Премини към съдържанието
m0skvi4a

Вирус от Facebook след отваряне на клип [РЕШЕН]

    Препоръчан отговор


    Вирусът се казва ufa.exe и като се стартира вентилатора на процесора вдига макс обороти и CPU usage 100% трябва да го спра от task manager-а иначе процесора вдига градуси. След 1 минута пак се стартира и като го спра вече млъква. Разполагам с диск с Windows 7 sp1 - същият който използвам ето резултати от DDS: DDS . DDS (Ver_2011-06-23.01) - NTFSx86 Internet Explorer: 9.0.8112.16421 Run by user at 21:11:59 on 2011-07-24 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.2047.1106 [GMT 3:00] . SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\system32\taskhost.exe C:\Windows\system32\Dwm.exe C:\Windows\Explorer.EXE C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe C:\Windows\system32\HPSIsvc.exe C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe C:\Program Files\MonitorSoftware\UPSMS.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\MonitorSoftware\jre\bin\javaw.exe C:\Windows\system32\PnkBstrA.exe C:\Windows\update.5.0\svchost.exe srv C:\Windows\update.2\svchost.exe srv "C:\Windows\update.5.0\svchost.exe" stand C:\Windows\sysdriver32.exe C:\Program Files\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe C:\Windows\system32\svchost.exe -k imgsvc C:\PROGRA~1\MONITO~1\monitor.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\MonitorSoftware\jre\bin\javaw.exe C:\Windows\update.1\svchost.exe srv C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe "C:\Windows\update.2\svchost.exe" stand C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\PROGRA~1\MONITO~1\wpRMI.exe C:\Program Files\MonitorSoftware\jre\bin\javaw.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Program Files\Skype\Phone\Skype.exe C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Windows\system32\rundll32.exe C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe C:\Users\user\AppData\Local\Google\Chrome\Application\chrome.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\taskhost.exe C:\Windows\system32\SearchProtocolHost.exe C:\Windows\system32\SearchFilterHost.exe C:\Windows\system32\conhost.exe C:\Windows\system32\wbem\wmiprvse.exe . ============== Pseudo HJT Report =============== . uSearch Page = uStart Page = about:blank uDefault_Page_URL = hxxp://www.msi-china.com uSearch Bar = BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File BHO: Skype add-on for Internet Explorer: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll EB: GoogleBar: {31dafb0b-1090-4e86-91db-11a77fba5361} - c:\users\user\appdata\roaming\google.com\googlebar\adxloader.dll uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun mRun: [RtHDVCpl] c:\program files\realtek\audio\hda\RtHDVCpl.exe -s mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s mRun: [uPSMS] c:\program files\monitorsoftware\UPSMS.exe mPolicies-system: ConsentPromptBehaviorAdmin = 5 (0x5) mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3) mPolicies-system: EnableLUA = 0 (0x0) mPolicies-system: EnableSecureUIAPaths = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/pub/shockwave/cabs/flash/swflash.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.26.0.cab TCP: DhcpNameServer = 192.168.1.1 TCP: Interfaces\{7B9A5871-45EF-4739-9952-D8124605F80A} : DhcpNameServer = 192.168.1.1 Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - %SystemRoot%\system32\wpdshserviceobj.dll . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168] R2 HPSIService;HP SI Service;c:\windows\system32\HPSIsvc.exe [2011-2-3 99896] R2 srvbtcclient;srvbtcclient;c:\windows\update.5.0\svchost.exe srv --> c:\windows\update.5.0\svchost.exe srv [?] R2 srviecheck;srviecheck;c:\windows\update.2\svchost.exe srv --> c:\windows\update.2\svchost.exe srv [?] R2 srvsysdriver32;srvsysdriver32;c:\windows\sysdriver32.exe srv --> c:\windows\sysdriver32.exe srv [?] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;c:\program files\nvidia corporation\3d vision\nvSCPAPISvr.exe [2011-1-7 378984] R2 UPSmonitor;UPSmonitor;c:\progra~1\monito~1\monitor.exe -zglaxservice upsmonitor --> c:\progra~1\monito~1\monitor.exe -zglaxservice UPSmonitor [?] R2 wxpdrivers;wxpdrivers;c:\windows\update.1\svchost.exe srv --> c:\windows\update.1\svchost.exe srv [?] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 21968] R3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\drivers\Rt86win7.sys [2009-3-2 139776] R3 UPSRMI;UPSRMI;c:\progra~1\monito~1\wprmi.exe -zglaxservice upsrmi --> c:\progra~1\monito~1\wpRMI.exe -zglaxservice UPSRMI [?] R3 vmcam325av;Vimicro USB2.0 PC Camera(VC0323);c:\windows\system32\drivers\vmcam323av.sys [2011-2-3 232448] R3 vvftav323;vvftav323;c:\windows\system32\drivers\vvftav323.sys [2011-2-3 475136] S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?] S2 avgwd;AVG WatchDog;"c:\program files\avg\avg10\avgwdsvc.exe" --> c:\program files\avg\avg10\avgwdsvc.exe [?] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2011-2-3 136176] S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0;c:\windows\system32\drivers\b57nd60x.sys [2009-7-14 229888] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2011-2-3 136176] S3 maconfservice;Ma-Config Service;c:\program files\ma-config.com\maconfservice.exe [2011-4-12 311744] S3 MSI_MSIBIOS_010507;MSI_MSIBIOS_010507;c:\program files\msi\live update 5\msibios32_100507.sys [2011-7-17 25912] S3 mvusbews;USB EWS Device;c:\windows\system32\drivers\mvusbews.sys [2011-2-3 17408] S3 NTIOLib_1_0_4;NTIOLib_1_0_4;c:\program files\msi\live update 5\NTIOLib.sys [2011-7-17 7680] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys [2011-3-7 15872] S3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\TsUsbFlt.sys [2011-3-7 52224] S3 VBoxUSB;VirtualBox USB;c:\windows\system32\drivers\VBoxUSB.sys [2011-1-18 31888] S3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\wat\WatAdminSvc.exe [2011-2-4 1343400] . =============== Created Last 30 ================ . 2011-07-24 18:09:55 -------- d-----w- c:\windows\ufa 2011-07-24 17:30:36 -------- d-----w- c:\windows\rpcminer 2011-07-24 17:30:36 -------- d-----w- c:\windows\phoenix 2011-07-24 17:29:23 114176 ----a-w- c:\windows\systemup.exe 2011-07-24 17:27:58 -------- d--h--w- c:\windows\update.5.0 2011-07-24 17:27:26 232960 ----a-w- c:\windows\l1rezerv.exe 2011-07-24 17:26:15 -------- d--h--w- c:\windows\update.2 2011-07-24 17:25:56 246272 ----a-w- c:\windows\unrar.exe 2011-07-24 17:21:17 -------- d--h--w- c:\windows\update.tray-15-0-lnk 2011-07-24 17:21:17 -------- d--h--w- c:\windows\update.tray-15-0 2011-07-24 17:17:33 247296 ----a-w- c:\windows\sysdriver32_.exe 2011-07-24 17:17:18 247296 ----a-w- c:\windows\sysdriver32.exe 2011-07-24 17:15:39 -------- d-----w- c:\windows\av_ico 2011-07-24 17:14:11 -------- d--h--w- c:\windows\update.1 2011-07-24 17:14:06 -------- d--h--w- c:\windows\update.tray-12-0-lnk 2011-07-24 17:14:06 -------- d--h--w- c:\windows\update.tray-12-0 2011-07-24 17:02:58 1174016 ----a-w- c:\windows\services32.exe 2011-07-17 18:32:51 -------- d-----w- c:\program files\MSI 2011-07-07 07:20:06 -------- d-----w- c:\users\user\appdata\roaming\TeamViewer 2011-07-06 15:57:19 -------- d-----w- c:\programdata\ma-config.com 2011-07-06 15:57:19 -------- d-----w- c:\program files\ma-config.com 2011-07-04 17:54:09 -------- d-----w- c:\program files\Logon 2011-06-29 11:31:48 293376 ----a-w- c:\windows\system32\umpnpmgr.dll 2011-06-29 11:31:45 427520 ----a-w- c:\windows\system32\SearchIndexer.exe 2011-06-29 11:31:45 1549312 ----a-w- c:\windows\system32\tquery.dll 2011-06-29 11:31:45 1401344 ----a-w- c:\windows\system32\mssrch.dll 2011-06-29 11:31:44 86528 ----a-w- c:\windows\system32\SearchFilterHost.exe 2011-06-29 11:31:44 666624 ----a-w- c:\windows\system32\mssvp.dll 2011-06-29 11:31:44 59392 ----a-w- c:\windows\system32\msscntrs.dll 2011-06-29 11:31:44 337408 ----a-w- c:\windows\system32\mssph.dll 2011-06-29 11:31:44 197120 ----a-w- c:\windows\system32\mssphtb.dll 2011-06-29 11:31:44 164352 ----a-w- c:\windows\system32\SearchProtocolHost.exe . ==================== Find3M ==================== . 2011-07-21 18:45:19 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2011-07-21 18:44:52 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2011-06-16 07:57:53 404640 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2011-06-12 18:24:19 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2011-06-12 18:06:19 22328 ----a-w- c:\users\user\appdata\roaming\PnkBstrK.sys 2011-06-11 02:29:25 2334208 ----a-w- c:\windows\system32\win32k.sys 2011-06-05 18:03:35 103736 ----a-w- c:\windows\system32\PnkBstrB.ex0 2011-06-03 06:01:04 169984 ----a-w- c:\windows\system32\winsrv.dll 2011-06-03 05:59:23 290816 ----a-w- c:\windows\system32\KernelBase.dll 2011-06-03 05:56:57 271872 ----a-w- c:\windows\system32\conhost.exe 2011-06-03 03:48:32 3584 ---ha-w- c:\windows\system32\api-ms-win-core-xstate-l1-1-0.dll 2011-06-03 03:48:31 6144 ---ha-w- c:\windows\system32\api-ms-win-security-base-l1-1-0.dll 2011-06-03 03:48:31 4608 ---ha-w- c:\windows\system32\api-ms-win-core-threadpool-l1-1-0.dll 2011-06-03 03:48:31 3072 ---ha-w- c:\windows\system32\api-ms-win-core-util-l1-1-0.dll 2011-05-03 04:30:02 741376 ----a-w- c:\windows\system32\inetcomm.dll 2011-04-29 02:46:33 311808 ----a-w- c:\windows\system32\drivers\srv.sys 2011-04-29 02:46:15 310272 ----a-w- c:\windows\system32\drivers\srv2.sys 2011-04-29 02:46:10 114688 ----a-w- c:\windows\system32\drivers\srvnet.sys 2011-04-27 02:17:36 223744 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2011-04-27 02:17:28 96768 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2011-04-27 02:17:22 123904 ----a-w- c:\windows\system32\drivers\mrxsmb.sys . ============= FINISH: 21:13:15,14 =============== attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-06-23.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 3.2.2011 г. 16:11:48 System Uptime: 24.7.2011 г. 20:58:57 (1 hours ago) . Motherboard: MSI | | MS-7267 Processor: Intel® Pentium® Dual CPU E2140 @ 1.60GHz | CPU 1 | 1596/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 49 GiB total, 24,709 GiB free. D: is FIXED (NTFS) - 100 GiB total, 59,529 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP224: 24.7.2011 г. 16:08:36 - Installed Windows Media Player Firefox Plugin . ==== Installed Programs ====================== . . µTorrent 2007 Microsoft Office Suite Service Pack 2 (SP2) Acrobat.com Adobe AIR Adobe Flash Player 10 ActiveX Adobe Reader 9.4.5 AVG 2011 BlueSoleil Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Camtasia Studio 5 CCleaner Chinese Simplified Fonts Support For Adobe Reader 9 Chinese Traditional Fonts Support For Adobe Reader 9 Counter-Strike 1.6 FLIP 2.2.2 GIMP 2.6.8 Google Земя Google Chrome Google Update Helper GoogleBar HP LaserJet Professional M1130-M1210 MFP Series K-Lite Mega Codec Pack 6.2.0 LineIn plugin for WinAMP v1.80 (remove only) Live Update 5 Lyrics Plugin for Winamp Ma-Config.com Microsoft .NET Framework 4 Client Profile Microsoft Office Access 2007 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Excel 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office InfoPath 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office PowerPoint 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word 2007 Microsoft Office Word MUI (English) 2007 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Nero 8 Lite NVIDIA 3D Vision Driver 266.58 NVIDIA Control Panel 266.58 NVIDIA Graphics Driver 266.58 NVIDIA Install Application NVIDIA PhysX NVIDIA PhysX System Software 9.10.0514 NVIDIA Stereoscopic 3D Driver Oracle VM VirtualBox 4.0.2 Realtek High Definition Audio Driver RKit 6.1 Scan To Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Skype Toolbars Skype™ 4.2 SpeedFan (remove only) System Requirements Lab CYRI UltraISO Premium V9.32 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 Help (KB963665) Vimicro USB2.0 PC Camera(VC0323) VirtualCloneDrive Winamp Windows 7 Manager Winpower WinRAR archiver ZSMC USB PC Camera (ZS211) . ==== Event Viewer Messages From Past Week ======== . 24.7.2011 г. 20:59:48, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:59:38, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:59:14, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.7.2011 г. 20:42:27, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:42:18, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:42:02, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.7.2011 г. 20:41:16, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:01, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:00, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:00, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:41:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:41:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 24.7.2011 г. 20:41:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 24.7.2011 г. 20:41:00, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 24.7.2011 г. 20:40:58, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:40:58, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 24.7.2011 г. 20:40:50, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 24.7.2011 г. 20:40:40, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx VBoxDrv VBoxUSBMon Wanarpv6 WfpLwf 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:40:37, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:22:45, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:22:38, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:22:21, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:21:24, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39} 24.7.2011 г. 20:21:21, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:21, Error: Service Control Manager [7001] - The Network List Service service depends on the Network Location Awareness service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:21:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netprofm with arguments "" in order to run the server: {A47979D2-C419-11D9-A5B4-001185AD2B89} 24.7.2011 г. 20:21:21, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1068" attempting to start the service netman with arguments "" in order to run the server: {BA126AD1-2166-11D1-B1D0-00805FC1270E} 24.7.2011 г. 20:21:20, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 24.7.2011 г. 20:21:17, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:21:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC} 24.7.2011 г. 20:21:01, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx VBoxDrv VBoxUSBMon Wanarpv6 WfpLwf 24.7.2011 г. 20:20:59, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:20:59, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:20:59, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:20:59, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:20:59, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:20:58, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:20:58, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:20:58, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:20:58, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:20:58, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:15:35, Error: Service Control Manager [7000] - The AVGIDSAgent service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:15:27, Error: Service Control Manager [7000] - The AVG WatchDog service failed to start due to the following error: The system cannot find the file specified. 24.7.2011 г. 20:15:14, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 24.7.2011 г. 20:14:12, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:14:07, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030} 24.7.2011 г. 20:13:51, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: AFD Avgldx86 Avgmfx86 Avgtdix CSC DfsC discache ElbyCDIO NetBIOS NetBT nsiproxy Psched rdbss spldr tdx VBoxDrv VBoxUSBMon Wanarpv6 WfpLwf 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The Workstation service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The TCP/IP NetBIOS Helper service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The SMB MiniRedirector Wrapper and Engine service depends on the Redirected Buffering Sub Sysytem service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The SMB 2.0 MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The SMB 1.x MiniRedirector service depends on the SMB MiniRedirector Wrapper and Engine service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The Network Store Interface Service service depends on the NSI proxy service driver. service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The Network Location Awareness service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The IP Helper service depends on the Network Store Interface Service service which failed to start because of the following error: The dependency service or group failed to start. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The DNS Client service depends on the NetIO Legacy TDI Support Driver service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 20:13:47, Error: Service Control Manager [7001] - The DHCP Client service depends on the Ancillary Function Driver for Winsock service which failed to start because of the following error: A device attached to the system is not functioning. 24.7.2011 г. 09:12:09, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.7.2011 г. 15:32:29, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 23.7.2011 г. 10:16:30, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 22.7.2011 г. 18:51:37, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 22.7.2011 г. 10:11:50, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 21.7.2011 г. 19:46:31, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 21.7.2011 г. 09:15:30, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 20.7.2011 г. 18:29:47, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 20.7.2011 г. 08:58:13, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 19.7.2011 г. 17:21:01, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 19.7.2011 г. 07:59:42, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 18.7.2011 г. 19:37:01, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 18.7.2011 г. 09:18:57, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. 17.7.2011 г. 18:29:17, Error: Microsoft-Windows-Kernel-Processor-Power [6] - Some processor performance power management features have been disabled due to a known firmware problem. Check with the computer manufacturer for updated firmware. . ==== End Of File ===========================

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Здравейте,

    Следвайте следната инструкция за работа с OTL:

    • Изтеглете OTL.exe и го запазете на десктопа.
    • Стартирайте файла Публикувано изображение с двукратен клик на мишката.
    • Сложете отметка пред Scan All Users Публикувано изображение
    • Под менюто File Age => изберете 90 days
    • Под менюто Standard Registry => променете на ALL
    • Сложете отметки пред LOP и Purity Check
    • Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %USERPROFILE%\*.*
    %USERPROFILE%\AppData\Local\*.*
    %USERPROFILE%\AppData\Roaming\*.*
    %ProgramData%\*.*
    %CommonProgramFiles%\*.*
    %PROGRAMFILES%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    /md5start
    hlp.dat
    winlogon.exe
    wininit.exe
    userinit.exe
    explorer.exe
    volsnap.sys
    /md5stop
    
    • Натиснете маркираният в синьо бутон: Публикувано изображение.
    • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).
    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ok...след малко ще съм готов със скрипта...пак е изтрил антивирусната програма с лекота. Накрая ще оправим и този проблем.

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Просто да питам понеже при работа с google chrome над 15 минути ми дава грешка и windows се растартира влиза в safe mod пак се рестартира и се включва нормално. Това ще се оправили И ако си преинсталирам само диск C:/ ще бъде ли проблем за диск D:/ понеже не ми се прави отново пълна преинсталация .


    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Мисля, че ще се оправи:

    Деинсталирайте остатъците от AVG от Control Panel => Programs => Uninstall a program.

    След това стартирайте този инструмент за да доизчистите всичко от AVG => AVG Remover(32bit) 2011

    След това:

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :Processes
    killallprocesses
    :OTL
    SRV - File not found [Auto | Stopped] --  -- (avgwd)
    SRV - File not found [Auto | Stopped] --  -- (AVGIDSAgent)
    SRV - [2011.07.24 20:27:57 | 000,340,992 | ---- | M] () [Auto | Running] -- C:\Windows\update.5.0\svchost.exe -- (srvbtcclient)
    SRV - [2011.07.24 20:26:14 | 000,495,616 | ---- | M] () [Auto | Running] -- C:\Windows\update.2\svchost.exe -- (srviecheck)
    SRV - [2011.07.24 20:17:05 | 000,247,296 | ---- | M] () [Auto | Running] -- C:\Windows\sysdriver32.exe -- (srvsysdriver32)
    SRV - [2011.07.24 20:02:43 | 001,174,016 | -H-- | M] () [Auto | Running] -- C:\Windows\update.1\svchost.exe -- (wxpdrivers)
    DRV - [2011.04.14 21:28:30 | 000,134,480 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSDriver.sys -- (AVGIDSDriver)
    DRV - [2011.04.05 00:59:56 | 000,297,168 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
    DRV - [2011.03.16 16:03:20 | 000,032,592 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\system32\DRIVERS\avgrkx86.sys -- (Avgrkx86)
    DRV - [2011.03.01 14:25:18 | 000,034,896 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
    DRV - [2011.02.22 08:12:50 | 000,022,992 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\AVGIDSEH.Sys -- (AVGIDSEH)
    DRV - [2011.02.10 07:53:42 | 000,021,968 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSShim.sys -- (AVGIDSShim)
    DRV - [2011.02.10 07:53:40 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\AVGIDSFilter.sys -- (AVGIDSFilter)
    FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
    O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No CLSID value found.
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O4 - HKLM..\Run: [tray_ico]  File not found
    O4 - HKLM..\Run: [tray_ico0] C:\Windows\update.tray-12-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico1] C:\Windows\update.tray-15-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico2]  File not found
    O4 - HKLM..\Run: [tray_ico3]  File not found
    O4 - HKLM..\Run: [tray_ico4]  File not found
    O4 - HKLM..\Run: [wxpdrv] C:\Windows\services32.exe ()
    O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - Reg Error: Key error. File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgchsvx.exe /sync) -  File not found
    O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG10\avgrsx.exe /sync /restart) -  File not found
    :files
    C:\Windows\ufa
    C:\Windows\ufa.rar
    C:\Windows\rpcminer
    C:\Windows\rpcminer.rar
    C:\Windows\phoenix
    C:\Windows\phoenix.rar
    C:\Windows\update.5.0
    C:\Windows\update.2
    C:\Windows\update.tray-15-0-lnk
    C:\Windows\update.tray-15-0
    C:\Windows\av_ico
    C:\Windows\update.1
    C:\Windows\update.tray-12-0-lnk
    C:\Windows\update.tray-12-0
    C:\Windows\unrar.exe
    C:\Windows\info1
    C:\Windows\systemup.exe
    C:\Windows\l1rezerv.exe
    C:\Windows\geoiplist
    C:\Windows\geoiplist.rar
    C:\Windows\loader2.exe_ok
    C:\Windows\sysdriver32_.exe
    C:\Windows\sysdriver32.exe
    C:\Windows\services32.exe
    C:\Windows\System32\drivers\AVG
    C:\Users\user\AppData\Roaming\AVG10
    dir /s /a "C:\Users\user\AppData\Roaming\Google.com" /c
    dir /s /a "C:\Users\user\AppData\Roaming\ToolbarInstaller" /c
    dir /s /a "C:\Users\user\AppData\Roaming\FacebookHackerPro" /c
    dir /s /a "C:\ProgramData\GroupPolicy" /c
    dir /s /a "C:\Users\user\AppData\Roaming\system" /c
    :reg
    [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
    "FirewallOverride"=dword:00000000
    "DisableThumbnailCache"=dword:00000000
    "FirewallDisableNotify"=dword:00000000
    "UpdatesDisableNotify"=dword:00000000
    "AntiVirusDisableNotify"=dword:00000000
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
    "EnableFirewall"=dword:00000001
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
    "EnableFirewall"=dword:00000001
    :commands
    [resethosts]
    [reboot]
    
    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    заповядай нарочно го преименувах междудругото я виж с червено ограденото как да го оправя http://picbg.net/img.php?file=3a4496d594a0591e.png

    loggg.txt

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Има още доста работа по системата:

    Колкото до Action Center-a, това са поправими неща:

    Няма да има нужда да включваме Windows Defender след инсталирането на антивирусна (с това оправяме точка 1 и 2), а 3-тото съобщение го срещам за първи път, но и за него ще намерим решение...първо искам да проверим нещо.

    Така...да започваме:

    Отворете virustotal и с бутона Browse намерете файла:

    C:\Users\user\AppData\Roaming\Google.com\GoogleBar\adxloader64.dll

    Натиснете бутона SEND.

    Ако файла вече е анализирам, моля натиснете re-analyse.

    Публикувайте резултатите от проверката за този файл в следващяи си коментар.

    Повторете процедурата и за останалите файлове в папката...

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :files
    C:\Users\user\AppData\Roaming\system
    :commands
    [reboot]
    
    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    заповядай ей сега ще направя това с OTL Направих го с OTL но не ми се появи никакъв log и ми бутна настройките на папките да с е виждат всички

    AddinExprex.IE.txt

    adxloader.dll.manifest.txt

    adxloader.txt

    adxloader64.txt

    adxregistrator.exe.txt

    GoogleBar.txt

    Interop.SHDocVw.dll.txt

    Microsoft.mshtml.dll.txt

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Туко що пробвах пак но не става не се отваря лог. И да питам може ли вече да си сложа антивирусната

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    След това направете следните две проверки:

    • Изтеглете Malwarebytes' Anti-Malware оттук и я инсталирайте.
    • Стартирайте Malwarebytes' Anti-Malware и отидете на UPDATE и натиснете Check for updates.
    • След това се върнете на Scanner изберете Perform QUICK Scan, след това кликнете на Scan.
    • Сканирането ще отнеме малко време, затова моля бъдете търпеливи.
    • Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
    • Уверете се, че на всички редове има отметки, и кликнете Remove Selected.
    • Когато всичко бъде премахнато, логът ще бъде отворен в Notepad. Копирайте лога и го публикувайте в следващия си коментар в темата.

    Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

    Моля, изтеглете aswMBR и го запазете на вашия десктоп.

    • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
    • Изчакайте да изтегли дефинициите на avast!
    • От падащото меню посочете дял C:\ както е на снимката:
    Публикувано изображение
    • Изберете Scan бутона, за да започне проверката.
    • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.

    После кажете как е състоянието на машината.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Заповядай от първата програма

    Сега правя от втората

    изникна проблем със втората. даде ми грешка че програмата е спряла да работи и ми остана ето така

    http://picbg.net/img...9a275b9b822.png

    mbam-log-2011-07-25 (19-20-01).txt

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Добре, оставете aswMBR, ще използваме алтернативна програмка:

    Направете една проверка с Kaspersky Virus Removal Tool 2011

    След като стартирате инструмента, отидете до Settings (Иконата, която прилича на звездичка) сложете отметка пред My Computer.

    Публикувано изображение

    От опциите за почистване изберете Disinfect => но не избирайте delete if disinfection fails.

    Публикувано изображение

    Върнете се до Automatic Scan и натиснете Start Scanning.

    Публикувано изображение

    Ако по време на сканирането ви попита за дадено действие изберете skip.

    След като приключи проверката изберете Report, Иконата която прилича на листче, => Detected Threats изберете SAVE и запазете документа на десктопа.

    Публикувано изображение

    Kопирайте съдържанието му в следващия си пост.

    Затворете инструмента - това ше до деинсталира автоматично.

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    не мога да я сваля

    Моя грешка...използвайте този линк:

    http://devbuilds.kaspersky-labs.com/devbuilds/AVPTool/avptool11/setup_11.0.0.1245.x01_2011_07_25_19_26.exe

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    В момента сканирам но ми дава понякога отдолу едиси къв файл - password prtection проблем ли това ЕДИТ: Само да питам пише ми че ще свърши след 17 часа и стои само на 1% - това вярно ли е

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    В момента сканирам но ми дава понякога отдолу едиси къв файл - password prtection проблем ли това

    После ще се разбере от лог файла дали е проблем, но не мисля че ще е така. :angel19:

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :files
    C:\Documents and Settings\All Users\Microsoft\Windows Defender\LocalCopy
    C:\ProgramData\Microsoft\Windows Defender\LocalCopy
    C:\Users\All Users\Microsoft\Windows Defender\LocalCopy
    :commands
    [emptytemp]
    
    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    заповядай

    нарочно го преименувах

    междудругото я виж с червено ограденото как да го оправя

    http://picbg.net/img...6d594a0591e.png

    Само в галимацията не разбрах дали успяхте да изтриете тази папка:

    C:\Users\user\AppData\Roaming\system

    Иначе вече инсталирайте безплатна антивирусна като avast! 6.0.1203 Final или Avira AntiVir Personal 10.0.0.650 и вижте дали това решава проблема с Action Center-a (Ограденото кръгче от снимката ви).

    Други проблеми забелязват ли се ?

    За проблема с Google Chrome, пробвахте ли да го преинсталирате ?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Само да ви питам първо няколко неща

    1. Може ли да инсталирам отново AVG 2011 free вместо онези отгоре

    2. Да C:\Users\user\AppData\Roaming\system изтрита е

    3. нямам други проблеми

    4. Понеже вие ме накарахте да сканирам с Kaspersky Virus Removal Tool 2011

    тя откри 16 вируса а от вашият скрипт виждам че са изтрити само 3. Ами останалите 13 какво да ги правя

    5. може ли да изтрия Malwarebytes' Anti-Malware

    Редактирано от m0skvi4a (преглед на промените)

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    1. Да може. Щом харесвате повече AVG инсталирайте си нея. (но само 1 антивирусна).

    2. ОК.

    3. Супер

    4. Останалите открити вируси бяха в карантинната папка на OTL. Тази папка ще изчезне след деинсталацията на пакета...така че вирусите в папката C:\_OTL ще се изтрият и те. :handshake:

    Стартирайте OTL още веднъж и натиснете бутона CleanUp.

    Публикувано изображение

    Ако бъдете подканени да рестартирате, се съгласете.

    Изтрийте всички инструменти и логове на инструментите които сме използвали (и не са се изтрили след изпълнените досега процедури).

    Ако няма други въпроси ще маркирам случая като решен. :)

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Това не е антивирусна и ви съветвам да си я оставите за профилактични проверки, но решението си е ваше. По-принцип да може, но не препоръчвам. ;)

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.