Премини към съдържанието

MariyaKoleva

Потребител
  • Публикации

    19
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за MariyaKoleva

  • Титла
    Потребител
  1. Здравейте, благодаря за съдействието, днес сканирах с Malwarebytes Anti-Malware и всичко беше наред. Тази Java така и не иска да тръгне, изписва ми Doc1.doc Хубав ден
  2. Java не е актуална а по-старите версии съдържат уязвимости. Нужно е да обновете до най-новата версия: Изтеглете най-новата версия от тук: Free Java Download Важно е да се отстранят по-стари версии на Java, тъй като тя не прави това автоматично и старите версии все още ви оставя уязвими. Отидете на Start > Control Panel > отворете Uninstall a program Намерете в списъка всички предишни инсталирани версии на Java. (J2SE Runtime Environment Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE or J2SE).Във вашия случай:Java™ 7 Update 1.Изберете всяка поотделно и я деинсталирайте като щракнете върху Uninstall.След като старите версии са премахнати, моля инсталирайте най-новата версия. Изтрих от контрол панела, обаче пак ми изписва грешка в инсталирането на новата версия, от другаде трябва ли да премахвам нещо?
  3. Опитах отнова да пусна FRST.exe, но в един момент от сканирането ми изписва, че програмата не отговаря, и това три пъти се повтори Сега видях, че на десктопа се е появил този файл Fixlog.txt Резултата от HitmanPro HitmanPro 3.7.9.225 www.hitmanpro.com Computer name . . . . : WIN-0NPUK6LIVHC Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : WIN-0NPUK6LIVHC\КОКО UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2014-09-26 16:44:04 Scan mode . . . . . . : Normal Scan duration . . . . : 3m 52s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 6 Objects scanned . . . : 1,627,439 Files scanned . . . . : 25,470 Remnants scanned . . : 439,632 files / 1,162,337 keys Suspicious files ____________________________________________________________ C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2,105,856 bytes Age . . . . . . . : 3.1 days (2014-09-23 14:24:28) Entropy . . . . . : 7.5 SHA-256 . . . . . : B36B465C69EE92024F9E2935C5CFBAE2683E2028A2FD0A8034A4187C4A7E36E7 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\Quarantine\ 38.7s C:\FRST\Hives\ 39.9s C:\FRST\Hives\ERDNT.INF 39.9s C:\FRST\Hives\ERDNT.CON 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\SECURITY 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ntuser.dat 48.8s C:\FRST\Hives\Users\00000002\ 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNTWIN.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\Users\КОКО\Desktop\FRST.txt C:\Users\КОКО\Desktop\FRST64.exe Size . . . . . . . : 2,108,928 bytes Age . . . . . . . : 0.2 days (2014-09-26 12:37:45) Entropy . . . . . : 7.5 SHA-256 . . . . . : AB0E01BD8C09B75A15C3B691974641B38B3D50F0C663FE34E9078E64FA0E35CE Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. References HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Classes\Local Settings\Software\Microsoft\Windows\Shell\MuiCache\C:\Users\КОКО\Desktop\FRST64.exe Forensic Cluster -1.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3C21EB89-6289-4FED-A775-85F3E4AE562F} -1.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3C21EB89-6289-4FED-A775-85F3E4AE562F} 0.0s C:\Users\КОКО\Desktop\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST64.exe Potential Unwanted Programs _________________________________________________ HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{54739D49-AC03-4C57-9264-C5195596B3A1} (Linkey) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro)
  4. Ха сега де, отвори ми се прозорец с червен Х и пише unable to open the script file Results of screen317's Security Check version 0.99.87 Windows 7 Service Pack 1 x64 (UAC is enabled) Internet Explorer 11 Error creating install.txt after 3 tries! Trying alternate method... ``````````````Antivirus/Firewall Check:`````````````` Windows Firewall Enabled! Microsoft Security Essentials Antivirus up to date! `````````Anti-malware/Other Utilities Check:````````` Java 7 Update 1 (64-bit) Java version out of Date! Google Chrome 37.0.2062.120 Google Chrome 37.0.2062.124 ````````Process Check: objlist.exe by Laurent```````` Microsoft Security Essentials MSMpEng.exe Microsoft Security Essentials msseces.exe Malwarebytes Anti-Malware mbamservice.exe Malwarebytes Anti-Malware mbam.exe Malwarebytes Anti-Malware mbamscheduler.exe `````````````````System Health check````````````````` Total Fragmentation on Drive C: 0% ````````````````````End of Log``````````````````````
  5. Програмата изисква ключ за да тръгне
  6. Мисля, че всичко е наред, работи нормално.
  7. Fixlog.txt HitmanPro 3.7.9.225 www.hitmanpro.com Computer name . . . . : WIN-0NPUK6LIVHC Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : WIN-0NPUK6LIVHC\КОКО UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2014-09-26 12:42:47 Scan mode . . . . . . : Normal Scan duration . . . . : 6m 23s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 0 Traces . . . . . . . : 47 Objects scanned . . . : 1,902,063 Files scanned . . . . : 24,581 Remnants scanned . . : 439,662 files / 1,437,820 keys Suspicious files ____________________________________________________________ C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe Size . . . . . . . : 2,105,856 bytes Age . . . . . . . : 2.9 days (2014-09-23 14:24:28) Entropy . . . . . : 7.5 SHA-256 . . . . . : B36B465C69EE92024F9E2935C5CFBAE2683E2028A2FD0A8034A4187C4A7E36E7 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST-OlderVersion\FRST64.exe 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\Quarantine\ 38.7s C:\FRST\Hives\ 39.9s C:\FRST\Hives\ERDNT.INF 39.9s C:\FRST\Hives\ERDNT.CON 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\SECURITY 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ntuser.dat 48.8s C:\FRST\Hives\Users\00000002\ 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNTWIN.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\Users\КОКО\Desktop\FRST.txt C:\Users\КОКО\Desktop\FRST64.exe Size . . . . . . . : 2,108,928 bytes Age . . . . . . . : 0.0 days (2014-09-26 12:37:45) Entropy . . . . . : 7.5 SHA-256 . . . . . : AB0E01BD8C09B75A15C3B691974641B38B3D50F0C663FE34E9078E64FA0E35CE Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster -1.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3C21EB89-6289-4FED-A775-85F3E4AE562F} -1.1s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{3C21EB89-6289-4FED-A775-85F3E4AE562F} 0.0s C:\Users\КОКО\Desktop\FRST64.exe 0.0s C:\Users\КОКО\Desktop\FRST64.exe Potential Unwanted Programs _________________________________________________ HKLM\SOFTWARE\Classes\AppID\iedll.dll\ (Linkey) HKLM\SOFTWARE\Classes\Interface\{34AD1EA7-8B9E-4D8B-B3ED-365D12C8EE73}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{35BBB95B-2CE4-4A9E-BDED-50EFD632AC00}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{6605E3BD-7BC3-479C-BF0A-E5D5E954EA52}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{93F0AC70-20D8-4AE8-A02F-6812EFFB6B58}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{94E98D20-156E-4C53-BD7F-972C96E680B2}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{A266567F-8E5D-480C-BCE2-C360FA669FD5}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{CE4F67F6-4FD4-49DB-9D71-713CCD3D00CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{FB32408C-E182-443C-B15E-1E3C721E29EC}\ (MindSpark) HKLM\SOFTWARE\Classes\TypeLib\{FC39A9F4-77FF-4595-BDEC-8B768C481257}\ (MindSpark) HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start.1\ (MindSpark) HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\iedll.dll\ (Linkey) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\ (Linkey) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FB32408C-E182-443C-B15E-1E3C721E29EC}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{FC39A9F4-77FF-4595-BDEC-8B768C481257}\ (MindSpark) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASAPI32\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASMANCS\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) HKLM\SOFTWARE\Wow6432Node\VideoDownloadConverter_4zEI\ (MindSpark) HKLM\SYSTEM\ControlSet001\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\ControlSet001\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKLM\SYSTEM\ControlSet002\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\ControlSet002\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKU\.DEFAULT\Software\AskPartnerNetwork\ (AskBar) HKU\S-1-5-18\Software\AskPartnerNetwork\ (AskBar) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\AppDataLow\Software\VideoDownloadConverter_4zEI\ (MindSpark) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{54739D49-AC03-4C57-9264-C5195596B3A1} (Linkey) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro)
  8. Така намерих скритата папка HitmanPro 3.7.9.225 www.hitmanpro.com Computer name . . . . : WIN-0NPUK6LIVHC Windows . . . . . . . : 6.1.1.7601.X64/2 User name . . . . . . : WIN-0NPUK6LIVHC\КОКО UAC . . . . . . . . . : Enabled License . . . . . . . : Free Scan date . . . . . . : 2014-09-25 20:20:43 Scan mode . . . . . . : Normal Scan duration . . . . : 4m 50s Disk access mode . . : Direct disk access (SRB) Cloud . . . . . . . . : Internet Reboot . . . . . . . : No Threats . . . . . . . : 1 Traces . . . . . . . : 61 Objects scanned . . . : 1,640,301 Files scanned . . . . : 35,281 Remnants scanned . . : 442,685 files / 1,162,335 keys Malware _____________________________________________________________________ C:\Users\КОКО\AppData\LocalLow\Piomem.dll Size . . . . . . . : 461,364 bytes Age . . . . . . . : 160.1 days (2014-04-18 18:42:05) Entropy . . . . . : 4.8 SHA-256 . . . . . : EBE9A289635A6B0D0360997B2130557EBD143995502C7AA8A49715CC75DB8F18 Product . . . . . : MapEditor Publisher . . . . : Description . . . : MapEditor Version . . . . . : 1.0.0.1 LanguageID . . . . : 4100 > Bitdefender . . . : Gen:Trojan.Heur.GM.C00080E008 Fuzzy . . . . . . : 103.0 Suspicious files ____________________________________________________________ C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe Size . . . . . . . : 2,105,856 bytes Age . . . . . . . : 2.2 days (2014-09-23 14:24:28) Entropy . . . . . : 7.5 SHA-256 . . . . . : B36B465C69EE92024F9E2935C5CFBAE2683E2028A2FD0A8034A4187C4A7E36E7 Needs elevation . : Yes Fuzzy . . . . . . : 24.0 Program has no publisher information but prompts the user for permission elevation. Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs. Authors name is missing in version info. This is not common to most programs. Version control is missing. This file is probably created by an individual. This is not typical for most programs. Time indicates that the file appeared recently on this computer. Forensic Cluster 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 0.0s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$R61BRY9.exe 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 2.8s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{D87FAC93-3FD0-47F7-ADE5-3137D7EB1801} 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.5s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\MetaStore\2\74\39C617DCA88D1772.dat 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 12.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{7ECCC596-F85E-47BD-8E8D-3846EFC96F5A} 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\Logs\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\ 38.7s C:\FRST\Quarantine\ 38.7s C:\FRST\Hives\ 39.9s C:\FRST\Hives\ERDNT.INF 39.9s C:\FRST\Hives\ERDNT.CON 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 39.9s C:\FRST\Hives\SYSTEM 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\BCD 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 40.2s C:\FRST\Hives\SOFTWARE 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 41.6s C:\ProgramData\Microsoft\Microsoft Antimalware\Scans\History\Results\Resource\{84C6079B-2DF1-4212-8378-AAE5CCDA0C75} 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\DEFAULT 48.6s C:\FRST\Hives\SECURITY 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\SAM 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ 48.6s C:\FRST\Hives\Users\00000001\ntuser.dat 48.8s C:\FRST\Hives\Users\00000002\ 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 48.8s C:\FRST\Hives\Users\00000002\UsrClass.dat 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNT.EXE 49.2s C:\FRST\Hives\ERDNTWIN.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\FRST\Hives\ERDNTDOS.LOC 49.2s C:\$Recycle.Bin\S-1-5-21-172061898-1440032916-3299485617-1000\$RDQH2ZI.txt Potential Unwanted Programs _________________________________________________ C:\Program Files (x86)\VideoDownloadConverter_4zEI\ (MindSpark) C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\ (MindSpark) C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEIPlug.dll (MindSpark) Size . . . . . . . : 55,952 bytes Age . . . . . . . : 592.8 days (2013-02-10 00:46:58) Entropy . . . . . : 4.9 SHA-256 . . . . . : F32B4CF45A10FD76DF09A2BFBCC8D181F24B1004D2AFD3E0F21A61185ABE9240 Product . . . . . : VideoDownloadConverter Installer Plugin Publisher . . . . : VideoDownloadConverter Description . . . : VideoDownloadConverter Installer Plugin for 32-bit Windows Version . . . . . : 1.1.0.4 Copyright . . . . : Copyright © 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010 RSA Key Size . . . : 2048 LanguageID . . . . : 1033 Authenticode . . . : Valid Fuzzy . . . . . . : -15.0 C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEZSETP.dll (MindSpark) Size . . . . . . . : 252,560 bytes Age . . . . . . . : 592.8 days (2013-02-10 00:46:58) Entropy . . . . . : 6.1 SHA-256 . . . . . : AE2F54C84E29A27375863AF53E48528B5A9020B2945098825B0846164ADB7B0D Product . . . . . : VideoDownloadConverter Easy Installer Publisher . . . . : VideoDownloadConverter Description . . . : VideoDownloadConverter Easy Installer Version . . . . . : 1.2.8.4 Copyright . . . . : Copyright © 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 RSA Key Size . . . : 2048 LanguageID . . . . : 1033 Authenticode . . . : Valid Fuzzy . . . . . . : -15.0 C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISb.dll (MindSpark) Size . . . . . . . : 31,384 bytes Age . . . . . . . : 592.8 days (2013-02-10 00:46:58) Entropy . . . . . : 3.4 SHA-256 . . . . . : A31CB3528530CAF511E687C0047B4D90D10B59A0D68C75EBCF5A1A6264D69E59 Product . . . . . : VideoDownloadConverter Installer Plugin Stub Publisher . . . . : VideoDownloadConverter Description . . . : VideoDownloadConverter Installer Plugin Stub for 32-bit Windows Version . . . . . : 1.0.0.1 Copyright . . . . : Copyright © 2005, 2006, 2007, 2008, 2009 RSA Key Size . . . : 2048 LanguageID . . . . : 1033 Authenticode . . . : Valid Fuzzy . . . . . . : -15.0 C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileParade bundle uninstaller\ (Sweetpacks) HKLM\SOFTWARE\Classes\AppID\iedll.dll\ (Linkey) HKLM\SOFTWARE\Classes\Interface\{34AD1EA7-8B9E-4D8B-B3ED-365D12C8EE73}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{35BBB95B-2CE4-4A9E-BDED-50EFD632AC00}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{3BA6794F-1E38-4460-949A-0DE97D8EF5C2}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{3CBA93EA-AEC3-4EC3-9EFD-D96A661B639D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\ (Linkey) HKLM\SOFTWARE\Classes\Interface\{46CE5380-6055-4C3A-A7E5-3A02A2335C61}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{4F6ECF71-C575-4BD2-8EF7-548D0EF1AB1D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{54D99BE4-2FD7-449E-9DB4-76532CEE0B16}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{5684EAE9-72EB-4CA6-83B8-82434B7E955C}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{5A96E574-F8A6-4F6A-B58D-79C14B698017}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{6605E3BD-7BC3-479C-BF0A-E5D5E954EA52}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{66D59105-FE06-43A4-B292-EB0097E9EB74}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{7FCD22A8-B70A-4AC7-AAF1-EBCCD2F6612D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{9103C314-C4E2-4463-8934-B19BCB46236D}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{93F0AC70-20D8-4AE8-A02F-6812EFFB6B58}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{94E98D20-156E-4C53-BD7F-972C96E680B2}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{A266567F-8E5D-480C-BCE2-C360FA669FD5}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{CE4F67F6-4FD4-49DB-9D71-713CCD3D00CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{ECC69F9E-5456-4EDF-AF66-1A9DED11F9EE}\ (MindSpark) HKLM\SOFTWARE\Classes\Interface\{FB32408C-E182-443C-B15E-1E3C721E29EC}\ (MindSpark) HKLM\SOFTWARE\Classes\TypeLib\{FC39A9F4-77FF-4595-BDEC-8B768C481257}\ (MindSpark) HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start.1\ (MindSpark) HKLM\SOFTWARE\Classes\VideoDownloadConverter_4zInstaller.Start\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\AppID\iedll.dll\ (Linkey) HKLM\SOFTWARE\Classes\Wow6432Node\CLSID\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{4613B1C1-FBC0-43C3-A4B9-B1D6CD360BB3}\ (Linkey) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{CA021789-C8CD-4676-BC40-90077A19D5CD}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\Interface\{FB32408C-E182-443C-B15E-1E3C721E29EC}\ (MindSpark) HKLM\SOFTWARE\Classes\Wow6432Node\TypeLib\{FC39A9F4-77FF-4595-BDEC-8B768C481257}\ (MindSpark) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASAPI32\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Tracing\TBNotifier_RASMANCS\ (AskBar) HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122a36-83b2-46b8-b39a-ec72a4614a07}\ (MindSpark) HKLM\SOFTWARE\Wow6432Node\MozillaPlugins\@ei.VideoDownloadConverter_4z.com/Plugin\ (MindSpark) HKLM\SOFTWARE\Wow6432Node\VideoDownloadConverter_4zEI\ (MindSpark) HKLM\SYSTEM\ControlSet001\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\ControlSet001\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKLM\SYSTEM\ControlSet002\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\ControlSet002\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SPBIUPDD\ (ShopperPro) HKLM\SYSTEM\CurrentControlSet\Control\Class\{0014298C-A9BA-440D-AAA8-AD12C7010EE5}\ (ShopperPro) HKLM\SYSTEM\CurrentControlSet\Control\Class\{181A06EA-B82C-47DE-B851-E20FD0E1CC7D}\ (ShopperPro) HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_F06DEFF2-5B9C-490D-910F-35D3A9119622\ (Linkey) HKU\.DEFAULT\Software\AskPartnerNetwork\ (AskBar) HKU\S-1-5-18\Software\AskPartnerNetwork\ (AskBar) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\AppDataLow\Software\VideoDownloadConverter_4zEI\ (MindSpark) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\Approved Extensions\{54739D49-AC03-4C57-9264-C5195596B3A1} (Linkey) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Internet Explorer\ApprovedExtensionsMigration\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}\ (MindSpark) HKU\S-1-5-21-172061898-1440032916-3299485617-1000\Software\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID\{A5A51D2A-505A-4D84-AFC6-E0FA87E47B8C} (ShopperPro)
  9. Здравейте, изпълних сканирането по описания начин, но забива на 96 %, повторих и отново на същото място пак спря. Вторият път маркирах стоп и продължих, съгласно инструкциите и ето резултата C:\AdwCleaner\Quarantine\C\ProgramData\IePluginServices\PluginService.exe.vir a variant of Win32/ELEX.AV potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\0482~1\AppData\Local\Temp\OCS\ocs_v71b.exe.vir a variant of Win32/DownloadSponsor.A potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\0482~1\AppData\Local\Temp\OCS\Downloads\3676090eded622c6bec547ed78bdf6d1\a6d8d396eb31a7fa7daa488d7ee4d180\SLOW-PCfighter_light.exe.vir a variant of Win32/SlowPCfighter potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\????\AppData\Roaming\newnext.me\nengine.dll.vir Win32/NextLive.A potentially unwanted application C:\AdwCleaner\Quarantine\C\Users\????\AppData\Roaming\OpenCandy\BF6625C8A363424980229302853219EB\SettingsManagerSetup.exe.vir a variant of Win32/Toolbar.SearchSuite.U potentially unwanted application C:\AdwCleaner\Quarantine\C\Windows\System32\drivers\{00c97d86-accb-4288-9972-6d929c1fe93a}Gw64.sys.vir a variant of Win64/Riskware.NetFilter.F application C:\Program Files\WinZip\Utils\WzSysScan\WINZIPSSRegClean.exe a variant of Win32/Systweak potentially unwanted application C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEIPlug.dll Win32/Toolbar.MyWebSearch potentially unwanted application C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\4zEZSETP.dll a variant of Win32/Toolbar.MyWebSearch.Q potentially unwanted application C:\Program Files (x86)\VideoDownloadConverter_4zEI\Installr\1.bin\NP4zEISb.dll Win32/Toolbar.MyWebSearch potentially unwanted application
  10. Нааправих го, но пак не намирам C:ProgramdataHitmanProLogs
  11. Простете невежеството ми, но не мога да открия C:ProgramdataHitmanProLogs Досега рових в С -то и нищо. Къде да търся? Благодаря за търпението
  12. Здравейте отново, сканирането с първата програма Malwarebytes Anti-Malware.txt HitmanPro_20140924_1019.xml сканиране с другата програма От тук нататък какво следва? От време на време ми изкача прозорче на антивирусната Malwarebytes Anti-Malware, така ли трябва да бъде? И всъщност тази програма ли да оставя на лаптопа, досега използвана е Microsoft security essentials.
  13. Здравейте, за сега всичко е ОК, за което много Ви благодаря!
  14. Ужассс, а уж не съм руса ... Обаче сканирах първо с JRT, резултата JRT.txt Сега пробвах да направя това, което съм пропуснала, обаче ми изписва, че няма такъв файл. Къде бъркам ? Мдааа грешката е в моят телевизор, ето резултата Fixlog.txt
  15. Изпълних сканиране и почистване с adwcleaner_3.310 , резултата е AdwCleanerS0.txt Сега продължавам със следващата стъпка
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.