Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Здравейте,

от известно време се появи следния проблем - малко след зареждането на Windows 8.1, започва самоволно стартиране на браузъра по подразбиране, като се отварят по 4-5 прозореца, а понякога и по повече. Прегледах някои теми за сходни проблеми във форума и трябва да отбележа една съществена разлика - при мен браузера се стартира с началния си екран и НЕ тръгва да зарежда някаква страница в интернет... просто си стои на началната страница и стартира още прозорци.

След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис"How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store.

Други неща, които се случват: отваряне на десния панел на десктопа на секцията "Search", превключване м/у различни отворени прозорци, отваряне на нови табове при работещ браузър, обхождане на менютата на отворени прозорци, и всичко това придружено със звуков сигнал (бибкане).

До момента сканирано с:

- Windows defender;

 - Kasperski Free;

- Dr. Web;

- Malwarebytes... и всички казват, че системата е чиста...

Това е в общи линии. Прилагам резултатите от FRST, благодаря предварително

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kire (administrator) on KIRE-PC (04-03-2019 11:39:00)
Running from C:\Users\Kire\Desktop
Loaded Profiles: Kire (Available Profiles: Kire)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Malwarebytes Corporation -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera_crashreporter.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Opera Software AS -> Opera Software) C:\Program Files (x86)\Opera\58.0.3135.79\opera.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\reader_sl.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [19646312 2019-02-12] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21]
ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome: 
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6562472 2019-02-01] (Malwarebytes Corporation -> Malwarebytes)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153328 2019-01-08] (Malwarebytes Corporation -> Malwarebytes)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [198512 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [127136 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [72864 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [274416 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [114040 2019-02-24] (Malwarebytes Corporation -> Malwarebytes)
S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 11:39 - 2019-03-04 11:39 - 000016906 _____ C:\Users\Kire\Desktop\FRST.txt
2019-03-04 11:38 - 2019-03-04 11:39 - 000000000 ____D C:\FRST
2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe
2019-02-24 16:56 - 2019-02-24 16:56 - 000072864 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000274416 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000127136 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2019-02-24 16:55 - 2019-02-24 16:55 - 000114040 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner
2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt
2019-02-24 16:32 - 2019-02-24 16:32 - 000198512 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2019-02-24 16:32 - 2019-02-24 16:32 - 000001843 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-02-24 16:32 - 2019-01-08 15:32 - 000153328 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt
2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss
2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg
2019-02-21 23:44 - 2019-02-22 00:56 - 000004128 _____ C:\Windows\System32\Tasks\CCleaner Update
2019-02-21 23:44 - 2019-02-21 23:44 - 000002804 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2019-02-21 23:44 - 2019-02-21 23:44 - 000000794 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-02-21 23:44 - 2019-02-21 23:44 - 000000000 ____D C:\Program Files\CCleaner
2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe
2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk
2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt
2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET
2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe
2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure
2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART
2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe
2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure
2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV
2019-02-21 20:26 - 2019-03-04 11:26 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web
2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe
2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls
2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 11:38 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC
2019-03-03 19:04 - 2016-04-14 13:11 - 000003860 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1460632245
2019-03-03 19:04 - 2016-04-14 13:10 - 000000000 ____D C:\Program Files (x86)\Opera
2019-02-26 21:35 - 2016-04-11 17:51 - 000003598 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001
2019-02-26 20:14 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC
2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer
2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite
2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent
2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump
2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther
2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent
2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-02-20 02:39 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire
2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages

==================== Files in the root of some directories =======

2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-03 19:14

==================== End of FRST.txt ============================

 

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..! От предоставените дневници не се виждат активни зарази..!

 

icon1373991893.jpg

Изтеглете Autoruns и:

  • Стартирайте програмата;
  • Изберете Options => сложете отметки пред Hide Empty Locations, Hide Microsoft Entries и Hide Windows Entries и махнете отметката пред Hide VirusTotal Clean Entries;
  • Сега изберете Options => Scan Options => и сложете отметки пред Verify Code Signature, Check VirusTotal.com и Submit Unknown Images;
  • Изберете бутона F5 за да се повтори проверката. Изчакайте да приключи (ще разберете, че е така ако в долния ляв край на програмата изпише Ready.);
  • От менюто File => изберете Save => запазете файла някъде с желано от вас име (във формат arn), архивирайте го с програма по желание в zip формат и го прикачете към темата.

 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

...и тук нищо притеснително...!

Моля, изтеглете Zemana AntiMalware и го запишете на вашия работен плот.

  • Стартирайте програмата.
  • Кликнете върху иконата bHTyaUA.png.
  • Отидете на Scan и сложете отметка пред Create Restore Point.
  • Отидете на Advanced и кликнете бутона I have read the warning and wish to proceed anyway.
  • Сложете отметки пред Auto Upload и Detect suspicious (root CA) certificates.
  • Сега вече натиснете иконата GeaXUNf.png.
  • Натиснете Scan за да започне проверката.
  • След кратко сканирането приключи кликнете върху иконата [IMG] (не натискайте бутона Next) и отворете последния доклад.
  • Сега кликнете File => Save As  и изберете своя Desktop и натиснете Save.
  • Моля копирайте съдържанието на лог файла в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Мистерия някаква...


Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 1 час, Mohito написа:

След като успях да направя така, че да нямам браузър по default започна да се отваря диалогов прозорец с надпис"How do you want to open this type of link (http)?", като отдолу са изредени браузерите и win store.

В момента браузър по подразбиране е Maxthon...!!!! Как да нямате..?!?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

..и след като завърши сканирането ..ще ви помоля да деинсталирате всичко което сте използвали като антивирусен софтуер...НЕКА ДА ОСТАНЕ САМО Kaspersky Free

 

 Malwarebytes + ESET + F-Secure + Doctor Web - ТОЗИ СОФТУЕР ДА СЕ ПРЕМАХНЕ ОТ ВАШИЯ КОМПЮТЪР ..! 
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Имам предвид, че преди беше Опера-та и точно с нея се получаваше ситуацията с десетките прозорци. От default programs/set program access and comuter defaults/choose a default web browser махнах отметките от enable access to this program за всичките. Преди това ръчно бях преименувал launcher-а на Операта, защото при отварянето на няколко рпозореца едновременно през няколко секунди процесора отиваше на 100% и компа става практически неизползваем. След това на няколко пъти ми се наложи да включвам и изключвам enable access-а, в момента гледам чавките са засветнати, странно...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Zemana AntiMalware 2.74.2.150 (Portable)

-------------------------------------------------------
Scan Result            : Completed
Scan Date              : 2019.3.4
Operating System       : Windows 8.1 64-bit
Processor              : 2X Intel(R) Pentium(R) CPU G3240 @ 3.10GHz
BIOS Mode              : Legacy
CUID                   : 128F7BC5AB7ACD09EE5F45
Scan Type              : System Scan
Duration               : 5m 51s
Scanned Objects        : 45144
Detected Objects       : 6
Excluded Objects       : 0
Read Level             : SCSI
Auto Upload            : Enabled
Detect All Extensions  : Disabled
Scan Documents         : Disabled
Domain Info            : WORKGROUP,0,2

Detected Objects
-------------------------------------------------------

UBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D5AE31DC76B6C6879F968B183298925E84F44E20\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D5AE31DC76B6C6879F968B183298925E84F44E20\Blob = 5C000000010000000400000000080000140000000100000014000000189860B58760F90924CB71BD9A9596B2056BB6C8030000000100000014000000D5AE31DC76B6C6879F968B183298925E84F44E200400000001000000100000004ED72667394EAA982F0CF6BBFEF7865E0F0000000100000014000000784954E7105D976D96AEF39D8A73441F74D60E3B190000000100000010000000DB07C1F8D43CCB320E5E5D414B0562FE2000000001000000650300003082036130820249A00302010202105D97984983E0BC9B4CE8DCCED117686A300D06092A864886F70D01010505003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3130303131333132353132365A170D3232303131333132353434305A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100D6D829C4937BA1DA7027240649E0868385DD070EDB6BD5D3AAF6799B9205AF19B640E2CE8B4881D00A57BD3500B2529E82A2D61FFB70BB7028AE51F809C4B4BB36B169C77B337CD18573DE04097E748E51C64A13AF5330D2E252CB82021117A91EE391054A753AFB0CB0CD759D141FF323C5990FE3474D5BEACACF2DD714FB9D7984FFAC857D08F13940CBA5D0EA6F42D61FC1CF6B89FB35EA246794425F2576B8CF83D12A5372F30D4F55627CB1CBFE0D8E990BA9A0B2008C8CD74EA390F61163EE0BED4925AEC51E7BFB564A47804833B97EAC777DF5D93E3561CBB26F33D7CFD6CF70FEAA71CEBA2A8356D88BD80613ADE7AF646D202818FFC77A3CE32A670203010001A351304F300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414189860B58760F90924CB71BD9A9596B2056BB6C8301006092B06010401823715010403020100300D06092A864886F70D01010505000382010100B5C51443B4358280CF6B9EEEE1B25AC4325507E74500C8B52637BC8EEDE73D06BFEEF67137A438C000456477BFA255C992C6336F207EE624805FCA6844BE294855FBB94557FA3104828786ED74FE48C29582D437AAFCD561BC9DCF9DE90643665E42D2781B20D39922E20F17D9194CCE0FA990533B3969625C57F665B1BB124DAF7AFA91E77F6D0E6EFC440B9D46DA672E0580D61D13E21791CD852FA43E4E4708ABAECCBB285667A1EB7AB8CC5CA8A923FCFE01B2CB1601464148D7180B08064E376A27BEFD121BBDA3AC71A442AF7AEA681D3FF0595C1FDC759F19A53B8710E94C77B80649DB282F7A1CDC80C66E9A4E03567DFAA65A945F4348E9134172A9

UBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob = 5C000000010000000400000000080000140000000100000014000000147FB7750760F08C83D4E7E2DE51AA6009B4E2DF0400000001000000100000006816583EC09DBB7FD94A295E215895FF030000000100000014000000D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB0F0000000100000020000000447D10399FE823AD0C7CA968FF2789E68EE08235C91E7902EF7D5FB7D6F6576B1900000001000000100000004E7728C997FA9A6B643413E691AD5D5120000000010000008C0300003082038830820270A003020102021074A9ABBFCBAFE09F49FC1C2B88795AF2300D06092A864886F70D01010B05003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303932303038343733335A170D3238303932303038353733335A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100F5065C626288708254F9CB0DC3795F76D0A5EF89EDE74B97672A87970D0973E0BE20AAC370D6695B23F9304B5738DE84F9ED12A5E32B5F3EB41D13C6792755BE591C44DD0D69CF1EBD5370D4A7658528A75D3EF9182BFADF72EE615A4D70A36A4F52980307E657F6ED232440DEE92ECFBF195CF0B0F8A1AE06BCE111CE40BB9F0EF949FF09937EB66C1335B85E36EAC577965336B7DC64DABF382C2EFC54307DE9F7E3AD944193B4A22B69F698CD6D2C202AC85E0628E5BE8B84959E36BFD6399A20E5BA9F5AF213AE428D88AB9882D4BF3C64D8C225C48221CF69B68428516811E945755E10F76F54F81E361535A187E139048C8A3B543D6A7AA28664F4D01B0203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414147FB7750760F08C83D4E7E2DE51AA6009B4E2DF301206092B060104018237150104050203020002302306092B0601040182371502041604143C58BF4A284B75E633AF230BCA20BDB6F012D117300D06092A864886F70D01010B05000382010100620E4FD1911F082CEE4A527531DBAA1D59194BB5E4E020E0DEEDAB8F4665B56060158EFF2A78CB95228A36FB6E27A19291197E88C55A8EBB3D7C42B3BCAF77E8BB9E031A16DD8E8D1644637BDB2156EC9CBE68B9695F896EFDC7DE93E3EDB5106187477DD9D3CE16C367087B159DF4CD7D80FC808402ABFA1B1BBE1614FDBFB60EE1C8EE9E4C8794B0D4182001E0EEFFA3ABC60666A543BFD5DA5F552CF5B42A2B4A499DE500E8362D09F0B24F56FAA3C1182F44FF4D82203F74FA362F472BAEDB0CD324F13DDE9B8B9FFA5EF2EBDD1D61E42563D1CF2F2B213D4C55DDFF1CB2907C1097AF9EBC5F61AACC348BD1190B2E7877D19D791FD0F3816C7D367A7E09

B-Trust Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\4BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED\Blob = 4B0000000100000044000000360037004100440034003200360042003500380039003200310036004500360044003600340044003400350045004600410034003000430032003400390044005F000000190000000100000010000000A36D039A7F1BF303A000B3178102AAF3040000000100000010000000BFCEEA6310A629AD4844CCC55F935C5E0300000001000000140000004BBCCBCB6D75039C58034E9F633CDA72B6A1A2ED0F000000010000001400000090B620F4AF8BB10F063A2068B7D3E112223321111400000001000000140000009BA6483A231F3AA9A888285764ED04961C30C89D5C00000001000000040000000010000020000000010000001C0700003082071830820500A003020102020101300D06092A864886F70D0101050500306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F74204341301E170D3130303831373134313233385A170D3330303831373134313233385A306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F7420434130820222300D06092A864886F70D01010105000382020F003082020A0282020100C83AD84C8EA7AFBF51DCA9BCC30D5DF76180AAC4E1D03A6DE136FA5660A0DEC71486B86A4263A4DA0DBB866092EE60D2079EBB5E877083A47D9B6CD90D702ED8FBF46C8C3758A19E87BB90F62CE56221BA87B0DBC49FA43CE5B8B6405A4852AFDFBC0787CA23D436BE0B7CD37468E8686B8744B0DFB173972E52233404F28F480FF9C8B72857E15A976055696433D71B72885BC8522131261DD784FAE7ED0258E3CD3F690AA647E5E7D2BB9DF212902A9503DBA8A65FD3DAC0B2C87177107F854B48BC1B83E554AA56AAA7E2D9AFEBBD41279A73BB3DD8D28C040C03350E5B674B4E030E226BD4C5F252635E79D7E13B2D9B577BEE409B76FF01CCBE36893DDD0CF2194A4BBD2905BEA92BEC37105570876B54C26C447C7D340F226D83522BEAFC4C6758764E06774CAA772119AA72FAA2F95542E848E47E4C99E6EACF858330856F21E8F8552822DAAD1E21B4CD52F10DE532577F98E070DDCBCBC75E3439364AD21A4C548A7CA918289B1857148600BEDAF318EB4A3C6744D07F0EBD95CF749EA418D934C6CD1B89B257C8936FD5B18E35C9C48FF0983ED833FB115E59F60075102E1E7552B3EDBE2F99C7C73E71057E4BA7B1AAE4671E2C9C390CFA452A829755BE535DE698A73D873C6C7CBB9086610A2CDCB98F4DE180022AF795747ACF972070A5F36F38A5CF279087BDA831DF17FC2D3D918C47FEDB3BCAA0893680C3020300A37BA38201C5308201C1301D0603551D0E041604149BA6483A231F3AA9A888285764ED04961C30C89D3081950603551D2304818D30818A80149BA6483A231F3AA9A888285764ED04961C30C89DA16FA46D306B310B3009060355040613024247310E300C06035504071305536F6669613120301E060355040A1317424F52494341202D2042414E4B534552564943452041443110300E060355040B1307422D5472757374311830160603550403130F422D547275737420526F6F7420434182010130210603551D12041A30188616687474703A2F2F7777772E622D74727573742E6F726730120603551D130101FF040830060101FF02010430370603551D200430302E302C0604551D20003024302206082B060105050702011616687474703A2F2F7777772E622D74727573742E6F7267300E0603551D0F0101FF04040302010630530603551D1F044C304A3048A046A0448642687474703A2F2F7777772E622D74727573742E6F72672F7265706F7369746F72792F636135726F6F742F63726C2F622D74727573745F6361355F726F6F742E63726C303306082B0601050507010104273025302306082B060105050730018617687474703A2F2F6F6373702E622D74727573742E6F7267300D06092A864886F70D0101050500038202010086A8C343F9FE1A772A341796590AC7999C53B27EB97EB4296EDC9492FCBAC1005422550B6440290F9155E445342FCC512C9FD9E7425537C7B2C40BD08C37EC2F3BD26972814C70651D0E71965B65237D8AB76AF69B217518C3F98547FB19B1012AA4201B299E5EE51280E97AB43741C5E75F8D7F97E425358D7D365A7186C29BEB47F2953FE15DAAF8832F4D6F61CC91F6D37779C24C72A4AC2A48891C086BA722F668C7A58A707A3505E71F018C0FBF657D0B204F7A135968BCA52193EB5E12EB2C66E639800DB8D0AE87BEAB1FE2A366B97C6467FD6BB273C06C6E2CB338C8E59B14؀掏ā냤ĉ퉜؀ðUBB Root CA
Status             : Scanned
Object             : HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3C58BF4A284B75E633AF230BCA20BDB6F012D117\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKCU\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\3C58BF4A284B75E633AF230BCA20BDB6F012D117\Blob = 190000000100000010000000452B230D638D93989C7675A46955D2AB0F0000000100000014000000662CB200F58662ED062369E8D31103FE8370E0E80300000001000000140000003C58BF4A284B75E633AF230BCA20BDB6F012D117140000000100000014000000DAFB3FFC3DC743276D9198B34C437139D27F963D20000000010000008C0300003082038830820270A0030201020210731234A928CF3391406A015F72463639300D06092A864886F70D01010505003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303130383037323332365A170D3238303130383037333332365A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100E18674C080E26A9B4232223E1849E358B6BEB820C2C95F53674A2B7CFA104CDB87B3C0FAEBF5C5650C3C6CC1CACCB9F29DB02B522DD5C904D1F09778D65BED3A30A823A35B1218002394191890BEC7789C2F5F3857949816C68C57CEEEAFEE4623796974F382E5A9FFB66606FCF23B86048D04702A14348274F9D78AD39198A4066D103A1F6CE4C7DFAC317D2C765345CD35C81CAD6FC7261CCAC415CF183C810027621348A781C3F2EFFEEB12DC49BBB849DE6E41A0D97DCD4CC0955D91875619405E6AC1C3D9D71C59601AC5C8BEF88462282AD6178523257FDD27A5402F0EC71189CFA5EE65C74CACBC8557B8FB665F8195BFFA5F2A70157FC8CEF7B196D70203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414DAFB3FFC3DC743276D9198B34C437139D27F963D301206092B060104018237150104050203010001302306092B060104018237150204160414D5AE31DC76B6C6879F968B183298925E84F44E20300D06092A864886F70D0101050500038201010024B5709A78216629DB09C5A488A236A30281D2AB9D6AE2CED2396E4056850621D2FB2028C253CA5AA606C31A7CEB9BDCF1F2CC493B12C4C2935D6D0175438F28DC8F74A4A43DFD84CCE79A9F7F9D38427180EBF7F7CE865D8BA3556433A74E0F3CDBA7CC6149E9BF08F37BEE1EA41704A753A5F745C214FD6DA1FCF1E08285416F451C9B13C831376CD50E90593CF2727BEAB2006BB35FC84627B4880A82AE43F039911336D994DF7471520EED844C3CBDC53D8A8673D1922596DFDC58C8A1C426A48FA725651C6D69B7DE8CF96DF7147EC9A00F52E22FEA116302F64CDDAC8CB37D6F0EBE6044E42C13E502F8DAA326F6A2E5FF293D10F14E391B7893BEC0F5

UBB Root CA
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB\Blob = 0400000001000000100000006816583EC09DBB7FD94A295E215895FF0F0000000100000020000000447D10399FE823AD0C7CA968FF2789E68EE08235C91E7902EF7D5FB7D6F6576B140000000100000014000000147FB7750760F08C83D4E7E2DE51AA6009B4E2DF1900000001000000100000004E7728C997FA9A6B643413E691AD5D51030000000100000014000000D542B49721679AAC5C5E0A65A8044BB3DD6B8BAB5C00000001000000040000000008000020000000010000008C0300003082038830820270A003020102021074A9ABBFCBAFE09F49FC1C2B88795AF2300D06092A864886F70D01010B05003043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F74204341301E170D3136303932303038343733335A170D3238303932303038353733335A3043310B3009060355040613024247311E301C060355040A1315556E697465642042756C67617269616E2042616E6B311430120603550403130B55424220526F6F7420434130820122300D06092A864886F70D01010105000382010F003082010A0282010100F5065C626288708254F9CB0DC3795F76D0A5EF89EDE74B97672A87970D0973E0BE20AAC370D6695B23F9304B5738DE84F9ED12A5E32B5F3EB41D13C6792755BE591C44DD0D69CF1EBD5370D4A7658528A75D3EF9182BFADF72EE615A4D70A36A4F52980307E657F6ED232440DEE92ECFBF195CF0B0F8A1AE06BCE111CE40BB9F0EF949FF09937EB66C1335B85E36EAC577965336B7DC64DABF382C2EFC54307DE9F7E3AD944193B4A22B69F698CD6D2C202AC85E0628E5BE8B84959E36BFD6399A20E5BA9F5AF213AE428D88AB9882D4BF3C64D8C225C48221CF69B68428516811E945755E10F76F54F81E361535A187E139048C8A3B543D6A7AA28664F4D01B0203010001A3783076300B0603551D0F040403020186300F0603551D130101FF040530030101FF301D0603551D0E04160414147FB7750760F08C83D4E7E2DE51AA6009B4E2DF301206092B060104018237150104050203020002302306092B0601040182371502041604143C58BF4A284B75E633AF230BCA20BDB6F012D117300D06092A864886F70D01010B05000382010100620E4FD1911F082CEE4A527531DBAA1D59194BB5E4E020E0DEEDAB8F4665B56060158EFF2A78CB95228A36FB6E27A19291197E88C55A8EBB3D7C42B3BCAF77E8BB9E031A16DD8E8D1644637BDB2156EC9CBE68B9695F896EFDC7DE93E3EDB5106187477DD9D3CE16C367087B159DF4CD7D80FC808402ABFA1B1BBE1614FDBFB60EE1C8EE9E4C8794B0D4182001E0EEFFA3ABC60666A543BFD5DA5F552CF5B42A2B4A499DE500E8362D09F0B24F56FAA3C1182F44FF4D82203F74FA362F472BAEDB0CD324F13DDE9B8B9FFA5EF2EBDD1D61E42563D1CF2F2B213D4C55DDFF1CB2907C1097AF9EBC5F61AACC348BD1190B2E7877D19D791FD0F3816C7D367A7E09

GlobalSign CodeSigning CA - G2
Status             : Scanned
Object             : HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\2EE8D6982CEDAA5666E9B5F55535A36E3A3932A2\Blob
MD5                : -
Publisher          : -
Size               : -
Version            : -
Detection          : Suspicious Root CA
Cleaning Action    : Delete
Related Objects    :
                Registry Entry - HKLM\SOFTWARE\Microsoft\SystemCertificates\ROOT\Certificates\2EE8D6982CEDAA5666E9B5F55535A36E3A3932A2\Blob = 190000000100000010000000C84538EE0D3FBA9AFB3B1CAE2067EA9E0F00000001000000140000009EF9494BA4967B969E1061163DD655AAC1F8EFF60300000001000000140000002EE8D6982CEDAA5666E9B5F55535A36E3A3932A2140000000100000014000000937F80F06D9A1B5779B9BA11A27914D06E52C3922000000001000000C0040000308204BC308203A4A00302010202121121356405609AB95F8DDB13164B82F96DE5300D06092A864886F70D01010505003051310B300906035504061302424531193017060355040A1310476C6F62616C5369676E206E762D7361312730250603550403131E476C6F62616C5369676E20436F64655369676E696E67204341202D204732301E170D3132303532393137353230325A170D3135303533303137353230325A308188310B300906035504061302425A310F300D0603550408130642656C697A65311430120603550407130B42656C697A65206369747931163014060355040A130D4469736320536F6674204C7464311630140603550403130D4469736320536F6674204C74643122302006092A864886F70D010901161366696E707240646973632D736F66742E636F6D30820122300D06092A864886F70D01010105000382010F003082010A0282010100BE8F3BCF9AE445DBC426AEA6FAAFA55A2BC9970F33D6B07C0DC723F7AA5723B6089A2913FDC3C0E86A9E9683DB416ECAF4A108D110BA5B6F462DEF825E810AFA540DFA11D524B99297C37F36429A891A0B612A4E7A2742673AF6F76F72C9C1467A3861254C27CD45A65D413743E57FDE2D2D43A23FA3DDA9F1FD4B1CC6F1E069CDBDFCAC1FFC71D7DF74F87E3CC9BAB7473916302F439546634B47DAFF625FD92BFC6A435ED4B7C063C19F8066357BDD1A919FDE5DF5D04B54D1FC3973A4ACB2891076388B2A3D8D2CD452577CE860A1EFD6E5D5A906CCB0D65AB9AF9EF9A3F5B9A43A315DF56D55CA534190B250787351CA6F045200175D0DF3F82F9F6CD0DD0203010001A382015430820150300E0603551D0F0101FF040403020780304C0603551D2004453043304106092B06010401A03201323034303206082B06010505070201162668747470733A2F2F7777772E676C6F62616C7369676E2E636F6D2F7265706F7369746F72792F30090603551D130402300030130603551D25040C300A06082B06010505070303303E0603551D1F043730353033A031A02F862D687474703A2F2F63726C2E676C6F62616C7369676E2E636F6D2F67732F6773636F64657369676E67322E63726C305006082B0601050507010104443042304006082B060105050730028634687474703A2F2F7365637572652E676C6F62616C7369676E2E636F6D2F6361636572742F6773636F64657369676E67322E637274301D0603551D0E04160414937F80F06D9A1B5779B9BA11A27914D06E52C392301F0603551D23041830168014086ED8B69C8ABFED3ED7C3745DCC801FA82F507A300D06092A864886F70D0101050500038201010039D923CA8BACB7A13AEB2C1114A92E27353871F58AC1DD9D0B7E930F795C7D86CB2BE9FD0F30FD0449D3029A0E6B1350432D29B012CA85A627C8A92F239D380084BCFA456629BDC20243553F4E3AD43EB714F580793C6B955319FC0CE47326F9E6B0EA1610EFDCA100895F23D2527779A6A13B22BD54A7B4A0C57A655768ACE3ACD87B91EAC4B42B1057BA017865B7E027B919175607DF73CFD1AEF66E296181A5B28B54A329910C80619D0329D3B46E98D62574E37E10135DC4A26F3F7FE256F09F93839B6692E04233B7626CDA00773A214C474F645AFF7DBAB6343A4CBE9FACDE015D89B19945698475315D04F6A17BF0D2F5A41916E629DC91C87F7E3692

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 минути, Mohito написа:

.....че преди беше Опера-та и точно с нея се получаваше ситуацията с десетките прозорци.

 ....е това в първия пост ми го спестихте...! А преинсталирахте ли я ...Или я деинсталирайте и вижте дали компютъра ще заработи нормално...! И след това СВЕЖИ дневници с:

 

Сканиране с Farbar Recovery Scan

  • Моля изтеглете icon1337953436.pngFarbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа.
  • Стартирайте файла FRST.exe (или FRST64.exe)
  • Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение.
  • Натиснете бутона YClYkft.jpg.
  • Изчакайте търпеливо проверката да приключи.
  • Ще се създадат два лог файла с името - FRST.txt и Addition.txt на десктопа.
  • Копирайте съдържанието на файла FRST.txt в следващия си пост.Прикачете Addition.txt в коментар си (погледнете опцията Прикачване на файлове, когато публикувате мнение).

 

 Дневници
 
В следващия си отговор, моля да включите (като копирате целите съдържания ) следните дневници:

  • FRST.txt (копирате цялото съдържание)
  • Addition.txt (прикачате..) 

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 5 минути, Mohito написа:

Добре, сега я махам и след малко ще пиша пак.

Оки..трябва да разберем от къде  тръгва проблема ...! Малко тегаво е ама няма как ...

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Махнах я. Резултат - никакъв. Почна да се стартира Макстона - пак така на началната страница и по няколко пъти.

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 03.03.2019 01
Ran by Kire (administrator) on KIRE-PC (04-03-2019 15:49:09)
Running from C:\Users\Kire\Desktop
Loaded Profiles: Kire (Available Profiles: Kire)
Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)
Default browser: "C:\Program Files (x86)\Maxthon5\Bin\Maxthon.exe" "%1"
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atiesrxx.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\atieclxx.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avpui.exe
(Kaspersky Lab -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksdeui.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) [File not signed] C:\Program Files\Windows Sidebar\sidebar.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [8464600 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1392856 2015-03-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-12-16] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3675352 2013-10-28] (Disc Soft Ltd -> Disc Soft Ltd)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Sidebar] => C:\Program Files\Windows Sidebar\sidebar.exe [1475072 2013-10-02] (Microsoft Corporation) [File not signed]
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Run: [Viber] => C:\Users\Kire\AppData\Local\Viber\Viber.exe [35950152 2018-02-22] (Viber Media S.à r.l. -> Viber Media S.à r.l.)
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Mystify.scr [133632 2014-11-21] (Microsoft Windows -> Microsoft Corporation)
Startup: C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Изпращане в OneNote.lnk [2018-04-21]
ShortcutTarget: Изпращане в OneNote.lnk -> C:\Program Files\Microsoft Office\Office15\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{0AFEE81C-413D-4C4C-87C4-B73D21E67655}: [DhcpNameServer] 217.9.239.90 217.9.239.94
Tcpip\..\Interfaces\{8D5336D0-E0A6-456B-BDA5-1F85837A1179}: [NameServer] 8.8.8.8,8.8.4.4

Internet Explorer:
==================
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.bg/
HKU\S-1-5-21-1687209997-659643034-1432533341-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/?ocid=iehp
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
BHO: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Kaspersky Protection -> {EC1E29BB-F56A-45D8-B023-D3EF710FA0E0} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
Toolbar: HKU\S-1-5-21-1687209997-659643034-1432533341-1001 -> Kaspersky Protection Toolbar - {C500C267-63BF-451F-8797-4D720C9A2ED9} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\IEExt\ie_plugin.dll [2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
DPF: HKLM-x32 {A996E48C-D3DC-4244-89F7-AFA33EC60679} hxxps://ebb.ubb.bg/CAPICOM/capicom.cab
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)

FireFox:
========
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF Extension: (Kaspersky Protection) - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi [2019-02-21]
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\FFExt\light_plugin_firefox\addon.xpi
FF HKU\S-1-5-21-1687209997-659643034-1432533341-1001\...\Firefox\Extensions: [[email protected]] - C:\Users\Kire\AppData\Roaming\ACEStream\extensions\awe\firefox\acewebextension_unlisted.xpi => not found
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\dtplugin\npDeployJava1.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.201.2 -> C:\Program Files (x86)\Java\jre1.8.0_201\bin\plugin2\npjp2.dll [2019-01-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL [2014-01-21] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-02-01] (Adobe Systems, Incorporated -> Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-1687209997-659643034-1432533341-1001: @acestream.net/acestreamplugin,version=3.1.28 -> C:\Users\Kire\AppData\Roaming\ACEStream\player\npace_plugin.dll [No File]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd
CHR HKU\S-1-5-21-1687209997-659643034-1432533341-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mjbepbhonbojpoaenhckjocchgfiaofo] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [amkpcclbbgegoafihnpgomddadjhcadd] - hxxps://chrome.google.com/webstore/detail/amkpcclbbgegoafihnpgomddadjhcadd

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AMD External Events Utility; C:\Windows\system32\atiesrxx.exe [297888 2016-11-08] (Advanced Micro Devices, Inc. -> AMD)
R2 AVP19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\avp.exe [619640 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klvssbridge64_19.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 19.0.0\x64\vssbridge64.exe [414352 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R2 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
S2 MxService; C:\Program Files (x86)\Maxthon5\Bin\MxService.exe [144152 2018-11-21] (Maxthon Technology Co, Ltd. -> Maxthon International ltd.)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S0 amdkmafd; C:\Windows\System32\drivers\amdkmafd.sys [21160 2012-09-23] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R3 amdkmdag; C:\Windows\system32\DRIVERS\atikmdag.sys [26567696 2016-11-08] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdkmdap; C:\Windows\system32\DRIVERS\atikmpag.sys [528800 2016-11-08] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [243400 2018-01-27] (Kaspersky Lab -> AO Kaspersky Lab)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2016-04-12] (Disc Soft Ltd -> Disc Soft Ltd)
R3 e1dexpress; C:\Windows\system32\DRIVERS\e1d64x64.sys [529392 2015-08-05] (Intel(R) Intel Network Drivers -> Intel Corporation)
R3 IntcAzAudAddService; C:\Windows\system32\drivers\RTDVHD64.sys [2740056 2015-04-07] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [528576 2018-02-20] (Kaspersky Lab -> AO Kaspersky Lab)
R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [73416 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [123152 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\system32\DRIVERS\kldisk.sys [89168 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
S0 klelam; C:\Windows\System32\DRIVERS\klelam.sys [29208 2017-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R3 klflt; C:\Windows\system32\DRIVERS\klflt.sys [219744 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLHK; C:\Windows\System32\drivers\klhk.sys [1214752 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1113696 2019-02-21] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klim6; C:\Windows\system32\DRIVERS\klim6.sys [57032 2018-02-12] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\system32\DRIVERS\klkbdflt.sys [58048 2018-01-15] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\system32\DRIVERS\klmouflt.sys [83496 2017-12-11] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [50648 2017-05-30] (Kaspersky Lab -> AO Kaspersky Lab)
S3 klpnpflt; C:\Windows\system32\DRIVERS\klpnpflt.sys [45768 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R3 kltap; C:\Windows\system32\DRIVERS\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
S4 klwfp; C:\Windows\system32\DRIVERS\klwfp.sys [100552 2018-02-17] (Kaspersky Lab -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\system32\DRIVERS\klwtp.sys [176976 2018-12-05] (Kaspersky Lab -> AO Kaspersky Lab)
R1 kneps; C:\Windows\system32\DRIVERS\kneps.sys [203968 2018-02-24] (Kaspersky Lab -> AO Kaspersky Lab)
S3 s115bus; C:\Windows\System32\drivers\s115bus.sys [108296 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdfl; C:\Windows\system32\DRIVERS\s115mdfl.sys [19720 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mdm; C:\Windows\system32\DRIVERS\s115mdm.sys [144648 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115mgmt; C:\Windows\system32\DRIVERS\s115mgmt.sys [126216 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 s115obex; C:\Windows\system32\DRIVERS\s115obex.sys [123656 2007-04-23] (MCCI Corporation -> MCCI Corporation)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R1 ZAM; C:\Windows\System32\drivers\zam64.sys [203680 2019-03-04] (Zemana Ltd. -> Zemana Ltd.)
R1 ZAM_Guard; C:\Windows\System32\drivers\zamguard64.sys [203680 2019-03-04] (Zemana Ltd. -> Zemana Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 15:49 - 2019-03-04 15:49 - 000015037 _____ C:\Users\Kire\Desktop\FRST.txt
2019-03-04 15:47 - 2019-03-04 15:48 - 000000000 ____D C:\Users\Kire\Desktop\frst 1
2019-03-04 15:43 - 2019-03-04 15:43 - 000001402 _____ C:\Users\Kire\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2019-03-04 15:25 - 2019-03-04 15:25 - 000032012 _____ C:\Users\Kire\Documents\bookmarks_4.03.19 г..html
2019-03-04 15:04 - 2019-03-04 15:04 - 000018741 _____ C:\Users\Kire\Desktop\2019.03.04-14.56.42-i0-t92-d6.txt
2019-03-04 14:55 - 2019-03-04 15:49 - 000055137 _____ C:\Windows\ZAM.krnl.trace
2019-03-04 14:55 - 2019-03-04 15:49 - 000052064 _____ C:\Windows\ZAM_Guard.krnl.trace
2019-03-04 14:55 - 2019-03-04 14:55 - 015807352 _____ (Copyright 2017.) C:\Users\Kire\Desktop\Zemana.AntiMalware.Portable.exe
2019-03-04 14:55 - 2019-03-04 14:55 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zamguard64.sys
2019-03-04 14:55 - 2019-03-04 14:55 - 000203680 _____ (Zemana Ltd.) C:\Windows\system32\Drivers\zam64.sys
2019-03-04 14:55 - 2019-03-04 14:55 - 000000000 ____D C:\Users\Kire\AppData\Local\Zemana
2019-03-04 13:19 - 2019-03-04 13:19 - 000274925 _____ C:\Users\Kire\Documents\KIRE-PC.zip
2019-03-04 13:16 - 2019-03-04 13:17 - 007428742 _____ C:\Users\Kire\Documents\KIRE-PC.arn
2019-03-04 11:38 - 2019-03-04 15:49 - 000000000 ____D C:\FRST
2019-03-04 11:35 - 2019-03-04 11:35 - 002434560 _____ (Farbar) C:\Users\Kire\Desktop\FRST64.exe
2019-02-24 16:47 - 2019-02-24 16:51 - 000000000 ____D C:\AdwCleaner
2019-02-24 16:44 - 2019-02-24 16:44 - 000002305 _____ C:\Users\Kire\Desktop\mbma.txt
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbamtray
2019-02-24 16:32 - 2019-02-24 16:32 - 000000000 ____D C:\Users\Kire\AppData\Local\mbam
2019-02-24 16:31 - 2019-02-24 16:31 - 000000000 ____D C:\Program Files\Malwarebytes
2019-02-22 00:47 - 2019-02-22 00:47 - 000020476 _____ C:\Windows\ntbtlog.txt
2019-02-22 00:38 - 2019-02-22 01:49 - 000000000 ____D C:\Windows\pss
2019-02-21 23:52 - 2019-02-21 23:52 - 000071912 _____ C:\Users\Kire\Documents\cc_20190221_235210.reg
2019-02-21 23:44 - 2019-03-04 15:20 - 000000000 ____D C:\Program Files\CCleaner
2019-02-21 23:43 - 2019-02-21 23:43 - 019385224 _____ (Piriform Software Ltd) C:\Users\Kire\Desktop\cctrialsetup.exe
2019-02-21 23:40 - 2019-02-21 23:40 - 000001446 _____ C:\Users\Kire\Desktop\uTorrent.exe - Shortcut.lnk
2019-02-21 23:36 - 2019-02-21 23:36 - 000000272 _____ C:\Users\Kire\Desktop\nod.txt
2019-02-21 21:31 - 2019-02-21 21:31 - 000000000 ____D C:\Users\Kire\AppData\Local\ESET
2019-02-21 21:30 - 2019-02-21 21:30 - 007657592 _____ (ESET spol. s r.o.) C:\Users\Kire\Desktop\esetonlinescanner_enu.exe
2019-02-21 21:28 - 2019-02-21 21:30 - 000000000 ____D C:\ProgramData\F-Secure
2019-02-21 21:27 - 2019-02-22 00:28 - 000000000 ____D C:\Users\Kire\AppData\Local\FSDART
2019-02-21 21:27 - 2019-02-21 21:27 - 009603600 _____ (F-Secure Corporation) C:\Users\Kire\Desktop\F-SecureOnlineScanner.exe
2019-02-21 21:27 - 2019-02-21 21:27 - 000000000 ____D C:\Users\Kire\AppData\Local\F-Secure
2019-02-21 20:27 - 2019-02-21 20:27 - 000003032 _____ C:\Windows\System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2019-02-21 20:27 - 2019-02-21 20:27 - 000001196 _____ C:\Users\Public\Desktop\Kaspersky Secure Connection.lnk
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
2019-02-21 20:27 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files\Common Files\AV
2019-02-21 20:26 - 2019-03-04 15:32 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:27 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2019-02-21 20:26 - 2019-02-21 20:26 - 001214752 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 001113696 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000219744 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2019-02-21 20:26 - 2019-02-21 20:26 - 000152960 _____ (AO Kaspersky Lab) C:\Windows\system32\klhkum.dll
2019-02-21 20:26 - 2019-02-21 20:26 - 000002051 _____ C:\Users\Public\Desktop\Kaspersky Free.lnk
2019-02-21 20:26 - 2019-02-21 20:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
2019-02-21 20:26 - 2013-05-06 08:13 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2019-02-21 20:24 - 2019-02-21 20:25 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2019-02-21 20:24 - 2019-02-21 20:24 - 002536320 _____ (Kaspersky Lab) C:\Users\Kire\Desktop\startup_14460.exe
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\Users\Kire\Doctor Web
2019-02-19 23:28 - 2019-02-19 23:28 - 000000000 ____D C:\ProgramData\Doctor Web
2019-02-19 23:27 - 2019-02-19 23:28 - 184226296 _____ C:\Users\Kire\Desktop\5xdzsvd7.exe
2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ C:\Users\Kire\AppData\Local\Resmon.ResmonCfg
2019-02-14 20:08 - 2019-01-26 03:02 - 025736192 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2019-02-14 20:07 - 2019-02-06 04:07 - 003323392 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2019-02-14 20:07 - 2019-02-06 03:43 - 003616768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2019-02-14 20:07 - 2019-02-06 02:53 - 002780160 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2019-02-14 20:07 - 2019-02-06 02:44 - 002464256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2019-02-14 20:07 - 2019-01-26 02:38 - 002902528 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2019-02-14 20:07 - 2019-01-26 02:36 - 000576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:32 - 005778944 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2019-02-14 20:07 - 2019-01-26 02:27 - 020279808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2019-02-14 20:07 - 2019-01-26 02:24 - 000790016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2019-02-14 20:07 - 2019-01-26 02:06 - 000498176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2019-02-14 20:07 - 2019-01-26 02:03 - 002295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2019-02-14 20:07 - 2019-01-26 01:57 - 000663040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2019-02-14 20:07 - 2019-01-26 01:56 - 001033216 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:48 - 000809472 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:46 - 015283712 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:36 - 000880640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004858880 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:34 - 004494336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2019-02-14 20:07 - 2019-01-26 01:31 - 000696320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2019-02-14 20:07 - 2019-01-26 01:29 - 013680640 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2019-02-14 20:07 - 2019-01-26 01:22 - 001556480 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:12 - 000800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2019-02-14 20:07 - 2019-01-26 01:11 - 004386304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2019-02-14 20:07 - 2019-01-26 01:08 - 001331200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2019-02-14 20:07 - 2019-01-26 01:06 - 000710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2019-02-14 20:07 - 2019-01-12 03:36 - 000058880 _____ (Microsoft Corporation) C:\Windows\system32\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:35 - 000044544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mf3216.dll
2019-02-14 20:07 - 2019-01-12 03:18 - 000352768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd3x40.dll
2019-02-14 20:07 - 2019-01-09 08:36 - 001901688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:27 - 002533920 _____ (Microsoft Corporation) C:\Windows\system32\msxml6.dll
2019-02-14 20:07 - 2019-01-09 08:24 - 007371512 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2019-02-14 20:07 - 2019-01-09 05:34 - 001755136 _____ (Microsoft Corporation) C:\Windows\system32\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:34 - 000134656 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 001493504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GdiPlus.dll
2019-02-14 20:07 - 2019-01-09 05:21 - 000102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.NetworkOperators.HotspotAuthentication.dll
2019-02-14 20:07 - 2019-01-08 06:54 - 000032896 ____C (Microsoft Corporation) C:\Windows\system32\Drivers\hidparse.sys
2019-02-14 20:07 - 2019-01-08 03:22 - 001311744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msjet40.dll
2019-02-14 20:07 - 2019-01-08 03:22 - 000313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrd2x40.dll
2019-02-14 20:07 - 2019-01-05 19:48 - 004168704 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2019-02-14 20:07 - 2019-01-05 19:47 - 000684032 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2019-02-14 20:07 - 2019-01-05 19:46 - 000243200 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2019-02-14 20:07 - 2018-12-27 19:57 - 000805376 _____ (Microsoft Corporation) C:\Windows\system32\winhttp.dll
2019-02-14 20:07 - 2018-12-27 18:30 - 000626176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winhttp.dll
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\SysWOW64\locale.nls
2019-02-14 20:07 - 2018-12-08 18:01 - 000513376 _____ C:\Windows\system32\locale.nls
2019-02-14 20:07 - 2018-12-02 12:08 - 000179712 _____ (Microsoft Corporation) C:\Windows\system32\itss.dll
2019-02-14 20:07 - 2018-12-01 18:44 - 000151040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\itss.dll
2019-02-14 20:07 - 2018-10-12 15:19 - 000998480 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2019-02-02 11:26 - 2019-02-02 11:26 - 000010752 _____ C:\Users\Kire\Desktop\report_structure.xls

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-03-04 15:48 - 2016-04-11 17:51 - 000003596 _____ C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1687209997-659643034-1432533341-1001
2019-03-04 15:43 - 2019-01-13 19:24 - 000005012 _____ C:\Windows\System32\Tasks\Microsoft Office 15 Sync Maintenance for Kire-PC-Kire Kire-PC
2019-03-04 15:29 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\VirtualStore
2019-03-04 15:27 - 2016-04-14 13:11 - 000000000 ____D C:\Users\Kire\AppData\Roaming\Opera Software
2019-03-04 15:27 - 2016-04-14 13:11 - 000000000 ____D C:\Users\Kire\AppData\Local\Opera Software
2019-03-04 14:56 - 2016-04-11 17:45 - 000000000 ____D C:\Users\Kire
2019-03-04 13:01 - 2018-02-11 15:44 - 000000000 ____D C:\Users\Kire\Desktop\Konkurs
2019-03-04 11:41 - 2013-08-22 15:36 - 000000000 ____D C:\Windows\Inf
2019-02-24 17:00 - 2014-11-21 09:39 - 000865068 _____ C:\Windows\system32\PerfStringBackup.INI
2019-02-24 16:58 - 2016-04-14 13:17 - 000004422 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
2019-02-24 16:58 - 2016-04-14 13:12 - 000000000 ____D C:\Users\Kire\AppData\Local\Adobe
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\SysWOW64\Macromed
2019-02-24 16:58 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\system32\Macromed
2019-02-24 16:55 - 2013-08-22 16:45 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2019-02-24 16:54 - 2016-08-25 17:16 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2019-02-22 00:39 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\BBI
2019-02-21 23:51 - 2018-07-13 10:05 - 000000000 ____D C:\Users\Kire\AppData\Roaming\MPC-HC
2019-02-21 23:51 - 2018-02-28 15:49 - 000000000 ____D C:\Users\Kire\AppData\Roaming\TeamViewer
2019-02-21 23:51 - 2016-04-12 15:40 - 000000000 ____D C:\Users\Kire\AppData\Roaming\DAEMON Tools Lite
2019-02-21 23:51 - 2016-04-12 15:14 - 000000000 ____D C:\Users\Kire\AppData\Roaming\uTorrent
2019-02-21 23:50 - 2017-05-08 15:37 - 000000000 ____D C:\Windows\Minidump
2019-02-21 23:50 - 2016-04-12 04:38 - 000000000 ____D C:\Windows\Panther
2019-02-21 23:39 - 2016-04-12 15:15 - 000000000 ____D C:\Program Files (x86)\uTorrent
2019-02-21 20:32 - 2016-04-14 13:13 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-02-21 20:26 - 2013-08-22 17:36 - 000000000 ___HD C:\Windows\ELAMBKUP
2019-02-21 20:26 - 2013-08-22 15:25 - 000262144 ___SH C:\Windows\system32\config\ELAM
2019-02-14 21:08 - 2013-08-22 17:36 - 000000000 ____D C:\Windows\rescache
2019-02-14 20:28 - 2013-08-22 16:44 - 000551248 _____ C:\Windows\system32\FNTCACHE.DAT
2019-02-14 20:21 - 2013-08-22 17:20 - 000000000 ____D C:\Windows\CbsTemp
2019-02-14 20:16 - 2016-04-12 14:59 - 000000000 ____D C:\Windows\system32\MRT
2019-02-14 20:12 - 2016-04-12 14:59 - 129330784 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2019-02-14 20:10 - 2016-04-14 13:13 - 000004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2019-02-02 22:07 - 2019-01-17 20:24 - 000835480 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2019-02-02 22:07 - 2019-01-17 20:24 - 000179600 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2019-02-02 11:27 - 2016-04-11 17:46 - 000000000 ____D C:\Users\Kire\AppData\Local\Packages

==================== Files in the root of some directories =======

2019-02-19 21:05 - 2019-02-19 21:05 - 000007598 _____ () C:\Users\Kire\AppData\Local\Resmon.ResmonCfg

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\dllhost.exe => File is digitally signed
C:\Windows\SysWOW64\dllhost.exe => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2019-03-03 19:14

==================== End of FRST.txt ============================

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Фикс с Farbar Recovery Scan Tool
 
icon13.gif Изтеглете прикачения файл
 fixlist.txt и го запазете там, където сте свалили FRST.exe
Стартирайте отново FRST.exe и натиснете бутона Fix веднъж и изчакайте.

Press%20the%20FIX%20button_zpsdd5zi3mt.p


Ще се създаде нов лог файла FixLog.txt. Прикачете съдържанието му в следващия си коментар.
 
ЗАБЕЛЕЖКА: Този скрипт е написан специално за този потребител,и за тази конкретна машина. Изпълнението на фикса, на друг компютър може да доведе до увреждане на  операционната ви система

 

pfNZP4A.png  Дневници
 
В следващия си отговор, моля да включите следните дневници:

  • FixLog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Проблемът остава - отваряне на панела "Search", обхождане на отворените прозорци. В момента съм на IE - не отваря нов таб, но обхожда менютата като натискане на бутона за табулация от клавиатурата, в текущия таб на IE, както си пиша изведнъж се зарежда стартовата страница, все едно е натиснат бутона "Home page"

 

 

Fixlog.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

 Дневниците са чисти и вашия проблем определено не се дължи на зловреден софтуер....! А в безопасен режим с мрежа ( Safe Mode with Networking )...да видим  как се държи компютъра ви...?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 12 минути, icotonev написа:

 Дневниците са чисти и вашия проблем определено не се дължи на зловреден софтуер....! А в безопасен режим с мрежа ( Safe Mode with Networking )...да видим  как се държи компютъра ви...?

Да, проблемът остава същия.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Такааа следвайки златното правило:

Цитат

Ако проблемът  е наличен  под  безопасен режим, то означава, че проблемът се корени някъде:
- сред някои от приложенията, които все пак се стартират в Safe Mode (има такива, но са много малко на брой)
- по-дълбоко в системните файлове/системния регистър;
- или в хардуера.
Логично, в противен случай, ако проблемът не е налице под Safe Mode, тогава най-вероятно се дължи на някои от въпросните процеси/услуги/драйвери, които не са стартирани в него режим, но се стартират в нормалния, т.е. почти сигурно е, че проблемът е софтуерен."

 

  • Натиснете клавишна комбинация Windows + R. Това ще отвори полето Run.
  • Напишете CMD и натиснете клавишна комбинация  Ctrl + Shift + Enter, за да отворите command prompt като администратор
  • В командния ред копирайте :
Цитат

sfc /scannow

.... и натиснете Enter.

SFC ще започне да сканира вашата система за повредени системни файлове. Това може да отнеме известно време.

  • След като приключи, моля, отворете командния ред, като натиснете клавишна комбинация  Windows + R, въведете cmd и натиснете Enter, след което поставете съдържанието на полето  по-долу в Command Prompt.
Цитат
findstr /c:"[SR]" %windir%\logs\cbs\cbs.log >> "%userprofile%\desktop\sfcdetails.txt"
  • Натиснете Enter, след като го поставите в командния ред.

След като процедурата завърши, файлът, наречен sfcdetails.txt ще бъде запазен на работния ви плот. Моля, публикувайте го в следващия си отговор.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 минути, Mohito написа:

sfc /scannow под Safe Mode, резултати: 

...този резултат в безопасен режим ли е генериран....ако е така ...ще се наложи да направим отново поправка в нормален режим...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
преди 3 минути, icotonev написа:

...този резултат в безопасен режим ли е генериран....ако е така ...ще се наложи да направим отново поправка в нормален режим...!

Да, този е в безопасен. Сега рестарт в нормален режим и отново сканиране, така ли?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да ..по същата процедура...Виждам че и в безопасен е поправяло системни файлове....!

Малко ме затруднява вашия проблем ...защото все още не мога да хвана причината ...казвате и в безопасен режим е същата работа ...сега хардуер ли е , системни файлове ли са , в регистрите ли има нещо омазано....?!? Единственото сигурно което знам е че проблема не се дължи на зловреден софтуер...!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Сориза намесата - готово решение на проблема CNBJ2530.DPB
Изтегляш на десктопа
SFCFix.exe
Изтегляш на десктопа
SFCFix.zip
Като се изтегли провлачваш и пускаш SFCFix.zip върху иконата на SFCFix.exe.

Редактирано от DarkEdge (преглед на промените)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Не знам какво е станало с поста с резултатите от sfc /scannow в нормален режим, затова ще прикача файла и ща го постна отново.

sfcdetails.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравей...! След поправката има ли промяна ...?

 

Цитат

Platform: Windows 8.1 Enterprise (Update) (X64) Language: English (United States)

Това копие на Windows легално ли е ...?

 

 

25.jpg?1426074241   Сканиране с SecurityCheck by glax24

  • Изтеглете SecurityCheck by glax24 от тук и запомнете инструмента на десктопа .
  • Стартирате програмата (ако използвате Windows XP) или стартирате с десен бутон на мишката от името на администратор (ако използватеWindows Vista/7/8/10)
  • Изчакайте да приключи сканирането.Ще се отвори в текстов файл с имеSecurityCheck.txt. Копирайте съдържанието на  този файл  следващия си пост
  • Можете да намерите този файл в основната директория на системния диск в папка с име SecurityCheck, напр. C:\SecurityCheck\SecurityCheck.txt

 

 

Отидете тук  и кликнете върху СКАНИРАНЕ СЕГА (SCAN NOW) с ESET Online Scanner, за да проверите за остатъци. 
 

  • Ще бъдете подканени да изтеглите и инсталирате esetonlinescanner_enu.exe. Кликнете върху връзката и запазете файла на удобно място. 
  • Изключете сканера в реално време на всяка съществуваща антивирусна програма, преди да извършите онлайн сканирането. Ето как : Here's how
  • Когато / ако бъдете подканени от UAC, искате ли да разрешите на това приложение да прави промени в компютъра ?, изберете Да 
  • Кликнете два пъти върху esetonlinescanner_enu.exe, за да инсталирате.... ще се отвори нов прозорец. 
  • Ако за първи път използвате ESET Online Scanner, щракнете върху Първи стъпки (Get started)
  • Кликнете върху Приемам (Accept), за да приемете Условията за ползване, след което щракнете върху Стартирай отново (Get started)
  • Отговорете на следващите въпроси, след което кликнете върху Продължи (Continue). Отговорите ви няма да повлияят на резултатите от сканирането. 
  • Ако наскоро сте стартирали ESET Online Scanner, просто кликнете върху Сканиране на компютъра ( Computer scan)
  • На екрана (Choose a scan type) тип сканиране изберете Бързо сканиране (Quick Scan.). 
  • ЗАБЕЛЕЖКА: Въпреки че се казва,  бързото сканиране ще отнеме само няколко минути, то може да отнеме няколко часа. Моля, бъдете търпеливи. 
  • След това изберете Деактивиране на ESET за откриване и поставяне в карантина на потенциално нежелани приложения (Disable ESET to detect and quarantine potentially unwanted applications)
  • Кликнете върху Разширени настройки (Advanced settings) в долния ляв ъгъл на прозореца. 
  • Уверете се, че тези опции са маркирани (всички зелени): 

 

Цитат
  • Открийте подозрителни приложения (Detect suspicious applications)
  • Откриване на потенциално опасни приложения (Detect potentially unsafe applications)
  • Сканирайте архивите (Scan archives)

 

 

  • Щракнете върху синята стрелка назад до Разширени настройки (Advanced Settings)
  • Щракнете върху Стартиране на сканирането (Start scan)
  • Изчакайте сканирането да приключи. 
  • Когато сканирането е приключи, ако няма открити заплахи, просто излезте от ESET Online Scanner и ме уведомете. 
  • Ако са открити заплахи, щракнете върху Преглед на подробни резултати (View detailed results) , след което щракнете върху Запазване на журнал за сканиране (Save scan log) изберете име и го запазете на работния плот. 
  • НЕ бъдете разтревожени от това, което виждате в доклада. Много от находките вероятно са били поставени под карантина. 
  • Моля, копирайте / поставете съдържанието на дневника в следващия си отговор. 
  • За да затворите ESET Online Scanner, изберете Continue и следвайте указанията.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове