Премини към съдържанието

kook

Потребител
  • Публикации

    239
  • Регистрация

  • Последно онлайн

Харесвания

320 Супер репутация

1 Последовател

Всичко за kook

  • Титла
    Почетен потребител

Информация

  • Пол
    Мъж
  1. Преди имах 9-та версия на програмата, но не ми вършеше работа. Търсих в нета 4-та версия. Дръпнах я. Дропна двата файла, Аваст изпищя, но не можа да се справи и да ги премахне. Премахнах ги ръчно. След това изтеглих 5-та версия на ДВДФаб, която изглежда чиста и ми върши работа. ФРСТ открива така като гледам и стари и нови ключове в регистрите свързани с 3-те различни версии, които теглих. В момента имам инсталирана 5-та версия и съм доволен и не ми прави проблеми. SearchReg.txt Sality Killer не можах да го стартирам през CMD. Стартирах го чрез иконата на десктопа и не се създаде лог файл. Изписа, че има 0 зарази. Може би поводът ми за притеснение е неудачен и системата е чиста. От 2 седмици съм с Уиндоус 7 на този лаптоп и процесорът му май идва слабичък, та затова се товари до 80-90 процента при браузване...
  2. DVDFab Platinum. Стара версия търсех, че ми трябва. Мога и линк да ви пратя на лично да тествате. Дропва две екзета в Темп папката. Самата програма си и няма нищо. Но това, което изтеглих беше някаква кракната версия с изненада вътре мисля.
  3. Дневникът ФРСТ.ехе го прикачих, защото при копи пейст на текста нещо форумът се бъгва. Ще е възможно ли да хвърлите едно око. Деинсталирах Аваст. Такава издънка не мога да пренебрегна. Сигнализира ми за заплаха но нищо не можа да направи. Вече съм с ФортиКлиент.
  4. Addition.txt FRST.txt Процесорът се товари почти на макс при отворен 1 таб в Мозила. Свалих една кракната програма и оттам почнаха проблемите. Аваст отрки заплахи key.exe и keygen-pr.exe, но не можа да се справи с тях. Намираха се в Local\Temp папката. Влезнах в сейфмод и ръчно ги изтрих. Проблемът все още е налице очевидно обаче. Четох специално за keygen-pr.exe в нета. На едно място го обявяват за CPU Miner, на друго - за Sality (дано не се окаже това...). Сканирах с Хитманпро, Земана и Малуербайтс. Нищичко не откриват.
  5. Здравейте. Търся читава програма, която да възстановява изтрити снимки от Телефон с Андроид. Изпробвах десетки програми от GooglePlay Store, но не намирам снимките, които по погрешка бяха изтрити, а ми трябват. Снимките ми бяха пратени по Вайбър, като бяха съхранени автоматично в папка Viber Images в паметта на телефона. Пробвах и редица програми за Уиндоус. Свързвах телефона с USB кабела, някои от програмите сканираха и не намираха това, което ми трябва, а други пък - искаха руут на телефона. Руут нямам, не мисля и да правя. Предложения и идеи за програми, които могат да свършат работа, се приемат . Благодаря предварително!
  6. Имайки налице ЕСЕТ и AdGuard не съм смятал никога, че някога от някъде мога да лепна адуер. Още по-малко като считам, че поддържам добра хигиена на браузване и махам всички отметки при инсталиране на програми, които идват с разни бонуси, тулбари и прочие. Още веднъж се потвърждава твърдението, че 100% защита обаче няма и никой не е застрахован. Благодаря за изчерпателния отговор, поясненията и още веднъж за помощта !
  7. Понеже мислех, че имаме още работа и указания за премахване на комбофикс и другите програми, затова не бързах да изказажа благодарности за помощта. И понеже ми е интересно и се чудя как и от къде го бях прихванал този адуер, бих желал, ако е възможно разбира се, да ми обясниш и защо толкова трудно го премахнахме. Малуърбайтс (изключителна програма, на която се доверявам от години) откриваше адуера, но не успяваше трайно да го премахне.. Благодаря най-искрено за оказаната помощ !
  8. Прикачвам логовете. FRST.txt Addition.txt След като стартирах 1.reg проблемът като че ли вече се оправи. Антивирусната не ме известява, а също и проверих в regedit.. ключът който правеше проблема вече перманентно го няма (преди се възобновяваше).
  9. Този път май проработи, да. Проблемът за жалост още си е налице. export.reg
  10. Същата работа и с този бат файл.
  11. Христос Воскресе! Изтеглих бат файла, но при стартирането му се отваря за много кратко (за части от секундата) конзолата и се затваря светкавично. Нищо не се случва и нито иска рестарт, нито нищо. Създаден файл също няма. Може би нещо не е сработило.. Иначе проблемът още продължава.
  12. Може би отскоро е станала мрежата им зоологическа градина, защото преди проблеми нямаше. Ето лога от Комбофикс: (Проблемът продължава и след интервенцията на Комбофикс...) ComboFix 16-04-29.01 - hristo 04.2016 г. 22:47:51.1.4 - x64 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.8073.6681 [GMT 3:00] Running from: c:\users\hristo\Desktop\ComboFix.exe AV: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {19259FAE-8396-A113-46DB-15B0E7DFA289} SP: ESET NOD32 Antivirus 8.0 *Disabled/Updated* {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834} SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files (x86)\InViewer c:\program files (x86)\InViewer\AxInterop.WMPLib.dll c:\program files (x86)\InViewer\changelog.txt c:\program files (x86)\InViewer\gpl.txt c:\program files (x86)\InViewer\Interop.WMPLib.dll c:\program files (x86)\InViewer\invhelper.exe c:\program files (x86)\InViewer\inviewer.exe c:\program files (x86)\InViewer\readme.txt c:\program files (x86)\InViewer\unins000.dat c:\program files (x86)\InViewer\unins000.exe c:\programdata\ntuser.pol c:\windows\system\bdt52exf.dll c:\windows\system\bivbx31.32n c:\windows\winhelp.ini . . ((((((((((((((((((((((((( Files Created from 2016-03-28 to 2016-04-30 ))))))))))))))))))))))))))))))) . . 2016-04-30 19:52 . 2016-04-30 19:52 -------- d-----w- c:\users\Default\AppData\Local\temp 2016-04-30 19:19 . 2016-04-30 19:19 -------- d-----w- C:\zoek 2016-04-30 19:06 . 2016-04-30 19:52 -------- d-----w- c:\users\hristo\AppData\Local\Temp 2016-04-30 17:21 . 2016-04-30 17:21 -------- d-----w- c:\program files (x86)\Mozilla Maintenance Service 2016-04-30 17:21 . 2016-04-30 17:21 -------- d-----w- c:\program files\Mozilla Firefox 2016-04-29 18:25 . 2016-04-29 18:29 -------- d-----w- c:\users\hristo\AppData\Roaming\ZHP 2016-04-29 17:17 . 2016-04-30 17:25 -------- d-----w- C:\FRST 2016-04-29 15:19 . 2016-04-29 15:19 22704 ----a-w- c:\windows\system32\drivers\EsgScanner.sys 2016-04-29 14:52 . 2016-04-29 14:52 290304 ----a-w- c:\windows\SysWow64\subinacl.exe 2016-04-29 14:52 . 2016-04-29 14:52 -------- d-----w- c:\program files (x86)\Adware Removal Tool by TSA 2016-04-29 14:38 . 2016-04-29 18:20 -------- d-----w- C:\AdwCleaner 2016-04-29 14:24 . 2016-04-29 14:24 202656 ----a-w- c:\windows\system32\drivers\zam64.sys 2016-04-29 14:24 . 2016-04-29 14:24 202656 ----a-w- c:\windows\system32\drivers\zamguard64.sys 2016-04-29 14:24 . 2016-04-29 14:24 -------- d-----w- c:\program files (x86)\Zemana AntiMalware 2016-04-29 14:24 . 2016-04-29 14:24 -------- d-----w- c:\users\hristo\AppData\Local\Zemana 2016-04-27 11:05 . 2016-04-27 11:24 -------- d-----w- c:\users\proba 2016-04-27 10:33 . 2013-11-06 21:07 8157184 ----a-w- c:\windows\system32\IDTNHP.dll 2016-04-27 10:33 . 2013-11-06 21:07 8131584 ----a-w- c:\windows\system32\IDTNGUI.exe 2016-04-27 10:33 . 2013-11-06 21:07 6154240 ----a-w- c:\windows\system32\stlang64.dll 2016-04-27 10:33 . 2013-11-06 21:07 253952 ----a-w- c:\windows\system32\IDTNJ.exe 2016-04-27 10:33 . 2013-11-06 21:07 2233344 ----a-w- c:\windows\system32\IDTNX.dll 2016-04-27 10:33 . 2013-11-06 21:07 1897984 ----a-w- c:\windows\system32\IDTNC64.cpl 2016-04-27 10:33 . 2013-11-06 21:07 1703424 ----a-w- c:\windows\sttray64.exe 2016-04-27 10:33 . 2011-05-17 14:25 464384 ----a-w- c:\windows\system32\slapoi64.dll 2016-04-25 17:26 . 2016-04-25 17:26 -------- d-----w- c:\users\hristo\AppData\Local\iSkysoft 2016-04-25 17:26 . 2016-04-25 17:26 -------- d-----w- c:\program files (x86)\Common Files\iSkysoft 2016-04-25 17:26 . 2015-02-27 11:38 721263 ----a-w- c:\windows\SysWow64\ISCM64.dll 2016-04-25 17:26 . 2015-02-27 11:38 214528 ----a-w- c:\windows\SysWow64\ISCM32.dll 2016-04-25 17:26 . 2015-02-27 11:54 31080 ----a-w- c:\windows\system32\drivers\VirtualAudio.sys 2016-04-25 17:26 . 2016-04-29 13:34 -------- d-----w- c:\programdata\iSkysoft Video Converter 2016-04-25 17:26 . 2016-04-25 17:27 -------- d-----w- c:\programdata\iSkysoft 2016-04-25 17:26 . 2016-04-25 17:26 -------- d-----w- c:\program files (x86)\iSkysoft 2016-04-25 17:24 . 2016-04-25 17:25 46597368 ----a-w- c:\program files (x86)\video-converter-win_full165.exe 2016-04-21 12:17 . 2016-04-21 12:17 -------- d-----w- c:\program files (x86)\Common Files\Java 2016-04-08 13:33 . 2016-04-08 13:33 5934784 ----a-w- c:\windows\SysWow64\FlashPlayerInstaller.exe . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2016-04-30 09:16 . 2015-04-01 15:49 192216 ----a-w- c:\windows\system32\drivers\MBAMSwissArmy.sys 2016-04-21 12:17 . 2014-06-01 15:42 97856 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll 2016-04-08 13:33 . 2015-01-13 14:11 797376 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe 2016-04-08 13:33 . 2015-01-13 14:11 142528 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl 2016-03-10 11:09 . 2015-04-01 15:49 64896 ----a-w- c:\windows\system32\drivers\mwac.sys 2016-03-10 11:08 . 2015-04-01 15:49 140672 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2016-03-10 11:08 . 2015-04-01 15:49 27008 ----a-w- c:\windows\system32\drivers\mbam.sys 2015-01-06 11:29 . 2015-01-06 11:28 33551464 ----a-w- c:\program files (x86)\ashampoo_burning_studio_free_1.14.5_sm.exe 2015-01-02 20:35 . 2014-06-01 10:37 73898496 ----a-w- c:\program files\eav_nt64_ENU.msi 2014-09-12 19:37 . 2014-09-12 19:37 6308192 ----a-w- c:\program files (x86)\TeamViewer_Setup_bg.exe 2014-08-22 09:29 . 2014-08-22 09:28 35594856 ----a-w- c:\program files (x86)\SkypeSetupFull.exe 2014-08-20 17:09 . 2014-08-20 17:09 18080656 ----a-w- c:\program files\PDFXVwer.exe 2014-06-13 14:40 . 2014-06-13 14:40 2782320 ----a-w- c:\program files\Fraps 3.5.99 Build 15618.exe 2014-06-01 09:24 . 2014-06-01 09:24 22180353 ----a-w- c:\program files (x86)\audacity-win-2.0.5.exe 2014-05-31 17:59 . 2014-05-31 17:58 4770672 ----a-w- c:\program files (x86)\BitTorrent-7.2.1.exe 2014-05-19 15:47 . 2014-06-02 16:30 32935208 ----a-w- c:\program files (x86)\MSIAfterburnerSetup300.exe . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "HydraVisionDesktopManager"="c:\program files (x86)\ATI Technologies\HydraVision\HydraDM.exe" [2014-04-17 1967616] . [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run] "USB3MON"="c:\program files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" [2013-12-20 292848] "IMSS"="c:\program files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe" [2013-09-16 134616] "BtTray"="c:\program files (x86)\Ralink Corporation\Ralink Bluetooth Stack\BtTray.exe" [2014-02-17 389368] "SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2016-03-31 596504] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 3 (0x3) "EnableLUA"= 0 (0x0) "EnableUIADesktopToggle"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys] @="" . R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x] R3 BthL2caScoIfSrv;Bluetooth Profile Interface Driver Service;c:\windows\system32\Drivers\BtL2caScoIf.sys;c:\windows\SYSNATIVE\Drivers\BtL2caScoIf.sys [x] R3 btUrbFilterDrv;IVT URB Bluetooth Filter Driver Service;c:\windows\system32\Drivers\IvtUrbBtFlt.sys;c:\windows\SYSNATIVE\Drivers\IvtUrbBtFlt.sys [x] R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x] R3 EsgScanner;EsgScanner;c:\windows\system32\DRIVERS\EsgScanner.sys;c:\windows\SYSNATIVE\DRIVERS\EsgScanner.sys [x] R3 hpCMSrv;HP Connection Manager 4 Service;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe;c:\program files (x86)\Hewlett-Packard\HP Connection Manager\hpCMSrv.exe [x] R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x] R3 IntcDAud;Intel(R) Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x] R3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;c:\program files\Intel\iCLS Client\SocketHeciServer.exe;c:\program files\Intel\iCLS Client\SocketHeciServer.exe [x] R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x] R3 RTSPER;Realtek PCIE Card Reader - PER;c:\windows\system32\DRIVERS\RtsPer.sys;c:\windows\SYSNATIVE\DRIVERS\RtsPer.sys [x] R3 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x] R3 Synth3dVsc;Synth3dVsc;c:\windows\system32\drivers\synth3dvsc.sys;c:\windows\SYSNATIVE\drivers\synth3dvsc.sys [x] R3 terminpt;Microsoft Remote Desktop Input Driver;c:\windows\system32\drivers\terminpt.sys;c:\windows\SYSNATIVE\drivers\terminpt.sys [x] R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x] R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x] R3 tsusbhub;tsusbhub;c:\windows\system32\drivers\tsusbhub.sys;c:\windows\SYSNATIVE\drivers\tsusbhub.sys [x] R3 VGPU;VGPU;c:\windows\system32\drivers\rdvgkmd.sys;c:\windows\SYSNATIVE\drivers\rdvgkmd.sys [x] R3 WsAudio_Device;WsAudio_Device;c:\windows\system32\drivers\VirtualAudio.sys;c:\windows\SYSNATIVE\drivers\VirtualAudio.sys [x] S0 amdkmpfd;AMD PCI Root Bus Lower Filter;c:\windows\system32\DRIVERS\amdkmpfd.sys;c:\windows\SYSNATIVE\DRIVERS\amdkmpfd.sys [x] S0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;c:\windows\system32\DRIVERS\iusb3hcs.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hcs.sys [x] S0 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\MBAMSwissArmy.sys;c:\windows\SYSNATIVE\drivers\MBAMSwissArmy.sys [x] S1 eamonm;eamonm;c:\windows\system32\DRIVERS\eamonm.sys;c:\windows\SYSNATIVE\DRIVERS\eamonm.sys [x] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys;c:\windows\SYSNATIVE\DRIVERS\ehdrv.sys [x] S1 ZAM;ZAM Helper Driver;c:\windows\System32\drivers\zam64.sys;c:\windows\SYSNATIVE\drivers\zam64.sys [x] S1 ZAM_Guard;ZAM Guard Driver;c:\windows\System32\drivers\zamguard64.sys;c:\windows\SYSNATIVE\drivers\zamguard64.sys [x] S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe;c:\program files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [x] S2 epfwwfpr;epfwwfpr;c:\windows\system32\DRIVERS\epfwwfpr.sys;c:\windows\SYSNATIVE\DRIVERS\epfwwfpr.sys [x] S2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;c:\program files\Intel\iCLS Client\HeciServer.exe;c:\program files\Intel\iCLS Client\HeciServer.exe [x] S2 Intel(R) ME Service;Intel(R) ME Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [x] S2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe;c:\program files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [x] S2 NitroDriverReadSpool9;NitroPDFDriverCreatorReadSpool9;c:\program files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe;c:\program files\Common Files\Nitro\Pro\9.0\NitroPDFDriverService9x64.exe [x] S2 nlsX86cc;Nalpeiron Licensing Service;c:\windows\SysWOW64\NLSSRV32.EXE;c:\windows\SysWOW64\NLSSRV32.EXE [x] S2 TeamViewer9;TeamViewer 9;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe;c:\program files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [x] S2 ZAMSvc;ZAM Controller Service;c:\program files (x86)\Zemana AntiMalware\ZAM.exe;c:\program files (x86)\Zemana AntiMalware\ZAM.exe [x] S3 BtAudioBusSrv;Ralink Bluetooth Audio Bus Service;c:\windows\system32\Drivers\BtAudioBus.sys;c:\windows\SYSNATIVE\Drivers\BtAudioBus.sys [x] S3 iusb3hub;Intel(R) USB 3.0 Hub Driver;c:\windows\system32\DRIVERS\iusb3hub.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3hub.sys [x] S3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;c:\windows\system32\DRIVERS\iusb3xhc.sys;c:\windows\SYSNATIVE\DRIVERS\iusb3xhc.sys [x] S3 m76usb;M76USB Bluetooth Device Driver;c:\windows\system32\DRIVERS\m76usb.sys;c:\windows\SYSNATIVE\DRIVERS\m76usb.sys [x] S3 netr28x;Ralink 802.11n Extensible Wireless Driver;c:\windows\system32\DRIVERS\netr28x.sys;c:\windows\SYSNATIVE\DRIVERS\netr28x.sys [x] S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x] S3 SPUVCbv;SPUVCb Driver Service;c:\windows\system32\Drivers\SPUVCbv_x64.sys;c:\windows\SYSNATIVE\Drivers\SPUVCbv_x64.sys [x] . . Contents of the 'Scheduled Tasks' folder . 2016-04-30 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-01-13 13:33] . . --------- X64 Entries ----------- . . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "StartupDelayer"="c:\program files\Startup Delayer\Startup Launcher.exe" [2014-07-20 1257544] "Persistence"="c:\windows\system32\igfxpers.exe" [2013-10-16 444400] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2013-10-16 407536] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2015-07-08 5595848] "SysTrayApp"="c:\program files\IDT\WDM\sttray64.exe" [2013-11-06 1703424] . ------- Supplementary Scan ------- . uLocal Page = c:\windows\system32\blank.htm uStart Page = hxxp://www.google.com mLocal Page = c:\windows\SysWOW64\blank.htm TCP: Interfaces\{114E42A2-F4B3-4376-AEC5-69FA8E0C66E4}: NameServer = 87.120.67.1 FF - ProfilePath - c:\users\hristo\AppData\Roaming\Mozilla\Firefox\Profiles\m1va6xgc.default\ . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start Toolbar-Locked - (no file) HKLM-Run-SynTPEnh - c:\program files (x86)\Synaptics\SynTP\SynTPEnh.exe AddRemove-SopCast - c:\program files (x86)\SopCast\uninst.exe AddRemove-{1AA94747-3BF6-4237-9E1A-7B3067738FE1} - c:\program files (x86)\InstallShield Installation Information\{1AA94747-3BF6-4237-9E1A-7B3067738FE1}\setup.exe AddRemove-{6e8f74e0-43bd-4dce-8477-6ff6828acc07} - c:\programdata\Package Cache\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}\vcredist_x64.exe AddRemove-{7E575733-1DF5-4064-AE38-289BA932398A}_is1 - c:\program files (x86)\InViewer\unins000.exe AddRemove-{8e70e4e1-06d7-470b-9f74-a51bef21088e} - c:\programdata\Package Cache\{8e70e4e1-06d7-470b-9f74-a51bef21088e}\vcredist_x86.exe AddRemove-{ce085a78-074e-4823-8dc1-8a721b94b76d} - c:\programdata\Package Cache\{ce085a78-074e-4823-8dc1-8a721b94b76d}\vcredist_x86.exe . . . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-878371416-534066379-273716249-1000_Classes\Wow6432Node\CLSID\{22fea51b-d6d8-4c3d-9dc6-122a63db5967}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:00000160 "Therad"=dword:00000025 "MData"=hex(0):2b,8f,78,29,5a,0c,ce,ec,48,d4,68,e5,9f,6a,96,3e,ab,de,c5,81,26, 38,95,44,37,98,fc,d1,02,1b,64,e6,e3,7d,c9,98,63,5f,7c,e7,2c,63,1a,65,1a,de,\ . [HKEY_USERS\S-1-5-21-878371416-534066379-273716249-1000_Classes\Wow6432Node\CLSID\{5ED60779-4DE2-4E07-B862-974CA4FF2E9C}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "scansk"=hex(0):ac,97,d5,0d,bf,67,dc,7a,06,0b,74,2c,5b,4c,b1,3b,86,de,14,7b,af, 4b,b9,7e,ec,1d,43,2d,98,53,f7,f8,05,8e,ab,f6,e6,ed,2b,22,00,00,00,00,00,00,\ . [HKEY_USERS\S-1-5-21-878371416-534066379-273716249-1000_Classes\Wow6432Node\CLSID\{6d36db83-0dde-4af5-b333-3abf8c8a728e}] @Denied: (Full) (Everyone) @Allowed: (Read) (RestrictedCode) "Model"=dword:0000005a "Therad"=dword:00000001 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,b6,1f,81,1f,5a, 1b,4d,36,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,ee,21,46,8f,3c,f2,5c,68,\ . [HKEY_USERS\S-1-5-21-878371416-534066379-273716249-1000_Classes\Wow6432Node\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):b2,f4,d4,68,89,cf,59,5f,0a,14,85,8c,1d,03,cb,64,56,37,a5,f9,58, e2,0d,95,8c,65,7f,5b,e5,a5,a0,57,da,6d,ea,bb,24,55,38,a6,00,00,00,00,00,00,\ . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0001\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0002\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0003\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0004\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 . [HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security] @Denied: (Full) (Everyone) . Completion time: 2016-04-30 22:55:39 ComboFix-quarantined-files.txt 2016-04-30 19:55 . Pre-Run: 114 021 396 480 bytes free Post-Run: 113 841 238 016 bytes free . - - End Of File - - 345AC29A6FE3D55C60EFA8262CE1F75F A36C5E4F47E84449FF07ED3517B43A31
  13. Така само цифрите нищо не ми говорят. Но сега проверих в Гуугъл. Явява се, че това е едно от АйПи-тата на доставчика, който ползвам от вчера. Те идваха и правиха настройки по лаптопа, но беше преди почти 2 години. А ползвам така временно интернет от тях от доста време, проблем не съм имал. Иначе да, ЕСЕТ продължава да блокира многократно ън-стоп.ком
  14. Не, не използвам интернет от флашка. Проблемът се появи като че ли от вчера, когато ръгнах ЛАН кабела за интернета... В момента не съм си вкъщи и ми се налага за няколко дни да ползвам интернет от друг доставчик през ЛАН. Само че и друг път съм го ползвал и съм нямал никакви проблеми... Не знам откъде дойде този адуер.
  15. Zoek.exe v5.0.0.1 Updated 31-December-2015 Tool run by hristo on бкЎ 30.04.2016 Ј. at 21:53:43,63. Microsoft Windows 7 Ultimate 6.1.7601 Service Pack 1 x64 Running in: Normal Mode Internet Access Detected Launched: C:\Users\hristo\Desktop\zoek.exe [Scan all users] [Script inserted] ==== System Restore Info ====================== 30.4.2016 г. 21:54:38 Zoek.exe System Restore Point Created Successfully. ==== Empty Folders Check ====================== C:\PROGRA~3\IDM deleted successfully C:\PROGRA~3\Ubisoft deleted successfully C:\Users\hristo\AppData\Roaming\25735 deleted successfully C:\Users\hristo\AppData\Roaming\DMCache deleted successfully C:\Users\hristo\AppData\Roaming\iSkysoft Video Converter deleted successfully C:\Users\hristo\AppData\Local\Adobe deleted successfully C:\Users\hristo\AppData\Local\Opera Software deleted successfully ==== Deleting CLSID Registry Keys ====================== ==== Deleting CLSID Registry Values ====================== ==== Deleting Services ====================== ==== FireFox Fix ====================== Deleted from C:\Users\hristo\AppData\Roaming\Mozilla\Firefox\Profiles\m1va6xgc.default\prefs.js: Added to C:\Users\hristo\AppData\Roaming\Mozilla\Firefox\Profiles\m1va6xgc.default\prefs.js: user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Deleting Files \ Folders ====================== C:\Users\hristo\.android deleted C:\PROGRA~2\SopCast deleted C:\PROGRA~2\COMMON~1\Wondershare deleted C:\PROGRA~3\BSD deleted C:\PROGRA~3\Package Cache deleted C:\Users\hristo\AppData\Local\Wondershare deleted C:\windows\SysNative\GroupPolicy\Machine deleted C:\windows\SysNative\GroupPolicy\User deleted C:\windows\SysNative\GroupPolicy\gpt.ini deleted C:\Windows\Syswow64\GroupPolicy\gpt.ini deleted ==== Firefox Start and Search pages ====================== ProfilePath: C:\Users\hristo\AppData\Roaming\Mozilla\Firefox\Profiles\m1va6xgc.default user_pref("browser.startup.homepage", "about:home"); user_pref("browser.newtab.url", "about:newtab"); ==== Firefox Extensions ====================== AppDir: C:\Program Files\Mozilla Firefox - Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi ==== Firefox Plugins ====================== ==== Fake Chromium Profiles Check ====================== Fake profile C:\Users\hristo\AppData\Local\Google\Chrome deleted ==== Chromium Look ====================== HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions hegneaniplmfjcmohoclabblbahcbjoe - No path found[] HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions hegneaniplmfjcmohoclabblbahcbjoe - No path found[] mjbepbhonbojpoaenhckjocchgfiaofo - No path found[] ==== Set IE to Default ====================== Old Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] New Values: [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main] "Start Page"="http://www.google.com" ==== All HKLM and HKCU SearchScopes ====================== HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKLM\Wow6432Node\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms} HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02 ==== Reset Google Chrome ====================== Nothing found to reset ==== Deleting Registry Keys ====================== HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\EaseUS EPM tray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IDMan deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IgfxTray deleted successfully HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Wondershare Helper Compact.exe deleted successfully ==== Empty IE Cache ====================== C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Users\hristo\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully ==== Empty FireFox Cache ====================== C:\Users\hristo\AppData\Local\Mozilla\Firefox\Profiles\m1va6xgc.default\cache2 will be emptied at reboot ==== Empty Chrome Cache ====================== No Chrome Cache found ==== Empty All Flash Cache ====================== Flash Cache Emptied Successfully ==== Empty All Java Cache ====================== Java Cache cleared successfully ==== C:\zoek_backup content ====================== C:\zoek_backup (files=167 folders=61 41196913 bytes) ==== Empty Temp Folders ====================== C:\Users\Default\AppData\Local\Temp emptied successfully C:\Users\Default User\AppData\Local\Temp emptied successfully C:\Users\hristo\AppData\Local\Temp will be emptied at reboot C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully C:\Windows\Temp will be emptied at reboot ==== After Reboot ====================== ==== Empty Temp Folders ====================== C:\Windows\Temp successfully emptied C:\Users\hristo\AppData\Local\Temp successfully emptied ==== Empty Recycle Bin ====================== C:\$RECYCLE.BIN successfully emptied ==== EOF on бкЎ 30.04.2016 Ј. at 22:07:07,38 ======================
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...