съмнение за вирус

8 октомври 201213 г.

Здравейте!Мисля че имам вирус ,когато вляза в Mozilla firefox и ми изскача прозорче доло в средата на страницата (пускам ви снимка) .Интернета ми стана доста по-бавен ,а антивирусната не намира нищо.Ще съм ви благодарна ,ако ми помгнете

Цитирай

8 октомври 201213 г.

Здравейте,

По-принцип за такива рекламни прозорци Mozilla предлага доста добри добавки като Adblock Plus и NoScript които е добре да инсталирате...

Все пак да направим 3-4 проверки:

СТЪПКА 1

Стартирайте отново програмата AdwCleaner (by Xplode).

Затворете всички стартирани програми и браузъри
Кликнете два пъти върху adwcleaner.exe за да стартирате инструмента.
Този път маркирайте Search
Вашият компютър ще се рестартира автоматично. Текстовия файл ще се отвори след рестарта.
Моля, да публикувате съдържанието на този лог в отговора си
Можете да намерите лога,който автоматично се запомня тук C:\AdwCleaner[s1].txt.

СТЪПКА 2

Следвайте следната инструкция за проверка с GooredFix:

Изтеглете GooredFix, миръри: тук и тук.
Запазете го на десктопа.
Затворете всички браузъри и стартирайте GooredFix.exe.
Потвърдете с Yes, за да започне сканирането.
GooredFix ще провери за инфекции и след това ще се появи лог (GooredFix.txt). Копирайте (Copy) и поставете (Paste) резултатите от сканирането в следващия си коментар.

СТЪПКА 3

Изтеглете OTL.exe и го запазете на десктопа.

Стартирайте OTL (ако е необходимо, потвърдете през UAC).
Направете следните настройки:
Сложете отметка пред Scan All Users
Под менюто File Age изберете 90 days
Под менюто Standard Registry променете на ALL
Сложете отметки пред LOP и Purity Check

Под

с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

netsvcs
msconfig
safebootminimal
safebootnetwork
activex
drivers32
%SYSTEMDRIVE%\*.*
%USERPROFILE%\*.*
%USERPROFILE%\Application Data\*.*
%USERPROFILE%\Application Data\*.
%USERPROFILE%\Local Settings\*.*
%USERPROFILE%\Local Settings\temp\*.exe
%USERPROFILE%\Local Settings\Temporary Internet Files\*.exe
%USERPROFILE%\Local Settings\Application Data\*.*
%AllUsersProfile%\*.*
%AllUsersProfile%\Application Data\*.*
%AllUsersProfile%\Application Data\*.
%AllUsersProfile%\Application Data\Local Settings\*.*
%AllUsersProfile%\Application Data\Local Settings\Temp\*.exe
%ALLUSERSPROFILE%\Documents\My Music\*.exe
%ALLUSERSPROFILE%\Documents\My Pictures\*.exe
%ALLUSERSPROFILE%\Documents\My Videos\*.exe
%ALLUSERSPROFILE%\Documents\*.exe
%USERPROFILE%\My Documents\*.*
%CommonProgramFiles%\*.*
%CommonProgramFiles%\ComObjects*.*
%PROGRAMFILES%\*.*
%PROGRAMFILES%\*.
%systemroot%\system32\config\systemprofile\*.*
%systemroot%\system32\config\systemprofile\Application Data\*.*
%systemroot%\system32\config\systemprofile\\Local Settings\*.*
%systemroot%\system32\config\systemprofile\\Local Settings\Application Data\*.*
%systemroot%\system32\config\systemprofile\\Local Settings\Temp\*.exe
%systemroot%\system32\config\systemprofile\\Local Settings\Temporary Internet Files\*.exe
C:\Documents and Settings\LocalService\Application Data\*.*
C:\Documents and Settings\LocalService\Local Settings\Application Data\*.*
C:\Documents and Settings\LocalService\Local Settings\temp\*.exe
C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\*.exe
C:\Documents and Settings\LocalService\Local Settings\*.*
C:\Documents and Settings\LocalService\*.*
C:\Documents and Settings\NetworkService\Application Data\*.*
C:\Documents and Settings\NetworkService\Local Settings\Application Data\*.*
C:\Documents and Settings\NetworkService\Local Settings\temp\*.exe
C:\Documents and Settings\NetworkService\Local Settings\Temporary Internet Files\*.exe
C:\Documents and Settings\NetworkService\Local Settings\*.*
C:\Documents and Settings\NetworkService\*.*
%windir%\temp\*.exe
%windir%\*.
%windir%\installer\*.
%windir%\system32\*.
%Temp%\smtmp\1\*.*
%Temp%\smtmp\2\*.*
%Temp%\smtmp\3\*.*
%Temp%\smtmp\4\*.*
%systemroot%\system32\*.dll /lockedfiles
%systemroot%\Tasks\*.job /lockedfiles
%systemroot%\system32\drivers\*.sys /90
%systemroot%\system32\drivers\*.sys /lockedfiles
%systemroot%\system32\Spool\prtprocs\w32x86\*.dll
%systemroot%\*. /rp /s
%systemroot%\assembly\tmp\*.* /S /MD5
%systemroot%\assembly\temp\*.* /S /MD5
%systemroot%\assembly\GAC\*.ini
%systemroot%\assembly\GAC_32\*.ini
%SystemRoot%\assembly\GAC_MSIL\*.ini
wsSystemRoot|l,n,u,@;True;False;True;$,{ /fn
%systemdrive%\$Recycle.Bin|@;true;true;true /fp
HKEY_CLASSES_ROOT\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s
HKEY_CLASSES_ROOT\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_CURRENT_USER\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{a2a9545d-a0c2-42b4-9708-a0b2badd77c8} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{7C857801-7381-11CF-884D-00AA004B2E24} /s
HKEY_CLASSES_ROOT\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s
HKEY_CLASSES_ROOT\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s
HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9} /s
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F} /s
HKEY_CURRENT_USER\Software\Classes\clsid\{12d0253a-7c96-815c-11e0-3034bbd97cc0}] /s
HKEY_CURRENT_USER\Software\MSOLoad /s
>C:\commands.txt echo list vol /raw /hide /c
/wait
>C:\DiskReport.txt diskpart /s C:\commands.txt /raw /hide /c
/wait
type c:\diskreport.txt /c
/wait
erase c:\commands.txt /hide /c
/wait
erase c:\diskreport.txt /hide /c
/md5start
eventlog.dll
scecli.dll
netlogon.dll
cngaudit.dll
sceclt.dll
ntelogon.dll
logevent.dll
consrv.dll
services.exe
svchost.exe
explorer.exe
userinit.exe
winlogon.exe
smss.exe
lsass.exe
atapi.sys
iaStor.sys
serial.sys
disk.sys
volsnap.sys
redbook.sys
i8042prt.sys
afd.sys
netbt.sys
tcpip.sys
ipsec.sys
hlp.dat
str.sys
crexv.ocx
/md5stop

Натиснете маркираният в синьо бутон: Run Scan.
Като приключи проверката, ще се създадат два файла - OTL.Txt и Extras.Txt. Прикачете тези два файла в следващия си коментар (погледнете опцията Прикачени файлове, когато публикувате мнение).

СТЪПКА 4

Изтеглете Malwarebytes' Anti-Malware

* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

* Ако има намерени обновявания, тя ще ги изтегли и инсталира.

* Стартирайте програмата и изберете "Perform Quick Scan", след това кликнете на Scan.

* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог.

* Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Цитирай

8 октомври 201213 г.

Автор

***** [Files / Folders] ***** File Found : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultsearchpluginsbProtect.xml File Found : C:Program FilesMozilla Firefoxsearchpluginsbabylon.xml File Found : C:Program FilesMozilla FireFoxsearchpluginsSearch_Results.xml File Found : C:user.js File Found : C:WINDOWSTasksScheduled Update for Ask Toolbar.job Folder Found : C:Documents and SettingsAll UsersApplication DataBabylon Folder Found : C:Documents and SettingsAll UsersApplication Databoost_interprocess Folder Found : C:Documents and SettingsAll UsersApplication DataIBUpdaterService Folder Found : C:Documents and SettingsDesiApplication DataBabylon Folder Found : C:Documents and SettingsDesiApplication DataeType Folder Found : C:Documents and SettingsDesiApplication Datafacemoods.com Folder Found : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultextensionsffxtlbr@babylon.com Folder Found : C:Documents and SettingsDesiApplication DataOpenCandy Folder Found : C:Documents and SettingsDesiApplication DataPriceGong Folder Found : C:Documents and SettingsDesiLocal SettingsApplication DataAskToolbar Folder Found : C:Documents and SettingsDesiLocal SettingsApplication DataBS_Player Folder Found : C:Documents and SettingsDesiLocal SettingsApplication DataConduit Folder Found : C:Documents and SettingsDesiLocal SettingsApplication DataConduitEngine Folder Found : C:Documents and SettingsDesiLocal SettingsApplication DataIMVU_Inc Folder Found : C:Documents and SettingsDesiStart MenuProgramseType Folder Found : C:Program FilesAsk.com Folder Found : C:Program FilesBabylon Folder Found : C:Program FilesBS_Player Folder Found : C:Program FilesConduitEngine Folder Found : C:Program FilesDAEMON Tools Toolbar Folder Found : C:Program FilesIMVU_Inc Folder Found : C:Program Filessearchcore toolbar Folder Found : C:WINDOWSInstaller{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registry] ***** Key Found : HKCUSoftwareAPN Key Found : HKCUSoftwareAppDataLowAskToolbarInfo Key Found : HKCUSoftwareAsk.com Key Found : HKCUSoftwareAskToolbar Key Found : HKCUSoftwareBS_Player Key Found : HKCUSoftwareConduit Key Found : HKCUSoftwareDataMngr Key Found : HKCUSoftwareDataMngr_Toolbar Key Found : HKCUSoftwareDSNR Labs Key Found : HKCUSoftwareIMVU_Inc Key Found : HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Found : HKCUSoftwareMicrosoftInternet ExplorerMenuExt&Search Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0D7562AE-8EF6-416D-A838-AB665251703A} Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} Key Found : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{D0F4A166-B8D4-48b8-9D63-80849FE137CB} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2EECD738-5844-4A99-B4B6-146BF802613B} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{32099AAC-C132-4136-9E9A-4E364A424E17} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{64182481-4F71-486B-A045-B233BD0DA8FC} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{7DA17D5A-5718-4130-A605-FC316C827836} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98889811-442D-49DD-99D7-DC866BE87DBC} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} Key Found : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Found : HKCUSoftwarePriceGong Key Found : HKCUSoftwareSoftonic Key Found : HKCUToolbar Key Found : HKLMSoftwareAPN Key Found : HKLMSoftwareAskToolbar Key Found : HKLMSoftwareBabylon Key Found : HKLMSoftwareBabylonToolbar Key Found : HKLMSoftwarebProtector Key Found : HKLMSoftwareBS_Player Key Found : HKLMSOFTWAREClassesAppID{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Found : HKLMSOFTWAREClassesAppID{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Found : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Found : HKLMSOFTWAREClassesAppIDGenericAskToolbar.DLL Key Found : HKLMSOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC} Key Found : HKLMSOFTWAREClassesCLSID{069DFAA5-C441-437C-88D4-2B6348BA9E20} Key Found : HKLMSOFTWAREClassesCLSID{3A1EACCE-7A54-4793-9EB4-2AE8834CF290} Key Found : HKLMSOFTWAREClassesCLSID{7DA17D5A-5718-4130-A605-FC316C827836} Key Found : HKLMSOFTWAREClassesCLSID{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Found : HKLMSOFTWAREClassesCLSID{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Found : HKLMSOFTWAREClassesCLSID{B242715B-F28F-4C52-B354-9D51C48F3C6B} Key Found : HKLMSOFTWAREClassesCLSID{CF23FCF2-168A-4760-9703-B6D76D856CCD} Key Found : HKLMSOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLMSOFTWAREClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Found : HKLMSOFTWAREClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Found : HKLMSOFTWAREClassesConduit.Engine Key Found : HKLMSOFTWAREClassesescort.escrtBtn.1 Key Found : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd Key Found : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd.1 Key Found : HKLMSOFTWAREClassesIMsiDe1egate.Application.1 Key Found : HKLMSOFTWAREClassesInstallerFeaturesA28B4D68DEBAA244EB686953B7074FEF Key Found : HKLMSOFTWAREClassesInstallerProducts3192AA38321C641458DBDAF83979D193 Key Found : HKLMSOFTWAREClassesInstallerProductsA28B4D68DEBAA244EB686953B7074FEF Key Found : HKLMSOFTWAREClassesInterface{6C434537-053E-486D-B62A-160059D9D456} Key Found : HKLMSOFTWAREClassesInterface{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Found : HKLMSOFTWAREClassesInterface{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Found : HKLMSOFTWAREClassesInterface{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Found : HKLMSOFTWAREClassesInterface{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Found : HKLMSOFTWAREClassesInterface{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Found : HKLMSOFTWAREClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Found : HKLMSOFTWAREClassesInterface{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Found : HKLMSOFTWAREClassesToolbar.CT1460988 Key Found : HKLMSOFTWAREClassesToolbar.CT1750559 Key Found : HKLMSOFTWAREClassesToolbar.CT2612669 Key Found : HKLMSOFTWAREClassesTypeLib{09C554C3-109B-483C-A06B-F14172F1A947} Key Found : HKLMSOFTWAREClassesTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Found : HKLMSoftwareConduit Key Found : HKLMSoftwareDataMngr Key Found : HKLMSOFTWAREGoogleChromeExtensionsdhkplhfnhceodhffomolpfigojocbpcb Key Found : HKLMSoftwareIMVU_Inc Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{04E0D2FC-9A61-41ED-8D71-39745C1E15F7} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{968AD610-56B6-4C4A-AA52-AA095714005F} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A1E41BEA-4F0D-4434-B823-A7A5B1F974D7} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Found : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{E0E2E1B6-D7F9-4D03-B828-1C3F5FD5D044} Key Found : HKLMSOFTWAREMicrosoftShared ToolsMSConfigstartupregApnUpdater Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{83AA2913-C123-4146-85BD-AD8F93971D39} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheBabylonToolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheBS_Player Toolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheconduitEngine Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheIMVU_Inc Toolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheUpdater Service Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheWindows Searchcore Toolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7DA17D5A-5718-4130-A605-FC316C827836} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{069DFAA5-C441-437C-88D4-2B6348BA9E20} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{3A1EACCE-7A54-4793-9EB4-2AE8834CF290} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193 Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsA28B4D68DEBAA244EB686953B7074FEF Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{83AA2913-C123-4146-85BD-AD8F93971D39} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallIMVU_Inc Toolbar Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallUpdater Service Key Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallWindows Searchcore Toolbar Key Found : HKLMSoftwareSearchcoreMediabarTb Key Found : HKLMSOFTWARESoftware Key Found : HKUS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{0D7562AE-8EF6-416D-A838-AB665251703A} Key Found : HKUS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Found : HKUS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Found : HKUS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} Key Found : HKUS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Value Found : HKCUSoftwareMicrosoftInternet ExplorerExtensionsCmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Found : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Found : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Found : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{AF6AC4F2-9825-4FB6-A600-92BC5361F209}] Value Found : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Found : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Found : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [DataMngr] ***** [internet Browsers] ***** - Internet Explorer v6.0.2900.2180 [HKCUSoftwareMicrosoftInternet ExplorerMain - Search Bar] = hxxp://dts.search-results.com/sidebar.html?src=ssb&appid=151111&systemid=426&sr=0 [HKCUSoftwareMicrosoftInternet ExplorerMain - bProtector Start Page] = hxxp://search.babylon.com/?affID=115881&tt=3812_3&babsrc=HP_ss&mntrId=ec98b2f000000000000000c02625b5a4 [HKCUSoftwareMicrosoftInternet ExplorerSearch - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms} [HKLMSOFTWAREMicrosoftInternet ExplorerSearch - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms} - Mozilla Firefox v15.0.1 (bg) Profile name : default File : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultprefs.js Found : user_pref("extensions.BabylonToolbar.admin", false); Found : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Found : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Found : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Found : user_pref("extensions.BabylonToolbar.babExt", ""); Found : user_pref("extensions.BabylonToolbar.babTrack", "affID=115881&tt=3812_3"); Found : user_pref("extensions.BabylonToolbar.babext", "babExt"); Found : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Found : user_pref("extensions.BabylonToolbar.bbDpng", "9"); Found : user_pref("extensions.BabylonToolbar.cntry", "BG"); Found : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Found : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Found : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Found : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Found : user_pref("extensions.BabylonToolbar.excTlbr", false); Found : user_pref("extensions.BabylonToolbar.firstrun", false); Found : user_pref("extensions.BabylonToolbar.hdrMd5", "C4C90097291CEBD90859D32451CDE872"); Found : user_pref("extensions.BabylonToolbar.hmpg", false); Found : user_pref("extensions.BabylonToolbar.hrdid", "ec98b2f000000000000000c02625b5a4"); Found : user_pref("extensions.BabylonToolbar.id", "ec98b2f000000000000000c02625b5a4"); Found : user_pref("extensions.BabylonToolbar.instlDay", "15604"); Found : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Found : user_pref("extensions.BabylonToolbar.instlday", "15604"); Found : user_pref("extensions.BabylonToolbar.instlref", "sst"); Found : user_pref("extensions.BabylonToolbar.isdcmntcmplt", false); Found : user_pref("extensions.BabylonToolbar.keywordurl", ""); Found : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1213:40:30"); Found : user_pref("extensions.BabylonToolbar.lastdp", 1); Found : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Found : user_pref("extensions.BabylonToolbar.newTab", false); Found : user_pref("extensions.BabylonToolbar.newtab", "false"); Found : user_pref("extensions.BabylonToolbar.newtaburl", ""); Found : user_pref("extensions.BabylonToolbar.pnu_base", "{"newVrsn":"36","lastVrsn":"36","vrsnLoad[...] Found : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Found : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Found : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Found : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Found : user_pref("extensions.BabylonToolbar.sg", "czb"); Found : user_pref("extensions.BabylonToolbar.smplGrp", "czb"); Found : user_pref("extensions.BabylonToolbar.smplgrp", "czb"); Found : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar.srcext", "ss"); Found : user_pref("extensions.BabylonToolbar.srch", ""); Found : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Found : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Found : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Found : user_pref("extensions.BabylonToolbar.tlbrid", "base"); Found : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Found : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Found : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1213:40:30"); Found : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Found : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1213:40:30"); Found : user_pref("extensions.BabylonToolbar_i.babExt", ""); Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115881&tt=3812_3"); Found : user_pref("extensions.BabylonToolbar_i.newTab", false); Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1213:40:30"); Found : user_pref("extensions.enabledAddons", "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10,ffxtlbr@babylon[...] ************************* AdwCleaner[R1].txt - [19051 octets] - [09/10/2012 02:15:18] ########## EOF - C:AdwCleaner[R1].txt - [19112 octets] ########## GooredFix by jpshortstuff (03.07.10.1) Log created at 02:18 on 09/10/2012 (Desi) Firefox version 15.0.1 (bg) ========== GooredScan ========== ========== GooredLog ========== C:Program FilesMozilla Firefoxextensions {972ce4c6-7e08-4474-a285-3208198ce6fd} [23:43 07/09/2012] C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultextensions [email protected] [21:40 21/09/2012] {b9db16a4-6edc-47ec-a1f4-b86292ed211d} [04:34 17/09/2012] [HKEY_LOCAL_MACHINESoftwareMozillaFirefoxExtensions] "{20a82645-c095-46ed-80e3-08825760534b}"="c:WINDOWSMicrosoft.NETFrameworkv3.5Windows Presentation FoundationDotNetAssistantExtension" [03:11 06/12/2009] "{27182e60-b5f3-411c-b545-b44205977502}"="C:Program FilesMicrosoftSearch Enhancement PackSearch HelperfirefoxextensionSearchHelperExtension" [01:33 09/07/2011] "{3252b9ae-c69a-4eaf-9502-dc9c1f6c009e}"="C:Program FilesMicrosoftSearch Enhancement PackDefault ManagerDMExtension" [01:33 09/07/2011] "[email protected]"="C:Program FilesAVAST SoftwareAvastWebRepFF" [10:36 01/10/2012] -=E.O.F=- GooredFix ето и файловете от ОТL

GooredFix.txt

Extras.Txt

OTL.Txt

Цитирай

8 октомври 201213 г.

Oк.

Логът от Gooredfix е чист.

Докато преглеждам лога от OTL, стартирайте отново adwcleaner, но този път изберете Delete.

Съгласете се да рестартирате и след рестарта публикувайте лог файла от проверката.

Очаквам и лога от Malwarebytes.

Цитирай

8 октомври 201213 г.

Автор

Malwarebytes Anti-Malware 1.65.0.1400 www.malwarebytes.org Версия на базата от данни: v2012.10.08.09 Windows XP Service Pack 2 x86 NTFS Internet Explorer 6.0.2900.2180 Desi :: DESITO [администратор] 09.10.2012 г. 02:59:28 mbam-log-2012-10-09 (02-59-28).txt Тип сканиране: Бързо сканиране Включени опции за сканиране: Памет | Автоматично зареждане | Системен регистър | Файлова система | Евристики/Допълнителни | Евристики/Shuriken | PUP | PUM Изключени опции за сканиране: P2P Сканирани обекти: 189403 Изминало време: 10 минута(и), 3 секунда(и) Открити процеси в паметта: 0 (Не бяха открити зловредни обекти) Открити модули в паметта: 0 (Не бяха открити зловредни обекти) Открити ключове в системния регистър: 0 (Не бяха открити зловредни обекти) Открити стойности в системния регистър: 0 (Не бяха открити зловредни обекти) Открити информационни обекти в системния регистър: 0 (Не бяха открити зловредни обекти) Открити папки: 0 (Не бяха открити зловредни обекти) Открити файлове: 0 (Не бяха открити зловредни обекти) (край) # AdwCleaner v2.004 - Logfile created 10/09/2012 at 03:12:22 # Updated 06/10/2012 by Xplode # Operating system : Microsoft Windows XP Service Pack 2 (32 bits) # User : Desi - DESITO # Boot Mode : Normal # Running from : C:Documents and SettingsDesiDesktopadwcleaner.exe # Option [Delete] ***** [services] ***** Stopped & Deleted : IBUpdaterService ***** [Files / Folders] ***** Deleted on reboot : C:Documents and SettingsAll UsersApplication DataIBUpdaterService File Deleted : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultsearchpluginsbProtect.xml File Deleted : C:Program FilesMozilla Firefoxsearchpluginsbabylon.xml File Deleted : C:Program FilesMozilla FireFoxsearchpluginsSearch_Results.xml File Deleted : C:user.js File Deleted : C:WINDOWSTasksScheduled Update for Ask Toolbar.job Folder Deleted : C:Documents and SettingsAll UsersApplication DataBabylon Folder Deleted : C:Documents and SettingsAll UsersApplication Databoost_interprocess Folder Deleted : C:Documents and SettingsDesiApplication DataBabylon Folder Deleted : C:Documents and SettingsDesiApplication DataeType Folder Deleted : C:Documents and SettingsDesiApplication Datafacemoods.com Folder Deleted : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultextensionsffxtlbr@babylon.com Folder Deleted : C:Documents and SettingsDesiApplication DataOpenCandy Folder Deleted : C:Documents and SettingsDesiApplication DataPriceGong Folder Deleted : C:Documents and SettingsDesiLocal SettingsApplication DataAskToolbar Folder Deleted : C:Documents and SettingsDesiLocal SettingsApplication DataBS_Player Folder Deleted : C:Documents and SettingsDesiLocal SettingsApplication DataConduit Folder Deleted : C:Documents and SettingsDesiLocal SettingsApplication DataConduitEngine Folder Deleted : C:Documents and SettingsDesiLocal SettingsApplication DataIMVU_Inc Folder Deleted : C:Documents and SettingsDesiStart MenuProgramseType Folder Deleted : C:Program FilesAsk.com Folder Deleted : C:Program FilesBabylon Folder Deleted : C:Program FilesBS_Player Folder Deleted : C:Program FilesConduitEngine Folder Deleted : C:Program FilesDAEMON Tools Toolbar Folder Deleted : C:Program FilesIMVU_Inc Folder Deleted : C:Program Filessearchcore toolbar Folder Deleted : C:WINDOWSInstaller{86D4B82A-ABED-442A-BE86-96357B70F4FE} ***** [Registry] ***** Key Deleted : HKCUSoftwareAPN Key Deleted : HKCUSoftwareAppDataLowAskToolbarInfo Key Deleted : HKCUSoftwareAsk.com Key Deleted : HKCUSoftwareAskToolbar Key Deleted : HKCUSoftwareBS_Player Key Deleted : HKCUSoftwareConduit Key Deleted : HKCUSoftwareDataMngr Key Deleted : HKCUSoftwareDataMngr_Toolbar Key Deleted : HKCUSoftwareDSNR Labs Key Deleted : HKCUSoftwareIMVU_Inc Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerMenuExt&Search Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{0D7562AE-8EF6-416D-A838-AB665251703A} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{171DEBEB-C3D4-40B7-AC73-056A5EBA4A7E} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{1F096B29-E9DA-4D64-8D63-936BE7762CC5} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} Key Deleted : HKCUSoftwareMicrosoftInternet ExplorerSearchScopes{AFDBDDAA-5D3F-42EE-B79C-185A7020515B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtSettings{D0F4A166-B8D4-48b8-9D63-80849FE137CB} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{2EECD738-5844-4A99-B4B6-146BF802613B} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{32099AAC-C132-4136-9E9A-4E364A424E17} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{64182481-4F71-486B-A045-B233BD0DA8FC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{7DA17D5A-5718-4130-A605-FC316C827836} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{98889811-442D-49DD-99D7-DC866BE87DBC} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{DB4E9724-F518-4DFD-9C7C-78B52103CAB9} Key Deleted : HKCUSoftwareMicrosoftWindowsCurrentVersionExtStats{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKCUSoftwarePriceGong Key Deleted : HKCUSoftwareSoftonic Key Deleted : HKCUToolbar Key Deleted : HKLMSoftwareAPN Key Deleted : HKLMSoftwareAskToolbar Key Deleted : HKLMSoftwareBabylon Key Deleted : HKLMSoftwareBabylonToolbar Key Deleted : HKLMSoftwarebProtector Key Deleted : HKLMSoftwareBS_Player Key Deleted : HKLMSOFTWAREClassesAppID{5B1881D1-D9C7-46DF-B041-1E593282C7D0} Key Deleted : HKLMSOFTWAREClassesAppID{9B0CB95C-933A-4B8C-B6D4-EDCD19A43874} Key Deleted : HKLMSOFTWAREClassesAppID{BDB69379-802F-4EAF-B541-F8DE92DD98DB} Key Deleted : HKLMSOFTWAREClassesAppIDGenericAskToolbar.DLL Key Deleted : HKLMSOFTWAREClassesCLSID{00000000-6E41-4FD3-8538-502F5495E5FC} Key Deleted : HKLMSOFTWAREClassesCLSID{069DFAA5-C441-437C-88D4-2B6348BA9E20} Key Deleted : HKLMSOFTWAREClassesCLSID{3A1EACCE-7A54-4793-9EB4-2AE8834CF290} Key Deleted : HKLMSOFTWAREClassesCLSID{7DA17D5A-5718-4130-A605-FC316C827836} Key Deleted : HKLMSOFTWAREClassesCLSID{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Deleted : HKLMSOFTWAREClassesCLSID{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Deleted : HKLMSOFTWAREClassesCLSID{B242715B-F28F-4C52-B354-9D51C48F3C6B} Key Deleted : HKLMSOFTWAREClassesCLSID{CF23FCF2-168A-4760-9703-B6D76D856CCD} Key Deleted : HKLMSOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLMSOFTWAREClassesCLSID{E46C8196-B634-44A1-AF6E-957C64278AB1} Key Deleted : HKLMSOFTWAREClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREClassesConduit.Engine Key Deleted : HKLMSOFTWAREClassesescort.escrtBtn.1 Key Deleted : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd Key Deleted : HKLMSOFTWAREClassesGenericAskToolbar.ToolbarWnd.1 Key Deleted : HKLMSOFTWAREClassesIMsiDe1egate.Application.1 Key Deleted : HKLMSOFTWAREClassesInstallerFeaturesA28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLMSOFTWAREClassesInstallerProducts3192AA38321C641458DBDAF83979D193 Key Deleted : HKLMSOFTWAREClassesInstallerProductsA28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLMSOFTWAREClassesInterface{6C434537-053E-486D-B62A-160059D9D456} Key Deleted : HKLMSOFTWAREClassesInterface{813A22E0-3E2B-4188-9BDA-ECA9878B8D48} Key Deleted : HKLMSOFTWAREClassesInterface{91CF619A-4686-4CA4-9232-3B2E6B63AA92} Key Deleted : HKLMSOFTWAREClassesInterface{A9379648-F6EB-4F65-A624-1C10411A15D0} Key Deleted : HKLMSOFTWAREClassesInterface{AC71B60E-94C9-4EDE-BA46-E146747BB67E} Key Deleted : HKLMSOFTWAREClassesInterface{BCFF5F55-6F44-11D2-86F8-00104B265ED5} Key Deleted : HKLMSOFTWAREClassesInterface{BFE569F7-646C-4512-969B-9BE3E580D393} Key Deleted : HKLMSOFTWAREClassesInterface{F16AB1DB-15C0-4456-A29E-4DF24FB9E3D2} Key Deleted : HKLMSOFTWAREClassesToolbar.CT1460988 Key Deleted : HKLMSOFTWAREClassesToolbar.CT1750559 Key Deleted : HKLMSOFTWAREClassesToolbar.CT2612669 Key Deleted : HKLMSOFTWAREClassesTypeLib{09C554C3-109B-483C-A06B-F14172F1A947} Key Deleted : HKLMSOFTWAREClassesTypeLib{2996F0E7-292B-4CAE-893F-47B8B1C05B56} Key Deleted : HKLMSoftwareConduit Key Deleted : HKLMSoftwareDataMngr Key Deleted : HKLMSOFTWAREGoogleChromeExtensionsdhkplhfnhceodhffomolpfigojocbpcb Key Deleted : HKLMSoftwareIMVU_Inc Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{04E0D2FC-9A61-41ED-8D71-39745C1E15F7} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{968AD610-56B6-4C4A-AA52-AA095714005F} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A1E41BEA-4F0D-4434-B823-A7A5B1F974D7} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerLow RightsElevationPolicy{E0E2E1B6-D7F9-4D03-B828-1C3F5FD5D044} Key Deleted : HKLMSOFTWAREMicrosoftShared ToolsMSConfigstartupregApnUpdater Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{83AA2913-C123-4146-85BD-AD8F93971D39} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCache{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheBabylonToolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheBS_Player Toolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheconduitEngine Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheIMVU_Inc Toolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheUpdater Service Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionApp ManagementARPCacheWindows Searchcore Toolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7DA17D5A-5718-4130-A605-FC316C827836} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{90B49673-5506-483E-B92B-CA0265BD9CA8} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{AF6AC4F2-9825-4FB6-A600-92BC5361F209} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{069DFAA5-C441-437C-88D4-2B6348BA9E20} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionExtPreApproved{3A1EACCE-7A54-4793-9EB4-2AE8834CF290} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18Products3192AA38321C641458DBDAF83979D193 Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionInstallerUserDataS-1-5-18ProductsA28B4D68DEBAA244EB686953B7074FEF Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{83AA2913-C123-4146-85BD-AD8F93971D39} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstall{E55E7026-EF2A-4A17-AAA7-DB98EA3FD1B1} Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallIMVU_Inc Toolbar Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallUpdater Service Key Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallWindows Searchcore Toolbar Key Deleted : HKLMSoftwareSearchcoreMediabarTb Key Deleted : HKLMSOFTWARESoftware Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerExtensionsCmdMapping [{F72841F0-4EF1-4df5-BCE5-B3AC8ACF5478}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{32099AAC-C132-4136-9E9A-4E364A424E17}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerToolbarWebBrowser [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Deleted : HKCUSoftwareMicrosoftInternet ExplorerURLSearchHooks [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{90B49673-5506-483E-B92B-CA0265BD9CA8}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{AF6AC4F2-9825-4FB6-A600-92BC5361F209}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{D4027C7F-154A-4066-A1AD-4243D8127440}] Value Deleted : HKLMSOFTWAREMicrosoftInternet ExplorerToolbar [{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5}] Value Deleted : HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun [DataMngr] ***** [internet Browsers] ***** - Internet Explorer v6.0.2900.2180 Replaced : [HKCUSoftwareMicrosoftInternet ExplorerMain - Search Bar] = hxxp://dts.search-results.com/sidebar.html?src=ssb&appid=151111&systemid=426&sr=0 --> hxxp://www.google.com Deleted : [HKCUSoftwareMicrosoftInternet ExplorerMain - bProtector Start Page] Replaced : [HKCUSoftwareMicrosoftInternet ExplorerSearch - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms} --> hxxp://www.google.com Replaced : [HKLMSOFTWAREMicrosoftInternet ExplorerSearch - SearchAssistant] = hxxp://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms} --> hxxp://www.google.com - Mozilla Firefox v15.0.1 (bg) Profile name : default File : C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultprefs.js C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultuser.js ... Deleted ! Deleted : user_pref("extensions.BabylonToolbar.admin", false); Deleted : user_pref("extensions.BabylonToolbar.aflt", "babsst"); Deleted : user_pref("extensions.BabylonToolbar.appId", "{BDB69379-802F-4eaf-B541-F8DE92DD98DB}"); Deleted : user_pref("extensions.BabylonToolbar.autoRvrt", "false"); Deleted : user_pref("extensions.BabylonToolbar.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar.babTrack", "affID=115881&tt=3812_3"); Deleted : user_pref("extensions.BabylonToolbar.babext", "babExt"); Deleted : user_pref("extensions.BabylonToolbar.babtrack", "babTrack"); Deleted : user_pref("extensions.BabylonToolbar.bbDpng", "9"); Deleted : user_pref("extensions.BabylonToolbar.cntry", "BG"); Deleted : user_pref("extensions.BabylonToolbar.dfltLng", "en"); Deleted : user_pref("extensions.BabylonToolbar.dfltlng", "en"); Deleted : user_pref("extensions.BabylonToolbar.dfltsrch", "false"); Deleted : user_pref("extensions.BabylonToolbar.envrmnt", "production"); Deleted : user_pref("extensions.BabylonToolbar.excTlbr", false); Deleted : user_pref("extensions.BabylonToolbar.firstrun", false); Deleted : user_pref("extensions.BabylonToolbar.hdrMd5", "C4C90097291CEBD90859D32451CDE872"); Deleted : user_pref("extensions.BabylonToolbar.hmpg", false); Deleted : user_pref("extensions.BabylonToolbar.hrdid", "ec98b2f000000000000000c02625b5a4"); Deleted : user_pref("extensions.BabylonToolbar.id", "ec98b2f000000000000000c02625b5a4"); Deleted : user_pref("extensions.BabylonToolbar.instlDay", "15604"); Deleted : user_pref("extensions.BabylonToolbar.instlRef", "sst"); Deleted : user_pref("extensions.BabylonToolbar.instlday", "15604"); Deleted : user_pref("extensions.BabylonToolbar.instlref", "sst"); Deleted : user_pref("extensions.BabylonToolbar.isdcmntcmplt", false); Deleted : user_pref("extensions.BabylonToolbar.keywordurl", ""); Deleted : user_pref("extensions.BabylonToolbar.lastVrsnTs", "1.6.9.1213:40:30"); Deleted : user_pref("extensions.BabylonToolbar.lastdp", 1); Deleted : user_pref("extensions.BabylonToolbar.mntrvrsn", "1.3.1"); Deleted : user_pref("extensions.BabylonToolbar.newTab", false); Deleted : user_pref("extensions.BabylonToolbar.newtab", "false"); Deleted : user_pref("extensions.BabylonToolbar.newtaburl", ""); Deleted : user_pref("extensions.BabylonToolbar.pnu_base", "{"newVrsn":"36","lastVrsn":"36","vrsnLoad[...] Deleted : user_pref("extensions.BabylonToolbar.prdct", "BabylonToolbar"); Deleted : user_pref("extensions.BabylonToolbar.prtnrId", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.prtnrid", "babylon"); Deleted : user_pref("extensions.BabylonToolbar.savedVrsnTs", "1"); Deleted : user_pref("extensions.BabylonToolbar.sg", "czb"); Deleted : user_pref("extensions.BabylonToolbar.smplGrp", "czb"); Deleted : user_pref("extensions.BabylonToolbar.smplgrp", "czb"); Deleted : user_pref("extensions.BabylonToolbar.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar.srcext", "ss"); Deleted : user_pref("extensions.BabylonToolbar.srch", ""); Deleted : user_pref("extensions.BabylonToolbar.srchprvdr", ""); Deleted : user_pref("extensions.BabylonToolbar.tlbrId", "base"); Deleted : user_pref("extensions.BabylonToolbar.tlbrSrchUrl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Deleted : user_pref("extensions.BabylonToolbar.tlbrid", "base"); Deleted : user_pref("extensions.BabylonToolbar.tlbrsrchurl", "hxxp://search.babylon.com/?babsrc=TB_def&mntrId=[...] Deleted : user_pref("extensions.BabylonToolbar.vrsn", "1.6.9.12"); Deleted : user_pref("extensions.BabylonToolbar.vrsnTs", "1.6.9.1213:40:30"); Deleted : user_pref("extensions.BabylonToolbar.vrsni", "1.6.9.12"); Deleted : user_pref("extensions.BabylonToolbar.vrsnts", "1.6.9.1213:40:30"); Deleted : user_pref("extensions.BabylonToolbar_i.babExt", ""); Deleted : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=115881&tt=3812_3"); Deleted : user_pref("extensions.BabylonToolbar_i.newTab", false); Deleted : user_pref("extensions.BabylonToolbar_i.smplGrp", "none"); Deleted : user_pref("extensions.BabylonToolbar_i.srcExt", "ss"); Deleted : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.6.9.1213:40:30"); Deleted : user_pref("extensions.enabledAddons", "{b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.9.10,ffxtlbr@babylon[...] ************************* AdwCleaner[R1].txt - [19182 octets] - [09/10/2012 02:15:18] AdwCleaner[s1].txt - [18920 octets] - [09/10/2012 03:12:22] ########## EOF - C:AdwCleaner[s1].txt - [18981 octets] ##########

Цитирай

9 октомври 201213 г.

Вируси не се забелязват, но имате тонове боклуци - тулбари, остатъци от антивирусни програми и т.н.

Стартирайте файла с двукратен клик на мишката.
Под с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

:OTL
PRC - [2011.12.22 03:23:54 | 001,693,120 | ---- | M] (Discordia, LTD) -- C:\Program Files\Searchcore Toolbar\Datamngr\datamngrUI.exe
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://search.foxtab.com/?s=0&chnl=dcom&cd=2XzutBtN2Y1L1QzuyB0AyBzytDyD0A0DtA0F0F0Bzz0BtB0FtDtN0D0TzutBtDtCtCtDzztCtA&cr=1753928832
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
IE - HKLM\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = http://search.foxtab.com/?q={searchTerms}&s=1&chnl=dcom&cd=2XzutBtN2Y1L1QzuyB0AyBzytDyD0A0DtA0F0F0Bzz0BtB0FtDtN0D0TzutBtDtCtCtDzztCtA&cr=1753928832
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,bProtector Start Page = http://search.babylon.com/?affID=115881&tt=3812_3&babsrc=HP_ss&mntrId=ec98b2f000000000000000c02625b5a4
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://dts.search-results.com/sidebar.html?src=ssb&appid=151111&systemid=426&sr=0
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://dts.search-results.com/sr?src=ieb&appid=151111&systemid=426&sr=0&q={searchTerms}
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\URLSearchHook: {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\URLSearchHook: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
E - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{0D7562AE-8EF6-416d-A838-AB665251703A}: "URL" = http://start.facemoods.com/?a=vsl&s={searchTerms}&f=4
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{1F096B29-E9DA-4D64-8D63-936BE7762CC5}: "URL" = http://search.babylon.com/?babsrc=SP_ss&q={searchTerms}&mntrId=ec98b2f00000000000000015589bb6ce&tlver=1.4.19.19&affID=19405
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{36668FFD-7809-43FB-A609-999C5A7AB5FE}: "URL" = http://search.foxtab.com/?q={searchTerms}&s=1&chnl=dcom&cd=2XzutBtN2Y1L1QzuyB0AyBzytDyD0A0DtA0F0F0Bzz0BtB0FtDtN0D0TzutBtDtCtCtDzztCtA&cr=1753928832
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8}: "URL" = http://www.daemon-search.com/search?q={searchTerms}
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9}: "URL" = http://www.daemon-search.com/search/web?q={searchTerms}
IE - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}: "URL" = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2612669
FF - prefs.js..extensions.enabledAddons: [email protected]:1.5.0
[2011.01.11 03:09:56 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Desi\Application Data\Mozilla\Extensions\[email protected]
[2012.09.21 13:40:58 | 000,000,000 | ---D | M] (Babylon) -- C:\Documents and Settings\Desi\Application Data\Mozilla\Firefox\Profiles\090cvkxp.default\extensions\[email protected]
[2012.05.11 17:47:36 | 000,002,352 | ---- | M] () -- C:\Documents and Settings\Desi\Application Data\Mozilla\Firefox\Profiles\090cvkxp.default\searchplugins\bProtect.xml
[2012.09.21 13:39:56 | 000,002,349 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\babylon.xml
[2012.02.25 02:29:12 | 000,002,525 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\Search_Results.xml
O2 - BHO: (DataMngr) - {7DA17D5A-5718-4130-A605-FC316C827836} - C:\Program Files\Searchcore Toolbar\Datamngr\BrowserConnection.dll (Discordia , LTD)
O2 - BHO: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
O2 - BHO: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll ()
O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O2 - BHO: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (IMVU Inc Toolbar) - {90b49673-5506-483e-b92b-ca0265bd9ca8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (Searchcore Toolbar) - {af6ac4f2-9825-4fb6-a600-92bc5361f209} - C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\searchcoredtx.dll ()
O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKLM\..\Toolbar: (BS Player Toolbar) - {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKLM\..\Toolbar: (no name) - 10 - No CLSID value found.
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\.DEFAULT\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-18\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\Toolbar\WebBrowser: (IMVU Inc Toolbar) - {90B49673-5506-483E-B92B-CA0265BD9CA8} - C:\Program Files\IMVU_Inc\prxtbIMV1.dll (Conduit Ltd.)
O3 - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask)
O3 - HKU\S-1-5-21-1177238915-1060284298-725345543-1003\..\Toolbar\WebBrowser: (BS Player Toolbar) - {FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} - C:\Program Files\BS_Player\prxtbBS_2.dll (Conduit Ltd.)
O4 - HKLM..\Run: [DATAMNGR] C:\Program Files\Searchcore Toolbar\Datamngr\datamngrUI.exe (Discordia, LTD)
O4 - HKLM..\Run: [KernelFaultCheck]
O4 - HKU\S-1-5-21-1177238915-1060284298-725345543-1003..\Run: []  File not found
O8 - Extra context menu item: &Search - Reg Error: Value error. File not found
O9 - Extra Button: Run IMVU - {d9288080-1baa-4bc4-9cf8-a92d743db949} - C:\Documents and Settings\Desi\Start Menu\Programs\IMVU\Run IMVU.lnk ()
O9 - Extra Button: Bodog Poker - {F47C1DB5-ED21-4dc1-853E-D1495792D4C5} - C:\Program Files\Bodog Poker\BPGame.exe File not found
MsConfig - StartUpFolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk -  - File not found
MsConfig - StartUpFolder: C:^Documents and Settings^Desi^Start Menu^Programs^Startup^IMVU.lnk - C:\Documents and Settings\Desi\Application Data\IMVUClient\IMVUQualityAgent.exe - ()
MsConfig - StartUpFolder: C:^Documents and Settings^Desi^Start Menu^Programs^Startup^Registration .LNK -  - File not found
MsConfig - StartUpReg: [b]ApnUpdater[/b] - hkey= - key= - C:\Program Files\Ask.com\Updater\Updater.exe (Ask)
MsConfig - StartUpReg: [b]KernelFaultCheck[/b] - hkey= - key= -  File not found
MsConfig - StartUpReg: [b]MsnMsgr[/b] - hkey= - key= -  File not found
MsConfig - StartUpReg: [b]NPSStartup[/b] - hkey= - key= -  File not found
MsConfig - StartUpReg: [b]NVIDIA driver monitor[/b] - hkey= - key= -  File not found
[2012.10.09 02:01:11 | 000,000,232 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job
[2012.05.11 17:47:29 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Babylon
[2012.05.11 17:47:28 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\Babylon
[2011.06.26 12:14:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\facemoods.com
[2012.01.18 23:01:16 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\IMVU
[2011.01.13 14:48:20 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\IMVUClient
[2012.05.11 17:18:11 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\OpenCandy
[2012.10.08 23:25:49 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\PriceGong
[2012.03.21 01:14:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\searchcoreband
[2012.03.21 01:15:08 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Desi\Application Data\searchcoretoolbar
[2011.08.14 23:03:04 | 003,486,088 | ---- | M] (Ask) -- C:\Documents and Settings\Desi\Local Settings\temp\setup.exe
[2012.01.18 23:32:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\McAfee
[2009.11.26 23:58:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Symantec
[2012.01.23 18:25:18 | 000,000,000 | ---D | M] -- C:\Program Files\Ask.com
[2009.12.29 01:21:08 | 000,000,000 | ---D | M] -- C:\Program Files\Babylon
[2012.02.07 19:07:45 | 000,000,000 | ---D | M] -- C:\Program Files\ConduitEngine
[2012.05.11 17:14:18 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar
[2012.02.07 19:07:48 | 000,000,000 | ---D | M] -- C:\Program Files\IMVU_Inc
[2012.01.18 23:18:06 | 000,000,000 | ---D | M] -- C:\Program Files\McAfee Security Scan
[2012.09.07 16:37:37 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Maintenance Service
[2012.02.25 02:30:10 | 000,000,000 | ---D | M] -- C:\Program Files\Searchcore Toolbar
[2009.11.26 23:58:24 | 000,000,000 | ---D | M] -- C:\Program Files\Symantec
[2012.01.29 20:11:54 | 000,000,000 | ---D | M] -- C:\Program Files\Trend Micro
@Alternate Data Stream - 143 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:53DF59D1
@Alternate Data Stream - 141 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:67CF910D
@Alternate Data Stream - 138 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:AA0BC725
@Alternate Data Stream - 125 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:2C678471
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:33B04540
@Alternate Data Stream - 119 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:6FD3C973
@Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:D387C245
:commands
[emptytemp]

След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

Windows ще се рестартира и ще се създаде лог файл - OTL fix log. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

Цитирай

9 октомври 201213 г.

Автор

All processes killed ========== OTL ========== No active process named datamngrUI.exe was found! HKLMSOFTWAREMicrosoftInternet ExplorerMainStart Page| /E : value set successfully! HKLMSOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerSearchScopes{36668FFD-7809-43FB-A609-999C5A7AB5FE} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{36668FFD-7809-43FB-A609-999C5A7AB5FE} not found. HKUS-1-5-21-1177238915-1060284298-725345543-1003SOFTWAREMicrosoftInternet ExplorerMainbProtector Start Page| /E : value set successfully! HKUS-1-5-21-1177238915-1060284298-725345543-1003SOFTWAREMicrosoftInternet ExplorerMainSearch Bar| /E : value set successfully! HKUS-1-5-21-1177238915-1060284298-725345543-1003SOFTWAREMicrosoftInternet ExplorerSearchSearchAssistant| /E : value set successfully! Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerURLSearchHooks{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{1F096B29-E9DA-4D64-8D63-936BE7762CC5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{1F096B29-E9DA-4D64-8D63-936BE7762CC5} not found. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{36668FFD-7809-43FB-A609-999C5A7AB5FE} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{36668FFD-7809-43FB-A609-999C5A7AB5FE} not found. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB8} not found. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{AD22EBAF-0D18-4fc7-90CC-5EA0ABBE9EB9} not found. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerSearchScopes{afdbddaa-5d3f-42ee-b79c-185a7020515b} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{afdbddaa-5d3f-42ee-b79c-185a7020515b} not found. Prefs.js: [email protected]:1.5.0 removed from extensions.enabledAddons C:Documents and SettingsDesiApplication [email protected] folder moved successfully. Folder C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultextensionsffxtlbr@babylon.com not found. File C:Documents and SettingsDesiApplication DataMozillaFirefoxProfiles090cvkxp.defaultsearchpluginsbProtect.xml not found. File C:Program Filesmozilla firefoxsearchpluginsbabylon.xml not found. File C:Program Filesmozilla firefoxsearchpluginsSearch_Results.xml not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{7DA17D5A-5718-4130-A605-FC316C827836} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{7DA17D5A-5718-4130-A605-FC316C827836} not found. File C:Program FilesSearchcore ToolbarDatamngrBrowserConnection.dll not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{af6ac4f2-9825-4fb6-a600-92bc5361f209} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{af6ac4f2-9825-4fb6-a600-92bc5361f209} not found. File C:Program FilesSearchcore ToolbarDatamngrToolBarsearchcoredtx.dll not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. File C:Program FilesAsk.comGenericAskToolbar.dll not found. Registry key HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90b49673-5506-483e-b92b-ca0265bd9ca8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{af6ac4f2-9825-4fb6-a600-92bc5361f209} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{af6ac4f2-9825-4fb6-a600-92bc5361f209} not found. File C:Program FilesSearchcore ToolbarDatamngrToolBarsearchcoredtx.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. File C:Program FilesAsk.comGenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftInternet ExplorerToolbar10 deleted successfully. Registry value HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{90B49673-5506-483E-B92B-CA0265BD9CA8} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90B49673-5506-483E-B92B-CA0265BD9CA8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry value HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. File C:Program FilesAsk.comGenericAskToolbar.dll not found. Registry value HKEY_USERS.DEFAULTSoftwareMicrosoftInternet ExplorerToolbarWebBrowser{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry value HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{90B49673-5506-483E-B92B-CA0265BD9CA8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90B49673-5506-483E-B92B-CA0265BD9CA8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry value HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. File C:Program FilesAsk.comGenericAskToolbar.dll not found. Registry value HKEY_USERSS-1-5-18SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{90B49673-5506-483E-B92B-CA0265BD9CA8} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{90B49673-5506-483E-B92B-CA0265BD9CA8} not found. File C:Program FilesIMVU_IncprxtbIMV1.dll not found. Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{D4027C7F-154A-4066-A1AD-4243D8127440} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{D4027C7F-154A-4066-A1AD-4243D8127440} not found. File C:Program FilesAsk.comGenericAskToolbar.dll not found. Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftInternet ExplorerToolbarWebBrowser{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{FED66DC5-1B74-4A04-8F5C-15C5ACE2B9A5} not found. File C:Program FilesBS_PlayerprxtbBS_2.dll not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunDATAMNGR not found. File C:Program FilesSearchcore ToolbarDatamngrdatamngrUI.exe not found. Registry value HKEY_LOCAL_MACHINESoftwareMicrosoftWindowsCurrentVersionRunKernelFaultCheck not found. File not found. Registry value HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SoftwareMicrosoftWindowsCurrentVersionRun deleted successfully. Registry key HKEY_CURRENT_USERSoftwareMicrosoftInternet ExplorerMenuExt&Search not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{d9288080-1baa-4bc4-9cf8-a92d743db949} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{d9288080-1baa-4bc4-9cf8-a92d743db949} not found. C:Documents and SettingsDesiStart MenuProgramsIMVURun IMVU.lnk moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftInternet ExplorerExtensions{F47C1DB5-ED21-4dc1-853E-D1495792D4C5} deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{F47C1DB5-ED21-4dc1-853E-D1495792D4C5} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^All Users^Start Menu^Programs^Startup^$McRebootA5E6DEAA56$.lnk deleted successfully. C:WINDOWSpss$McRebootA5E6DEAA56$.lnkCommon Startup moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^Desi^Start Menu^Programs^Startup^IMVU.lnk deleted successfully. C:WINDOWSpssIMVU.lnkStartup moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpFolderC:^Documents and Settings^Desi^Start Menu^Programs^Startup^Registration .LNK deleted successfully. C:WINDOWSpssRegistration .LNKStartup moved successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegApnUpdater not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegKernelFaultCheck deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegMsnMsgr deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegNPSStartup deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftShared ToolsMSConfigStartUpRegNVIDIA driver monitor deleted successfully. File C:WINDOWStasksScheduled Update for Ask Toolbar.job not found. Folder C:Documents and SettingsAll UsersApplication DataBabylon not found. Folder C:Documents and SettingsDesiApplication DataBabylon not found. Folder C:Documents and SettingsDesiApplication Datafacemoods.com not found. C:Documents and SettingsDesiApplication DataIMVUPixmapCache folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUHttpCache folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUAssetCache folder moved successfully. C:Documents and SettingsDesiApplication DataIMVU folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuirestrictedad folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuirestricted folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuiprofileextensions folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuiprofileCache folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuiprofile folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuiplugins folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuiextensions folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuidefaultspreferences folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuidefaults folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientuichrome folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientui folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientresources folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientlanguage folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientinstaller folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinreshtml folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinresfonts folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinresentityTables folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinresdtd folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinres folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinmodules folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBingreprefs folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindictionaries folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultsprofileUSchrome folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultsprofileUS folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultsprofilechrome folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultsprofile folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultspref folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaultsautoconfig folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBindefaults folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBincomponents folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBinchrome folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClientGeckoBin folder moved successfully. C:Documents and SettingsDesiApplication DataIMVUClient folder moved successfully. Folder C:Documents and SettingsDesiApplication DataOpenCandy not found. Folder C:Documents and SettingsDesiApplication DataPriceGong not found. C:Documents and SettingsDesiApplication Datasearchcoreband folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarweather folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromewidgetsnet.vmn.www.RadioBeta folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromewidgets folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromenet.vmn.www.RadioBeta folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromecontentwidgetsnet.vmn.www.RadioBeta folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromecontentwidgets folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchromecontent folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbarchrome folder moved successfully. C:Documents and SettingsDesiApplication Datasearchcoretoolbar folder moved successfully. C:Documents and SettingsDesiLocal SettingsTempsetup.exe moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSSecurityScannerMcUICnt folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSSecurityScanner folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSPartnerCustomSSScheduler folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSPartnerCustomMcUICnt folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSPartnerCustomMcCHSvc folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSPartnerCustom folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSMcUICntMcUICnt folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSMcUICnt folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSMcInst folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSCommonMcCHSvc folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGSCommon folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfeeMCLOGS folder moved successfully. C:Documents and SettingsAll UsersApplication DataMcAfee folder moved successfully. C:Documents and SettingsAll UsersApplication DataSymantecNorton AntiVirus folder moved successfully. C:Documents and SettingsAll UsersApplication DataSymantecLiveUpdate folder moved successfully. C:Documents and SettingsAll UsersApplication DataSymantec folder moved successfully. Folder C:Program FilesAsk.com not found. Folder C:Program FilesBabylon not found. Folder C:Program FilesConduitEngine not found. Folder C:Program FilesDAEMON Tools Toolbar not found. Folder C:Program FilesIMVU_Inc not found. C:Program FilesMcAfee Security Scan2.0.181 folder moved successfully. C:Program FilesMcAfee Security Scan folder moved successfully. C:Program FilesMozilla Maintenance Service folder moved successfully. Folder C:Program FilesSearchcore Toolbar not found. C:Program FilesSymantec folder moved successfully. C:Program FilesTrend MicroInternet Security 2006log folder moved successfully. C:Program FilesTrend MicroInternet Security 2006 folder moved successfully. C:Program FilesTrend Micro folder moved successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:53DF59D1 deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:67CF910D deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:AA0BC725 deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:2C678471 deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:33B04540 deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:6FD3C973 deleted successfully. ADS C:Documents and SettingsAll UsersApplication DataTEMP:D387C245 deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Desi ->Temp folder emptied: 147711592 bytes ->Temporary Internet Files folder emptied: 53145789 bytes ->FireFox cache emptied: 88387864 bytes ->Flash cache emptied: 92090 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 46375 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 4314397 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 280,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10092012_034853 FilesFolders moved on Reboot... File move failed. C:WINDOWStemp_avast_Webshlock.txt scheduled to be moved on reboot. C:WINDOWStempPerflib_Perfdata_908.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot...

Цитирай

9 октомври 201213 г.

Забравих да затворя едни портове и да изтрия няколко останки в регистрите:

Стартирайте файла с двукратен клик на мишката.
Под с Copy/ Paste въведете изцяло следната текстова информация (само това, което е поставено в карето):

:reg
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"AntiVirusOverride"=dword:00000000
"FirewallOverride"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Documents and Settings\Desi\My Documents\Downloads\facebook-pic00005267.exe"=-
"C:\Documents and Settings\Desi\Application Data\IMVUClient\1VivoxVoice.exe"=-
"C:\Program Files\Searchcore Toolbar\Datamngr\ToolBar\dtUser.exe"=-
[-HKEY_USERS\S-1-5-21-1177238915-1060284298-725345543-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMVU Avatar chat client software BETA]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BabylonObjectInstaller]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{83AA2913-C123-4146-85BD-AD8F93971D39}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Ask Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{86D4B82A-ABED-442A-BE86-96357B70F4FE}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\BS_Player Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMVU_Inc Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\IMVU Inc Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Searchcore Toolbar]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Searchcore Toolbar]
:commands
[emptytemp]

След като въведете скрипта от цитата по-горе натиснете бутона, маркиран в червено: Run Fix

Windows ще се рестартира и ще се създаде лог файл - OTL fix log. Публикувайте съдържанието му с Copy/Paste в следващия си коментар.

Също така деинсталирайте Daemon Tools временно. След това изтеглете този файл, стартирайте го и изберете Uninstall.

Инсталирайте Daemon Tools отново, но не инсталирайте SPTD драйвъра!

Обновете Windows и до Windows XP Service Pack 3 RTM Build 5512.

Рестартирайте системата.

После пишете как е положението!

Цитирай

9 октомври 201213 г.

Автор

All processes killed ========== REGISTRY ========== HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center"AntiVirusOverride"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity Center"FirewallOverride"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringSymantecFirewall"DisableMonitoring"|dword:00000000 /E : value set successfully! HKEY_LOCAL_MACHINESOFTWAREMicrosoftSecurity CenterMonitoringTrendAntiVirus"DisableMonitoring"|dword:00000000 /E : value set successfully! Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsListC:Documents and SettingsDesiMy DocumentsDownloadsfacebook-pic00005267.exe deleted successfully. Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsListC:Documents and SettingsDesiApplication DataIMVUClient1VivoxVoice.exe deleted successfully. Registry value HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesSharedAccessParametersFirewallPolicyStandardProfileAuthorizedApplicationsListC:Program FilesSearchcore ToolbarDatamngrToolBardtUser.exe deleted successfully. Registry key HKEY_USERSS-1-5-21-1177238915-1060284298-725345543-1003SOFTWAREMicrosoftWindowsCurrentVersionUninstallIMVU Avatar chat client software BETA deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallBabylonObjectInstaller not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall{83AA2913-C123-4146-85BD-AD8F93971D39} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{83AA2913-C123-4146-85BD-AD8F93971D39} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAsk Toolbar not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstall{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREClassesCLSID{86D4B82A-ABED-442A-BE86-96357B70F4FE} not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallBS_Player Toolbar not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallIMVU_Inc Toolbar not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallIMVU Inc Toolbar deleted successfully. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallWindows Searchcore Toolbar not found. Registry key HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallSearchcore Toolbar not found. ========== COMMANDS ========== [EMPTYTEMP] User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 0 bytes ->Flash cache emptied: 0 bytes User: Desi ->Temp folder emptied: 162953 bytes ->Temporary Internet Files folder emptied: 33170 bytes ->FireFox cache emptied: 31437254 bytes ->Flash cache emptied: 2987 bytes User: LocalService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%System32 .tmp files removed: 0 bytes %systemroot%System32dllcache .tmp files removed: 0 bytes %systemroot%System32drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 16867 bytes %systemroot%system32configsystemprofileLocal SettingsTemp folder emptied: 0 bytes %systemroot%system32configsystemprofileLocal SettingsTemporary Internet Files folder emptied: 0 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 30,00 mb OTL by OldTimer - Version 3.2.69.0 log created on 10092012_042414 FilesFolders moved on Reboot... File move failed. C:WINDOWStemp_avast_Webshlock.txt scheduled to be moved on reboot. C:WINDOWStempPerflib_Perfdata_8fc.dat moved successfully. PendingFileRenameOperations files... Registry entries deleted on Reboot... в момента обновява Windows , но не мога да деинсталирам Daemon Tools, зарежда до някаде и не зарежда повече .. Ще пиша утре отново и ще ви обянся .Благодаря ви много

Цитирай

9 октомври 201213 г.

Автор

Обнових Windows ,а Deamon tools все още не мога да го деинсталирам и си изтеглих и инсталирах добавките на Mozilla Firefox,за които ми казахте в началото

Цитирай

9 октомври 201213 г.

Здравей, Каква точно грешка дава при опит за деинсталация на Daemon Tools-a? Какво е положението и появява ли се още онзи прозорец в Mozilla?

Цитирай

9 октомври 201213 г.

Автор

Не прозореца не се появява :) а относно Daemon Tools просто като пусна да се деинсталира ме пита дали съм сигурна че искам ,давам да и след това заржда до половината и остава така без да може да зареди до край .Също така при включване на компютъра излиза прозорче ,на което пише:'' това приложение изисква минимум Windows 2000 и SPTD 1.51 или по-висока . Дебъгерът на ядрото може да бъде деактивиран .'' Това изписва при опит за пускане на програмата.

Цитирай

11 октомври 201213 г.

Здравей,

Извинявам се за забавянето, но бях зает.

За да спрете съобщението при стартиране направете следното:

Изтеглете този файл, стартирайте го и изберете Uninstall.

Ако не се получи просто от Start => Run => въведете CMD => натиснете Enter => след това въведете командите (една по една и след всяка натисни Enter):

sc config sptd start= disabled

sc stop sptd

sc delete sptd

После пробвай отново да деинсталираш Daemon Tools...Ако не се получи пробвай да го махнеш в Safe Mode или използвай Revo Uninstaller 1.94 за целта.

Ако пак не се получи - просто изтрий ръчно папките на Daemon Tools-a (потърси ги с търсачката на Windows) и ги изтрий. Ако са заключени използвай Unlocker 1.9.1 x86 за целта.

Ако няма други въпроси ще маркирам случая като [РЕШЕН].

Поздрави!

Цитирай

15 октомври 201213 г.

Автор

Благодаря за отделеното ви време и търпение Наистина ми бяхте много полезни

Цитирай

Добре дошли!

съмнение за вирус

Featured Replies

Архивирана тема

Разглеждащи това в момента 0

Дарение

Бюлетин

Профил

Навигация

Търсене

Конфигуриране на push известия в браузъра

Chrome (Android)

Chrome (Desktop)

Safari (iOS 16.4+)

Safari (macOS)

Edge (Android)

Edge (Desktop)

Firefox (Android)

Firefox (Desktop)