Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Здравейте, пуснах NOD32 за профилактично сканиранe и ми намери следната заплаха -

Цитат

\\Uefi Partition » UEFI » uefi:\\Volume 1\Firmware Volume Image {9E21FD93-9C72-4C15-8C4B-E77F1DB2D792}\Volume 1\20D3 - вариант на EFI/CompuTrace.A потенциално опасно приложение - избраното действие е задържано до завършване на сканирането
 

Чудя се дали е фалшива тревога на NOD32 или е реална и да я трия? Последно време единствената промяна по софта в компютъра е ъпдейт на windows-а и  ъпдейт на NOD32.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добър вечер..! Моля съгласно правилата на подраздела да следвате указанията от тази тема :Системата ми е инфектирана - Какво да правя сега?

Очаквам дневници от Farbar Recovery Scan Tool

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 37 минути, icotonev написа:

Добър вечер..! Моля съгласно правилата на подраздела да следвате указанията от тази тема :Системата ми е инфектирана - Какво да правя сега?

Очаквам дневници от Farbar Recovery Scan Tool

 

Ето ги дневниците - 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15.09.2018
Ran by Vladimir (administrator) on VLADIMIR-PC (22-09-2018 21:54:58)
Running from C:\Users\Vladimir\Desktop
Loaded Profiles: Vladimir (Available Profiles: Vladimir & postgres & ValdimirS)
Platform: Windows 7 Enterprise Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ESET) C:\Program Files\ESET\ESET Security\ekrn.exe
(Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
() C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxEM.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(ESET) C:\Program Files\ESET\ESET Security\egui.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\KeyScrambler.exe
() C:\Program Files (x86)\VIVACOM 3G USB MODEM\ModemListener.exe
(QFX Software Corporation) C:\Program Files (x86)\KeyScrambler\x64\KeyScrambler.exe
(Intel Corporation) C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8844032 2016-01-22] (Realtek Semiconductor)
HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [323040 2015-12-08] (Intel Corporation)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Security\ecmds.exe [177928 2018-09-12] (ESET)
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [296216 2015-09-25] (Intel Corporation)
HKLM-x32\...\Run: [KeyScrambler] => C:\Program Files (x86)\KeyScrambler\keyscrambler.exe [515600 2016-08-01] (QFX Software Corporation)
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-06-16] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [ModemListener] => C:\Program Files (x86)\VIVACOM 3G USB MODEM\ModemListener.exe [98304 2011-12-05] ()
HKU\S-1-5-21-3624561232-1489558647-684400053-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\ssText3d.scr [333824 2010-11-21] (Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 0.0.0.0
Tcpip\..\Interfaces\{0CB2DCD3-BBE8-422D-9E0C-1C69165FCEE5}: [NameServer] 8.8.8.8,8.8.4.4
Tcpip\..\Interfaces\{0CB2DCD3-BBE8-422D-9E0C-1C69165FCEE5}: [DhcpNameServer] 192.168.1.1 0.0.0.0

Internet Explorer:
==================
HKU\S-1-5-21-3624561232-1489558647-684400053-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKU\S-1-5-21-3624561232-1489558647-684400053-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)

FireFox:
========
FF DefaultProfile: 1b7663fh.default
FF ProfilePath: C:\Users\Vladimir\AppData\Roaming\Mozilla\Firefox\Profiles\1b7663fh.default [2018-09-22]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2016-12-17] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
R2 DeviceManager; C:\Program Files (x86)\Common Files\DeviceHelper\DeviceManager.exe [40960 2011-07-08] () [File not signed]
S4 DragonUpdater; C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe [2282248 2018-05-29] (Comodo)
R2 ekrn; C:\Program Files\ESET\ESET Security\ekrn.exe [2260144 2018-09-12] (ESET)
R2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [19424 2015-12-08] (Intel Corporation)
R2 igfxCUIService2.0.0.0; C:\Windows\system32\igfxCUIService.exe [341448 2017-12-22] (Intel Corporation)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [310016 2016-01-22] (Realtek Semiconductor)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [141512 2018-09-12] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [188824 2018-09-12] (ESET)
R1 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [109864 2018-09-12] (ESET)
R0 iaStorF; C:\Windows\System32\DRIVERS\iaStorF.sys [31712 2016-01-22] (Intel Corporation)
S3 jrdusbser; C:\Windows\System32\DRIVERS\jrdusbser.sys [120832 2011-07-08] (TCT International Mobile Ltd)
R3 KeyScrambler; C:\Windows\System32\drivers\keyscrambler.sys [224720 2015-08-18] (QFX Software Corporation)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 VGPU; System32\drivers\rdvgkmd.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 21:54 - 2018-09-22 21:55 - 000007160 _____ C:\Users\Vladimir\Desktop\FRST.txt
2018-09-22 21:54 - 2018-09-22 21:54 - 000000000 ____D C:\FRST
2018-09-22 21:54 - 2018-09-22 21:54 - 000000000 _____ C:\Users\Vladimir\Desktop\New Text Document.txt
2018-09-22 21:53 - 2018-09-22 21:53 - 002413568 _____ (Farbar) C:\Users\Vladimir\Desktop\FRST64.exe
2018-09-22 20:51 - 2018-09-22 20:51 - 000000239 _____ C:\Users\ValdimirS\Desktop\New Text Document (6).txt
2018-09-17 16:39 - 2018-09-17 16:42 - 000000013 _____ C:\Users\ValdimirS\Desktop\New Text Document (5).txt
2018-09-17 12:12 - 2018-09-17 12:48 - 000002196 _____ C:\Users\ValdimirS\Desktop\New Text Document (4).txt
2018-09-16 20:19 - 2018-09-16 20:20 - 000000268 _____ C:\Users\ValdimirS\Desktop\New Text Document (3).txt
2018-09-16 01:03 - 2018-09-16 01:03 - 000000025 _____ C:\Users\ValdimirS\Desktop\New Text Document (2).txt
2018-09-14 22:16 - 2018-08-31 18:08 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2018-09-14 22:16 - 2018-08-31 18:08 - 000340480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msexcl40.dll
2018-09-14 22:16 - 2018-08-30 04:47 - 001230848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WindowsCodecs.dll
2018-09-14 22:16 - 2018-08-30 04:10 - 001424896 _____ (Microsoft Corporation) C:\Windows\system32\WindowsCodecs.dll
2018-09-14 22:16 - 2018-08-28 08:50 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2018-09-14 22:16 - 2018-08-24 22:47 - 000398424 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2018-09-14 22:16 - 2018-08-24 21:47 - 000350296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2018-09-14 22:16 - 2018-08-24 02:05 - 025736704 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2018-09-14 22:16 - 2018-08-24 01:56 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2018-09-14 22:16 - 2018-08-24 01:56 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2018-09-14 22:16 - 2018-08-24 01:45 - 002902016 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2018-09-14 22:16 - 2018-08-24 01:44 - 000066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2018-09-14 22:16 - 2018-08-24 01:43 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2018-09-14 22:16 - 2018-08-24 01:43 - 000417280 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2018-09-14 22:16 - 2018-08-24 01:43 - 000088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2018-09-14 22:16 - 2018-08-24 01:43 - 000048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2018-09-14 22:16 - 2018-08-24 01:37 - 000054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2018-09-14 22:16 - 2018-08-24 01:36 - 000034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2018-09-14 22:16 - 2018-08-24 01:34 - 005779456 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2018-09-14 22:16 - 2018-08-24 01:34 - 000615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2018-09-14 22:16 - 2018-08-24 01:33 - 000814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2018-09-14 22:16 - 2018-08-24 01:33 - 000794624 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2018-09-14 22:16 - 2018-08-24 01:33 - 000144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2018-09-14 22:16 - 2018-08-24 01:33 - 000116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2018-09-14 22:16 - 2018-08-24 01:27 - 000969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2018-09-14 22:16 - 2018-08-24 01:24 - 000489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2018-09-14 22:16 - 2018-08-24 01:19 - 000077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2018-09-14 22:16 - 2018-08-24 01:18 - 000087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2018-09-14 22:16 - 2018-08-24 01:17 - 000107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2018-09-14 22:16 - 2018-08-24 01:15 - 000199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2018-09-14 22:16 - 2018-08-24 01:15 - 000092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2018-09-14 22:16 - 2018-08-24 01:13 - 000315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2018-09-14 22:16 - 2018-08-24 01:12 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2018-09-14 22:16 - 2018-08-24 01:03 - 000262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2018-09-14 22:16 - 2018-08-24 01:01 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2018-09-14 22:16 - 2018-08-24 01:01 - 000728064 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2018-09-14 22:16 - 2018-08-24 01:00 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2018-09-14 22:16 - 2018-08-24 00:59 - 002136064 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2018-09-14 22:16 - 2018-08-24 00:59 - 001359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2018-09-14 22:16 - 2018-08-24 00:52 - 004510720 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2018-09-14 22:16 - 2018-08-24 00:40 - 001555456 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2018-09-14 22:16 - 2018-08-24 00:28 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2018-09-14 22:16 - 2018-08-24 00:27 - 020279296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2018-09-14 22:16 - 2018-08-24 00:25 - 002724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2018-09-14 22:16 - 2018-08-24 00:15 - 000497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2018-09-14 22:16 - 2018-08-24 00:14 - 000341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2018-09-14 22:16 - 2018-08-24 00:14 - 000062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2018-09-14 22:16 - 2018-08-24 00:14 - 000047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2018-09-14 22:16 - 2018-08-24 00:13 - 000064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2018-09-14 22:16 - 2018-08-24 00:12 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2018-09-14 22:16 - 2018-08-24 00:09 - 000047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2018-09-14 22:16 - 2018-08-24 00:09 - 000030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2018-09-14 22:16 - 2018-08-24 00:07 - 000476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2018-09-14 22:16 - 2018-08-24 00:06 - 000662016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2018-09-14 22:16 - 2018-08-24 00:06 - 000620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2018-09-14 22:16 - 2018-08-24 00:06 - 000115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2018-09-14 22:16 - 2018-08-24 00:00 - 000416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2018-09-14 22:16 - 2018-08-23 23:56 - 000073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2018-09-14 22:16 - 2018-08-23 23:56 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2018-09-14 22:16 - 2018-08-23 23:55 - 000091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2018-09-14 22:16 - 2018-08-23 23:54 - 000168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2018-09-14 22:16 - 2018-08-23 23:53 - 000076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2018-09-14 22:16 - 2018-08-23 23:52 - 000279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2018-09-14 22:16 - 2018-08-23 23:51 - 004494848 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2018-09-14 22:16 - 2018-08-23 23:51 - 000130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2018-09-14 22:16 - 2018-08-23 23:48 - 013679616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2018-09-14 22:16 - 2018-08-23 23:46 - 000230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2018-09-14 22:16 - 2018-08-23 23:44 - 002059776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2018-09-14 22:16 - 2018-08-23 23:44 - 001155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2018-09-14 22:16 - 2018-08-23 23:44 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2018-09-14 22:16 - 2018-08-23 23:30 - 004037632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2018-09-14 22:16 - 2018-08-23 23:27 - 001329664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2018-09-14 22:16 - 2018-08-23 23:24 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 014183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 002004480 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 001888768 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 000056832 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\msimg32.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml6r.dll
2018-09-14 22:16 - 2018-08-13 18:54 - 000002048 _____ (Microsoft Corporation) C:\Windows\system32\msxml3r.dll
2018-09-14 22:16 - 2018-08-13 18:53 - 001867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2018-09-14 22:16 - 2018-08-13 18:53 - 000405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2018-09-14 22:16 - 2018-08-13 18:41 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 012880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 001499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 001390080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 001241088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 000004608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimg32.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6r.dll
2018-09-14 22:16 - 2018-08-13 18:40 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3r.dll
2018-09-14 22:16 - 2018-08-12 23:32 - 000378464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2018-09-14 22:16 - 2018-08-12 23:31 - 001894496 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2018-09-14 22:16 - 2018-08-12 23:31 - 000289376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2018-09-14 22:16 - 2018-08-12 23:28 - 000018944 _____ (Microsoft Corporation) C:\Windows\system32\netevent.dll
2018-09-14 22:16 - 2018-08-12 23:14 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\netevent.dll
2018-09-14 22:16 - 2018-08-10 18:59 - 005552816 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2018-09-14 22:16 - 2018-08-10 18:59 - 000154800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2018-09-14 22:16 - 2018-08-10 18:58 - 000385120 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2018-09-14 22:16 - 2018-08-10 18:58 - 000263776 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2018-09-14 22:16 - 2018-08-10 18:58 - 000096864 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2018-09-14 22:16 - 2018-08-10 18:57 - 000708272 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2018-09-14 22:16 - 2018-08-10 18:57 - 000631624 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2018-09-14 22:16 - 2018-08-10 18:56 - 001664296 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000361984 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000152064 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000094208 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000022528 _____ (Microsoft Corporation) C:\Windows\system32\wfapigp.dll
2018-09-14 22:16 - 2018-08-10 18:55 - 000013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 001461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 001211904 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 001163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000828928 _____ (Microsoft Corporation) C:\Windows\system32\MPSSVC.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000749568 _____ (Microsoft Corporation) C:\Windows\system32\FirewallAPI.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000108544 _____ (Microsoft Corporation) C:\Windows\system32\icfupgd.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2018-09-14 22:16 - 2018-08-10 18:54 - 000016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:53 - 000003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:45 - 004054192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2018-09-14 22:16 - 2018-08-10 18:45 - 000309424 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2018-09-14 22:16 - 2018-08-10 18:44 - 003961440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2018-09-14 22:16 - 2018-08-10 18:42 - 001315512 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 001114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000111616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\t2embed.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000070144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2018-09-14 22:16 - 2018-08-10 18:41 - 000005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000463360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\FirewallAPI.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:40 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:39 - 000690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2018-09-14 22:16 - 2018-08-10 18:39 - 000644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2018-09-14 22:16 - 2018-08-10 18:27 - 000077312 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mpsdrv.sys
2018-09-14 22:16 - 2018-08-10 18:22 - 000148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2018-09-14 22:16 - 2018-08-10 18:22 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2018-09-14 22:16 - 2018-08-10 18:22 - 000017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2018-09-14 22:16 - 2018-08-10 18:21 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2018-09-14 22:16 - 2018-08-10 18:20 - 000018944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wfapigp.dll
2018-09-14 22:16 - 2018-08-10 18:17 - 000338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2018-09-14 22:16 - 2018-08-10 18:17 - 000296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2018-09-14 22:16 - 2018-08-10 18:17 - 000129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\videoprt.sys
2018-09-14 22:16 - 2018-08-10 18:15 - 000050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2018-09-14 22:16 - 2018-08-10 18:13 - 000291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2018-09-14 22:16 - 2018-08-10 18:13 - 000159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2018-09-14 22:16 - 2018-08-10 18:13 - 000129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2018-09-14 22:16 - 2018-08-10 18:13 - 000034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2018-09-14 22:16 - 2018-08-10 18:12 - 000112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2018-09-14 22:16 - 2018-08-10 18:12 - 000064512 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdk8.sys
2018-09-14 22:16 - 2018-08-10 18:12 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelppm.sys
2018-09-14 22:16 - 2018-08-10 18:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\processr.sys
2018-09-14 22:16 - 2018-08-10 18:12 - 000060928 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\amdppm.sys
2018-09-14 22:16 - 2018-08-10 18:12 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2018-09-14 22:16 - 2018-08-10 18:10 - 000025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2018-09-14 22:16 - 2018-08-10 18:10 - 000014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2018-09-14 22:16 - 2018-08-10 18:10 - 000007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2018-09-14 22:16 - 2018-08-10 18:10 - 000002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2018-09-14 22:16 - 2018-08-10 18:09 - 000036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2018-09-14 22:16 - 2018-08-10 18:09 - 000006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:09 - 000004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:09 - 000003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2018-09-14 22:16 - 2018-08-10 18:09 - 000003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2018-09-14 22:16 - 2018-07-29 18:55 - 001110528 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2018-09-14 22:16 - 2018-07-18 18:18 - 000090112 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bowser.sys
2018-09-14 22:16 - 2018-06-27 16:20 - 000419648 _____ C:\Windows\SysWOW64\locale.nls
2018-09-14 22:16 - 2018-06-27 16:19 - 000419648 _____ C:\Windows\system32\locale.nls
2018-09-13 13:09 - 2018-09-13 13:30 - 000001987 _____ C:\Users\ValdimirS\Desktop\up.txt
2018-09-09 15:30 - 2018-09-09 15:30 - 000109296 _____ C:\Users\ValdimirS\AppData\Local\GDIPFONTCACHEV1.DAT
2018-09-06 17:40 - 2018-09-06 17:40 - 000000000 _____ C:\Users\ValdimirS\Desktop\maude_-_drinks_up.txt
2018-08-31 20:58 - 2018-08-31 20:58 - 000000114 _____ C:\Users\ValdimirS\Desktop\New Text Document.txt

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-22 21:51 - 2017-08-31 01:21 - 000000000 __SHD C:\Users\Vladimir\IntelGraphicsProfiles
2018-09-22 21:37 - 2009-07-14 07:45 - 000026848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2018-09-22 21:37 - 2009-07-14 07:45 - 000026848 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2018-09-22 20:05 - 2017-08-31 01:40 - 000000000 ____D C:\Users\Vladimir\AppData\LocalLow\Mozilla
2018-09-22 18:34 - 2017-08-31 02:01 - 000000000 ____D C:\Users\Vladimir\AppData\Roaming\Adobe
2018-09-22 17:39 - 2009-07-14 08:13 - 000783606 _____ C:\Windows\system32\PerfStringBackup.INI
2018-09-22 17:39 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\inf
2018-09-22 17:35 - 2017-08-31 17:05 - 000000000 __SHD C:\Users\ValdimirS\IntelGraphicsProfiles
2018-09-22 17:35 - 2009-07-14 08:08 - 000032580 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2018-09-22 17:35 - 2009-07-14 08:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2018-09-21 17:41 - 2018-07-19 16:52 - 000001668 _____ C:\Users\ValdimirS\Desktop\pesni.txt
2018-09-21 12:34 - 2017-08-31 00:43 - 000000000 ____D C:\Users\Vladimir
2018-09-21 12:33 - 2017-08-31 17:05 - 000000000 ____D C:\Users\ValdimirS\AppData\LocalLow\Mozilla
2018-09-15 15:13 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\rescache
2018-09-14 22:25 - 2018-08-18 13:11 - 000412264 _____ C:\Windows\system32\FNTCACHE.DAT
2018-09-14 22:21 - 2017-08-31 14:31 - 000000000 ____D C:\Windows\system32\MRT
2018-09-14 22:20 - 2017-08-31 14:31 - 139184408 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2018-09-14 22:19 - 2017-08-31 01:17 - 000767472 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2018-09-12 22:14 - 2017-11-07 10:19 - 000109864 _____ (ESET) C:\Windows\system32\Drivers\epfwwfp.sys
2018-09-12 22:14 - 2017-06-22 16:01 - 000141512 _____ (ESET) C:\Windows\system32\Drivers\eamonm.sys
2018-09-12 22:14 - 2017-05-04 13:18 - 000188824 _____ (ESET) C:\Windows\system32\Drivers\ehdrv.sys
2018-09-03 16:22 - 2009-07-14 06:20 - 000000000 ____D C:\Windows\ModemLogs
2018-08-31 14:04 - 2017-08-31 10:22 - 000007889 _____ C:\Windows\BRRBCOM.INI
2018-08-28 21:32 - 2017-08-31 22:46 - 000000000 ____D C:\Users\ValdimirS\Desktop\drugi


==================== Files in the root of some directories =======

2017-08-31 10:05 - 2018-03-01 17:54 - 000007598 _____ () C:\Users\Vladimir\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
2018-09-22 21:47 - 2018-07-20 21:40 - 000382976 _____ (Rational Intellectual Holdings Ltd.) C:\Users\Vladimir\AppData\Local\Temp\_unps.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-15 15:06

==================== End of FRST.txt ============================

 

 

 

 

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Инсталирах и сканирах с Malwarebytes, но той нищо не открива. Имах и инсталиран SUPERAntiSpyware и при него нищо. Междувременно се ровя в нета и гледам в https://en.wikipedia.org/wiki/LoJack_for_Laptops че си има някаква програмка CompuTrace в биоса която си е горе-долу легитимна, но дали и тази е такава... В форума на НОД32 четох, че при проблеми с вируси в биоса, може да се решат с ъпдейт?  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! В предоставените дневници не се виждат активни зарази..! Относно вашия UEFI проблем мисля че става въпрос за Computrace функцията в BIOS  - трябва да се спре или  да обнови до нова версия на BIOS-a по-възможност новата версия да не съдържа тази Computrace.

https://bartblaze.blogspot.com/2014/11/thoughts-on-absolute-computrace.html

https://securelist.com/absolute-computrace-revisited/58278/

Приятен неделен ден пожелавам...! 

Между другото бих се замислил дали на този етап е удачно да се използва SUPERAntiSpyware ..! Поради тази причина:

 


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Още едно интересно четиво по темата:
https://securelist.com/absolute-computrace-revisited/58278/

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 часа, icotonev написа:

Здравейте..! В предоставените дневници не се виждат активни зарази..! Относно вашия UEFI проблем мисля че става въпрос за Computrace функцията в BIOS  - трябва да се спре или  да обнови до нова версия на BIOS-a по-възможност новата версия да не съдържа тази Computrace.

https://bartblaze.blogspot.com/2014/11/thoughts-on-absolute-computrace.html

https://securelist.com/absolute-computrace-revisited/58278/

Приятен неделен ден пожелавам...! 

Между другото бих се замислил дали на този етап е удачно да се използва SUPERAntiSpyware ..! Поради тази причина:

 

Щом има проблем с SuperAntiSpyware ще я махна за сега.

Относно UEFI, влязох в биоса и за въпросното нещо Computrace пише, че не е активно, но отдолу пък пише, че не е деактивирано. Та не знам сега това спряно ли е не е ли? Самите опции не могат да се променят от това меню в биоса, а друго където да ги има не намерих.

Сега ще ъпдейтна биоса да видя какво ще стане и ще пиша допълнително тук или в "раздела" осрах биоса какво да правя.  

DSC00361.JPG

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте отново, ъпдейтнах биоса, но няма промяна. По време на ъпдейта на биоса ми изписа съобщение, че имам някаква критична уязвимост и да ъпдейтна Intel Management Engine(може ли през тази уязвимост с нещо да се е заразил, ако изобщо е заразен, UEFI или няма връзка ) направих и това, но проблема с UEFI  си остава.

Малко тъп въпрос - Intel Management Engine всеки път след преинсталиране на windows ли трябва да се инсталира или е като биоса, веднъж като се инсталира и е за постоянно? 

 

Capture.PNG

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За фърмуера:
Да, ако има по-нов.
Не, ако няма по-нов.
За драйвъра - да.

Редактирано от DarkEdge (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

В крайна сметка преинсталирах и бозата(към драйверите които си инсталирам по принцип добавих и такъв за Intel Management Engine), че и без това беше клонира от HDD на SSD и проблема за сега изчезна.  

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 часа, B-boy/StyLe/ написа:

Според статията и свързани с нея статии с този вирус руски хакери атакуват държавни институции. Интересно как по дяволите аз съм си заразил компютъра с такъв рядък вирус след като в разни незнайни сайтове влизам само от таблета, а от този заразения в единствения по съмнителен сайт в който влизам е zamunda/zelka да свалям филми и в сайтовете за сваляне субтитри.

Също интересно е, че в статията пише, че вируса засяга само стари компютри, а моя е на година и нещо, като биоса беше от края на 2016, а се е заразил и той.

След като нод32 вече не засича нищо трябва ли да се притеснявам от вируса или не? Че не ми се рискува да преинсталирам биоса.

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Още по темата за UEFI руткит  атаката(друг поглед върху анализа на Eset):
тук

Редактирано от DarkEdge (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

Не можах да пиша досега, защото ми изгоря монитора, а от офиса нямах време. После докато дойде новия и докато го настроя и мина седмица и нагоре. Извинявам се за причиненото неудобство, но техника...

При вас не мисля, че става въпрос за рууткита от статиите...той е нов и се казва Lojax, но е базиран на легитимния софтуер Lojack, който всъщност Eset ви е намерила. Интересно защо чак сега се е обадила, защото би трябвало този софтуер да сте си го имали в БИОС-а още при покупката на системата. Този софтуер е за проследяване на загубен лаптоп обикновено. Интересно и как префлаш на БИОС-а не е поправил проблема, а преинсталация на Windows - да, след като този вид проблеми не могат да бъдат почистени от антивирусен софтуер, защото са заредени в БИОС-а. Става единствено с изключването на проблемния модул от БИОС-а или с обновяването на БИОС-а с версия, която не съдържа този модул (ако е налична такава изобщо). Според мен няма място за притеснение и ESET го засичат, защото този софтуер е по-скоро дискусионен (в сивата зона) и се застраховат. Нищо повече.

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от klass
      Здравейте! Опитвам да се запиша за платено почистване ми излиза това -
      "Съжаляваме, възникна проблем
      Нещо се обърка. Моля опитайте отново Код на грешка EX1406"
       
      Накратко искам платено почистване на компютъра ако е възможно.
      Проблема е следния:  В един момент Мозила Файерфокс ми съобщава, че не мога да използвам отметките, защото се използвали от друга програма.
      Рестартирах компютъра и на влизане уиндоус ми казва че няма връзка с интернет и да позвам други опции да вляза.
      Само дето нямам спомен как съм се регистрирал за майкрософтски акаунт, нито име нито имеил.
      На единия диск имам GRUB от който избирам Линукс или уиндоус да заредя, през който влизам в Линукс Минт. И от там пиша сега.
      Само че каквото и да сваля за проверка е за уиндоус и не мога да го стартирам в Линукса.
      Има ли начин през Линукса да се почисти компютъра или да го преинсталирам?
      Благодаря за вниманието, и извинявайте ако не е това начина за контакт.
       
      Това е компютъра: System: Host: xaxa-desktop Kernel: 4.15.0-62-generic x86_64 bits: 64 gcc: 7.4.0 Desktop: Cinnamon 3.8.9 (Gtk 3.22.30-1ubuntu4) dm: lightdm Distro: Linux Mint 19 Tara Machine: Device: desktop Mobo: ASRock model: Z370 Pro4 serial: N/A UEFI: American Megatrends v: P3.20 date: 09/06/2018 CPU: 6 core Intel Core i7-8700 (-MT-MCP-) arch: Skylake rev.10 cache: 12288 KB flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 38304 clock speeds: min/max: 800/4600 MHz 1: 1210 MHz 2: 938 MHz 3: 1064 MHz 4: 1624 MHz 5: 1582 MHz 6: 1650 MHz 7: 1004 MHz 8: 1016 MHz 9: 1097 MHz 10: 1018 MHz 11: 969 MHz 12: 804 MHz Graphics: Card: NVIDIA GP104 [GeForce GTX 1080] bus-ID: 01:00.0 chip-ID: 10de:1b80 Display Server: x11 (X.Org 1.19.6 ) drivers: nvidia (unloaded: modesetting,fbdev,vesa,nouveau) Resolution: [email protected] OpenGL: renderer: GeForce GTX 1080/PCIe/SSE2 version: 4.6.0 NVIDIA 390.116 Direct Render: Yes Audio: Card-1 NVIDIA GP104 High Def. Audio Controller driver: snd_hda_intel bus-ID: 01:00.1 chip-ID: 10de:10f0 Card-2 Intel 200 Series PCH HD Audio driver: snd_hda_intel bus-ID: 00:1f.3 chip-ID: 8086:a2f0 Sound: Advanced Linux Sound Architecture v: k4.15.0-62-generic Network: Card: Intel Ethernet Connection (2) I219-V driver: e1000e v: 3.2.6-k bus-ID: 00:1f.6 chip-ID: 8086:15b8 IF: eno1 state: up speed: 1000 Mbps duplex: full mac: <filter> Drives: HDD Total Size: 8513.7GB (0.4% used) ID-1: /dev/sda model: ADATA_SU800 size: 512.1GB serial: <filter> ID-2: /dev/sdb model: ST4000VN008 size: 4000.8GB serial: <filter> ID-3: /dev/sdc model: ST4000VN008 size: 4000.8GB serial: <filter> Partition: ID-1: / size: 1.1T used: 32G (4%) fs: ext4 dev: /dev/sdc1 RAID: System: supported: N/A No RAID devices: /proc/mdstat, md_mod kernel module present Unused Devices: none Sensors: System Temperatures: cpu: 33.0C mobo: N/A gpu: 0.0:42C Fan Speeds (in rpm): cpu: N/A Repos: Active apt sources in file: /etc/apt/sources.list.d/official-package-repositories.list deb http: //packages.linuxmint.com tara main upstream import backport deb http: //archive.ubuntu.com/ubuntu bionic main restricted universe multiverse deb http: //archive.ubuntu.com/ubuntu bionic-updates main restricted universe multiverse deb http: //archive.ubuntu.com/ubuntu bionic-backports main restricted universe multiverse deb http: //security.ubuntu.com/ubuntu/ bionic-security main restricted universe multiverse deb http: //archive.canonical.com/ubuntu/ bionic partner Info: Processes: 255 Uptime: 1:05 Memory: 3446.9/15974.9MB Init: systemd v: 237 runlevel: 5 Gcc sys: 7.4.0 Client: Unknown python3.6 client inxi: 2.3.56  
    • от Alpine Trail
      Здравейте!От известно време имам забавяне  и забиване на системата и затова вчера и днес пуснах няколко сканирвания с две различни версии на Eset-a.С най-новата версия откри 4 инфектирани файла.С другата при първото сканирване включих и дял D и също 4.При второто без дял D,3 такива.Чудя се дали трябва да се трият тези файлове.Това са логовете.
      Eset Online Scanner-07.09.2019.txt Eset Online Scanner-08.09.2019.txt
    • от pyrpyl
      Здравейте, повече от  година изполвам емuлатора за Android под Windows MEmu Play. Седмица след автоматичното му обновяване до версия 6.2.3 антивируса ми - Avira започна почти постоянно да ми изкарва прозорец за засечен Malwarе. Почти година не съм инсталирал нищо ново и за това мисля че гадините са се промъкнали с ъпдейта. Моля за помощ. Предварително  Ви благодаря.


    • от hjhj
      Здравейте.
      Имам един компютър който е доставен преди години от фирма свързана със софтуер за управление на дадена апаратура.
      Вчера не искаше да тръгне.  При пускането на машината започва да зарежда в началото както трябва докато стигне до момента в който трябва да покаже  десктопа. Но вместо десктоп, показваше съобщение,че Windows не е легален и трябва да го активирам. Имаше две възможности YES или NO, но която и да избера нищо не се променяше. Съобщението се показваше отново и не ме да вляза. След няколко многократни опита по някакъв начин влязох в системата, но тя работеше много бавно. Каквото и да отворя водеше до затормозяване на компа. Сега даже през Хром не успях да сваля Farbar, даваше, ми че е вирус. Успях с много зор да го сваля през Мозила. Сканирах и с Касперски вчера.
      FRST.txt Addition.txt report.txt
    • от Duclos
      Здравейте,
      преди ден антивирусната ми програма непрекъснато даваше известия за троянец, който се опитва да се свърже - "Website Blocked Due to Trojan". При сканиране обаче, не се откриваше нищо. При днешното пускане на компютъра забелязах, че работи изключи бавно, непрекъснато забива и т.н. Пробвах да сканирам - антивирусната отказа да стартира. Когато цъкна рестарт всeки път излиза съобщение "Preparing to configure your computer", и отново лаптопът работи видимо затруднено.
      Нямам диск за операционна система, по-долу съм прикачил файловете от сканирането с Farbar.
       
      FRST.txt Addition.txt
  • Дарение

×
×
  • Добави ново...