Премини към съдържанието

Препоръчан отговор


Здравейте,

Посъветваха ме да направя тема в този раздел, тъй като има съмнения лаптопа ми да е инфектиран с някакъв вирус, който да ми причинява доста сини екрани с различни причини за крашване. Ето тук сме дискутирали по темата.

Поствам Ви резултатите от DDS:

.

DDS (Ver_2011-08-26.01) - NTFSAMD64

Internet Explorer: 9.0.8112.16421

Run by special2 at 12:02:11 on 2012-02-04

Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1033.18.3959.2514 [GMT 2:00]

.

AV: AVG Anti-Virus 2012 *Enabled/Updated* {5A2746B1-DEE9-F85A-FBCD-ADB11639C5F0}

SP: AVG Anti-Virus 2012 *Enabled/Updated* {E146A755-F8D3-F7D4-C17D-96C36DBE8F4D}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

============== Running Processes ===============

.

C:\PROGRA~2\AVG\AVG2012\avgrsa.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Windows\system32\wininit.exe

C:\Windows\system32\lsm.exe

C:\Windows\system32\svchost.exe -k DcomLaunch

C:\Windows\system32\svchost.exe -k RPCSS

C:\Windows\system32\atiesrxx.exe

C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted

C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted

C:\Windows\system32\svchost.exe -k netsvcs

C:\Windows\system32\svchost.exe -k LocalService

C:\Windows\system32\svchost.exe -k NetworkService

C:\Windows\system32\atieclxx.exe

C:\Windows\system32\WLANExt.exe

C:\Windows\system32\conhost.exe

C:\Windows\System32\spoolsv.exe

C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Windows\system32\taskhost.exe

C:\Windows\system32\svchost.exe -k apphost

C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe

C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe

C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe

C:\Windows\system32\taskeng.exe

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

c:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe

C:\Program Files (x86)\Uniblue\DriverScanner\dsmonitor.exe

C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe

C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe

C:\Program Files (x86)\AVG\AVG2012\avgnsa.exe

C:\Program Files\Windows Sidebar\sidebar.exe

C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe

c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe

C:\Windows\system32\svchost.exe -k imgsvc

C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe

C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe

C:\Program Files (x86)\Launch Manager\LManager.exe

C:\Program Files (x86)\AVG\AVG2012\avgtray.exe

C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe

C:\Windows\system32\svchost.exe -k iissvcs

C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe

C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation

C:\Windows\system32\SearchIndexer.exe

C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe

C:\Windows\System32\svchost.exe -k WerSvcGroup

C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted

C:\Program Files\Windows Media Player\wmpnetwk.exe

C:\Windows\system32\SearchProtocolHost.exe

C:\Windows\system32\SearchFilterHost.exe

C:\Program Files (x86)\AVG\AVG2012\avgcsrva.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe

C:\Program Files\Intel\TurboBoost\TurboBoost.exe

C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

C:\Windows\system32\wbem\unsecapp.exe

C:\Windows\system32\wbem\wmiprvse.exe

C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe

C:\Windows\SysWOW64\cmd.exe

C:\Windows\system32\conhost.exe

C:\Windows\SysWOW64\cscript.exe

C:\Windows\system32\wbem\wmiprvse.exe

.

============== Pseudo HJT Report ===============

.

mWinlogon: Userinit=userinit.exe,

BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\special2\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll

uRun: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun

uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun

uRun: [Google Update] "C:\Users\special2\AppData\Local\Google\Update\GoogleUpdate.exe" /c

mRun: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files (x86)\WIDCOMM\Bluetooth Software\BTTray.exe

mPolicies-explorer: NoActiveDesktop = 1 (0x1)

mPolicies-explorer: NoActiveDesktopChanges = 1 (0x1)

mPolicies-system: ConsentPromptBehaviorAdmin = 0 (0x0)

mPolicies-system: ConsentPromptBehaviorUser = 3 (0x3)

mPolicies-system: EnableLUA = 0 (0x0)

mPolicies-system: EnableUIADesktopToggle = 0 (0x0)

mPolicies-system: PromptOnSecureDesktop = 0 (0x0)

IE: Download all by FlashGet3 - C:\Users\special2\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

IE: Download by FlashGet3 - C:\Users\special2\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000

IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm

IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: ????3?? - C:\Users\special2\AppData\Roaming\FlashGetBHO\GetUrl.htm

IE: ????3?????? - C:\Users\special2\AppData\Roaming\FlashGetBHO\GetAllUrl.htm

IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\PROGRA~2\MICROS~2\Office12\ONBttnIE.dll

IE: {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - {17A84966-F1E9-4645-AA9E-5E771EE1C859} - C:\PROGRA~2\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

TCP: DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BB912C37-971C-439D-A8F9-2131B028EF9E} : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BB912C37-971C-439D-A8F9-2131B028EF9E}\244534D2144435C4 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BB912C37-971C-439D-A8F9-2131B028EF9E}\3554C454E414 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BB912C37-971C-439D-A8F9-2131B028EF9E}\6594651434F4D4F574 : DhcpNameServer = 192.168.1.1

TCP: Interfaces\{BB912C37-971C-439D-A8F9-2131B028EF9E}\6594651434F4D4F5E45445 : DhcpNameServer = 192.168.1.1

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~2\MICROS~2\Office12\GRA32A~1.DLL

Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll

SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO-X64: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

BHO-X64: AcroIEHelperStub - No File

BHO-X64: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG2012\avgssie.dll

BHO-X64: WormRadar.com IESiteBlocker.NavFilter - No File

BHO-X64: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

BHO-X64: FlashGetBHO: {b070d3e3-fec0-47d9-8e8a-99d4eeb3d3b0} - C:\Users\special2\AppData\Roaming\FlashGetBHO\FlashGetBHO3.dll

BHO-X64: FlashGetBHO - No File

mRun-x64: [LManager] C:\Program Files (x86)\Launch Manager\LManager.exe

mRun-x64: [startCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun

mRun-x64: [AVG_TRAY] "C:\Program Files (x86)\AVG\AVG2012\avgtray.exe"

mRun-x64: [Malwarebytes' Anti-Malware] "C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe" /starttray

IE-X64: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm

SEH-X64: Groove GFS Stub Execution Hook: {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\PROGRA~2\MICROS~2\Office12\GR469A~1.DLL

.

============= SERVICES / DRIVERS ===============

.

R0 AVGIDSEH;AVGIDSEH;C:\Windows\system32\DRIVERS\AVGIDSEH.Sys --> C:\Windows\system32\DRIVERS\AVGIDSEH.Sys [?]

R0 Avgrkx64;AVG Anti-Rootkit Driver;C:\Windows\system32\DRIVERS\avgrkx64.sys --> C:\Windows\system32\DRIVERS\avgrkx64.sys [?]

R0 johci;JMicron 1394 Filter Driver;C:\Windows\system32\DRIVERS\johci.sys --> C:\Windows\system32\DRIVERS\johci.sys [?]

R1 Avgldx64;AVG AVI Loader Driver;C:\Windows\system32\DRIVERS\avgldx64.sys --> C:\Windows\system32\DRIVERS\avgldx64.sys [?]

R1 Avgmfx64;AVG Mini-Filter Resident Anti-Virus Shield;C:\Windows\system32\DRIVERS\avgmfx64.sys --> C:\Windows\system32\DRIVERS\avgmfx64.sys [?]

R1 Avgtdia;AVG TDI Driver;C:\Windows\system32\DRIVERS\avgtdia.sys --> C:\Windows\system32\DRIVERS\avgtdia.sys [?]

R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\system32\DRIVERS\dtsoftbus01.sys --> C:\Windows\system32\DRIVERS\dtsoftbus01.sys [?]

R1 vwififlt;Virtual WiFi Filter Driver;C:\Windows\system32\DRIVERS\vwififlt.sys --> C:\Windows\system32\DRIVERS\vwififlt.sys [?]

R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2011-6-6 64952]

R2 AMD External Events Utility;AMD External Events Utility;C:\Windows\system32\atiesrxx.exe --> C:\Windows\system32\atiesrxx.exe [?]

R2 AVGIDSAgent;AVGIDSAgent;C:\Program Files (x86)\AVG\AVG2012\AVGIDSAgent.exe [2011-10-12 4433248]

R2 avgwd;AVG WatchDog;C:\Program Files (x86)\AVG\AVG2012\avgwdsvc.exe [2011-8-2 192776]

R2 ePowerSvc;Acer ePower Service;C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [2011-8-11 788512]

R2 TeamViewer6;TeamViewer 6;C:\Program Files (x86)\TeamViewer\Version6\TeamViewer_Service.exe [2011-9-6 2358656]

R2 TurboB;Turbo Boost UI Monitor driver;C:\Windows\system32\DRIVERS\TurboB.sys --> C:\Windows\system32\DRIVERS\TurboB.sys [?]

R3 amdkmdag;amdkmdag;C:\Windows\system32\DRIVERS\atikmdag.sys --> C:\Windows\system32\DRIVERS\atikmdag.sys [?]

R3 amdkmdap;amdkmdap;C:\Windows\system32\DRIVERS\atikmpag.sys --> C:\Windows\system32\DRIVERS\atikmpag.sys [?]

R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\Windows\system32\drivers\AtihdW76.sys --> C:\Windows\system32\drivers\AtihdW76.sys [?]

R3 AVGIDSDriver;AVGIDSDriver;C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys --> C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys [?]

R3 AVGIDSFilter;AVGIDSFilter;C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys --> C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys [?]

R3 enecir;ENE CIR Receiver;C:\Windows\system32\DRIVERS\enecir.sys --> C:\Windows\system32\DRIVERS\enecir.sys [?]

R3 HECIx64;Intel® Management Engine Interface;C:\Windows\system32\DRIVERS\HECIx64.sys --> C:\Windows\system32\DRIVERS\HECIx64.sys [?]

R3 Impcd;Impcd;C:\Windows\system32\DRIVERS\Impcd.sys --> C:\Windows\system32\DRIVERS\Impcd.sys [?]

R3 JMCR;JMCR;C:\Windows\system32\DRIVERS\jmcr.sys --> C:\Windows\system32\DRIVERS\jmcr.sys [?]

R3 k57nd60a;Broadcom NetLink Gigabit Ethernet - NDIS 6.0;C:\Windows\system32\DRIVERS\k57nd60a.sys --> C:\Windows\system32\DRIVERS\k57nd60a.sys [?]

R3 TurboBoost;TurboBoost;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2009-11-2 126352]

R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:\Windows\system32\DRIVERS\vwifimp.sys --> C:\Windows\system32\DRIVERS\vwifimp.sys [?]

S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]

S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576]

S2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2012-2-1 652360]

S2 UNS;Intel® Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2011-8-11 2320920]

S3 btusbflt;Bluetooth USB Filter;C:\Windows\system32\drivers\btusbflt.sys --> C:\Windows\system32\drivers\btusbflt.sys [?]

S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\system32\DRIVERS\btwl2cap.sys --> C:\Windows\system32\DRIVERS\btwl2cap.sys [?]

S3 dmvsc;dmvsc;C:\Windows\system32\drivers\dmvsc.sys --> C:\Windows\system32\drivers\dmvsc.sys [?]

S3 Futuremark SystemInfo Service;Futuremark SystemInfo Service;C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe [2011-8-17 130976]

S3 MBAMProtector;MBAMProtector;\??\C:\Windows\system32\drivers\mbam.sys --> C:\Windows\system32\drivers\mbam.sys [?]

S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\system32\drivers\rdpvideominiport.sys --> C:\Windows\system32\drivers\rdpvideominiport.sys [?]

S3 Sony Ericsson PCCompanion;Sony Ericsson PCCompanion;C:\Program Files (x86)\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe [2011-9-9 155344]

S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]

S3 Synth3dVsc;Synth3dVsc;C:\Windows\system32\drivers\synth3dvsc.sys --> C:\Windows\system32\drivers\synth3dvsc.sys [?]

S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\system32\drivers\terminpt.sys --> C:\Windows\system32\drivers\terminpt.sys [?]

S3 TsUsbFlt;TsUsbFlt;C:\Windows\system32\drivers\tsusbflt.sys --> C:\Windows\system32\drivers\tsusbflt.sys [?]

S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\system32\drivers\TsUsbGD.sys --> C:\Windows\system32\drivers\TsUsbGD.sys [?]

S3 tsusbhub;tsusbhub;C:\Windows\system32\drivers\tsusbhub.sys --> C:\Windows\system32\drivers\tsusbhub.sys [?]

S4 MSSQLServerADHelper100;SQL Active Directory Helper Service;C:\Program Files\Microsoft SQL Server\100\Shared\sqladhlp.exe [2009-7-22 61976]

S4 RsFx0103;RsFx0103 Driver;C:\Windows\system32\DRIVERS\RsFx0103.sys --> C:\Windows\system32\DRIVERS\RsFx0103.sys [?]

S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2009-3-30 427880]

.

=============== Created Last 30 ================

.

2012-01-30 14:59:45 -------- d-----w- C:\Users\special2\AppData\Roaming\Malwarebytes

2012-01-30 14:59:39 -------- d-----w- C:\ProgramData\Malwarebytes

2012-01-30 14:59:38 23152 ----a-w- C:\Windows\System32\drivers\mbam.sys

2012-01-30 14:59:38 -------- d-----w- C:\Program Files (x86)\Malwarebytes' Anti-Malware

2012-01-28 22:27:30 -------- d-----w- C:\Program Files (x86)\Lavalys

2012-01-09 00:57:23 -------- d-----w- C:\Users\special2\VirtualBox VMs

2012-01-09 00:56:44 -------- d-----w- C:\Users\special2\.VirtualBox

2012-01-09 00:55:20 224048 ----a-w- C:\Windows\System32\drivers\VBoxDrv.sys

2012-01-09 00:55:13 130864 ----a-w- C:\Windows\System32\drivers\VBoxUSBMon.sys

2012-01-09 00:55:07 -------- d-----w- C:\Program Files\Oracle

2012-01-07 18:47:48 -------- d-----w- C:\Users\special2\AppData\Roaming\Adobe Mini Bridge CS5.1

2012-01-07 18:47:47 -------- d-----w- C:\Users\special2\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1

2012-01-05 21:54:54 -------- d-----w- C:\ProgramData\Protexis

2012-01-05 21:48:48 -------- d-----w- C:\Program Files (x86)\Common Files\Corel

2012-01-05 21:48:21 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis

2012-01-05 21:40:21 -------- d-----w- C:\ProgramData\CorelDRAW Graphics Suite X5

.

==================== Find3M ====================

.

2012-01-30 03:32:17 414368 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl

2012-01-05 21:24:58 88 --sh--r- C:\ProgramData\4C7CAB9D5F.sys

2012-01-05 21:24:58 2828 --sha-w- C:\ProgramData\KGyGaAvL.sys

2011-12-19 11:45:22 146736 ----a-w- C:\Windows\System32\drivers\VBoxNetAdp.sys

2011-12-19 11:43:54 320816 ----a-w- C:\Windows\System32\VBoxNetFltNobj.dll

2011-12-19 11:43:54 165680 ----a-w- C:\Windows\System32\drivers\VBoxNetFlt.sys

2011-11-21 20:33:21 205 ----a-w- C:\Windows\SysWow64\lsprst7.dll

2011-11-21 20:33:21 1025 ----a-w- C:\Windows\SysWow64\sysprs7.dll

.

============= FINISH: 12:03:14,43 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-08-26.01)

.

Microsoft Windows 7 Ultimate

Boot Device: \Device\HarddiskVolume1

Install Date: 11.8.2011 г. 10:18:21

System Uptime: 4.2.2012 г. 11:59:44 (1 hours ago)

.

Motherboard: Acer | | Aspire 5942

Processor: Intel® Core i5 CPU M 430 @ 2.27GHz | CPU | 2267/1066mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 103 GiB total, 41,754 GiB free.

D: is FIXED (NTFS) - 195 GiB total, 22,246 GiB free.

E: is FIXED (NTFS) - 298 GiB total, 32,588 GiB free.

F: is CDROM ()

G: is CDROM ()

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

RP59: 16.1.2012 г. 19:47:23 - Scheduled Checkpoint

RP60: 26.1.2012 г. 22:28:24 - Scheduled Checkpoint

.

==== Installed Programs ======================

.

????:????

Архиватор WinRAR

µTorrent

3DMark 11

5 Spots II

5 Spots II RA

Acer Crystal Eye Webcam

Acer PowerSmart Manager

Acme

Adobe AIR

Adobe Community Help

Adobe Flash Player 11 ActiveX

Adobe Photoshop CS5.1

Adobe Reader X (10.1.1)

AVG PC Tuneup 2011

Blood Rayne [RePack by Corsar] 1.00

Bloodrayne 1.00

Broadcom Wireless LAN Driver Installation Program for Windows7

Call of Duty® - World at War 1.1 Patch

Call of Duty® - World at War 1.2 Patch

Call of Duty® - World at War 1.4 Patch

Call of Duty® - World at War 1.5 Patch

Catalyst Control Center

Catalyst Control Center - Branding

Catalyst Control Center Graphics Previews Common

Catalyst Control Center InstallProxy

Catalyst Control Center Localization All

CCC Help English

Corel Graphics - Windows Shell Extension

CorelDRAW Graphics Suite X5

CorelDRAW Graphics Suite X5 - Capture

CorelDRAW Graphics Suite X5 - Common

CorelDRAW Graphics Suite X5 - Connect

CorelDRAW Graphics Suite X5 - Custom Data

CorelDRAW Graphics Suite X5 - Draw

CorelDRAW Graphics Suite X5 - EN

CorelDRAW Graphics Suite X5 - Filters

CorelDRAW Graphics Suite X5 - FontNav

CorelDRAW Graphics Suite X5 - IPM

CorelDRAW Graphics Suite X5 - PHOTO-PAINT

CorelDRAW Graphics Suite X5 - Photozoom Plugin

CorelDRAW Graphics Suite X5 - Redist

CorelDRAW Graphics Suite X5 - Setup Files

CorelDRAW Graphics Suite X5 - VBA

CorelDRAW Graphics Suite X5 - VideoBrowser

CorelDRAW Graphics Suite X5 - VSTA

CorelDRAW Graphics Suite X5 - WT

CorelDRAW® Graphics Suite X5

Counter-Strike

Crystal Reports for Visual Studio

DAEMON Tools Lite

Dotfuscator Software Services - Community Edition

EVEREST Ultimate Edition v5.50

FIFA 11

First Strike Gamepad

FlashGet 3.5

Futuremark SystemInfo

Google Chrome

Hard Disk Sentinel PRO

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946040)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946308)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB946344)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947540)

Hotfix for Microsoft Visual Studio 2007 Tools for Applications - ENU (KB947789)

IBM SPSS Statistics 19

Inhatch web plugins

Intel® Management Engine Components

Intel® Turbo Boost Technology Driver

JMicron Flash Media Controller Driver

Launch Manager

Lyrics Plugin for Winamp

Malwarebytes Anti-Malware version 1.60.1.1000

Microsoft .NET Framework 4 Multi-Targeting Pack

Microsoft Application Error Reporting

Microsoft ASP.NET MVC 2

Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools

Microsoft Office Access MUI (English) 2007

Microsoft Office Access Setup Metadata MUI (English) 2007

Microsoft Office Enterprise 2007

Microsoft Office Excel MUI (English) 2007

Microsoft Office Groove MUI (English) 2007

Microsoft Office Groove Setup Metadata MUI (English) 2007

Microsoft Office IME (Chinese (Simplified)) 2007

Microsoft Office IME (Chinese (Traditional)) 2007

Microsoft Office IME (Japanese) 2007

Microsoft Office IME (Korean) 2007

Microsoft Office InfoPath MUI (English) 2007

Microsoft Office OneNote MUI (English) 2007

Microsoft Office Outlook MUI (English) 2007

Microsoft Office PowerPoint MUI (English) 2007

Microsoft Office Proof (Arabic) 2007

Microsoft Office Proof (Basque) 2007

Microsoft Office Proof (Bulgarian) 2007

Microsoft Office Proof (Catalan) 2007

Microsoft Office Proof (Chinese (Simplified)) 2007

Microsoft Office Proof (Chinese (Traditional)) 2007

Microsoft Office Proof (Croatian) 2007

Microsoft Office Proof (Czech) 2007

Microsoft Office Proof (Danish) 2007

Microsoft Office Proof (Dutch) 2007

Microsoft Office Proof (English) 2007

Microsoft Office Proof (Estonian) 2007

Microsoft Office Proof (Finnish) 2007

Microsoft Office Proof (French) 2007

Microsoft Office Proof (Galician) 2007

Microsoft Office Proof (German) 2007

Microsoft Office Proof (Greek) 2007

Microsoft Office Proof (Gujarati) 2007

Microsoft Office Proof (Hebrew) 2007

Microsoft Office Proof (Hindi) 2007

Microsoft Office Proof (Hungarian) 2007

Microsoft Office Proof (Italian) 2007

Microsoft Office Proof (Japanese) 2007

Microsoft Office Proof (Kannada) 2007

Microsoft Office Proof (Korean) 2007

Microsoft Office Proof (Latvian) 2007

Microsoft Office Proof (Lithuanian) 2007

Microsoft Office Proof (Marathi) 2007

Microsoft Office Proof (Norwegian (Bokmal)) 2007

Microsoft Office Proof (Norwegian (Nynorsk)) 2007

Microsoft Office Proof (Polish) 2007

Microsoft Office Proof (Portuguese (Brazil)) 2007

Microsoft Office Proof (Portuguese (Portugal)) 2007

Microsoft Office Proof (Punjabi) 2007

Microsoft Office Proof (Romanian) 2007

Microsoft Office Proof (Russian) 2007

Microsoft Office Proof (Serbian (Latin)) 2007

Microsoft Office Proof (Slovak) 2007

Microsoft Office Proof (Slovenian) 2007

Microsoft Office Proof (Spanish) 2007

Microsoft Office Proof (Swedish) 2007

Microsoft Office Proof (Tamil) 2007

Microsoft Office Proof (Telugu) 2007

Microsoft Office Proof (Thai) 2007

Microsoft Office Proof (Turkish) 2007

Microsoft Office Proof (Ukrainian) 2007

Microsoft Office Proof (Urdu) 2007

Microsoft Office Proofing (English) 2007

Microsoft Office Proofing Kit 2007

Microsoft Office Proofing Tools Kit 2007

Microsoft Office ProofMUI (English) 2007

Microsoft Office Publisher MUI (English) 2007

Microsoft Office Shared MUI (English) 2007

Microsoft Office Shared Setup Metadata MUI (English) 2007

Microsoft Office Word MUI (English) 2007

Microsoft Silverlight

Microsoft Silverlight 3 SDK

Microsoft SQL Server 2008 Browser

Microsoft SQL Server 2008 R2 Data-Tier Application Framework

Microsoft SQL Server 2008 R2 Data-Tier Application Project

Microsoft SQL Server 2008 R2 Management Objects

Microsoft SQL Server 2008 R2 Transact-SQL Language Service

Microsoft SQL Server Compact 3.5 SP2 ENU

Microsoft SQL Server Database Publishing Wizard 1.4

Microsoft SQL Server System CLR Types

Microsoft Sync Framework SDK v1.0 SP1

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4974

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319

Microsoft Visual F# 2.0 Runtime

Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools

Microsoft Visual Studio 2010 Professional - ENU

Microsoft Visual Studio 2010 SharePoint Developer Tools

Microsoft Visual Studio Macro Tools

Microsoft Visual Studio Tools for Applications 2.0 - ENU

Microsoft Visual Studio Tools for Applications 2.0 Runtime

Microsoft WSE 3.0 Runtime

Microsoft_VC80_ATL_x86

Microsoft_VC80_CRT_x86

Microsoft_VC80_MFC_x86

Microsoft_VC80_MFCLOC_x86

Microsoft_VC90_ATL_x86

Microsoft_VC90_CRT_x86

Microsoft_VC90_MFC_x86

Microsoft_VC90_MFCLOC_x86

Might & Magic Heroes VI

Mp3 Knife 3.2

Need for Speed The Run version 1.0

Notepad++

Nuclear Coffee - VideoGet

PDF Settings CS5

Pro Evolution Soccer 2012

Realtek High Definition Audio Driver

Skype™ 5.5

Songr

Sony Ericsson PC Companion 2.01.217

SopCast 3.4.7

Splash PRO EX

TeamViewer 6

The KMPlayer 3.0.0.1441R2

The Sims™ 3

Total Uninstall 5.10.1

Ubisoft Game Launcher

Uniblue DriverScanner

Visual Basic for Applications ® Core

Visual Basic for Applications ® Core - English

Visual Studio 2008 x64 Redistributables

Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU

Winamp

Winamp Detector Plug-in

Windows Media Player Firefox Plugin

.

==== Event Viewer Messages From Past Week ========

.

30.1.2012 г. 13:37:49, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

30.1.2012 г. 13:37:49, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

30.1.2012 г. 13:37:49, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

30.1.2012 г. 13:37:49, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

30.1.2012 г. 13:37:49, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

29.1.2012 г. 20:27:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

29.1.2012 г. 20:27:26, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

29.1.2012 г. 20:26:57, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050033, 0x00000000000006f8, 0xfffff8000302fa0e). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012912-28095-01.

29.1.2012 г. 19:43:09, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007f (0x0000000000000008, 0x0000000080050033, 0x00000000000006f8, 0xfffff800030a9e16). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012912-27378-01.

29.1.2012 г. 13:46:48, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa80053dcb30, 0xfffffa80053dce10, 0xfffff8000339cf40). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012912-32978-01.

29.1.2012 г. 13:44:56, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc400085b0, 0xffffffffc00000c0, 0x000000007f0df880, 0xfffff880010b6000). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012912-31184-01.

28.1.2012 г. 19:11:57, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the SQL Server (SQLEXPRESS) service to connect.

28.1.2012 г. 19:11:57, Error: Service Control Manager [7000] - The SQL Server (SQLEXPRESS) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.

28.1.2012 г. 19:11:43, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa8005a05060, 0xfffffa8005a05340, 0xfffff800033eaf40). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012812-41075-01.

28.1.2012 г. 19:06:50, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa8005779600, 0xfffffa80057798e0, 0xfffff80003396f40). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 012812-39780-01.

2.2.2012 г. 17:47:29, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2.2.2012 г. 17:47:29, Error: Service Control Manager [7038] - The upnphost service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: The request is not supported. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

2.2.2012 г. 17:47:29, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

2.2.2012 г. 17:47:29, Error: Service Control Manager [7000] - The UPnP Device Host service failed to start due to the following error: The service did not start due to a logon failure.

2.2.2012 г. 17:47:29, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1069" attempting to start the service upnphost with arguments "" in order to run the server: {204810B9-73B2-11D4-BF42-00B0D0118B56}

2.2.2012 г. 17:24:31, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x000000f4 (0x0000000000000003, 0xfffffa8004f1fb30, 0xfffffa8004f1fe10, 0xfffff800033a0f40). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020212-36847-01.

2.2.2012 г. 17:06:01, Error: Microsoft-Windows-WER-SystemErrorReporting [1001] - The computer has rebooted from a bugcheck. The bugcheck was: 0x0000007a (0xfffff6fc40009858, 0xffffffffc000000e, 0x000000001e383860, 0xfffff8800130b648). A dump was saved in: C:\Windows\MEMORY.DMP. Report Id: 020212-49311-01.

.

==== End Of File ===========================

Благодаря Ви предварително и се надявам да ми помогнете!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!В този подраздел ще проверим дали системата ви е заразена и дали проблема се дължи на зловреден софтуер....!

Публикувано изображение Изтеглете OTL.exe и го запазете на десктопа.

  • Стартирайте OTL (ако е необходимо, потвърдете през UAC).
  • Направете следните настройки:
  • Сложете отметка пред Scan All Users Публикувано изображение
  • Под менюто File Age => изберете 90 days
  • Под менюто Standard Registry => променете на ALL
  • Сложете отметки пред LOP и Purity Check
Публикувано изображение Под Публикувано изображение с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

netsvcs
msconfig
safebootminimal
safebootnetwork
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\AppData\Local\*.*
%USERPROFILE%\AppData\Roaming\*.*
%ProgramData%\*.*
%CommonProgramFiles%\*.*
%PROGRAMFILES%\*.*
%systemroot%\system32\config\systemprofile\AppData\Local\*.*
%windir%\SysWOW64\config\systemprofile\AppData\Local\*.*
%windir%\ServiceProfiles\LocalService\AppData\Local\Temp\*.*
%windir%\ServiceProfiles\NetworkService\AppData\Local\Temp\*.*
%windir%\temp\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\syswow64\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\syswow64\drivers\*.sys /90
%systemroot%\syswow64\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /mp /s
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\GAC_32\*.* /S /MD5
%systemroot%\assembly\GAC_64\*.* /S /MD5
%SystemRoot%\assembly\GAC_MSIL\*.* /S /MD5
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems /s
/md5start
explorer.exe
lsass.exe
svchost.exe
wininit.exe
winlogon.exe
userinit.exe
atapi.sys
iaStor.sys
serial.sys
volsnap.sys
disk.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
hlp.dat
/md5stop
  • Натиснете маркираният в синьо бутон: Run Scan.
  • Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията "прикачени файлове", когато публикувате мнение).
  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Стартирайте отново OTL, копирайте (Copy) и поставете (Paste) скриптовия текст от текстовото поле по-долу под колонката Custom Scans/Fixes, като не забравяте да копирате скрипта 1 към 1, както и двете точки преди първия ред на скрипта.

:OTL
O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O33 - MountPoints2\G\Shell - "" = AutoRun
O33 - MountPoints2\G\Shell\AutoRun\command - "" = G:\INTRO.EXE
[2012.01.05 23:24:58 | 000,000,088 | RHS- | M] () -- C:\ProgramData\4C7CAB9D5F.sys
@Alternate Data Stream - 152 bytes -> C:\ProgramData\TEMP:0B4227B4

:Reg

:files

autorun.inf /alldrives
autorun.exe /alldrives
recycler /alldrives
ipconfig /flushdns /c

:Commands
[purity]
[emptytemp]
[resethosts]
[clearallrestorepoints]
[emptyflash]
[Reboot]

Публикувано изображение След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

Windows ще се рестартира и ще се създаде лог файл. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето лога:

All processes killed

========== OTL ==========

Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad\\WebCheck deleted successfully.

Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{E6FB5E20-DE35-11CF-9C87-00AA005127ED}\ not found.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ deleted successfully.

Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G\ not found.

File G:\INTRO.EXE not found.

C:\ProgramData\4C7CAB9D5F.sys moved successfully.

ADS C:\ProgramData\TEMP:0B4227B4 deleted successfully.

========== REGISTRY ==========

========== FILES ==========

autorun.inf not found in C:\

autorun.inf not found in D:\

autorun.inf not found in E:\

autorun.exe not found in C:\

autorun.exe not found in D:\

autorun.exe not found in E:\

recycler not found in C:\

recycler not found in D:\

recycler not found in E:\

< ipconfig /flushdns /c >

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

C:\Users\special2\Downloads\cmd.bat deleted successfully.

C:\Users\special2\Downloads\cmd.txt deleted successfully.

========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Classic .NET AppPool

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56475 bytes

User: Default

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56475 bytes

User: Default User

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 0 bytes

User: DefaultAppPool

->Temp folder emptied: 0 bytes

->Temporary Internet Files folder emptied: 0 bytes

->Flash cache emptied: 56475 bytes

User: Public

User: special2

->Temp folder emptied: 2138392174 bytes

->Temporary Internet Files folder emptied: 3554230168 bytes

->Google Chrome cache emptied: 296736664 bytes

->Flash cache emptied: 80193 bytes

%systemdrive% .tmp files removed: 0 bytes

%systemroot% .tmp files removed: 0 bytes

%systemroot%\System32 .tmp files removed: 0 bytes

%systemroot%\System32 (64bit) .tmp files removed: 0 bytes

%systemroot%\System32\drivers .tmp files removed: 0 bytes

Windows Temp folder emptied: 283306 bytes

%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 50333 bytes

RecycleBin emptied: 1365142625 bytes

Total Files Cleaned = 7 014,00 mb

C:\Windows\System32\drivers\etc\Hosts moved successfully.

HOSTS file reset successfully

Restore point Set: OTL Restore Point

[EMPTYFLASH]

User: All Users

User: Classic .NET AppPool

->Flash cache emptied: 0 bytes

User: Default

->Flash cache emptied: 0 bytes

User: Default User

->Flash cache emptied: 0 bytes

User: DefaultAppPool

->Flash cache emptied: 0 bytes

User: Public

User: special2

->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb

OTL by OldTimer - Version 3.2.31.0 log created on 02042012_201919

Files\Folders moved on Reboot...

C:\Users\special2\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

Registry entries deleted on Reboot...


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Total Files Cleaned = 7 014,00 mb

Седем гигабайта изчистихме..Сега:

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук

* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

* Ако има намерени обновявания, тя ще ги изтегли и инсталира.

* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето резултата: Malwarebytes Anti-Malware (PRO) 1.60.1.1000 www.malwarebytes.org Database version: v2012.02.04.03 Windows 7 Service Pack 1 x64 NTFS Internet Explorer 9.0.8112.16421 special2 :: SPECIAL2-PC [administrator] Protection: Enabled 4.2.2012 г. 20:41:39 ч. mbam-log-2012-02-04 (20-41-39).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 530908 Time elapsed: 1 hour(s), 23 minute(s), 3 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 4 C:\Program Files (x86)\Hard Disk Sentinel\hard.disk.sentinel.pro-MPT.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully. D:\Downloads\Hard Disk Sentinel Pro 3.70 Build 4981\patch\hard.disk.sentinel.pro-MPT.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully. D:\Downloads\WebcamMax 7.5.2.2\Lz0\patch.exe (PUP.Hacktool.Patcher) -> Quarantined and deleted successfully. E:\Games\MDK2 HD\TDU1k.exe (Packer.ModifiedUPX) -> Quarantined and deleted successfully. (end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ами в момента не го ползвам много тъй като съм вкъщи и все съм на настолния. Ще бъда на него няколко дена да видя как се нещата, но и преди се е случвало и с дни да няма проблеми и после пак...Благодаря за отделеното време. Ако има нещо ще съобщя. :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Разбрах....но бъдете сигурен че ако проблемът се повтори,той не се дължи на зловреден софтуер..!Лек ден..! :)

  • Харесва ми 1

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.