Премини към съдържанието

    Препоръчан отговор


    Здравейте...с каква операционна система сте..?Има разлика и значение ..!

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %USERPROFILE%\*.*
    %USERPROFILE%\Application Data\*.*
    %USERPROFILE%\Local Settings\Application Data\*.*
    %AllUsersProfile%\*.*
    %AllUsersProfile%\Application Data\*.*
    %USERPROFILE%\My Documents\*.*
    %CommonProgramFiles%\*.*
    %PROGRAMFILES%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    /md5start
    hlp.dat
    winlogon.exe
    wininit.exe
    userinit.exe
    explorer.exe
    volsnap.sys
    /md5stop
    

    Всичко друго е по инструкциите в предната ми тема..!Очаквам логовете ви..!

    windows XP

    опа следвах инструкциите за windows 7 :) ще чакам

    Именно за това ви казвам да не бързате ...! :begging:

    • Харесва ми 3

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Eто ги. А да питам с каква цел го правим това :begging: На мен не ми дава да си инсталирам антивурусна и какви други поразии ми е направили?

    Extras.Txt

    OTL.Txt


    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :Processes
    killallprocesses
    :OTL
    SRV - File not found [Disabled | Stopped] --  -- (HidServ)
    SRV - File not found [On_Demand | Stopped] --  -- (aspnet_state)
    SRV - File not found [Auto | Stopped] --  -- (AntiVirService)
    SRV - File not found [Auto | Stopped] --  -- (AntiVirSchedulerService)
    SRV - [2011.07.24 17:49:27 | 000,340,992 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\update.5.0\svchost.exe -- (srvbtcclient)
    SRV - [2011.07.24 17:45:30 | 000,247,296 | ---- | M] () [Auto | Stopped] -- C:\WINDOWS\sysdriver32.exe -- (srvsysdriver32)
    SRV - [2011.07.24 17:23:46 | 001,174,016 | -H-- | M] () [Auto | Stopped] -- C:\WINDOWS\update.1\svchost.exe -- (wxpdrivers)
    O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
    O4 - HKLM..\Run: [3068006.exe] C:\Documents and Settings\juli\Local Settings\Temp\3068006.exe ()
    O4 - HKLM..\Run: [42386560-loader2.exe] C:\WINDOWS\TEMP\42386560-loader2.exe ()
    O4 - HKLM..\Run: [5815783.exe] C:\WINDOWS\TEMP\5815783.exe ()
    O4 - HKLM..\Run: [6211344.exe] C:\Documents and Settings\juli\Local Settings\Temp\6211344.exe ()
    O4 - HKLM..\Run: [845478.exe] C:\WINDOWS\TEMP\845478.exe ()
    O4 - HKLM..\Run: [9312951.exe] C:\WINDOWS\TEMP\9312951.exe ()
    O4 - HKLM..\Run: [avgnt]  File not found
    O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
    O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
    O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
    O4 - HKLM..\Run: [tray_ico]  File not found
    O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-8-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-13-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico2]  File not found
    O4 - HKLM..\Run: [tray_ico3]  File not found
    O4 - HKLM..\Run: [tray_ico4]  File not found
    O4 - HKLM..\Run: [userinit]  File not found
    O4 - HKLM..\Run: [w_distrib.exe] C:\WINDOWS\update.3\svchost.exe ()
    O4 - HKLM..\Run: [wxpdrv] C:\WINDOWS\services32.exe ()
    O4 - HKU\S-1-5-21-2025429265-1957994488-1801674531-1003..\Run: [Search Protection]  File not found
    O4 - HKU\S-1-5-21-2025429265-1957994488-1801674531-1003..\Run: [userinit]  File not found
    O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2]  File not found
    O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2]  File not found
    O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2]  File not found
    O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2]  File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    [2011.07.25 12:57:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-13-0-lnk
    [2011.07.25 12:57:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-13-0
    [2011.07.24 17:50:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
    [2011.07.24 17:50:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
    [2011.07.24 17:50:38 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
    [2011.07.24 17:49:29 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
    [2011.07.24 17:47:59 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.3
    [2011.07.24 17:47:54 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
    [2011.07.24 17:41:11 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
    [2011.07.24 17:39:23 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
    [2011.07.24 17:37:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-8-0-lnk
    [2011.07.24 17:37:22 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-8-0
    [2011.07.24 17:47:35 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
    [2011.07.24 17:46:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
    [2011.07.24 17:45:30 | 000,247,296 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
    [2011.07.24 17:45:30 | 000,247,296 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
    [2011.07.24 17:23:46 | 001,174,016 | ---- | M] () -- C:\WINDOWS\services32.exe
    [2011.07.24 17:51:01 | 000,000,177 | ---- | M] () -- C:\WINDOWS\info1
    [2011.07.24 17:50:37 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
    [2011.07.24 17:50:37 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
    [2011.07.24 17:50:37 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
    [2011.07.24 17:50:36 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
    [2011.07.24 17:48:40 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
    [2011.07.24 17:47:35 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
    [2011.07.24 17:46:40 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
    [2011.07.24 17:45:30 | 000,247,296 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
    [2011.07.24 17:45:30 | 000,247,296 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
    [2011.07.24 17:23:46 | 001,174,016 | ---- | M] () -- C:\WINDOWS\services32.exe
    @Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8
    @Alternate Data Stream - 103 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\WINDOWS\services32.exe" =-
    "C:\WINDOWS\update.tray-8-0\svchost.exe" =-
    "C:\WINDOWS\update.tray-8-0-lnk\svchost.exe" =-
    "C:\WINDOWS\update.2\svchost.exe" =-
    "C:\WINDOWS\update.3\svchost.exe" =-
    :files
    autorun.inf /alldrives
    autorun.exe /alldrives
    recycler /alldrives
    ipconfig /flushdns /c
     
    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [emptyflash]
    [Reboot]
    

    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Имате голяма грешка..!Прочетете внимателно предния ми пост..!Вие не сте изпълнили скрипта а сте направили ново сканиране...!

    • Харесва ми 2

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    All processes killed

    ========== PROCESSES ==========

    ========== OTL ==========

    Service HidServ stopped successfully!

    Service HidServ deleted successfully!

    Service aspnet_state stopped successfully!

    Service aspnet_state deleted successfully!

    Service AntiVirService stopped successfully!

    Service AntiVirService deleted successfully!

    Service AntiVirSchedulerService stopped successfully!

    Service AntiVirSchedulerService deleted successfully!

    Service srvbtcclient stopped successfully!

    Service srvbtcclient deleted successfully!

    C:\WINDOWS\update.5.0\svchost.exe moved successfully.

    Service srvsysdriver32 stopped successfully!

    Service srvsysdriver32 deleted successfully!

    C:\WINDOWS\sysdriver32.exe moved successfully.

    Service wxpdrivers stopped successfully!

    Service wxpdrivers deleted successfully!

    C:\WINDOWS\update.1\svchost.exe moved successfully.

    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{02478D38-C3F9-4efb-9B51-7695ECA05670}\ not found.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\3068006.exe deleted successfully.

    C:\Documents and Settings\juli\Local Settings\Temp\3068006.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\42386560-loader2.exe deleted successfully.

    C:\WINDOWS\Temp\42386560-loader2.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\5815783.exe deleted successfully.

    C:\WINDOWS\Temp\5815783.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\6211344.exe deleted successfully.

    C:\Documents and Settings\juli\Local Settings\Temp\6211344.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\845478.exe deleted successfully.

    C:\WINDOWS\Temp\845478.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\9312951.exe deleted successfully.

    C:\WINDOWS\Temp\9312951.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avgnt deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe deleted successfully.

    C:\WINDOWS\l1rezerv.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.

    File C:\WINDOWS\sysdriver32.exe not found.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.

    C:\WINDOWS\sysdriver32_.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 deleted successfully.

    C:\WINDOWS\update.tray-8-0\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.

    C:\WINDOWS\update.tray-13-0\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\userinit deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\w_distrib.exe deleted successfully.

    C:\WINDOWS\update.3\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.

    C:\WINDOWS\services32.exe moved successfully.

    Registry value HKEY_USERS\S-1-5-21-2025429265-1957994488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\Search Protection deleted successfully.

    Registry value HKEY_USERS\S-1-5-21-2025429265-1957994488-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\userinit deleted successfully.

    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.

    Invalid CLSID key: _nltide_2

    Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 not found.

    Invalid CLSID key: _nltide_2

    Registry value HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.

    Invalid CLSID key: _nltide_2

    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\_nltide_2 deleted successfully.

    Invalid CLSID key: _nltide_2

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.

    C:\WINDOWS\update.tray-13-0-lnk folder moved successfully.

    C:\WINDOWS\update.tray-13-0 folder moved successfully.

    C:\WINDOWS\ufa folder moved successfully.

    C:\WINDOWS\rpcminer folder moved successfully.

    C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.

    C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.

    C:\WINDOWS\phoenix\kernels folder moved successfully.

    C:\WINDOWS\phoenix folder moved successfully.

    C:\WINDOWS\update.5.0 folder moved successfully.

    C:\WINDOWS\update.3 folder moved successfully.

    C:\WINDOWS\update.2 folder moved successfully.

    C:\WINDOWS\av_ico folder moved successfully.

    C:\WINDOWS\update.1 folder moved successfully.

    C:\WINDOWS\update.tray-8-0-lnk folder moved successfully.

    C:\WINDOWS\update.tray-8-0 folder moved successfully.

    C:\WINDOWS\geoiplist.rar moved successfully.

    C:\WINDOWS\loader2.exe_ok moved successfully.

    File C:\WINDOWS\sysdriver32_.exe not found.

    File C:\WINDOWS\sysdriver32.exe not found.

    File C:\WINDOWS\services32.exe not found.

    C:\WINDOWS\info1 moved successfully.

    C:\WINDOWS\phoenix.rar moved successfully.

    C:\WINDOWS\unrar.exe moved successfully.

    C:\WINDOWS\ufa.rar moved successfully.

    C:\WINDOWS\rpcminer.rar moved successfully.

    File C:\WINDOWS\l1rezerv.exe not found.

    File C:\WINDOWS\geoiplist.rar not found.

    File C:\WINDOWS\loader2.exe_ok not found.

    File C:\WINDOWS\sysdriver32_.exe not found.

    File C:\WINDOWS\sysdriver32.exe not found.

    File C:\WINDOWS\services32.exe not found.

    ADS C:\Documents and Settings\All Users\Application Data\TEMP:A8ADE5D8 deleted successfully.

    ADS C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 deleted successfully.

    ========== REGISTRY ==========

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\services32.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-8-0\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-8-0-lnk\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.2\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.3\svchost.exe deleted successfully.

    ========== FILES ==========

    autorun.inf not found in C:\

    autorun.inf not found in D:\

    autorun.inf not found in E:\

    autorun.exe not found in C:\

    autorun.exe not found in D:\

    autorun.exe not found in E:\

    C:\RECYCLER\S-1-5-21-2025429265-1957994488-1801674531-1003 folder moved successfully.

    C:\RECYCLER folder moved successfully.

    D:\RECYCLER\S-1-5-21-2025429265-1957994488-1801674531-1003 folder moved successfully.

    D:\RECYCLER folder moved successfully.

    E:\RECYCLER\S-1-5-21-2025429265-1957994488-1801674531-1003 folder moved successfully.

    E:\RECYCLER folder moved successfully.

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Successfully flushed the DNS Resolver Cache.

    C:\Documents and Settings\juli\Desktop\cmd.bat deleted successfully.

    C:\Documents and Settings\juli\Desktop\cmd.txt deleted successfully.

    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

    User: juli

    ->Temp folder emptied: 2496897416 bytes

    ->Temporary Internet Files folder emptied: 46978089 bytes

    ->Flash cache emptied: 141204 bytes

    User: LocalService

    ->Temp folder emptied: 66016 bytes

    ->Temporary Internet Files folder emptied: 33172 bytes

    User: NetworkService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 2402044 bytes

    %systemroot%\System32 .tmp files removed: 2577 bytes

    %systemroot%\System32\dllcache .tmp files removed: 0 bytes

    %systemroot%\System32\drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 29943556 bytes

    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 0 bytes

    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33661 bytes

    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 2 457,00 mb

    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

    HOSTS file reset successfully

    Restore points cleared and new OTL Restore Point set!

    [EMPTYFLASH]

    User: All Users

    User: Default User

    User: juli

    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: NetworkService

    Total Flash Files Cleaned = 0,00 mb

    OTL by OldTimer - Version 3.2.26.1 log created on 07252011_153953

    Files\Folders moved on Reboot...

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF997F.tmp not found!

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF9990.tmp not found!

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF99EE.tmp not found!

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF99FF.tmp not found!

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF9A43.tmp not found!

    File\Folder C:\Documents and Settings\juli\Local Settings\Temp\~DF9A54.tmp not found!

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\XW9IGA06\ads[6].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\XW9IGA06\search[1].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\TSWZRF3C\ads[6].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\76O9M0P1\fastbutton[1].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\76O9M0P1\index[1].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\Content.IE5\2RGN6XUV\ads[7].htm moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\AntiPhishing\2CEDBFBC-DBA8-43AA-B1FD-CC8E6316E3E2.dat moved successfully.

    C:\Documents and Settings\juli\Local Settings\Temporary Internet Files\SuggestedSites.dat moved successfully.

    Registry entries deleted on Reboot...

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Какво е положението със системата ви след изпълнението на скрипта..?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ми добре като се рестартира компа не ми се появи оня SAFE MODE черен екран. и сега ще ми даде ли да си инсталирам антивирусна ?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Ще ви кажа кога имаме още малко работа..!

    Моля, изтеглете aswMBR и го запазете на вашия десктоп.

    • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
    • Изберете Scan бутона, за да започне проверката.
    • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.

    ==============================================================================

    * Изтеглете Malwarebytes' Anti-Malware или от тук

    * Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

    * Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

    * Ако има намерени обновявания, тя ще ги изтегли и инсталира.

    * Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

    * Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

    * Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

    * Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

    * Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

    Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

    • Харесва ми 1

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Деинсталирайте OTL така:

    Стартирайте OTL още веднъж и натиснете бутона CleanUp.

    Публикувано изображение

    Ще последва рестарт на компютъра ви..!

    Изтрийте всички инструменти и логове на инструментите които сме използвали (и не са се изтрили след изпълнените досега процедури).

    Вече можете да си инсталирате антивирусна програма и да направите пълно скниране с нея..!

    С две думи сте прихвнали вирус през Facebook...!Така че в бъдеще трябва да внимавате какво отваряте..!

    Може да си оставите програмата Malwarebytes' Anti-Malware с която периодично да сканирате (не забравяйте да я обновявате).

    Ако няма други въпроси,предлагам да приключваме ..Пожелавам ви лека вечер и безопасен Интернет...!

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.