Users\bobby\Downloads\AIDA64-5.75.3900.torrent
        2017-09-15 22:08 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\EasyAntiCheat
        2017-09-15 22:06 - 2017-09-15 22:07 - 000000000 ____D C:\Users\bobby\AppData\Local\HirezLauncherUI
        2017-09-15 22:05 - 2017-10-02 12:28 - 000000000 ____D C:\Program Files (x86)\Hi-Rez Studios
        2017-09-15 22:05 - 2017-09-30 13:11 - 000000000 ____D C:\ProgramData\Hi-Rez Studios
        2017-09-15 21:33 - 2017-09-15 21:33 - 000000222 _____ C:\Users\bobby\Desktop\Paladins.url
        2017-09-15 19:28 - 2017-09-15 19:28 - 000000222 _____ C:\Users\bobby\Desktop\PlanetSide 2.url
        2017-09-14 22:08 - 2017-09-14 22:08 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Shooter
        2017-09-14 22:06 - 2017-09-15 22:08 - 000000000 ____D C:\Users\bobby\Documents\My Games
        2017-09-14 21:59 - 2017-09-15 21:33 - 000382504 _____ (EasyAntiCheat Ltd) C:\Windows\SysWOW64\EasyAntiCheat.exe
        2017-09-14 20:32 - 2017-09-14 20:32 - 000000222 _____ C:\Users\bobby\Desktop\Dirty Bomb.url
        2017-09-13 11:06 - 2017-08-19 20:27 - 000237568 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
        2017-09-13 11:06 - 2017-08-19 19:48 - 000215040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000537200 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:07 - 000140016 _____ (Microsoft Corporation) C:\Windows\system32\wermgr.exe
        2017-09-13 11:06 - 2017-08-18 01:03 - 000450392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
        2017-09-13 11:06 - 2017-08-18 01:03 - 000136832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wermgr.exe
        2017-09-13 11:06 - 2017-08-15 17:06 - 015260160 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000128000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iepeers.dll
        2017-09-13 11:06 - 2017-08-15 17:01 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
        2017-09-13 11:06 - 2017-08-15 16:58 - 013673984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
        2017-09-13 11:06 - 2017-08-13 21:58 - 025730560 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 20:19 - 000040960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nsiproxy.sys
        2017-09-13 11:06 - 2017-08-13 20:05 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 20:04 - 002899968 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:54 - 020269056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
        2017-09-13 11:06 - 2017-08-13 19:51 - 005981696 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 19:50 - 000817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:29 - 000499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
        2017-09-13 11:06 - 2017-08-13 19:28 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
        2017-09-13 11:06 - 2017-08-13 19:24 - 002291200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
        2017-09-13 11:06 - 2017-08-13 19:23 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
        2017-09-13 11:06 - 2017-08-13 19:21 - 000145408 _____ (Microsoft Corporation) C:\Windows\system32\iepeers.dll
        2017-09-13 11:06 - 2017-08-13 19:20 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
        2017-09-13 11:06 - 2017-08-13 19:17 - 000663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
        2017-09-13 11:06 - 2017-08-13 19:15 - 007078912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 19:14 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 19:07 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 19:05 - 000380416 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000807936 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 19:04 - 000726528 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
        2017-09-13 11:06 - 2017-08-13 19:01 - 002134528 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:52 - 005274624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
        2017-09-13 11:06 - 2017-08-13 18:52 - 000486912 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
        2017-09-13 11:06 - 2017-08-13 18:51 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
        2017-09-13 11:06 - 2017-08-13 18:48 - 004547072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
        2017-09-13 11:06 - 2017-08-13 18:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000694784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
        2017-09-13 11:06 - 2017-08-13 18:44 - 000331776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
        2017-09-13 11:06 - 2017-08-13 18:43 - 002058752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
        2017-09-13 11:06 - 2017-08-13 18:40 - 003241472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:27 - 001544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
        2017-09-13 11:06 - 2017-08-13 18:25 - 007797248 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 005270016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
        2017-09-13 11:06 - 2017-08-13 18:18 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:17 - 002767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
        2017-09-13 11:06 - 2017-08-13 18:14 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
        2017-09-13 11:06 - 2017-08-13 18:13 - 001314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
        2017-09-13 11:06 - 2017-08-12 12:30 - 022361344 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
        2017-09-13 11:06 - 2017-08-12 12:26 - 019789736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
        2017-09-13 11:06 - 2017-08-12 03:39 - 001364552 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
        2017-09-13 11:06 - 2017-08-12 02:59 - 007440728 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
        2017-09-13 11:06 - 2017-08-12 02:58 - 001737600 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
        2017-09-13 11:06 - 2017-08-12 02:58 - 001502000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
        2017-09-13 11:06 - 2017-08-11 23:46 - 000367104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:29 - 000425984 _____ (Microsoft Corporation) C:\Windows\system32\PCPTpm12.dll
        2017-09-13 11:06 - 2017-08-11 23:13 - 000175616 _____ (Microsoft Corporation) C:\Windows\system32\TpmTasks.dll
        2017-09-13 11:06 - 2017-08-11 06:30 - 004170240 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000281600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netbt.sys
        2017-09-13 11:06 - 2017-08-11 06:27 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
        2017-09-13 11:06 - 2017-08-11 05:38 - 000477184 _____ (Microsoft Corporation) C:\Windows\system32\puiobj.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 001753600 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 05:08 - 000329216 _____ (Microsoft Corporation) C:\Windows\system32\srvsvc.dll
        2017-09-13 11:06 - 2017-08-11 05:02 - 001084928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
        2017-09-13 11:06 - 2017-08-11 04:52 - 001491456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
        2017-09-13 11:06 - 2017-08-11 04:49 - 000346624 _____ (Microsoft Corporation) C:\Windows\system32\ntprint.dll
        2017-09-13 11:06 - 2017-08-11 04:44 - 001095680 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
        2017-09-13 11:06 - 2017-08-11 04:43 - 000865792 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
        2017-09-13 11:06 - 2017-08-11 04:41 - 000307200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntprint.dll
        2017-09-13 11:06 - 2017-08-07 00:20 - 000607232 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
        2017-09-13 11:06 - 2017-08-06 10:13 - 000530432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
        2017-09-13 11:06 - 2017-07-22 21:34 - 000033792 _____ (Microsoft Corporation) C:\Windows\system32\iscsium.dll
        2017-09-13 11:06 - 2017-07-22 20:32 - 000027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iscsium.dll
        2017-09-13 11:06 - 2017-07-17 22:53 - 004298240 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-17 02:55 - 003551744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
        2017-09-13 11:06 - 2017-07-14 02:03 - 002013528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
        2017-09-13 11:06 - 2017-07-12 23:29 - 000420440 _____ (Microsoft Corporation) C:\Windows\system32\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:29 - 000075440 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000308872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wevtapi.dll
        2017-09-13 11:06 - 2017-07-12 23:25 - 000066112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
        2017-09-13 11:06 - 2017-07-08 22:03 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
        2017-09-13 11:06 - 2017-07-08 21:43 - 000197632 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
        2017-09-13 11:06 - 2017-07-08 21:30 - 000039936 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
        2017-09-13 11:06 - 2017-07-08 21:20 - 000445440 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
        2017-09-13 11:06 - 2017-07-08 20:25 - 001436160 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
        2017-09-13 11:06 - 2017-07-08 20:00 - 000324096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
        2017-09-13 11:06 - 2017-07-08 06:14 - 000100184 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\disk.sys
        2017-09-11 11:53 - 2017-09-11 11:53 - 000066783 _____ C:\Users\bobby\Downloads\CV - Български.pdf
        2017-09-08 16:21 - 2017-09-08 16:21 - 001130328 _____ (Google Inc.) C:\Users\bobby\Downloads\ChromeSetup.exe
        2017-09-08 12:11 - 2017-10-02 12:47 - 000000258 __RSH C:\ProgramData\ntuser.pol
        2017-09-06 11:27 - 2017-09-06 11:27 - 000000000 ____D C:\Users\bobby\AppData\Roaming\vlc
        2017-09-06 09:46 - 2017-09-06 09:46 - 000000000 ____D C:\Users\bobby\AppData\Roaming\dvdcss
        2017-09-04 13:20 - 2017-09-04 13:23 - 000000000 ____D C:\Users\bobby\Documents\ETS2MP
        2017-09-04 13:15 - 2017-09-04 13:17 - 000000000 ____D C:\ProgramData\TruckersMP
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000901 _____ C:\Users\Public\Desktop\TruckersMP.lnk
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TruckersMP Launcher
        2017-09-04 13:15 - 2017-09-04 13:15 - 000000000 ____D C:\Program Files\TruckersMP Launcher
        2017-09-04 13:14 - 2017-09-04 13:14 - 000667351 _____ C:\Users\bobby\Downloads\launcher_1004.zip
        2017-09-04 13:10 - 2017-09-04 23:19 - 000000000 ____D C:\Users\bobby\Documents\Euro Truck Simulator 2
        2017-09-03 19:02 - 2017-09-03 19:02 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
        ==================== One Month Modified files and folders ========
        (If an entry is included in the fixlist, the file/folder will be moved.)
        2017-10-02 13:01 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\360WD
        2017-10-02 12:55 - 2017-09-01 19:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\TeamViewer
        2017-10-02 12:55 - 2017-09-01 04:04 - 000000000 ____D C:\Windows\Panther
        2017-10-02 12:55 - 2017-08-31 18:17 - 000000000 ____D C:\Users\bobby\AppData\Local\CrashDumps
        2017-10-02 12:55 - 2017-08-31 18:10 - 000000000 ____D C:\ProgramData\ClassicShell
        2017-10-02 12:55 - 2017-08-31 18:05 - 000000000 ____D C:\Program Files (x86)\Steam
        2017-10-02 12:55 - 2017-08-31 17:51 - 000000000 ____D C:\Users\bobby\AppData\Roaming\uTorrent
        2017-10-02 12:55 - 2013-08-22 16:36 - 000000000 ____D C:\Windows\Inf
        2017-10-02 12:54 - 2017-08-31 23:46 - 000000000 ____D C:\ProgramData\360Quarant
        2017-10-02 12:54 - 2017-08-31 18:18 - 000000000 ____D C:\Users\bobby\AppData\Local\ClassicShell
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003430 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
        2017-10-02 12:46 - 2017-08-31 17:18 - 000003302 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
        2017-10-02 12:34 - 2017-08-31 17:20 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3041877358-191924833-3829036719-1001
        2017-10-02 12:32 - 2017-08-31 17:30 - 000000000 ____D C:\ProgramData\NVIDIA
        2017-10-02 12:32 - 2017-08-31 17:18 - 000003910 _____ C:\Windows\System32\Tasks\User_Feed_Synchronization-{C64354CA-BA3D-40EC-B714-8157E7D25B88}
        2017-10-02 12:28 - 2013-08-22 17:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
        2017-10-02 01:14 - 2017-08-31 17:49 - 000000000 ____D C:\Users\bobby\AppData\Roaming\AIMP
        2017-10-01 23:35 - 2014-11-21 11:44 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
        2017-10-01 12:32 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\AppReadiness
        2017-09-30 14:05 - 2017-08-31 21:18 - 000000000 ____D C:\Users\bobby\AppData\Roaming\360safe
        2017-09-30 13:11 - 2017-08-31 17:32 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
        2017-09-30 11:24 - 2017-08-31 21:23 - 000000000 ____D C:\Users\bobby\AppData\LocalLow\uTorrent
        2017-09-29 22:56 - 2017-08-31 23:48 - 000000000 __SHD C:\$360Section
        2017-09-29 22:56 - 2017-08-31 21:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\KMSpico
        2017-09-28 23:56 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby
        2017-09-28 18:00 - 2013-08-22 16:25 - 000000240 _____ C:\Windows\win.ini
        2017-09-28 15:04 - 2017-08-31 17:14 - 000000000 ____D C:\Users\bobby\AppData\Local\VirtualStore
        2017-09-25 22:16 - 2017-08-31 17:24 - 000000000 ____D C:\Program Files (x86)\NVIDIA Corporation
        2017-09-23 14:41 - 2013-08-22 18:36 - 000000000 ___HD C:\Program Files\WindowsApps
        2017-09-22 12:52 - 2017-08-31 17:19 - 000002213 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003740 _____ C:\Windows\System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003732 _____ C:\Windows\System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-22 00:01 - 2017-08-31 17:31 - 000003556 _____ C:\Windows\System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:40 - 000000000 ____D C:\Users\bobby\AppData\Local\NVIDIA Corporation
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003852 _____ C:\Windows\System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000003814 _____ C:\Windows\System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:18 - 2017-08-31 17:31 - 000001428 _____ C:\Users\Public\Desktop\GeForce Experience.lnk
        2017-09-21 22:18 - 2017-08-31 17:23 - 000000000 ____D C:\ProgramData\NVIDIA Corporation
        2017-09-21 22:17 - 2017-08-31 17:31 - 000004146 _____ C:\Windows\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003738 _____ C:\Windows\System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:31 - 000003494 _____ C:\Windows\System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
        2017-09-21 22:17 - 2017-08-31 17:23 - 000000000 ____D C:\Program Files\NVIDIA Corporation
        2017-09-19 10:23 - 2017-08-31 17:31 - 001923008 _____ (NVIDIA Corporation) C:\Windows\system32\nvspcap64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001755072 _____ (NVIDIA Corporation) C:\Windows\system32\nvspbridge64.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001505728 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspcap.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 001317312 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvspbridge.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000179136 _____ (NVIDIA Corporation) C:\Windows\system32\nvaudcap64v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000146368 _____ (NVIDIA Corporation) C:\Windows\SysWOW64\nvaudcap32v.dll
        2017-09-19 10:23 - 2017-08-31 17:31 - 000121280 _____ C:\Windows\system32\NvRtmpStreamer64.dll
        2017-09-19 00:29 - 2017-08-31 17:31 - 000001951 _____ C:\Windows\NvTelemetryContainerRecovery.bat
        2017-09-18 17:02 - 2017-08-31 21:18 - 000000000 _RSHD C:\360SANDBOX
        2017-09-16 14:29 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\rescache
        2017-09-15 22:06 - 2017-08-31 17:29 - 000000000 ____D C:\ProgramData\Package Cache
        2017-09-15 21:33 - 2017-08-31 20:17 - 000000000 ____D C:\Users\bobby\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
        2017-09-15 00:22 - 2013-08-22 16:25 - 000262144 ___SH C:\Windows\system32\config\BBI
        2017-09-15 00:20 - 2013-08-22 18:36 - 000000000 ___RD C:\Windows\ToastData
        2017-09-13 13:27 - 2017-08-31 19:06 - 000000000 ____D C:\Windows\system32\MRT
        2017-09-13 13:25 - 2017-08-31 19:06 - 138202976 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
        2017-09-13 13:25 - 2013-08-22 18:20 - 000000000 ____D C:\Windows\CbsTemp
        2017-09-10 17:28 - 2017-08-31 18:14 - 000000000 ____D C:\Users\bobby\AppData\Local\Steam
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ___HD C:\Windows\system32\GroupPolicy
        2017-09-08 12:11 - 2013-08-22 18:36 - 000000000 ____D C:\Windows\SysWOW64\GroupPolicy
        2017-09-04 11:03 - 2017-08-31 17:38 - 000000000 __SHD C:\Users\bobby\IntelGraphicsProfiles
        2017-09-03 19:09 - 2013-08-22 18:36 - 000000000 ____D C:\Program Files\Common Files\System
        2017-09-02 02:54 - 2017-08-31 20:27 - 000835576 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
        2017-09-02 02:54 - 2017-08-31 20:27 - 000177656 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
        ==================== Bamital & volsnap ======================
        (There is no automatic fix for files that do not pass verification.)
        C:\Windows\system32\winlogon.exe => File is digitally signed
        C:\Windows\system32\wininit.exe => File is digitally signed
        C:\Windows\explorer.exe => File is digitally signed
        C:\Windows\SysWOW64\explorer.exe => File is digitally signed
        C:\Windows\system32\svchost.exe => File is digitally signed
        C:\Windows\SysWOW64\svchost.exe => File is digitally signed
        C:\Windows\system32\services.exe => File is digitally signed
        C:\Windows\system32\User32.dll => File is digitally signed
        C:\Windows\SysWOW64\User32.dll => File is digitally signed
        C:\Windows\system32\userinit.exe => File is digitally signed
        C:\Windows\SysWOW64\userinit.exe => File is digitally signed
        C:\Windows\system32\rpcss.dll => File is digitally signed
        C:\Windows\system32\dnsapi.dll => File is digitally signed
        C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
        C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
        LastRegBack: 2017-09-30 12:38
        ==================== End of FRST.txt ============================
         
         
        Addition_02-10-2017 13.01.49.txt
    • Разглеждащи в момента   0 потребители

      Няма регистрирани потребители разглеждащи тази страница.

    • Дарение

    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.