Премини към съдържанието

    Препоръчан отговор


    ot 5 dena nemoga da vlqza v facebook,izpisva mi tova Sorry, we are experiencing temporary technical problem, please check back later.Help

    dds.txt.txt

    attach.txt.txt

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Тук пишем на български език...!

    • Изтеглете OTL.exe и го запазете на десктопа.
    • Стартирайте файла Публикувано изображение с двукратен клик на мишката.
    • Направете следните настройки:

    Публикувано изображение

    • Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):
    netsvcs
    msconfig
    %SYSTEMDRIVE%\*.*
    %USERPROFILE%\*.*
    %USERPROFILE%\Application Data\*.*
    %USERPROFILE%\Local Settings\Application Data\*.*
    %AllUsersProfile%\*.*
    %AllUsersProfile%\Application Data\*.*
    %USERPROFILE%\My Documents\*.*
    %CommonProgramFiles%\*.*
    %PROGRAMFILES%\*.*
    %systemroot%\system32\*.dll /lockedfiles
    %systemroot%\Tasks\*.job /lockedfiles
    %systemroot%\system32\drivers\*.sys /90
    %systemroot%\system32\drivers\*.sys /lockedfiles
    %systemroot%\system32\Spool\prtprocs\w32x86\*.dll
    /md5start
    hlp.dat
    winlogon.exe
    wininit.exe
    userinit.exe
    explorer.exe
    volsnap.sys
    /md5stop
    
    • Натиснете маркираният в синьо бутон: Публикувано изображение.
    • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).
    • Харесва ми 4

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

    :Processes
    killallprocesses
     
    :OTL
    PRC - C:\WINDOWS\Temp\GuardGuard.exe ()
    PRC - C:\WINDOWS\sysdriver32.exe ()
    PRC - C:\Program Files\ResultUrl\resulturl.exe ()
    PRC - C:\Documents and Settings\All Users\Application Data\ResultUrl\resulturl183.exe ()
    PRC - C:\WINDOWS\update.2\svchost.exe ()
    PRC - C:\WINDOWS\update.2\svchost.exe ()
    PRC - C:\WINDOWS\systemup.exe ()
    PRC - C:\WINDOWS\update.5.0\svchost.exe ()
    PRC - C:\WINDOWS\update.5.0\svchost.exe ()
    PRC - C:\WINDOWS\l1rezerv.exe ()
    PRC - C:\WINDOWS\update.tray-7-0\svchost.exe ()
    PRC - C:\WINDOWS\update.tray-2-0\svchost.exe ()
    PRC - C:\WINDOWS\ufa\ufa.exe (Ufasoft)
    MOD - C:\Program Files\ResultUrl\resulturl.dll ()
    SRV - (ekrn) --  File not found
    SRV - (EhttpSrv) --  File not found
    SRV - (srvsysdriver32) -- C:\WINDOWS\sysdriver32.exe ()
    SRV - (ResultUrl Service) -- C:\Documents and Settings\All Users\Application Data\ResultUrl\resulturl183.exe ()
    SRV - (srviecheck) -- C:\WINDOWS\update.2\svchost.exe ()
    SRV - (srvbtcclient) -- C:\WINDOWS\update.5.0\svchost.exe ()
    SRV - (wxpdrivers) -- C:\WINDOWS\update.1\svchost.exe ()
    SRV - (vlpdnu) -- C:\WINDOWS\system32\zurycrqc.dll ()
    SRV - (ghuyss) -- C:\WINDOWS\system32\zurycrqc.dll ()
    O2 - BHO: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} -  File not found
    O2 - BHO: (FDMIECookiesBHO Class) - {CC59E0F9-7E43-44FA-9FAA-8377850BF205} -  File not found
    O3 - HKLM\..\Toolbar: (no name) - !{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - !{09900DE8-1DCA-443F-9243-26FF581438AF} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - !{30F9B915-B755-4826-820B-08FBA6BD249D} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - !{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - !{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (no name) - !{EEE6C35B-6118-11DC-9C72-001320C79847} - Reg Error: Value error. File not found
    O3 - HKLM\..\Toolbar: (Searchqu Toolbar) - {99079a25-328f-4bd4-be04-00955acaa0a7} -  File not found
    O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
    O4 - HKLM..\Run: []  File not found
    O4 - HKLM..\Run: [4380933.exe] C:\Documents and Settings\Niksan\Local Settings\Temp\4380933.exe ()
    O4 - HKLM..\Run: [66667159-loader2.exe] C:\WINDOWS\TEMP\66667159-loader2.exe ()
    O4 - HKLM..\Run: [7927986.exe] C:\Documents and Settings\Niksan\Local Settings\Temp\7927986.exe ()
    O4 - HKLM..\Run: [8191774.exe] C:\WINDOWS\TEMP\8191774.exe ()
    O4 - HKLM..\Run: [8501797.exe] C:\WINDOWS\TEMP\8501797.exe ()
    O4 - HKLM..\Run: [avast!]  File not found
    O4 - HKLM..\Run: [egui]  File not found
    O4 - HKLM..\Run: [l1rezerv.exe] C:\WINDOWS\l1rezerv.exe ()
    O4 - HKLM..\Run: [sysdriver32.exe] C:\WINDOWS\sysdriver32.exe ()
    O4 - HKLM..\Run: [sysdriver32_.exe] C:\WINDOWS\sysdriver32_.exe ()
    O4 - HKLM..\Run: [systemup] C:\WINDOWS\systemup.exe ()
    O4 - HKLM..\Run: [tray_ico]  File not found
    O4 - HKLM..\Run: [tray_ico0] C:\WINDOWS\update.tray-7-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico1] C:\WINDOWS\update.tray-2-0\svchost.exe ()
    O4 - HKLM..\Run: [tray_ico2]  File not found
    O4 - HKLM..\Run: [tray_ico3]  File not found
    O4 - HKLM..\Run: [tray_ico4]  File not found
    O4 - HKLM..\Run: [w_distrib.exe] C:\WINDOWS\update.3\svchost.exe ()
    O4 - HKLM..\Run: [wxpdrv] C:\WINDOWS\services32.exe ()
    O4 - HKU\S-1-5-21-1844237615-2049760794-1801674531-1004..\Run: [EA Core]  File not found
    O4 - HKU\S-1-5-21-1844237615-2049760794-1801674531-1004..\Run: [Free Download Manager]  File not found
    O4 - HKU\.DEFAULT..\RunOnce: [ShowDeskFix]  File not found
    O4 - HKU\S-1-5-18..\RunOnce: [ShowDeskFix]  File not found
    O4 - HKU\S-1-5-20..\RunOnce: [ShowDeskFix]  File not found
    O31 - SafeBoot: AlternateShell - services32.exe
    NetSvcs: vlpdnu - C:\WINDOWS\system32\zurycrqc.dll ()
    NetSvcs: ghuyss - C:\WINDOWS\system32\zurycrqc.dll ()
    [2011/07/25 04:50:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0-lnk
    [2011/07/25 04:50:27 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-7-0
    [2011/07/23 07:48:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\ufa
    [2011/07/23 07:48:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\rpcminer
    [2011/07/23 07:48:16 | 000,000,000 | ---D | C] -- C:\WINDOWS\phoenix
    [2011/07/23 07:23:52 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.5.0
    [2011/07/23 07:21:31 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.2
    [2011/07/23 07:20:23 | 000,000,000 | ---D | C] -- C:\WINDOWS\av_ico
    [2011/07/23 07:18:15 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.1
    [2011/07/23 07:18:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0-lnk
    [2011/07/23 07:18:14 | 000,000,000 | -H-D | C] -- C:\WINDOWS\update.tray-2-0
    [2011/07/25 04:57:18 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32_.exe
    [2011/07/25 04:57:18 | 000,256,000 | ---- | M] () -- C:\WINDOWS\sysdriver32.exe
    [2011/07/23 07:48:15 | 005,589,370 | ---- | M] () -- C:\WINDOWS\phoenix.rar
    [2011/07/23 07:48:15 | 000,246,272 | ---- | M] () -- C:\WINDOWS\unrar.exe
    [2011/07/23 07:48:15 | 000,182,617 | ---- | M] () -- C:\WINDOWS\ufa.rar
    [2011/07/23 07:48:14 | 001,075,284 | ---- | M] () -- C:\WINDOWS\rpcminer.rar
    [2011/07/23 07:26:55 | 000,114,176 | ---- | M] () -- C:\WINDOWS\systemup.exe
    [2011/07/23 07:22:11 | 000,904,792 | ---- | M] () -- C:\WINDOWS\geoiplist.rar
    [2011/07/23 07:21:49 | 000,232,960 | ---- | M] () -- C:\WINDOWS\l1rezerv.exe
    [2011/07/23 07:21:01 | 000,000,000 | ---- | M] () -- C:\WINDOWS\loader2.exe_ok
    [2011/07/23 05:42:40 | 001,185,792 | ---- | M] () -- C:\WINDOWS\services32.exe
    [2011/07/23 07:48:15 | 005,589,370 | ---- | C] () -- C:\WINDOWS\phoenix.rar
    [2011/07/23 07:48:15 | 000,182,617 | ---- | C] () -- C:\WINDOWS\ufa.rar
    [2011/07/23 07:48:14 | 001,075,284 | ---- | C] () -- C:\WINDOWS\rpcminer.rar
    [2011/07/23 07:27:03 | 000,114,176 | ---- | C] () -- C:\WINDOWS\systemup.exe
    [2011/07/23 07:22:13 | 004,636,907 | ---- | C] () -- C:\WINDOWS\geoiplist
    [2011/07/23 07:22:11 | 000,904,792 | ---- | C] () -- C:\WINDOWS\geoiplist.rar
    [2011/07/23 07:22:11 | 000,246,272 | ---- | C] () -- C:\WINDOWS\unrar.exe
    [2011/07/23 07:21:53 | 000,232,960 | ---- | C] () -- C:\WINDOWS\l1rezerv.exe
    [2011/07/23 07:21:09 | 000,000,202 | ---- | C] () -- C:\WINDOWS\info1
    [2011/07/23 07:21:01 | 000,000,000 | ---- | C] () -- C:\WINDOWS\loader2.exe_ok
    [2011/07/23 07:20:59 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32_.exe
    [2011/07/23 07:20:45 | 000,256,000 | ---- | C] () -- C:\WINDOWS\sysdriver32.exe
    [2011/07/23 05:43:12 | 001,185,792 | ---- | C] () -- C:\WINDOWS\services32.exe
    @Alternate Data Stream - 88 bytes -> C:\Documents and Settings\Niksan\Desktop\Jennifer Lopez - On the Floor (Marie Digby cover).mp4:SummaryInformation
    @Alternate Data Stream - 140 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:B879A65B
    @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:036B9593
     
    :Reg
    [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
    "C:\WINDOWS\services32.exe" =-
    "C:\WINDOWS\update.1\svchost.exe" =-
    "C:\WINDOWS\update.tray-2-0\svchost.exe" =-
    "C:\WINDOWS\update.2\svchost.exe" =-
    "C:\WINDOWS\update.3\svchost.exe" =-
     
    :files
    C:\WINDOWS\Temp\GuardGuard.exe
    C:\WINDOWS\sysdriver32.exe
    C:\Program Files\ResultUrl\resulturl.exe
    C:\Documents and Settings\All Users\Application Data\ResultUrl\resulturl183.exe
    C:\WINDOWS\update.2\svchost.exe
    C:\WINDOWS\update.2\svchost.exe
    C:\WINDOWS\systemup.exe
    C:\WINDOWS\update.5.0\svchost.exe
    C:\WINDOWS\update.5.0\svchost.exe
    C:\WINDOWS\l1rezerv.exe
    C:\WINDOWS\update.tray-7-0\svchost.exe
    C:\WINDOWS\update.tray-2-0\svchost.exe
    C:\WINDOWS\ufa\ufa.exe
     
    autorun.inf /alldrives
    autorun.exe /alldrives
    recycler /alldrives
    ipconfig /flushdns /c
     
    :Commands
    [purity]
    [emptytemp]
    [resethosts]
    [clearallrestorepoints]
    [emptyflash]
    [Reboot]
    

    След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

    Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    All processes killed

    ========== PROCESSES ==========

    ========== OTL ==========

    Process GuardGuard.exe killed successfully!

    No active process named sysdriver32.exe was found!

    No active process named resulturl.exe was found!

    No active process named resulturl183.exe was found!

    Process svchost.exe killed successfully!

    Process svchost.exe killed successfully!

    No active process named systemup.exe was found!

    Process svchost.exe killed successfully!

    Process svchost.exe killed successfully!

    No active process named l1rezerv.exe was found!

    Process svchost.exe killed successfully!

    Process svchost.exe killed successfully!

    No active process named ufa.exe was found!

    Service ekrn stopped successfully!

    Service ekrn deleted successfully!

    File File not found not found.

    Service EhttpSrv stopped successfully!

    Service EhttpSrv deleted successfully!

    File File not found not found.

    Service srvsysdriver32 stopped successfully!

    Service srvsysdriver32 deleted successfully!

    C:\WINDOWS\sysdriver32.exe moved successfully.

    Service ResultUrl Service stopped successfully!

    Service ResultUrl Service deleted successfully!

    C:\Documents and Settings\All Users\Application Data\ResultUrl\resulturl183.exe moved successfully.

    Service srviecheck stopped successfully!

    Service srviecheck deleted successfully!

    C:\WINDOWS\update.2\svchost.exe moved successfully.

    Service srvbtcclient stopped successfully!

    Service srvbtcclient deleted successfully!

    C:\WINDOWS\update.5.0\svchost.exe moved successfully.

    Service wxpdrivers stopped successfully!

    Service wxpdrivers deleted successfully!

    C:\WINDOWS\update.1\svchost.exe moved successfully.

    Service vlpdnu stopped successfully!

    Service vlpdnu deleted successfully!

    C:\WINDOWS\system32\zurycrqc.dll moved successfully.

    Service ghuyss stopped successfully!

    Service ghuyss deleted successfully!

    File C:\WINDOWS\system32\zurycrqc.dll not found.

    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}\ deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{CC59E0F9-7E43-44FA-9FAA-8377850BF205}\ deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{01398B87-61AF-4FFB-9AB5-1A1C5FB39A9C} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{09900DE8-1DCA-443F-9243-26FF581438AF} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{30F9B915-B755-4826-820B-08FBA6BD249D} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{DB4E9724-F518-4dfd-9C7C-78B52103CAB9} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\!{EEE6C35B-6118-11DC-9C72-001320C79847} deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{99079a25-328f-4bd4-be04-00955acaa0a7} deleted successfully.

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{99079a25-328f-4bd4-be04-00955acaa0a7}\ not found.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\10 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\4380933.exe deleted successfully.

    C:\Documents and Settings\Niksan\Local Settings\Temp\4380933.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\66667159-loader2.exe deleted successfully.

    C:\WINDOWS\Temp\66667159-loader2.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\7927986.exe deleted successfully.

    C:\Documents and Settings\Niksan\Local Settings\Temp\7927986.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8191774.exe deleted successfully.

    C:\WINDOWS\Temp\8191774.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\8501797.exe deleted successfully.

    C:\WINDOWS\Temp\8501797.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\avast! deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\egui deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\l1rezerv.exe deleted successfully.

    C:\WINDOWS\l1rezerv.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32.exe deleted successfully.

    File C:\WINDOWS\sysdriver32.exe not found.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\sysdriver32_.exe deleted successfully.

    C:\WINDOWS\sysdriver32_.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\systemup deleted successfully.

    C:\WINDOWS\systemup.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico0 deleted successfully.

    C:\WINDOWS\update.tray-7-0\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico1 deleted successfully.

    C:\WINDOWS\update.tray-2-0\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico2 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico3 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\tray_ico4 deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\w_distrib.exe deleted successfully.

    C:\WINDOWS\update.3\svchost.exe moved successfully.

    Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\wxpdrv deleted successfully.

    C:\WINDOWS\services32.exe moved successfully.

    Registry value HKEY_USERS\S-1-5-21-1844237615-2049760794-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Run\\EA Core deleted successfully.

    Registry value HKEY_USERS\S-1-5-21-1844237615-2049760794-1801674531-1004\Software\Microsoft\Windows\CurrentVersion\Run\\Free Download Manager deleted successfully.

    Registry value HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ShowDeskFix deleted successfully.

    Registry value HKEY_USERS\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ShowDeskFix not found.

    Registry value HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ShowDeskFix deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\\AlternateShell deleted successfully.

    vlpdnu removed from NetSvcs value successfully!

    File C:\WINDOWS\system32\zurycrqc.dll not found.

    ghuyss removed from NetSvcs value successfully!

    File C:\WINDOWS\system32\zurycrqc.dll not found.

    C:\WINDOWS\update.tray-7-0-lnk folder moved successfully.

    C:\WINDOWS\update.tray-7-0 folder moved successfully.

    C:\WINDOWS\ufa folder moved successfully.

    C:\WINDOWS\rpcminer folder moved successfully.

    C:\WINDOWS\phoenix\kernels\poclbm folder moved successfully.

    C:\WINDOWS\phoenix\kernels\phatk folder moved successfully.

    C:\WINDOWS\phoenix\kernels folder moved successfully.

    C:\WINDOWS\phoenix folder moved successfully.

    C:\WINDOWS\update.5.0 folder moved successfully.

    C:\WINDOWS\update.2 folder moved successfully.

    C:\WINDOWS\av_ico folder moved successfully.

    C:\WINDOWS\update.1 folder moved successfully.

    C:\WINDOWS\update.tray-2-0-lnk folder moved successfully.

    C:\WINDOWS\update.tray-2-0 folder moved successfully.

    File C:\WINDOWS\sysdriver32_.exe not found.

    File C:\WINDOWS\sysdriver32.exe not found.

    C:\WINDOWS\phoenix.rar moved successfully.

    C:\WINDOWS\unrar.exe moved successfully.

    C:\WINDOWS\ufa.rar moved successfully.

    C:\WINDOWS\rpcminer.rar moved successfully.

    File C:\WINDOWS\systemup.exe not found.

    C:\WINDOWS\geoiplist.rar moved successfully.

    File C:\WINDOWS\l1rezerv.exe not found.

    C:\WINDOWS\loader2.exe_ok moved successfully.

    File C:\WINDOWS\services32.exe not found.

    File C:\WINDOWS\phoenix.rar not found.

    File C:\WINDOWS\ufa.rar not found.

    File C:\WINDOWS\rpcminer.rar not found.

    File C:\WINDOWS\systemup.exe not found.

    C:\WINDOWS\geoiplist moved successfully.

    File C:\WINDOWS\geoiplist.rar not found.

    File C:\WINDOWS\unrar.exe not found.

    File C:\WINDOWS\l1rezerv.exe not found.

    C:\WINDOWS\info1 moved successfully.

    File C:\WINDOWS\loader2.exe_ok not found.

    File C:\WINDOWS\sysdriver32_.exe not found.

    File C:\WINDOWS\sysdriver32.exe not found.

    File C:\WINDOWS\services32.exe not found.

    ADS C:\Documents and Settings\Niksan\Desktop\Jennifer Lopez - On the Floor (Marie Digby cover).mp4:SummaryInformation deleted successfully.

    ADS C:\Documents and Settings\All Users\Application Data\TEMP:B879A65B deleted successfully.

    ADS C:\Documents and Settings\All Users\Application Data\TEMP:036B9593 deleted successfully.

    ========== REGISTRY ==========

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\services32.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.1\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.tray-2-0\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.2\svchost.exe deleted successfully.

    Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\C:\WINDOWS\update.3\svchost.exe deleted successfully.

    ========== FILES ==========

    C:\WINDOWS\Temp\GuardGuard.exe moved successfully.

    File\Folder C:\WINDOWS\sysdriver32.exe not found.

    C:\Program Files\ResultUrl\resulturl.exe moved successfully.

    File\Folder C:\Documents and Settings\All Users\Application Data\ResultUrl\resulturl183.exe not found.

    File\Folder C:\WINDOWS\update.2\svchost.exe not found.

    File\Folder C:\WINDOWS\update.2\svchost.exe not found.

    File\Folder C:\WINDOWS\systemup.exe not found.

    File\Folder C:\WINDOWS\update.5.0\svchost.exe not found.

    File\Folder C:\WINDOWS\update.5.0\svchost.exe not found.

    File\Folder C:\WINDOWS\l1rezerv.exe not found.

    File\Folder C:\WINDOWS\update.tray-7-0\svchost.exe not found.

    File\Folder C:\WINDOWS\update.tray-2-0\svchost.exe not found.

    File\Folder C:\WINDOWS\ufa\ufa.exe not found.

    autorun.inf not found in C:\

    autorun.inf not found in D:\

    File move failed. F:\Autorun.inf scheduled to be moved on reboot.

    autorun.exe not found in C:\

    autorun.exe not found in D:\

    File move failed. F:\autorun.exe scheduled to be moved on reboot.

    C:\RECYCLER\S-1-5-21-1844237615-2049760794-1801674531-1004 folder moved successfully.

    C:\RECYCLER folder moved successfully.

    D:\RECYCLER\S-1-5-21-2025429265-362288127-1801674531-500 folder moved successfully.

    D:\RECYCLER\S-1-5-21-2000478354-789336058-725345543-500 folder moved successfully.

    D:\RECYCLER\S-1-5-21-1960408961-583907252-682003330-500 folder moved successfully.

    D:\RECYCLER\S-1-5-21-1844237615-2049760794-1801674531-1004 folder moved successfully.

    D:\RECYCLER\S-1-5-21-1606980848-562591055-682003330-500 folder moved successfully.

    D:\RECYCLER folder moved successfully.

    recycler not found in F:\

    < ipconfig /flushdns /c >

    Windows IP Configuration

    Could not flush the DNS Resolver Cache: Function failed during execution.

    C:\Documents and Settings\Niksan\Desktop\cmd.bat deleted successfully.

    C:\Documents and Settings\Niksan\Desktop\cmd.txt deleted successfully.

    ========== COMMANDS ==========

    [EMPTYTEMP]

    User: All Users

    User: Default User

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

    ->Flash cache emptied: 56504 bytes

    User: LocalService

    ->Temporary Internet Files folder emptied: 2012292 bytes

    User: multiskype

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 33170 bytes

    User: NetworkService

    ->Temp folder emptied: 0 bytes

    ->Temporary Internet Files folder emptied: 171857 bytes

    User: Niksan

    ->Temp folder emptied: 55377342 bytes

    ->Temporary Internet Files folder emptied: 11760651 bytes

    ->Java cache emptied: 0 bytes

    ->FireFox cache emptied: 150025943 bytes

    ->Google Chrome cache emptied: 260663597 bytes

    ->Flash cache emptied: 71642 bytes

    %systemdrive% .tmp files removed: 0 bytes

    %systemroot% .tmp files removed: 2402044 bytes

    %systemroot%\System32 .tmp files removed: 1621697 bytes

    %systemroot%\System32\dllcache .tmp files removed: 0 bytes

    %systemroot%\System32\drivers .tmp files removed: 0 bytes

    Windows Temp folder emptied: 15993247 bytes

    %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 1479 bytes

    %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes

    RecycleBin emptied: 0 bytes

    Total Files Cleaned = 477.00 mb

    C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.

    HOSTS file reset successfully

    Restore points cleared and new OTL Restore Point set!

    [EMPTYFLASH]

    User: All Users

    User: Default User

    ->Flash cache emptied: 0 bytes

    User: LocalService

    User: multiskype

    User: NetworkService

    User: Niksan

    ->Flash cache emptied: 0 bytes

    Total Flash Files Cleaned = 0.00 mb

    OTL by OldTimer - Version 3.2.26.1 log created on 07262011_023800

    Files\Folders moved on Reboot...

    File\Folder F:\Autorun.inf not found!

    File\Folder F:\autorun.exe not found!

    Registry entries deleted on Reboot...


    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    След изпълнение на скрипта какво е положението със компютъра ви..?

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Стартирайте OTL още веднъж и натиснете бутона CleanUp.

    Публикувано изображение

    При дeинсталацията на OTL ще бъдат почистени инструменти и файлове, които използвахме в темата. Ще последва рестарт на Windows. Може да изтриете останалите програми и логове, които използвахме в темата.

    Направете контролно сканиране с:

    * Изтеглете Malwarebytes' Anti-Malware или от тук

    * Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

    * Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

    * Ако има намерени обновявания, тя ще ги изтегли и инсталира.

    * Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

    * Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

    * Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

    * Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

    * Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

    Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

    Сподели този отговор


    Линк към този отговор
    Сподели в други сайтове

    Регистрирайте се или влезете в профила си за да коментирате

    Трябва да имате регистрация за да може да коментирате това

    Регистрирайте се

    Създайте нова регистрация в нашия форум. Лесно е!

    Нова регистрация

    Вход

    Имате регистрация? Влезте от тук.

    Вход


    ×

    Информация

    Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.