Jump to content

Препоръчан пост

Здравейте , от известно време наблюдавам забавяне на компютъра при стартиране и при отваряне на интернет страници. При пускане на клип онлайн има насичане , проблема не е в интернета защото с др лаптоп си върви добре.Това са резултатите от сканирането

 

 

2014/02/10 17:43:53 +0200 PC1123333 pc1 MESSAGE Starting database refresh
2014/02/10 17:44:03 +0200 PC1123333 pc1 MESSAGE Database refreshed successfully
 
 
 
 
 
 
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014
Ran by pc1 (administrator) on PC1123333 on 10-02-2014 22:31:22
Running from C:\Users\pc1\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Bulgarian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381584a-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381585b-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {40e522f1-30c1-11e2-a9c3-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {53dd3296-7831-11e2-aa98-e0ca94e19ff0} - G:\Inst.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8ca-10a0-11e2-be1c-e0ca94e19ff0} - G:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8dd-10a0-11e2-be1c-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81318-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81336-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81364-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {b017f233-e98d-11e2-b241-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e7868358-918e-11e2-ab1d-e0ca94e19ff0} - I:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e786836c-918e-11e2-ab1d-e0ca94e19ff0} - H:\AutoRun.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5F5A9E22169CCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {EDF963C7-D045-4A14-8944-E889E0E6CD25} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CGMFragment Class - {0695F52A-89A2-4246-81B5-AFAD2D3B865F} - C:\Program Files (x86)\Ematek\MetaWeb\MetaBHO.dll ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68329BAA-58A1-41E8-82B3-0CD8FF13112A}: [NameServer]212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{C105DB8B-578E-4900-8490-E7400F1B18D5}: [NameServer]212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{FDA2D1B6-5B09-419F-A793-DE955FE1B9AE}: [NameServer]212.39.90.42 212.39.90.43
 
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF Extension: Default Tab - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\addon@defaulttab.com.xpi [2013-11-17]
FF Extension: Torntv 2 - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\torntv2@torntv.com.xpi [2013-06-11]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.bg/
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Wallet) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2013-08-24]
 
==================== Services (Whitelisted) =================
 
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-05-11] (Autodata Limited)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2013-03-21] ()
 
==================== Drivers (Whitelisted) ====================
 
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2013-03-21] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Tosrfcom; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-10 22:31 - 2014-02-10 22:32 - 00015539 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-02-10 22:31 - 2014-02-10 22:31 - 00000000 ____D () C:\FRST
2014-02-10 22:29 - 2014-02-10 22:29 - 02150400 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-02-10 18:47 - 2014-02-10 18:48 - 04721920 _____ (Piriform Ltd) C:\Users\pc1\Downloads\ccsetup410.exe
2014-02-08 20:23 - 2014-02-08 20:24 - 00016384 ___SH () C:\Users\pc1\Downloads\Thumbs.db
2014-02-02 19:40 - 2014-02-02 19:44 - 117359576 _____ (Acresso Software Inc. ) C:\Users\pc1\Downloads\GTS_V8.11.006_NDSI.exe
2014-01-18 17:17 - 2014-01-18 17:27 - 00000000 ____D () C:\Users\pc1\Desktop\izpit
2014-01-15 20:35 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:35 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:35 - 2013-11-26 12:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
==================== One Month Modified Files and Folders =======
 
2014-02-10 22:32 - 2014-02-10 22:31 - 00015539 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-02-10 22:31 - 2014-02-10 22:31 - 00000000 ____D () C:\FRST
2014-02-10 22:31 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:31 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:29 - 2014-02-10 22:29 - 02150400 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-02-10 22:28 - 2012-09-25 21:48 - 01340116 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 22:24 - 2012-10-06 18:59 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 22:24 - 2010-11-21 05:47 - 00052204 _____ () C:\Windows\PFRO.log
2014-02-10 22:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 22:24 - 2009-07-14 06:51 - 00127521 _____ () C:\Windows\setupact.log
2014-02-10 22:23 - 2012-09-26 19:19 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\uTorrent
2014-02-10 22:22 - 2013-04-24 22:36 - 00000000 ____D () C:\Program Files (x86)\BrowseToSave
2014-02-10 21:52 - 2012-09-28 22:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-10 21:42 - 2012-10-06 18:59 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 18:48 - 2014-02-10 18:47 - 04721920 _____ (Piriform Ltd) C:\Users\pc1\Downloads\ccsetup410.exe
2014-02-09 13:30 - 2013-11-17 17:19 - 00001140 __RSH () C:\Users\pc1\ntuser.pol
2014-02-09 13:30 - 2012-09-26 06:07 - 00000000 ____D () C:\Users\pc1
2014-02-08 21:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-08 20:55 - 2012-12-25 19:30 - 00000000 ____D () C:\Users\pc1\Desktop\Joanka
2014-02-08 20:36 - 2012-10-06 18:59 - 00003988 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-08 20:36 - 2012-10-06 18:59 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 20:24 - 2014-02-08 20:23 - 00016384 ___SH () C:\Users\pc1\Downloads\Thumbs.db
2014-02-08 02:53 - 2013-01-12 17:27 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\vlc
2014-02-05 22:52 - 2012-09-28 22:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 22:52 - 2012-09-28 22:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 22:52 - 2012-09-28 22:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-02 19:44 - 2014-02-02 19:40 - 117359576 _____ (Acresso Software Inc. ) C:\Users\pc1\Downloads\GTS_V8.11.006_NDSI.exe
2014-02-02 11:04 - 2009-07-14 07:13 - 00726444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 16:07 - 2013-03-22 20:38 - 00000000 ____D () C:\Users\pc1\Desktop\Toyota
2014-02-01 16:05 - 2013-09-07 12:34 - 00000000 ____D () C:\Users\pc1\Desktop\auto
2014-01-30 22:37 - 2013-04-06 20:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 22:37 - 2009-07-14 04:34 - 00000551 _____ () C:\Windows\win.ini
2014-01-23 21:01 - 2009-07-14 07:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-19 09:33 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 17:27 - 2014-01-18 17:17 - 00000000 ____D () C:\Users\pc1\Desktop\izpit
2014-01-17 20:54 - 2009-07-14 06:45 - 00416712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:57 - 2013-08-13 22:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:54 - 2012-09-26 20:34 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-08 21:42
 
==================== End Of Log ============================

 


последния файл


Здравейте , от известно време наблюдавам забавяне на компютъра при стартиране и при отваряне на интернет страници. При пускане на клип онлайн има насичане , проблема не е в интернета защото с др лаптоп си върви добре.Това са резултатите от сканирането

Addition.txt

Link to comment
Сподели другаде

Липсват основният дневник от FRST (копирал си само първите няколко реда) и дневникът от Malwarebytes Anti-Malware.

2014/02/10 17:43:53 +0200 PC1123333 pc1 MESSAGE Starting database refresh
2014/02/10 17:44:03 +0200 PC1123333 pc1 MESSAGE Database refreshed successfully
  
само това е от дневника на Malwarebytes Anti-Malware.
 
 
от FRST е това
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-02-2014
Ran by pc1 (administrator) on PC1123333 on 10-02-2014 22:31:22
Running from C:\Users\pc1\Desktop
Windows 7 Ultimate Service Pack 1 (X64) OS Language: Bulgarian
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe
(AMD) C:\Windows\system32\atiesrxx.exe
(AMD) C:\Windows\system32\atieclxx.exe
(Autodata Limited) C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe
() C:\ProgramData\DatacardService\HWDeviceService64.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
(Huawei Technologies Co., Ltd.) C:\ProgramData\DatacardService\DCSHelper.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
() C:\ProgramData\VIVACOM 3G USB Modem\OnlineUpdate\ouc.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
(McAfee, Inc.) C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [RTHDVCPL] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13307496 2011-10-17] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] - C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2278504 2011-10-14] (Realtek Semiconductor)
HKLM\...\Run: [MSC] - C:\Program Files\Microsoft Security Client\msseces.exe [1266912 2013-10-23] (Microsoft Corporation)
HKLM\...\Run: [synTPEnh] - C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2387752 2010-09-30] (Synaptics Incorporated)
HKLM-x32\...\Run: [bCSSync] - C:\Program Files (x86)\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation)
HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [sunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [mobilegeni daemon] - C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Run: [DAEMON Tools Lite] - C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3674320 2013-01-08] (DT Soft Ltd)
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\Policies\system: [DisableLockWorkstation] 0
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381584a-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {2381585b-9259-11e2-8e16-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {40e522f1-30c1-11e2-a9c3-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {53dd3296-7831-11e2-aa98-e0ca94e19ff0} - G:\Inst.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8ca-10a0-11e2-be1c-e0ca94e19ff0} - G:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {8d90d8dd-10a0-11e2-be1c-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81318-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81336-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {aae81364-91ee-11e2-9854-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {b017f233-e98d-11e2-b241-e0ca94e19ff0} - H:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e7868358-918e-11e2-ab1d-e0ca94e19ff0} - I:\AutoRun.exe
HKU\S-1-5-21-3951854703-640708595-620863282-1000\...\MountPoints2: {e786836c-918e-11e2-ab1d-e0ca94e19ff0} - H:\AutoRun.exe
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5F5A9E22169CCD01
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = bg-BG
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {EDF963C7-D045-4A14-8944-E889E0E6CD25} URL = http://www.mysearchresults.com/search?c=3523&t=01&q={searchTerms}
BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: CGMFragment Class - {0695F52A-89A2-4246-81B5-AFAD2D3B865F} - C:\Program Files (x86)\Ematek\MetaWeb\MetaBHO.dll ()
BHO-x32: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll (McAfee, Inc.)
BHO-x32: WebCGMHlprObj Class - {56B38F40-4E70-11d4-A076-0080AD86BA2F} - C:\Windows\SysWOW64\cgmopenbho.dll (CGM Open Consortium, Inc.)
BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
Toolbar: HKLM-x32 - VideoDownloadConverter - {48586425-6bb7-4f51-8dc6-38c88e3ebb58} - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\4zbar.dll No File
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{68329BAA-58A1-41E8-82B3-0CD8FF13112A}: [NameServer]212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{C105DB8B-578E-4900-8490-E7400F1B18D5}: [NameServer]212.39.90.42 212.39.90.43
Tcpip\..\Interfaces\{FDA2D1B6-5B09-419F-A793-DE955FE1B9AE}: [NameServer]212.39.90.42 212.39.90.43
 
FireFox:
========
FF ProfilePath: C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default
FF DefaultSearchEngine: user_pref("browser.search.defaultenginename", "");
FF SearchEngineOrder.user_pref("browser.search.order.1", "");: user_pref("browser.search.order.1", "");
FF SearchEngineOrder.user_pref("browser.search.order.1,S", "");: user_pref("browser.search.order.1,S", "");
FF SelectedSearchEngine: user_pref("browser.search.selectedEngine", "");
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll ()
FF Plugin: @microsoft.com/GENUINE - disabled No File
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF Plugin-x32: @foxitsoftware.com/Foxit Reader Plugin,version=1.0,application/pdf - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @java.com/DTPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.45.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @mcafee.com/McAfeeMssPlugin - C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll (McAfee, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @VideoDownloadConverter_4z.com/Plugin - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\911bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\diribg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\pe-bg.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\portalbgdict.xml
FF Extension: Default Tab - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\addon@defaulttab.com.xpi [2013-11-17]
FF Extension: Torntv 2 - C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\torntv2@torntv.com.xpi [2013-06-11]
FF HKLM\...\Firefox\Extensions: [{336D0C35-8A85-403a-B9D2-65C292C39087}] - C:\Program Files\IB Updater\Firefox
FF HKLM\...\Firefox\Extensions: [{FE1DEEEA-DB6D-44b8-83F0-34FC0F9D1052}] - C:\Program Files\IB Updater\Firefox
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.bg/
CHR DefaultSearchKeyword: search here
CHR DefaultSearchProvider: Search Here
CHR DefaultNewTabURL: 
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\32.0.1700.107\pdf.dll ()
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Foxit Reader Plugin for Mozilla) - C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\npFoxitReaderPlugin.dll (Foxit Corporation)
CHR Plugin: (Google Earth Plugin) - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.145\npGoogleUpdate3.dll No File
CHR Plugin: (Java Platform SE 7 U21) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (MindSpark Toolbar Platform Plugin Stub) - C:\Program Files (x86)\VideoDownloadConverter_4z\bar\1.bin\NP4zStub.dll No File
CHR Plugin: (VLC Web Plugin) - C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll (VideoLAN)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_7_700_202.dll No File
CHR Extension: (Google Wallet) - C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx [2013-08-24]
CHR HKLM-x32\...\Chrome\Extension: [nbmafkdmkkckhggblphicnnhlgljnoje] - C:\Program Files (x86)\TornTV.com\torn2_10.crx [2013-08-24]
 
==================== Services (Whitelisted) =================
 
R2 Autodata Limited License Service; C:\Program Files (x86)\Common Files\Autodata Limited Shared\Service\ADCDLicSvc.exe [72704 2013-05-11] (Autodata Limited)
R2 HWDeviceService64.exe; C:\ProgramData\DatacardService\HWDeviceService64.exe [346976 2011-03-14] ()
R2 MBAMScheduler; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [418376 2013-04-04] (Malwarebytes Corporation)
R2 MBAMService; C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [701512 2013-04-04] (Malwarebytes Corporation)
S3 McComponentHostService; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [288776 2013-09-06] (McAfee, Inc.)
R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [23808 2013-10-23] (Microsoft Corporation)
R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [348376 2013-10-23] (Microsoft Corporation)
S2 VIVACOM 3G USB Modem. RunOuc; C:\Program Files (x86)\VIVACOM 3G USB Modem\UpdateDog\ouc.exe [655712 2013-03-21] ()
 
==================== Drivers (Whitelisted) ====================
 
R3 AR5416; C:\Windows\System32\DRIVERS\athwx.sys [2716768 2010-11-05] (Atheros Communications, Inc.)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283200 2013-02-16] (DT Soft Ltd)
S3 huawei_wwanecm; C:\Windows\System32\DRIVERS\ew_juwwanecm.sys [238080 2013-03-21] (Huawei Technologies Co., Ltd.)
R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [25928 2013-04-04] (Malwarebytes Corporation)
R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [248240 2013-09-27] (Microsoft Corporation)
R2 NisDrv; C:\Windows\System32\DRIVERS\NisDrvWFP.sys [134944 2013-09-27] (Microsoft Corporation)
S3 Tosrfcom; No ImagePath
S3 esgiguard; \??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [X]
S3 Ser2pl; system32\DRIVERS\ser2pl64.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-02-10 22:31 - 2014-02-10 22:32 - 00015539 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-02-10 22:31 - 2014-02-10 22:31 - 00000000 ____D () C:\FRST
2014-02-10 22:29 - 2014-02-10 22:29 - 02150400 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-02-10 18:47 - 2014-02-10 18:48 - 04721920 _____ (Piriform Ltd) C:\Users\pc1\Downloads\ccsetup410.exe
2014-02-08 20:23 - 2014-02-08 20:24 - 00016384 ___SH () C:\Users\pc1\Downloads\Thumbs.db
2014-02-02 19:40 - 2014-02-02 19:44 - 117359576 _____ (Acresso Software Inc. ) C:\Users\pc1\Downloads\GTS_V8.11.006_NDSI.exe
2014-01-18 17:17 - 2014-01-18 17:27 - 00000000 ____D () C:\Users\pc1\Desktop\izpit
2014-01-15 20:35 - 2013-11-27 03:41 - 00343040 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2014-01-15 20:35 - 2013-11-27 03:41 - 00007808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2014-01-15 20:35 - 2013-11-26 13:40 - 00376768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2014-01-15 20:35 - 2013-11-26 12:32 - 03156480 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
 
==================== One Month Modified Files and Folders =======
 
2014-02-10 22:32 - 2014-02-10 22:31 - 00015539 _____ () C:\Users\pc1\Desktop\FRST.txt
2014-02-10 22:31 - 2014-02-10 22:31 - 00000000 ____D () C:\FRST
2014-02-10 22:31 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:31 - 2009-07-14 06:45 - 00021280 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2014-02-10 22:29 - 2014-02-10 22:29 - 02150400 _____ (Farbar) C:\Users\pc1\Desktop\FRST64.exe
2014-02-10 22:28 - 2012-09-25 21:48 - 01340116 _____ () C:\Windows\WindowsUpdate.log
2014-02-10 22:24 - 2012-10-06 18:59 - 00000988 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-02-10 22:24 - 2010-11-21 05:47 - 00052204 _____ () C:\Windows\PFRO.log
2014-02-10 22:24 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-02-10 22:24 - 2009-07-14 06:51 - 00127521 _____ () C:\Windows\setupact.log
2014-02-10 22:23 - 2012-09-26 19:19 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\uTorrent
2014-02-10 22:22 - 2013-04-24 22:36 - 00000000 ____D () C:\Program Files (x86)\BrowseToSave
2014-02-10 21:52 - 2012-09-28 22:00 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-02-10 21:42 - 2012-10-06 18:59 - 00000992 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-02-10 18:48 - 2014-02-10 18:47 - 04721920 _____ (Piriform Ltd) C:\Users\pc1\Downloads\ccsetup410.exe
2014-02-09 13:30 - 2013-11-17 17:19 - 00001140 __RSH () C:\Users\pc1\ntuser.pol
2014-02-09 13:30 - 2012-09-26 06:07 - 00000000 ____D () C:\Users\pc1
2014-02-08 21:04 - 2009-07-14 05:20 - 00000000 __RHD () C:\Users\Public\Libraries
2014-02-08 20:55 - 2012-12-25 19:30 - 00000000 ____D () C:\Users\pc1\Desktop\Joanka
2014-02-08 20:36 - 2012-10-06 18:59 - 00003988 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-02-08 20:36 - 2012-10-06 18:59 - 00003736 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-02-08 20:24 - 2014-02-08 20:23 - 00016384 ___SH () C:\Users\pc1\Downloads\Thumbs.db
2014-02-08 02:53 - 2013-01-12 17:27 - 00000000 ____D () C:\Users\pc1\AppData\Roaming\vlc
2014-02-05 22:52 - 2012-09-28 22:00 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-02-05 22:52 - 2012-09-28 22:00 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-05 22:52 - 2012-09-28 22:00 - 00003768 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2014-02-02 19:44 - 2014-02-02 19:40 - 117359576 _____ (Acresso Software Inc. ) C:\Users\pc1\Downloads\GTS_V8.11.006_NDSI.exe
2014-02-02 11:04 - 2009-07-14 07:13 - 00726444 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-02-01 16:07 - 2013-03-22 20:38 - 00000000 ____D () C:\Users\pc1\Desktop\Toyota
2014-02-01 16:05 - 2013-09-07 12:34 - 00000000 ____D () C:\Users\pc1\Desktop\auto
2014-01-30 22:37 - 2013-04-06 20:30 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-01-30 22:37 - 2009-07-14 04:34 - 00000551 _____ () C:\Windows\win.ini
2014-01-23 21:01 - 2009-07-14 07:08 - 00032566 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-01-19 09:33 - 2010-11-21 05:27 - 00270496 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2014-01-18 17:27 - 2014-01-18 17:17 - 00000000 ____D () C:\Users\pc1\Desktop\izpit
2014-01-17 20:54 - 2009-07-14 06:45 - 00416712 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-01-15 22:57 - 2013-08-13 22:40 - 00000000 ____D () C:\Windows\system32\MRT
2014-01-15 22:54 - 2012-09-26 20:34 - 86054176 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
 
Some content of TEMP:
====================
C:\Users\pc1\AppData\Local\Temp\jre-7u25-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\jre-7u45-windows-i586-iftw.exe
C:\Users\pc1\AppData\Local\Temp\Mobogenie_Setup_2-1-23_517.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\SysWOW64\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
 
 
LastRegBack: 2014-02-08 21:42
 
==================== End Of Log ============================

Това е целия файл FRST , незнам защо не се копира 

FRST.txt

Link to comment
Сподели другаде

Дневника на  Malwarebytes Anti-Malware.

 

 

2014/02/11 11:35:04 +0200 PC1123333 pc1 MESSAGE Starting database refresh

2014/02/11 11:35:11 +0200 PC1123333 pc1 MESSAGE Database refreshed successfully

 

Давам двата файла , и този който излиза след сканирането и този от дневника.

 

 

 

След сканирането с Farbar Recovery Scan Tool  

има само един файл FRST

 

 

Не знам защо не мога да копирам цялото съдържание и затова ги прикрепям , мога да добавя като други проблеми на лаптопа   1.като вкл мишката и много бавно я разпознава (около минута )

  2,ако го оставя да "заспи" и след това блокира и трябва да го спирам от бутона(интересно е , че не го прави всеки път някога се "събужда")

protection-log-2014-02-11.txt

mbam-log-2014-02-11 (11-35-24).txt

FRST.txt

Link to comment
Сподели другаде

Не виждам нищо опасно. Има излишни неща, но дотам. Ако ти се занимава, направи следното...

 

Деинсталирай следните приложения:

- Desk 365;

- Omiga Plus;

- BrowseToSave;

- Search Assistant WebSearch;

- McAfee Security Scan Plus.

 

След като ги деинсталираш, изпълни следното...

 

Изтегли AdwCleaner и го запази на работния плот. Стартирай го и кликни бутон Scan. Изчакай да се сканира, след което кликни бутон Clean. Потвърди с OK на всички прозорци, което ще доведе до рестарт на системата. След рестарта ще се отвори текстов файл. Моля, копирай съдържанието му тук.

Link to comment
Сподели другаде

# AdwCleaner v3.018 - Report created 11/02/2014 at 22:16:22

# Updated 28/01/2014 by Xplode

# Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)

# Username : pc1 - PC1123333

# Running from : C:\Users\pc1\Downloads\adwcleaner.exe

# Option : Clean

 

***** [ Services ] *****

 

 

***** [ Files / Folders ] *****

 

Folder Deleted : C:\Windows\SysWOW64\ARFC

Folder Deleted : C:\Windows\SysWOW64\jmdp

Folder Deleted : C:\Windows\System32\ARFC

Folder Deleted : C:\Users\pc1\AppData\Roaming\DefaultTab

Folder Deleted : C:\Users\pc1\AppData\Roaming\Omiga Plus

File Deleted : C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\addon@defaulttab.com.xpi

File Deleted : C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\Extensions\torntv2@torntv.com.xpi

File Deleted : C:\Windows\System32\dmwu.exe

File Deleted : C:\Windows\System32\ImhxxpComm.dll

File Deleted : C:\Windows\System32\roboot64.exe

File Deleted : C:\Program Files (x86)\Mozilla Firefox\user.js

File Deleted : C:\Windows\System32\Tasks\Desk 365 RunAsStdUser

File Deleted : C:\Windows\System32\Tasks\Omiga Plus RunAsStdUser

 

***** [ Shortcuts ] *****

 

 

***** [ Registry ] *****

 

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{336D0C35-8A85-403A-B9D2-65C292C39087}]

Value Deleted : [x64] HKLM\SOFTWARE\Mozilla\Firefox\Extensions [{FE1DEEEA-DB6D-44B8-83F0-34FC0F9D1052}]

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nbmafkdmkkckhggblphicnnhlgljnoje

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A0B10EBE-4E51-4CAE-949B-E6B9E7D68CEA}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F511AFDB-726E-4458-90E7-1ECB97406544}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FB684D26-01F4-4D9D-87CB-F486BEBA56DC}

Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0AFD55C8-ADF8-4A33-A6E1-DEDB7A36AEB4}

Key Deleted : HKCU\Software\DefaultTab

Key Deleted : HKCU\Software\Softonic

Key Deleted : HKLM\Software\DefaultTab

Key Deleted : HKLM\Software\omigaplusSvc

Key Deleted : HKLM\Software\SProtector

Key Deleted : [x64] HKLM\SOFTWARE\IB Updater

Key Deleted : [x64] HKLM\SOFTWARE\wnlt

 

***** [ Browsers ] *****

 

-\\ Internet Explorer v11.0.9600.16428

 

 

-\\ Mozilla Firefox v25.0.1 (bg)

 

[ File : C:\Users\pc1\AppData\Roaming\Mozilla\Firefox\Profiles\k2j7d578.default\prefs.js ]

 

Line Deleted : user_pref("extentions.webcake.defaultEnableAppsList", "layers,brain/features,newOffers/wc");

Line Deleted : user_pref("extentions.webcake.installId", "c0e9d759-09fa-4d31-8df8-e04a8604df8e");

 

-\\ Google Chrome v32.0.1700.107

 

[ File : C:\Users\pc1\AppData\Local\Google\Chrome\User Data\Default\preferences ]

 

 

*************************

 

AdwCleaner[R0].txt - [3236 octets] - [11/02/2014 22:07:47]

AdwCleaner[s0].txt - [3129 octets] - [11/02/2014 22:16:22]

 

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [3189 octets] ##########

 

AdwCleanerS0.txt

Link to comment
Сподели другаде

В такъв случай можеш да стартираш отново AdwCleaner и да кликнеш бутон Uninstall.

 

Можеш също така да изтриеш FRST и създадените от него дневници и папка в дял C:\.

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
×
  • Създай ново...