Премини към съдържанието
KorteZ

Крипитирани файлове от вирус -id-1769756661_helpme@freespeechmail.org

Препоръчан отговор


Здравейте, днес се получи този проблем файлове промениха разширението на .id-1769756661_helpme@freespeechmail.org. На един NAS-Server в който има споделени директории (папки) с права на достъп на различните юзъри до различни папки. Някой от юзърите който имат достъп до папка Справки, е влезнал в нея и явно е отваря папки и документи в нея защото почти всички файлове са заключени от тази папка. До папки до който няма достъп са чисти. Има ли начин да бъда декриптирани или са загубени.

Пробвах с ShadowExplorer, Recuva но те не виждат по мрежата NAS-Server за да ги върна файловете към по стара дата.

Благодаря предварително за помощта и отговорите...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не бързайте за пълна преинсталация изчакайте декриптор следете форума и темите в антивирусния отдел

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Прочетете и изпълнете указанията зад линка. Изчакайте член на HJt  екипа да ви даде указания за по-нататъшни действия.
https://www.kaldata.com/forums/topic/132819-%d1%81%d0%b8%d1%81%d1%82%d0%b5%d0%bc%d0%b0%d1%82%d0%b0-%d0%bc%d0%b8-%d0%b5-%d0%b8%d0%bd%d1%84%d0%b5%d0%ba%d1%82%d0%b8%d1%80%d0%b0%d0%bd%d0%b0-%d0%ba%d0%b0%d0%ba%d0%b2%d0%be-%d0%b4%d0%b0-%d0%bf%d1%80%d0%b0%d0%b2%d1%8f-%d1%81%d0%b5%d0%b3%d0%b0/
 

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Недей се повтаря като робот моля те ! Ако си чел предишните теми хората от екипа няма с какво да помогнат това е сложна операция и се насочва към по голям ранг професионалисти и програмисти . Прочети пак темите от тоз месец и отговорите на хората от екипа ! Чака се декриптор чакането му е майката

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-10-2015 01
Ran by H530 (administrator) on ADMIN-PC (22-10-2015 21:29:50)
Running from C:\Users\H530\Desktop
Loaded Profiles: H530 (Available Profiles: H530)
Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: "C:\Program Files\Waterfox\waterfox.exe" -osint -url "%1")
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(Comodo) C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Lavasoft Limited) C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe
(Solid Documents, LLC) C:\Windows\Installer\MSI4DC9.tmp
() C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Windows\SysWOW64\UMonit.exe
() C:\Program Files (x86)\RocketDock\RocketDock.exe
(OrgBusiness Software) C:\Program Files (x86)\OrgBusiness\ABCBirthdayReminder\ABCBirthdayReminder.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\H530\Documents\Rainmeter\Skins\WP7\@Resources\Common\Settings\Omnimo.exe
() C:\Program Files\Rainmeter\Rainmeter.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(Geek Software GmbH) C:\Program Files (x86)\PDF24\pdf24.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(www.shadowexplorer.com) C:\Program Files (x86)\ShadowExplorer\sesvc.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\6\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\10\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\7\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\12\Plugin.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Desktop.exe
() C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\8\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\5\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\2\Plugin.exe
() C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugins\3\Plugin.exe
(Enigma Software Group USA, LLC.) C:\Users\H530\AppData\Local\Temp\esg_uninstall.exe~


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [287592 2013-08-07] (Intel Corporation)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13636824 2013-07-26] (Realtek Semiconductor)
HKLM\...\Run: [UMonit] => C:\Windows\SysWOW64\UMonit.exe [49152 2011-05-25] ()
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-02-15] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [SwitchBoard] => C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [49208 2011-03-24] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6134544 2015-10-13] (AVAST Software)
HKLM-x32\...\Run: [PDFPrint] => C:\Program Files (x86)\PDF24\pdf24.exe [218656 2015-09-01] (Geek Software GmbH)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [597040 2015-10-06] (Oracle Corporation)
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\Run: [RocketDock] => C:\Program Files (x86)\RocketDock\RocketDock.exe [495616 2007-09-02] ()
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\Run: [ABC Birthday Reminder] => C:\Program Files (x86)\OrgBusiness\ABCBirthdayReminder\AutoStartup.lnk [1177 2015-04-23] ()
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\Run: [AdobeBridge] => [X]
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\MountPoints2: H - H:\AutoRun.exe
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\MountPoints2: {4b793f32-e826-11e4-bcfb-806e6f6e6963} - D:\Bpd.exe
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\MountPoints2: {6b8d9f53-291a-11e5-b136-c03fd509b8cf} - H:\AutoRun.exe
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\...\MountPoints2: {6b8d9f5e-291a-11e5-b136-c03fd509b8cf} - H:\AutoRun.exe
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-10-13] (AVAST Software)
Startup: C:\Users\H530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Monitor Ink Alerts - HP Deskjet 4610 series.lnk [2015-10-22]
ShortcutTarget: Monitor Ink Alerts - HP Deskjet 4610 series.lnk -> C:\Program Files\HP\HP Deskjet 4610 series\Bin\HPStatusBL.dll (Hewlett-Packard Co.)
Startup: C:\Users\H530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Omnimo.lnk [2015-04-23]
ShortcutTarget: Omnimo.lnk -> C:\Users\H530\Documents\Rainmeter\Skins\WP7\@Resources\Common\Settings\Omnimo.exe ()
Startup: C:\Users\H530\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Rainmeter.lnk [2015-04-23]
ShortcutTarget: Rainmeter.lnk -> C:\Program Files\Rainmeter\Rainmeter.exe ()
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog9-x64 01 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9-x64 02 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9-x64 03 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9-x64 04 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-01] (Lavasoft Limited)
Winsock: Catalog9-x64 15 C:\Windows\system32\LavasoftTcpService64.dll [425744 2015-09-01] (Lavasoft Limited)
Tcpip\Parameters: [DhcpNameServer] 87.246.10.9 87.246.10.2
Tcpip\..\Interfaces\{171C56EE-59BB-4B54-8A21-0286838FFDA9}: [DhcpNameServer] 87.246.10.9 87.246.10.2
Tcpip\..\Interfaces\{375629DA-82DA-447D-9FED-A7D7E165D3D5}: [DhcpNameServer] 192.168.0.1 192.168.0.1

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHJA4OWQ4QFRgTJAoITA0XGAYOIgFaBxRGQlEUcA4MBQlHQAcFIk0FA1ADB0VXfVBdFElXTwhkMlxZFX8YT1E=
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://services.freshy.com/general/newhometab.php?hometab=home&partner=11463&guid={C5A660C0-8060-4799-83A5-C8229D5DDCA0}&i=
HKU\S-1-5-21-2306312972-3871576667-2102336891-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://searchinterneat-a.akamaihd.net/h?eq=U0EeCFZVBB8SRghHJA4OWQ4QFRgTJAoITA0XGAYOIgFaBxRGQlEUcA4MBQlHQAcFIk0FA1ADB0VXfVBdFElXTwhkMlxZFX8YT1E=
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1cVg9JFlQXbQlcUglcFVMacxRaWVsXDAJAJA4IVg0VEQNCch9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1cVg9JFlQXbQlcUglcFVMacxRaWVsXDAJAJA4IVg0VEQNCch9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> DefaultScope {01747203-29AE-4752-89D8-2E3B10DB83C3} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1cVg9JFlQXbQlcUglcFVMacxRaWVsXDAJAJA4IVg0VEQNCch9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> OldSearch URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> {01747203-29AE-4752-89D8-2E3B10DB83C3} URL = hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1cVg9JFlQXbQlcUglcFVMacxRaWVsXDAJAJA4IVg0VEQNCch9aFQQTSEcFME0FCFwEURNNfX5KBFgFZ1xNJA==&q={searchTerms}
SearchScopes: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> {C0C3A6C6-03BC-4195-8FCB-AEA091301353} URL = hxxps://search.yahoo.com/search?fr=vmn&type=vmn__webcompa__1_0__ya__ch_WCYID10099_swoc_campaign_150803__yaie&p={searchTerms}
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-10-13] (AVAST Software)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Great Find -> {1cc2bb80-20ab-43e5-b958-432d72b546ca} -> C:\Program Files (x86)\Great Find\Extensions\1cc2bb80-20ab-43e5-b958-432d72b546ca.dll [2015-09-09] ()
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\ssv.dll [2015-10-21] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-10-13] (AVAST Software)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\jp2ssv.dll [2015-10-21] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> No Name - {FA8CE615-3E2E-4615-B018-596C04C10758} -  No File
Toolbar: HKU\S-1-5-21-2306312972-3871576667-2102336891-1000 -> No Name - {00011268-E188-40DF-A514-835FCD78B1BF} -  No File

FireFox:
========
FF ProfilePath: C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259
FF NewTab: hxxp://searchinterneat-a.akamaihd.net/t?eq=U0EeFFhaR1oWHFFHdw8AVlhFDAVHcwkVVV9IEhhBeFteTA4SRQITdw1cUQ8QExNBNARaB0tXUUEeJl9NER8fHHJRJVhMJ1AfRQ==
FF DefaultSearchEngine: Default
FF SelectedSearchEngine: Default
FF Homepage: hxxp://google.bg
FF Keyword.URL: hxxp://searchinterneat-a.akamaihd.net/s?eq=U0EeE1xZE1oZB1ZEfV1cVg9JFlQXbQlcUglcFVMacxRaWVsXDAJAJA4IVg0VEQNCch9aFQQTR0cFME0FB18EURNNfX5KBFgFZ1xNJA==&q={searchTerms}
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_19_0_0_226.dll [2015-10-22] ()
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_19_0_0_226.dll [2015-10-22] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1220162.dll [2015-08-31] (Adobe Systems, Inc.)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-02-11] (Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2013-08-08] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\dtplugin\npDeployJava1.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.65.2 -> C:\Program Files (x86)\Java\jre1.8.0_65\bin\plugin2\npjp2.dll [2015-10-21] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.40728.0\npctrl.dll [2015-07-28] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin HKU\S-1-5-21-2306312972-3871576667-2102336891-1000: www.mydlink.com/Uplayer -> C:\Users\H530\AppData\Roaming\dlink\Uplayer\1.0.0.33\npUplayer.dll [2015-07-09] (D-LINK CORPORATION)
FF user.js: detected! => C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\user.js [2015-09-09]
FF Extension: Cinem Plus 2.4cV17.09 - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\6a1a03975fde4c8690f6b883c36bc1@7d88519bfe704d8cae3851239.com [2015-09-17] [not signed]
FF Extension: CinemaPlus-3.2cV16.09 - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\d4db60df25f14dae9dd18@185c395f9e794c9ab86be3eb.com [2015-09-17] [not signed]
FF Extension: Default SearchProtected  - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\defsearchp@gmail.com [2015-09-17] [not signed]
FF Extension: deskCut - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\deskCutv2@gmail.com [2015-09-17] [not signed]
FF Extension: Kaldata.com news button - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\kaldata-news-ff-extension@kaldata.com.xpi [2015-06-18]
FF Extension: Great Find - C:\Users\H530\AppData\Roaming\Mozilla\Firefox\Profiles\iuz93u36.default-1434613187259\Extensions\{726412ac-2531-4d86-8f5c-32e7574763e8}.xpi [2015-09-09] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-10-13] [not signed]

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-04-23]

Opera:
=======
OPR Extension: (Cinem Plus 2.4cV17.09) - C:\Users\H530\AppData\Roaming\Opera Software\Opera Stable\Extensions\gegdfeiahlfolhcfioipjlkombmgbakh [2015-09-17]
OPR Extension: (CinemaPlus-3.2cV16.09) - C:\Users\H530\AppData\Roaming\Opera Software\Opera Stable\Extensions\papbadoldddalgcjcicnikcfenodpghp [2015-09-17]
OPR Extension: (Great Find) - C:\Users\H530\AppData\Roaming\Opera Software\Opera Stable\Extensions\pdjpcnnkcejbglbpfhkcabckbloogjli [2015-09-23]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-10-13] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4048280 2015-10-13] (Avast Software)
R2 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [1984696 2015-10-14] (Comodo)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [15720 2013-08-07] (Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\iCLS Client\HeciServer.exe [733696 2013-05-11] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [822232 2013-05-11] (Intel(R) Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [169432 2013-08-08] (Intel Corporation)
R2 LavasoftTcpService; C:\Program Files (x86)\Lavasoft\Web Companion\TcpService\2.3.4.7\LavasoftTcpService.exe [2751760 2015-09-01] (Lavasoft Limited)
R2 SCPDFV4ReadSpool; C:\Windows\Installer\MSI4DC9.tmp [189688 2015-04-23] (Solid Documents, LLC)
R2 SearchProtectionService; C:\Program Files (x86)\Lavasoft\Web Companion\Application\Lavasoft.SearchProtect.WinService.exe [16656 2015-09-01] ()
R2 Service Mgr GreatFind; C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\plugincontainer.exe [1046752 2015-10-22] ()
R2 sesvc; C:\Program Files (x86)\ShadowExplorer\sesvc.exe [9216 2013-01-02] (www.shadowexplorer.com) [File not signed]
S3 SwitchBoard; C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [517096 2010-02-19] (Adobe Systems Incorporated) [File not signed]
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5702416 2015-09-11] (TeamViewer GmbH)
R2 Update Mgr GreatFind; C:\Program Files (x86)\Common Files\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc\updater.exe [614624 2015-10-22] ()
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 ambakdrv; C:\Windows\System32\ambakdrv.sys [30648 2015-02-26] () [File not signed]
R2 ammntdrv; C:\Windows\system32\ammntdrv.sys [151480 2015-02-26] () [File not signed]
R2 amwrtdrv; C:\Windows\system32\amwrtdrv.sys [17848 2015-02-26] () [File not signed]
R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-10-13] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-10-13] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-10-13] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-10-13] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1049880 2015-10-13] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [448968 2015-10-13] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [153744 2015-10-13] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-10-13] (AVAST Software)
S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R3 GeneStor; C:\Windows\System32\DRIVERS\GeneStor.sys [58368 2011-05-18] (GenesysLogic)
S3 HtcVCom32; C:\Windows\System32\DRIVERS\HtcVComV64.sys [121800 2010-03-08] (QUALCOMM Incorporated)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [28008 2013-08-07] (Intel Corporation)
R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [100824 2013-12-03] (Intel Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [132656 2015-10-13] (AVAST Software)
R3 RTWlanE; C:\Windows\System32\DRIVERS\rtwlane.sys [1461904 2012-08-09] (Realtek Semiconductor Corporation                           )
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [274336 2015-10-13] (Avast Software)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-22 21:29 - 2015-10-22 21:30 - 00022966 _____ C:\Users\H530\Desktop\FRST.txt
2015-10-22 21:29 - 2015-10-22 21:29 - 00000000 ____D C:\FRST
2015-10-22 21:20 - 2015-10-22 21:19 - 02196480 _____ (Farbar) C:\Users\H530\Desktop\FRST64.exe
2015-10-22 20:16 - 2015-10-22 20:16 - 00001658 _____ C:\Users\Public\Desktop\Recuva.lnk
2015-10-22 20:16 - 2015-10-22 20:16 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Recuva
2015-10-22 20:16 - 2015-10-22 20:16 - 00000000 ____D C:\Program Files\Recuva
2015-10-22 20:15 - 2015-10-22 20:16 - 04426120 _____ (Piriform Ltd) C:\Users\H530\Downloads\rcsetup152.exe
2015-10-22 19:50 - 2015-10-22 19:47 - 00000582 _____ C:\Users\H530\Downloads\Spravki (NAS-SERVER) (Q) - Shortcut.lnk
2015-10-22 19:47 - 2015-10-22 19:47 - 00000000 ____D C:\Users\H530\Downloads\nass
2015-10-22 19:07 - 2015-10-22 19:07 - 00000000 ____D C:\Users\H530\AppData\Roaming\www.shadowexplorer.com
2015-10-22 19:06 - 2015-10-22 19:06 - 00001889 _____ C:\Users\H530\Desktop\ShadowExplorer.lnk
2015-10-22 19:06 - 2015-10-22 19:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ShadowExplorer
2015-10-22 19:06 - 2015-10-22 19:06 - 00000000 ____D C:\Program Files (x86)\ShadowExplorer
2015-10-22 19:06 - 2015-10-22 19:05 - 00969845 _____ (ShadowExplorer.com ) C:\Users\H530\Desktop\ShadowExplorer-0.9-setup.exe
2015-10-22 18:21 - 2015-10-22 21:29 - 00000000 ____D C:\Users\H530\AppData\Roaming\Enigma Software Group
2015-10-22 18:21 - 2015-10-22 18:21 - 00000000 _____ C:\autoexec.bat
2015-10-22 18:19 - 2015-10-22 18:08 - 03237248 _____ (Enigma Software Group USA, LLC.) C:\Users\H530\Desktop\SpyHunter-Installer.exe
2015-10-22 08:38 - 2015-10-22 11:51 - 00000000 ____D C:\Users\H530\Desktop\Марс
2015-10-15 16:21 - 2015-10-15 16:30 - 00000000 ____D C:\Users\H530\Downloads\Foxconn A74ML-K Win Xp
2015-10-15 08:15 - 2015-10-02 09:35 - 00060354 _____ C:\Users\H530\Downloads\Рулони от 15,09,2015-нова.xlsx
2015-10-15 08:02 - 2015-10-15 08:02 - 00000000 ____D C:\Program Files (x86)\Comodo
2015-10-13 15:24 - 2015-10-13 15:24 - 00378880 _____ (AVAST Software) C:\Windows\system32\aswBoot.exe
2015-10-13 15:24 - 2015-10-13 15:24 - 00132656 _____ (AVAST Software) C:\Windows\system32\Drivers\ngvss.sys
2015-10-13 15:24 - 2015-10-13 15:24 - 00043112 _____ (AVAST Software) C:\Windows\avastSS.scr
2015-10-13 08:28 - 2015-10-13 08:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip UNACE plugin
2015-10-13 08:27 - 2015-10-13 08:27 - 00369023 _____ (Giorgio Tani ) C:\Users\H530\Downloads\peazip_unace_plugin-WIN64-1.exe
2015-10-13 08:26 - 2015-10-13 08:26 - 07164167 _____ (Giorgio Tani ) C:\Users\H530\Downloads\peazip-5.8.0.WIN64.exe
2015-10-13 08:24 - 2015-10-13 08:24 - 06712506 _____ (Giorgio Tani ) C:\Users\H530\Downloads\peazip-5.8.0.WINDOWS.exe
2015-10-09 16:55 - 2015-10-09 16:55 - 00000000 ____D C:\Users\H530\Desktop\Audi
2015-10-06 09:25 - 2015-07-24 12:34 - 492486704 _____ (Autodesk, Inc.) C:\Users\H530\Desktop\SetupDWGTrueView2016_ENU_64bit.sfx.exe
2015-10-05 10:56 - 2015-10-06 13:19 - 00000000 ____D C:\Users\H530\Desktop\hotspurs
2015-10-02 16:07 - 2015-10-02 16:07 - 00000000 ____D C:\PSS
2015-10-02 11:40 - 2015-10-02 17:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2015-09-29 12:49 - 2015-10-22 19:56 - 00000000 ____D C:\Users\H530\Desktop\lubo
2015-09-29 09:19 - 2015-09-29 09:19 - 00206848 ____H C:\Users\H530\Desktop\~WRL0001.tmp
2015-09-28 16:41 - 2015-09-28 16:41 - 00000000 ____D C:\Users\H530\Downloads\ga120x-usercd-v500
2015-09-28 16:36 - 2015-09-28 16:36 - 00000000 ____D C:\Users\H530\Downloads\univ-ps-v2021
2015-09-28 16:30 - 2015-09-28 16:30 - 00000000 ____D C:\Users\H530\Downloads\ToshViewer_V2_1.06_Extracted
2015-09-28 12:48 - 2015-09-28 12:48 - 00001879 _____ C:\Users\H530\Desktop\NeroPortable.exe - Shortcut.lnk
2015-09-28 11:47 - 2015-09-28 11:47 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\7-Zip
2015-09-28 11:47 - 2015-09-28 11:47 - 00000000 ____D C:\Program Files\7-Zip
2015-09-28 10:08 - 2015-09-28 10:08 - 00000000 ____D C:\Users\H530\AppData\LocalLow\uTorrent
2015-09-28 08:31 - 2015-09-28 08:31 - 00000909 _____ C:\Users\Public\Desktop\AIMP3.lnk
2015-09-28 08:31 - 2015-09-28 08:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AIMP3
2015-09-25 16:18 - 2015-09-25 16:18 - 00000031 _____ C:\Users\H530\AppData\Local\burnaware.ini
2015-09-24 12:44 - 2015-09-24 12:44 - 00000000 ____D C:\Users\H530\AppData\Roaming\chc.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
2015-09-24 12:44 - 2015-09-24 12:44 - 00000000 ____D C:\Users\H530\AppData\Roaming\chc
2015-09-23 09:32 - 2015-09-23 09:32 - 00000464 __RSH C:\ProgramData\ntuser.pol

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-10-22 21:26 - 2015-09-03 10:03 - 00000000 ____D C:\Program Files\Waterfox
2015-10-22 20:28 - 2015-04-27 08:39 - 00000000 ____D C:\Program Files (x86)\TeamViewer
2015-10-22 20:17 - 2015-09-09 11:01 - 00000000 ____D C:\ProgramData\d64c6aa4-9b30-4b06-8859-0cfa31bd50dc
2015-10-22 18:58 - 2015-04-23 08:02 - 00000000 ____D C:\Users\H530\AppData\Roaming\AIMP3
2015-10-22 17:22 - 2015-09-17 14:21 - 00000000 ____D C:\Users\H530\AppData\Local\Recovery Toolbox for Excel
2015-10-22 10:31 - 2009-07-14 08:13 - 00783606 _____ C:\Windows\system32\PerfStringBackup.INI
2015-10-22 08:09 - 2015-04-21 16:07 - 01775644 _____ C:\Windows\WindowsUpdate.log
2015-10-22 08:06 - 2009-07-14 07:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-10-22 08:06 - 2009-07-14 07:45 - 00032080 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-10-22 08:03 - 2015-04-23 08:49 - 00000000 ____D C:\Program Files (x86)\Opera
2015-10-22 07:59 - 2015-04-22 14:23 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-10-22 07:59 - 2015-04-22 14:23 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-10-22 07:58 - 2015-08-12 15:44 - 00007080 _____ C:\Windows\setupact.log
2015-10-22 07:58 - 2009-07-14 08:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-10-21 08:13 - 2015-04-22 14:28 - 00000000 ____D C:\ProgramData\Oracle
2015-10-21 08:13 - 2015-04-22 14:28 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-10-21 08:12 - 2015-09-01 07:59 - 00000000 ____D C:\Users\H530\.oracle_jre_usage
2015-10-21 08:12 - 2015-04-22 14:28 - 00097888 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2015-10-21 08:12 - 2015-04-22 14:28 - 00000000 ____D C:\Program Files (x86)\Java
2015-10-21 08:07 - 2015-04-23 09:19 - 00004182 _____ C:\Windows\System32\Tasks\avast! Emergency Update
2015-10-21 08:06 - 2015-09-02 11:26 - 00015928 _____ C:\Windows\PFRO.log
2015-10-15 17:07 - 2015-08-03 11:00 - 00000699 _____ C:\Users\H530\AppData\Roaming\burnaware.ini
2015-10-15 16:43 - 2015-06-19 16:39 - 00000000 ____D C:\Users\H530\AppData\Local\CrashDumps
2015-10-14 15:14 - 2015-07-30 10:59 - 00000000 ____D C:\Users\H530\Desktop\pic
2015-10-13 16:52 - 2015-04-23 09:23 - 00000000 ____D C:\Windows\SysWOW64\vbox
2015-10-13 16:52 - 2015-04-23 09:23 - 00000000 ____D C:\Windows\system32\vbox
2015-10-13 15:24 - 2015-04-23 09:19 - 01049880 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSnx.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00448968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswSP.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00274808 _____ (AVAST Software) C:\Windows\system32\Drivers\aswVmm.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00153744 _____ (AVAST Software) C:\Windows\system32\Drivers\aswStm.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00093528 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRdr2.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00090968 _____ (AVAST Software) C:\Windows\system32\Drivers\aswMonFlt.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00065224 _____ (AVAST Software) C:\Windows\system32\Drivers\aswRvrt.sys
2015-10-13 15:24 - 2015-04-23 09:19 - 00028656 _____ (AVAST Software) C:\Windows\system32\Drivers\aswHwid.sys
2015-10-13 08:28 - 2015-07-30 11:56 - 00000000 ____D C:\Users\H530\AppData\Roaming\PeaZip
2015-10-13 08:27 - 2015-07-24 16:31 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PeaZip
2015-10-13 08:27 - 2015-07-24 16:31 - 00000000 ____D C:\Program Files\PeaZip
2015-10-06 13:17 - 2015-04-23 13:37 - 00000132 _____ C:\Users\H530\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-10-06 09:04 - 2015-04-27 08:39 - 00000971 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TeamViewer 10.lnk
2015-10-05 08:13 - 2015-04-22 14:14 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2015-10-01 13:18 - 2015-09-04 15:17 - 00000000 ____D C:\Users\H530\Desktop\Sofia 02.09
2015-09-28 13:03 - 2015-04-23 14:24 - 00000000 ____D C:\Users\H530\AppData\Roaming\uTorrent
2015-09-28 08:31 - 2015-04-23 08:02 - 00000000 ____D C:\Program Files (x86)\AIMP3
2015-09-23 10:49 - 2015-08-11 10:01 - 00000000 ____D C:\Users\H530\Desktop\cherrt
2015-09-23 07:57 - 2009-07-14 06:20 - 00000000 ____D C:\Windows\system32\GroupPolicy

==================== Files in the root of some directories =======

2015-04-23 13:37 - 2015-10-06 13:17 - 0000132 _____ () C:\Users\H530\AppData\Roaming\Adobe PNG Format CS5 Prefs
2015-08-03 11:00 - 2015-10-15 17:07 - 0000699 _____ () C:\Users\H530\AppData\Roaming\burnaware.ini
2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\H530\AppData\Roaming\DQlyoL7pH
2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\H530\AppData\Roaming\HIg6SITJl79D
2015-04-14 19:28 - 2015-04-14 19:28 - 0004387 _____ () C:\Users\H530\AppData\Roaming\RE7obhwIRq38ggvfE27tYrFCB9R
2015-09-25 16:18 - 2015-09-25 16:18 - 0000031 _____ () C:\Users\H530\AppData\Local\burnaware.ini
2015-05-20 09:48 - 2015-05-20 09:48 - 0004608 _____ () C:\Users\H530\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-09-17 10:52 - 2015-09-17 10:52 - 0260876 _____ (VuuPC Limited) C:\Users\H530\AppData\Local\nsu9891.tmp
2015-04-23 08:27 - 2015-04-23 08:27 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-04-21 16:17 - 2015-04-21 16:17 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2015-09-17 10:42 - 2015-09-17 11:32 - 0000102 _____ () C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat

Files to move or delete:
====================
C:\ProgramData\{262E20B8-6E20-4CEF-B1FD-D022AB1085F5}.dat


Some files in TEMP:
====================
C:\Users\H530\AppData\Local\Temp\EsgInstallerx64Stub.exe
C:\Users\H530\AppData\Local\Temp\FoxitUpdater.exe
C:\Users\H530\AppData\Local\Temp\jre-8u60-windows-au.exe
C:\Users\H530\AppData\Local\Temp\jre-8u65-windows-au.exe
C:\Users\H530\AppData\Local\Temp\setup.exe
C:\Users\H530\AppData\Local\Temp\Uninstall.exe
C:\Users\H530\AppData\Local\Temp\{0195B572-304E-4313-A22F-B7FFC248D2F2}.dll
C:\Users\H530\AppData\Local\Temp\{02997942-FC8D-4345-92D8-59DCDA312D5E}.dll
C:\Users\H530\AppData\Local\Temp\{035FACF4-66C9-4DC6-A486-538E8D8D612B}.dll
C:\Users\H530\AppData\Local\Temp\{06812162-96A4-4173-B782-B9227F93499C}.dll
C:\Users\H530\AppData\Local\Temp\{09E95B4C-E1C4-4F7E-80A1-F69AE62729C7}.dll
C:\Users\H530\AppData\Local\Temp\{0B62C3C1-5398-4E7F-96C7-D9D622E27CFC}.dll
C:\Users\H530\AppData\Local\Temp\{129459EC-48CD-462B-BDF9-9F5404465464}.dll
C:\Users\H530\AppData\Local\Temp\{12C5FF9F-A8B5-4548-838B-8A5312485ADB}.dll
C:\Users\H530\AppData\Local\Temp\{13110391-05C8-4959-A5D8-03A831C1F4F6}.dll
C:\Users\H530\AppData\Local\Temp\{1688A2F2-401A-4D31-B77E-74C8F0DD84E1}.dll
C:\Users\H530\AppData\Local\Temp\{171471D2-721C-4887-8A6A-E2D83CE9E59A}.dll
C:\Users\H530\AppData\Local\Temp\{17F11749-A894-4276-AC01-1FA4F9988BA5}.dll
C:\Users\H530\AppData\Local\Temp\{1D669150-F69A-4FBD-88AB-68C6871D34F0}.dll
C:\Users\H530\AppData\Local\Temp\{1E03AF75-2A0D-4C33-A5F1-B36324C379E0}.dll
C:\Users\H530\AppData\Local\Temp\{211F3D0C-5B1A-4986-A822-8F10F3F32B47}.dll
C:\Users\H530\AppData\Local\Temp\{232F1963-E5D1-460F-AE53-294E0F7A71FC}.dll
C:\Users\H530\AppData\Local\Temp\{2390BA91-41E6-47C0-802D-57849CCA1F07}.dll
C:\Users\H530\AppData\Local\Temp\{24BD2FFB-C7F5-47AD-8F1A-EEFE796DBA77}.dll
C:\Users\H530\AppData\Local\Temp\{2646CCC0-F53A-409B-8102-D11B1F0774FC}.dll
C:\Users\H530\AppData\Local\Temp\{27698638-FA03-48B5-B4F2-ECDA95AB72AA}.dll
C:\Users\H530\AppData\Local\Temp\{2A2A73E7-C343-4A7A-A0FA-5C504128E208}.dll
C:\Users\H530\AppData\Local\Temp\{2B4D4BBC-768C-4BB8-98D8-48DD27AE3499}.dll
C:\Users\H530\AppData\Local\Temp\{2B86CE0D-C529-4BEF-BDA7-3B75F50C147B}.dll
C:\Users\H530\AppData\Local\Temp\{2D23B4E4-6FC7-4C8F-A362-21B4169F85A3}.dll
C:\Users\H530\AppData\Local\Temp\{31B655C3-E214-4460-AEBC-7B9DA6EF43F8}.dll
C:\Users\H530\AppData\Local\Temp\{3544C25B-8F77-4EDF-9CEB-987C049CF564}.dll
C:\Users\H530\AppData\Local\Temp\{3674A7D3-9B19-4D8D-9566-AE3408F774CE}.dll
C:\Users\H530\AppData\Local\Temp\{37BB12D8-C32B-403C-A39C-F67BDDAD4A1D}.dll
C:\Users\H530\AppData\Local\Temp\{388B34D7-F046-41CE-B922-CA6C75527799}.dll
C:\Users\H530\AppData\Local\Temp\{3B135E89-A639-43FC-98B5-F935E0E9FA40}.dll
C:\Users\H530\AppData\Local\Temp\{3D2584A6-6FB9-4D0A-AD37-66119C8AE1BF}.dll
C:\Users\H530\AppData\Local\Temp\{3D3226CC-3D7A-4A4F-BA90-BCD376EBC3F8}.dll
C:\Users\H530\AppData\Local\Temp\{3DD96A68-1AA6-406C-B943-5DFBA4CF30BE}.dll
C:\Users\H530\AppData\Local\Temp\{3E1FC49E-82C5-46C2-9E72-3C6AC78D4121}.dll
C:\Users\H530\AppData\Local\Temp\{3E993AC3-0CA4-42EF-A9EF-0731F45018D3}.dll
C:\Users\H530\AppData\Local\Temp\{3F308289-CB2E-4C33-9A7C-AACC54A84780}.dll
C:\Users\H530\AppData\Local\Temp\{40EDFDA1-3D1E-4E28-90E5-803DDF570A94}.dll
C:\Users\H530\AppData\Local\Temp\{44F60E41-B7E2-4A34-AE52-020730EE460E}.dll
C:\Users\H530\AppData\Local\Temp\{47BD60F3-F62B-43E5-8DCF-A4D156165FA4}.dll
C:\Users\H530\AppData\Local\Temp\{497FA30C-46E8-4D8F-B4B3-16DCF1ACE6E7}.dll
C:\Users\H530\AppData\Local\Temp\{4D67B37B-9118-4889-B558-AFCC3FC159B0}.dll
C:\Users\H530\AppData\Local\Temp\{4F693B28-B2FC-4DDE-94CF-44389C6E2034}.dll
C:\Users\H530\AppData\Local\Temp\{518671F2-C6B1-4D77-BA3C-C04BD0168B90}.dll
C:\Users\H530\AppData\Local\Temp\{527F2DC7-E140-460A-9399-833BF0EFE53C}.dll
C:\Users\H530\AppData\Local\Temp\{53541C15-7A8A-4451-8541-70735BBC3E2C}.dll
C:\Users\H530\AppData\Local\Temp\{53D644D4-3E3D-47F3-A77D-E6352BD0B9A7}.dll
C:\Users\H530\AppData\Local\Temp\{54BB4F2F-5965-4F38-BCB0-F379E91AD5D3}.dll
C:\Users\H530\AppData\Local\Temp\{569E8748-434C-41E9-A561-3840C379C88A}.dll
C:\Users\H530\AppData\Local\Temp\{572FE1C3-B398-4A29-BAB7-A66F4AFFF8E6}.dll
C:\Users\H530\AppData\Local\Temp\{59E3246D-764A-456D-AFF1-AE9CE550B140}.dll
C:\Users\H530\AppData\Local\Temp\{5BD6E695-82A5-4AEE-A233-6A783AE05CC8}.dll
C:\Users\H530\AppData\Local\Temp\{5F342BB6-1C2B-47FD-994A-1150EC4B8B12}.dll
C:\Users\H530\AppData\Local\Temp\{637EF405-7327-49AE-9C2C-8AFEDAD534C0}.dll
C:\Users\H530\AppData\Local\Temp\{63912EEF-877F-4841-A1A7-6191A93EFC5C}.dll
C:\Users\H530\AppData\Local\Temp\{63A7D091-C80F-48AF-80FD-7BF3DF4DE846}.dll
C:\Users\H530\AppData\Local\Temp\{63CCE997-FD59-4D56-94F8-30612C4169BB}.dll
C:\Users\H530\AppData\Local\Temp\{65EF1110-4B95-4C71-9927-1B03B2E69986}.dll
C:\Users\H530\AppData\Local\Temp\{68EC0EFE-04E3-4216-9AC4-65190AC7785F}.dll
C:\Users\H530\AppData\Local\Temp\{69843330-3EDB-41E4-9889-2576FAC2F30E}.dll
C:\Users\H530\AppData\Local\Temp\{6E966063-AC9F-4EAA-A654-A9F34364DFBF}.dll
C:\Users\H530\AppData\Local\Temp\{6EDA0E40-1E91-4A10-A447-FB5EC6A7E46C}.dll
C:\Users\H530\AppData\Local\Temp\{71A9B58A-C2B4-4884-98AC-8F99D3BC5049}.dll
C:\Users\H530\AppData\Local\Temp\{73C85920-9AD4-4DE1-9831-81E402E521B9}.dll
C:\Users\H530\AppData\Local\Temp\{761838AA-3F97-4418-B49C-3052C0CC77C4}.dll
C:\Users\H530\AppData\Local\Temp\{7653D6F5-6ED5-41DA-BDA3-5A60F33764CC}.dll
C:\Users\H530\AppData\Local\Temp\{793C8A55-B1DF-404D-B30B-20E8B99BE1B2}.dll
C:\Users\H530\AppData\Local\Temp\{7A19DB05-8777-4665-B904-161E9820AFC0}.dll
C:\Users\H530\AppData\Local\Temp\{7B11FE8F-8AF0-4887-8E79-49D722F84E76}.dll
C:\Users\H530\AppData\Local\Temp\{7C74B96B-D238-451D-9C7A-A9D3813EF6CD}.dll
C:\Users\H530\AppData\Local\Temp\{7CFC6AB2-27F5-427C-9266-ED2AC330D6C4}.dll
C:\Users\H530\AppData\Local\Temp\{7D5FBC88-881B-4916-ADD4-74DD81F859CD}.dll
C:\Users\H530\AppData\Local\Temp\{8138DED1-F6A3-42D7-BF71-64C4CA732F71}.dll
C:\Users\H530\AppData\Local\Temp\{8172C32B-35FF-4BF7-B8E5-15DB8D7618FD}.dll
C:\Users\H530\AppData\Local\Temp\{822E4465-31D3-4FC8-8887-FB0FAFB4E494}.dll
C:\Users\H530\AppData\Local\Temp\{84605F50-0C05-429F-A7C7-5C2432F34F2F}.dll
C:\Users\H530\AppData\Local\Temp\{848B249D-A1BE-466E-930F-D1F5517162DA}.dll
C:\Users\H530\AppData\Local\Temp\{84C25B18-DDB4-485D-B6AD-0856878B10D2}.dll
C:\Users\H530\AppData\Local\Temp\{86035158-2253-45AE-964D-E6BF177C0A92}.dll
C:\Users\H530\AppData\Local\Temp\{86B393B0-E040-4C5E-87FA-E2DD23CD6C4A}.dll
C:\Users\H530\AppData\Local\Temp\{87AD180E-7406-42CB-970F-7FFE57CDB7B6}.dll
C:\Users\H530\AppData\Local\Temp\{884C0624-9FB3-4252-B5FB-B9A6557181F0}.dll
C:\Users\H530\AppData\Local\Temp\{8A2AC20D-388E-46E1-8CCE-8F98A699E516}.dll
C:\Users\H530\AppData\Local\Temp\{8D9845F3-3F89-4B81-AFF5-75137EE5A698}.dll
C:\Users\H530\AppData\Local\Temp\{904DC888-8B33-4DF9-B54D-3F666052F1EF}.dll
C:\Users\H530\AppData\Local\Temp\{923B4552-84E1-40F2-AC79-8949C74C5C09}.dll
C:\Users\H530\AppData\Local\Temp\{93C62360-32FC-4F22-A583-B1FD6A47D9A1}.dll
C:\Users\H530\AppData\Local\Temp\{943220A4-7588-4730-B0CB-9AE5B4BE9468}.dll
C:\Users\H530\AppData\Local\Temp\{95B7227B-8322-4F1D-B916-2A47D1B30B9B}.dll
C:\Users\H530\AppData\Local\Temp\{97BB2A56-D90F-4223-909D-D3D7BDEA1C3E}.dll
C:\Users\H530\AppData\Local\Temp\{9B8BEC48-0B8C-4471-A178-7EE553EB4CFA}.dll
C:\Users\H530\AppData\Local\Temp\{9D0C2915-EDE4-4A2A-90B3-BD559E4BE79C}.dll
C:\Users\H530\AppData\Local\Temp\{9DC3D4F9-D301-4AE5-B902-F85FA4542BA1}.dll
C:\Users\H530\AppData\Local\Temp\{9DE29D2F-871D-45BE-8155-09B634921761}.dll
C:\Users\H530\AppData\Local\Temp\{9E0B863B-B19C-4D56-86DF-EE2FCF8C74FD}.dll
C:\Users\H530\AppData\Local\Temp\{9FFDAE92-786C-4164-B978-34A569C7FA0F}.dll
C:\Users\H530\AppData\Local\Temp\{A1AE91B3-B4BA-4331-9A17-68F23809BF8A}.dll
C:\Users\H530\AppData\Local\Temp\{A2F71A53-74C9-4413-B0F1-0369D877C901}.dll
C:\Users\H530\AppData\Local\Temp\{A33F7989-3748-4560-B1B3-08C8D1D9BFEF}.dll
C:\Users\H530\AppData\Local\Temp\{A7D52ED0-E625-409A-864C-2B8D20090F38}.dll
C:\Users\H530\AppData\Local\Temp\{AA76815D-84CE-4E1A-B2FB-8BE43F03A9B8}.dll
C:\Users\H530\AppData\Local\Temp\{ADBBADE5-8701-4707-8223-69F234BD1891}.dll
C:\Users\H530\AppData\Local\Temp\{AEA3B661-419B-456D-AFA1-4CC9F8BBF2D8}.dll
C:\Users\H530\AppData\Local\Temp\{AFBD17A4-E1A1-4F88-BEC6-3FD0E14D4A4A}.dll
C:\Users\H530\AppData\Local\Temp\{B5F5D0C7-9591-45E2-B584-A88190A0FB6C}.dll
C:\Users\H530\AppData\Local\Temp\{B78A62BD-50F7-4EBC-BFC2-91D59A3EEB40}.dll
C:\Users\H530\AppData\Local\Temp\{BBAE60B8-65EF-4849-90A4-6D34AADF4552}.dll
C:\Users\H530\AppData\Local\Temp\{BF6179AE-9F2B-48C7-AD13-2C13B8B2D673}.dll
C:\Users\H530\AppData\Local\Temp\{C09BBEB2-B950-48B9-9FBF-4AE45A22A55D}.dll
C:\Users\H530\AppData\Local\Temp\{C732E619-7A40-4748-9830-6E8E483EA236}.dll
C:\Users\H530\AppData\Local\Temp\{CB4FAE36-61FD-42E8-8D0C-34774442FE96}.dll
C:\Users\H530\AppData\Local\Temp\{CD1CEAE4-F6DA-4EA8-AF49-0EC8E730F560}.dll
C:\Users\H530\AppData\Local\Temp\{CDA32ABF-905D-4540-9F46-A1BCD0216967}.dll
C:\Users\H530\AppData\Local\Temp\{D097C4E1-7E6A-4249-94A5-095AEA1C7F9F}.dll
C:\Users\H530\AppData\Local\Temp\{D0F39047-5E04-47BC-B519-12B9FB70C5C6}.dll
C:\Users\H530\AppData\Local\Temp\{D19A2913-D405-4A58-AFEF-F5519D7A2794}.dll
C:\Users\H530\AppData\Local\Temp\{D227D322-20BF-44EB-9E75-FE914C3BD860}.dll
C:\Users\H530\AppData\Local\Temp\{D2ABE160-EEA5-4933-B974-44E342857B85}.dll
C:\Users\H530\AppData\Local\Temp\{D2DA558B-5629-416C-BE85-6ECC1FF534A3}.dll
C:\Users\H530\AppData\Local\Temp\{D349E351-2FF4-4DD7-AC53-06ABF0545624}.dll
C:\Users\H530\AppData\Local\Temp\{D4FF7006-C83C-4EB9-938C-3D94530C8E97}.dll
C:\Users\H530\AppData\Local\Temp\{D5FC81D7-78DA-440E-A7CF-2FEAA53BC43F}.dll
C:\Users\H530\AppData\Local\Temp\{DA407627-DF0E-4C8C-8F7C-5C6F7423268D}.dll
C:\Users\H530\AppData\Local\Temp\{DC4AED94-2910-4B7A-9EFC-F6A7BB3ADC82}.dll
C:\Users\H530\AppData\Local\Temp\{E02D1524-2F94-420A-82EB-B6AE0D410BF7}.dll
C:\Users\H530\AppData\Local\Temp\{E2AA2F71-EEB9-4A16-8FEC-B032FFF1DEFA}.dll
C:\Users\H530\AppData\Local\Temp\{E2D679D6-1993-4356-B57B-B7C0DBB40A70}.dll
C:\Users\H530\AppData\Local\Temp\{E32C117B-E768-4A72-82A6-C91D01C2B8EC}.dll
C:\Users\H530\AppData\Local\Temp\{E5D4FF25-30EF-41A0-8D8B-2D59BAB40714}.dll
C:\Users\H530\AppData\Local\Temp\{E639807D-35B6-4B17-8FD2-8A83440927C5}.dll
C:\Users\H530\AppData\Local\Temp\{E949A9B4-A61E-4A65-BC60-B48D48ED273A}.dll
C:\Users\H530\AppData\Local\Temp\{EFF47525-C84A-4736-9CDE-4762E1B20F56}.dll
C:\Users\H530\AppData\Local\Temp\{F4AFD352-5C90-4961-8E91-4CCBC17D62A4}.dll
C:\Users\H530\AppData\Local\Temp\{F836F672-DE3E-4F35-9872-81A5846C1A77}.dll
C:\Users\H530\AppData\Local\Temp\{F8F00D98-E313-49C5-B4D3-7A1DBE4A8F88}.dll
C:\Users\H530\AppData\Local\Temp\{F9238853-744C-4481-8AE2-F207D966F007}.dll
C:\Users\H530\AppData\Local\Temp\{FAB4D546-DCA8-4BF4-A35B-F4C61912B831}.dll
C:\Users\H530\AppData\Local\Temp\{FBDFA97A-94F4-40EA-8646-C48B11A57421}.dll
C:\Users\H530\AppData\Local\Temp\{FE5C2959-4F53-4B62-87AB-20295547B431}.dll
C:\Users\H530\AppData\Local\Temp\{FF05A364-BDA2-49FC-99BE-ABAD1ABBD4B2}.dll
C:\Users\H530\AppData\Local\Temp\{FF31ED54-E7EE-44C0-894D-E67CC987F874}.dll
C:\Users\H530\AppData\Local\Temp\{FF3D32B2-EBD3-460E-B28A-CDC22BE283AF}.dll
C:\Users\H530\AppData\Local\Temp\{FF8060E2-0154-4B22-8797-F18283FC3612}.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-10-21 11:55

==================== End of FRST.txt ============================

 

 

Addition.txt


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Привет,

Довечера ще пиша, че трябва да ходя на работа. В лог файла обаче не виждам файлове с разширението - .id-1769756661_helpme@freespeechmail.org?

Виждам обаче зараза, която датира още от 14.04.2015. Ще почистим каквото можем, но се говори, че всички последни криптори от последните теми, които съдържат @ в името си са ОБНОВЕНИ версии на кофти криптора - Decode@india.com. Ако се окаже, че е така и се създават през нов ransomware kit, то може да се каже, че те са СИГУРНИ и декриптирането е невъзможно (поне не и без заплащането на декриптор, което не е препоръчително, защото не се знае доколко ще е ефективен той).

Все пак е рано да се твърди, това докато не се получи dropper от който е дошла заразата и не се анализират криптираните файлове. Ако имате такива файлове, моля архивирайте ги и качете архива на хостинг услуга по избор и ми пратете линка за изтегляне на Лични Съобщения за да го изтегля.

Също така моля изтеглете ID Tool от Nathan Scott и го запазете на десктопа.
Разархивирайте архива в папка по желание и след това стартирайте файла IDTool.exe.

Изчакайте инструмента да стартира и да сканира системата ви.

Натиснете бутона "Generate Text Friendly Report for Forums".
idtool_gui2.png

  • Ще се появи диалогов прозорец, както е показано на картинката отгоре.
  • Копирайте съдържанието на лог файла в следващия си пост.

Колкото до програмите за възстановяване на файловете, не можете ли просто да разкачите дисковете и да ги закачите един по един за компютъра и да опитате така да стартирате програмите за възстановяване на изтрити файлове? Не е зле обаче да използвате някакъв компютър с неважна информация на него в случай, че инфекцията се пренесе и на него. Задължително спрете и Autorun на системата преди да закачите диска към компютъра. Вярно е, че ако не се буутне от заразения диск, едва ли и да има зараза тя ще се активира, но все пак това са модерни заплахи и малко повече сигурност няма да навреди.

Това е засега.

Поздрави!

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от Владиславов
      Помощ! От два дена компютъра се рестартира сам на всеки 5 минути. Проверявах с анти вирусната,анти троянската,трих регистри и т.н. Това се случи след един ъпдейт на компютъра. Уиндоуса ми е лицензиран.Помогнете!
    • от krasimirson
      Здравейте,
      След препоръка на @DarkEdge и като продължение на темата в раздела на Интернет и Wi-Fi, прикачвам логовете след сканиране с FRST. 
      Накратко, потенциално инфектираната система изпитва проблеми с Wi-fi връзката (бавен интернет, трудно връзване към Wi-fi, чести прекъсвания, висок пинг) като състоянието за последната седмица се влошава, прерастващо от бавна скорост до невъзможност за връзване към Wi-fi и негативно влияние върху интернет връзката на устройства в близост до потенциално заразеното. Пример за последното:
      При свързване на потенциално заразеното устройство (лаптоп) към Wi-fi, пингът на друго устройство (тестови лаптоп) в близост се покачва между 1000 и 3000 пъти като след кратко време пропада и интернет връзката му. Прикачен е скрийншот от Command Prompt тест на пинга: http://prikachi.com/...48/9322348n.jpg
      Предварително благодаря за отделеното време и помощ.
       
      Addition.txt
      FRST.txt
      Моделът на лаптопа е Asus K555L, а OS е Windows 10. 
    • от Stoichev
      Здравейте! Напоследък лаптопът лагва и работи доста бавно. Ще бъда благодарен за помощта.
      Addition.txt
      FRST.txt
    • от Бисер Петков
      В другата тема  писах, че флашката е повредена след включването и в телевизор Самсунг. Има файл с име СМ0013 който си мисля, че е вируса според прояетеното в нета. Бях помолен да пусна тема тук и да прикача логовете за проверка: 
       
      Addition.txt
    • от Бисер Петков
      Уважаеми приятели отново съм пред сага. Трета поредна флашка 64гб- марка Сан диск и Кингстън ми дават проблем. За какво иде реч след като кача видео фаилове гледайки ги на компа са перфектни като качество и бързина  но поставени в уж модерните телевизори започват да забиват и спира картината. въпроса ми е къде е проблема . Благодаря ви предварително.
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.