Премини към съдържанието

Препоръчан отговор


Здравейте и тук :) такаа от къде да започна. Преди седмица харда ми изгоря и дадох лаптопа за ремонт. След ремонта почна да забива много (товари Ram и процесора) и като всеки "грешник" реших че с преинсталация всичко ще се оправи. Е да ама не същото лай*о. Направих всичко от тази тема ==> 

 

(Да добавя не съм аз автора а използвах темата като си мислех, че проблема ми ще е сходен. Проблема ми е описан пак на на 1ва стр. към края) Но след като не успяхме с доброволците да оправим тостера ме насочиха към този раздел.

 

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:21-02-2016 01
Ran by kris (administrator) on KRIS-PC (23-02-2016 23:14:12)
Running from C:\Users\kris\Downloads
Loaded Profiles: kris (Available Profiles: kris)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\stacsv64.exe
(SurfRight B.V.) C:\Program Files\HitmanPro\hmpsched.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRYSVC.EXE
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\BCMWLTRY.EXE
(Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AESTSr64.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Dell Products, LP.) C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Dell Inc.) C:\Program Files\Dell\DW WLAN Card\WLTRAY.EXE
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
(IDT, Inc.) C:\Program Files\IDT\WDM\sttray64.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
() C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTStackServer.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BluetoothHeadsetProxy.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodag.exe
(O&O Software GmbH) C:\Program Files\OO Software\Defrag\oodtray.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Broadcom Wireless Manager UI] => C:\Program Files\Dell\DW WLAN Card\WLTRAY.exe [5712896 2010-02-02] (Dell Inc.)
HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [1337000 2015-04-30] (Microsoft Corporation)
HKLM\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3179288 2010-01-06] (Dell Inc.)
HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1928976 2010-03-05] (Intel(R) Corporation)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [487424 2010-06-17] (IDT, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1890088 2009-12-23] (Synaptics Incorporated)
HKLM-x32\...\Run: [Desktop Disc Tool] => C:\Program Files (x86)\Roxio\Roxio Burn\RoxioBurnLauncher.exe [498160 2009-10-15] ()
HKLM-x32\...\Run: [IAStorIcon] => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [284696 2010-06-08] (Intel Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [605744 2016-02-17] (Oracle Corporation)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-838214799-3499120001-1277686704-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-838214799-3499120001-1277686704-1000\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2016-02-23]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\O&O Defrag Tray.lnk [2016-02-23]
ShortcutTarget: O&O Defrag Tray.lnk -> C:\Windows\Installer\{A4190743-74A9-430C-99D4-4EEFC762132F}\app_icon.ico ()
BootExecute: autocheck autochk * OODBS

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.2.1
Tcpip\..\Interfaces\{533D29CA-44B6-4807-9736-4F15EF0F4F2E}: [DhcpNameServer] 192.168.2.1

Internet Explorer:
==================
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre-9\bin\ssv.dll => No File
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre-9\bin\jp2ssv.dll [2016-02-23] (Oracle Corporation)
Filter: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: deflate - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\system32\urlmon.dll [2010-11-21] (Microsoft Corporation)
Filter-x32: gzip - {8f6b0360-b80d-11d0-a9b3-006097942311} - C:\Windows\SysWOW64\urlmon.dll [2010-11-21] (Microsoft Corporation)

FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_157.dll [2016-02-22] ()
FF Plugin: @java.com/DTPlugin,version=12.0.0.0 -> C:\Program Files\Java\jre-9\bin\dtplugin\npDeployJava1.dll [2016-02-23] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=12.0.0.0 -> C:\Program Files\Java\jre-9\bin\plugin2\npjp2.dll [2016-02-23] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_157.dll [2016-02-22] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.5\npGoogleUpdate3.dll [2016-02-19] (Google Inc.)

Chrome: 
=======
CHR Profile: C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Презентации) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2016-02-19]
CHR Extension: (Google Документи) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2016-02-19]
CHR Extension: (Google Диск) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-02-19]
CHR Extension: (YouTube) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-02-19]
CHR Extension: (Google Търсене) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-02-19]
CHR Extension: (Електронни таблици от Google) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2016-02-19]
CHR Extension: (Google Документи офлайн) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2016-02-20]
CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2016-02-19]
CHR Extension: (Gmail) - C:\Users\kris\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2016-02-19]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 AdobeFlashPlayerFeedbackSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerFeedbackService.exe [173248 2016-02-22] (Adobe Systems Incorporated)
R2 DellDigitalDelivery; C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [162816 2011-10-26] (Dell Products, LP.) [File not signed]
R2 HitmanProScheduler; C:\Program Files\HitmanPro\hmpsched.exe [135496 2016-02-22] (SurfRight B.V.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23816 2015-04-30] (Microsoft Corporation)
S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [340240 2010-03-05] ()
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [366544 2015-04-30] (Microsoft Corporation)
R2 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1666296 2015-07-30] (O&O Software GmbH)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 wltrysvc; C:\Program Files\Dell\DW WLAN Card\bcmwltry.exe [5088256 2010-02-02] (Dell Inc.) [File not signed]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-10] (Broadcom Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO64A.SYS [27552 2016-02-21] (REALiX(tm))
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [280376 2015-03-04] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [124568 2015-03-04] (Microsoft Corporation)
R2 TurboB; C:\Windows\System32\DRIVERS\TurboB.sys [13784 2009-11-02] ()
S3 WiseHDInfo; C:\Windows\WiseHDInfo64.dll [14800 2016-02-21] (wisecleaner.com)
S3 DFUBTUSB; System32\Drivers\frmupgr.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 23:14 - 2016-02-23 23:15 - 00011618 _____ C:\Users\kris\Downloads\FRST.txt
2016-02-23 23:13 - 2016-02-23 23:14 - 00000000 ____D C:\FRST
2016-02-23 23:10 - 2016-02-23 23:11 - 02371072 _____ (Farbar) C:\Users\kris\Downloads\FRST64.exe
2016-02-23 23:06 - 2016-02-23 23:06 - 00000000 ____D C:\Users\kris\AppData\Local\Broadcom
2016-02-23 18:38 - 2016-02-23 18:38 - 01118319 _____ C:\Users\kris\Desktop\изтеглен файл.htm
2016-02-23 17:27 - 2016-02-23 17:27 - 00425688 _____ C:\Users\kris\Downloads\MSI.zip
2016-02-23 17:27 - 2016-02-23 17:27 - 00425688 _____ C:\Users\kris\Downloads\MSI (1).zip
2016-02-23 17:27 - 2016-02-23 17:27 - 00000000 ____D C:\Users\kris\Downloads\MSI
2016-02-23 17:26 - 2016-02-23 17:26 - 01097205 _____ ( ) C:\Users\kris\Downloads\exe.exe
2016-02-23 17:13 - 2016-02-23 17:49 - 00000000 ____D C:\Windows\system32\oodag
2016-02-23 17:13 - 2016-02-23 17:13 - 00000000 ____D C:\Users\kris\AppData\Local\O&O
2016-02-23 17:12 - 2016-02-23 17:12 - 00002497 _____ C:\Users\Public\Desktop\O&O Defrag.lnk
2016-02-23 17:12 - 2016-02-23 17:12 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\O&O Software
2016-02-23 17:12 - 2016-02-23 17:12 - 00000000 ____D C:\Program Files\OO Software
2016-02-23 17:11 - 2016-02-23 17:11 - 00000000 ____D C:\ProgramData\OO Software
2016-02-23 17:10 - 2016-02-23 17:11 - 28904184 _____ (O&O Software GmbH) C:\Users\kris\Downloads\OODefrag18Professional64Enu (1).exe
2016-02-23 17:04 - 2016-02-23 17:04 - 00144464 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2016-02-23 17:04 - 2016-02-23 17:04 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2016-02-23 17:03 - 2016-02-23 17:03 - 00000000 ____D C:\Program Files\Java
2016-02-23 16:58 - 2016-02-23 17:00 - 65169488 _____ (Oracle Corporation) C:\Users\kris\Downloads\jre-9-ea+106_windows-x64_bin.exe
2016-02-23 16:56 - 2016-02-23 16:57 - 28904184 _____ (O&O Software GmbH) C:\Users\kris\Downloads\OODefrag18Professional64Enu.exe
2016-02-23 16:24 - 2016-02-23 16:24 - 00050688 _____ (Atribune.org) C:\Users\kris\Downloads\ATF-Cleaner.exe
2016-02-23 13:39 - 2014-03-09 23:48 - 01389208 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe
2016-02-23 13:39 - 2014-03-09 23:48 - 00171160 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll
2016-02-23 13:39 - 2014-03-09 23:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardagt.exe
2016-02-23 13:39 - 2014-03-09 23:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\infocardapi.dll
2016-02-23 13:38 - 2014-07-01 00:24 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll
2016-02-23 13:38 - 2014-07-01 00:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\SysWOW64\icardres.dll
2016-02-23 13:36 - 2014-06-06 08:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TsWpfWrp.exe
2016-02-23 13:36 - 2014-06-06 08:12 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe
2016-02-23 12:55 - 2015-02-04 05:16 - 00392192 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2016-02-23 12:55 - 2015-02-04 04:54 - 00318464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2016-02-23 12:55 - 2013-08-28 03:12 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\scavengeui.dll
2016-02-23 02:23 - 2016-02-23 02:23 - 00000000 ____D C:\Users\kris\AppData\Roaming\Roxio
2016-02-23 02:23 - 2016-02-23 02:23 - 00000000 ____D C:\Users\kris\AppData\Roaming\Intel Corporation
2016-02-23 02:13 - 2016-02-23 02:13 - 00015772 _____ C:\Windows\results.xml
2016-02-23 02:13 - 2016-02-23 02:13 - 00003230 _____ C:\Windows\System32\Tasks\SidebarExecute
2016-02-23 02:09 - 2010-01-12 14:37 - 00325152 _____ (Realtek ) C:\Windows\system32\Drivers\Rt64win7.sys
2016-02-23 02:09 - 2010-01-06 00:39 - 00107552 _____ (Realtek Semiconductor Corporation) C:\Windows\system32\RTNUninst64.dll
2016-02-23 02:09 - 2009-12-03 17:27 - 00074272 _____ C:\Windows\system32\RtNicProp64.dll
2016-02-23 02:08 - 2016-02-23 02:08 - 00000000 ____H C:\Windows\system32\Drivers\Msft_Kernel_SynTP_01009.Wdf
2016-02-23 02:07 - 2016-02-23 02:07 - 00000000 ____D C:\Program Files\Synaptics
2016-02-23 02:06 - 2009-12-14 12:33 - 00053248 _____ (Windows XP Bundled build C-Centric Single User) C:\Windows\SysWOW64\CSVer.dll
2016-02-23 02:03 - 2016-02-23 02:03 - 00108745 _____ C:\hcwclear.txt
2016-02-23 01:57 - 2016-02-23 02:09 - 00000000 ____D C:\Program Files (x86)\Realtek
2016-02-23 01:57 - 2016-02-23 01:57 - 00000000 ____D C:\Windows\SysWOW64\sda
2016-02-23 01:57 - 2010-12-01 16:12 - 00250984 _____ (Realtek Semiconductor Corp.) C:\Windows\system32\Drivers\RtsUStor.sys
2016-02-23 01:52 - 2016-02-23 01:52 - 00003114 _____ C:\Windows\System32\Tasks\{292810C9-901A-41C2-99BA-EA5B98CD30E0}
2016-02-23 01:50 - 2009-09-17 12:54 - 00056344 _____ (Intel Corporation) C:\Windows\system32\Drivers\HECIx64.sys
2016-02-23 01:47 - 2010-06-17 21:10 - 12800512 _____ (IDT, Inc.) C:\Windows\system32\idtcpl64.cpl
2016-02-23 01:47 - 2010-06-17 21:10 - 03467264 _____ (IDT, Inc.) C:\Windows\system32\stlang64.dll
2016-02-23 01:47 - 2010-06-17 21:10 - 00564224 _____ (IDT, Inc.) C:\Windows\system32\idt64mp1.exe
2016-02-23 01:47 - 2010-01-20 15:55 - 00601088 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo64.dll
2016-02-23 01:47 - 2010-01-20 15:55 - 00524288 _____ (Creative Technology Ltd.) C:\Windows\system32\ctapo32.dll
2016-02-23 01:47 - 2010-01-12 02:03 - 00162304 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAC64.dll
2016-02-23 01:47 - 2009-10-10 00:45 - 00442368 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTEC64.dll
2016-02-23 01:47 - 2009-05-13 03:28 - 00057856 _____ (Creative Technology Ltd.) C:\Windows\system32\ctppld64.dll
2016-02-23 01:47 - 2009-03-03 01:58 - 00068608 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTAR64.dll
2016-02-23 01:47 - 2009-03-03 01:47 - 00090624 _____ (Andrea Electronics Corporation) C:\Windows\system32\AESTCo64.dll
2016-02-23 01:46 - 2016-02-23 01:46 - 00000000 ____D C:\Windows\system32\SRSLabs
2016-02-23 01:45 - 2016-02-23 01:47 - 00000000 ____D C:\Program Files\IDT
2016-02-23 01:45 - 2010-06-17 21:10 - 01465344 _____ (IDT, Inc.) C:\Windows\system32\stapo64.dll
2016-02-23 01:45 - 2010-06-17 21:10 - 00645632 ____N (IDT, Inc.) C:\Windows\system32\stapi64.dll
2016-02-23 01:45 - 2010-06-17 21:10 - 00515584 _____ (IDT, Inc.) C:\Windows\system32\Drivers\stwrt64.sys
2016-02-23 01:45 - 2010-06-17 21:10 - 00431616 _____ (IDT, Inc.) C:\Windows\system32\stcplx64.dll
2016-02-23 01:45 - 2010-06-17 21:10 - 00209920 _____ (IDT, Inc.) C:\Windows\system32\st646289.dll
2016-02-23 01:45 - 2010-01-20 15:55 - 00524288 _____ (Creative Technology Ltd.) C:\Windows\SysWOW64\ctapo32.dll
2016-02-23 01:43 - 2016-02-23 01:43 - 00000000 ____D C:\Users\kris\AppData\Roaming\Intel
2016-02-23 01:40 - 2016-02-23 02:12 - 00000000 ____D C:\Program Files\Intel
2016-02-23 01:40 - 2016-02-23 01:40 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel PROSet Wireless
2016-02-23 01:40 - 2016-02-23 01:40 - 00000000 ____D C:\ProgramData\Intel
2016-02-23 01:33 - 2010-03-30 11:58 - 00132648 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwavdt.sys
2016-02-23 01:33 - 2010-03-30 11:58 - 00098344 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwaudio.sys
2016-02-23 01:33 - 2010-03-30 11:58 - 00035104 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwl2cap.sys
2016-02-23 01:33 - 2010-03-30 11:58 - 00021160 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btwrchid.sys
2016-02-23 01:30 - 2016-02-23 01:30 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
2016-02-23 01:29 - 2010-06-08 10:33 - 00540696 _____ (Intel Corporation) C:\Windows\system32\Drivers\iaStor.sys
2016-02-23 01:26 - 2016-02-23 01:26 - 00000000 ____D C:\Program Files\ATI Technologies
2016-02-23 01:26 - 2016-02-23 01:26 - 00000000 ____D C:\Program Files\ATI
2016-02-23 01:21 - 2009-12-23 14:14 - 00301104 _____ (Synaptics Incorporated) C:\Windows\system32\Drivers\SynTP.sys
2016-02-23 01:21 - 2009-12-23 14:10 - 00396584 _____ (Synaptics Incorporated) C:\Windows\system32\SynCOM.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00263464 _____ (Synaptics Incorporated) C:\Windows\system32\SynCtrl.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00207144 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPAPI.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00206120 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCtrl.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00173352 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynCOM.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00147752 _____ (Synaptics Incorporated) C:\Windows\system32\SynTPCo4.dll
2016-02-23 01:21 - 2009-12-23 14:10 - 00107816 _____ (Synaptics Incorporated) C:\Windows\SysWOW64\SynTPCOM.dll
2016-02-23 01:21 - 2009-08-07 09:49 - 01721576 _____ (Microsoft Corporation) C:\Windows\system32\WdfCoInstaller01009.dll
2016-02-23 01:18 - 2016-02-23 01:18 - 00000000 ____D C:\ProgramData\Uninstall
2016-02-23 01:17 - 2016-02-23 01:17 - 00000000 ____D C:\ProgramData\Sonic
2016-02-23 01:17 - 2016-02-23 01:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Roxio
2016-02-23 01:17 - 2016-02-23 01:17 - 00000000 ____D C:\ProgramData\Macrovision
2016-02-23 01:17 - 2016-02-23 01:17 - 00000000 ____D C:\Program Files (x86)\Roxio
2016-02-23 01:17 - 2009-07-09 03:00 - 00055280 ____N (Sonic Solutions) C:\Windows\system32\Drivers\PxHlpa64.sys
2016-02-23 01:17 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdralw2k.sys
2016-02-23 01:17 - 2009-06-23 03:00 - 00010224 ____N (Sonic Solutions) C:\Windows\system32\Drivers\cdr4_xp.sys
2016-02-23 01:16 - 2016-02-23 01:16 - 00000000 ____D C:\Users\kris\Downloads\R244364_RoxioBurn_v1.01_120B16F
2016-02-23 01:16 - 2016-02-23 01:16 - 00000000 ____D C:\Users\kris\AppData\Roaming\Roxio Log Files
2016-02-23 01:08 - 2016-02-23 01:08 - 00000000 ____D C:\Users\kris\Downloads\JUL5DEM1
2016-02-23 00:39 - 2016-02-23 00:39 - 00000000 ____D C:\43f1e1a2abbab98c0307016c
2016-02-23 00:38 - 2009-09-02 06:13 - 00131072 _____ (Dell, Inc.) C:\Windows\SysWOW64\DellSPMsg.dll
2016-02-23 00:36 - 2016-02-23 01:24 - 00000000 ____D C:\ProgramData\Dell
2016-02-23 00:35 - 2016-02-23 00:35 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dell
2016-02-23 00:35 - 2016-02-23 00:35 - 00000000 ____D C:\Program Files (x86)\Dell Digital Delivery
2016-02-23 00:24 - 2016-02-23 00:24 - 00000000 ____D C:\Users\kris\Downloads\D2D5DEM1
2016-02-23 00:23 - 2016-02-23 00:23 - 00003186 _____ C:\Windows\System32\Tasks\{8CA60F3C-611C-4488-98BB-26A70D1C5215}
2016-02-23 00:22 - 2016-02-23 00:22 - 00001929 _____ C:\Users\Public\Desktop\Netwaiting.lnk
2016-02-23 00:20 - 2016-02-23 02:11 - 00000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2016-02-23 00:20 - 2016-02-23 00:20 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwaiting
2016-02-23 00:20 - 2016-02-23 00:20 - 00000000 ____D C:\Program Files (x86)\Netwaiting
2016-02-23 00:17 - 2016-02-23 00:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Modem Diagnostic Tool
2016-02-23 00:17 - 2016-02-23 00:17 - 00000000 ____D C:\Program Files\Modem Diagnostic Tool
2016-02-23 00:14 - 2016-02-23 00:15 - 33582083 _____ C:\Users\kris\Downloads\D2D5DEM1.zip
2016-02-23 00:14 - 2016-02-23 00:15 - 11166600 _____ C:\Users\kris\Downloads\R273110.exe
2016-02-23 00:14 - 2016-02-23 00:15 - 08703489 _____ C:\Users\kris\Downloads\JUL5DEM1.zip
2016-02-22 23:56 - 2016-02-23 00:11 - 136609976 _____ C:\Users\kris\Downloads\R272410.exe
2016-02-22 23:56 - 2016-02-23 00:10 - 98537904 _____ C:\Users\kris\Downloads\R284575.exe
2016-02-22 23:56 - 2016-02-23 00:09 - 85261200 _____ C:\Users\kris\Downloads\R252544.exe
2016-02-22 23:56 - 2016-02-23 00:05 - 41835256 _____ C:\Users\kris\Downloads\R285472.exe
2016-02-22 23:56 - 2016-02-23 00:04 - 46720432 _____ C:\Users\kris\Downloads\R234469.exe
2016-02-22 23:56 - 2016-02-22 23:59 - 16942792 _____ (Dell, Inc.) C:\Users\kris\Downloads\DSS_UTIL_WIN_R260746.EXE
2016-02-22 23:56 - 2016-02-22 23:56 - 05724320 _____ C:\Users\kris\Downloads\R257292.exe
2016-02-22 23:41 - 2016-02-22 23:43 - 11496144 _____ C:\Users\kris\Downloads\R247430.exe
2016-02-22 23:37 - 2016-02-22 23:52 - 83806424 _____ C:\Users\kris\Downloads\R258276.exe
2016-02-22 23:37 - 2016-02-22 23:52 - 64910792 _____ C:\Users\kris\Downloads\R226746.exe
2016-02-22 23:37 - 2016-02-22 23:52 - 62546664 _____ C:\Users\kris\Downloads\R273948.exe
2016-02-22 23:37 - 2016-02-22 23:48 - 51209088 _____ C:\Users\kris\Downloads\R279550.exe
2016-02-22 23:37 - 2016-02-22 23:48 - 49101440 _____ C:\Users\kris\Downloads\R252283.exe
2016-02-22 23:37 - 2016-02-22 23:41 - 31538832 _____ C:\Users\kris\Downloads\R257288.exe
2016-02-22 23:37 - 2016-02-22 23:37 - 01391728 _____ C:\Users\kris\Downloads\CONEXANT_D400-USB-MODEM_2M98F_A01_SETUP_ZPE.exe
2016-02-22 23:35 - 2016-02-22 23:37 - 18253264 _____ C:\Users\kris\Downloads\R257298.exe
2016-02-22 23:35 - 2016-02-22 23:37 - 06645936 _____ C:\Users\kris\Downloads\CONEXANT_D400-USB-MODEM_J6N4K_A02_SETUP_ZPE.exe
2016-02-22 23:35 - 2016-02-22 23:35 - 02001656 _____ C:\Users\kris\Downloads\CONEXANT_D400-USB-MODEM_RY5VP_A02_SETUP_ZPE.exe
2016-02-22 23:34 - 2016-02-22 23:37 - 26791544 _____ C:\Users\kris\Downloads\R280657.exe
2016-02-22 23:34 - 2016-02-22 23:36 - 19729279 _____ C:\Users\kris\Downloads\R244364_RoxioBurn_v1.01_120B16F.zip
2016-02-22 23:34 - 2016-02-22 23:36 - 09888392 _____ C:\Users\kris\Downloads\R294101.exe
2016-02-22 23:34 - 2016-02-22 23:36 - 06435024 _____ C:\Users\kris\Downloads\R283061.exe
2016-02-22 23:34 - 2016-02-22 23:35 - 02534016 _____ C:\Users\kris\Downloads\R257260.exe
2016-02-22 23:34 - 2016-02-22 23:35 - 01237664 _____ C:\Users\kris\Downloads\R275031.exe
2016-02-22 23:34 - 2016-02-22 23:34 - 03752592 _____ C:\Users\kris\Downloads\R257296.exe
2016-02-22 23:34 - 2016-02-22 23:34 - 00979920 _____ C:\Users\kris\Downloads\DELL_DELL-DIGITAL-DELIVERY_A06_R318926_ZPE.exe
2016-02-22 23:27 - 2016-02-22 23:27 - 00000000 ____D C:\Users\kris\Downloads\Нова папка (2)
2016-02-22 22:56 - 2016-02-23 16:56 - 00000024 _____ C:\Users\kris\Desktop\Нов текстов документ.txt
2016-02-22 22:51 - 2016-02-22 22:51 - 00000926 _____ C:\Users\kris\Desktop\HD Tune.lnk
2016-02-22 22:51 - 2016-02-22 22:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HD Tune
2016-02-22 22:51 - 2016-02-22 22:51 - 00000000 ____D C:\Program Files (x86)\HD Tune
2016-02-22 22:32 - 2016-02-22 22:44 - 00000000 ____D C:\ProgramData\HitmanPro
2016-02-22 22:32 - 2016-02-22 22:32 - 00001877 _____ C:\Users\Public\Desktop\HitmanPro.lnk
2016-02-22 22:32 - 2016-02-22 22:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HitmanPro
2016-02-22 22:32 - 2016-02-22 22:32 - 00000000 ____D C:\Program Files\HitmanPro
2016-02-22 22:30 - 2016-02-23 21:26 - 00000295 _____ C:\DelFix.txt
2016-02-22 21:53 - 2016-02-22 22:13 - 00000000 ____D C:\Users\kris\AppData\Roaming\ZHP
2016-02-22 20:44 - 2016-02-22 20:44 - 00000000 ____D C:\Program Files\DIFX
2016-02-22 20:40 - 2010-03-30 11:58 - 00053800 _____ (Broadcom Corporation.) C:\Windows\system32\Drivers\btusbflt.sys
2016-02-22 20:39 - 2016-02-22 20:39 - 00000000 ____D C:\Users\kris\Documents\Bluetooth Exchange Folder
2016-02-22 20:32 - 2016-02-22 20:32 - 00000000 ____D C:\Program Files\WIDCOMM
2016-02-22 20:17 - 2016-02-22 20:19 - 00000000 ____D C:\Users\kris\Downloads\оьаяо
2016-02-22 20:13 - 2016-02-22 20:13 - 00000000 ____D C:\Users\kris\AppData\Roaming\Sun
2016-02-22 20:11 - 2016-02-22 20:11 - 00000000 ____D C:\Users\kris\AppData\LocalLow\Sun
2016-02-22 20:11 - 2016-02-22 20:11 - 00000000 ____D C:\ProgramData\Oracle
2016-02-22 20:09 - 2016-02-22 20:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-02-22 20:09 - 2016-02-22 20:09 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-02-22 20:09 - 2016-02-22 20:09 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-02-22 18:39 - 2016-02-22 19:58 - 00765700 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2016-02-22 18:13 - 2016-02-22 18:13 - 00000000 ____D C:\Users\Default\AppData\Roaming\Macromedia
2016-02-22 18:13 - 2016-02-22 18:13 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Macromedia
2016-02-22 18:13 - 2016-02-22 18:13 - 00000000 ____D C:\ProgramData\Adobe
2016-02-22 18:13 - 2016-02-22 18:13 - 00000000 ____D C:\Program Files (x86)\Adobe
2016-02-22 18:00 - 2016-02-23 23:06 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
2016-02-22 18:00 - 2016-02-22 18:25 - 00801984 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2016-02-22 18:00 - 2016-02-22 18:25 - 00143040 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2016-02-22 18:00 - 2016-02-22 18:25 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
2016-02-22 18:00 - 2016-02-22 18:00 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2016-02-22 18:00 - 2016-02-22 18:00 - 00000000 ____D C:\Windows\system32\Macromed
2016-02-22 17:51 - 2016-02-22 17:51 - 00000000 ____D C:\Users\kris\Downloads\Нова папка
2016-02-22 17:06 - 2016-02-22 17:07 - 00000000 ____D C:\220924db61d608694ecb49
2016-02-22 15:48 - 2016-02-22 15:48 - 00000000 ____D C:\9318bd42e8a8e7264437e499
2016-02-22 15:44 - 2016-02-22 15:44 - 00000000 ____D C:\Windows\system32\appmgmt
2016-02-21 23:50 - 2016-02-21 23:50 - 00002117 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Security Essentials.lnk
2016-02-21 23:50 - 2016-02-21 23:50 - 00001945 _____ C:\Windows\epplauncher.mif
2016-02-21 23:50 - 2016-02-21 23:50 - 00000000 ____D C:\Program Files (x86)\Microsoft Security Client
2016-02-21 23:49 - 2016-02-21 23:50 - 00000000 ____D C:\Program Files\Microsoft Security Client
2016-02-21 21:01 - 2016-02-21 21:01 - 00000000 ____D C:\Riot Games
2016-02-21 20:42 - 2016-02-21 20:42 - 00274320 _____ C:\Windows\system32\FNTCACHE.DAT
2016-02-21 20:25 - 2016-02-21 20:25 - 00027552 _____ (REALiX(tm)) C:\Windows\system32\Drivers\HWiNFO64A.SYS
2016-02-21 20:21 - 2016-02-21 20:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HWiNFO64
2016-02-21 20:21 - 2016-02-21 20:21 - 00000000 ____D C:\Program Files\HWiNFO64
2016-02-21 20:16 - 2016-02-21 20:16 - 00000000 ____D C:\Users\kris\AppData\Roaming\AVG
2016-02-21 20:15 - 2016-02-21 20:15 - 00000000 ____D C:\Users\kris\AppData\Roaming\TuneUp Software
2016-02-21 20:10 - 2016-02-21 23:46 - 00000000 ____D C:\ProgramData\MFAData
2016-02-21 20:10 - 2016-02-21 20:10 - 00000000 ____D C:\Users\kris\AppData\Local\MFAData
2016-02-21 20:09 - 2016-02-21 23:46 - 00000000 ____D C:\ProgramData\Avg
2016-02-21 19:58 - 2016-02-23 02:27 - 00007597 _____ C:\Users\kris\AppData\Local\Resmon.ResmonCfg
2016-02-21 18:40 - 2016-02-21 23:44 - 00000000 ____D C:\Windows\System32\Tasks\WiseCleaner
2016-02-21 18:33 - 2016-02-21 23:44 - 00000000 ____D C:\Program Files (x86)\Wise
2016-02-21 18:33 - 2016-02-21 18:33 - 00014800 _____ (wisecleaner.com) C:\Windows\WiseHDInfo64.dll
2016-02-19 18:48 - 2016-02-19 18:48 - 00000000 ____D C:\87c33ba72a29d67d55e93277b3caf22e
2016-02-19 18:47 - 2016-02-19 18:47 - 00000000 ____D C:\ProgramData\Package Cache
2016-02-19 18:31 - 2016-02-19 18:31 - 00000000 ____D C:\Users\kris\Documents\League of Legends
2016-02-19 17:49 - 2016-02-19 17:49 - 00000000 ____D C:\Users\kris\AppData\Roaming\Macromedia
2016-02-19 17:48 - 2016-02-22 18:13 - 00000000 ____D C:\Users\kris\AppData\Roaming\Adobe
2016-02-19 17:48 - 2016-02-19 17:48 - 00000000 ____D C:\Users\kris\AppData\Roaming\LolClient
2016-02-19 15:25 - 2016-02-19 15:25 - 00000000 ____D C:\ProgramData\Riot Games
2016-02-19 15:23 - 2008-07-31 10:41 - 00068616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAPOFX1_1.dll
2016-02-19 15:23 - 2008-07-31 10:40 - 00509448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XAudio2_2.dll
2016-02-19 15:23 - 2008-07-12 08:18 - 03851784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DX9_39.dll
2016-02-19 15:23 - 2008-07-12 08:18 - 01493528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_39.dll
2016-02-19 15:23 - 2008-07-12 08:18 - 00467984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3dx10_39.dll
2016-02-19 15:19 - 2016-02-21 21:01 - 00000000 ____D C:\Users\kris\AppData\Roaming\Riot Games
2016-02-19 15:07 - 2016-02-19 15:07 - 00002282 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2016-02-19 15:07 - 2016-02-19 15:07 - 00002253 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2016-02-19 15:06 - 2016-02-23 23:11 - 00000994 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2016-02-19 15:06 - 2016-02-23 16:21 - 00000990 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2016-02-19 15:06 - 2016-02-19 15:07 - 00000000 ____D C:\Program Files (x86)\Google
2016-02-19 15:06 - 2016-02-19 15:06 - 00003990 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2016-02-19 15:06 - 2016-02-19 15:06 - 00003738 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2016-02-19 15:05 - 2016-02-19 19:14 - 00000000 ____D C:\Users\kris\AppData\Local\Google
2016-02-19 15:00 - 2016-02-22 20:59 - 00015762 _____ C:\Windows\system32\results.xml
2016-02-19 14:57 - 2016-02-23 02:06 - 00000000 ____D C:\Program Files (x86)\Intel
2016-02-19 14:57 - 2016-02-23 01:40 - 00000000 ____D C:\Program Files\Common Files\Intel
2016-02-19 14:56 - 2016-02-19 14:56 - 00000000 ____D C:\Intel
2016-02-19 14:56 - 2010-09-07 19:59 - 03156504 _____ (Intel Corporation) C:\Windows\system32\GfxUI.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00508952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00415256 _____ (Intel Corporation) C:\Windows\system32\igfxpers.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00386584 _____ (Intel Corporation) C:\Windows\system32\hkcmd.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00223768 _____ (Intel Corporation) C:\Windows\system32\igfxext.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00161304 _____ (Intel Corporation) C:\Windows\system32\igfxtray.exe
2016-02-19 14:56 - 2010-09-07 19:59 - 00152600 _____ C:\Windows\system32\difx64.exe
2016-02-19 14:55 - 2010-08-30 11:17 - 00289280 _____ (Intel(R) Corporation) C:\Windows\system32\Drivers\IntcDAud.sys
2016-02-19 14:55 - 2010-08-30 11:17 - 00014848 _____ (Intel(R) Corporation) C:\Windows\system32\IntcDAuC.dll
2016-02-19 14:55 - 2010-08-25 19:58 - 00005396 _____ C:\Windows\system32\iglhxs64.vp
2016-02-19 14:55 - 2010-08-25 19:40 - 00090112 _____ (Intel Corporation) C:\Windows\system32\igfxCoIn_v2202.dll
2016-02-19 14:55 - 2010-08-25 19:36 - 10611552 _____ (Intel Corporation) C:\Windows\system32\Drivers\igdkmd64.sys
2016-02-19 14:55 - 2010-08-25 19:36 - 06547968 _____ (Intel Corporation) C:\Windows\system32\igdumd64.dll
2016-02-19 14:55 - 2010-08-25 19:34 - 00870560 _____ C:\Windows\SysWOW64\igkrng575.bin
2016-02-19 14:55 - 2010-08-25 19:34 - 00870560 _____ C:\Windows\system32\igkrng575.bin
2016-02-19 14:55 - 2010-08-25 19:34 - 00127868 _____ C:\Windows\SysWOW64\igcompkrng575.bin
2016-02-19 14:55 - 2010-08-25 19:34 - 00127868 _____ C:\Windows\system32\igcompkrng575.bin
2016-02-19 14:55 - 2010-08-25 19:34 - 00104796 _____ C:\Windows\SysWOW64\igfcg575m.bin
2016-02-19 14:55 - 2010-08-25 19:34 - 00104796 _____ C:\Windows\system32\igfcg575m.bin
2016-02-19 14:55 - 2010-08-25 19:31 - 04967424 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumd32.dll
2016-02-19 14:55 - 2010-08-25 19:28 - 00571904 _____ (Intel Corporation) C:\Windows\SysWOW64\igdumdx32.dll
2016-02-19 14:55 - 2010-08-25 19:26 - 04720128 _____ (Intel Corporation) C:\Windows\system32\igd10umd64.dll
2016-02-19 14:55 - 2010-08-25 19:23 - 04411904 _____ (Intel Corporation) C:\Windows\SysWOW64\igd10umd32.dll
2016-02-19 14:55 - 2010-08-25 19:17 - 15032832 _____ (Intel Corporation) C:\Windows\system32\ig4icd64.dll
2016-02-19 14:55 - 2010-08-25 19:09 - 11040256 _____ (Intel Corporation) C:\Windows\SysWOW64\ig4icd32.dll
2016-02-19 14:55 - 2010-08-25 19:05 - 00189408 _____ C:\Windows\system32\Gfxres.th-TH.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00178288 _____ C:\Windows\system32\Gfxres.el-GR.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00165251 _____ C:\Windows\system32\Gfxres.ru-RU.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00139830 _____ C:\Windows\system32\Gfxres.ar-SA.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00136327 _____ C:\Windows\system32\Gfxres.ja-JP.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00133680 _____ C:\Windows\system32\Gfxres.he-IL.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00125477 _____ C:\Windows\system32\Gfxres.it-IT.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00123164 _____ C:\Windows\system32\Gfxres.ko-KR.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00122858 _____ C:\Windows\system32\Gfxres.es-ES.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00122638 _____ C:\Windows\system32\Gfxres.de-DE.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00122368 _____ (Intel Corporation) C:\Windows\system32\igfxcpl.cpl
2016-02-19 14:55 - 2010-08-25 19:05 - 00121121 _____ C:\Windows\system32\Gfxres.tr-TR.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00120695 _____ C:\Windows\system32\Gfxres.fr-FR.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00120287 _____ C:\Windows\system32\Gfxres.pt-BR.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00119533 _____ C:\Windows\system32\Gfxres.hu-HU.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00119513 _____ C:\Windows\system32\Gfxres.nl-NL.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00119286 _____ C:\Windows\system32\Gfxres.sv-SE.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00118997 _____ C:\Windows\system32\Gfxres.pt-PT.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00118684 _____ C:\Windows\system32\Gfxres.cs-CZ.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00118631 _____ C:\Windows\system32\Gfxres.fi-FI.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00118317 _____ C:\Windows\system32\Gfxres.pl-PL.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00117984 _____ C:\Windows\system32\Gfxres.sk-SK.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00114779 _____ C:\Windows\system32\Gfxres.nb-NO.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00114308 _____ C:\Windows\system32\Gfxres.sl-SI.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00114179 _____ C:\Windows\system32\Gfxres.da-DK.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00110156 _____ C:\Windows\system32\Gfxres.en-US.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00103997 _____ C:\Windows\system32\Gfxres.zh-TW.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00102843 _____ C:\Windows\system32\Gfxres.zh-CN.resources
2016-02-19 14:55 - 2010-08-25 19:05 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrfra.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxresn.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088576 _____ (Intel Corporation) C:\Windows\system32\igfxrell.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrsky.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrrus.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrptg.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrplk.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrnld.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrita.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00088064 _____ (Intel Corporation) C:\Windows\system32\igfxrdeu.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrtrk.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrsve.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrslv.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrptb.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrnor.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrhun.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrfin.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrcsy.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrtha.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00087040 _____ (Intel Corporation) C:\Windows\system32\igfxrdan.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrheb.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00086528 _____ (Intel Corporation) C:\Windows\system32\igfxrara.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrkor.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00084992 _____ (Intel Corporation) C:\Windows\system32\igfxrjpn.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrcht.lrc
2016-02-19 14:55 - 2010-08-25 19:05 - 00083968 _____ (Intel Corporation) C:\Windows\system32\igfxrchs.lrc
2016-02-19 14:55 - 2010-08-25 19:04 - 00380416 _____ (Intel Corporation) C:\Windows\system32\igfxTMM.dll
2016-02-19 14:55 - 2010-08-25 19:04 - 00243200 _____ (Intel Corporation) C:\Windows\system32\igfxpph.dll
2016-02-19 14:55 - 2010-08-25 19:04 - 00108032 _____ (Intel Corporation) C:\Windows\system32\hccutils.dll
2016-02-19 14:55 - 2010-08-25 19:04 - 00061952 _____ (Intel Corporation) C:\Windows\system32\igfxsrvc.dll
2016-02-19 14:55 - 2010-08-25 19:04 - 00027648 _____ (Intel Corporation) C:\Windows\system32\igfxexps.dll
2016-02-19 14:55 - 2010-08-25 19:03 - 00830464 _____ (Intel Corporation) C:\Windows\system32\igfxress.dll
2016-02-19 14:55 - 2010-08-25 19:03 - 00271360 _____ (Intel Corporation) C:\Windows\system32\igfxdev.dll
2016-02-19 14:55 - 2010-08-25 19:03 - 00142336 _____ (Intel Corporation) C:\Windows\system32\igfxdo.dll
2016-02-19 14:55 - 2010-08-25 19:03 - 00119808 _____ (Intel Corporation) C:\Windows\system32\gfxSrvc.dll
2016-02-19 14:55 - 2010-08-25 19:03 - 00087552 _____ (Intel Corporation) C:\Windows\system32\igfxrenu.lrc
2016-02-19 14:55 - 2010-08-25 19:03 - 00004096 _____ ( ) C:\Windows\system32\IGFXDEVLib.dll
2016-02-19 14:55 - 2010-08-25 19:00 - 00023552 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxexps32.dll
2016-02-19 14:55 - 2010-08-25 18:59 - 00228864 _____ (Intel Corporation) C:\Windows\SysWOW64\igfxdv32.dll
2016-02-19 14:55 - 2010-08-25 18:57 - 00000151 _____ C:\Windows\system32\GfxUI.exe.config
2016-02-19 14:55 - 2010-08-25 18:52 - 01991936 _____ C:\Windows\system32\iglhxa64.cpa
2016-02-19 14:55 - 2010-08-25 18:52 - 00208896 _____ C:\Windows\SysWOW64\iglhsip32.dll
2016-02-19 14:55 - 2010-08-25 18:52 - 00205824 _____ C:\Windows\system32\iglhsip64.dll
2016-02-19 14:55 - 2010-08-25 18:52 - 00187392 _____ C:\Windows\system32\iglhcp64.dll
2016-02-19 14:55 - 2010-08-25 18:52 - 00143360 _____ C:\Windows\SysWOW64\iglhcp32.dll
2016-02-19 14:55 - 2010-08-25 18:52 - 00060254 _____ C:\Windows\system32\iglhxg64.vp
2016-02-19 14:55 - 2010-08-25 18:52 - 00060226 _____ C:\Windows\system32\iglhxc64.vp
2016-02-19 14:55 - 2010-08-25 18:52 - 00060015 _____ C:\Windows\system32\iglhxo64.vp
2016-02-19 14:55 - 2010-08-25 18:52 - 00001090 _____ C:\Windows\system32\iglhxa64.vp
2016-02-19 14:55 - 2010-02-26 23:32 - 00158976 _____ (Intel Corporation) C:\Windows\system32\Drivers\Impcd.sys
2016-02-19 14:52 - 2014-05-14 18:23 - 02477536 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2016-02-19 14:52 - 2014-05-14 18:23 - 00700384 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2016-02-19 14:52 - 2014-05-14 18:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2016-02-19 14:52 - 2014-05-14 18:23 - 00058336 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2016-02-19 14:52 - 2014-05-14 18:23 - 00044512 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2016-02-19 14:52 - 2014-05-14 18:23 - 00038880 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2016-02-19 14:52 - 2014-05-14 18:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2016-02-19 14:52 - 2014-05-14 18:21 - 02620928 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2016-02-19 14:52 - 2014-05-14 18:20 - 00097792 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2016-02-19 14:52 - 2014-05-14 18:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2016-02-19 14:52 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2016-02-19 14:52 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2016-02-19 14:52 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2016-02-19 14:52 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2016-02-19 14:50 - 2016-02-19 14:51 - 00000000 ____D C:\Program Files (x86)\Cisco
2016-02-19 14:48 - 2016-02-23 02:16 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DW WLAN
2016-02-19 14:47 - 2010-02-02 14:13 - 01089024 _____ (Dell Inc.) C:\Windows\system32\BCMLogon.dll
2016-02-19 14:46 - 2016-02-23 01:24 - 00000000 ____D C:\Program Files\Dell
2016-02-19 14:46 - 2010-02-02 14:13 - 08075776 _____ (Dell Inc.) C:\Windows\system32\BCMWLCPL.CPL
2016-02-19 14:46 - 2010-02-02 14:13 - 04961800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vcredist_x64.exe
2016-02-19 14:46 - 2010-02-02 14:13 - 04750848 _____ (Dell Inc.) C:\Windows\system32\bcmttls.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 03891200 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvsrv64.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 03555840 _____ (Broadcom Corporation) C:\Windows\system32\bcmihvui64.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 03161088 _____ (Microsoft Corporation) C:\Windows\system32\vcredist_x64.exe
2016-02-19 14:46 - 2010-02-02 14:13 - 03058168 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\BCMWL664.SYS
2016-02-19 14:46 - 2010-02-02 14:13 - 00095472 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlcoi.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 00073728 _____ (Broadcom Corporation) C:\Windows\system32\wltrynt.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 00060928 _____ (Broadcom Corporation) C:\Windows\system32\bcmwlrmt.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 00047632 _____ (CACE Technologies, Inc.) C:\Windows\system32\Drivers\npf.sys
2016-02-19 14:46 - 2010-02-02 14:13 - 00022520 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcm42rly.sys
2016-02-19 14:46 - 2010-02-02 14:13 - 00006656 _____ C:\Windows\system32\bcmwlrc.dll
2016-02-19 14:46 - 2010-02-02 14:13 - 00000459 _____ C:\Windows\SysWOW64\vcredist_x64.bat
2016-02-19 14:46 - 2010-02-02 14:13 - 00000457 _____ C:\Windows\system32\vcredist_x64.bat
2016-02-19 14:30 - 2016-02-23 00:38 - 00000000 ____D C:\Dell
2016-02-19 14:30 - 2010-02-02 14:13 - 00020984 _____ (Broadcom Corporation) C:\Windows\system32\Drivers\bcmvwl64.sys
2016-02-19 14:28 - 2016-02-19 14:28 - 00001427 _____ C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2016-02-19 14:28 - 2016-02-19 14:28 - 00001393 _____ C:\Users\kris\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
2016-02-19 14:27 - 2016-02-19 14:28 - 00000000 ____D C:\Users\kris
2016-02-19 14:27 - 2016-02-19 14:27 - 00000020 ___SH C:\Users\kris\ntuser.ini
2016-02-19 14:27 - 2016-02-19 14:27 - 00000000 ____D C:\Users\kris\AppData\Local\VirtualStore
2016-02-19 14:27 - 2011-04-12 10:34 - 00000000 ____D C:\Users\kris\AppData\Roaming\Media Center Programs
2016-02-19 14:22 - 2016-02-19 14:22 - 00001345 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
2016-02-19 14:22 - 2016-02-19 14:22 - 00001326 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
2016-02-19 14:20 - 2016-02-19 14:20 - 00000000 ____H C:\Windows\system32\Drivers\Msft_User_WpdFs_01_09_00.Wdf
2016-02-19 14:15 - 2016-02-21 18:44 - 00000000 ____D C:\Windows\Panther
2016-02-19 14:15 - 2016-02-19 14:15 - 00008192 __RSH C:\BOOTSECT.BAK
2016-02-19 14:15 - 2010-11-21 05:23 - 00383786 __RSH C:\bootmgr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-02-23 23:06 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2016-02-23 23:06 - 2009-07-14 06:45 - 00016640 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2016-02-23 16:10 - 2009-07-14 07:13 - 00781298 _____ C:\Windows\system32\PerfStringBackup.INI
2016-02-23 16:10 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\inf
2016-02-23 16:06 - 2009-07-14 07:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2016-02-23 02:18 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\Help
2016-02-23 02:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lv-LV
2016-02-23 02:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\lt-LT
2016-02-23 02:15 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\et-EE
2016-02-23 01:27 - 2009-07-14 05:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
2016-02-21 18:44 - 2009-07-14 07:32 - 00000000 ____D C:\Windows\Downloaded Program Files
2016-02-20 19:29 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\rescache
2016-02-19 14:22 - 2009-07-14 07:32 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2016-02-19 14:22 - 2009-07-14 05:20 - 00000000 ____D C:\Windows\system32\sysprep
2016-02-19 14:17 - 2011-04-12 10:34 - 00000000 ____D C:\Windows\CSC
2016-02-19 14:15 - 2009-07-14 07:32 - 00028672 _____ C:\Windows\system32\config\BCD-Template

==================== Files in the root of some directories =======

2016-02-21 19:58 - 2016-02-23 02:27 - 0007597 _____ () C:\Users\kris\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-02-22 13:40

==================== End of FRST.txt ============================

 

 

 

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Явно при вас разковничето е проблем с Windows Update. Нека да видим какво можем да направим по въпроса.

 

СТЪПКА 1

 

Проверете дяла и за грешки и лоши сектори и да поправим някои от проблемите с файловата система.

В полето за търсене CMD => кликнете върху файла CMD.exe и изберете Run as administrator => въведете командата: chkdsk c: /x /f /r => натиснете Enter

Съгласете се с Y на диалоговия прозорец. Рестартирайте компютъра и би трябвало проверката да започне.След това вижте какви са били резултатите.

Рапорта от проверката ще намерите тук: В полето за търсене въведете eventvwr.msc => Аpplications => събитие WinInit Event ID 1001. Kопирайте рапорта в следващия си пост.

Ето как да намерите лог файла.

Ако с командата ви е трудно просто отворете My Computer => кликнете с десен бутон на дял C:\ и изберете Properties => отидете на Tools => Check Now... => сложете двете отметки и натиснете бутона Start. Рестартирайте системата и изчакайте проверката да приключи (може да мине над час). След това проверете отново и публикувайте лог файла от последната дата.

 

СТЪПКА 2

 

Тъй като видях и системни файлове, които не минават цифровата проверка нека да видим какво е положението и при тях:

В полето за търсене на Windows въведете CMD => кликнете с десен бутон върху CMD.exe и изберете Run as administrator.

След това с копи/пейст изпълнете една по една командите и след всяка натиснете Enter

sfc /scannow

findstr /c:"[SR]" %windir%\Logs\CBS\CBS.log >"%userprofile%\Desktop\sfcdetails.txt"

Сега трябва да се появи sfcdetails.txt на десктопа. Прикачете файла, който ще се появи на десктопа - sfcdetails.txt в следващия си коментар и пишете дали има промяна.

 

СТЪПКА 3

 

Изтеглете и стартирайте файла SFCFix.exe.с десен клик на мишката => Run as administraror.

Следвайте инструкциите, които ще се появят подканващи ви да натиснете произволен клавиш от клавиатурата.

Ако ви поиска инсталационния диск на места, го поставете в оптичното устройство преди да натиснете ОК.

Публикувайте лог файла, който ще се появи.

 

Това е засега!

Поздрави! ;)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 13 часа, B-boy/StyLe/ написа:

 

Здравей, от 1ва стъпка нищо не стана защото, и 2та варианта пробвах за проверка от CMD и от My computer но като го рестартирам и изписва, че проверката е отменена WTFF :D:(

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пусни първа стъпка вместо chkdsk c: /x /f /r:

chkdsk c:

и после

echo y|chkdsk c: /x /f /r & shutdown /r /t 000 /d p:1:1

Системата ще саморестартира.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря стана :D. В момента проверява. После когато търся файла пак по насоките на колегата ти ли ? :)


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

След изпълнението на втората команда.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 8 минути, ExaFlop написа:

След изпълнението на втората команда.

Да разбирам че 1во трябва да изпълня chkdsk c:   и да рестартирам и после echo.... Или и двете и после рестарт и тогава да търся файла

Редактирано от Flinty (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Дотук добре проверката приключи, но немога да намеря файла. Пробвах през eventviewer но или съм сляп или не го намирам :D

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете следния инструмент ListChkdskResult.exe от SleepyDude и го запазете на вашия десктоп.

Стартирайте инструмента с двукратен клик на мишката върху ListChkdskResult.exe.

Сканирането ще отнеме няколко секунди за да завърши и след това ще се отвори текстов файл с резултатите от проверката.

Копирайте резултатите в следващия си коментар.

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
на 24.02.2016 г. at 2:20, B-boy/StyLe/ написа:

 

Ето лога 

 

ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

------< Log generate on 25.2.2016 г. 12:05:09 >------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7242
Source Name: Chkdsk
Time Written: 02-24-2016 @ 16:29:49
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276772 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 8 unused index entries from index $SII of file 0x9.
Cleaning up 8 unused index entries from index $SDH of file 0x9.
Cleaning up 8 unused security descriptors.
Security descriptor verification completed.
  26131 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35194920 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31703236 KB in 146617 files.
    113704 KB in 26132 indexes.
         0 KB in bad sectors.
    328907 KB in use by the system.
     65536 KB occupied by the log file.
  70151752 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17537938 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7212
Source Name: Chkdsk
Time Written: 02-24-2016 @ 15:53:32
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276768 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 7 unused index entries from index $SII of file 0x9.
Cleaning up 7 unused index entries from index $SDH of file 0x9.
Cleaning up 7 unused security descriptors.
Security descriptor verification completed.
  26129 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35033304 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31588456 KB in 146608 files.
    113692 KB in 26130 indexes.
         0 KB in bad sectors.
    328903 KB in use by the system.
     65536 KB occupied by the log file.
  70266548 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17566637 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7183
Source Name: Chkdsk
Time Written: 02-24-2016 @ 15:41:44
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276764 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 6 unused index entries from index $SII of file 0x9.
Cleaning up 6 unused index entries from index $SDH of file 0x9.
Cleaning up 6 unused security descriptors.
Security descriptor verification completed.
  26127 data files processed.                                          
CHKDSK is verifying Usn Journal...
  34875296 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31662464 KB in 146595 files.
    113692 KB in 26128 indexes.
         0 KB in bad sectors.
    328903 KB in use by the system.
     65536 KB occupied by the log file.
  70192540 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17548135 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 1001
Record Number: 7133
Source Name: Microsoft-Windows-Wininit
Time Written: 02-24-2016 @ 14:23:45
Event Type: Information
User: 
Message: 

Checking file system on C:
The type of the file system is NTFS.


One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 23946.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
The file reference 0x500000001313f of index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db in index $I30 of file 608.
The file reference 0x500000001313f of index entry {AFBF9~3.DB of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9~3.DB in index $I30 of file 608.
  276750 index entries processed.                                        
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
  2 unindexed files scanned.                                        
Recovering orphaned file {AFBF9~2.DB (168340) into directory file 608.
Recovering orphaned file {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000005.db (168340) into directory file 608.
CHKDSK is recovering remaining unindexed files.
  1 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 125 unused index entries from index $SII of file 0x9.
Cleaning up 125 unused index entries from index $SDH of file 0x9.
Cleaning up 125 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 23946.
  26121 data files processed.                                          
CHKDSK is verifying Usn Journal...
The remaining of an USN page at offset 0x2a514860 in file 0xe856
should be filled with zeros.
Repairing Usn Journal file record segment.
  34568296 USN bytes processed.                                            
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 102297599 KB total disk space.
  31342372 KB in 146562 files.
    113688 KB in 26122 indexes.
         0 KB in bad sectors.
    328391 KB in use by the system.
     65536 KB occupied by the log file.
  70513148 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17628287 allocation units available on disk.

Internal Info:
00 6d 03 00 97 a2 02 00 2c 2b 05 00 00 00 00 00  .m......,+......
07 3c 00 00 1f 00 00 00 00 00 00 00 00 00 00 00  .<..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26213
Record Number: 7126
Source Name: Chkdsk
Time Written: 02-24-2016 @ 14:14:10
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode.  A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.  

Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.

Attribute record (128, "") from file record segment 23946
is corrupt.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  

Errors found.  CHKDSK cannot continue in read-only mode.

-----------------------------------------------------------------------
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За съжаление са се изпълнили само 3-те фази на проверка без последните две фази в които се проверява за лоши сектори.

Пробвайте отново по следния начин:

Oтворете My Computer => кликнете с десен бутон на дял C:\ и изберете Properties => отидете на Tools => Check Now... => сложете двете отметки и натиснете бутона Start. Рестартирайте системата и изчакайте проверката да приключи (може да мине над час). След това проверете отново и публикувайте лог файла от последната дата.

Ако пак не се получи, но имате инсталационен диск с Windows тогава направете следното.

  • Сложете инсталационния диск в DVD устройството, рестартирайте компютъра, натиснете press any key to boot from cd or dvd.

press-any-key.jpg

  • Изберете английски език и натиснете Next.

setup-language-options.jpg

  • Натиснете Repair your Computer

setup-screen.jpg

  • Натиснете просто Next на снимката отдолу:

system-recovery-options.jpg

  • Изберете Command Prompt.

system-recovery-options.jpg

  • въведете командата chkdsk c: /x /f /r и натиснете Enter (Забележка: заменете буквата c: с тази на която е инсталирана Операционната Система. Под Recovery Environment среда тя ще е различна от c:\. На горната снимка забележете реда => Operating system: Windows 7 on (E:) Local Disk. Вижте при вас коя буква ви дава за системна и използвайте нея в командата).
  • Рестартирайте системата и публикувайте резултатите.

Поздрави!

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Значи проверката отново се самоотмени :D Имам усб със уин как да процедирам ? 

 

P.S.- Да добавя че уин се опитва да се актуализира но неуспешно...изтегля актуализациите всичко...и когато го рестартирам за да може да ги инсталира просто забива на екрана ИНСТАЛИРАНЕ НА АКТУАЛИЗАЦИИ....и до тамм чаках го около час но така и не вдигна 1 % :D

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

По същия начин просто вместо DVD-то направете USB-то да е първото стартиращо устройство в БИОС-а и изпълнете проверката под RE среда.

Колкото до проблема с Windows Update на мен ми е известно, че имате проблеми с него (прочел съм и другата ви тема) и тези стъпки са насочени именно към поправянето му. Ако има проблем с диска или прецакани системни файлове в следствие на лоши сектори е напълно нормално да не работи, както трябва Windows Update и не само той.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

А лога къде да го намеря, пак евънтвиеуер или другаде.

 

P.s.-Дано да има надежда сега проверява 5 процедури а не като преди 3. :D

Редактирано от Flinty (преглед на промените)
  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Log Name:      Application
Source:        Microsoft-Windows-Wininit
Date:          24.2.2016 г. 16:23:45 ч.
Event ID:      1001
Task Category: None
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      kris-PC
Description:


Checking file system on C:
The type of the file system is NTFS.


One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 23946.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
The file reference 0x500000001313f of index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db in index $I30 of file 608.
The file reference 0x500000001313f of index entry {AFBF9~3.DB of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9~3.DB in index $I30 of file 608.
  276750 index entries processed.                                        
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
  2 unindexed files scanned.                                        
Recovering orphaned file {AFBF9~2.DB (168340) into directory file 608.
Recovering orphaned file {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000005.db (168340) into directory file 608.
CHKDSK is recovering remaining unindexed files.
  1 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 125 unused index entries from index $SII of file 0x9.
Cleaning up 125 unused index entries from index $SDH of file 0x9.
Cleaning up 125 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 23946.
  26121 data files processed.                                          
CHKDSK is verifying Usn Journal...
The remaining of an USN page at offset 0x2a514860 in file 0xe856
should be filled with zeros.
Repairing Usn Journal file record segment.
  34568296 USN bytes processed.                                            
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 102297599 KB total disk space.
  31342372 KB in 146562 files.
    113688 KB in 26122 indexes.
         0 KB in bad sectors.
    328391 KB in use by the system.
     65536 KB occupied by the log file.
  70513148 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17628287 allocation units available on disk.

Internal Info:
00 6d 03 00 97 a2 02 00 2c 2b 05 00 00 00 00 00  .m......,+......
07 3c 00 00 1f 00 00 00 00 00 00 00 00 00 00 00  .<..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
  <System>
    <Provider Name="Microsoft-Windows-Wininit" Guid="{206f6dea-d3c5-4d10-bc72-989f03c8b84b}" EventSourceName="Wininit" />
    <EventID Qualifiers="16384">1001</EventID>
    <Version>0</Version>
    <Level>4</Level>
    <Task>0</Task>
    <Opcode>0</Opcode>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2016-02-24T14:23:45.000000000Z" />
    <EventRecordID>7133</EventRecordID>
    <Correlation />
    <Execution ProcessID="0" ThreadID="0" />
    <Channel>Application</Channel>
    <Computer>kris-PC</Computer>
    <Security />
  </System>
  <EventData>
    <Data>

Checking file system on C:
The type of the file system is NTFS.


One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 23946.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
The file reference 0x500000001313f of index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db in index $I30 of file 608.
The file reference 0x500000001313f of index entry {AFBF9~3.DB of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9~3.DB in index $I30 of file 608.
  276750 index entries processed.                                        
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
  2 unindexed files scanned.                                        
Recovering orphaned file {AFBF9~2.DB (168340) into directory file 608.
Recovering orphaned file {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000005.db (168340) into directory file 608.
CHKDSK is recovering remaining unindexed files.
  1 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 125 unused index entries from index $SII of file 0x9.
Cleaning up 125 unused index entries from index $SDH of file 0x9.
Cleaning up 125 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 23946.
  26121 data files processed.                                          
CHKDSK is verifying Usn Journal...
The remaining of an USN page at offset 0x2a514860 in file 0xe856
should be filled with zeros.
Repairing Usn Journal file record segment.
  34568296 USN bytes processed.                                            
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 102297599 KB total disk space.
  31342372 KB in 146562 files.
    113688 KB in 26122 indexes.
         0 KB in bad sectors.
    328391 KB in use by the system.
     65536 KB occupied by the log file.
  70513148 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17628287 allocation units available on disk.

Internal Info:
00 6d 03 00 97 a2 02 00 2c 2b 05 00 00 00 00 00  .m......,+......
07 3c 00 00 1f 00 00 00 00 00 00 00 00 00 00 00  .&lt;..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.
</Data>
  </EventData>
</Event>

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Това не е правилния лог...само до 3-те фази сте дали. Я пробвайте пак с инструмента ListChkdskResult.exe да ги извадите.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

ListChkdskResult by SleepyDude v0.1.7 Beta | 21-09-2013

------< Log generate on 25.2.2016 г. 18:20:42 >------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7242
Source Name: Chkdsk
Time Written: 02-24-2016 @ 16:29:49
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276772 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 8 unused index entries from index $SII of file 0x9.
Cleaning up 8 unused index entries from index $SDH of file 0x9.
Cleaning up 8 unused security descriptors.
Security descriptor verification completed.
  26131 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35194920 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31703236 KB in 146617 files.
    113704 KB in 26132 indexes.
         0 KB in bad sectors.
    328907 KB in use by the system.
     65536 KB occupied by the log file.
  70151752 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17537938 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7212
Source Name: Chkdsk
Time Written: 02-24-2016 @ 15:53:32
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276768 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 7 unused index entries from index $SII of file 0x9.
Cleaning up 7 unused index entries from index $SDH of file 0x9.
Cleaning up 7 unused security descriptors.
Security descriptor verification completed.
  26129 data files processed.                                          
CHKDSK is verifying Usn Journal...
  35033304 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31588456 KB in 146608 files.
    113692 KB in 26130 indexes.
         0 KB in bad sectors.
    328903 KB in use by the system.
     65536 KB occupied by the log file.
  70266548 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17566637 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26212
Record Number: 7183
Source Name: Chkdsk
Time Written: 02-24-2016 @ 15:41:44
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode on a volume snapshot.  

Checking file system on C:
The type of the file system is NTFS.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
  224512 file records processed.                                        
File verification completed.
  576 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
  276764 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 6 unused index entries from index $SII of file 0x9.
Cleaning up 6 unused index entries from index $SDH of file 0x9.
Cleaning up 6 unused security descriptors.
Security descriptor verification completed.
  26127 data files processed.                                          
CHKDSK is verifying Usn Journal...
  34875296 USN bytes processed.                                            
Usn Journal verification completed.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  31662464 KB in 146595 files.
    113692 KB in 26128 indexes.
         0 KB in bad sectors.
    328903 KB in use by the system.
     65536 KB occupied by the log file.
  70192540 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17548135 allocation units available on disk.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 1001
Record Number: 7133
Source Name: Microsoft-Windows-Wininit
Time Written: 02-24-2016 @ 14:23:45
Event Type: Information
User: 
Message: 

Checking file system on C:
The type of the file system is NTFS.


One of your disks needs to be checked for consistency. You
may cancel the disk check, but it is strongly recommended
that you continue.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.
Deleting corrupt attribute record (128, "")
from file record segment 23946.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  31 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 3)...
The file reference 0x500000001313f of index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000003.db in index $I30 of file 608.
The file reference 0x500000001313f of index entry {AFBF9~3.DB of index $I30
with parent 0x260 is not the same as 0x600000001313f.
Deleting index entry {AFBF9~3.DB in index $I30 of file 608.
  276750 index entries processed.                                        
Index verification completed.
CHKDSK is scanning unindexed files for reconnect to their original directory.
  2 unindexed files scanned.                                        
Recovering orphaned file {AFBF9~2.DB (168340) into directory file 608.
Recovering orphaned file {AFBF9F1A-8EE8-4C77-AF34-C647E37CA0D9}.1.ver0x0000000000000005.db (168340) into directory file 608.
CHKDSK is recovering remaining unindexed files.
  1 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 3)...
  224512 file SDs/SIDs processed.                                        
Cleaning up 125 unused index entries from index $SII of file 0x9.
Cleaning up 125 unused index entries from index $SDH of file 0x9.
Cleaning up 125 unused security descriptors.
Security descriptor verification completed.
Inserting data attribute into file 23946.
  26121 data files processed.                                          
CHKDSK is verifying Usn Journal...
The remaining of an USN page at offset 0x2a514860 in file 0xe856
should be filled with zeros.
Repairing Usn Journal file record segment.
  34568296 USN bytes processed.                                            
Usn Journal verification completed.
Correcting errors in the master file table's (MFT) BITMAP attribute.
Correcting errors in the Volume Bitmap.
Windows has made corrections to the file system.

 102297599 KB total disk space.
  31342372 KB in 146562 files.
    113688 KB in 26122 indexes.
         0 KB in bad sectors.
    328391 KB in use by the system.
     65536 KB occupied by the log file.
  70513148 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  17628287 allocation units available on disk.

Internal Info:
00 6d 03 00 97 a2 02 00 2c 2b 05 00 00 00 00 00  .m......,+......
07 3c 00 00 1f 00 00 00 00 00 00 00 00 00 00 00  .<..............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 26213
Record Number: 7126
Source Name: Chkdsk
Time Written: 02-24-2016 @ 14:14:10
Event Type: Information
User: 
Message: Chkdsk was executed in read-only mode.  A volume snapshot was not used. Extra errors and warnings may be reported as the volume may have changed during the chkdsk run.  

Checking file system on C:
The type of the file system is NTFS.
The volume is in use by another process. Chkdsk
might report errors when no corruption is present.

WARNING!  F parameter not specified.
Running CHKDSK in read-only mode.

CHKDSK is verifying files (stage 1 of 3)...
Attribute record of type 0x80 and instance tag 0x4 is cross linked
starting at 0x498a8f for possibly 0x1 clusters.
Some clusters occupied by attribute of type 0x80 and instance tag 0x4
in file 0x5d8a is already in use.

Attribute record (128, "") from file record segment 23946
is corrupt.
  224512 file records processed.                                        
File verification completed.
  577 large file records processed.                                  

Errors found.  CHKDSK cannot continue in read-only mode.

-----------------------------------------------------------------------
Category: 0
Computer Name: kris-PC
Event Code: 1001
Record Number: 455
Source Name: Microsoft-Windows-Wininit
Time Written: 02-20-2016 @ 15:28:33
Event Type: Information
User: 
Message: 

Checking file system on C:
The type of the file system is NTFS.

A disk check has been scheduled.
Windows will now check the disk.                         

CHKDSK is verifying files (stage 1 of 5)...
  64768 file records processed.                                        
File verification completed.
  35 large file records processed.                                  
  0 bad file records processed.                                    
  2 EA records processed.                                          
  28 reparse records processed.                                      
CHKDSK is verifying indexes (stage 2 of 5)...
  94248 index entries processed.                                        
Index verification completed.
  0 unindexed files scanned.                                        
  0 unindexed files recovered.                                      
CHKDSK is verifying security descriptors (stage 3 of 5)...
  64768 file SDs/SIDs processed.                                        
Cleaning up 138 unused index entries from index $SII of file 0x9.
Cleaning up 138 unused index entries from index $SDH of file 0x9.
Cleaning up 138 unused security descriptors.
Security descriptor verification completed.
  14741 data files processed.                                          
CHKDSK is verifying Usn Journal...
  18015224 USN bytes processed.                                            
Usn Journal verification completed.
CHKDSK is verifying file data (stage 4 of 5)...
  64752 files processed.                                                
File data verification completed.
CHKDSK is verifying free space (stage 5 of 5)...
  21557992 free clusters processed.                                        
Free space verification is complete.
Windows has checked the file system and found no problems.

 102297599 KB total disk space.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Лог файла пълен ли е? Последния лог ни трябва, но според мен не ви е стигнало мястото в поста и не е пълен. Можете ли да публикувате само него - по-точно частта след:

Цитат

 

Windows has checked the file system and found no problems.

 102297599 KB total disk space.

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 минути, B-boy/StyLe/ написа:

Лог файла пълен ли е? Последния лог ни трябва, но според мен не ви е стигнало мястото в поста и не е пълен. Можете ли да публикувате само него - по-точно частта след:

 

Windows has checked the file system and found no problems.

 102297599 KB total disk space.
  15875776 KB in 47489 files.
     37812 KB in 14742 indexes.
         0 KB in bad sectors.
    152039 KB in use by the system.
     65536 KB occupied by the log file.
  86231972 KB available on disk.

      4096 bytes in each allocation unit.
  25574399 total allocation units on disk.
  21557993 allocation units available on disk.

Internal Info:
00 fd 00 00 22 f3 00 00 ee f1 01 00 00 00 00 00  ...."...........
2a 00 00 00 1c 00 00 00 00 00 00 00 00 00 00 00  *...............
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

Windows has finished checking your disk.
Please wait while your computer restarts.

-----------------------------------------------------------------------
 

извинявам се глупава грешка...

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Дотук добре. Остана още една стъпка. И после ще проверим какво е положението с Windows update с други няколко неща.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

SFCFix version 2.4.9.2 by niemiro.
Start time: 2016-02-25 23:48:15.626
Microsoft Windows 7 Service Pack 1 - amd64
Not using a script file.


AutoAnalysis::
SUMMARY: No corruptions were detected.
AutoAnalysis:: directive completed successfully.


Successfully processed all directives.
SFCFix version 2.4.9.2 by niemiro has completed.
Currently storing 0 datablocks.
Finish time: 2016-02-25 23:50:35.667
----------------------EOF-----------------------

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Изтеглете и инсталирайте следния пакет => System Update Readiness Tool.

След това прикачете следния лог файл => C:\Windows\Logs\CBS\CheckSUR.log

  • Харесва ми 3

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход


  • Горещи теми в момента

  • Подобни теми

    • от bobivg
      Здравейте, от известно време ми направи впечатление, че след като изгасне монитора (не се ползва компютъра) се увеличават оборотите на вентилатора на процесора. Проблема изчезва веднага след като размърдам мишката. Предположих, че имам някакъв миньор и от предходните теми за подобен проблем качих и сканирах с Malwarebytes, който не откри нищо. Сканирах с free версията (с крака не можах да се оправя).
      Прилагам снимки от Resoursce Monitor и Task Manager. Aко е необходима повече информация казвайте.  
      Предварително благодаря за помощта.
      п.п Шума със сигурност е вентилатора на процесора, защото до скоро нямах видео карта и звученето си го познавам добре.
      п.п. 2  Farbar Recovery Scan Tool  FRST.txt и Addition.txt
       

    • от Emilyr
      Здравейте, не знам дали темата е в правилния раздел, просто съм нова в сайта,  съжалявам ако нещо не е както трябва..  Преди малко получих известие от антивирусната ми система, че е блокиран вирус на име 64win malware-gen.. Който е преместен в "затвора за вируси" Какво трябва да предприема, това опасен вирус ли е... Не разбирам от компютри, и не знам как да постъпя, пък ме е страх и за информацията на лаптопа ми. Моля ви дайте ми съвет какво да направя или не трябва да предприемам действия.. Страх ме е да няма и други вируси, защото отдолу на снимката не се вижда добре, но пише че "може да се спотайват и още други заплахи ".   Ще приложа и снимка на съобщението от антивирусната система.. Благодаря Ви предварително..
      Пс:съжалявам за лошото качество на снимката, но трябваше да намалявам размерите й, защото иначе не можех да я кача..

    • от Studenta
      Здравейте, от доста време насам браузъра ми е заразен с някаква руска търсачка. Пробвал съм да трия браузъра да променям настройките да премахвам всички добавки но без успех. Мисля,че с тоя боклук вървят в с още 2 с нея. Когато съм изгасил браузъра и си играя някоя игра примерно изведнъж ми се отваря някакъв шибан руски сайт asap.ru нещо подобно. 
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 26-12-2017
      Ran by ASUS (administrator) on ASUS-PC (30-12-2017 20:36:37)
      Running from C:\Users\ASUS\Downloads
      Loaded Profiles: ASUS & UpdatusUser (Available Profiles: ASUS & UpdatusUser)
      Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: Български (България)
      Internet Explorer Version 9 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
      (NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
      (Microsoft Corporation) C:\Windows\System32\wlanext.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Intel Corporation) C:\Windows\System32\hkcmd.exe
      (Intel Corporation) C:\Windows\System32\igfxpers.exe
      (Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe
      (Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe
      () C:\Users\ASUS\AppData\Local\Facebook\Games\FacebookGames.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
      (DEVGURU Co., LTD.) C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe
      (Atheros) C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe
      (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
      () C:\Windows\Microsoft\svchost.exe
      (The CefSharp Authors) C:\Users\ASUS\AppData\Local\Facebook\Games\CefSharp.BrowserSubprocess.exe
      (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      (Skype Technologies S.A.) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291280 2012-12-20] (Intel Corporation)
      Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [vyrtapcchc] => explorer "hxxp://granena.ru/?utm_source=uoua03n&utm_content=e739009bccd5f1e6d71a91bff5994529&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526" <==== ATTENTION
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [10021040 2017-10-18] (Piriform Ltd)
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [57446848 2017-12-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\...\MountPoints2: {7e52b7ab-80b8-11e5-abf8-ac220bd789b4} - G:\Install.exe
      AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [245872 2013-07-08] (NVIDIA Corporation)
      AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [201576 2013-07-08] (NVIDIA Corporation)
      Startup: C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Games Arcade (BETA).lnk [2016-09-19]
      ShortcutTarget: Facebook Games Arcade (BETA).lnk -> C:\Users\ASUS\AppData\Local\Facebook\Games\FacebookGames.exe ()
      GroupPolicy: Restriction - Chrome <==== ATTENTION
      GroupPolicy\User: Restriction <==== ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 77.76.144.10
      Tcpip\..\Interfaces\{18B97A15-4C37-40AB-8ABC-148924326CD0}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{18B97A15-4C37-40AB-8ABC-148924326CD0}: [DhcpNameServer] 77.76.144.10
      Tcpip\..\Interfaces\{7B128963-1D6F-410F-B447-36004838DDB1}: [DhcpNameServer] 10.0.0.13
      Internet Explorer:
      ==================
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://granena.ru/?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com/ie
      HKU\S-1-5-21-3540903787-1263480670-1707380032-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
      SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> DefaultScope {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = hxxp://www.google.com/search?q={sear
      SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {A06ED961-D98F-4CF9-A89B-80AB11DB149C} URL = hxxp://go-search.ru/search?q={searchTerms}
      SearchScopes: HKU\S-1-5-21-3540903787-1263480670-1707380032-1000 -> {FFEBBF0A-C22C-4172-89FF-45215A135AC7} URL = hxxp://go.mail.ru/distib/ep/?q={SearchTerms}&product_id=%7BA4B52271-83DE-44E1-91D2-F540224D09C8%7D&gp=811014
      BHO-x32: Searchgo Class -> {598AEFC6-DD3C-4A63-9AC3-53FCF6155931} -> C:\Users\ASUS\AppData\LocalLow\SearchGo\searchgo.dll [2017-12-30] (Searchgo)
      BHO-x32: Поиск@Mail.Ru -> {8E8F97CD-60B5-456F-A201-73065652D099} -> C:\Users\ASUS\AppData\Local\Mail.Ru\Sputnik\IESearchPlugin.dll [2016-05-26] (Mail.Ru)
      Toolbar: HKLM-x32 - Searchgo - {2BC46CFA-4B00-4193-A7BD-6AD1D0BCB5BC} - C:\Users\ASUS\AppData\LocalLow\SearchGo\searchgo.dll [2017-12-30] (Searchgo)
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_28_0_0_126.dll [2017-12-30] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_28_0_0_126.dll [2017-12-30] ()
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll [2015-12-29] (Foxit Corporation)
      FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-10-13] (Google, Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-14] (Google Inc.)
      FF Plugin HKU\S-1-5-21-3540903787-1263480670-1707380032-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\ASUS\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-06-08] (Unity Technologies ApS)
      Chrome: 
      =======
      CHR HomePage: Default -> mail.ru
      CHR StartupUrls: Default -> "hxxp://granena.ru/?utm_content=31b5cebd524a9af6c7a772dca81815e9&utm_source=startpm&utm_term=3B6FA89994383A9FB1DBD199FEE7BAD7&utm_d=20160526"
      CHR NewTab: Default ->  Not-active:"chrome-extension://nagnmfhgkjkplbhplkbicmpkfopmnefp/newtab.html"
      CHR DefaultSearchURL: Default -> hxxp://go-search.ru/search?q={searchTerms}
      CHR DefaultSearchKeyword: Default -> GoSearch
      CHR DefaultSuggestURL: Default -> hxxp://suggest.yandex.net/suggest-ff.cgi?part={searchTerms}
      CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default [2017-12-30]
      CHR Extension: (Презентации) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Документи) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Диск) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-05-01]
      CHR Extension: (YouTube) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-05-01]
      CHR Extension: (Chrome Cleaner Pro) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ccjleegmemocfpghkhpjmiccjcacackp [2017-11-12]
      CHR Extension: (Save Tabs) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\dgjepfldodmdfmdidhhgamnklbdibndi [2017-11-05]
      CHR Extension: (Таблици) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Документи офлайн) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-05-01]
      CHR Extension: (Skype) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-30]
      CHR Extension: (Microcosm - New Tab) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nagnmfhgkjkplbhplkbicmpkfopmnefp [2017-11-05]
      CHR Extension: (Плащания в уеб магазина на Chrome) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-08-22]
      CHR Extension: (Gmail) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-05-01]
      CHR Extension: (Chrome Media Router) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-11-16]
      CHR Profile: C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\System Profile [2017-11-12]
      CHR Extension: (No Name) - C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\ahggfmgiidlaceichjfemgbaggnbaloe [2017-08-25]
      CHR HKLM-x32\...\Chrome\Extension: [bgcifljfapbhgiehkjlckfjmgeojijcb] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [lbjjfiihgfegniolckphpnfaokdkbmdm] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [nagnmfhgkjkplbhplkbicmpkfopmnefp] - hxxps://clients2.google.com/service/update2/crx
      CHR HKLM-x32\...\Chrome\Extension: [oelpkepjlgmehajehfeicfbjdiobdkfj] - hxxps://clients2.google.com/service/update2/crx
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
      R2 ss_conn_service; C:\Program Files\SAMSUNG\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-12-03] (DEVGURU Co., LTD.)
      R2 SvcHost Service Host; C:\Windows\Microsoft\svchost.exe [0 ] () <==== ATTENTION (zero byte File/Folder)
      R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
      R2 ZAtheros Wlan Agent; C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\Ath_WlanAgent.exe [77824 2012-06-19] (Atheros) [File not signed]
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2015-11-01] (DT Soft Ltd)
      R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
      S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 taphss6; C:\Windows\System32\DRIVERS\taphss6.sys [42064 2016-05-27] (Anchorfree Inc.)
      S3 usbrndis6; C:\Windows\System32\DRIVERS\usb80236.sys [19968 2009-07-14] (Microsoft Corporation)
      S3 VGPU; System32\drivers\rdvgkmd.sys [X]
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-30 20:36 - 2017-12-30 20:37 - 000014515 _____ C:\Users\ASUS\Downloads\FRST.txt
      2017-12-30 20:36 - 2017-12-30 20:36 - 000000000 ____D C:\FRST
      2017-12-30 20:35 - 2017-12-30 20:35 - 002391552 _____ (Farbar) C:\Users\ASUS\Downloads\FRST64.exe
      2017-12-30 19:58 - 2017-12-30 20:04 - 000001310 _____ C:\Users\Public\Desktop\Skype.lnk
      2017-12-30 19:58 - 2017-12-30 20:04 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-12-30 20:15 - 2016-03-17 20:38 - 000000000 ___RD C:\Users\ASUS\Desktop\Снимки
      2017-12-30 20:05 - 2016-05-26 03:40 - 000000000 ____D C:\Users\ASUS\AppData\LocalLow\SearchGo
      2017-12-30 20:05 - 2016-05-26 03:40 - 000000000 ____D C:\Users\ASUS\AppData\Local\SearchGo
      2017-12-30 20:03 - 2017-07-09 14:45 - 000002193 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2017-12-30 20:03 - 2016-05-26 03:39 - 000000000 ____D C:\Users\ASUS\AppData\Local\PowerMonitor
      2017-12-30 20:02 - 2009-07-14 07:13 - 000782154 _____ C:\Windows\system32\PerfStringBackup.INI
      2017-12-30 20:02 - 2009-07-14 05:20 - 000000000 ____D C:\Windows\inf
      2017-12-30 20:00 - 2015-11-01 19:02 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
      2017-12-30 20:00 - 2015-11-01 19:02 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
      2017-12-30 20:00 - 2015-11-01 19:02 - 000004312 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
      2017-12-30 20:00 - 2015-11-01 19:02 - 000000000 ____D C:\Windows\SysWOW64\Macromed
      2017-12-30 20:00 - 2015-11-01 19:02 - 000000000 ____D C:\Windows\system32\Macromed
      2017-12-30 19:57 - 2017-03-06 20:25 - 000000000 ___RD C:\Program Files (x86)\Skype
      2017-12-30 19:57 - 2015-11-01 18:59 - 000000000 ____D C:\ProgramData\Skype
      2017-12-30 19:55 - 2016-04-06 12:07 - 000001382 _____ C:\Windows\Sandboxie.ini
      2017-12-30 19:54 - 2009-07-14 07:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
      2017-11-30 12:07 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
      2017-11-30 12:07 - 2009-07-14 06:45 - 000026352 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
      2017-11-30 05:25 - 2015-11-01 18:59 - 000000000 ____D C:\Users\ASUS\AppData\Roaming\Skype
      ==================== Files in the root of some directories =======
      2016-03-30 13:19 - 2016-03-30 13:19 - 000000036 _____ () C:\Users\ASUS\AppData\Local\housecall.guid.cache
      2016-07-12 22:16 - 2016-07-12 22:16 - 000004096 ____H () C:\Users\ASUS\AppData\Local\keyfile3.drm
      Some files in TEMP:
      ====================
      2017-11-24 23:55 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\113.tmp.exe
      2017-11-25 00:04 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\1214.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\1B95.tmp.exe
      2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\1C50.tmp.exe
      2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\27E4.tmp.exe
      2017-11-12 15:44 - 2017-11-12 11:13 - 000775168 ____N (PhoneLine SOFT Inc) C:\Users\ASUS\AppData\Local\Temp\28DE.tmp.exe
      2017-11-17 01:08 - 2017-11-16 23:36 - 000807912 _____ () C:\Users\ASUS\AppData\Local\Temp\2AE7.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\2B1F.tmp.exe
      2017-11-25 00:04 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\2E2B.tmp.exe
      2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\30E9.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\31B4.tmp.exe
      2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3212.tmp.exe
      2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3443.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\34A1.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3665.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3B45.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C01.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C3F.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3C4F.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3CAC.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\3CCB.tmp.exe
      2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\4DCC.tmp.exe
      2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\4EB6.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5403.tmp.exe
      2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5480.tmp.exe
      2017-11-24 23:59 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\5885.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5D75.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E6F.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E7E.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5E8E.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\5EFB.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\62A3.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\67A2.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\6A8F.tmp.exe
      2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\727B.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7327.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7420.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7568.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\7F37.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\8F4E.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\949B.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\9EC8.tmp.exe
      2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A129.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A5BB.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\A934.tmp.exe
      2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\AA4D.tmp.exe
      2017-11-27 07:14 - 2017-11-27 01:56 - 000930776 ____N () C:\Users\ASUS\AppData\Local\Temp\B082.tmp.exe
      2017-11-25 00:00 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\BF81.tmp.exe
      2017-11-25 00:01 - 2017-11-24 21:33 - 000902136 ____N () C:\Users\ASUS\AppData\Local\Temp\C184.tmp.exe
      2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\C1D2.tmp.exe
      2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\C838.tmp.exe
      2017-11-18 14:23 - 2017-11-18 13:59 - 000803816 _____ () C:\Users\ASUS\AppData\Local\Temp\CA7F.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CD09.tmp.exe
      2017-11-18 14:23 - 2017-11-18 13:59 - 000803816 _____ () C:\Users\ASUS\AppData\Local\Temp\CD7B.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CDD4.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CF4A.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\CFD6.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\D275.tmp.exe
      2017-11-25 00:06 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\DB8A.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\DFCE.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\E05A.tmp.exe
      2017-11-25 00:05 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\E662.tmp.exe
      2017-11-17 01:08 - 2017-11-16 23:36 - 000807912 _____ () C:\Users\ASUS\AppData\Local\Temp\EDF7.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\F512.tmp.exe
      2017-11-25 00:07 - 2017-11-24 21:33 - 000902136 _____ () C:\Users\ASUS\AppData\Local\Temp\F6D6.tmp.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\Windows\system32\winlogon.exe
      [2010-11-21 05:24] - [2011-01-16 02:01] - 000389632 _____ (Microsoft Corporation) 81257415084B84F3C0D95C381A8D4C8F
      C:\Windows\system32\wininit.exe => File is digitally signed
      C:\Windows\SysWOW64\wininit.exe => File is digitally signed
      C:\Windows\explorer.exe => File is digitally signed
      C:\Windows\SysWOW64\explorer.exe => File is digitally signed
      C:\Windows\system32\svchost.exe => File is digitally signed
      C:\Windows\SysWOW64\svchost.exe => File is digitally signed
      C:\Windows\system32\services.exe => File is digitally signed
      C:\Windows\system32\User32.dll
      [2010-11-21 05:24] - [2011-01-16 02:01] - 001008640 _____ (Microsoft Corporation) 0B864E15A0BADFF0E7BB8B59009FDDCF
      C:\Windows\SysWOW64\User32.dll => File is digitally signed
      C:\Windows\system32\userinit.exe => File is digitally signed
      C:\Windows\SysWOW64\userinit.exe => File is digitally signed
      C:\Windows\system32\rpcss.dll => File is digitally signed
      C:\Windows\system32\dnsapi.dll => File is digitally signed
      C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
      C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2017-11-19 01:44
      ==================== End of FRST.txt ============================
       

      Addition.txt
    • от Technokom Plovdiv
      Ето събщението, което получава всеки изпратил имейл до нас:
      This message was created automatically by mail delivery software.
      A message that you sent has not yet been delivered to one or more of its recipients after more than 24 hours on the queue on hemus.superhosting.bg.
       
       
      The message identifier is:     1eJa1Z-003lh9-9Y
      The subject of the message is: =?utf-8?B?Rlc6INC80LDQvdC+0LzQtdGC0YrRgA==?=
      The date of the message is:    Tue, 28 Nov 2017 09:09:44 +0200
       
       
      The address to which the message has not yet been delivered is:
       
       
        henryresult111@gmail.com
          (ultimately generated from xxxxxxx@xxxxxxxx.bg)
          host alt4.gmail-smtp-in.l.google.com [74.125.28.27]
          Delay reason: SMTP error from remote mail server after RCPT TO:<henryresult111@gmail.com>:
          452-4.2.2 The email account that you tried to reach is over quota. Please direct
          452-4.2.2 the recipient to
          452 4.2.2  https://support.google.com/mail/?p=OverQuotaTemp h72si2628468pfj.20 - gsmtp
       
       
      No action is required on your part. Delivery attempts will continue for some time, and this warning may be repeated at intervals if the message remains undelivered. Eventually the mail delivery software will give up, and when that happens, the message will be returned to you.
       
      Това съобщение го получават изпращащите мейли към този домейн. Събщенията се получават без проблем. Няма проблем и със сървърното място.
      Не разбирам и каква е връзката с gmail и google след като домейнът е частен. Също нямам никаква идея чий е този имейл: henryresult111@gmail.com
      Възможно ли е да е вирус? Сканирани са всички служебни машини. Имаше разни гадини, които уж обезвредихме, но проблемът не се оправи.
      Сменихме и паролите на всички мейли - нищо.
      Ето информацията от FRST:
      Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 29-11-2017
      Ran by pc (administrator) on PC1 (30-11-2017 14:23:09)
      Running from C:\Documents and Settings\pc.PC1\Desktop
      Loaded Profiles: pc (Available Profiles: pc & Administrator & Guest)
      Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
      Internet Explorer Version 8 (Default browser: FF)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGSvc.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avgsvcx.exe
      (HP) C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe
      (HP) C:\WINDOWS\system32\HPSIsvc.exe
      (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
      (Intel Corporation) C:\WINDOWS\system32\igfxtray.exe
      (Intel Corporation) C:\WINDOWS\system32\hkcmd.exe
      (Intel Corporation) C:\WINDOWS\system32\igfxpers.exe
      (Realtek Semiconductor Corp.) C:\WINDOWS\RTHDCPL.exe
      (Intel Corporation) C:\WINDOWS\system32\igfxsrvc.exe
      (Viber Media S.à r.l.) C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Viber\Viber.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Framework\Common\avguix.exe
      (Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\AVGUI.exe
      (AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\Antivirus\aswidsagent.exe
      () C:\2017\wsklad.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
      (Mozilla Corporation) C:\Program Files\Mozilla Firefox\plugin-container.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [RTHDCPL] => C:\Windows\RTHDCPL.EXE [16859648 2008-01-09] (Realtek Semiconductor Corp.)
      HKLM\...\Run: [Alcmtr] => C:\Windows\ALCMTR.EXE [69632 2005-05-03] (Realtek Semiconductor Corp.)
      HKLM\...\Run: [AvgUi] => C:\Program Files\AVG\Framework\Common\avguirnx.exe [220288 2017-10-31] (AVG Technologies CZ, s.r.o.)
      HKLM\...\Run: [AVGUI.exe] => C:\Program Files\AVG\Antivirus\AvLaunch.exe [302744 2017-11-16] (AVG Technologies CZ, s.r.o.)
      HKU\S-1-5-20\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
      HKU\S-1-5-21-329068152-1604221776-1801674531-1003\...\Run: [Viber] => C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Viber\Viber.exe [69268048 2016-04-13] (Viber Media S.à r.l.)
      HKU\S-1-5-21-329068152-1604221776-1801674531-1003\...\MountPoints2: {260473e8-84c9-11e3-a542-001cf0d5a2b8} - G:\SISetup.exe
      HKU\S-1-5-18\...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [434080 2011-07-27] (Microsoft Corporation)
      Startup: C:\Documents and Settings\pc.PC1\Start Menu\Programs\Startup\Microsoft Office Outlook 2007.lnk [2017-11-30]
      ShortcutTarget: Microsoft Office Outlook 2007.lnk -> C:\WINDOWS\Installer\{91120000-0031-0000-0000-0000000FF1CE}\outicon.exe ()
      Startup: C:\Documents and Settings\pc.PC1\Start Menu\Programs\Startup\Skype.lnk [2017-03-06]
      ShortcutTarget: Skype.lnk -> C:\WINDOWS\Installer\{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}\Skype.ico (No File)
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 192.168.1.1
      Tcpip\..\Interfaces\{E7E61260-FB73-4F9E-B467-F1870B906C7C}: [DhcpNameServer] 192.168.1.1 192.168.1.1
      Internet Explorer:
      ==================
      HKU\S-1-5-21-329068152-1604221776-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
      HKU\S-1-5-21-329068152-1604221776-1801674531-1003\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
      BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre6\bin\jp2ssv.dll [2009-06-22] (Sun Microsystems, Inc.)
      BHO: JQSIEStartDetectorImpl Class -> {E7E6F031-17CE-4C07-BC86-EABFE594F69C} -> C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2009-06-22] (Sun Microsystems, Inc.)
      DPF: {22945A69-1191-4DCF-9E6F-409BDE94D101} hxxp://dl-ak.solidworks.com/nonsecure/edrawings/e2012sp02/12.2.0.110/cab//eModelsStandard.cab
      DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} hxxp://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.4.1.cab
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
      DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab
      DPF: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_13-windows-i586.cab
      DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll [2011-11-03] (Skype Technologies)
      FireFox:
      ========
      FF DefaultProfile: 07ckpc18.default-1412315343695
      FF ProfilePath: C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695 [2017-11-30]
      FF Extension: (YouTube Video and Audio Downloader) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\feca4b87-3be4-43da-a1b1-137c24220968@jetpack.xpi [2017-05-22] [Lagacy]
      FF Extension: (Google Search by Image) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\google@hitachi.com.xpi [2016-05-03] [Lagacy]
      FF Extension: (signTextJS) - C:\Documents and Settings\pc.PC1\Application Data\Mozilla\Firefox\Profiles\07ckpc18.default-1412315343695\Extensions\jid1-AXn9cXcB4fD1QQ@jetpack.xpi [2017-06-15] [Lagacy]
      FF HKLM\...\Firefox\Extensions: [jqs@sun.com] - C:\Program Files\Java\jre6\lib\deploy\jqs\ff
      FF Extension: (Java Quick Starter) - C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009-06-22] [Lagacy] [not signed]
      FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
      FF Extension: (Microsoft .NET Framework Assistant) - C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2014-01-27] [Lagacy] [not signed]
      FF HKLM\...\Firefox\Extensions: [quickprint@hp.com] - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension
      FF Extension: (SmartPrintButton) - C:\Program Files\Hewlett-Packard\SmartPrint\QPExtension [2011-01-26] [Lagacy] [not signed]
      FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_8_800_94.dll [2013-09-04] ()
      FF Plugin: @microsoft.com/WPF,version=3.5 -> C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
      FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-08-05] (Adobe Systems Inc.)
      Chrome:
      =======
      CHR HKLM\...\Chrome\Extension: [icmlaeflemplmjndnaapfdbbnpncnbda] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx <not found>
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R2 AVG Antivirus; C:\Program Files\AVG\Antivirus\AVGSvc.exe [282536 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R3 avgbIDSAgent; C:\Program Files\AVG\Antivirus\aswidsagent.exe [5954792 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R2 avgsvc; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [1189720 2017-10-31] (AVG Technologies CZ, s.r.o.)
      R2 HPM1210RcvFaxSrvc; C:\Program Files\HP\HP LaserJet M1210 MFP Series\ReceiveFaxUtility.exe [247712 2012-07-25] (HP)
      S4 JavaQuickStarterService; C:\Program Files\Java\jre6\bin\jqs.exe [152984 2009-06-22] (Sun Microsystems, Inc.)
      S4 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.exe [65536 2003-10-22] (HP) [File not signed]
      S4 rcp_service; C:\Program Files\ReaConverter 5.5 Pro\rcp_scheduler.exe [558592 2007-11-30] (ReaSoft) [File not signed]
      R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-22] (DEVGURU Co., LTD.)
      S3 WMPNetworkSvc; C:\Program Files\Windows Media Player\WMPNetwk.exe [913408 2006-10-18] (Microsoft Corporation) [File not signed]
      S2 APNMCP; "C:\Program Files\AskPartnerNetwork\Toolbar\apnmcp.exe" [X]
      S2 HP LaserJet Service; "C:\Program Files\hp\HPLaserJetService\HPLaserJetService.exe" [X]
      S0 MBAMService; no ImagePath
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      R1 aswKbd; C:\WINDOWS\system32\Drivers\aswKbd.sys [20624 2012-10-31] (AVAST Software)
      R1 avgArPot; C:\WINDOWS\System32\drivers\avgArPot.sys [149592 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R1 avgbdisk; C:\WINDOWS\System32\drivers\avgbdiskx.sys [135872 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R1 avgbidsdriver; C:\WINDOWS\System32\drivers\avgbidsdriverx.sys [249232 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R0 avgbidsh; C:\WINDOWS\System32\drivers\avgbidshx.sys [151024 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R0 avgblog; C:\WINDOWS\System32\drivers\avgblogx.sys [270344 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R0 avgbuniv; C:\WINDOWS\System32\drivers\avgbunivx.sys [43992 2017-11-16] (AVG Technologies CZ, s.r.o.)
      S3 avgHwid; C:\WINDOWS\System32\drivers\avgHwid.sys [35264 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R2 avgMonFlt; C:\WINDOWS\System32\drivers\avgMonFlt.sys [117368 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R0 avgRvrt; C:\WINDOWS\System32\drivers\avgRvrt.sys [63280 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R1 avgSnx; C:\WINDOWS\System32\drivers\avgSnx.sys [775552 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R1 avgSP; C:\WINDOWS\System32\drivers\avgSP.sys [381184 2017-11-16] (AVG Technologies CZ, s.r.o.)
      R0 avgVmm; C:\WINDOWS\System32\drivers\avgVmm.sys [290776 2017-11-16] (AVG Technologies CZ, s.r.o.)
      S3 CCDECODE; C:\WINDOWS\System32\DRIVERS\CCDECODE.sys [17024 2008-04-13] (Microsoft Corporation)
      S3 dg_ssudbus; C:\WINDOWS\System32\DRIVERS\ssudbus.sys [107648 2016-07-22] (Samsung Electronics Co., Ltd.)
      S3 HP1210FAX; C:\WINDOWS\System32\Drivers\HPM1210FAX.sys [13824 2010-04-28] () [File not signed]
      R3 irsir; C:\WINDOWS\System32\DRIVERS\irsir.sys [18688 2001-08-17] (Microsoft Corporation)
      R3 m4cxw2k3; C:\WINDOWS\System32\DRIVERS\m4cxw2k3.sys [250752 2007-02-15] (D-Link Corporation)
      S3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [22344 2012-04-04] (Malwarebytes Corporation)
      S3 NdisIP; C:\WINDOWS\System32\DRIVERS\NdisIP.sys [10880 2008-04-13] (Microsoft Corporation)
      S3 pcouffin; C:\WINDOWS\System32\Drivers\pcouffin.sys [47360 2009-08-03] (VSO Software) [File not signed]
      R3 Rasirda; C:\WINDOWS\System32\DRIVERS\rasirda.sys [19584 2001-08-17] (Microsoft Corporation)
      S3 SONYPVU1; C:\WINDOWS\System32\DRIVERS\SONYPVU1.SYS [7552 2001-08-17] (Sony Corporation)
      S0 sptd; C:\WINDOWS\System32\Drivers\sptd.sys [721904 2009-07-13] (Duplex Secure Ltd.)
      S3 ssudmdm; C:\WINDOWS\System32\DRIVERS\ssudmdm.sys [146048 2016-07-22] (Samsung Electronics Co., Ltd.)
      S3 WpdUsb; C:\WINDOWS\System32\DRIVERS\wpdusb.sys [38528 2006-10-18] (Microsoft Corporation) [File not signed]
      S2 adfs; no ImagePath
      S3 BOCDRIVE; \??\C:\Program Files\Comodo\CBOClean\BOCDRIVE.sys [X]
      S2 DgiVecp; \??\C:\WINDOWS\system32\Drivers\DgiVecp.sys [X]
      S3 FXDrv32; \??\D:\FXDrv32.sys [X]
      S4 IntelIde; no ImagePath
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-11-30 14:23 - 2017-11-30 14:23 - 000012709 _____ C:\Documents and Settings\pc.PC1\Desktop\FRST.txt
      2017-11-30 14:22 - 2017-11-30 14:23 - 000000000 ____D C:\FRST
      2017-11-30 14:22 - 2017-11-30 14:22 - 001752064 _____ (Farbar) C:\Documents and Settings\pc.PC1\Desktop\FRST.exe
      2017-11-30 10:49 - 2017-11-30 10:49 - 000025377 _____ C:\Documents and Settings\pc.PC1\Local Settings\Application Data\recently-used.xbel
      2017-11-24 14:34 - 2017-11-24 14:34 - 000000000 ____D C:\Program Files\Quester
      2017-11-24 14:34 - 2017-11-24 14:34 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\QMailFilter
      2017-11-24 14:32 - 2017-11-24 14:32 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Application Data\CEF
      2017-11-24 14:32 - 2017-11-24 14:32 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Application Data\AVG
      2017-11-24 14:31 - 2017-11-24 14:31 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Application Data\Avg
      2017-11-24 14:21 - 2017-11-24 14:21 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\PCHealth
      2017-11-20 12:24 - 2017-11-20 12:40 - 000065536 _____ C:\WINDOWS\system32\config\Doctor Web.evt
      2017-11-20 12:24 - 2017-11-20 12:24 - 000000000 ____D C:\Documents and Settings\pc.PC1\Doctor Web
      2017-11-20 12:24 - 2017-11-20 12:24 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Doctor Web
      2017-11-16 14:45 - 2017-11-16 14:45 - 000087203 _____ C:\Documents and Settings\pc.PC1\My Documents\Untitled.pdf
      2017-11-16 14:45 - 2017-11-16 14:45 - 000087203 _____ C:\Documents and Settings\pc.PC1\Desktop\Untitled.pdf
      2017-11-16 13:03 - 2017-11-16 13:05 - 000000000 ____D C:\EEK
      2017-11-16 13:02 - 2017-11-16 13:02 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Temp
      2017-11-16 10:11 - 2017-11-16 10:11 - 000001608 _____ C:\Documents and Settings\All Users\Desktop\AVG AntiVirus FREE.lnk
      2017-11-16 10:11 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\AVG
      2017-11-16 10:10 - 2017-11-30 10:10 - 000000288 ____H C:\WINDOWS\Tasks\Antivirus Emergency Update.job
      2017-11-16 10:10 - 2017-11-16 10:10 - 000775552 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSnx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000381184 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgSP.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000306448 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\avgBoot.exe
      2017-11-16 10:10 - 2017-11-16 10:10 - 000290776 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgVmm.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000270344 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgblogx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000249232 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidsdriverx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000151024 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbidshx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000149592 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgArPot.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000135872 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbdiskx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000117368 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgMonFlt.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000063280 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgRvrt.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000043992 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgbunivx.sys
      2017-11-16 10:10 - 2017-11-16 10:10 - 000035264 _____ (AVG Technologies CZ, s.r.o.) C:\WINDOWS\system32\Drivers\avgHwid.sys
      2017-11-16 10:08 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\AVG
      2017-11-16 10:08 - 2017-11-16 10:08 - 000000629 _____ C:\Documents and Settings\All Users\Desktop\AVG.lnk
      2017-11-16 10:06 - 2017-11-30 11:06 - 000000314 ____H C:\WINDOWS\Tasks\AVG EUpdate Task.job
      2017-11-16 10:06 - 2017-11-16 10:08 - 000000000 ____D C:\Program Files\AVG
      2017-11-16 09:51 - 2017-11-16 09:51 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\CEF
      2017-11-16 09:50 - 2017-11-16 11:23 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Avg
      2017-11-16 09:50 - 2017-11-16 10:11 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\Avg
      2017-11-16 09:50 - 2017-11-16 10:08 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\AvgSetupLog
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2017-11-30 14:23 - 2013-08-02 12:50 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Temp
      2017-11-30 14:20 - 2015-08-03 07:23 - 000271360 _____ C:\Documents and Settings\pc.PC1\My Documents\Outlook_Archive.pst
      2017-11-30 14:16 - 2016-12-27 11:00 - 000000000 ____D C:\2017
      2017-11-30 10:49 - 2014-01-15 10:08 - 000000000 ____D C:\Documents and Settings\pc.PC1\Local Settings\Application Data\gtk-2.0
      2017-11-30 10:49 - 2013-08-02 12:55 - 000000000 ____D C:\Documents and Settings\pc.PC1\.gimp-2.8
      2017-11-30 07:55 - 2016-08-12 14:25 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\ViberPC
      2017-11-30 07:52 - 2014-03-28 08:20 - 000000216 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Logon.job
      2017-11-30 07:52 - 2008-09-12 18:28 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2017-11-30 07:52 - 2008-04-14 14:00 - 000011936 _____ C:\WINDOWS\system32\wpa.dbl
      2017-11-29 16:54 - 2013-08-02 12:50 - 000000178 ___SH C:\Documents and Settings\pc.PC1\ntuser.ini
      2017-11-29 16:54 - 2013-08-02 12:50 - 000000000 ____D C:\Documents and Settings\pc.PC1
      2017-11-29 16:54 - 2008-09-12 18:28 - 000032520 _____ C:\WINDOWS\SchedLgU.Txt
      2017-11-28 11:37 - 2011-12-19 11:25 - 000000000 ____D C:\Program Files\The KMPlayer
      2017-11-24 14:40 - 2013-08-02 13:09 - 000211496 _____ C:\Documents and Settings\pc.PC1\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
      2017-11-24 14:37 - 2013-11-01 13:09 - 000000178 ___SH C:\Documents and Settings\Administrator.PC1\ntuser.ini
      2017-11-24 14:36 - 2010-03-25 10:10 - 000979370 _____ C:\WINDOWS\ntbtlog.txt
      2017-11-24 14:35 - 2013-11-01 13:09 - 000000000 ____D C:\Documents and Settings\Administrator.PC1\Local Settings\Temp
      2017-11-24 14:28 - 2008-09-12 21:12 - 002469912 _____ C:\WINDOWS\system32\FNTCACHE.DAT
      2017-11-24 14:25 - 2013-08-02 14:23 - 000065536 _____ C:\WINDOWS\system32\config\ODiag.evt
      2017-11-24 14:15 - 2008-09-13 10:13 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\Microsoft Help
      2017-11-24 14:12 - 2008-04-14 14:00 - 000000668 _____ C:\WINDOWS\win.ini
      2017-11-24 11:47 - 2016-08-12 14:25 - 000000000 ____D C:\Documents and Settings\pc.PC1\My Documents\ViberDownloads
      2017-11-22 16:05 - 2013-12-11 14:52 - 000000000 ____D C:\2014
      2017-11-22 16:04 - 2010-12-03 14:28 - 000000000 ____D C:\2011
      2017-11-22 16:03 - 2011-12-09 14:39 - 000000000 ____D C:\2012
      2017-11-22 15:40 - 2013-08-02 13:28 - 000002515 _____ C:\Documents and Settings\pc.PC1\Desktop\Microsoft Office Word 2007.lnk
      2017-11-22 14:28 - 2014-12-29 16:42 - 000000000 ____D C:\2015
      2017-11-22 14:25 - 2015-12-23 11:32 - 000000000 ____D C:\2016
      2017-11-16 10:55 - 2014-10-02 15:34 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\istartsurf
      2017-11-16 10:48 - 2012-12-20 13:57 - 000000000 ____D C:\2013
      2017-11-16 10:38 - 2014-10-02 15:34 - 000000000 ____D C:\Documents and Settings\All Users\Application Data\IePluginServices
      2017-11-16 09:28 - 2010-09-30 15:57 - 000000000 ____D C:\Program Files\ough
      2017-11-16 09:01 - 2013-09-23 15:54 - 002755382 ___SH C:\Documents and Settings\pc.PC1\Desktop\Thumbs.db
      2017-11-10 13:23 - 2013-08-02 13:49 - 000000000 ____D C:\Documents and Settings\pc.PC1\Application Data\Skype
      2017-11-08 15:00 - 2014-03-28 08:20 - 000000210 _____ C:\WINDOWS\Tasks\Microsoft Windows XP End of Service Notification Monthly.job
      ==================== Files in the root of some directories =======
      2015-08-17 11:04 - 2015-08-17 11:08 - 000304492 _____ (AYURvmkth8) C:\Documents and Settings\pc.PC1\Application Data\adobe.exe
      2013-10-07 13:55 - 2014-04-09 12:28 - 000000531 _____ () C:\Documents and Settings\pc.PC1\Application Data\burnaware.ini
      2013-08-02 13:31 - 2017-08-18 12:25 - 000036352 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
      2014-02-27 17:15 - 2014-02-28 09:48 - 000000600 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\PUTTY.RND
      2017-11-30 10:49 - 2017-11-30 10:49 - 000025377 _____ () C:\Documents and Settings\pc.PC1\Local Settings\Application Data\recently-used.xbel
      2011-03-11 09:28 - 2011-03-11 09:28 - 000000016 _____ () C:\Documents and Settings\All Users\Application Data\.7486160831680234
      2008-10-31 09:19 - 2008-10-31 09:19 - 000000041 ___SH () C:\Documents and Settings\All Users\Application Data\.zreglib
      2008-09-13 13:47 - 2016-04-26 08:08 - 000001669 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
      2014-08-15 11:57 - 2010-03-30 10:12 - 000024772 _____ () C:\Documents and Settings\All Users\Application Data\P1210DEF.css
      2014-08-15 11:57 - 2016-01-22 14:22 - 000015499 _____ () C:\Documents and Settings\All Users\Application Data\P1210OS.HTM
      2014-08-15 11:57 - 2010-03-30 10:12 - 000002944 _____ () C:\Documents and Settings\All Users\Application Data\P1210SIG.GIF
      Some files in TEMP:
      ====================
      2017-10-13 09:08 - 2011-12-29 11:44 - 001275396 _____ (NCH Software) C:\Documents and Settings\pc.PC1\Local Settings\Temp\uninst.exe
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      ==================== End of FRST.txt ============================
      Addition.txt
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.