Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Здравейте,

от известно време се появи следния проблем - малко след зареждането на Windows 8.1, започва самоволно стартиране на браузъра по подразбиране, като се отварят по 4-5 прозореца, а понякога и по повече. Прегледах някои теми за сходни проблеми във форума и трябва да отбележа една съществена разлика - при мен браузера се стартира с началния си екран и НЕ тръгва да зарежда някаква страница в интернет... просто си стои на началната страница и стартира още прозорци.

След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис"How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store.

Други неща, които се случват: отваряне на десния панел на десктопа на секцията "Search", превключване м/у различни отворени прозорци, отваряне на нови табове при работещ браузър, обхождане на менютата на отворени прозорци, и всичко това придружено със звуков сигнал (бибкане).

До момента сканирано с:

- Windows defender;

 - Kasperski Free;

- Dr. Web;

- Malwarebytes... и всички казват, че системата е чиста...

Това е в общи линии. Прилагам резултатите от FRST, благодаря предварително

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kire (administrator) on KIRE-PC (04-03-2019 11:39:00)
Running from C:\Users\Kire\Desktop
Loaded Profiles: Kire (Available Profiles: Kire)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21]
ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 11:39 - 2019-03-04 11:39 - 000016906 _____ C:\Users\Kire\Desktop\FRST.txt
2019-03-04 11:38 - 2019-03-04 11:39 - 000000000 ____D C:\FRST
2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe
2019-02-24 16:56 - 2019-02-24 16:56 - 000072864 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner
2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt
2019-02-24 16:32 - 2019-02-24 16:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-02-24 16:32 - 2019-02-24 16:32 - 000001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-24 16:32 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt
2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss
2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg
2019-02-21 23:44 - 2019-02-22 00:56 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-21 23:44 - 2019-02-21 23:44 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-21 23:44 - 2019-02-21 23:44 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-21 23:44 - 2019-02-21 23:44 - 000000000 ____D C:\Program Files\CCleaner
2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe
2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk
2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt
2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET
2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe
2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure
2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART
2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe
2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure
2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV
2019-02-21 20:26 - 2019-03-04 11:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web
2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe
2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls
2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 11:38 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC
2019-03-03 19:04 - 2016-04-14 13:11 - 000003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1460632245
2019-03-03 19:04 - 2016-04-14 13:10 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-26 21:35 - 2016-04-11 17:51 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001
2019-02-26 20:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC
2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer
2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite
2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent
2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump
2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther
2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent
2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-02-20 02:39 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire
2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages

==================== Files in the root of some directories =======

2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-03 19:14

==================== End of FRST.txt ============================

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! От предоставените дневници не се виждат активни зарази..!

 

icon1373991893.jpg

Изтеглете Autoruns и:

  • Стартирайте програмата;
  • Изберете Options => сложете отметки пред Hide Empty Locations, Hide Microsoft Entries и Hide Windows Entries и махнете отметката пред Hide VirusTotal Clean Entries;
  • Сега изберете Options => Scan Options => и сложете отметки пред Verify Code Signature, Check VirusTotal.com и Submit Unknown Images;
  • Изберете бутона F5 за да се повтори проверката. Изчакайте да приключи (ще разберете, че е така ако в долния ляв край на програмата изпише Ready.);
  • От менюто File => изберете Save => запазете файла някъде с желано от вас име (във формат arn), архивирайте го с програма по желание в zip формат и го прикачете към темата.

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

...и тук нищо притеснително...!

Моля, изтеглете Zemana AntiMalware и го запишете на вашия работен плот.

  • Стартирайте програмата.
  • Кликнете върху иконата bHTyaUA.png.
  • Отидете на Scan и сложете отметка пред Create Restore Point.
  • Отидете на Advanced и кликнете бутона I have read the warning and wish to proceed anyway.
  • Сложете отметки пред Auto Upload и Detect suspicious (root CA) certificates.
  • Сега вече натиснете иконата GeaXUNf.png.
  • Натиснете Scan за да започне проверката.
  • След кратко сканирането приключи кликнете върху иконата [IMG] (не натискайте бутона Next) и отворете последния доклад.
  • Сега кликнете File => Save As  и изберете своя Desktop и натиснете Save.
  • Моля копирайте съдържанието на лог файла в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Мистерия някаква...


Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 1 час, Mohito написа:

След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис"How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store.

В момента браузър по подразбиране е Maxthon...!!!! Как да нямате..?!?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

..и след като завърши сканирането ..ще ви помоля да деинсталирате всичко което сте използвали като антивирусен софтуер...НЕКА ДА ОСТАНЕ САМО Kaspersky Free

 

 Malwarebytes + ESET + F-Secure + Doctor Web - ТОЗИ СОФТУЕР ДА СЕ ПРЕМАХНЕ ОТ ВАШИЯ КОМПЮТЪР ..! 
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Имам предвид, че преди беше Опера-та и точно с нея се получаваше ситуацията с десетките прозорци. От default programs/set program access and comuter defaults/choose a default web browser махнах отметките от enable access to this program за всичките. Преди това ръчно бях преименувал launcher-а на Операта, защото при отварянето на няколко рпозореца едновременно през няколко секунди процесора отиваше на 100% и компа става практически неизползваем. След това на няколко пъти ми се наложи да включвам и изключвам enable access-а, в момента гледам чавките са засветнати, странно...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Zemana AntiMalware 2.74.2.150 (Portable)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2019.3.4
Operating System       : Windows 8.1 64-bit
Processor              : 2X Intel(R) Pentium(R) CPU G3240 @ 3.10GHz
BIOS Mode              : Legacy
CUID                   : 128F7BC5AB7ACD09EE5F45
Scan Type              : System Scan
Duration               : 5m 51s
Scanned Objects        : 45144
Detected Objects       : 6
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

UBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D5AE31DC76B6C6879F968B183298925E84F44E20\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D5AE31DC76B6C6879F968B183298925E84F44E20\Blob = 5C000000010000000400000000080000140000000100000014000000189860B58760F90924CB71BD9A9596B2056BB6C8030000000100000014000000D5AE31DC76B6C6879F968B183298925E84F44E200400000001000000100000004ED72667394EAA982F0CF6BBFEF7865E0F0000000100000014000000784954E7105D976D96AEF39D8A73441F74D60E3B190000000100000010000000DB07C1F8D43CCB320E5E5D414B0562FE2000000001000000650300003082036130820249A00302010202105D97984983E0BC9B4CE8DCCED117686A300D06092A864886F70D01010505003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3130303131333132353132365A170D3232303131333132353434305A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100D6D829C4937BA1DA7027240649E0868385DD070EDB6BD5D3AAF6799B9205AF19B640E2CE8B4881D00A57BD3500B2529E82A2D61FFB70BB7028AE51F809C4B4BB36B169C77B337CD18573DE04097E748E51C64A13AF5330D2E252CB82021117A91EE391054A753AFB0CB0CD759D141FF323C5990FE3474D5BEACACF2DD714FB9D7984FFAC857D08F13940CBA5D0EA6F42D61FC1CF6B89FB35EA246794425F2576B8CF83D12A5372F30D4F55627CB1CBFE0D8E990BA9A0B2008C8CD74EA390F61163EE0BED4925AEC51E7BFB564A47804833B97EAC777DF5D93E3561CBB26F33D7CFD6CF70FEAA71CEBA2A8356D88BD80613ADE7AF646D202818FFC77A3CE32A670203010001A351304F300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414189860B58760F90924CB71BD9A9596B2056BB6C8301006092B06010401823715010403020100300D06092A864886F70D01010505000382010100B5C51443B4358280CF6B9EEEE1B25AC4325507E74500C8B52637BC8EEDE73D06BFEEF67137A438C000456477BFA255C992C6336F207EE624805FCA6844BE294855FBB94557FA3104828786ED74FE48C29582D437AAFCD561BC9DCF9DE90643665E42D2781B20D39922E20F17D9194CCE0FA990533B3969625C57F665B1BB124DAF7AFA91E77F6D0E6EFC440B9D46DA672E0580D61D13E21791CD852FA43E4E4708ABAECCBB285667A1EB7AB8CC5CA8A923FCFE01B2CB1601464148D7180B08064E376A27BEFD121BBDA3AC71A442AF7AEA681D3FF0595C1FDC759F19A53B8710E94C77B80649DB282F7A1CDC80C66E9A4E03567DFAA65A945F4348E9134172A9

UBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob = 5C000000010000000400000000080000140000000100000014000000147FB7750760F08C83D4E7E2DE51AA6009B4E2DF0400000001000000100000006816583EC09DBB7FD94A295E215895FF030000000100000014000000D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB0F0000000100000020000000447D10399FE823AD0C7CA968FF2789E68EE08235C91E7902EF7D5FB7D6F6576B1900000001000000100000004E7728C997FA9A6B643413E691AD5D5120000000010000008C0300003082038830820270A003020102021074A9ABBFCBAFE09F49FC1C2B88795AF2300D06092A864886F70D01010B05003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303932303038343733335A170D3238303932303038353733335A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100F5065C626288708254F9CB0DC3795F76D0A5EF89EDE74B97672A87970D0973E0BE20AAC370D6695B23F9304B5738DE84F9ED12A5E32B5F3EB41D13C6792755BE591C44DD0D69CF1EBD5370D4A7658528A75D3EF9182BFADF72EE615A4D70A36A4F52980307E657F6ED232440DEE92ECFBF195CF0B0F8A1AE06BCE111CE40BB9F0EF949FF09937EB66C1335B85E36EAC577965336B7DC64DABF382C2EFC54307DE9F7E3AD944193B4A22B69F698CD6D2C202AC85E0628E5BE8B84959E36BFD6399A20E5BA9F5AF213AE428D88AB9882D4BF3C64D8C225C48221CF69B68428516811E945755E10F76F54F81E361535A187E139048C8A3B543D6A7AA28664F4D01B0203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414147FB7750760F08C83D4E7E2DE51AA6009B4E2DF301206092B060104018237150104050203020002302306092B0601040182371502041604143C58BF4A284B75E633AF230BCA20BDB6F012D117300D06092A864886F70D01010B05000382010100620E4FD1911F082CEE4A527531DBAA1D59194BB5E4E020E0DEEDAB8F4665B56060158EFF2A78CB95228A36FB6E27A19291197E88C55A8EBB3D7C42B3BCAF77E8BB9E031A16DD8E8D1644637BDB2156EC9CBE68B9695F896EFDC7DE93E3EDB5106187477DD9D3CE16C367087B159DF4CD7D80FC808402ABFA1B1BBE1614FDBFB60EE1C8EE9E4C8794B0D4182001E0EEFFA3ABC60666A543BFD5DA5F552CF5B42A2B4A499DE500E8362D09F0B24F56FAA3C1182F44FF4D82203F74FA362F472BAEDB0CD324F13DDE9B8B9FFA5EF2EBDD1D61E42563D1CF2F2B213D4C55DDFF1CB2907C1097AF9EBC5F61AACC348BD1190B2E7877D19D791FD0F3816C7D367A7E09

B-Trust Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED\Blob = 4B0000000100000044000000360037004100440034003200360042003500380039003200310036004500360044003600340044003400350045004600410034003000430032003400390044005F000000190000000100000010000000A36D039A7F1BF303A000B3178102AAF3040000000100000010000000BFCEEA6310A629AD4844CCC55F935C5E0300000001000000140000004BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED0F000000010000001400000090B620F4AF8BB10F063A2068B7D3E112223321111400000001000000140000009BA6483A231F3AA9A888285764ED04961C30C89D5C00000001000000040000000010000020000000010000001C0700003082071830820500A003020102020101300D06092A864886F70D0101050500306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F74204341301E170D3130303831373134313233385A170D3330303831373134313233385A306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F7420434130820222300D06092A864886F70D01010105000382020F003082020A0282020100C83AD84C8EA7AFBF51DCA9BCC30D5DF76180AAC4E1D03A6DE136FA5660A0DEC71486B86A4263A4DA0DBB866092EE60D2079EBB5E877083A47D9B6CD90D702ED8FBF46C8C3758A19E87BB90F62CE56221BA87B0DBC49FA43CE5B8B6405A4852AFDFBC0787CA23D436BE0B7CD37468E8686B8744B0DFB173972E52233404F28F480FF9C8B72857E15A976055696433D71B72885BC8522131261DD784FAE7ED0258E3CD3F690AA647E5E7D2BB9DF212902A9503DBA8A65FD3DAC0B2C87177107F854B48BC1B83E554AA56AAA7E2D9AFEBBD41279A73BB3DD8D28C040C03350E5B674B4E030E226BD4C5F252635E79D7E13B2D9B577BEE409B76FF01CCBE36893DDD0CF2194A4BBD2905BEA92BEC37105570876B54C26C447C7D340F226D83522BEAFC4C6758764E06774CAA772119AA72FAA2F95542E848E47E4C99E6EACF858330856F21E8F8552822DAAD1E21B4CD52F10DE532577F98E070DDCBCBC75E3439364AD21A4C548A7CA918289B1857148600BEDAF318EB4A3C6744D07F0EBD95CF749EA418D934C6CD1B89B257C8936FD5B18E35C9C48FF0983ED833FB115E59F60075102E1E7552B3EDBE2F99C7C73E71057E4BA7B1AAE4671E2C9C390CFA452A829755BE535DE698A73D873C6C7CBB9086610A2CDCB98F4DE180022AF795747ACF972070A5F36F38A5CF279087BDA831DF17FC2D3D918C47FEDB3BCAA0893680C3020300A37BA38201C5308201C1301D0603551D0E041604149BA6483A231F3AA9A888285764ED04961C30C89D3081950603551D2304818D30818A80149BA6483A231F3AA9A888285764ED04961C30C89DA16FA46D306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F7420434182010130210603551D12041A30188616687474703A2F2F7777772E622D74727573742E6F726730120603551D130101FF040830060101FF02010430370603551D200430302E302C0604551D20003024302206082B060105050702011616687474703A2F2F7777772E622D74727573742E6F7267300E0603551D0F0101FF04040302010630530603551D1F044C304A3048A046A0448642687474703A2F2F7777772E622D74727573742E6F72672F7265706F7369746F72792F636135726F6F742F63726C2F622D74727573745F6361355F726F6F742E63726C303306082B0601050507010104273025302306082B060105050730018617687474703A2F2F6F6373702E622D74727573742E6F7267300D06092A864886F70D0101050500038202010086A8C343F9FE1A772A341796590AC7999C53B27EB97EB4296EDC9492FCBAC1005422550B6440290F9155E445342FCC512C9FD9E7425537C7B2C40BD08C37EC2F3BD26972814C70651D0E71965B65237D8AB76AF69B217518C3F98547FB19B1012AA4201B299E5EE51280E97AB43741C5E75F8D7F97E425358D7D365A7186C29BEB47F2953FE15DAAF8832F4D6F61CC91F6D37779C24C72A4AC2A48891C086BA722F668C7A58A707A3505E71F018C0FBF657D0B204F7A135968BCA52193EB5E12EB2C66E639800DB8D0AE87BEAB1FE2A366B97C6467FD6BB273C06C6E2CB338C8E59B14؀掏ā냤ĉ퉜؀ðUBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3C58BF4A284B75E633AF230BCA20BDB6F012D117\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3C58BF4A284B75E633AF230BCA20BDB6F012D117\Blob = 190000000100000010000000452B230D638D93989C7675A46955D2AB0F0000000100000014000000662CB200F58662ED062369E8D31103FE8370E0E80300000001000000140000003C58BF4A284B75E633AF230BCA20BDB6F012D117140000000100000014000000DAFB3FFC3DC743276D9198B34C437139D27F963D20000000010000008C0300003082038830820270A0030201020210731234A928CF3391406A015F72463639300D06092A864886F70D01010505003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303130383037323332365A170D3238303130383037333332365A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100E18674C080E26A9B4232223E1849E358B6BEB820C2C95F53674A2B7CFA104CDB87B3C0FAEBF5C5650C3C6CC1CACCB9F29DB02B522DD5C904D1F09778D65BED3A30A823A35B1218002394191890BEC7789C2F5F3857949816C68C57CEEEAFEE4623796974F382E5A9FFB66606FCF23B86048D04702A14348274F9D78AD39198A4066D103A1F6CE4C7DFAC317D2C765345CD35C81CAD6FC7261CCAC415CF183C810027621348A781C3F2EFFEEB12DC49BBB849DE6E41A0D97DCD4CC0955D91875619405E6AC1C3D9D71C59601AC5C8BEF88462282AD6178523257FDD27A5402F0EC71189CFA5EE65C74CACBC8557B8FB665F8195BFFA5F2A70157FC8CEF7B196D70203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414DAFB3FFC3DC743276D9198B34C437139D27F963D301206092B060104018237150104050203010001302306092B060104018237150204160414D5AE31DC76B6C6879F968B183298925E84F44E20300D06092A864886F70D0101050500038201010024B5709A78216629DB09C5A488A236A30281D2AB9D6AE2CED2396E4056850621D2FB2028C253CA5AA606C31A7CEB9BDCF1F2CC493B12C4C2935D6D0175438F28DC8F74A4A43DFD84CCE79A9F7F9D38427180EBF7F7CE865D8BA3556433A74E0F3CDBA7CC6149E9BF08F37BEE1EA41704A753A5F745C214FD6DA1FCF1E08285416F451C9B13C831376CD50E90593CF2727BEAB2006BB35FC84627B4880A82AE43F039911336D994DF7471520EED844C3CBDC53D8A8673D1922596DFDC58C8A1C426A48FA725651C6D69B7DE8CF96DF7147EC9A00F52E22FEA116302F64CDDAC8CB37D6F0EBE6044E42C13E502F8DAA326F6A2E5FF293D10F14E391B7893BEC0F5

UBB Root CA
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob = 0400000001000000100000006816583EC09DBB7FD94A295E215895FF0F0000000100000020000000447D10399FE823AD0C7CA968FF2789E68EE08235C91E7902EF7D5FB7D6F6576B140000000100000014000000147FB7750760F08C83D4E7E2DE51AA6009B4E2DF1900000001000000100000004E7728C997FA9A6B643413E691AD5D51030000000100000014000000D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB5C00000001000000040000000008000020000000010000008C0300003082038830820270A003020102021074A9ABBFCBAFE09F49FC1C2B88795AF2300D06092A864886F70D01010B05003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303932303038343733335A170D3238303932303038353733335A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100F5065C626288708254F9CB0DC3795F76D0A5EF89EDE74B97672A87970D0973E0BE20AAC370D6695B23F9304B5738DE84F9ED12A5E32B5F3EB41D13C6792755BE591C44DD0D69CF1EBD5370D4A7658528A75D3EF9182BFADF72EE615A4D70A36A4F52980307E657F6ED232440DEE92ECFBF195CF0B0F8A1AE06BCE111CE40BB9F0EF949FF09937EB66C1335B85E36EAC577965336B7DC64DABF382C2EFC54307DE9F7E3AD944193B4A22B69F698CD6D2C202AC85E0628E5BE8B84959E36BFD6399A20E5BA9F5AF213AE428D88AB9882D4BF3C64D8C225C48221CF69B68428516811E945755E10F76F54F81E361535A187E139048C8A3B543D6A7AA28664F4D01B0203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414147FB7750760F08C83D4E7E2DE51AA6009B4E2DF301206092B060104018237150104050203020002302306092B0601040182371502041604143C58BF4A284B75E633AF230BCA20BDB6F012D117300D06092A864886F70D01010B05000382010100620E4FD1911F082CEE4A527531DBAA1D59194BB5E4E020E0DEEDAB8F4665B56060158EFF2A78CB95228A36FB6E27A19291197E88C55A8EBB3D7C42B3BCAF77E8BB9E031A16DD8E8D1644637BDB2156EC9CBE68B9695F896EFDC7DE93E3EDB5106187477DD9D3CE16C367087B159DF4CD7D80FC808402ABFA1B1BBE1614FDBFB60EE1C8EE9E4C8794B0D4182001E0EEFFA3ABC60666A543BFD5DA5F552CF5B42A2B4A499DE500E8362D09F0B24F56FAA3C1182F44FF4D82203F74FA362F472BAEDB0CD324F13DDE9B8B9FFA5EF2EBDD1D61E42563D1CF2F2B213D4C55DDFF1CB2907C1097AF9EBC5F61AACC348BD1190B2E7877D19D791FD0F3816C7D367A7E09

GlobalSign CodeSigning CA - G2
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\2EE8D6982CEDAA5666E9B5F55535A36E3A3932A2\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\2EE8D6982CEDAA5666E9B5F55535A36E3A3932A2\Blob = 190000000100000010000000C84538EE0D3FBA9AFB3B1CAE2067EA9E0F00000001000000140000009EF9494BA4967B969E1061163DD655AAC1F8EFF60300000001000000140000002EE8D6982CEDAA5666E9B5F55535A36E3A3932A2140000000100000014000000937F80F06D9A1B5779B9BA11A27914D06E52C3922000000001000000C0040000308204BC308203A4A00302010202121121356405609AB95F8DDB13164B82F96DE5300D06092A864886F70D01010505003051310B300906035504061302424531193017060355040A1310476C6F62616C5369676E206E762D7361312730250603550403131E476C6F62616C5369676E20436F64655369676E696E67204341202D204732301E170D3132303532393137353230325A170D3135303533303137353230325A308188310B300906035504061302425A310F300D0603550408130642656C697A65311430120603550407130B42656C697A65206369747931163014060355040A130D4469736320536F6674204C7464311630140603550403130D4469736320536F6674204C74643122302006092A864886F70D010901161366696E707240646973632D736F66742E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100BE8F3BCF9AE445DBC426AEA6FAAFA55A2BC9970F33D6B07C0DC723F7AA5723B6089A2913FDC3C0E86A9E9683DB416ECAF4A108D110BA5B6F462DEF825E810AFA540DFA11D524B99297C37F36429A891A0B612A4E7A2742673AF6F76F72C9C1467A3861254C27CD45A65D413743E57FDE2D2D43A23FA3DDA9F1FD4B1CC6F1E069CDBDFCAC1FFC71D7DF74F87E3CC9BAB7473916302F439546634B47DAFF625FD92BFC6A435ED4B7C063C19F8066357BDD1A919FDE5DF5D04B54D1FC3973A4ACB2891076388B2A3D8D2CD452577CE860A1EFD6E5D5A906CCB0D65AB9AF9EF9A3F5B9A43A315DF56D55CA534190B250787351CA6F045200175D0DF3F82F9F6CD0DD0203010001A382015430820150300E0603551D0F0101FF040403020780304C0603551D2004453043304106092B06010401A03201323034303206082B06010505070201162668747470733A2F2F7777772E676C6F62616C7369676E2E636F6D2F7265706F7369746F72792F30090603551D130402300030130603551D25040C300A06082B06010505070303303E0603551D1F043730353033A031A02F862D687474703A2F2F63726C2E676C6F62616C7369676E2E636F6D2F67732F6773636F64657369676E67322E63726C305006082B0601050507010104443042304006082B060105050730028634687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F6361636572742F6773636F64657369676E67322E637274301D0603551D0E04160414937F80F06D9A1B5779B9BA11A27914D06E52C392301F0603551D23041830168014086ED8B69C8ABFED3ED7C3745DCC801FA82F507A300D06092A864886F70D0101050500038201010039D923CA8BACB7A13AEB2C1114A92E27353871F58AC1DD9D0B7E930F795C7D86CB2BE9FD0F30FD0449D3029A0E6B1350432D29B012CA85A627C8A92F239D380084BCFA456629BDC20243553F4E3AD43EB714F580793C6B955319FC0CE47326F9E6B0EA1610EFDCA100895F23D2527779A6A13B22BD54A7B4A0C57A655768ACE3ACD87B91EAC4B42B1057BA017865B7E027B919175607DF73CFD1AEF66E296181A5B28B54A329910C80619D0329D3B46E98D62574E37E10135DC4A26F3F7FE256F09F93839B6692E04233B7626CDA00773A214C474F645AFF7DBAB6343A4CBE9FACDE015D89B19945698475315D04F6A17BF0D2F5A41916E629DC91C87F7E3692

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 минути, Mohito написа:

.....че преди беше Опера-та и точно с нея се получаваше ситуацията с десетките прозорци.

 ....е това в първия пост ми го спестихте...! А преинсталирахте ли я ...Или я деинсталирайте и вижте дали компютъра ще заработи нормално...! И след това СВЕЖИ дневници с:

 

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

 

 Дневници
 
В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 минути, Mohito написа:

Добре, сега я махам и след малко ще пиша пак.

Оки..трябва да разберем от къде  тръгва проблема ...! Малко тегаво е ама няма как ...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Махнах я. Резултат - никакъв. Почна да се стартира Макстона - пак така на началната страница и по няколко пъти.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kire (administrator) on KIRE-PC (04-03-2019 15:49:09)
Running from C:\Users\Kire\Desktop
Loaded Profiles: Kire (Available Profiles: Kire)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21]
ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1687209997-659643034-1432533341-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2019-03-04] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-03-04] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 15:49 - 2019-03-04 15:49 - 000015037 _____ C:\Users\Kire\Desktop\FRST.txt
2019-03-04 15:47 - 2019-03-04 15:48 - 000000000 ____D C:\Users\Kire\Desktop\frst 1
2019-03-04 15:43 - 2019-03-04 15:43 - 000001402 _____ C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-03-04 15:25 - 2019-03-04 15:25 - 000032012 _____ C:\Users\Kire\Documents\bookmarks_4.03.19 г..html
2019-03-04 15:04 - 2019-03-04 15:04 - 000018741 _____ C:\Users\Kire\Desktop\2019.03.04-14.56.42-i0-t92-d6.txt
2019-03-04 14:55 - 2019-03-04 15:49 - 000055137 _____ C:\Windows\ZAM.krnl.trace
2019-03-04 14:55 - 2019-03-04 15:49 - 000052064 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-03-04 14:55 - 2019-03-04 14:55 - 015807352 _____ (Copyright 2017.) C:\Users\Kire\Desktop\Zemana.AntiMalware.Portable.exe
2019-03-04 14:55 - 2019-03-04 14:55 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-03-04 14:55 - 2019-03-04 14:55 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2019-03-04 14:55 - 2019-03-04 14:55 - 000000000 ____D C:\Users\Kire\AppData\Local\Zemana
2019-03-04 13:19 - 2019-03-04 13:19 - 000274925 _____ C:\Users\Kire\Documents\KIRE-PC.zip
2019-03-04 13:16 - 2019-03-04 13:17 - 007428742 _____ C:\Users\Kire\Documents\KIRE-PC.arn
2019-03-04 11:38 - 2019-03-04 15:49 - 000000000 ____D C:\FRST
2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe
2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner
2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt
2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss
2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg
2019-02-21 23:44 - 2019-03-04 15:20 - 000000000 ____D C:\Program Files\CCleaner
2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe
2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk
2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt
2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET
2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe
2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure
2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART
2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe
2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure
2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV
2019-02-21 20:26 - 2019-03-04 15:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web
2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe
2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls
2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 15:48 - 2016-04-11 17:51 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001
2019-03-04 15:43 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC
2019-03-04 15:29 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\VirtualStore
2019-03-04 15:27 - 2016-04-14 13:11 - 000000000 ____D C:\Users\Kire\AppData\Roaming\Opera Software
2019-03-04 15:27 - 2016-04-14 13:11 - 000000000 ____D C:\Users\Kire\AppData\Local\Opera Software
2019-03-04 14:56 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire
2019-03-04 13:01 - 2018-02-11 15:44 - 000000000 ____D C:\Users\Kire\Desktop\Konkurs
2019-03-04 11:41 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC
2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer
2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite
2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent
2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump
2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther
2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent
2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages

==================== Files in the root of some directories =======

2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-03 19:14

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл
 fixlist.txt и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Проблемът остава - отваряне на панела "Search", обхождане на отворените прозорци. В момента съм на IE - не отваря нов таб, но обхожда менютата като натискане на бутона за табулация от клавиатурата, в текущия таб на IE, както си пиша изведнъж се зарежда стартовата страница, все едно е натиснат бутона "Home page"

 

 

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 Дневниците са чисти и вашия проблем определено не се дължи на зловреден софтуер....! А в безопасен режим с мрежа ( Safe Mode with Networking )...да видим  как се държи компютъра ви...?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 12 минути, icotonev написа:

 Дневниците са чисти и вашия проблем определено не се дължи на зловреден софтуер....! А в безопасен режим с мрежа ( Safe Mode with Networking )...да видим  как се държи компютъра ви...?

Да, проблемът остава същия.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Такааа следвайки златното правило:

Цитат

Ако проблемът  е наличен  под  безопасен режим, то означава, че проблемът се корени някъде:
- сред някои от приложенията, които все пак се стартират в Safe Mode (има такива, но са много малко на брой)
- по-дълбоко в системните файлове/системния регистър;
- или в хардуера.
Логично, в противен случай, ако проблемът не е налице под Safe Mode, тогава най-вероятно се дължи на някои от въпросните процеси/услуги/драйвери, които не са стартирани в него режим, но се стартират в нормалния, т.е. почти сигурно е, че проблемът е софтуерен."

 

  • Натиснете клавишна комбинация Windows + R. Това ще отвори полето Run.
  • Напишете CMD и натиснете клавишна комбинация  Ctrl + Shift + Enter, за да отворите command prompt като администратор
  • В командния ред копирайте :
Цитат

sfc /scannow

.... и натиснете Enter.

SFC ще започне да сканира вашата система за повредени системни файлове. Това може да отнеме известно време.

  • След като приключи, моля, отворете командния ред, като натиснете клавишна комбинация  Windows + R, въведете cmd и натиснете Enter, след което поставете съдържанието на полето  по-долу в Command Prompt.
Цитат
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Натиснете Enter, след като го поставите в командния ред.

След като процедурата завърши, файлът, наречен sfcdetails.txt ще бъде запазен на работния ви плот. Моля, публикувайте го в следващия си отговор.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 минути, Mohito написа:

sfc /scannow под Safe Mode, резултати: 

...този резултат в безопасен режим ли е генериран....ако е така ...ще се наложи да направим отново поправка в нормален режим...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 минути, icotonev написа:

...този резултат в безопасен режим ли е генериран....ако е така ...ще се наложи да направим отново поправка в нормален режим...!

Да, този е в безопасен. Сега рестарт в нормален режим и отново сканиране, така ли?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да ..по същата процедура...Виждам че и в безопасен е поправяло системни файлове....!

Малко ме затруднява вашия проблем ...защото все още не мога да хвана причината ...казвате и в безопасен режим е същата работа ...сега хардуер ли е , системни файлове ли са , в регистрите ли има нещо омазано....?!? Единственото сигурно което знам е че проблема не се дължи на зловреден софтуер...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Сориза намесата - готово решение на проблема CNBJ2530.DPB
Изтегляш на десктопа
SFCFix.exe
Изтегляш на десктопа
SFCFix.zip
Като се изтегли провлачваш и пускаш SFCFix.zip върху иконата на SFCFix.exe.

Редактирано от DarkEdge (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не знам какво е станало с поста с резултатите от sfc /scannow в нормален режим, затова ще прикача файла и ща го постна отново.

sfcdetails.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравей...! След поправката има ли промяна ...?

 

Цитат

Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)

Това копие на Windows легално ли е ...?

 

 

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с имеSecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

 

Отидете тук  и кликнете върху СКАНИРАНЕ СЕГА (SCAN NOW) с ESET Online Scanner, за да проверите за остатъци. 
 

  • Ще бъдете подканени да изтеглите и инсталирате esetonlinescanner_enu.exe. Кликнете върху връзката и запазете файла на удобно място. 
  • Изключете сканера в реално време на всяка съществуваща антивирусна програма, преди да извършите онлайн сканирането. Ето как : Here's how
  • Когато / ако бъдете подканени от UAC, искате ли да разрешите на това приложение да прави промени в компютъра ?, изберете Да 
  • Кликнете два пъти върху esetonlinescanner_enu.exe, за да инсталирате.... ще се отвори нов прозорец. 
  • Ако за първи път използвате ESET Online Scanner, щракнете върху Първи стъпки (Get started)
  • Кликнете върху Приемам (Accept), за да приемете Условията за ползване, след което щракнете върху Стартирай отново (Get started)
  • Отговорете на следващите въпроси, след което кликнете върху Продължи (Continue). Отговорите ви няма да повлияят на резултатите от сканирането. 
  • Ако наскоро сте стартирали ESET Online Scanner, просто кликнете върху Сканиране на компютъра ( Computer scan)
  • На екрана (Choose a scan type) тип сканиране изберете Бързо сканиране (Quick Scan.). 
  • ЗАБЕЛЕЖКА: Въпреки че се казва,  бързото сканиране ще отнеме само няколко минути, то може да отнеме няколко часа. Моля, бъдете търпеливи. 
  • След това изберете Деактивиране на ESET за откриване и поставяне в карантина на потенциално нежелани приложения (Disable ESET to detect and quarantine potentially unwanted applications)
  • Кликнете върху Разширени настройки (Advanced settings) в долния ляв ъгъл на прозореца. 
  • Уверете се, че тези опции са маркирани (всички зелени): 

 

Цитат
  • Открийте подозрителни приложения (Detect suspicious applications)
  • Откриване на потенциално опасни приложения (Detect potentially unsafe applications)
  • Сканирайте архивите (Scan archives)

 

 

  • Щракнете върху синята стрелка назад до Разширени настройки (Advanced Settings)
  • Щракнете върху Стартиране на сканирането (Start scan)
  • Изчакайте сканирането да приключи. 
  • Когато сканирането е приключи, ако няма открити заплахи, просто излезте от ESET Online Scanner и ме уведомете. 
  • Ако са открити заплахи, щракнете върху Преглед на подробни резултати (View detailed results) , след което щракнете върху Запазване на журнал за сканиране (Save scan log) изберете име и го запазете на работния плот. 
  • НЕ бъдете разтревожени от това, което виждате в доклада. Много от находките вероятно са били поставени под карантина. 
  • Моля, копирайте / поставете съдържанието на дневника в следващия си отговор. 
  • За да затворите ESET Online Scanner, изберете Continue и следвайте указанията.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.


  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от manjaro
      Здравейте. Интересува ме, дали има нещо притиснително според логовете от farbar. Просто профилактично.

       
      Farbar logs.7z
    • от The Reaper
      Здравейте, преди два дена някъде забелязах яко лагене на моменти, мишката едва се влачеше и процесора забелязах че качва на 100%,  поня че първите няколко пъти като го забелязах това антивирусната (вградената на win 10pro) изписва че нещо е хванато под карантира, но да речем след няколко часа пак по същия начин, системата забавя и така, общо траеше около 20-25сек. По време на този проблем имах и проблем с geforce experianc-а на видео драйвера, за това и направих тема в отдел драйвери, както и да е проблема с драйвера е решен ала да видим какво ще правим по въпроса. Пиша ви след като колега ми препоръча да изтегля malwarebytes и да сканирам, така и направих, активирах 14денния период и сканирах и намери няколко съмнителни открития, всички поставени под карантина. Сега знам че не съм сканирал както е по ред със програмите посочени от вас, но искам да ви покажа лог-а на malwarebytes и ако кажете ще следвам стъпките както сте посочили в темата за премахване на зловреден софтуер, надявам се че не е проблем че не съм следвал както трябва стъпка по стъпка, ако е извинете. ето го лог-а: https://dox.abv.bg/download?id=d02deebbb7
    • от Станислав Маринов
      Addition.txt FRST.txt Shortcut.txt
    • от klass
      Здравейте! Опитвам да се запиша за платено почистване ми излиза това -
      "Съжаляваме, възникна проблем
      Нещо се обърка. Моля опитайте отново Код на грешка EX1406"
       
      Накратко искам платено почистване на компютъра ако е възможно.
      Проблема е следния:  В един момент Мозила Файерфокс ми съобщава, че не мога да използвам отметките, защото се използвали от друга програма.
      Рестартирах компютъра и на влизане уиндоус ми казва че няма връзка с интернет и да позвам други опции да вляза.
      Само дето нямам спомен как съм се регистрирал за майкрософтски акаунт, нито име нито имеил.
      На единия диск имам GRUB от който избирам Линукс или уиндоус да заредя, през който влизам в Линукс Минт. И от там пиша сега.
      Само че каквото и да сваля за проверка е за уиндоус и не мога да го стартирам в Линукса.
      Има ли начин през Линукса да се почисти компютъра или да го преинсталирам?
      Благодаря за вниманието, и извинявайте ако не е това начина за контакт.
       
      Това е компютъра: System: Host: xaxa-desktop Kernel: 4.15.0-62-generic x86_64 bits: 64 gcc: 7.4.0 Desktop: Cinnamon 3.8.9 (Gtk 3.22.30-1ubuntu4) dm: lightdm Distro: Linux Mint 19 Tara Machine: Device: desktop Mobo: ASRock model: Z370 Pro4 serial: N/A UEFI: American Megatrends v: P3.20 date: 09/06/2018 CPU: 6 core Intel Core i7-8700 (-MT-MCP-) arch: Skylake rev.10 cache: 12288 KB flags: (lm nx sse sse2 sse3 sse4_1 sse4_2 ssse3 vmx) bmips: 38304 clock speeds: min/max: 800/4600 MHz 1: 1210 MHz 2: 938 MHz 3: 1064 MHz 4: 1624 MHz 5: 1582 MHz 6: 1650 MHz 7: 1004 MHz 8: 1016 MHz 9: 1097 MHz 10: 1018 MHz 11: 969 MHz 12: 804 MHz Graphics: Card: NVIDIA GP104 [GeForce GTX 1080] bus-ID: 01:00.0 chip-ID: 10de:1b80 Display Server: x11 (X.Org 1.19.6 ) drivers: nvidia (unloaded: modesetting,fbdev,vesa,nouveau) Resolution: [email protected] OpenGL: renderer: GeForce GTX 1080/PCIe/SSE2 version: 4.6.0 NVIDIA 390.116 Direct Render: Yes Audio: Card-1 NVIDIA GP104 High Def. Audio Controller driver: snd_hda_intel bus-ID: 01:00.1 chip-ID: 10de:10f0 Card-2 Intel 200 Series PCH HD Audio driver: snd_hda_intel bus-ID: 00:1f.3 chip-ID: 8086:a2f0 Sound: Advanced Linux Sound Architecture v: k4.15.0-62-generic Network: Card: Intel Ethernet Connection (2) I219-V driver: e1000e v: 3.2.6-k bus-ID: 00:1f.6 chip-ID: 8086:15b8 IF: eno1 state: up speed: 1000 Mbps duplex: full mac: <filter> Drives: HDD Total Size: 8513.7GB (0.4% used) ID-1: /dev/sda model: ADATA_SU800 size: 512.1GB serial: <filter> ID-2: /dev/sdb model: ST4000VN008 size: 4000.8GB serial: <filter> ID-3: /dev/sdc model: ST4000VN008 size: 4000.8GB serial: <filter> Partition: ID-1: / size: 1.1T used: 32G (4%) fs: ext4 dev: /dev/sdc1 RAID: System: supported: N/A No RAID devices: /proc/mdstat, md_mod kernel module present Unused Devices: none Sensors: System Temperatures: cpu: 33.0C mobo: N/A gpu: 0.0:42C Fan Speeds (in rpm): cpu: N/A Repos: Active apt sources in file: /etc/apt/sources.list.d/official-package-repositories.list deb http: //packages.linuxmint.com tara main upstream import backport deb http: //archive.ubuntu.com/ubuntu bionic main restricted universe multiverse deb http: //archive.ubuntu.com/ubuntu bionic-updates main restricted universe multiverse deb http: //archive.ubuntu.com/ubuntu bionic-backports main restricted universe multiverse deb http: //security.ubuntu.com/ubuntu/ bionic-security main restricted universe multiverse deb http: //archive.canonical.com/ubuntu/ bionic partner Info: Processes: 255 Uptime: 1:05 Memory: 3446.9/15974.9MB Init: systemd v: 237 runlevel: 5 Gcc sys: 7.4.0 Client: Unknown python3.6 client inxi: 2.3.56  
    • от Alpine Trail
      Здравейте!От известно време имам забавяне  и забиване на системата и затова вчера и днес пуснах няколко сканирвания с две различни версии на Eset-a.С най-новата версия откри 4 инфектирани файла.С другата при първото сканирване включих и дял D и също 4.При второто без дял D,3 такива.Чудя се дали трябва да се трият тези файлове.Това са логовете.
      Eset Online Scanner-07.09.2019.txt Eset Online Scanner-08.09.2019.txt
  • Дарение

×
×
  • Добави ново...