Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

speedy912

Вирус, засегнал началната страница на Internet Explorer

Препоръчан отговор


Здравейте, имам проблем с IE и началната страница, на която се е забила търсачката Delta Homes. От bing.com внезапно беше променена на delta-homes.com. Опитах се по няколко начина да променя стартовата страница, но каквото и да направя, не мога. На няколко пъти ми забиваше и нета. Моля ви за помощ!

 

 

DDS (Ver_2011-09-30.01) - NTFS_AMD64Internet Explorer: 8.0.7601.17514Run by Maria at 23:16:18 on 2014-01-04Microsoft Windows 7 Home Premium 6.1.7601.1.1251.359.1033.18.5938.3510 [GMT 2:00].AV: Microsoft Security Essentials *Disabled/Updated* {641105E6-77ED-3F35-A304-765193BCB75F}SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}SP: Microsoft Security Essentials *Disabled/Updated* {DF70E402-51D7-30BB-99B4-4D23E83BFDE2}.============== Running Processes ===============.C:Windowssystem32wininit.exeC:Windowssystem32lsm.exeC:Windowssystem32svchost.exe -k DcomLaunchC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k RPCSSc:Program FilesMicrosoft Security ClientMsMpEng.exeC:WindowsSystem32svchost.exe -k LocalServiceNetworkRestrictedC:WindowsSystem32svchost.exe -k LocalSystemNetworkRestrictedC:Windowssystem32svchost.exe -k LocalServiceC:Windowssystem32svchost.exe -k netsvcsC:Program FilesNVIDIA CorporationDisplaynvxdsync.exeC:Windowssystem32nvvsvc.exeC:Windowssystem32svchost.exe -k NetworkServiceC:Windowssystem32WLANExt.exeC:Windowssystem32conhost.exeC:WindowsSystem32spoolsv.exeC:Windowssystem32svchost.exe -k LocalServiceNoNetworkc:Program Files (x86)Common FilesAdobeARM1.0armsvc.exeC:Program Files (x86)Common FilesAppleMobile Device SupportAppleMobileDeviceService.exeC:Program Files (x86)Bluetooth Suiteadminservice.exeC:Program FilesBonjourmDNSResponder.exeC:Program Files (x86)Launch Managerdsiwmis.exeC:Program FilesAcerAcer ePower ManagementePowerSvc.exeC:Program Files (x86)Launch ManagerLMutilps32.exeC:Windowssystem32svchost.exe -k LocalServiceAndNoImpersonationC:Program Files (x86)AcerRegistrationGREGsvc.exeC:Program FilesInteliCLS ClientHeciServer.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsDALjhi_service.exeC:Program FilesAcerAcer UpdaterUpdaterService.exeC:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exeC:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exeC:Program Files (x86)MicrosoftSearch Enhancement PackSeaPortSeaPort.exeC:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exeC:Windowssystem32taskhost.exeC:Windowssystem32svchost.exe -k imgsvcC:Windowssystem32Dwm.exeC:WindowsExplorer.EXEC:Program Files (x86)AtherosAth_WlanAgent.exeC:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exeC:Program Files (x86)Common FilesMicrosoft SharedVirtualization HandlerCVHSVC.EXEC:Windowssystem32SearchIndexer.exeC:WindowsSystem32igfxtray.exeC:Windowssystem32svchost.exe -k bthsvcsC:WindowsSystem32hkcmd.exeC:Windowssystem32svchost.exe -k NetworkServiceNetworkRestrictedC:WindowsSystem32igfxpers.exeC:Program FilesRealtekAudioHDARAVCpl64.exeC:Program FilesRealtekAudioHDARAVBg64.exeC:Program Files (x86)Bluetooth SuiteBtvStack.exeC:Program Files (x86)Bluetooth SuiteAthBtTray.exeC:Program FilesSynapticsSynTPSynTPEnh.exeC:Program FilesAcerAcer ePower ManagementePowerTray.exeC:Program FilesMicrosoft Security Clientmsseces.exeC:UsersMariaAppDataRoaminguTorrentuTorrent.exeC:Program FilesNVIDIA CorporationDisplaynvtray.exeC:WindowsSystem32StikyNot.exeC:UsersMariaAppDataRoamingSpotifyDataSpotifyWebHelper.exeC:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exeC:Dolby PCEE4pcee4.exeC:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exeC:Program Files (x86)Launch ManagerLManager.exeC:Windowssystem32igfxext.exeC:Windowssystem32taskeng.exeC:Program Files (x86)HPHP Software Updatehpwuschd2.exeC:Windowssystem32igfxsrvc.exeC:Program Files (x86)iTunesiTunesHelper.exeC:Program Files (x86)Launch ManagerMMDx64Fx.exeC:WindowsSystem32svchost.exe -k LocalServicePeerNetC:Windowssystem32wbemunsecapp.exeC:Program Files (x86)Launch ManagerLMworker.exeC:PROGRAM FILESSYNAPTICSSYNTPSYNTPHELPER.EXEC:Windowssystem32wbemwmiprvse.exeC:Program Files (x86)CyberlinkMediaEspressoDeviceDetectorDeviceDetector.exeC:Program FilesiPodbiniPodService.exeC:Program FilesWindows Media Playerwmpnetwk.exeC:Program FilesAcerAcer ePower ManagementePowerEvent.exeC:Windowssystem32DllHost.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsLMSLMS.exeC:Program Files (x86)NeroUpdateNASvc.exeC:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exeC:Program FilesAcerAcer Instant ServiceInstantUpdateiuBrowserIEAgent.exeC:Windowssystem32conhost.exeC:Program FilesAcerAcer Instant ServiceInstantUpdateiuEmailOutlookAgent.exeC:Windowssystem32conhost.exeC:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exeC:Program FilesEgisTec IPSPMMUpdate.exeC:Program FilesEgisTec IPSEgisUpdate.exeC:Windowssystem32wuauclt.exeC:Program Files (x86)Mozilla Firefoxfirefox.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:Program FilesInternet Exploreriexplore.exeC:Windowssystem32MacromedFlashFlashUtil64_11_9_900_170_ActiveX.exeC:Windowssystem32svchost.exe -k SDRSVCC:Windowssystem32conhost.exeC:Windowssystem32wbemwmiprvse.exeC:WindowsSystem32cscript.exe.============== Pseudo HJT Report ===============.uStart Page = hxxp://msn.com/uSearch Bar = PreserveuSearch Page = hxxp://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE10SRmSearch Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}mDefault_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}mWinlogon: Userinit = userinit.exe,TB: @C:Program Files (x86)MSN ToolbarPlatform6.3.2291.0npwinext.dll,-100: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:Program Files (x86)MSN ToolbarPlatform6.3.2291.0npwinext.dlluRun: [uTorrent] "C:UsersMariaAppDataRoaminguTorrentuTorrent.exe"  /MINIMIZEDuRun: [DAEMON Tools Lite] "C:Program Files (x86)DAEMON Tools LiteDTLite.exe" -autorunuRun: [RESTART_STICKY_NOTES] C:WindowsSystem32StikyNot.exeuRun: [spotify Web Helper] "C:UsersMariaAppDataRoamingSpotifyDataSpotifyWebHelper.exe"uRun: [spotify] "C:UsersMariaAppDataRoamingSpotifyspotify.exe" /uri spotify:autostartmRun: [Norton Online Backup] C:Program Files (x86)SymantecNorton Online BackupNOBuClient.exemRun: [backupManagerTray] "C:Program Files (x86)NTIAcer Backup ManagerBackupManagerTray.exe" -h -kmRun: [Adobe ARM] "C:Program Files (x86)Common FilesAdobeARM1.0AdobeARM.exe"mRun: [Dolby Advanced Audio v2] "C:Dolby PCEE4pcee4.exe" -autostartmRun: [uSB3MON] "C:Program Files (x86)IntelIntel® USB 3.0 eXtensible Host Controller DriverApplicationiusb3mon.exe"mRun: [LManager] C:Program Files (x86)Launch ManagerLManager.exemRun: [suiteTray] "C:Program Files (x86)EgisTec MyWinLockerSuitex86SuiteTray.exe"mRun: [HP Software Update] C:Program Files (x86)HpHP Software UpdateHPWuSchd2.exemRun: [Microsoft Default Manager] "C:Program Files (x86)MicrosoftSearch Enhancement PackDefault ManagerDefMgr.exe" -resumemRun: [QuickTime Task] "C:Program Files (x86)QuickTimeQTTask.exe" -atboottimemRun: [APSDaemon] "C:Program Files (x86)Common FilesAppleApple Application SupportAPSDaemon.exe"mRun: [iTunesHelper] "C:Program Files (x86)iTunesiTunesHelper.exe"dRunOnce: [isMyWinLockerReboot] msiexec.exe /qn /x{voidguid}mPolicies-Explorer: NoActiveDesktop = dword:1mPolicies-Explorer: NoActiveDesktopChanges = dword:1mPolicies-System: ConsentPromptBehaviorAdmin = dword:5mPolicies-System: ConsentPromptBehaviorUser = dword:3mPolicies-System: EnableUIADesktopToggle = dword:0IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:Program Files (x86)Windows LiveWriterWriterBrowserExtension.dllIE: {7815BE26-237D-41A8-A98F-F7BD75F71086} - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:Program Files (x86)Bluetooth SuiteIEPlugIn.dllIE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:Program Files (x86)EvernoteEvernoteEvernoteIE.dll/204TCP: NameServer = 95.169.200.3 95.169.200.4TCP: Interfaces{68859187-D387-4013-8A93-72D7ED5C7549} : DHCPNameServer = 95.169.200.3 95.169.200.4Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:Program Files (x86)Common FilesSkypeSkype4COM.dllHandler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:Program Files (x86)Windows LivePhoto GalleryAlbumDownloadProtocolHandler.dllSSODL: WebCheck - <orphaned>LSA: Security Packages =  kerberos msv1_0 schannel wdigest tspkg pku2u livesspx64-mSearch Page = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}x64-mDefault_Search_URL = hxxp://search.delta-homes.com/web/?type=ds&ts=1388680621&from=wpm0102&uid=HitachiXHTS545050A7E380_TE95113RH5GZBPH5GZBPX&q={searchTerms}x64-TB: avast! Online Security: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} -x64-Run: [igfxTray] C:WindowsSystem32igfxtray.exex64-Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exex64-Run: [Persistence] C:WindowsSystem32igfxpers.exex64-Run: [RTHDVCPL] C:Program FilesRealtekAudioHDARAVCpl64.exe -sx64-Run: [RtHDVBg_Dolby] C:Program FilesRealtekAudioHDARAVBg64.exe /FORPCEE4x64-Run: [AtherosBtStack] "C:Program Files (x86)Bluetooth SuiteBtvStack.exe"x64-Run: [AthBtTray] "C:Program Files (x86)Bluetooth SuiteAthBtTray.exe"x64-Run: [synTPEnh] C:Program Files (x86)SynapticsSynTPSynTPEnh.exex64-Run: [Power Management] C:Program FilesAcerAcer ePower ManagementePowerTray.exex64-Run: [instantUpdate] C:Program FilesAcerAcer Instant ServiceInstantUpdateiuDaemon.exex64-Run: [MSC] "c:Program FilesMicrosoft Security Clientmsseces.exe" -hide -runkeyx64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>x64-Notify: igfxcui - igfxdev.dllx64-SSODL: WebCheck - <orphaned>.================= FIREFOX ===================.FF - ProfilePath - C:UsersMariaAppDataRoamingMozillaFirefoxProfileswaha7wag.defaultFF - plugin: C:PROGRA~2COMMON~1NeroBROWSE~1npBrowserPlugin.dllFF - plugin: C:PROGRA~2MICROS~4Office14NPSPWRAP.DLLFF - plugin: C:Program Files (x86)AdobeReader 10.0ReaderAIRnppdf32.dllFF - plugin: C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIIPT.dllFF - plugin: C:Program Files (x86)IntelIntel® Management Engine ComponentsIPTnpIntelWebAPIUpdater.dllFF - plugin: c:Program Files (x86)Microsoft Silverlight5.1.20913.0npctrlui.dllFF - plugin: C:Program Files (x86)WildTangent GamesAppBrowserIntegrationRegistered0NP_wtapp.dllFF - plugin: C:Program Files (x86)Windows LivePhoto GalleryNPWLPG.dllFF - plugin: C:WindowsSysWOW64MacromedFlashNPSWF32_11_9_900_170.dll.============= SERVICES / DRIVERS ===============.R0 gfibto;gfibto;C:WindowsSystem32driversgfibto.sys [2013-10-31 14456]R0 iusb3hcs;Intel® USB 3.0 Host Controller Switch Driver;C:WindowsSystem32driversiusb3hcs.sys [2012-6-14 16152]R0 MpFilter;Microsoft Malware Protection Driver;C:WindowsSystem32driversMpFilter.sys [2013-9-27 248240]R0 nvpciflt;nvpciflt;C:WindowsSystem32driversnvpciflt.sys [2012-6-14 28992]R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:WindowsSystem32driversdtsoftbus01.sys [2013-10-16 283200]R1 mwlPSDFilter;mwlPSDFilter;C:WindowsSystem32driversmwlPSDFilter.sys [2012-6-14 22648]R1 mwlPSDNServ;mwlPSDNServ;C:WindowsSystem32driversmwlPSDNserv.sys [2012-6-14 20520]R1 mwlPSDVDisk;mwlPSDVDisk;C:WindowsSystem32driversmwlPSDVDisk.sys [2012-6-14 62776]R1 vwififlt;Virtual WiFi Filter Driver;C:WindowsSystem32driversvwififlt.sys [2009-7-14 59904]R2 AdobeARMservice;Adobe Acrobat Update Service;C:Program Files (x86)Common FilesAdobeARM1.0armsvc.exe [2013-9-3 65640]R2 AtherosSvc;AtherosSvc;C:Program Files (x86)Bluetooth SuiteAdminService.exe [2012-3-9 107648]R2 cvhsvc;Client Virtualization Handler;C:Program Files (x86)Common Filesmicrosoft sharedVirtualization HandlerCVHSVC.EXE [2013-4-22 822504]R2 DsiWMIService;Dritek WMI Service;C:Program Files (x86)Launch Managerdsiwmis.exe [2012-6-14 355920]R2 ePowerSvc;ePower Service;C:Program FilesAcerAcer ePower ManagementePowerSvc.exe [2012-6-14 871296]R2 GREGService;GREGService;C:Program Files (x86)AcerRegistrationGREGsvc.exe [2012-2-29 28264]R2 Intel® Capability Licensing Service Interface;Intel® Capability Licensing Service Interface;C:Program FilesInteliCLS ClientHeciServer.exe [2012-2-3 628448]R2 Intel® ME Service;Intel® ME Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsFWServiceIntelMeFWService.exe [2012-6-14 127320]R2 jhi_service;Intel® Dynamic Application Loader Host Interface Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsDALJhi_service.exe [2012-6-14 162648]R2 Live Updater Service;Live Updater Service;C:Program FilesAcerAcer UpdaterUpdaterService.exe [2012-3-28 255376]R2 NAUpdate;Nero Update;C:Program Files (x86)NeroUpdateNASvc.exe [2012-7-13 769432]R2 NOBU;Norton Online Backup;C:Program Files (x86)SymantecNorton Online BackupNOBuAgent.exe [2010-6-2 2804568]R2 NTI IScheduleSvc;NTI IScheduleSvc;C:Program Files (x86)NTIAcer Backup ManagerIScheduleSvc.exe [2012-1-5 256536]R2 nvUpdatusService;NVIDIA Update Service Daemon;C:Program Files (x86)NVIDIA CorporationNVIDIA Update Coredaemonu.exe [2012-6-14 2458944]R2 sftlist;Application Virtualization Client;C:Program Files (x86)Microsoft Application Virtualization Clientsftlist.exe [2013-6-26 523944]R2 UNS;Intel® Management and Security Application User Notification Service;C:Program Files (x86)IntelIntel® Management Engine ComponentsUNSUNS.exe [2012-6-14 362840]R2 ZAtheros Wlan Agent;ZAtheros Wlan Agent;C:Program Files (x86)AtherosAth_WlanAgent.exe [2012-6-14 76960]R3 AthBTPort;Atheros Virtual Bluetooth Class;C:WindowsSystem32driversbtath_flt.sys [2012-3-9 36480]R3 BTATH_A2DP;Bluetooth A2DP Audio Driver;C:WindowsSystem32driversbtath_a2dp.sys [2012-3-9 340096]R3 btath_avdt;Atheros Bluetooth AVDT Service;C:WindowsSystem32driversbtath_avdt.sys [2012-3-9 111232]R3 BTATH_BUS;Atheros Bluetooth Bus;C:WindowsSystem32driversbtath_bus.sys [2012-3-9 30848]R3 BTATH_HCRP;Bluetooth HCRP Server driver;C:WindowsSystem32driversbtath_hcrp.sys [2012-3-9 168064]R3 BTATH_LWFLT;Bluetooth LWFLT Device;C:WindowsSystem32driversbtath_lwflt.sys [2012-3-9 68736]R3 BTATH_RCP;Bluetooth AVRCP Device;C:WindowsSystem32driversbtath_rcp.sys [2012-3-9 281472]R3 BtFilter;BtFilter;C:WindowsSystem32driversbtfilter.sys [2012-3-9 551552]R3 IntcDAud;Intel® Display Audio;C:WindowsSystem32driversIntcDAud.sys [2012-6-14 331264]R3 iusb3hub;Intel® USB 3.0 Hub Driver;C:WindowsSystem32driversiusb3hub.sys [2012-6-14 356120]R3 iusb3xhc;Intel® USB 3.0 eXtensible Host Controller Driver;C:WindowsSystem32driversiusb3xhc.sys [2012-6-14 788760]R3 MEIx64;Intel® Management Engine Interface ;C:WindowsSystem32driversHECIx64.sys [2012-6-14 60184]R3 RSBASTOR;Realtek PCIE CardReader Driver - BA;C:WindowsSystem32driversRtsBaStor.sys [2012-6-14 292968]R3 RTL8167;Realtek 8167 NT Driver;C:WindowsSystem32driversRt64win7.sys [2012-6-14 685160]R3 Sftfs;Sftfs;C:WindowsSystem32driversSftfslh.sys [2013-6-26 767144]R3 Sftplay;Sftplay;C:WindowsSystem32driversSftplaylh.sys [2013-6-26 273576]R3 Sftredir;Sftredir;C:WindowsSystem32driversSftredirlh.sys [2013-6-26 28840]R3 Sftvol;Sftvol;C:WindowsSystem32driversSftvollh.sys [2013-6-26 23208]R3 sftvsa;Application Virtualization Service Agent;C:Program Files (x86)Microsoft Application Virtualization Clientsftvsa.exe [2013-6-26 207528]RUnknown SASKUTIL;SASKUTIL; [x]S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:WindowsMicrosoft.NETFrameworkv4.0.30319mscorsvw.exe [2010-3-18 130384]S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:WindowsMicrosoft.NETFramework64v4.0.30319mscorsvw.exe [2010-3-18 138576]S2 SkypeUpdate;Skype Updater;C:Program Files (x86)SkypeUpdaterUpdater.exe [2012-7-13 160944]S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:WindowsSysWOW64MacromedFlashFlashPlayerUpdateService.exe [2012-3-28 257416]S3 cphs;Intel® Content Protection HECI Service;C:WindowsSysWOW64IntelCpHeciSvc.exe [2012-6-14 276248]S3 EgisTec Ticket Service;EgisTec Ticket Service;C:Program Files (x86)Common FilesEgisTecServicesEgisTicketService.exe [2011-6-21 173424]S3 GamesAppIntegrationService;GamesAppIntegrationService;C:Program Files (x86)WildTangent GamesAppGamesAppIntegrationService.exe [2013-10-7 240736]S3 GamesAppService;GamesAppService;C:Program Files (x86)WildTangent GamesAppGamesAppService.exe [2010-10-12 206072]S3 HTCAND64;HTC Device Driver;C:WindowsSystem32driversANDROIDUSB.sys [2009-11-2 33736]S3 MozillaMaintenance;Mozilla Maintenance Service;C:Program Files (x86)Mozilla Maintenance Servicemaintenanceservice.exe [2014-1-4 119408]S3 NisDrv;Microsoft Network Inspection System;C:WindowsSystem32driversNisDrvWFP.sys [2013-9-27 134944]S3 NisSrv;Microsoft Network Inspection;C:Program FilesMicrosoft Security ClientNisSrv.exe [2013-10-23 348376]S3 osppsvc;Office Software Protection Platform;C:Program FilesCommon FilesMicrosoft SharedOfficeSoftwareProtectionPlatformOSPPSVC.EXE [2010-1-9 4925184]S3 TsUsbFlt;TsUsbFlt;C:WindowsSystem32driversTsUsbFlt.sys [2010-11-21 59392]S3 TsUsbGD;Remote Desktop Generic USB Device;C:WindowsSystem32driversTsUsbGD.sys [2010-11-21 31232]S3 WatAdminSvc;Windows Activation Technologies Service;C:WindowsSystem32WatWatAdminSvc.exe [2013-10-16 1255736]S4 wlcrasvc;Windows Live Mesh remote connections service;C:Program FilesWindows LiveMeshwlcrasvc.exe [2010-9-23 57184].=============== Created Last 30 ================.2014-01-04 19:27:44  75888  ----a-w-  C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{009ED515-19A0-4AF1-93AC-075642AA091F}offreg.dll2014-01-04 18:39:33  10315576  ----a-w-  C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{009ED515-19A0-4AF1-93AC-075642AA091F}mpengine.dll2014-01-03 14:50:47  --------  d-----w-  C:UsersMariaAppDataRoamingSUPERAntiSpyware.com2014-01-03 11:24:09  --------  d-----w-  C:UsersMariaAppDataRoamingMalwarebytes2014-01-03 11:23:37  --------  d-----w-  C:ProgramDataMalwarebytes2014-01-03 11:23:34  --------  d-----w-  C:Program Files (x86)Malwarebytes' Anti-Malware2014-01-03 11:23:18  --------  d-----w-  C:UsersMariaAppDataLocalPrograms2014-01-03 11:21:50  965000  ------w-  C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition Updates{3BEF8CD9-188B-4693-ABED-D96E694CE31D}gapaengine.dll2014-01-03 11:21:43  10315576  ------w-  C:ProgramDataMicrosoftMicrosoft AntimalwareDefinition UpdatesBackupmpengine.dll2014-01-03 11:12:27  --------  d-----w-  C:Program Files (x86)Microsoft Security Client2014-01-03 11:12:24  --------  d-----w-  C:Program FilesMicrosoft Security Client2014-01-03 10:59:41  --------  d-----w-  C:UsersMariaAppDataLocalElevatedDiagnostics2014-01-02 19:56:31  --------  d--h--w-  C:Windowsmsdownld.tmp2014-01-02 16:37:01  --------  d-----w-  C:WindowsSysWow64log2014-01-02 16:36:03  --------  d-----w-  C:ProgramDataWPM2013-12-31 13:44:30  10315576  ----a-w-  C:ProgramDataMicrosoftWindows DefenderDefinition Updates{7F0AD7D0-E965-4297-80F9-A832103860F7}mpengine.dll2013-12-21 11:01:54  --------  d-----w-  C:Program Files (x86)MSXML 4.02013-12-18 16:39:05  --------  d-----w-  C:UsersMariaAppDataLocalNero2013-12-18 16:38:20  --------  d-----w-  C:UsersMariaAppDataLocalNero_AG2013-12-18 16:04:42  --------  d-----w-  C:Program Files (x86)Nero2013-12-18 16:04:29  --------  d-----w-  C:ProgramDataNero2013-12-18 15:47:10  248672  ----a-w-  C:WindowsSysWow64d3dx11_43.dll2013-12-18 15:46:30  470880  ----a-w-  C:WindowsSysWow64d3dx10_43.dll2013-12-18 15:45:52  1998168  ----a-w-  C:WindowsSysWow64D3DX9_43.dll2013-12-18 15:45:20  1868128  ----a-w-  C:WindowsSysWow64d3dcsx_43.dll2013-12-18 15:44:42  2106216  ----a-w-  C:WindowsSysWow64D3DCompiler_43.dll2013-12-18 11:43:27  --------  d-----w-  C:UsersMariaAppDataLocalSpotify2013-12-18 11:27:13  --------  d-----w-  C:UsersMariaAppDataRoamingSpotify2013-12-16 21:32:52  --------  d-----w-  C:UsersMariaAppDataLocalApple Computer2013-12-16 21:32:37  33240  ----a-w-  C:WindowsSystem32driversGEARAspiWDM.sys2013-12-16 21:31:30  --------  d-----w-  C:Program FilesiPod2013-12-16 21:31:29  --------  d-----w-  C:ProgramData34BE82C4-E596-4e99-A191-52C6199EBF692013-12-16 21:31:29  --------  d-----w-  C:Program FilesiTunes2013-12-16 21:31:29  --------  d-----w-  C:Program Files (x86)iTunes2013-12-16 21:30:54  --------  d-----w-  C:Program FilesBonjour2013-12-16 21:30:54  --------  d-----w-  C:Program Files (x86)Bonjour2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin7.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin6.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin5.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin4.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin3.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin2.dll2013-12-16 21:13:23  159744  ----a-w-  C:Program FilesInternet ExplorerPluginsnpqtplugin.dll2013-12-16 21:12:44  --------  d-----w-  C:UsersMariaAppDataLocalApple2013-12-16 10:04:59  167424  ----a-w-  C:Program FilesWindows Media Playerwmplayer.exe2013-12-16 10:04:59  164864  ----a-w-  C:Program Files (x86)Windows Media Playerwmplayer.exe2013-12-16 10:04:58  12625920  ----a-w-  C:WindowsSystem32wmploc.DLL2013-12-16 10:04:57  12625408  ----a-w-  C:WindowsSysWow64wmploc.DLL2013-12-12 15:53:08  --------  d-----w-  C:UsersMariaMediaEspresso2013-12-12 08:30:01  335360  ----a-w-  C:WindowsSystem32msieftp.dll2013-12-12 08:30:01  301568  ----a-w-  C:WindowsSysWow64msieftp.dll.==================== Find3M  ====================.2013-12-25 21:53:34  439648  ----a-w-  C:WindowsSystem32driversaswNdisFlt.sys2013-12-24 22:04:21  71048  ----a-w-  C:WindowsSysWow64FlashPlayerCPLApp.cpl2013-12-24 22:04:21  692616  ----a-w-  C:WindowsSysWow64FlashPlayerApp.exe2013-11-23 18:26:20  417792  ----a-w-  C:WindowsSysWow64WMPhoto.dll2013-11-23 17:47:34  465920  ----a-w-  C:WindowsSystem32WMPhoto.dll2013-11-19 10:21:41  267936  ------w-  C:WindowsSystem32MpSigStub.exe2013-11-12 02:23:09  2048  ----a-w-  C:WindowsSystem32tzres.dll2013-11-12 02:07:29  2048  ----a-w-  C:WindowsSysWow64tzres.dll2013-10-31 08:16:35  47496  ----a-w-  C:WindowsSystem32sbbd.exe2013-10-31 08:16:35  14456  ----a-w-  C:WindowsSystem32driversgfibto.sys2013-10-30 01:24:31  3155968  ----a-w-  C:WindowsSystem32win32k.sys2013-10-19 02:18:57  81408  ----a-w-  C:WindowsSystem32imagehlp.dll2013-10-19 01:36:59  159232  ----a-w-  C:WindowsSysWow64imagehlp.dll2013-10-16 13:38:27  283200  ----a-w-  C:WindowsSystem32driversdtsoftbus01.sys2013-10-14 18:41:56  131232  ----a-w-  C:WindowsSystem32driversaswFW.sys2013-10-12 02:32:04  150016  ----a-w-  C:WindowsSystem32wshom.ocx2013-10-12 02:31:04  202752  ----a-w-  C:WindowsSystem32scrrun.dll2013-10-12 02:30:42  830464  ----a-w-  C:WindowsSystem32nshwfp.dll2013-10-12 02:29:21  859648  ----a-w-  C:WindowsSystem32IKEEXT.DLL2013-10-12 02:29:08  324096  ----a-w-  C:WindowsSystem32FWPUCLNT.DLL2013-10-12 02:04:36  121856  ----a-w-  C:WindowsSysWow64wshom.ocx2013-10-12 02:03:31  163840  ----a-w-  C:WindowsSysWow64scrrun.dll2013-10-12 02:03:08  656896  ----a-w-  C:WindowsSysWow64nshwfp.dll2013-10-12 02:01:25  216576  ----a-w-  C:WindowsSysWow64FWPUCLNT.DLL2013-10-12 01:33:39  156160  ----a-w-  C:WindowsSystem32cscript.exe2013-10-12 01:33:26  168960  ----a-w-  C:WindowsSystem32wscript.exe2013-10-12 01:15:48  141824  ----a-w-  C:WindowsSysWow64wscript.exe2013-10-12 01:15:48  126976  ----a-w-  C:WindowsSysWow64cscript.exe.============= FINISH: 23:17:00,99 ===============

 

 

 

Давам линк към attach.txt файла, защото е много дълъг

 

http://dox.bg/files/dw?a=bf1c040ce0

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

 

 

СТЪПКА 1

 

  • [*]

Изтеглете и стартирайтe AdwCleaner.exe.

[*]Натиснете бутона Scan. [*]AdwCleaner ще започне да проверява компютъра, както преди. [*]След като проверката приключи...този път натиснете бутона Clean тъй като няма неща които да не са за триене от лога. [*]Натиснете OK на диалоговия прозорец, който ще се появи подканвайки Ви да затворите всички активни приложения. [*]Натиснете OK отново за да позволите наAdwCleaner да рестартира компютъра и да довърши почистващия процес. [*]След рестарта ще се появи автоматично лог файл с името (AdwCleaner[s0].txt). [*]Прикачете съдържанието му в следващия си коментар [*]Копие на лог файла можеш да намериш и в папката C:AdwCleaner.

 

 

 

СТЪПКА 2

 

 

 

Публикувано изображение Моля изтеглете Junkware Removal Tool на вашия десктоп.

  • [*]Спрете временно работата на защитните програми. [*]Стартирайте инструмента
JRT.exe [*]Ще се отвори ДОС прозорец. Натиснете което и да е копче от клавиатурата. [*]Затворете излишните приложения и всички браузъри и изчакайте проверката да завърши. [*]Ще се появи лог файл (който можете да намерите и ръчно на десктопа с името JRT.txt). [*]Моля копирайте съдържанието на лог файла в следващия си пост.

 

 

 

СТЪПКА 3

 

 

 

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware

  • [*]Кликнете два пъти върху
mbam-setup.exe, за да инсталирате програмата. [*]Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish. [*]Ако има намерени обновявания, тя ще ги изтегли и инсталира. [*]Стартирайте програмата и изберете "Perform Quick Scan", след това кликнете на Scan. [*]Сканирането ще отнеме малко време, затова моля да бъдете търпеливи. [*]Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата. [*]Уверете се, че на всички редове има отметки (ако няма на някои обекти ги поставете ръчно), и кликнете на Remove Selected. [*]Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. [*]Прикачете този лог в следващия си коментар в темата.

Забележка: Ако MalwareBytes'Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поискада рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

 

 

 

СТЪПКА 4

 

 

  • [*]Моля изтеглете
Farbar Recovery Scan Tool (според версията на Windows изберете 32 битовата или 64 битовата версия) и го запазете на десктопа. [*]Стартирайте файла FRST.exe (или FRST64.exe) [*]Програмата ще се стартира. Натиснете YES за да се съгласите с лицензионното споразумение. [*]Сложете всички отметки. [*]Натиснете бутона SCAN. [*]Ще се създадат два лог файл с името - FRST.txt и Addition.txt на десктопа. [*]Прикачете лог файловете в следващия си коментар.

 

 

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте, изпълних 4-те стъпки, стартирах експлорера и началната страница е вече msn.com, delta-homes.com е премахнат! Мога ли да съм сигурен, че проблема е решен? Благодаря!

 

 

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Junkware Removal Tool (JRT) by ThisisuVersion: 6.0.9 (01.01.2014:1)OS: Windows 7 Home Premium x64Ran by Maria on ­Ґ¤ 05.01.2014 Ј. at 13:44:22,45~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Services~~~ Registry Values~~~ Registry Keys~~~ FilesSuccessfully deleted: [File] "C:Program Files (x86)mozilla firefoxpluginsnpcouponprinter.dll"Successfully deleted: [File] "C:Program Files (x86)mozilla firefoxpluginsnpmozcouponprinter.dll"~~~ FoldersSuccessfully deleted: [Folder] "C:Program Files (x86)coupons"Successfully deleted: [Empty Folder] C:UsersMariaappdatalocal{3F29B976-651D-473A-8948-F1B06F5A923A}Successfully deleted: [Empty Folder] C:UsersMariaappdatalocal{780E6384-CC89-4C0C-917C-E8D96272F594}~~~ FireFoxEmptied folder: C:UsersMariaAppDataRoamingmozillafirefoxprofileswaha7wag.defaultminidumps [1 files]~~~ Event Viewer Logs were cleared~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~Scan was completed on ­Ґ¤ 05.01.2014 Ј. at 13:55:11,88End of JRT log~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

AdwCleanerS0.txt

mbam-log-2014-01-05 (14-03-36).txt

FRST.txt

Addition.txt

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте,

 

Да, логовете са чисти. Добре е само да почистите временните файлове.

Вижте направо следния линк

 

Финални препоръки:

 

1. Обновете всички стари приложения, ако има засечени такива с помощта на PatchMyPC

 

2. За да почистим използваните от нас неща направете следното:

 

Стартирайте Adwcleaner и изберете бутона Uninstall.

 

Изтеглете OTC.exe и го стартирайте. Натиснете бутона CleanUp!.
Рестартирайте компютъра, ако ви попита!

Изтеглете Delfix.exe и го стартирайте. Сложете отметка пред Remove disinfection tools (трябва да има такава по-подразбиране, но все пак да си кажа) => натиснете бутона Run

Инструмента ще се самоизтрие след като приключи своята задача!

 

Ако има инструменти, папки или логове от използваните от нас неща и те не са се изтрили при горе-споменатите процедури, ги изтрийте ръчно (можете да си оставите Malwarebytes Anti-Malware за профилактични проверки).

 

Ако нямате повече въпроси и проблеми, ще маркирам случая като РЕШЕН. :bye1:

 

Поздрави!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да, проблемът е решен. Благодаря!


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от sv3tlio
      Здравейте на всички! Ще гледам да съм максимално кратък и ще карам направо. Както виждате от заглавието на темата имам проблем с Хромиум. Като цяло проблемът ми е доста сходен с този : https://www.kaldata.com/forums/topic/270658-след-зареждане-на-windows-се-стартира-chromium/ . Същата работа е при мен. Преди около седмица си изтеглих BS Player, и от тогава се появи и този Chromium. BS Player-ът го изтеглих баш от сайта им, не от някакво измислено място, но явно и от там няма гаранция. Както и да е. Всеки път като се включи компютъра, било то след рестарт, или обикновено включване (това е само след пълно изключване на компютъра, когато го включа след "режим на готовност", този проблем го няма) веднага ми отваря Chromium и по-точно раздела history. На пръв поглед е все едно гледам Chrome, но не е. Отначало когато за пръв път се появи имаше историята от Chrome + каквито видео файлове съм пускал. Примерно влизал съм в еди си кой сайт, гледал съм еди си кой филм. Помъчих се да го деинсталирам обаче не става (ще приложа снимки какво точно ми излиза). 

      След като щракна върху Промени/премахни, пък ми излиза това: 

       И така до безкрайност. Писах "Chromium" в търсачката на компютъра (едно кученце). То търси, търси, чете някакви книжки, гледа с една лупа и накрая ми показа къде стоят файловете на този ми ти Chromium. Изтрих ги, нямаше никакъв ефект. После с Ctrl+alt+del влязох в "Процеси" и от там изтрих редовете на които пишеше chromium.exe. Тук беше и най-големият ми напредък, щото историята от Chrome + видео файловете отваряни откакто този компютър е станал компютър ги нямаше. Обаче остана това, че всеки път като включа компютъра и ми изкача нов прозорец в Chromium, ами освен това усещам как ми бави и самият Chrome - той е браузърът ми по подразбиране. Само да вметна, деинсталирах BS Player, Google Chrome, Mozilla Firefox, Avast също махнах за малко, барем се оправи, но не постигнах желаният от мен ефект. В темата която постнах по-горе от човека със същия проблем, пробвах да изтегля препоръчаният му fixlist, обаче ми дава грешка в страницата. Аз даже първо мислех, да си постна проблема там като коментар, ама викам айде да не спамя на човека темата, по-добре сякаш да отворя нова. Пък ако модераторите решат, че темата ми нещо е извън правилата, моля да бъда извинен за невежеството си. Та общо взето това е, бих се радвал на всякаква помощ. Лека вечер от мен!
       
    • от Fabry
      През няколко минути се появява странно съобщение от системата - на прикачената снимка е . Ако някой помогне, ще съм задължен !

    • от jega96
      Здр-те на всички от форома,можели да ми кажете заразен ли съм със някакъв вирус,защото преди няколко седмици ми излезе грешка на декстапа ми изтрих я и сега неми се явява вече общо казано,принципно не ползвам антивирусни програми,не влизам кой знае каде,за да хвана вирус,ама все пак да ми отговорите,как съм със ОС,като цяло мерси предварително.

      FRST.txt
      Addition.txt
    • от The Negative One
      Та пуснах вече една тема - хората ме пратиха тук.Ситуацията е следната - При всяко включване на компютъра Google Chrome автоматично се е пуснал и е отворил някакъв сайт с глупости на руски език."Получи предсказание от Ванга" и прочие простотии.Та опитах да изчистя кеша и да рестартирам настройките на браузъра, но не постигнах ефект.Ще се радвам ако някой може да помогне!
      Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09.12.2018
      Ran by SHANOVr (administrator) on DESKTOP-4AUH82I (13-12-2018 12:11:15)
      Running from D:\Camera\downloads D
      Loaded Profiles: SHANOVr (Available Profiles: defaultuser0 & SHANOVr)
      Platform: Windows 10 Pro Version 1709 16299.125 (X64) Language: English (United States)
      Internet Explorer Version 11 (Default browser: Chrome)
      Boot Mode: Normal
      Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
      ==================== Processes (Whitelisted) =================
      (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (Intel Corporation) C:\Windows\System32\igfxCUIService.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
      (Hi-Rez Studios) D:\SteamGammEZ\HiPatchService.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\MsMpEng.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
      (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
      (Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
      (Intel Corporation) C:\Windows\System32\igfxEM.exe
      (Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      (Microsoft Corporation) C:\Windows\System32\smartscreen.exe
      () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
      (Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
      (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
      (f.lux Software LLC) C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1812.3-0\NisSrv.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
      (ASUSTek) C:\Program Files (x86)\ASUS\GPU TweakII\ASUSGPUFanService.exe
      (Microsoft Corporation) C:\Windows\System32\dllhost.exe
      ==================== Registry (Whitelisted) ===========================
      (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
      HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [630168 2017-09-29] (Microsoft Corporation)
      HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13671792 2014-03-14] (Realtek Semiconductor)
      HKLM-x32\...\Run: [VirtualCloneDrive] => D:\CloneDrive\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Steam] => C:\Program Files\Steam\steam.exe [3131680 2018-11-26] (Valve Corporation)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [f.lux] => C:\Users\SHANOVr\AppData\Local\FluxSoftware\Flux\flux.exe [1820168 2018-10-24] (f.lux Software LLC)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [EpicGamesLauncher] => D:\boiii\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [32973712 2018-07-26] (Epic Games, Inc.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [Skype for Desktop] => C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe [49803328 2018-09-10] (Skype Technologies S.A.)
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\Run: [SHANOVr] => explorer.exe hxxp://dipladoks.org <==== ATTENTION
      HKU\S-1-5-21-392342708-715023771-1080359625-1001\...\MountPoints2: {5911fcb2-a851-11e8-a4da-fcaa14184561} - "F:\EuroTruckSimulator2_setup.exe" 
      GroupPolicy: Restriction ? <==== ATTENTION
      ==================== Internet (Whitelisted) ====================
      (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
      Tcpip\Parameters: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Tcpip\..\Interfaces\{b2172693-d883-4ed3-8b20-1cd27a17c8d4}: [DhcpNameServer] 192.168.42.129
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [NameServer] 8.8.8.8,8.8.4.4
      Tcpip\..\Interfaces\{ed733950-9206-4498-b0d2-848e150b2288}: [DhcpNameServer] 66.117.6.114 180.76.76.76
      Internet Explorer:
      ==================
      SearchScopes: HKU\S-1-5-21-392342708-715023771-1080359625-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
      FireFox:
      ========
      FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_170.dll [2017-05-20] ()
      FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [2018-10-11] (NVIDIA Corporation)
      FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-17] (Google Inc.)
      Chrome: 
      =======
      CHR Profile: C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default [2018-12-13]
      CHR Extension: (Slides) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-13]
      CHR Extension: (Docs) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-13]
      CHR Extension: (Google Drive) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-22]
      CHR Extension: (YouTube) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-22]
      CHR Extension: (Adblock Plus) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-12-12]
      CHR Extension: (Block Site - Website Blocker for Chrome™) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\eiimnmioipafcokbfikbljfdeojpcgbh [2018-11-19]
      CHR Extension: (Sheets) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-13]
      CHR Extension: (Google Docs Offline) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-16]
      CHR Extension: (AdBlock) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2018-12-11]
      CHR Extension: (Chrome Web Store Payments) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
      CHR Extension: (Gmail) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-22]
      CHR Extension: (Chrome Media Router) - C:\Users\SHANOVr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-10-20]
      ==================== Services (Whitelisted) ====================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 BEService; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [7211968 2018-08-07] ()
      S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [775296 2018-04-16] (EasyAntiCheat Ltd)
      U2 HiPatchService; D:\SteamGammEZ\HiPatchService.exe [9728 2017-09-19] (Hi-Rez Studios) [File not signed]
      R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [365040 2017-10-20] (Intel Corporation)
      R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [773160 2018-10-10] (NVIDIA Corporation)
      S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [4329952 2017-12-14] (Microsoft Corporation)
      R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\NisSrv.exe [3880120 2018-12-10] (Microsoft Corporation)
      R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1812.3-0\MsMpEng.exe [114208 2018-12-10] (Microsoft Corporation)
      R2 NVDisplay.ContainerLocalSystem; "C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe" -s NVDisplay.ContainerLocalSystem -f "C:\ProgramData\NVIDIA\NVDisplay.ContainerLocalSystem.log" -l 3 -d "C:\Program Files\NVIDIA Corporation\Display.NvContainer\plugins\LocalSystem" -r -p 30000 
      R2 NvTelemetryContainer; "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe" -s NvTelemetryContainer -f "C:\ProgramData\NVIDIA\NvTelemetryContainer.log" -l 3 -d "C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\plugins" -r
      ===================== Drivers (Whitelisted) ======================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
      S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [131984 2017-05-18] (Samsung Electronics Co., Ltd.)
      R4 IOMap; C:\WINDOWS\system32\drivers\IOMap64.sys [35352 2017-01-11] (ASUSTeK Computer Inc.)
      R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nv_dispi.inf_amd64_f4187dc256a67a6b\nvlddmkm.sys [20337064 2018-10-12] (NVIDIA Corporation)
      S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [30792 2018-08-21] (NVIDIA Corporation)
      R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [69544 2018-06-08] (NVIDIA Corporation)
      R3 nvvhci; C:\WINDOWS\System32\drivers\nvvhci.sys [65792 2018-04-24] (NVIDIA Corporation)
      R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [604160 2017-09-29] (Realtek )
      S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [166288 2017-05-18] (Samsung Electronics Co., Ltd.)
      S3 ssudserd; C:\WINDOWS\system32\DRIVERS\ssudserd.sys [165504 2016-09-05] (Samsung Electronics Co., Ltd.)
      S3 usbrndis6; C:\WINDOWS\System32\drivers\usb80236.sys [23040 2017-09-29] (Microsoft Corporation)
      S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [46680 2018-12-10] (Microsoft Corporation)
      R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [330936 2018-12-10] (Microsoft Corporation)
      R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [62136 2018-12-10] (Microsoft Corporation)
      R3 XtuAcpiDriver; C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [63840 2015-06-06] (Intel Corporation)
      ==================== NetSvcs (Whitelisted) ===================
      (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

      ==================== One Month Created files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-12 15:59 - 2018-12-12 15:59 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\Google
      2018-11-28 00:07 - 2018-11-21 15:41 - 000715172 _____ C:\Users\SHANOVr\Desktop\Scan2.TIF
      ==================== One Month Modified files and folders ========
      (If an entry is included in the fixlist, the file/folder will be moved.)
      2018-12-13 12:11 - 2017-04-22 22:42 - 000000000 ____D C:\FRST
      2018-12-13 12:10 - 2018-01-20 22:10 - 001425282 _____ C:\WINDOWS\system32\PerfStringBackup.INI
      2018-12-13 12:07 - 2017-01-22 20:01 - 000000000 ____D C:\ProgramData\NVIDIA
      2018-12-13 12:06 - 2018-01-20 22:09 - 000003098 _____ C:\WINDOWS\System32\Tasks\GPU Tweak II
      2018-12-13 12:05 - 2018-01-20 21:57 - 000000000 ____D C:\Users\SHANOVr
      2018-12-13 12:05 - 2017-01-22 20:15 - 000000000 __SHD C:\Users\SHANOVr\IntelGraphicsProfiles
      2018-12-13 12:05 - 2017-01-22 19:52 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
      2018-12-13 12:04 - 2018-01-20 22:09 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
      2018-12-13 12:04 - 2018-01-20 21:53 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ___HD C:\Program Files\WindowsApps
      2018-12-13 09:26 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\AppReadiness
      2018-12-13 09:25 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\DeliveryOptimization
      2018-12-12 22:54 - 2017-01-22 20:18 - 000000000 ____D C:\Program Files\Steam
      2018-12-12 09:13 - 2017-02-28 08:33 - 000000000 ____D C:\Users\SHANOVr\AppData\Roaming\AIMP3
      2018-12-12 08:46 - 2017-01-23 13:27 - 000592616 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
      2018-12-10 22:50 - 2018-02-04 12:48 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
      2018-12-06 09:16 - 2018-01-20 21:58 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\Packages
      2018-12-03 10:25 - 2018-01-20 22:09 - 000003378 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-392342708-715023771-1080359625-1001
      2018-12-03 10:25 - 2017-01-22 19:50 - 000002369 _____ C:\Users\SHANOVr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
      2018-11-29 08:12 - 2017-01-27 15:27 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\CrashDumps
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
      2018-11-27 23:57 - 2017-01-22 19:52 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
      2018-11-23 12:33 - 2018-10-19 09:15 - 000000000 ____D C:\Users\SHANOVr\AppData\Local\ElevatedDiagnostics
      ==================== Files in the root of some directories =======
      2017-02-06 20:32 - 2017-02-06 20:32 - 000000017 _____ () C:\Users\SHANOVr\AppData\Local\resmon.resmoncfg
      ==================== Bamital & volsnap ======================
      (There is no automatic fix for files that do not pass verification.)
      C:\WINDOWS\system32\winlogon.exe => File is digitally signed
      C:\WINDOWS\system32\wininit.exe => File is digitally signed
      C:\WINDOWS\explorer.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
      C:\WINDOWS\system32\svchost.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
      C:\WINDOWS\system32\services.exe => File is digitally signed
      C:\WINDOWS\system32\User32.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
      C:\WINDOWS\system32\userinit.exe => File is digitally signed
      C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
      C:\WINDOWS\system32\rpcss.dll => File is digitally signed
      C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
      C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
      C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed
      LastRegBack: 2018-12-08 22:12
      ==================== End of FRST.txt ============================
       
      Addition.txt
    • от roggoto
      Здравейте!
      Ползвам Google Chrome, но от известно време, докато не ми стана трън в очите и не ми пречеше, се появиха едни и същи реклами/банери на руски, показващи някакви абсолютни глупости, понякога и порнографски снимки върху оригиналните реклами, за които е платено да се появят в интернет пространството! Който и сайт да отворя те веднага покриват местата за платените реклами върху оригиналните, които трябва да се появят там! Докато днес си пуснах видео в един сайт на БГ телевизия и видях, че се появяват върху самото видео като по този начин ми блокират и функциите на видеото за спиране , пускане, увеличаване на екрана (прикачил съм снимка)! Някой, ако знае как да спра/премахна тази досада, ще съм благодарен да сподели!

      Addition.txt
      FRST.txt
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.