irincka

Благодарение на теб проблема вече го няма

GMER 1.0.15.15281 - http://www.gmer.net Rootkit quick scan 2010-08-18 01:10:25 Windows 6.0.6001 Service Pack 1 Running: gmer.exe; Driver: C:\Users\User\AppData\Local\Temp\kxldapob.sys ---- Devices - GMER 1.0.15 ---- AttachedDevice \Driver\kbdclass \Device\KeyboardClass0 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) AttachedDevice \Driver\kbdclass \Device\KeyboardClass1 Wdf01000.sys (WDF Dynamic/Microsoft Corporation) ---- EOF - GMER 1.0.15 ----

C:\ProgramData я намерих, но другата папка не

сега я търсех през Search и не я намерих

Даже и там не мога да го намеря Spyware Doctor успях да я инсталирам и после я махнах и сега мисля че съм го направила както трябва

Много ти благодаря за помощта. Сигурно ако не бях намерила този сайт щях да си преисталирам лаптопа.... Незнам дали трябва но ще кача и новият доклад от OTL. Като отворя VirusTotal не мога да намеря c:\programdata\ce7300b\msce73.exe казва ми да проверя правописа. Относно Spyware Doctor сега като се замисля май я деинсталирах в Safe mode и сега като се опитам да я махна поличавам съобщение с текст, че не може да бъде намерена програмата (с точно не мога да си спомня). Да я сваля ли отново за да може да я махна или да го оставя така? За сега мисля че всичко е наред с експлорера и веднага се заемам с обновяването както ме посъветва. Отново много ти благодаря И още нещо- някоя от програмите OTL или SUPERAntiSpyware трябва ли да ги махам или да си ги оставя? 08172010_21410.txt

Като ги разгледах двата доклада ми направи впечатление, че излиза информация и от предишните ОС с който съм билаExtras.Txt OTL.Txt

За жалост все още имам проблем :(

ето резултатите и то SuperAnytiSpyware SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 08/17/2010 at 01:53 AM Application Version : 4.41.1000 Core Rules Database Version : 5364 Trace Rules Database Version: 3176 Scan type : Complete Scan Total Scan Time : 00:43:00 Memory items scanned : 728 Memory threats detected : 0 Registry items scanned : 9173 Registry threats detected : 0 File items scanned : 26658 File threats detected : 105 Adware.Tracking Cookie C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@ad.yieldmanager[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@content.yieldmanager[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@atdmt[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@www.windowsmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@doubleclick[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\user@interclick[2].txt secure-it.imrworldwide.com [ C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Virtualized\C\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] asset2.countrylife.joyeurs.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] media.marica.bg [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] media.scanscout.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] multimedia.metacafe [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] secure-it.imrworldwide.com [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] yield.audience.digitalmedia.bg [ C:\Users\User\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\UTXQL7GT ] C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@socialmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@content.yieldmanager[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@content.yieldmanager[3].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@rem.rezonmedia[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@bghotelite[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@in.getclicky[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@server.cpmstar[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@www.googleadservices[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@pointroll[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@www.googleadservices[3].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@www.googleadservices[7].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@essex.ac[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.slashgear[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@media.easyads[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.onmedia[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@delivery.usermedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.webvariant[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@www.teenproblem[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@economedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@account.betfair[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.yieldmanager[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@sexyher.co[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@serving-sys[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@findscore[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@klienti.mediapark[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.adopm[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.httpool[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@warnerbros.112.2o7[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.marica[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@metroleap.rotator.hadj7.adjuggler[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.sagabg[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@interclick[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.skandalno[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.gamerzhut[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.namama[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.neogen[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@blogmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.kaldata[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.famous[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.vkushti[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@smartadserver[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adsense2008.mpl[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.zarata[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.novinar[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@media.exchange[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@plovdivmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.pomagalo[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adv.bb-team[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@chitika[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@atdmt[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@mywebsearch[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.ad4game[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@adbrite[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.investor[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad2.ip[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@media6degrees[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.pop[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@karti.bghotelite[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.btv[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.neg[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.sbb[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads2.helpos[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@paypal.112.2o7[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@microsoftwindows.112.2o7[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.elmaz[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@himedia.individuad[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@stats.mindcraft[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@media.causes[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@teenproblem[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.standartnews[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@fidelity.rotator.hadj7.adjuggler[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@legolas-media[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@bs.serving-sys[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.premiership[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@lfstmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.mucunki[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ads.tvtv[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@invitemedia[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@77tracking[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@2o7[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@ad.krasivi[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@audience.digitalmedia[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@banners.bgmaps[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@collective-media[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@countrylife.joyeurs[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@disneymediaonline[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@doubleclick[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@gostats[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@hardwarezone[2].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@imrworldwide[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@marketlive.122.2o7[1].txt C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\user@tradedoubler[2].txt

това е резултата от Malware..... и сега ще сваля другата програма Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Database version: 4437 Windows 6.0.6001 Service Pack 1 Internet Explorer 7.0.6001.18000 17.8.2010 г. 00:39:35 mbam-log-2010-08-17 (00-39-35).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 256768 Time elapsed: 1 hour(s), 14 minute(s), 7 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: D:\Pictures\zaka4ki\Kiss kiss kiss kiss kiss kiss kiss kiss kiss kiss kiss kiss kiss kiss virys.exe (HackTool.Shutdown) -> Quarantined and deleted successfully. D:\Pictures\zaka4ki\zapovqdaii.EXE (Backdoor.Hupigon) -> Quarantined and deleted successfully.

Проблема се появи преди 10тина дена. Една приятелка ми прати съобщение в Скайп със следния текс- това ти ли си на снимкта и линк кам Фейсбук. Отворих линка, поиска ми позволение- дадох го и от там се почнаха многото проблеми. Първо беше само Скайп, които през 5-10 мин. самичък се отваряше и се затваряше. Незнам къде, но някъде прочетох и си звалих Spyware Doctor, който откри някакво вируси, изтри ги и повече нямах проблем със Скайп. Но затова започна проблема с Интернет Експлорер- просто не може да бъде затворена. Натискам "Х" за да затворя ли отделен таб, или цялата програма и получавам всеки път едно и също съобщение- "Internet explorer is not responding. Internet Explorer is restarting". И така всеки път. Стартирала съм през Save mode няма никакъв ефект. Spyware Doctor съм го деинсталирала- но проблема си остана. Получих съвет от приятелка да си отворя Task Manager-> Processes, да намеря къде пише iexplorer.exe и от там да го спра- има много малък ефект, и то за кратко време, след което всичко е по старо му. Не знам какво да направя. Може би ще е от полза, ако кажа, че използвам Windows Vista Ultimate. Благодаря Ви предварително