Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

Себастиян В.

Мисля че съм заразен ( ратнат )

Препоръчан отговор


Здравейте, след упорито търсене в интернета как да се справя с проблема ми, стигнах само до решението да не рискувам с излишни опити, а да се консултирам с хора, който си разбират от работата и така стигнах до вас.

Проблемите са ми следните, мисля че съм ратнат. ESET NOD32 ми изчезна просто ей така, не знам какво и как е станало, но да, няма я факт е. Дръпнах си AVAST и сканирах.. преместих в клетката 7 заразени файла, а 8-мият файл се оказа в папката windows с името winkey.dll. Бил е 'заразен' с win32:prorat-bh. Опитах да го преместа в клетката не се получи, да го изтрия.. пак не се получи.. След това като рових в нета попаднах тука и разбрах, че може да ми помогнете. Мисля че прочетох всичко каквото трябваше да прочета и ето логовете:

 

DSS

 

DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 10.25.2 Run by yels at 3:36:28 on 2013-08-26 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1251.359.1033.18.2038.480 [GMT 3:00] . AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F} SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2} . ============== Running Processes ================ . C:Windowssystem32wininit.exe C:Windowssystem32lsm.exe c:Program FilesMicrosoft Security ClientMsMpEng.exe C:Windowssystem32SLsvc.exe C:Windowssystem32Dwm.exe C:Program FilesAVAST SoftwareAvastAvastSvc.exe C:WindowsSystem32spoolsv.exe C:Windowssystem32taskeng.exe C:Windowssystem32taskeng.exe C:Program FilesSonyVAIO Update 3VAIOUpdt.exe C:Program FilesCommon FilesAdobeARM1.0armsvc.exe C:Program FilesAskPartnerNetworkToolbarapnmcp.exe C:UsersyelsAppDataRoamingDefaultTabDefaultTabDTUpdate.exe C:Windowssystem32FsUsbExService.Exe C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe C:Program FilesNitro PDFProfessional 7NitroPDFDriverService2.exe C:Windowssystem32PSIService.exe C:Program FilesCommon FilesIntuitQuickBooksQBCFMonitorService.exe C:ProgramDataSkypeToolbarsSkype C2C Servicec2c_service.exe C:Program FilesSonyVAIO Event ServiceVESMgr.exe C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVCSWVCSW.exe C:Windowssystem32SearchIndexer.exe C:Windowssystem32DRIVERSxaudio.exe C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzCdbSvc.exe C:WindowsSystem32WUDFHost.exe C:Program FilesSonyVAIO Event ServiceVESMgrSub.exe C:Program FilesCommon FilesSony SharedVAIO Entertainment PlatformVzCdbVzFw.exe C:Windowssystem32igfxext.exe C:Windowssystem32igfxsrvc.exe C:Program FilesSonyVAIO Power ManagementSPMgr.exe C:WindowsSystem32hkcmd.exe C:WindowsSystem32igfxpers.exe C:Program FilesSonyVAIO PC Wireless LAN WizardAutoLaunchWLASU.exe C:Program FilesCommon FilesAdobeARM1.0AdobeARM.exe C:Program FilesPowerISOPWRISOVM.EXE C:Program FilesAdobeAcrobat 11.0Acrobatacrotray.exe C:Program FilesCommon FilesJavaJava Updatejusched.exe C:Program FilesAskPartnerNetworkToolbarUpdaterTBNotifier.exe C:Program FilesAVAST SoftwareAvastAvastUI.exe C:Program FilesSamsungKiesKiesTrayAgent.exe C:Program FilesSamsungKiesKiesAirMessage.exe C:Program FilesSamsungKiesKies.exe C:Program FilesSamsungKiesExternalFirmwareUpdateKiesPDLR.exe C:Program FilesuTorrentuTorrent.exe C:UsersyelsAppDataRoamingDropboxbinDropbox.exe C:UsersyelsAppDataLocalFacebookMessenger2.1.4814.0FacebookMessenger.exe C:Windowssystem32igfxsrvc.exe H:subiHijack HunterHijackHunter.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_8_800_94.exe C:Windowssystem32MacromedFlashFlashPlayerPlugin_11_8_800_94.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Program FilesSkypePhoneSkype.exe C:Windowssystem32conime.exe H:subiHijack HunterHijackHunter.exe C:Windowssystem32vssvc.exe C:Windowssystem32NOTEPAD.EXE C:Windowssystem32Taskmgr.exe C:WindowsExplorer.exe C:Windowssystem32wbemwmiprvse.exe C:Windowssystem32svchost.exe -k DcomLaunch C:Windowssystem32svchost.exe -k rpcss C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted C:Windowssystem32svchost.exe -k netsvcs C:Windowssystem32svchost.exe -k GPSvcGroup C:Windowssystem32svchost.exe -k LocalService C:Windowssystem32svchost.exe -k NetworkService C:Windowssystem32svchost.exe -k LocalServiceNoNetwork C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted C:Windowssystem32svchost.exe -k imgsvc C:WindowsSystem32svchost.exe -k WerSvcGroup C:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonation C:WindowsSystem32svchost.exe -k swprv . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve mWinlogon: Userinit = c:windowssystem32userinit.exe,c:program filesccleanerCCleaner-resident.exe BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:program filescommon filesadobeacrobatactivexAcroIEHelper.dll BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:program filescommon filesadobeacrobatactivexAcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:program filesmicrosoft officeoffice14GROOVEEX.DLL BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:program filesjavajre7binssv.dll BHO: DefaultTab Browser Helper: {7F6AFBF1-E065-4627-A2FD-810366367D01} - c:windowssystem32configsystemprofileappdataroamingdefaulttabdefaulttabDefaultTabBHO.dll BHO: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:program filesavast softwareavastaswWebRepIE.dll BHO: Adobe Acrobat Create PDF Toolbar Helper: {AE7CD045-E861-484f-8273-0445EE161910} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:program filesmicrosoft officeoffice14URLREDIR.DLL BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:program filesjavajre7binjp2ssv.dll BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - c:program filescommon filesadobeacrobatwcieactivexAcroIEFavClient.dll TB: avast! Online Security: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:program filesavast softwareavastaswWebRepIE.dll uRun: [KiesTrayAgent] c:program filessamsungkiesKiesTrayAgent.exe uRun: [KiesPDLR] c:program filessamsungkiesexternalfirmwareupdateKiesPDLR.exe uRun: [KiesAirMessage] c:program filessamsungkiesKiesAirMessage.exe -startup uRun: [KiesPreload] c:program filessamsungkiesKies.exe /preload uRun: [] c:program filessamsungkiesexternalfirmwareupdateKiesPDLR.exe uRun: [uTorrent] "c:program filesutorrentuTorrent.exe"  /MINIMIZED mRun: [Windows Defender] "c:program fileswindows defenderMSASCui.exe" -hide mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [igfxTray] c:windowssystem32igfxtray.exe mRun: [HotKeysCmds] c:windowssystem32hkcmd.exe mRun: [Persistence] c:windowssystem32igfxpers.exe mRun: [VAIO Center Access Bar] "c:program filessonyvaio center access barVCAB.exe" 1 mRun: [VAIO Help and Support Demo] "c:program filessonyvaio help and support demoLaunchVHSD.exe" mRun: [VWLASU] "c:program filessonyvaio pc wireless lan wizardAutoLaunchWLASU.exe" mRun: [VAIORegistration] "c:program filessonyfirst experienceWelcomeLauncher.exe" mRun: [VAIOSurvey] "c:program filessonyvaio surveyVista VAIO Survey.exe" mRun: [Adobe ARM] "c:program filescommon filesadobearm1.0AdobeARM.exe" mRun: [PWRISOVM.EXE] c:program filespowerisoPWRISOVM.EXE -startup mRun: [AdobeAAMUpdater-1.0] "c:program filescommon filesadobeoobepdappuwaUpdaterStartupUtility.exe" mRun: [Acrobat Assistant 8.0] "c:program filesadobeacrobat 11.0acrobatAcrotray.exe" mRun: [sunJavaUpdateSched] "c:program filescommon filesjavajava updatejusched.exe" mRun: [ApnTBMon] "c:program filesaskpartnernetworktoolbarupdaterTBNotifier.exe" mRun: [avast] "c:program filesavast softwareavastavastUI.exe" /nogui StartupFolder: c:usersyelsappdataroamingmicros~1windowsstartm~1programsstartupdropbox.lnk - c:usersyelsappdataroamingdropboxbinDropbox.exe StartupFolder: c:usersyelsappdataroamingmicros~1windowsstartm~1programsstartupexplorer.lnk - c:windowsexplorer.exe StartupFolder: c:usersyelsappdataroamingmicros~1windowsstartm~1programsstartupfacebo~1.lnk - c:usersyelsappdatalocalfacebookmessenger2.1.4814.0FacebookMessenger.exe StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupaolddi~1.lnk - c:ddiAOLICON.exe StartupFolder: c:progra~2micros~1windowsstartm~1programsstartupquickb~1.lnk - c:program filescommon filesintuitquickbooksqbupdateqbupdate.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: BindDirectlyToPropertySetStorage = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:program filesmicrosoft officeoffice14ONBttnIE.dll IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:program filesmicrosoft officeoffice14ONBttnIELinkedNotes.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll TCP: NameServer = 89.190.211.193 192.168.0.1 TCP: Interfaces{14DDDA02-355C-4C94-AC47-B4BE2CBB8FA3} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{24E800FE-52D1-44E0-AE51-BC69B22F87FE} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{2E41FC0D-77C1-420D-82CE-6D71722721C9} : DHCPNameServer = 192.168.1.1 TCP: Interfaces{35B9CFD6-0C92-4F3A-973C-EBB7425B69DE} : DHCPNameServer = 89.190.211.193 192.168.0.1 TCP: Interfaces{DB1B1D4B-99B4-4AE2-9200-69AF2A5FF496} : DHCPNameServer = 192.168.1.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:program filescommon filesmicrosoft sharedoffice14MSOXMLMF.DLL Handler: intu-help-qb1 - {9B0F96C7-2E4B-433e-ABF3-043BA1B54AE3} - c:program filesintuitquickbooks 2008HelpAsyncPluggableProtocol.dll Handler: qbwc - {FC598A64-626C-4447-85B8-53150405FD57} - Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:program filesskypetoolbarsinternet explorerskypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll Notify: igfxcui - igfxdev.dll Notify: VESWinlogon - VESWinlogon.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:program filesmicrosoft officeoffice14GROOVEEX.DLL LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:program filesgooglechromeapplication29.0.1547.57installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome . ================= FIREFOX =================== . FF - ProfilePath - c:usersyelsappdataroamingmozillafirefoxprofilesbu17y8t7.default FF - prefs.js: browser.search.selectedEngine - Google FF - plugin: c:progra~1micros~3office14NPAUTHZ.DLL FF - plugin: c:progra~1micros~3office14NPSPWRAP.DLL FF - plugin: c:program filesadobeacrobat 11.0acrobatairnppdf32.dll FF - plugin: c:program filesadobereader 10.0readerairnppdf32.dll FF - plugin: c:program filescommon filesadobeoobepdappccmutilitiesnpAdobeAAMDetect32.dll FF - plugin: c:program filescommon filesadobeoobepdappccmutilitiesnpAdobeAAMDetect64.dll FF - plugin: c:program filesgoogleupdate1.3.21.153npGoogleUpdate3.dll FF - plugin: c:program filesjavajre7binplugin2npjp2.dll FF - plugin: c:program filesnitro pdfprofessional 7npdf.dll FF - plugin: c:program filesnitro pdfprofessional 7npnitroie.dll FF - plugin: c:program filesnitro pdfprofessional 7npnitromozilla.dll FF - plugin: c:program filesnitro pdfprofessional 7NPShellExtension.dll FF - plugin: c:program filesvideodownloadconverter_4zeiinstallr1.binNP4zEISb.dll FF - plugin: c:usersyelsappdatalocalfacebookmessenger2.1.4814.0npFbDesktopPlugin.dll FF - plugin: c:usersyelsappdatalocallowsquare enixnprun3d.dll FF - plugin: c:usersyelsappdataroamingmozillafirefoxprofilesbu17y8t7.defaultextensions2020player_ikea@2020technologies.compluginsNP_2020Player_IKEA.dll FF - plugin: c:windowssystem32macromedflashNPSWF32_11_8_800_94.dll FF - plugin: c:windowssystem32npdeployJava1.dll FF - plugin: c:windowssystem32npmproxy.dll . ============= SERVICES / DRIVERS =============== . R0 aswRvrt;aswRvrt;c:windowssystem32driversaswRvrt.sys [2013-8-26 49376] R0 aswVmm;aswVmm;c:windowssystem32driversaswVmm.sys [2013-8-26 175176] R0 MpFilter;Microsoft Malware Protection Driver;c:windowssystem32driversMpFilter.sys [2013-6-18 211560] R1 aswSnx;aswSnx;c:windowssystem32driversaswSnx.sys [2013-8-26 770344] R1 aswSP;aswSP;c:windowssystem32driversaswSP.sys [2013-8-26 369584] R2 AdobeARMservice;Adobe Acrobat Update Service;c:program filescommon filesadobearm1.0armsvc.exe [2012-12-18 65192] R2 APNMCP;Ask Update Service;c:program filesaskpartnernetworktoolbarapnmcp.exe [2013-8-14 164816] R2 aswFsBlk;aswFsBlk;c:windowssystem32driversaswFsBlk.sys [2013-8-26 29816] R2 aswMonFlt;aswMonFlt;c:windowssystem32driversaswMonFlt.sys [2013-8-26 66336] R2 avast! Antivirus;avast! Antivirus;c:program filesavast softwareavastAvastSvc.exe [2013-8-26 46808] R2 DefaultTabUpdate;DefaultTabUpdate;c:usersyelsappdataroamingdefaulttabdefaulttabDTUpdate.exe [2013-4-15 107520] R2 FontCache;Windows Font Cache Service;c:windowssystem32svchost.exe -k LocalServiceAndNoImpersonation [2012-10-10 21504] R2 FsUsbExService;FsUsbExService;c:windowssystem32FsUsbExService.Exe [2012-10-7 233472] R2 NitroDriverReadSpool2;NitroPDFDriverCreatorReadSpool2;c:program filesnitro pdfprofessional 7NitroPDFDriverService2.exe [2012-7-16 184840] R2 regi;regi;c:windowssystem32driversregi.sys [2007-4-18 11032] R2 Skype C2C Service;Skype C2C Service;c:programdataskypetoolbarsskype c2c servicec2c_service.exe [2013-8-14 3291008] R3 FsUsbExDisk;FsUsbExDisk;c:windowssystem32FsUsbExDisk.Sys [2012-10-7 37344] R3 SFEP;Sony Firmware Extension Parser;c:windowssystem32driversSFEP.sys [2007-10-31 9344] R3 ti21sony;ti21sony;c:windowssystem32driversti21sony.sys [2007-10-31 812544] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:windowsmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 gupdate;Услуга на Google Актуализация (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2013-8-9 116648] S2 NSUService;NSUService;c:program filessonynetwork utilityNSUService.exe [2012-9-28 204800] S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2013-6-21 162408] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:windowssystem32macromedflashFlashPlayerUpdateService.exe [2012-9-28 257416] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:windowssystem32driversssudbus.sys [2012-10-14 83168] S3 dgderdrv;dgderdrv;c:windowssystem32driversdgderdrv.sys [2012-10-7 20032] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2013-8-9 116648] S3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:program filesmicrosoft officeoffice14GROOVE.EXE [2012-9-20 30785672] S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesmozilla maintenance servicemaintenanceservice.exe [2012-10-6 117656] S3 NisDrv;Microsoft Network Inspection System;c:windowssystem32driversNisDrvWFP.sys [2013-1-20 107392] S3 NisSrv;Microsoft Network Inspection;c:program filesmicrosoft security clientNisSrv.exe [2013-6-20 295376] S3 osppsvc;Office Software Protection Platform;c:program filescommon filesmicrosoft sharedofficesoftwareprotectionplatformOSPPSVC.EXE [2010-1-9 4640000] S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:windowssystem32driversssudmdm.sys [2012-10-14 181344] S3 VAIOMediaPlatform-UCLS-AppServer;VAIO Media Content Collection;c:program filessonyvaio media integrated serverUCLS.exe [2012-9-28 745472] S3 VAIOMediaPlatform-UCLS-HTTP;VAIO Media Content Collection (HTTP);c:program filessonyvaio media integrated serverplatformSV_Httpd.exe [2012-9-28 397312] S3 VAIOMediaPlatform-UCLS-UPnP;VAIO Media Content Collection (UPnP);c:program filessonyvaio media integrated serverplatformUPnPFramework.exe [2012-9-28 1089536] S3 VcmIAlzMgr;VAIO Content Metadata Intelligent Analyzing Manager;c:program filessonyvcm intelligent analyzing managerVcmIAlzMgr.exe [2007-10-31 292128] S3 VcmXmlIfHelper;VAIO Content Metadata XML Interface;c:program filescommon filessony sharedvcmxmlVcmXmlIfHelper.exe [2007-10-31 79136] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:windowsmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2013-4-16 755880] . =============== File Associations =============== . FileExt: .reg: regfile="regedit.exe" "%1" ShellExec: VCExporterLaunch.exe: open="c:program filessonyvaio vp utilitiesVCELaunch.exe" "%1" . =============== Created Last 30 ================ . 2013-08-25 21:19:31  770344  ----a-w-  c:windowssystem32driversaswSnx.sys 2013-08-25 21:19:31  175176  ----a-w-  c:windowssystem32driversaswVmm.sys 2013-08-25 21:19:29  49376  ----a-w-  c:windowssystem32driversaswRvrt.sys 2013-08-25 21:19:21  66336  ----a-w-  c:windowssystem32driversaswMonFlt.sys 2013-08-25 21:18:08  41664  ----a-w-  c:windowsavastSS.scr 2013-08-25 21:16:48  --------  d-----w-  c:program filesAVAST Software 2013-08-25 21:15:45  --------  d-----w-  c:programdataAVAST Software 2013-08-25 19:32:10  --------  d-----w-  c:program filesCCleaner 2013-08-25 15:21:25  7166848  ----a-w-  c:programdatamicrosoftmicrosoft antimalwaredefinition updates{7e927e8b-dfd5-401a-bfca-a8a48fe9aec0}mpengine.dll 2013-08-24 14:38:06  --------  d-----w-  c:usersyelsappdatalocalVitalwerks 2013-08-24 14:38:04  --------  d-----w-  c:program filesNo-IP 2013-08-24 14:23:22  --------  d-----w-  c:usersyelsappdatalocalFacebook 2013-08-24 13:47:27  --------  d-----w-  c:usersyelsappdataroamingdclogs 2013-08-24 13:41:05  7166848  ----a-w-  c:programdatamicrosoftmicrosoft antimalwaredefinition updatesbackupmpengine.dll 2013-08-23 10:54:25  --------  d-----w-  c:program filesVirtualDJ 2013-08-22 22:26:59  --------  d-----w-  c:usersyelsappdatalocalDreambelievers 2013-08-22 22:26:09  --------  d-----w-  c:program filesPokemon Online 2013-08-22 12:41:03  212992  ----a-w-  c:windowssystem32UniBoxVB12.ocx 2013-08-22 12:41:02  880640  ----a-w-  c:windowssystem32UniBox10.ocx 2013-08-22 12:41:02  1101824  ----a-w-  c:windowssystem32UniBox210.ocx 2013-08-22 12:40:55  --------  d-----w-  c:program filesuGet VGI 2013-08-17 08:11:07  92056  ----a-w-  c:program filesmozilla firefoxwebapprt-stub.exe 2013-08-16 19:49:12  24064  ----a-w-  c:windowssystem32driverstssecsrv.sys 2013-08-16 19:49:12  15872  ----a-w-  c:windowssystem32icaapi.dll 2013-08-16 19:49:03  905664  ----a-w-  c:windowssystem32driverstcpip.sys 2013-08-16 19:47:28  2048  ----a-w-  c:windowssystem32tzres.dll 2013-08-16 19:46:32  783360  ----a-w-  c:windowssystem32rpcrt4.dll 2013-08-16 19:46:16  3551680  ----a-w-  c:windowssystem32ntoskrnl.exe 2013-08-16 19:46:15  3603904  ----a-w-  c:windowssystem32ntkrnlpa.exe 2013-08-16 19:46:14  1205168  ----a-w-  c:windowssystem32ntdll.dll 2013-08-16 19:45:58  992768  ----a-w-  c:windowssystem32crypt32.dll 2013-08-16 19:45:58  172544  ----a-w-  c:windowssystem32wintrust.dll 2013-08-16 19:45:58  133120  ----a-w-  c:windowssystem32cryptsvc.dll 2013-08-16 19:45:57  98304  ----a-w-  c:windowssystem32cryptnet.dll 2013-08-12 04:16:42  --------  d-----w-  c:usersyelsappdatalocalWinZip Courier 2013-08-12 04:16:32  --------  d-----w-  c:programdataWinZipEC 2013-08-12 04:16:24  --------  d-----w-  c:usersyelsappdatalocalassembly 2013-08-11 02:54:41  --------  d-----w-  c:programdataAskPartnerNetwork 2013-08-11 02:54:41  --------  d-----w-  c:program filesAskPartnerNetwork 2013-08-11 02:54:20  --------  d-----w-  c:programdataAPN 2013-08-09 17:46:29  --------  d-----w-  c:program filesSimilarSites 2013-08-09 17:46:24  --------  d-----w-  c:usersyelsappdataroamingSimilarSites 2013-08-06 15:30:09  --------  d-----w-  c:usersyelsappdatalocalTechSmith 2013-08-06 15:28:12  411480  ----a-w-  c:windowssystem32tsccvid.dll 2013-08-06 15:27:57  --------  d-----w-  c:windowssystem32QuickTime 2013-08-06 15:26:47  --------  d-----w-  c:program filescommon filesTechSmith Shared 2013-08-04 18:42:25  --------  d-----w-  C:xampp 2013-08-03 07:07:19  --------  d-----w-  c:windowsAutoKMS 2013-08-03 06:44:39  --------  d-----w-  c:windowssystem32MRT 2013-08-01 10:35:05  --------  d-----w-  c:usersyelsappdataroaming.crafterslauncher 2013-07-31 19:43:42  --------  d-----w-  c:windowsTempC9ED5F72-80E4-E1B0-0F1A-01C847876DD2-Signatures 2013-07-31 17:59:45  936960  ----a-w-  c:program filescommon filesmicrosoft sharedinkjournal.dll 2013-07-31 17:59:43  983552  ----a-w-  c:program fileswindows journalJNTFiltr.dll 2013-07-31 17:59:43  964608  ----a-w-  c:program fileswindows journalJNWDRV.dll 2013-07-31 17:59:43  1218048  ----a-w-  c:program fileswindows journalNBDoc.DLL 2013-07-31 17:59:35  24576  ----a-w-  c:windowssystem32cryptdlg.dll 2013-07-31 17:58:38  2049024  ----a-w-  c:windowssystem32win32k.sys 2013-07-31 17:58:37  638328  ----a-w-  c:windowssystem32driversdxgkrnl.sys 2013-07-31 17:58:36  37376  ----a-w-  c:windowssystem32cdd.dll 2013-07-31 17:58:12  443904  ----a-w-  c:windowssystem32win32spl.dll 2013-07-31 17:58:12  37376  ----a-w-  c:windowssystem32printcom.dll . ==================== Find3M  ==================== . 2013-08-20 18:41:41  692104  ----a-w-  c:windowssystem32FlashPlayerApp.exe 2013-08-20 18:41:40  71048  ----a-w-  c:windowssystem32FlashPlayerCPLApp.cpl 2013-07-25 02:32:35  1800704  ----a-w-  c:windowssystem32jscript9.dll 2013-07-25 02:26:10  1129472  ----a-w-  c:windowssystem32wininet.dll 2013-07-25 02:25:30  1427968  ----a-w-  c:windowssystem32inetcpl.cpl 2013-07-25 02:23:59  142848  ----a-w-  c:windowssystem32ieUnatt.exe 2013-07-25 02:23:58  420864  ----a-w-  c:windowssystem32vbscript.dll 2013-07-25 02:22:35  2382848  ----a-w-  c:windowssystem32mshtml.tlb 2013-07-22 13:34:41  94632  ----a-w-  c:windowssystem32WindowsAccessBridge.dll 2013-07-22 13:34:31  867240  ----a-w-  c:windowssystem32npdeployJava1.dll 2013-07-22 13:34:30  789416  ----a-w-  c:windowssystem32deployJava1.dll 2013-06-18 18:50:08  211560  ----a-w-  c:windowssystem32driversMpFilter.sys 2013-06-18 18:50:08  107392  ----a-w-  c:windowssystem32driversNisDrvWFP.sys 2013-06-01 04:06:08  505344  ----a-w-  c:windowssystem32qedit.dll . ============= FINISH:  3:37:14,72 ===============  

ATTACH

 

. UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft® Windows Vista™ Home Premium Boot Device: DeviceHarddiskVolume2 Install Date: 28.9.2012 г. 07:35:24 System Uptime: 26.8.2013 г. 00:27:49 (3 hours ago) . Motherboard: Sony Corporation |  | VAIO Processor: Intel® Core2 Duo CPU T5450  @ 1.66GHz | N/A | 1667/167mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 178 GiB total, 75,421 GiB free. D: is Removable E: is Removable F: is CDROM () G: is CDROM () H: is Removable . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . . ==== Installed Programs ====================== . µTorrent Activation Assistant for the 2007 Microsoft Office suites Adobe Acrobat XI Pro Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.4) Alps Pointing-device for VAIO avast! Free Antivirus Camtasia Studio 7 Click to Disc Click to Disc Editor Compatibility Pack for the 2007 Office system Crackle Screen Saver 1.0 DarkComet RAT Remover version 1.0 Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition Dropbox Facebook Messenger 2.1.4814.0 FileZilla Client 3.7.1.1 FRANZIS onlineTV 8 GearDrvs Google Chrome Google Update Helper HDAUDIO SoftV92 Data Fax Modem with SmartCP Hijack Hunter 1.8.4.1 Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678) Intel® Graphics Media Accelerator Driver Java 7 Update 25 Java Auto Updater Java 6 Update 35 Java SE Runtime Environment 6 KMP Media Toolbar LocationFree Player Microinvest Warehouse Pro Light Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft CAPICOM 2.1.0.2 SDK Microsoft Office 2010 Service Pack 1 (SP1) Microsoft Office Access MUI (Bulgarian) 2010 Microsoft Office Excel MUI (Bulgarian) 2010 Microsoft Office Groove MUI (Bulgarian) 2010 Microsoft Office InfoPath MUI (Bulgarian) 2010 Microsoft Office OneNote MUI (Bulgarian) 2010 Microsoft Office Outlook MUI (Bulgarian) 2010 Microsoft Office PowerPoint MUI (Bulgarian) 2010 Microsoft Office PowerPoint Viewer 2007 (English) Microsoft Office Professional Plus 2010 Microsoft Office Proof (Bulgarian) 2010 Microsoft Office Proof (English) 2010 Microsoft Office Proof (German) 2010 Microsoft Office Proof (Russian) 2010 Microsoft Office Proofing (Bulgarian) 2010 Microsoft Office Publisher MUI (Bulgarian) 2010 Microsoft Office Shared MUI (Bulgarian) 2010 Microsoft Office Word MUI (Bulgarian) 2010 Microsoft Security Client Microsoft Security Essentials Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Mozilla Firefox 23.0.1 (x86 bg) Mozilla Maintenance Service MSXML 4.0 SP2 (KB927978) MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 4.0 SP2 Parser and SDK MyFreeCodec Napster Napster Burn Engine Nitro Pro 7 No-IP DUC Norton 360 Notepad++ OpenMG Limited Patch 4.7-07-15-19-01 OpenMG Secure Module 4.7.00 Paint.NET v3.5.10 Pokemon Online 2.1.0 PowerISO QuickBooks Simple Start 2008 Realtek High Definition Audio Driver Roxio Activation Module Samsung Kies SAMSUNG USB Driver for Mobile Phones Security Update for CAPICOM (KB931906) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405) Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827) Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449) Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019) Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595) Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642) Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576) Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407) Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628) Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628v2) Security Update for Microsoft Excel 2010 (KB2597126) 32-Bit Edition Security Update for Microsoft Filter Pack 2.0 (KB2553501) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2687422) 32-Bit Edition Security Update for Microsoft InfoPath 2010 (KB2760406) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553091) Security Update for Microsoft Office 2010 (KB2553096) Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2553447) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2598243) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687276) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687501) 32-Bit Edition Security Update for Microsoft Office 2010 (KB2687510) 32-Bit Edition Security Update for Microsoft OneNote 2010 (KB2760600) 32-Bit Edition Security Update for Microsoft Publisher 2010 (KB2553147) 32-Bit Edition Security Update for Microsoft Visio 2010 (KB2810068) 32-Bit Edition Security Update for Microsoft Visio Viewer 2010 (KB2687505) 32-Bit Edition Security Update for Microsoft Word 2010 (KB2760410) 32-Bit Edition Setting Utility Series Skype Click to Call Skype™ 6.6 SonicStage Mastering Studio SonicStage Mastering Studio Audio Filter SonicStage Mastering Studio Audio Filter Custom Preset SonicStage Mastering Studio Plugins Sony Video Shared Library Square Enix Secure Launcher StoreHouse Pro 2.6.1.21 SupportSoft Assisted Service The KMPlayer (remove only) uGet, версия 2.0.8 Update for Microsoft .NET Framework 3.5 SP1 (KB2836940) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft .NET Framework 4 Client Profile (KB2468871) Update for Microsoft .NET Framework 4 Client Profile (KB2533523) Update for Microsoft .NET Framework 4 Client Profile (KB2600217) Update for Microsoft .NET Framework 4 Client Profile (KB2836939) Update for Microsoft Office 2010 (KB2553065) Update for Microsoft Office 2010 (KB2553092) Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition Update for Microsoft Office 2010 (KB2553378) 32-Bit Edition Update for Microsoft Office 2010 (KB2566458) Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition Update for Microsoft Office 2010 (KB2598242) 32-Bit Edition Update for Microsoft Office 2010 (KB2687503) 32-Bit Edition Update for Microsoft Office 2010 (KB2687509) 32-Bit Edition Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition Update for Microsoft Office 2010 (KB2767886) 32-Bit Edition Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2597090) 32-Bit Edition Update for Microsoft Outlook 2010 (KB2687623) 32-Bit Edition Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition Update for Microsoft PowerPoint 2010 (KB2598240) 32-Bit Edition Update for Microsoft SharePoint Workspace 2010 (KB2589371) 32-Bit Edition VAIO Center Access Bar VAIO Content Folder Setting VAIO Content Metadata Intelligent Analyzing Manager VAIO Content Metadata Manager Setting VAIO Content Metadata XML Interface Library VAIO Control Center VAIO DVD Menu Data Basic VAIO Entertainment Center VAIO Entertainment Platform VAIO Event Service VAIO Help and Support VAIO Launcher VAIO Media VAIO Media 6.0 VAIO Media AC3 Decoder 1.0 VAIO Media Content Collection 6.0 VAIO Media Integrated Server 6.2 VAIO Media Redistribution 6.0 VAIO Media Registration Tool VAIO Media Registration Tool 6.0 VAIO Movie Story VAIO Movie Story Template Data VAIO MusicBox VAIO MusicBox Sample Music VAIO OOBE and Welcome Center VAIO Original Function Setting VAIO PC Wireless LAN Wizard VAIO Power Management VAIO Productivity Center VAIO Security Center VAIO Service Utility VAIO Smart Network VAIO Startup Assistant VAIO Survey VAIO Update 3 VAIO Wallpaper Contents Vegas Movie Studio HD Platinum 10.0 Virtual DJ Toolbar VirtualDJ Home FREE VLC media player 2.0.7 Windows Media Player Firefox Plugin WinDVD for VAIO WinRAR 4.20 (32-битова версия) XAMPP . ==== End Of File ===========================  

 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!Преди да продължим с каквото и да е ...препоръчвам да премахнете коректно целия антивирусен софтуер който се вижда в системата вис изключение на действащата в реално време - Microsoft Security Essentials :

 

 

Norton 360

avast! Free Antivirus

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Microsoft Security Essentials ми е на off и не мога да го пусна, не знам защо се получава така, а под 'премахнете' предполагам имате в предвид да ги изтрия? До тук добре. Благодаря за бързия отговор! :)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Microsoft Security Essentials ми е на off и не мога да го пусна, не знам защо се получава така, а под 'премахнете' предполагам имате в предвид да ги изтрия? До тук добре. Благодаря за бързия отговор! :)

 

Да ги деинсталирате по правилния начин..да уточня..като използвате специализираните инструменти за всяка антивирусна програма...!

 

за avast! Free Antivirus -:

 

Изтеглете инструмента  aswclear.exe  и да го запишете на вашия дескстоп;

Рестартирайте компютъра и преминете в  безопасен режим;

Стартирате  програма;

Ако продуктът Avast! не е инсталиран в местоположението по подразбиране, въведете пътя до него. (Забележка: Съдържанието на тази папка ще бъде премахната напълно!)

Щракнете върху REMOVE

Рестартирайте компютъра в нормален режим

 

за Norton 360:

 

Деинсталирайте Norton чрез  Control Panel. След коет, рестартирайте компютъра си и да преминете към следващата стъпка. Ако Norton не е в списъка на инсталираните приложения,  или не успявате да премахнете Norton, преминете към следващата стъпка.

Изтеглете инструмента Norton Removal Tool.

Запишете файла на вашия  десктоп.

  Щракнете двукратно върху Norton Removal Tool .

Следвайте инструкциите на екрана.

Компютърът може да се рестартира няколко пъти, и след рестартиране, може да се наложи извършването на допълнителни стъпки.

 

 

за Microsoft Security Essentials

Как да деинсталирате ръчно Microsoft Security Essentials...


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте направете ново сканиране по следната инструкция :

 

  • [*]
    • [*]Изтеглете
DDS (създаден от sUBs) от BleepingComputer. [*]След изтегляне на инструмента е необходимо да бъде запаметен (чрез менюто File => Save As...) на вашия работен плот.
Публикувано изображение [*]След като изтеглите DDS на вашия работен плот, иконката на програмата би трябвало да изглежда по този начин: Публикувано изображение [*]Прекратете временно защитата в реално време на антивирусния ви софтуер. След това стартирайте DDS с двоен клик на иконката, като потвърдите намерението си с кликане върху бутона Run. [*]След приключване на работата на DDS, ще се появят два текстови файла в Notepad, наречени: DDS.txt и Attach.txt и ги запазете (чрез менюто File => Save As...) на вашия работен плот.

[*]Копирайте и поставете съдържанието на DDS.txt и Attach.txt директно във вашата тема. Моля, не ги прикачвайте!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.