Премини към съдържанието
15 години Kaldata.com – време е да почерпим! Прочети още... ×

Препоръчан отговор


Здравейте,бях направил тема за влизане в чужда машина и ме докараха до тука ето го и dds

DDS (Ver_2011-09-30.01) - NTFS_AMD64 
Internet Explorer: 9.11.9600.16428  BrowserJavaVersion: 10.21.2
Run by Тео at 18:45:04 on 2014-01-04
Microsoft Windows 7 Ultimate   6.1.7601.1.1251.7.1031.18.4095.1451 [GMT 1:00]
.
AV: AVG AntiVirus 2014 *Disabled/Updated* {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Outdated* {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}
SP: AVG AntiVirus 2014 *Disabled/Updated* {B5F5C120-2089-702E-0001-553BB0D5A664}
.
============== Running Processes ===============
.
C:Windowssystem32wininit.exe
C:Windowssystem32lsm.exe
C:Windowssystem32svchost.exe -k DcomLaunch
C:Program Files (x86)IObitAdvanced SystemCare 7ASCService.exe
C:Windowssystem32nvvsvc.exe
C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe
C:Windowssystem32svchost.exe -k RPCSS
C:Program FilesCOMODOCOMODO Internet Securitycmdagent.exe
C:Windowssystem32svchost.exe -k NetworkService
C:WindowsSystem32svchost.exe -k LocalServiceNetworkRestricted
C:WindowsSystem32svchost.exe -k LocalSystemNetworkRestricted
C:Windowssystem32svchost.exe -k netsvcs
C:Windowssystem32svchost.exe -k GPSvcGroup
C:Windowssystem32svchost.exe -k LocalService
C:Program FilesNVIDIA CorporationDisplaynvxdsync.exe
C:Windowssystem32nvvsvc.exe
C:WindowsSystem32spoolsv.exe
C:Windowssystem32svchost.exe -k LocalServiceNoNetwork
C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe
C:Windowssystem32taskeng.exe
C:Windowssystem32rundll32.exe
C:WindowsSysWOW64rundll32.exe
C:Windowssystem32Dwm.exe
C:Windowssystem32taskhost.exe
C:WindowsExplorer.EXE
C:Program Files (x86)GoogleUpdate1.3.22.3GoogleCrashHandler.exe
C:Program Files (x86)GoogleUpdate1.3.22.3GoogleCrashHandler64.exe
C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe
C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0avp.exe
C:Program Files (x86)ComodoDragondragon_updater.exe
C:Program Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe
C:Program Files (x86)LogMeIn HamachiLMIGuardianSvc.exe
C:Program FilesOO SoftwareDefragoodag.exe
C:Program Files (x86)PANDORA.TVPanServiceKMPService.exe
C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe
C:Program Files (x86)HTCHTC Sync ManagerHTC Syncadb.exe
C:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe
C:Program Files (x86)PANDORA.TVPanServiceKMPProcess.exe
C:Windowssystem32svchost.exe -k imgsvc
C:Program Files (x86)Yahoo!SoftwareUpdateYahooAUService.exe
C:Program Files (x86)LogMeIn Hamachihamachi-2.exe
C:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe
C:Program Files (x86)LogMeIn Hamachihamachi-2-ui.exe
C:Windowssystem32svchost.exe -k NetworkServiceNetworkRestricted
C:Program FilesNVIDIA CorporationDisplaynvtray.exe
C:WindowsSystem32rundll32.exe
C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedadssvc.exe
C:Program Files (x86)IObitIObit Malware FighterIMF.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)Common FilesCOMODOlauncher_service.exe
C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe
C:Program FilesCOMODOGeekBuddyunit_manager.exe
C:Program FilesCOMODOGeekBuddyunit.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Program Files (x86)GoogleChromeApplicationchrome.exe
C:Windowssystem32wbemwmiprvse.exe
C:WindowsSysWOW64NOTEPAD.EXE
C:UsersТеоDownloadsdds.exe
C:Windowssystem32conhost.exe
C:WindowsSystem32cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://de.yahoo.com?fr=fp-comodo
BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtContentBlockerie_content_blocker_plugin.dll
BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll
BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtOnlineBankingonline_banking_bho.dll
BHO: Advanced SystemCare Browser Protection: {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} - C:Program Files (x86)IObitSurfing ProtectionBrowerProtectASCPlugin_Protection.dll
BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtUrlAdvisorklwtbbho.dll
BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedads.dll
mRun: [iObit Malware Fighter] "C:Program Files (x86)IObitIObit Malware FighterIMF.exe" /autostart
mRun: [NCUpdateHelper] C:Program Files (x86)NCWestNCLauncherNCUpdateHelper.exe
mRun: [LogMeIn Hamachi Ui] "C:Program Files (x86)LogMeIn Hamachihamachi-2-ui.exe" --auto-start
mRun: [PrivDogService] "C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedadssvc.exe"
mRun: [tvncontrol] "C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe" -controlservice -slave
StartupFolder: C:PROGRA~3MICROS~1WindowsSTARTM~1ProgramsStartupSTARTG~1.LNK - C:Program FilesCOMODOGeekBuddylauncher.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll
IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:Program Files (x86)AdTrustMediaPrivDog1.8.0.18trustedads.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0IEExtUrlAdvisorklwtbbho.dll
TCP: NameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces{5E403A66-FE2D-496F-B145-EC2B18399BD1} : DHCPNameServer = 192.168.42.129
TCP: Interfaces{6D7A175F-8BAA-4C3C-8D48-31CDE95A3D40} : DHCPNameServer = 192.168.2.1 192.168.2.1
TCP: Interfaces{6D7A175F-8BAA-4C3C-8D48-31CDE95A3D40}64259445A51224F687026333630302341626C656 : DHCPNameServer = 192.168.178.1
TCP: Interfaces{9644279D-AA3A-44BE-A778-0ADA6DF73285} : DHCPNameServer = 192.168.42.129
Handler: linkscanner - <Clsid value has no data>
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:Program Files (x86)GoogleChromeApplication31.0.1650.63Installerchrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:Program Files (x86)IObitIObit UninstallerUninstallExplorer64.dll
x64-BHO: Content Blocker Plugin: {5564CC73-EFA7-4CBF-918A-5CF7FBBFFF4F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtContentBlockerie_content_blocker_plugin.dll
x64-BHO: Virtual Keyboard Plugin: {73455575-E40C-433C-9784-C78DC7761455} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll
x64-BHO: Safe Money Plugin: {9E6D0D23-3D72-4A94-AE1F-2D167624E3D9} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtOnlineBankingonline_banking_bho.dll
x64-BHO: HaaPppy2SaevaE: {BC3E7A69-E684-EB14-C5A0-9F7E0C2EFD25} - C:ProgramDataHaaPppy2SaevaEyySdsJcYFW.x64.dll
x64-BHO: IsAver: {C06AFCCF-4FDE-E1CA-2585-A6E9A37793F7} - C:ProgramDataIsAver1bcb0m.x64.dll
x64-BHO: URL Advisor Plugin: {E33CF602-D945-461A-83F0-819F76A199F8} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtUrlAdvisorklwtbbho.dll
x64-BHO: PrivDog Extension: {FB16E5C3-A9E2-47A2-8EFC-319E775E62CC} - C:Program FilesAdTrustMediaPrivDog1.8.0.18trustedads.dll
x64-IE: {0C4CC089-D306-440D-9772-464E226F6539} - {0BA14598-4178-4CE5-B1F1-B5C6408A3F2E} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtVirtualKeyboardie_virtual_keyboard_plugin.dll
x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - C:Program FilesAdTrustMediaPrivDog1.8.0.18trustedads.dll
x64-IE: {CCF151D8-D089-449F-A5A4-D9909053F20F} - {CCF151D8-D089-449F-A5A4-D9909053F20F} - C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0x64IEExtUrlAdvisorklwtbbho.dll
x64-Handler: linkscanner - <Clsid value has no data>
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
Hosts: 127.0.0.1 wdcs.trendmicro.com
Hosts: 127.0.0.1 ads.bleepingcomputer.com
Hosts: 127.0.0.1 ox-d.majorgeeks.com
Hosts: 127.0.0.1 om.symantec.com
Hosts: 127.0.0.1  metrics.mcafee.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - 
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;C:WindowsSystem32driversSmartDefragDriver.sys [2014-1-1 17720]
R1 avgtp;avgtp;C:WindowsSystem32driversavgtpx64.sys [2013-10-2 46368]
R1 CFRMD;CFRMD;C:WindowsSystem32driversCFRMD.sys [2013-5-7 37976]
R1 HMD;COMODO livePCsupport Hardware Monitor Driver;C:WindowsSystem32drivershmd.sys [2013-10-7 14888]
R1 KLIM6;Kaspersky Anti-Virus NDIS 6 Filter;C:WindowsSystem32driversklim6.sys [2013-11-14 29792]
R1 klpd;klpd;C:WindowsSystem32driversklpd.sys [2013-4-12 15456]
R1 kltdi;kltdi;C:WindowsSystem32driverskltdi.sys [2013-5-14 55904]
R1 kneps;kneps;C:WindowsSystem32driverskneps.sys [2013-6-6 178272]
R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904]
R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2013-5-11 65640]
R2 AdvancedSystemCareService7;Advanced SystemCare Service 7;C:Program Files (x86)IObitAdvanced SystemCare 7ASCService.exe [2014-1-1 881440]
R2 AVP;Kaspersky Anti-Virus Service;C:Program Files (x86)Kaspersky LabKaspersky Anti-Virus 14.0.0avp.exe [2013-11-14 214512]
R2 CLPSLauncher;COMODO LPS Launcher;C:Program Files (x86)Common FilesCOMODOlauncher_service.exe [2013-12-13 70352]
R2 DragonUpdater;COMODO Dragon Update Service;C:Program Files (x86)ComodoDragondragon_updater.exe [2013-11-11 2098880]
R2 GeekBuddyRSP;GeekBuddyRSP Server;C:Program Files (x86)Common FilesCOMODOGeekBuddyRSP.exe [2013-12-13 2327248]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:Program Files (x86)LogMeIn Hamachihamachi-2.exe [2013-11-29 2210640]
R2 HTCMonitorService;HTCMonitorService;C:Program Files (x86)HTCHTC Sync ManagerHSMServiceEntry.exe [2013-11-10 87368]
R2 IMFservice;IMF Service;C:Program Files (x86)IObitIObit Malware FighterIMFsrv.exe [2014-1-1 341824]
R2 LMIGuardianSvc;LMIGuardianSvc;C:Program Files (x86)LogMeIn HamachiLMIGuardianSvc.exe [2013-10-11 377104]
R2 nvUpdatusService;NVIDIA Update Service Daemon;C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [2012-8-3 1262400]
R2 OODefragAgent;O&O Defrag;C:Program FilesOO SoftwareDefragoodag.exe [2012-11-30 3293552]
R2 PanService;PandoraService;C:Program Files (x86)PANDORA.TVPanServiceKMPService.exe [2013-10-28 1922600]
R2 PassThru Service;Internet Pass-Through Service;C:Program Files (x86)HTCInternet Pass-ThroughPassThruSvr.exe [2012-12-7 167424]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:Program Files (x86)Spybot - Search & Destroy 2SDFSSvc.exe [2013-10-2 1817560]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:Program Files (x86)Spybot - Search & Destroy 2SDUpdSvc.exe [2013-10-2 1033688]
R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service;C:Program Files (x86)NVIDIA Corporation3D VisionnvSCPAPISvr.exe [2012-5-15 382272]
R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;C:WindowsSystem32driversdtscsibus.sys [2013-10-2 29696]
R3 ETD;ELAN PS/2 Port Input Device;C:WindowsSystem32driversETD.sys [2012-8-3 135560]
R3 klkbdflt;Kaspersky Lab KLKBDFLT;C:WindowsSystem32driversklkbdflt.sys [2013-11-14 29280]
R3 klmouflt;Kaspersky Lab KLMOUFLT;C:WindowsSystem32driversklmouflt.sys [2013-11-14 29280]
R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2009-3-1 187392]
R3 tap0901t;TAP-Win32 Adapter V9 (Tunngle);C:WindowsSystem32driverstap0901t.sys [2013-12-29 31232]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service;C:WindowsSystem32driversvwifimp.sys [2009-7-14 17920]
S2 4game-service;4game-service;C:Program Files (x86)4game4game-service.exe [2013-5-23 1133056]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]
S2 e81a9dc1;GS-Supporter;C:WindowsSystem32rundll32.exe [2009-7-14 45568]
S2 Guard.Mail.ru;Guard.Mail.ru;"C:Program Files (x86)Mail.RuGuardGuardMailRu.exe" --> C:Program Files (x86)Mail.RuGuardGuardMailRu.exe [?]
S2 gupdate;Google Update-Dienst (gupdate);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-2-11 116648]
S2 LiveUpdateSvc;LiveUpdate;C:Program Files (x86)IObitLiveUpdateLiveUpdate.exe [2014-1-1 2151200]
S2 SDWSCService;Spybot-S&D 2 Security Center Service;C:Program Files (x86)Spybot - Search & Destroy 2SDWSCSvc.exe [2013-10-2 171928]
S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-11-9 160944]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2013-2-12 257416]
S3 AmUStor;AM USB Stroage Driver;C:WindowsSystem32driversAmUStor.sys [2009-8-21 44032]
S3 cmdvirth;COMODO Virtual Service Manager;"C:Program FilesCOMODOCOMODO Internet Securitycmdvirth.exe" --> C:Program FilesCOMODOCOMODO Internet Securitycmdvirth.exe [?]
S3 Disc Soft Bus Service;Disc Soft Bus Service;C:Program Files (x86)DAEMON Tools UltraDiscSoftBusService.exe [2013-9-23 654552]
S3 dmvsc;dmvsc;C:WindowsSystem32driversdmvsc.sys [2011-4-12 71168]
S3 esgiguard;esgiguard;C:Program FilesEnigma Software GroupSpyHunteresgiguard.sys [2011-3-2 13088]
S3 ew_hwusbdev;Huawei MobileBroadband USB PNP Device;C:WindowsSystem32driversew_hwusbdev.sys [2012-9-24 117248]
S3 ewusbnet;HUAWEI USB-NDIS miniport;C:WindowsSystem32driversewusbnet.sys [2012-9-24 138752]
S3 gupdatem;Google Update-Dienst (gupdatem);C:Program Files (x86)GoogleUpdateGoogleUpdate.exe [2013-2-11 116648]
S3 HTCAND64;HTC Device Driver;C:WindowsSystem32driversANDROIDUSB.sys [2013-8-17 33736]
S3 htcnprot;HTC NDIS Protocol Driver;C:WindowsSystem32drivershtcnprot.sys [2010-6-25 36928]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:WindowsSystem32ieetwcollector.exe [2013-12-11 111616]
S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2013-10-30 119408]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:WindowsSystem32driversrdpvideominiport.sys [2013-6-12 19456]
S3 RegFilter;RegFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64RegFilter.sys [2014-1-1 34848]
S3 ss_bbus;SAMSUNG USB Mobile Device (WDM);C:WindowsSystem32driversss_bbus.sys [2009-9-19 127488]
S3 ss_bmdfl;SAMSUNG USB Mobile Modem (Filter);C:WindowsSystem32driversss_bmdfl.sys [2009-9-19 18944]
S3 ss_bmdm;SAMSUNG USB Mobile Modem;C:WindowsSystem32driversss_bmdm.sys [2009-9-19 161280]
S3 Synth3dVsc;Microsoft Virtual 3D Video Transport Driver;C:WindowsSystem32driversSynth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:WindowsSystem32driversterminpt.sys [2013-6-12 29696]
S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2013-6-12 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2013-6-12 30208]
S3 tsusbhub;Remote Deskotop USB Hub;C:WindowsSystem32driverstsusbhub.sys [2011-4-12 117248]
S3 TunngleService;TunngleService;C:Program Files (x86)TunngleTnglCtrl.exe [2013-12-29 758224]
S3 UrlFilter;UrlFilter;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64UrlFilter.sys [2014-1-1 23016]
S3 WatAdminSvc;Windows-Aktivierungstechnologieservice;C:WindowsSystem32WatWatAdminSvc.exe [2013-8-2 1255736]
S3 XFDriver64;XFDriver64;D:Xfire2XFDriver64.sys [2013-6-18 17160]
S4 FileMonitor;FileMonitor;C:Program Files (x86)IObitIObit Malware FighterDriverswin7_amd64FileMonitor.sys [2014-1-1 23048]
S4 klflt;klflt;C:WindowsSystem32driversklflt.sys [2014-1-2 112224]
.
=============== Created Last 30 ================
.
2014-01-04 17:43:08 -------- d-----w- C:Users?хюAppDataLocalMicrosoft
2014-01-04 16:47:45 -------- d-----w- C:Program Files (x86)Common FilesCOMODO
2014-01-04 16:47:31 444392 ----a-w- C:WindowsSystem32TBD78B1.tmp
2014-01-04 16:47:31 43216 ----a-w- C:WindowsSystem32TBD78E2.tmp
2014-01-04 16:47:31 354240 ----a-w- C:WindowsSysWow64TBD78C2.tmp
2014-01-04 15:37:37 -------- d-----w- C:VTRoot
2014-01-03 19:52:53 -------- d-----w- C:UsersТеоAppDataRoamingWinRAR
2014-01-03 17:41:07 -------- d-----w- C:UsersТеоAppDataRoamingSkype
2014-01-03 14:18:51 -------- d-s---w- C:ProgramDataShared Space
2014-01-03 14:17:22 -------- d-----w- C:Program FilesAdTrustMedia
2014-01-03 14:17:22 -------- d-----w- C:Program Files (x86)AdTrustMedia
2014-01-03 14:17:21 -------- d-----w- C:ProgramDataAdtrustmedia
2014-01-03 14:16:49 -------- d-----w- C:ProgramDataCOMODO
2014-01-03 14:16:32 -------- d-----w- C:Program FilesCOMODO
2014-01-03 14:16:06 -------- d-----w- C:first_launch
2014-01-03 14:16:03 57096 ----a-w- C:WindowsSystem32certsentry.dll
2014-01-03 14:16:03 48392 ----a-w- C:WindowsSysWow64certsentry.dll
2014-01-03 14:15:43 -------- d-----w- C:Program Files (x86)Comodo
2014-01-03 14:15:28 -------- d-----w- C:ProgramDataComodo Downloader
2014-01-03 10:21:52 -------- d-----w- C:UsersТеоAppDataRoamingApple Computer
2014-01-03 10:20:31 -------- d-----w- C:UsersТео.android
2014-01-02 20:24:48 110176 ----a-w- C:WindowsSystem32klfphc.dll
2014-01-02 20:23:48 -------- d-----w- C:WindowsELAMBKUP
2014-01-02 20:23:22 -------- d-----w- C:ProgramDataKaspersky Lab
2014-01-02 20:23:22 -------- d-----w- C:Program Files (x86)Kaspersky Lab
2014-01-02 20:23:04 112224 ----a-w- C:WindowsSystem32driversklflt.sys
2014-01-02 20:04:19 -------- d-----w- C:UsersТеоAppDataRoamingAdobe
2014-01-02 20:04:17 -------- d-----r- C:UsersТеоSearches
2014-01-02 20:04:05 -------- d-----w- C:UsersТеоAppDataRoamingIdentities
2014-01-02 20:04:02 -------- d-----r- C:UsersТеоContacts
2014-01-02 20:04:01 -------- d-----w- C:UsersТеоAppDataRoamingIObit
2014-01-02 19:01:32 -------- d-----w- C:sh4ldr
2014-01-02 19:01:32 -------- d-----w- C:Program FilesEnigma Software Group
2014-01-02 19:00:13 -------- d-----w- C:Program Files (x86)Common FilesWise Installation Wizard
2014-01-02 18:09:32 -------- d-sh--w- C:$RECYCLE.BIN
2014-01-02 18:05:30 -------- d-----w- C:AdwCleaner
2014-01-02 17:49:30 32600 ----a-w- C:WindowsSystem32SmartDefragBootTime.exe
2014-01-02 17:44:49 208896 ----a-w- C:WindowsMBR.exe
2014-01-02 17:44:48 98816 ----a-w- C:Windowssed.exe
2014-01-02 17:44:48 256000 ----a-w- C:WindowsPEV.exe
2014-01-02 17:44:30 -------- d-s---w- C:ComboFix
2014-01-02 15:35:31 3072 ----a-w- C:WindowsSystem32driversen-UStsusbflt.sys.mui
2014-01-02 14:06:58 33856 ---ha-w- C:WindowsSystem32hamachi.sys
2014-01-02 14:06:48 -------- d-----w- C:Program Files (x86)LogMeIn Hamachi
2014-01-02 08:40:55 -------- d-----w- C:Program Files (x86)NCWest
2014-01-01 20:02:47 -------- d-----w- C:Program Files (x86)4game
2014-01-01 16:33:18 17720 ----a-w- C:WindowsSystem32driversSmartDefragDriver.sys
2014-01-01 16:21:56 -------- d-----w- C:ProgramDataProductData
2014-01-01 16:21:04 -------- d-----w- C:ProgramData{3C5CBD7B-3D1D-411E-96C2-513FFCA84D2D}
2013-12-30 13:06:31 -------- d-----w- C:ProgramDataHaaPppy2SaevaE
2013-12-30 13:06:29 -------- d-----w- C:ProgramDatapkfeiniaohikmpkkhooccmfocdefjocj
2013-12-30 13:06:13 -------- d-----w- C:ProgramDataIsAver
2013-12-29 18:18:17 -------- d-----w- C:ProgramDataTunngle
2013-12-29 18:18:16 31232 ----a-w- C:WindowsSystem32driverstap0901t.sys
2013-12-29 18:18:14 -------- d-----w- C:Program Files (x86)Tunngle
2013-12-29 15:04:37 -------- d-----w- C:Program Files (x86)Garena Plus
2013-12-29 15:04:34 -------- d-----w- C:ProgramDataGarenaMessenger
2013-12-29 14:34:07 -------- d-----w- C:Program Files (x86)GS-Enabler
2013-12-29 14:33:39 -------- d-----w- C:ProgramDatasurfNNkEeop
2013-12-29 14:33:38 -------- d-----w- C:Program Files (x86)surfNNkEeop
2013-12-29 14:33:35 -------- d-----w- C:ProgramDatae5ae757e57c4e23f
2013-12-29 14:33:26 -------- d-----w- C:WindowsSysWow64X86
2013-12-29 14:33:26 -------- d-----w- C:WindowsSysWow64AMD64
2013-12-26 19:33:14 -------- d-----w- C:Program Files (x86)Hearthstone
2013-12-20 14:41:50 -------- d-----w- C:Program Files (x86)Clownfish
2013-12-16 14:29:13 -------- d-----w- C:Program Files (x86)Lineage 2 Enchanter Hack
2013-12-11 21:52:48 167424 ----a-w- C:Program FilesWindows Media Playerwmplayer.exe
2013-12-11 21:52:48 164864 ----a-w- C:Program Files (x86)Windows Media Playerwmplayer.exe
2013-12-11 21:52:47 12625920 ----a-w- C:WindowsSystem32wmploc.DLL
2013-12-11 21:52:46 12625408 ----a-w- C:WindowsSysWow64wmploc.DLL
2013-12-11 13:32:13 92272 ----a-w- C:Program Files (x86)Mozilla Firefoxnssdbm3.dll
2013-12-11 12:51:50 335360 ----a-w- C:WindowsSystem32msieftp.dll
2013-12-11 12:51:50 3155968 ----a-w- C:WindowsSystem32win32k.sys
2013-12-11 12:51:50 301568 ----a-w- C:WindowsSysWow64msieftp.dll
2013-12-11 12:51:48 465920 ----a-w- C:WindowsSystem32WMPhoto.dll
2013-12-11 12:51:48 417792 ----a-w- C:WindowsSysWow64WMPhoto.dll
2013-12-11 12:51:47 81408 ----a-w- C:WindowsSystem32imagehlp.dll
2013-12-11 12:51:47 159232 ----a-w- C:WindowsSysWow64imagehlp.dll
2013-12-11 12:51:41 2048 ----a-w- C:WindowsSysWow64tzres.dll
2013-12-11 12:51:41 2048 ----a-w- C:WindowsSystem32tzres.dll
2013-12-11 12:50:31 230400 ----a-w- C:WindowsSystem32driversportcls.sys
2013-12-11 12:50:31 116736 ----a-w- C:WindowsSystem32driversdrmk.sys
2013-12-11 12:50:29 202752 ----a-w- C:WindowsSystem32scrrun.dll
2013-12-11 12:50:29 168960 ----a-w- C:WindowsSystem32wscript.exe
2013-12-11 12:50:29 163840 ----a-w- C:WindowsSysWow64scrrun.dll
2013-12-11 12:50:29 156160 ----a-w- C:WindowsSystem32cscript.exe
2013-12-11 12:50:29 150016 ----a-w- C:WindowsSystem32wshom.ocx
2013-12-11 12:50:29 141824 ----a-w- C:WindowsSysWow64wscript.exe
2013-12-11 12:50:29 126976 ----a-w- C:WindowsSysWow64cscript.exe
2013-12-11 12:50:29 121856 ----a-w- C:WindowsSysWow64wshom.ocx
2013-12-06 13:03:56 940032 ----a-w- C:WindowsSystem32MsSpellCheckingFacility.exe
2013-12-06 13:03:56 194048 ----a-w- C:WindowsSysWow64elshyph.dll
.
==================== Find3M  ====================
.
2014-01-02 20:38:27 178272 ----a-w- C:WindowsSystem32driverskneps.sys
2013-12-11 14:03:24 71048 ----a-w- C:WindowsSysWow64FlashPlayerCPLApp.cpl
2013-12-11 14:03:24 692616 ----a-w- C:WindowsSysWow64FlashPlayerApp.exe
2013-11-30 13:15:00 161792 --sha-r- C:WindowsSysWow64hu-HUH.dll
2013-11-26 10:19:07 2724864 ----a-w- C:WindowsSystem32mshtml.tlb
2013-11-26 10:18:23 4096 ----a-w- C:WindowsSystem32ieetwcollectorres.dll
2013-11-26 09:48:07 66048 ----a-w- C:WindowsSystem32iesetup.dll
2013-11-26 09:46:25 48640 ----a-w- C:WindowsSystem32ieetwproxystub.dll
2013-11-26 09:23:02 2724864 ----a-w- C:WindowsSysWow64mshtml.tlb
2013-11-26 09:18:39 139264 ----a-w- C:WindowsSystem32ieUnatt.exe
2013-11-26 09:18:09 111616 ----a-w- C:WindowsSystem32ieetwcollector.exe
2013-11-26 09:16:57 708608 ----a-w- C:WindowsSystem32jscript9diag.dll
2013-11-26 08:35:02 5769216 ----a-w- C:WindowsSystem32jscript9.dll
2013-11-26 08:28:16 553472 ----a-w- C:WindowsSysWow64jscript9diag.dll
2013-11-26 08:16:12 4243968 ----a-w- C:WindowsSysWow64jscript9.dll
2013-11-26 08:02:16 1995264 ----a-w- C:WindowsSystem32inetcpl.cpl
2013-11-26 07:32:06 1928192 ----a-w- C:WindowsSysWow64inetcpl.cpl
2013-11-26 07:07:57 2334208 ----a-w- C:WindowsSystem32wininet.dll
2013-11-26 06:33:33 1820160 ----a-w- C:WindowsSysWow64wininet.dll
2013-11-14 16:23:38 458336 ----a-w- C:WindowsSystem32driverskl1.sys
2013-11-14 16:23:38 29792 ----a-w- C:WindowsSystem32driversklim6.sys
2013-11-14 16:23:38 29280 ----a-w- C:WindowsSystem32driversklmouflt.sys
2013-11-14 16:23:38 29280 ----a-w- C:WindowsSystem32driversklkbdflt.sys
2013-11-01 13:26:25 98304 ----a-w- C:WindowsSysWow64CmdLineExt.dll
2013-10-28 10:40:47 5 ----a-w- C:WindowsSysWow64lMMLDeleteUserData42107612FX.tmp
2013-10-12 02:30:42 830464 ----a-w- C:WindowsSystem32nshwfp.dll
2013-10-12 02:29:21 859648 ----a-w- C:WindowsSystem32IKEEXT.DLL
2013-10-12 02:29:08 324096 ----a-w- C:WindowsSystem32FWPUCLNT.DLL
2013-10-12 02:03:08 656896 ----a-w- C:WindowsSysWow64nshwfp.dll
2013-10-12 02:01:25 216576 ----a-w- C:WindowsSysWow64FWPUCLNT.DLL
2013-10-07 05:17:38 14888 ----a-w- C:WindowsSystem32drivershmd.sys
2013-10-07 05:17:38 14888 ----a-w- C:WindowsinfHMDhmd.sys
.
============= FINISH: 18:45:49,25 ===============
 

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

 

 

СТЪПКА 1

 

  • [*]

Изтеглете и стартирайтe AdwCleaner.exe.

[*]Натиснете бутона Scan. [*]AdwCleaner ще започне да проверява компютъра, както преди. [*]След като проверката приключи...този път натиснете бутона Clean тъй като няма неща които да не са за триене от лога. [*]Натиснете OK на диалоговия прозорец, който ще се появи подканвайки Ви да затворите всички активни приложения. [*]Натиснете OK отново за да позволите наAdwCleaner да рестартира компютъра и да довърши почистващия процес. [*]След рестарта ще се появи автоматично лог файл с името (AdwCleaner[s0].txt). [*]Прикачете съдържанието му в следващия си коментар [*]Копие на лог файла можеш да намериш и в папката C:AdwCleaner.

 

 

 

СТЪПКА 2

 

 

 

Публикувано изображение Моля изтеглете Junkware Removal Tool на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

 

СТЪПКА 3

 

 

 

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware

  • [*]Кликнете два пъти върху
mbam-setup.exe, за да инсталирате програмата. [*]Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish. [*]Ако има намерени обновявания, тя ще ги изтегли и инсталира. [*]Стартирайте програмата и изберете "Perform Quick Scan", след това кликнете на Scan. [*]Сканирането ще отнеме малко време, затова моля да бъдете търпеливи. [*]Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата. [*]Уверете се, че на всички редове има отметки (ако няма на някои обекти ги поставете ръчно), и кликнете на Remove Selected. [*]Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. [*]Прикачете този лог в следващия си коментар в темата.

Забележка: Ако MalwareBytes'Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поискада рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

 

 

 

СТЪПКА 4

 

 

  • [*]Моля изтеглете
Farbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа. [*]Стартирайте файла FRST.exe (или FRST64.exe) [*]Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение. [*]Сложете всички отметки. [*]Натиснете бутона SCAN. [*]Ще се създадат два лог файл с името - FRST.txt и Addition.txt на десктопа. [*]Прикачете лог файловете в следващия си коментар.

 

 

Поздрави!

  • Харесва ми 2

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Регистрирайте се или влезете в профила си за да коментирате

Трябва да имате регистрация за да може да коментирате това

Регистрирайте се

Създайте нова регистрация в нашия форум. Лесно е!

Нова регистрация

Вход

Имате регистрация? Влезте от тук.

Вход

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.