Chirurgia endoscopică a hipofizei
"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală. Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale. www.neurohope.ro |
cine CPU usage 100%..
Last Updated: Dec 12 2014 23:33, Started by
cephalophodes
, Oct 22 2014 12:11
·
0
#1
Posted 22 October 2014 - 12:11
cine imi forteaza atat de tare procesorul??
am deschis opera si winamp-ul... Attached Files |
#2
Posted 22 October 2014 - 12:22
pai cum cine? cpu.exe!
fa o scanare cu highjackthis!, vezi unde e executabilul ala |
#3
Posted 22 October 2014 - 12:23
cpu.exe , apare ca este un troian !
Ai gresit aria , trebuia la devirusare , trebuie sa urmezi inti pasi 1,2,3 de aici -> http://forum.softped...hide-topic-nou/ 2- Adwcleaner , te va scapa de pocnitorile din browser , spre ex . , ai instalat Ask bar , etc . 3- JRT , va verifica/sterge , ce ai in "plus" , etc . 5- Malwarebytes AntiMalware , va sterge ce nu a gasit antivirusul . Eu as recomanda si RogueKiller -> http://www.softpedia...gueKiller.shtml |
#4
Posted 22 October 2014 - 12:26
determina locatia programului CPU.exe pe disk si scaneaza-l cu
http://www.virustotal.com/ro/ Edited by Mihai_3, 22 October 2014 - 12:26. |
#5
Posted 22 October 2014 - 12:28
am vazut cpu.exe ala dar nu stiam ce e.....luati-ma usor.....am intalat kaspersky acum...sa vad asta ce zice apoi face cum spuneti voi...
rog un moderator sa-l mute acolo unde trebuie.....l-am deschis repede.... |
#6
Posted 22 October 2014 - 12:28
Asta e pui, altii se chinuie permanent cu System Idle Process la 98%...
|
#7
Posted 22 October 2014 - 12:56
Din procesele alea daca as intra in ele ar mai ramane 40-45
|
#8
Posted 22 October 2014 - 12:58
username1234 .... da ar ramane 40-45 insa un sistem handicapat
Trust me Edited by Mihai_3, 22 October 2014 - 12:58. |
#9
Posted 22 October 2014 - 13:08
cephalophodes, on 22 octombrie 2014 - 12:28, said:
am vazut cpu.exe ala dar nu stiam ce e.....luati-ma usor.....am intalat kaspersky acum...sa vad asta ce zice apoi face cum spuneti voi... rog un moderator sa-l mute acolo unde trebuie.....l-am deschis repede.... |
#10
Posted 22 October 2014 - 13:25
|
#12
Posted 22 October 2014 - 17:05
#13
Posted 22 October 2014 - 20:02
tidicristi, on 22 octombrie 2014 - 12:23, said:
cpu.exe , apare ca este un troian ! Ai gresit aria , trebuia la devirusare , trebuie sa urmezi inti pasi 1,2,3 de aici -> http://forum.softped...hide-topic-nou/ 2- Adwcleaner , te va scapa de pocnitorile din browser , spre ex . , ai instalat Ask bar , etc . 3- JRT , va verifica/sterge , ce ai in "plus" , etc . 5- Malwarebytes AntiMalware , va sterge ce nu a gasit antivirusul . Eu as recomanda si RogueKiller -> http://www.softpedia...gueKiller.shtml multumesc colegilor pentru ajutor... aveam vreo 35 de nebunii p-aici.....kaspersky a detectat decat vreo 6....imi mergea pc-ul ca dupa razboi.... acum e F1....... multumesc inca o data! |
#14
Posted 07 December 2014 - 23:10
Salutare
Am si eu aceasta problema cu procesorul. Problema e mai veche, pe un laptop pe care i-l folosesc f rar. In decursul timpului am instalat Windows Xp, Windows 7, Linux Ubuntu si acum iar Windows 7. Mereu a apărut aceasta problema imediat dupa instalare. Am descărcat aida 32 sa verific si temp procesorului, pentru ca pare sa se încingă, dar la senzor, unde trebuia sa arate temperatura nu citește nimic, iar la CPU L2 cache scrie (on-die, ful spead). Ce poate fi si ce trebuie sa fac, schimb. |
#15
Posted 08 December 2014 - 06:29
Sa vedem daca te pot ajuta.
Descarca Farbar Recovery Scan ToolDesktop. Dublu click pe FRST.exe pentru al rula.[ http://s4.postimg.org/b7b2g838p/Frst1.png - Pentru incarcare in pagina (embed) Click aici ] Pentru Windows Vista sau Windows7,Windows8 click dreapta, selecteaza Run as administrator. Click pe Yes. [ http://s27.postimg.org/yzw6sw783/FRST2.png - Pentru incarcare in pagina (embed) Click aici ] Click pe Scan. [ http://s4.postimg.org/69q3ljvgt/Frst5.jpg - Pentru incarcare in pagina (embed) Click aici ] La terminare vor apare 2 ferestre de Notepad - FRST.txt si Addition.txt. Copiaza pe rand continutul acestor ferestre si posteazale aici. |
|
#16
Posted 12 December 2014 - 20:49
Aceta este FRST
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 11-12-2014 02 Ran by radu (administrator) on RADU-PC on 12-12-2014 19:03:42 Running from C:\Users\radu\Downloads Loaded Profile: radu (Available profiles: radu) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) OS Language: English (United States) Internet Explorer Version 11 Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MsMpEng.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe (Microsoft Corporation) C:\Windows\System32\rundll32.exe (CybelSoft) C:\Program Files\ma-config.com\MaConfigAgent.exe (Skype Technologies S.A.) C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe (Yahoo! Inc.) C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\NisSrv.exe (ATI Technologies Inc.) C:\Windows\System32\Ati2evxx.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\msseces.exe (Advanced Micro Devices Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe (BitTorrent Inc.) C:\Users\radu\AppData\Roaming\uTorrent\uTorrent.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.exe (OpenOffice.org) C:\Program Files\OpenOffice.org 3\program\soffice.bin (Yahoo! Inc.) C:\Program Files\Yahoo!\Messenger\Ymsgr_tray.exe (Microsoft Corporation) C:\Windows\System32\taskmgr.exe (ATI Technologies Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (Microsoft Corporation) C:\Windows\System32\wuauclt.exe (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe (Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jucheck.exe (Microsoft Corporation) C:\Program Files\Microsoft Security Client\MpCmdRun.exe ==================== Registry (Whitelisted) ================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [MSC] => C:\Program Files\Microsoft Security Client\msseces.exe [948440 2013-10-23] (Microsoft Corporation) HKLM\...\Run: [StartCCC] => C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [61440 2010-02-10] (Advanced Micro Devices, Inc.) HKLM\...\Run: [Adobe ARM] => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-08-21] (Adobe Systems Incorporated) HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation) HKU\S-1-5-21-4110935587-3489116528-551596242-1000\...\Run: [Messenger (Yahoo!)] => C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe [6595928 2012-05-25] (Yahoo! Inc.) HKU\S-1-5-21-4110935587-3489116528-551596242-1000\...\Run: [uTorrent] => C:\Users\radu\AppData\Roaming\uTorrent\uTorrent.exe [1389648 2014-12-06] (BitTorrent Inc.) HKU\S-1-5-21-4110935587-3489116528-551596242-1000\...\MountPoints2: {eeb84707-3ef5-11e2-94b2-0016d4d1dcb9} - F:\Startme.exe AppInit_DLLs: c:\progra~2\surfpr~1\surfpr~1.dll => c:\ProgramData\Surf Protect\SurfProtect.dll [4349440 2013-12-28] () Startup: C:\Users\radu\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.4.1.lnk ShortcutTarget: OpenOffice.org 3.4.1.lnk -> C:\Program Files\OpenOffice.org 3\program\quickstart.exe () GroupPolicy: Group Policy on Chrome detected <======= ATTENTION CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) HKU\S-1-5-21-4110935587-3489116528-551596242-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://websearch.pu-...420&lg=EN&cc=DK HKU\S-1-5-21-4110935587-3489116528-551596242-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://dk.msn.com/?r...opt=0&ocid=iehp URLSearchHook: HKU\S-1-5-21-4110935587-3489116528-551596242-1000 - YTNavAssistPlugin Class - {81017EA9-9AA8-4A6A-9734-7AF40E7D593F} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) SearchScopes: HKLM -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-...420&lg=EN&cc=DK SearchScopes: HKU\S-1-5-21-4110935587-3489116528-551596242-1000 -> DefaultScope {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-...420&lg=EN&cc=DK SearchScopes: HKU\S-1-5-21-4110935587-3489116528-551596242-1000 -> {BB74DE59-BC4C-4172-9AC4-73315F71CFFE} URL = http://websearch.pu-...420&lg=EN&cc=DK SearchScopes: HKU\S-1-5-21-4110935587-3489116528-551596242-1000 -> {D99C5663-1B8B-4907-A93B-5A4D8AEAC777} URL = http://websearch.ask...EE-21A1E98A6B2B BHO: &Yahoo! Toolbar Helper -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) BHO: NewSaver -> {0cdb36f8-804f-4313-892d-4aa0b1636ddf} -> C:\ProgramData\NewSaver\fw1UG6VMAmYt5Z.dll () BHO: BllockTheAdS -> {26E5B744-0179-0994-B3AB-9866084D1BEB} -> C:\ProgramData\BllockTheAdS\zHkJ.dll () BHO: DiscountExtensi -> {2dfa3654-1e3d-421b-bd2a-44ddd82bf162} -> C:\ProgramData\DiscountExtensi\9WQA6lTNRDJNG9.dll () BHO: Java Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation) BHO: NeetoCCouppon -> {AB097D8F-D2A7-0862-9C0D-79F7B4F4F67E} -> C:\ProgramData\NeetoCCouppon\mMl.dll () BHO: DisccouuntExtennsi -> {AD4F7405-613E-268E-6679-D4611BB9C3F0} -> C:\ProgramData\DisccouuntExtennsi\eHh.dll () BHO: Skype Browser Helper -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) BHO: coinntIInnUetoosave -> {C56FF8FC-CB12-4FA3-9CA6-F26F20DF4C14} -> C:\ProgramData\coinntIInnUetoosave\51a79e9791c7d.dll () BHO: RoboSaver -> {d1b39dd6-0c5b-43de-95a2-34376ea9fed9} -> C:\ProgramData\RoboSaver\VVNZyldlX5GYAC.dll () BHO: Java Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation) Toolbar: HKLM - Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn2\yt.dll (Yahoo! Inc.) Toolbar: HKU\S-1-5-21-4110935587-3489116528-551596242-1000 -> No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.) Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) Winsock: Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation) Winsock: Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation) Winsock: Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation) Winsock: Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation) Winsock: Catalog5 07 C:\Windows\system32\wshbth.dll [36352] (Microsoft Corporation) Winsock: Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 23 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 24 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 25 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 26 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 27 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 28 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 29 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 30 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 31 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 32 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 33 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 34 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 35 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 36 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 37 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 38 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 39 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 40 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Winsock: Catalog9 41 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation) Tcpip\Parameters: [DhcpNameServer] 193.162.153.164 194.239.134.83 192.168.1.1 FireFox: ======== FF ProfilePath: C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default FF DefaultSearchEngine: WebSearch FF DefaultSearchUrl: hxxp://websearch.pu-result.info/?pid=708&r=2013/05/30&hid=3418226420&lg=EN&cc=DK&l=1&q= FF SearchEngineOrder.1: WebSearch FF SearchEngineOrder.1,S: WebSearch FF SelectedSearchEngine: WebSearch FF SelectedSearchEngine,S: WebSearch FF Homepage: hxxp://www.google.ro/ FF Keyword.URL: hxxp://websearch.pu-result.info/?pid=708&r=2013/05/30&hid=3418226420&lg=EN&cc=DK&l=1&q= FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_12_0_0_77.dll () FF Plugin: @java.com/JavaPlugin,version=10.21.2 -> C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation) FF Plugin: @messenger.yahoo.com/YahooMessengerStatePlugin;version=1.0.0.6 -> C:\Program Files\Yahoo!\Shared\npYState.dll (Yahoo! Inc.) FF Plugin: @microsoft.com/GENUINE -> disabled No File FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.) FF user.js: detected! => C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\user.js FF SearchPlugin: C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\searchplugins\askcom.xml FF SearchPlugin: C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\searchplugins\askcomsearch.xml FF SearchPlugin: C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\searchplugins\WebSearch.xml FF Extension: Happy2Save - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-12-06] FF Extension: coinntIInnUetoosave - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2013-05-30] FF Extension: ShopDrop - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-12-07] FF Extension: BllockTheAdS - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-03-13] FF Extension: DisccouuntExtennsi - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-03-13] FF Extension: Seearchh-NewTaab - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2013-05-30] FF Extension: AllCheapPrice - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-12-12] FF Extension: Yahoo! Toolbar - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1} [2013-11-10] FF Extension: Firefox Old Version Update Hotfix - C:\Users\radu\AppData\Roaming\Mozilla\Firefox\Profiles\i2mwbp9h.default\Extensions\[email protected] [2014-12-12] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-10] FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-12-10] Chrome: ======= CHR dev: Chrome dev build detected! <======= ATTENTION CHR Profile: C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Website and SEO Analysis) - C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\ajkomeiemllejmopbbjjngpmmikfedad [2014-12-06] CHR Extension: (coinntIInnUetoosave) - C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmddiaoaeomgohhfbeamgpmihmngappn [2013-05-30] CHR Extension: (Seearchh-NewTaab) - C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\gjplomjihdbomiodfdhfhkkpfdchjgjf [2013-05-30] CHR Extension: (DisccouuntExtennsi) - C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfkghgdgneleedcmpagdgpeonafijndh [2014-03-08] CHR Extension: (Custom RSS News) - C:\Users\radu\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfogecppckimhabdpppalilellgoeoef [2014-12-12] ========================== Services (Whitelisted) ================= (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R2 f3dadae8; c:\ProgramData\Surf Protect\SurfProtectSvc.dll [175952 2013-12-28] () [File not signed] R2 MaConfigAgent; C:\Program Files\ma-config.com\MaConfigAgent.exe [2117968 2014-01-20] (CybelSoft) R2 MsMpSvc; C:\Program Files\Microsoft Security Client\MsMpEng.exe [22208 2013-10-23] (Microsoft Corporation) R3 NisSrv; C:\Program Files\Microsoft Security Client\NisSrv.exe [280288 2013-10-23] (Microsoft Corporation) R2 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3289208 2013-05-14] (Skype Technologies S.A.) ==================== Drivers (Whitelisted) ==================== (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.) R3 EMSCR; C:\Windows\System32\DRIVERS\EMS7SK.sys [60928 2006-02-16] (ENE Technology Inc.) R3 ESMCR; C:\Windows\System32\DRIVERS\ESM7SK.sys [74624 2006-02-16] (ENE Technology Inc.) R0 MpFilter; C:\Windows\System32\DRIVERS\MpFilter.sys [214696 2013-09-27] (Microsoft Corporation) S3 BlueletAudio; system32\DRIVERS\blueletaudio.sys [X] S3 BlueletSCOAudio; system32\DRIVERS\BlueletSCOAudio.sys [X] S3 BT; system32\DRIVERS\btnetdrv.sys [X] S3 Btcsrusb; System32\Drivers\btcusb.sys [X] S0 BTHidEnum; System32\Drivers\vbtenum.sys [X] S0 BTHidMgr; System32\Drivers\BTHidMgr.sys [X] S3 massfilter; system32\drivers\massfilter.sys [X] S3 VComm; system32\DRIVERS\VComm.sys [X] S3 VcommMgr; System32\Drivers\VcommMgr.sys [X] S3 ZTEusbmdm6k; system32\DRIVERS\ZTEusbmdm6k.sys [X] S3 ZTEusbnmea; system32\DRIVERS\ZTEusbnmea.sys [X] S3 ZTEusbser6k; system32\DRIVERS\ZTEusbser6k.sys [X] ==================== NetSvcs (Whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.) ==================== One Month Created Files and Folders ======== (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-12 19:03 - 2014-12-12 19:06 - 00018393 _____ () C:\Users\radu\Downloads\FRST.txt 2014-12-12 19:02 - 2014-12-12 19:05 - 00000000 ____D () C:\FRST 2014-12-12 19:00 - 2014-12-12 19:00 - 00000000 ____D () C:\ProgramData\184539966256653808UL 2014-12-12 18:58 - 2014-12-12 18:59 - 01111040 _____ (Farbar) C:\Users\radu\Downloads\FRST.exe 2014-12-12 18:38 - 2014-12-12 18:39 - 00000000 ____D () C:\ProgramData\RoboSaver 2014-12-08 18:54 - 2014-06-27 02:45 - 02285056 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll 2014-12-08 18:53 - 2014-05-30 07:36 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2014-12-08 18:52 - 2014-10-25 02:32 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\packager.dll 2014-12-08 18:50 - 2014-06-18 23:23 - 01131664 _____ (Microsoft Corporation) C:\Windows\system32\dfshim.dll 2014-12-08 18:50 - 2014-06-18 23:23 - 00156824 _____ (Microsoft Corporation) C:\Windows\system32\mscorier.dll 2014-12-08 18:50 - 2014-06-18 23:23 - 00081560 _____ (Microsoft Corporation) C:\Windows\system32\mscories.dll 2014-12-08 18:49 - 2014-06-30 23:14 - 00008856 _____ (Microsoft Corporation) C:\Windows\system32\icardres.dll 2014-12-08 18:49 - 2014-03-09 22:47 - 00619672 _____ (Microsoft Corporation) C:\Windows\system32\icardagt.exe 2014-12-08 18:49 - 2014-03-09 22:47 - 00099480 _____ (Microsoft Corporation) C:\Windows\system32\infocardapi.dll 2014-12-08 18:48 - 2014-06-06 07:16 - 00035480 _____ (Microsoft Corporation) C:\Windows\system32\TsWpfWrp.exe 2014-12-07 21:57 - 2014-12-07 21:57 - 00000000 ____D () C:\Windows\Temp2572529C-385A-3758-1B83-D1AED2C11730-Signatures 2014-12-07 21:47 - 2014-12-07 21:47 - 00000000 ____D () C:\ProgramData\Red *****er 2014-12-07 21:36 - 2014-09-09 22:47 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll 2014-12-07 21:36 - 2014-04-25 03:06 - 00626688 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll 2014-12-07 21:35 - 2014-12-07 21:36 - 00000000 ____D () C:\Users\radu\Desktop\aida 2014-12-06 20:04 - 2014-06-25 02:41 - 12874240 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll 2014-12-06 20:03 - 2014-07-17 02:39 - 03221504 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll 2014-12-06 20:03 - 2014-07-17 02:39 - 01051136 _____ (Microsoft Corporation) C:\Windows\system32\mstsc.exe 2014-12-06 20:03 - 2014-07-17 02:39 - 00304128 _____ (Microsoft Corporation) C:\Windows\system32\winlogon.exe 2014-12-06 20:02 - 2014-07-17 02:40 - 00157696 _____ (Microsoft Corporation) C:\Windows\system32\winsta.dll 2014-12-06 20:02 - 2014-07-17 02:39 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\aaclient.dll 2014-12-06 20:02 - 2014-07-17 02:39 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorekmts.dll 2014-12-06 20:02 - 2014-07-17 02:03 - 00184320 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdpwd.sys 2014-12-06 20:02 - 2014-07-17 02:02 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tssecsrv.sys 2014-12-06 20:01 - 2014-03-04 10:17 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll 2014-12-06 19:56 - 2014-12-06 19:56 - 00000812 _____ () C:\Users\radu\Desktop\”Torrent.lnk 2014-12-06 19:56 - 2014-12-06 19:56 - 00000792 _____ () C:\Users\radu\AppData\Roaming\Microsoft\Windows\Start Menu\”Torrent.lnk 2014-12-06 19:52 - 2014-12-06 19:52 - 00000000 ____D () C:\ProgramData\NewSaver 2014-12-06 19:15 - 2014-12-06 19:15 - 00007609 _____ () C:\Users\radu\AppData\Local\Resmon.ResmonCfg 2014-12-05 17:35 - 2014-10-14 02:56 - 00136632 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2014-12-05 17:35 - 2014-10-14 02:50 - 01059840 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2014-12-05 17:35 - 2014-10-14 02:50 - 00523776 _____ (Microsoft Corporation) C:\Windows\system32\termsrv.dll 2014-12-05 17:35 - 2014-10-14 02:47 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2014-12-05 17:35 - 2014-10-14 02:46 - 00681984 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2014-12-05 17:35 - 2014-07-17 02:39 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2014-12-05 17:35 - 2014-07-17 02:39 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2014-12-05 17:35 - 2014-07-07 02:40 - 00550912 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2014-12-05 17:35 - 2014-05-30 08:52 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2014-12-05 17:35 - 2014-05-30 08:52 - 00247808 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2014-12-05 17:35 - 2014-05-30 08:52 - 00220160 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2014-12-05 17:35 - 2014-05-30 08:52 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2014-12-05 17:35 - 2014-04-12 03:15 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2014-12-05 17:35 - 2014-04-12 03:12 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2014-12-05 17:35 - 2014-04-12 03:12 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2014-12-05 17:35 - 2014-04-12 03:12 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2014-12-05 17:35 - 2014-04-12 03:11 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2014-12-05 17:32 - 2014-11-07 20:23 - 00341168 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2014-12-05 17:32 - 2014-11-06 04:28 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2014-12-05 17:32 - 2014-11-06 04:28 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2014-12-05 17:32 - 2014-11-06 04:13 - 00501248 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2014-12-05 17:32 - 2014-11-06 04:13 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2014-12-05 17:32 - 2014-11-06 04:12 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2014-12-05 17:32 - 2014-11-06 04:10 - 19781632 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2014-12-05 17:32 - 2014-11-06 04:10 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2014-12-05 17:32 - 2014-11-06 04:05 - 02277376 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2014-12-05 17:32 - 2014-11-06 04:04 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2014-12-05 17:32 - 2014-11-06 04:03 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2014-12-05 17:32 - 2014-11-06 04:00 - 00478208 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2014-12-05 17:32 - 2014-11-06 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2014-12-05 17:32 - 2014-11-06 03:59 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2014-12-05 17:32 - 2014-11-06 03:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2014-12-05 17:32 - 2014-11-06 03:51 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2014-12-05 17:32 - 2014-11-06 03:48 - 00418304 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2014-12-05 17:32 - 2014-11-06 03:42 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavascriptCollectionAgent.dll 2014-12-05 17:32 - 2014-11-06 03:37 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2014-12-05 17:32 - 2014-11-06 03:36 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2014-12-05 17:32 - 2014-11-06 03:34 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2014-12-05 17:32 - 2014-11-06 03:22 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2014-12-05 17:32 - 2014-11-06 03:22 - 00683008 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2014-12-05 17:32 - 2014-11-06 03:21 - 04298240 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2014-12-05 17:32 - 2014-11-06 03:21 - 02051072 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2014-12-05 17:32 - 2014-11-06 03:20 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2014-12-05 17:32 - 2014-11-06 03:03 - 12819456 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2014-12-05 17:32 - 2014-11-06 02:52 - 01892864 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2014-12-05 17:32 - 2014-11-06 02:48 - 01310208 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2014-12-05 17:32 - 2014-11-06 02:47 - 00708096 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2014-12-05 17:19 - 2014-12-12 18:42 - 00000448 _____ () C:\Windows\setupact.log 2014-12-05 17:19 - 2014-12-05 17:19 - 00000000 _____ () C:\Windows\setuperr.log 2014-12-05 17:15 - 2014-12-05 17:15 - 00000949 _____ () C:\Users\Public\Desktop\Ma-Config.com - Start the detection.lnk 2014-12-05 17:15 - 2014-12-05 17:15 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ma-config.com 2014-12-05 17:07 - 2014-12-05 17:07 - 00000000 ____D () C:\ProgramData\DiscountExtensi 2014-12-05 16:52 - 2014-05-14 17:23 - 01973728 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2014-12-05 16:52 - 2014-05-14 17:23 - 00054240 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2014-12-05 16:52 - 2014-05-14 17:23 - 00045536 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2014-12-05 16:52 - 2014-05-14 17:17 - 02425856 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2014-12-05 16:51 - 2014-05-14 17:23 - 00581600 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2014-12-05 16:51 - 2014-05-14 17:23 - 00036320 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2014-12-05 16:51 - 2014-05-14 17:17 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2014-12-05 16:50 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2014-12-05 16:50 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe ==================== One Month Modified Files and Folders ======= (If an entry is included in the fixlist, the file\folder will be moved.) 2014-12-12 19:08 - 2012-11-22 20:36 - 00000000 ____D () C:\Users\radu\AppData\Roaming\uTorrent 2014-12-12 19:06 - 2012-11-23 02:03 - 01680304 _____ () C:\Windows\WindowsUpdate.log 2014-12-12 19:01 - 2009-07-14 03:37 - 00000000 ____D () C:\Windows\Microsoft.NET 2014-12-12 18:52 - 2009-07-14 05:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2014-12-12 18:52 - 2009-07-14 05:34 - 00021872 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2014-12-12 18:50 - 2013-12-10 15:28 - 00000000 ____D () C:\Program Files\Mozilla Firefox 2014-12-12 18:42 - 2012-11-22 19:06 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job 2014-12-12 18:42 - 2009-07-14 05:53 - 00000006 ____H () C:\Windows\Tasks\SA.DAT 2014-12-12 18:39 - 2014-02-21 18:56 - 00000000 ____D () C:\ProgramData\28f9e1f1f9725f0 2014-12-12 18:38 - 2012-11-22 19:06 - 00701104 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2014-12-12 18:38 - 2012-11-22 19:06 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2014-12-08 18:48 - 2010-11-20 22:01 - 00782470 _____ () C:\Windows\system32\PerfStringBackup.INI 2014-12-07 22:05 - 2012-11-22 17:15 - 00002113 _____ () C:\Windows\epplauncher.mif 2014-12-07 21:49 - 2013-10-28 19:41 - 00000000 ____D () C:\Windows\system32\MRT 2014-12-06 19:56 - 2012-11-22 20:37 - 00000000 ____D () C:\Program Files\uTorrent 2014-12-06 19:20 - 2012-11-22 20:09 - 00000000 ____D () C:\Users\radu\AppData\Roaming\vlc 2014-12-06 19:07 - 2013-05-29 17:22 - 00000000 ____D () C:\ProgramData\Sony Ericsson 2014-12-06 19:07 - 2013-05-29 17:19 - 00000000 ____D () C:\Program Files\Sony Ericsson 2014-12-05 17:19 - 2012-11-30 20:04 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk 2014-12-05 17:19 - 2012-11-30 20:04 - 00000000 ____D () C:\Program Files\Common Files\Adobe 2014-12-05 17:15 - 2012-11-22 17:18 - 00000000 ____D () C:\ProgramData\ma-config.com 2014-12-05 17:15 - 2012-11-22 17:18 - 00000000 ____D () C:\Program Files\ma-config.com 2014-12-05 17:14 - 2013-05-30 19:45 - 00000000 ____D () C:\ProgramData\coinntIInnUetoosave 2014-12-05 17:12 - 2012-12-11 21:17 - 00000000 ____D () C:\Users\radu\Desktop\diverse 2014-12-05 17:04 - 2011-08-11 05:22 - 00000000 ____D () C:\Windows\Panther 2014-12-05 17:00 - 2013-01-16 19:49 - 00000000 ___HD () C:\Program Files\InstallShield Installation Information Some content of TEMP: ==================== C:\Users\radu\AppData\Local\Temp\MaConfigSetupTemp.exe C:\Users\radu\AppData\Local\Temp\uttFFA0.tmp.exe ==================== Bamital & volsnap Check ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => File is digitally signed C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2013-11-30 20:11 ==================== End Of Log =================== Si Addition Additional scan result of Farbar Recovery Scan Tool (x86) Version: 11-12-2014 02 Ran by radu at 2014-12-12 19:11:03 Running from C:\Users\radu\Downloads Boot Mode: Normal ========================================================== ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Microsoft Security Essentials (Enabled - Up to date) {641105E6-77ED-3F35-A304-765193BCB75F} AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} AS: Microsoft Security Essentials (Enabled - Up to date) {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} ==================== Installed Programs ====================== (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) ”Torrent (HKU\S-1-5-21-4110935587-3489116528-551596242-1000\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.) Adobe Flash Player 12 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 12.0.0.77 - Adobe Systems Incorporated) Adobe Flash Player 15 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 15.0.0.246 - Adobe Systems Incorporated) Adobe Reader XI (11.0.09) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated) ATI Catalyst Install Manager (HKLM\...\{47FDEFC7-BFE6-FD75-41D1-28DD572BD2D9}) (Version: 3.0.715.0 - ATI Technologies, Inc.) BllockTheAdS (HKLM\...\{558295F0-DEC2-66EC-3830-04777EF7DA33}) (Version: - BliOCCkTheAds) ccc-core-static (Version: 2010.0210.2339.42455 - ATI) Hidden CCleaner (HKLM\...\CCleaner) (Version: 3.24 - Piriform) coinntIInnUetoosave (HKLM\...\{C1C6816E-CBB3-A748-85F9-A8B47B68985B}) (Version: - continue to save) <==== ATTENTION DiscountExtensi (HKLM\...\{B138259A-351E-33FA-2726-8D71704F1DA9}) (Version: - "") <==== ATTENTION Java 7 Update 21 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217017FF}) (Version: 7.0.210 - Oracle) Ma-Config.com (HKLM\...\{E8986E56-72E1-48C9-9F68-ACB8465E576A}) (Version: 7.1.2.4 - Cybelsoft) Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation) Microsoft Security Essentials (HKLM\...\Microsoft Security Client) (Version: 4.4.304.0 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) Mozilla Firefox 25.0.1 (x86 en-US) (HKLM\...\Mozilla Firefox 25.0.1 (x86 en-US)) (Version: 25.0.1 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 25.0.1 - Mozilla) NeetoCCouppon (HKLM\...\{317D8BB4-16C3-CFBD-3777-AED69667DA46}) (Version: - NetoCoupoin) <==== ATTENTION NewSaver (HKLM\...\{6A08B379-76FB-B4CF-0C70-CAFCD3635A77}) (Version: - "") <==== ATTENTION OpenOffice.org 3.4.1 (HKLM\...\{9F1F2AEA-C72A-4DD6-991E-C5506A5625E4}) (Version: 3.41.9593 - Apache Software Foundation) Red *****er (HKLM\...\{37476589-E48E-439E-A706-56189E2ED4C4}_is1) (Version: - Red *****er) <==== ATTENTION RoboSaver (HKLM\...\{BE360B8B-0F10-CA89-FC84-A5EAB71A6AF8}) (Version: - "") <==== ATTENTION Skins (Version: 2010.0210.2339.42455 - ATI) Hidden Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.9.12585 - Skype Technologies S.A.) Skype™ 6.11 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.11.102 - Skype Technologies S.A.) Surf Protect (HKLM\...\{5F189DF5-2D05-472B-9091-84D9848AE48B}{f3dadae8}) (Version: - GTgroup) <==== ATTENTION VLC media player 2.0.4 (HKLM\...\VLC media player) (Version: 2.0.4 - VideoLAN) WinRAR 4.11 (32-bit) (HKLM\...\WinRAR archiver) (Version: 4.11.0 - win.rar GmbH) Yahoo! Messenger (HKLM\...\Yahoo! Messenger) (Version: - Yahoo! Inc.) Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - ) Yahoo! Toolbar (HKLM\...\Yahoo! Companion) (Version: - Yahoo! Inc.) ==================== Custom CLSID (selected items): ========================== (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.) ==================== Restore Points ========================= 12-12-2014 17:36:02 Windows Update ==================== Hosts content: ========================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-14 03:04 - 2009-06-10 22:39 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (whitelisted) ============= (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.) Task: {9ECEAFDA-4809-4424-9A73-9C9020A53509} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated) Task: {B49DFB7A-24BC-447D-BCE8-8C55CF87E8DB} - System32\Tasks\{B4CD257A-7B7E-4544-8EEF-8D158EC3DBF0} => pcalua.exe -a E:\setup.exe -d E:\ Task: {D970611D-1D89-4073-91CE-F86AF8D39D3F} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2012-10-24] (Piriform Ltd) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe ==================== Loaded Modules (whitelisted) ============= 2013-12-28 21:36 - 2013-12-28 21:36 - 04349440 _____ () c:\ProgramData\Surf Protect\SurfProtect.dll 2013-12-28 21:36 - 2013-12-28 21:36 - 00175952 _____ () c:\ProgramData\Surf Protect\SurfProtectSvc.dll 2013-05-27 20:03 - 2012-02-17 19:55 - 00166912 _____ () C:\Program Files\WinRAR\rarext.dll 2012-08-10 16:51 - 2012-08-10 16:51 - 00985088 _____ () C:\Program Files\OpenOffice.org 3\program\libxml2.dll 2012-11-22 19:06 - 2012-05-25 04:25 - 00921600 _____ () C:\Program Files\Yahoo!\Messenger\yui.dll 2012-11-22 17:30 - 2012-11-22 17:30 - 00014848 _____ () C:\Windows\assembly\GAC_MSIL\AxInterop.WBOCXLib\1.0.0.0__90ba9c70f846762e\AxInterop.WBOCXLib.dll 2009-11-24 13:36 - 2009-11-24 13:36 - 00016384 ____R () C:\Program Files\ATI Technologies\ATI.ACE\Branding\Branding.dll ==================== Alternate Data Streams (whitelisted) ========= (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.) AlternateDataStreams: C:\ProgramData\TEMP:373E1720 ==================== Safe Mode (whitelisted) =================== (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.) ==================== EXE Association (whitelisted) ============= (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.) ==================== MSCONFIG/TASK MANAGER disabled items ========= (Currently there is no automatic fix for this section.) MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^McAfee Security Scan Plus.lnk => C:\Windows\pss\McAfee Security Scan Plus.lnk.Commonstartup MSCONFIG\startupreg: ApnUpdater => "C:\Program Files\Ask.com\Updater\Updater.exe" MSCONFIG\startupreg: Skype => "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun MSCONFIG\startupreg: uTorrent => "C:\Program Files\uTorrent\uTorrent.exe" /MINIMIZED ========================= Accounts: ========================== Administrator (S-1-5-21-4110935587-3489116528-551596242-500 - Administrator - Disabled) Guest (S-1-5-21-4110935587-3489116528-551596242-501 - Limited - Disabled) radu (S-1-5-21-4110935587-3489116528-551596242-1000 - Administrator - Enabled) => C:\Users\radu ==================== Faulty Device Manager Devices ============= Name: Description: Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. Name: PCI FLASH Memory Description: PCI FLASH Memory Class Guid: Manufacturer: Service: Problem: : The drivers for this device are not installed. (Code 28) Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard. ==================== Event log errors: ========================= Application errors: ================== Error: (12/12/2014 06:43:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/12/2014 06:36:22 PM) (Source: MsiInstaller) (EventID: 11720) (User: NT AUTHORITY) Description: Product: Skype Click to Call -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action GetFirefoxLocalProfilePath.AE456DBC_DDBA_441F_BC5E_0CF21D88B0A1 script error -2146827864, Microsoft VBScript runtime error: Object required: 'CreateObject(...).NameSpace(...)' Line 191, Column 7, Error: (12/12/2014 06:35:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/08/2014 06:42:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: The program firefox.exe version 25.0.1.5064 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel. Process ID: b68 Start Time: 01d0130e02af757a Termination Time: 64 Application Path: C:\Program Files\Mozilla Firefox\firefox.exe Report Id: 7af2c4dd-7f01-11e4-8692-0016d4d1dcb9 Error: (12/08/2014 06:38:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/07/2014 10:05:28 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: NT AUTHORITY) Description: HRESULT:0x8004FF80 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF80. Error: (12/07/2014 10:01:11 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT AUTHORITY) Description: Product: Microsoft Security Client -- Error 1921. Service 'Microsoft AntiMalware Service' (MsMpSvc) could not be stopped. Verify that you have sufficient privileges to stop system services. Error: (12/07/2014 09:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/07/2014 07:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 07:47:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 System errors: ============= Error: (12/12/2014 06:43:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BTHidMgr Error: (12/12/2014 06:40:56 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.189.1447.0 Update Source: %NT AUTHORITY59 Update Stage: 4.4.0304.00 Source Path: 4.4.0304.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (12/12/2014 06:34:43 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BTHidMgr Error: (12/08/2014 06:56:22 PM) (Source: Microsoft Antimalware) (EventID: 2001) (User: ) Description: %NT AUTHORITY60 has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.189.1447.0 Update Source: %NT AUTHORITY59 Update Stage: 4.4.0304.00 Source Path: 4.4.0304.01 Signature Type: %NT AUTHORITY602 Update Type: %NT AUTHORITY604 User: NT AUTHORITY\SYSTEM Current Engine Version: %NT AUTHORITY605 Previous Engine Version: %NT AUTHORITY606 Error code: %NT AUTHORITY607 Error description: %NT AUTHORITY608 Error: (12/08/2014 06:55:50 PM) (Source: Service Control Manager) (EventID: 7043) (User: ) Description: The Windows Update service did not shut down properly after receiving a preshutdown control. Error: (12/08/2014 06:37:27 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BTHidMgr Error: (12/07/2014 10:05:38 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY) Description: Installation Failure: Windows failed to install the following update with error 0x80070643: Update for Microsoft Security Essentials - 4.6.305.0 (KB2965031). Error: (12/07/2014 09:49:12 PM) (Source: DCOM) (EventID: 10010) (User: ) Description: {F9717507-6651-4EDB-BFF7-AE615179BCCF} Error: (12/07/2014 09:30:00 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BTHidMgr Error: (12/07/2014 07:37:15 PM) (Source: Service Control Manager) (EventID: 7026) (User: ) Description: The following boot-start or system-start driver(s) failed to load: BTHidMgr Microsoft Office Sessions: ========================= Error: (12/12/2014 06:43:34 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/12/2014 06:36:22 PM) (Source: MsiInstaller) (EventID: 11720) (User: NT AUTHORITY) Description: Product: Skype Click to Call -- Error 1720. There is a problem with this Windows Installer package. A script required for this install to complete could not be run. Contact your support personnel or package vendor. Custom action GetFirefoxLocalProfilePath.AE456DBC_DDBA_441F_BC5E_0CF21D88B0A1 script error -2146827864, Microsoft VBScript runtime error: Object required: 'CreateObject(...).NameSpace(...)' Line 191, Column 7, (NULL)(NULL)(NULL)(NULL)(NULL) Error: (12/12/2014 06:35:15 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/08/2014 06:42:14 PM) (Source: Application Hang) (EventID: 1002) (User: ) Description: firefox.exe25.0.1.5064b6801d0130e02af757a64C:\Program Files\Mozilla Firefox\firefox.exe7af2c4dd-7f01-11e4-8692-0016d4d1dcb9 Error: (12/08/2014 06:38:00 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/07/2014 10:05:28 PM) (Source: Microsoft Security Client Setup) (EventID: 100) (User: NT AUTHORITY) Description: HRESULT:0x8004FF80 Description:Cannot complete the Security Essentials Upgrade. An error has prevented the Security Essentials Upgrade Wizard from continuing. The previous version of Security Essentials was restored. Error code:0x8004FF80. Error: (12/07/2014 10:01:11 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT AUTHORITY) Description: Product: Microsoft Security Client -- Error 1921. Service 'Microsoft Antimalware Service' (MsMpSvc) could not be stopped. Verify that you have sufficient privileges to stop system services.(NULL)(NULL)(NULL)(NULL)(NULL) Error: (12/07/2014 09:30:58 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/07/2014 07:38:17 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 Error: (12/06/2014 07:47:08 PM) (Source: WinMgmt) (EventID: 10) (User: ) Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003 ==================== Memory info =========================== Processor: Mobile AMD Sempron Processor 3500+ Percentage of memory in use: 74% Total physical RAM: 1278.17 MB Available physical RAM: 322.25 MB Total Pagefile: 2556.34 MB Available Pagefile: 1135.99 MB Total Virtual: 2047.88 MB Available Virtual: 1912 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:19.54 GB) (Free:2.47 GB) NTFS ==>[Drive with boot components (obtained from BCD)] Drive d: (DATA) (Fixed) (Total:54.99 GB) (Free:6.84 GB) NTFS ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 74.5 GB) (Disk ID: 00067A6E) Partition 1: (Active) - (Size=19.5 GB) - (Type=07 NTFS) Partition 2: (Not Active) - (Size=55 GB) - (Type=OF Extended) ==================== End Of Log ============================ Îmi cer scuze pentru textul acesta IMENS, aștept sa vad daca poți desluși ceva din ce am postat. Multumesc mult si scuze inca o data. Edited by mritzcu, 12 December 2014 - 20:46. |
#17
Posted 12 December 2014 - 23:24
1. Descarca si salveaza fixlist.txt.
fixlist.txt 5.69K
1 downloads
Atentie,fixlist.txt, trebuie salvat in aceiasi locatie cu FRST.exe 2. Ruleaza din nou Farbar Recovery Scan Tool. Dublu click pe FRST.exe pentru al rula.[ http://s4.postimg.org/b7b2g838p/Frst1.png - Pentru incarcare in pagina (embed) Click aici ] Pentru Windows Vista sau Windows7,Windows8 click dreapta, selecteaza Run as administrator. Click pe Yes. [ http://s27.postimg.org/yzw6sw783/FRST2.png - Pentru incarcare in pagina (embed) Click aici ] Click pe Fix. [ http://s22.postimg.org/bzzjtg0ap/FRST4.jpg - Pentru incarcare in pagina (embed) Click aici ] Posteaza logul creat. 2. Descarca AdwCleaner by Xplode pe Desktop. Dublu click pe AdwCleaner.exe pentru al rula. Pentru Windows Vista sau Windows7,Windows8 click dreapta, selecteaza Run as administrator. Click pe Scan. Asteapta sa termine de cautat, click pe Clean. Dupa ce termina de curatat, apasa pe Report. Posteaza continutul fisierului aici. Logul se gaseste in C:\AdwCleaner[Sn].txt (n este un numar). [ http://s3.postimg.org/tfjxm09qr/Adw_C.png - Pentru incarcare in pagina (embed) Click aici ] 3. Descarca si salveaza pe Desktop Junkware Removal Tool. Inchide toate programele care ruleaza. Pentru Windows Vista sau Windows7,Windows8 click dreapta, selecteaza Run as administrator. Scaneaza cu el. Ai rabdare cu el, dureaza putin mai mult. Posteaza logul aici. [ http://s7.postimage.org/z2rwy800r/JRT.jpg - Pentru incarcare in pagina (embed) Click aici ] |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users