Премини към съдържанието
Форумът в приложение

По-лесно сърфиране. Научи повече.
Kaldata.com - Форуми

Приложение на форума на цял екран с push известия, значки и други.

За да инсталирате това приложение на iOS и iPadOS
  1. Докоснете Иконата за споделяне в Safari
  2. Превъртете менюто и докоснете Добавяне към началния екран.
  3. Докоснете Добавяне в горния десен ъгъл.
За да инсталирате това приложение на Android
  1. Докоснете менюто с 3 точки (⋮) в горния десен ъгъл на браузъра.
  2. Докоснете Добавяне към началния екран или Инсталиране на приложение.
  3. Потвърдете, като докоснете Инсталиране.
Добави Kaldata.com в предпочитани източници в Google

dan4ina

Потребител

  • Регистрация

  • Последно онлайн

Виж профила Намиране на съдържание

  1. Търся една песен, но не й знам името

    dan4ina отговори в добавена от dadi_27 тема в Музика
    Здрастииии! Аз търся ето този трак Мерси предварително

  2. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Благодаря ви още веднъж!

  3. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    ComboFix 11-02-19.01 - User 20/02/2011 0:06.3.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1541 [GMT 2:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\User\My Documents\CFScript.txt AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\SIJZFASAP c:\documents and settings\All Users\Application Data\SIJZFASAP\SIZQP.cfg . ((((((((((((((((((((((((( Files Created from 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))) . 2011-02-19 14:48 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-19 14:48 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-19 14:48 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-19 14:48 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-19 14:48 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-19 14:48 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-19 14:48 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-19 14:48 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-19 14:48 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\program files\Alwil Software 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-02-17 22:41 . 2011-02-17 22:41 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Opera 2011-02-17 22:41 . 2011-02-19 16:46 -------- d-----w- c:\program files\Opera 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2011-01-30 14:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 14:37 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 13:18 . 2011-01-30 13:18 -------- d-----w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com 2011-01-30 13:04 . 2011-01-30 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2011-01-30 12:57 . 2011-01-30 12:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-01-29 18:36 . 2009-10-20 14:41 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09 . 2011-01-30 15:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\0ceb77 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-09-09 12:32 . 2010-04-19 20:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640] "nwiz"="nwiz.exe" [2009-02-18 1657376] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-09 30192] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "RTHDCPL"="RTHDCPL.EXE" [2008-12-30 18082304] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Enable Q-Type program.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Enable Q-Type program.lnk backup=c:\windows\pss\Enable Q-Type program.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 20:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-04-19 20:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2006-05-06 13:29 6656 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Destruct Script\\mirc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "d:\\install\\utorrent.exe"= "c:\\Program Files\\Garena\\Garena.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/03/2009 18:17 717296] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/02/2011 16:48 294608] R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [07/04/2009 16:45 12160] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/02/2011 16:48 17744] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [07/04/2009 16:45 9728] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [06/07/2009 00:50 219264] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp --> c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [19/04/2010 22:41 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064] . Contents of the 'Scheduled Tasks' folder 2011-02-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-19 20:40] . . ------- Supplementary Scan ------- . uStart Page = hxxp://start.icq.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\j7tuid96.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Advertising Cookie Opt-out: [email protected] - %profile%\extensions\[email protected] . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-20 00:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}*] "iappkemjghgpakdhnp"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 "hafpnjjidldjnaod"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9685B2D2-EF0B-26D2-DF21-9872B148BBAD}*] "habgjfjkmdcjofck"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 "iahgdidoefgcddjabk"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}\InProcServer32*] "fajmafedemic"=hex:70,61,6b,6d,68,6c,68,62,64,6d,63,68,68,65,63,6d,61,61,67,6b, 6a,68,65,65,6f,61,69,6c,6e,6e,70,6f,00,09 "najmopobheckjfkkgjldjiiebeoo"=hex:64,62,6d,70,62,62,6c,6f,6e,6b,6f,67,68,65, 61,65,6c,67,6c,61,6c,63,6e,66,6e,6a,65,6b,6c,69,6f,6d,65,68,69,61,6d,6d,6b,\ . Completion time: 2011-02-20 00:09:30 ComboFix-quarantined-files.txt 2011-02-19 22:09 ComboFix2.txt 2011-02-19 21:17 ComboFix3.txt 2011-02-19 20:58 Pre-Run: 14 564 282 368 bytes free Post-Run: 14 549 344 256 bytes free - - End Of File - - A730A102E3D0B9D3A934F57FF66F9E7F Хмм вече неоткрива такава папка

  4. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Да, но аз отидох в тази папка, като copy/paste адреса Ето виж тук http://img87.imageshack.us/img87/2999/20796376.jpg

  5. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Ами втората папка в която не откривам файла немога да я видя за да я изтрия =/ Като цяло всичко работи много добре, изглежда файла с който се борихме вече го няма.В сайтовете в които неможех да влизам рабоят без проблем.Дължа ви големи благодарности за оказаната помощ и съвети!Надявам се скоро да не се налага отново да ви досаждам с подобни проблеми Благодаря отново!

  6. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    хмм ето резултат от c:\documents and settings\All Users\Application Data\0ceb77\u8wgixngcp45e7trngou8s9q01un.dll AhnLab-V3 2011.02.14.02 2011.02.14 - AntiVir 7.11.3.164 2011.02.19 - Antiy-AVL 2.0.3.7 2011.02.19 - Avast 4.8.1351.0 2011.02.19 - Avast5 5.0.677.0 2011.02.19 - AVG 10.0.0.1190 2011.02.19 - BitDefender 7.2 2011.02.19 - CAT-QuickHeal 11.00 2011.02.19 - ClamAV 0.96.4.0 2011.02.19 - Commtouch 5.2.11.5 2011.02.19 - Comodo 7741 2011.02.19 - DrWeb 5.0.2.03300 2011.02.19 - Emsisoft 5.1.0.2 2011.02.19 - eSafe 7.0.17.0 2011.02.17 - eTrust-Vet 36.1.8170 2011.02.18 - F-Prot 4.6.2.117 2011.02.18 - F-Secure 9.0.16160.0 2011.02.19 - Fortinet 4.2.254.0 2011.02.19 - GData 21 2011.02.19 - Ikarus T3.1.1.97.0 2011.02.19 - Jiangmin 13.0.900 2011.02.19 - K7AntiVirus 9.87.3906 2011.02.19 - Kaspersky 7.0.0.125 2011.02.19 - McAfee 5.400.0.1158 2011.02.19 - McAfee-GW-Edition 2010.1C 2011.02.19 - Microsoft 1.6502 2011.02.19 - NOD32 5889 2011.02.19 - Norman 6.07.03 2011.02.19 - nProtect 2011-02-10.01 2011.02.15 - Panda 10.0.3.5 2011.02.19 - PCTools 7.0.3.5 2011.02.19 - Prevx 3.0 2011.02.19 - Rising 23.45.04.06 2011.02.18 - Sophos 4.61.0 2011.02.19 - SUPERAntiSpyware 4.40.0.1006 2011.02.19 - Symantec 20101.3.0.103 2011.02.19 - TheHacker 6.7.0.1.132 2011.02.17 - TrendMicro 9.200.0.1012 2011.02.19 - TrendMicro-HouseCall 9.200.0.1012 2011.02.15 - VBA32 3.12.14.3 2011.02.18 - VIPRE 8476 2011.02.19 - ViRobot 2011.2.19.4319 2011.02.19 - VirusBuster 13.6.209.3 2011.02.19 - Пробвах да открия и този c:\documents and settings\All Users\Application Data\SIJZFASAP\SIZQP.cfg , но такъв несъществува.. http://img153.imageshack.us/img153/3944/wtfpxk.jpg :S

  7. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    ComboFix 11-02-19.01 - User 19/02/2011 23:13:53.2.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1562 [GMT 2:00] Running from: c:\documents and settings\User\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} . ((((((((((((((((((((((((( Files Created from 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))) . 2011-02-19 16:40 . 2010-12-03 19:38 554896 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe 2011-02-19 14:48 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-19 14:48 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-19 14:48 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-19 14:48 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-19 14:48 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-19 14:48 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-19 14:48 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-19 14:48 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-19 14:48 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\program files\Alwil Software 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-02-17 22:41 . 2011-02-17 22:41 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Opera 2011-02-17 22:41 . 2011-02-19 16:46 -------- d-----w- c:\program files\Opera 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2011-01-30 14:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 14:37 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 13:18 . 2011-01-30 13:18 -------- d-----w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com 2011-01-30 13:18 . 2011-01-30 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-01-30 13:04 . 2011-01-30 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2011-01-30 12:57 . 2011-01-30 12:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-01-29 18:36 . 2009-10-20 14:41 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09 . 2011-01-29 18:09 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SIJZFASAP 2011-01-29 18:09 . 2011-01-30 15:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\0ceb77 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-09-09 12:32 . 2010-04-19 20:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . (((((((((((((((((((((((((((((((((((((((((((( Look ))))))))))))))))))))))))))))))))))))))))))))))))))))))))) . ---- Directory of c:\documents and settings\All Users\Application Data\0ceb77 ---- 2011-01-30 12:48 . 2011-01-30 12:53 84 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\1fbb78a13e4d9c8a86655c1f0464167b.ocx 2011-01-29 18:09 . 2011-01-29 18:09 76 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\u8wgixngcp45e7trngou8s9q01un.dll 2011-01-29 18:09 . 2011-01-30 14:02 4286 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\SIP.ico 2011-01-29 18:09 . 2011-01-30 14:02 83 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\0ceb7765d39cb42700bcc7fac1f3c221.ocx 2011-01-29 18:09 . 2010-12-10 19:41 719832 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\mozcrt19.dll 2011-01-29 18:09 . 2010-12-10 19:41 492504 ----a-w- c:\documents and settings\All Users\Application Data\0ceb77\sqlite3.dll ---- Directory of c:\documents and settings\All Users\Application Data\SIJZFASAP ---- 2011-01-29 18:09 . 2011-01-30 14:03 25441 --sha-w- c:\documents and settings\All Users\Application Data\SIJZFASAP\SIZQP.cfg ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640] "nwiz"="nwiz.exe" [2009-02-18 1657376] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-09 30192] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "RTHDCPL"="RTHDCPL.EXE" [2008-12-30 18082304] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Enable Q-Type program.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Enable Q-Type program.lnk backup=c:\windows\pss\Enable Q-Type program.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 20:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-04-19 20:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2006-05-06 13:29 6656 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Destruct Script\\mirc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "d:\\install\\utorrent.exe"= "c:\\Program Files\\Garena\\Garena.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/03/2009 18:17 717296] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/02/2011 16:48 294608] R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [07/04/2009 16:45 12160] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/02/2011 16:48 17744] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [07/04/2009 16:45 9728] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [06/07/2009 00:50 219264] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp --> c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [19/04/2010 22:41 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064] . Contents of the 'Scheduled Tasks' folder 2011-02-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-19 20:40] . . ------- Supplementary Scan ------- . uStart Page = hxxp://start.icq.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\j7tuid96.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Advertising Cookie Opt-out: [email protected] - %profile%\extensions\[email protected] . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-19 23:16 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}*] "iappkemjghgpakdhnp"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 "hafpnjjidldjnaod"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9685B2D2-EF0B-26D2-DF21-9872B148BBAD}*] "habgjfjkmdcjofck"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 "iahgdidoefgcddjabk"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}\InProcServer32*] "fajmafedemic"=hex:70,61,6b,6d,68,6c,68,62,64,6d,63,68,68,65,63,6d,61,61,67,6b, 6a,68,65,65,6f,61,69,6c,6e,6e,70,6f,00,09 "najmopobheckjfkkgjldjiiebeoo"=hex:64,62,6d,70,62,62,6c,6f,6e,6b,6f,67,68,65, 61,65,6c,67,6c,61,6c,63,6e,66,6e,6a,65,6b,6c,69,6f,6d,65,68,69,61,6d,6d,6b,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(1932) c:\windows\system32\AcSignIcon.dll c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . Completion time: 2011-02-19 23:17:40 ComboFix-quarantined-files.txt 2011-02-19 21:17 ComboFix2.txt 2011-02-19 20:58 Pre-Run: 14 579 744 768 bytes free Post-Run: 14 564 618 240 bytes free - - End Of File - - 5CAE11A4EE5C4917255A931764534FF0

  8. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    ComboFix лог: ComboFix 11-02-19.01 - User 19/02/2011 22:50:59.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1452 [GMT 2:00] Running from: c:\documents and settings\User\Desktop\tool.exe.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 antivirus system 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\User\System c:\documents and settings\User\System\win_qs8.jqx C:\Thumbs.db c:\windows\DUMP1d2c.tmp c:\windows\system32\twunk_32.exe . ((((((((((((((((((((((((( Files Created from 2011-01-19 to 2011-02-19 ))))))))))))))))))))))))))))))) . 2011-02-19 14:48 . 2011-01-13 08:37 17744 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2011-02-19 14:48 . 2011-01-13 08:41 294608 ----a-w- c:\windows\system32\drivers\aswSP.sys 2011-02-19 14:48 . 2011-01-13 08:40 47440 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2011-02-19 14:48 . 2011-01-13 08:37 23632 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2011-02-19 14:48 . 2011-01-13 08:40 100176 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2011-02-19 14:48 . 2011-01-13 08:39 94544 ----a-w- c:\windows\system32\drivers\aswmon.sys 2011-02-19 14:48 . 2011-01-13 08:37 29392 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2011-02-19 14:48 . 2011-01-13 08:47 38848 ----a-w- c:\windows\avastSS.scr 2011-02-19 14:48 . 2011-01-13 08:47 188216 ----a-w- c:\windows\system32\aswBoot.exe 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\program files\Alwil Software 2011-02-19 14:48 . 2011-02-19 14:48 -------- d-----w- c:\documents and settings\All Users\Application Data\Alwil Software 2011-02-17 22:41 . 2011-02-17 22:41 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Opera 2011-02-17 22:41 . 2011-02-19 16:46 -------- d-----w- c:\program files\Opera 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2011-01-30 14:37 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-01-30 14:37 . 2011-01-30 14:37 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 14:37 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 13:18 . 2011-01-30 13:18 -------- d-----w- c:\documents and settings\User\Application Data\SUPERAntiSpyware.com 2011-01-30 13:18 . 2011-01-30 13:18 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-01-30 13:04 . 2011-01-30 13:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Google Updater 2011-01-30 12:57 . 2011-01-30 12:57 103864 ----a-w- c:\program files\Mozilla Firefox\plugins\nppdf32.dll 2011-01-29 18:36 . 2009-10-20 14:41 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09 . 2011-01-29 18:09 -------- d-sh--w- c:\documents and settings\All Users\Application Data\SIJZFASAP 2011-01-29 18:09 . 2011-01-30 15:07 -------- d-sh--w- c:\documents and settings\All Users\Application Data\0ceb77 . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-12-02 03:35 . 2010-12-02 03:35 4280320 ----a-w- c:\windows\system32\GPhotos.scr 2010-09-09 12:32 . 2010-04-19 20:42 119808 ----a-w- c:\program files\mozilla firefox\components\GoogleDesktopMozilla.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2010-09-02 13351304] "msnmsgr"="c:\program files\Windows Live\Messenger\msnmsgr.exe" [2010-04-16 3872080] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-18 13680640] "nwiz"="nwiz.exe" [2009-02-18 1657376] "Google Desktop Search"="c:\program files\Google\Google Desktop Search\GoogleDesktop.exe" [2010-09-09 30192] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "RTHDCPL"="RTHDCPL.EXE" [2008-12-30 18082304] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-18 86016] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-01-31 35760] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-09-20 932288] "PAC7302_Monitor"="c:\windows\PixArt\PAC7302\Monitor.exe" [2007-12-10 323584] "avast5"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2011-01-13 3396624] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "ShowDeskFix"="shell32" [X] [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Enable Q-Type program.lnk] path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Enable Q-Type program.lnk backup=c:\windows\pss\Enable Q-Type program.lnkCommon Startup [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM] 2010-09-20 20:07 932288 ----a-r- c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Reader Speed Launcher] 2011-01-31 08:44 35760 ----a-w- c:\program files\Adobe\Reader 9.0\Reader\reader_sl.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite] 2008-12-29 10:40 687560 ----a-w- c:\program files\DAEMON Tools Lite\daemon.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\msnmsgr] 2010-04-16 20:12 3872080 ----a-w- c:\program files\Windows Live\Messenger\msnmsgr.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck] 2001-07-09 09:50 155648 ----a-w- c:\windows\system32\NeroCheck.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg] 2010-04-19 20:40 39408 ----a-w- c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\UnlockerAssistant] 2006-05-06 13:29 6656 ----a-w- c:\program files\Unlocker\UnlockerAssistant.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Destruct Script\\mirc.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\Ventrilo\\Ventrilo.exe"= "d:\\install\\utorrent.exe"= "c:\\Program Files\\Garena\\Garena.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "c:\\Program Files\\Java\\jre6\\bin\\java.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15/03/2009 18:17 717296] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [19/02/2011 16:48 294608] R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [07/04/2009 16:45 12160] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [19/02/2011 16:48 17744] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [07/04/2009 16:45 9728] S1 SASDIFSV;SASDIFSV;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASDIFSV.SYS [?] S1 SASKUTIL;SASKUTIL;\??\c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS --> c:\docume~1\User\LOCALS~1\Temp\SAS_SelfExtract\SASKUTIL.SYS [?] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [06/07/2009 00:50 219264] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp --> c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp [?] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\Google\Google Desktop Search\GoogleDesktop.exe [19/04/2010 22:41 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [06/11/2007 22:22 34064] . Contents of the 'Scheduled Tasks' folder 2011-02-19 c:\windows\Tasks\Google Software Updater.job - c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2010-04-19 20:40] . . ------- Supplementary Scan ------- . uStart Page = hxxp://start.icq.com/ IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 FF - ProfilePath - c:\documents and settings\User\Application Data\Mozilla\Firefox\Profiles\j7tuid96.default\ FF - prefs.js: network.proxy.type - 0 FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension FF - Ext: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - %profile%\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Ext: Advertising Cookie Opt-out: [email protected] - %profile%\extensions\[email protected] . . ------- File Associations ------- . .scr=AutoCADScriptFile . - - - - ORPHANS REMOVED - - - - WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file) MSConfigStartUp-Messenger (Yahoo!) - c:\progra~1\Yahoo!\Messenger\YahooMessenger.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-02-19 22:55 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\User\LOCALS~1\Temp\TUS2602.tmp" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}*] "iappkemjghgpakdhnp"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 "hafpnjjidldjnaod"=hex:69,61,70,6d,6a,6e,65,6a,6b,68,6d,67,6c,6d,62,67,67,6f, 00,02 [HKEY_USERS\S-1-5-21-1409082233-1214440339-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved\{9685B2D2-EF0B-26D2-DF21-9872B148BBAD}*] "habgjfjkmdcjofck"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 "iahgdidoefgcddjabk"=hex:69,61,68,70,66,70,66,6f,63,6c,70,67,6a,70,66,6d,63,65, 00,00 [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{092B5B7B-A357-6257-4E39-BA5DD0C0187C}\InProcServer32*] "fajmafedemic"=hex:70,61,6b,6d,68,6c,68,62,64,6d,63,68,68,65,63,6d,61,61,67,6b, 6a,68,65,65,6f,61,69,6c,6e,6e,70,6f,00,09 "najmopobheckjfkkgjldjiiebeoo"=hex:64,62,6d,70,62,62,6c,6f,6e,6b,6f,67,68,65, 61,65,6c,67,6c,61,6c,63,6e,66,6e,6a,65,6b,6c,69,6f,6d,65,68,69,61,6d,6d,6b,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2216) c:\windows\system32\AcSignIcon.dll c:\program files\Common Files\Autodesk Shared\AcSignCore16.dll c:\windows\system32\msi.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast5\AvastSvc.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\system32\nvsvc32.exe c:\windows\RTHDCPL.EXE c:\windows\system32\RUNDLL32.EXE c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2011-02-19 22:58:30 - machine was rebooted ComboFix-quarantined-files.txt 2011-02-19 20:58 Pre-Run: 11 552 542 720 bytes free Post-Run: 14 529 753 088 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - D30AB4F207BE5B89EF7B09F7FA12E620

  9. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Изтеглих Аваст, сканирах и ето резултата http://img171.imageshack.us/img171/4676/444444r.jpg Също така сканирах отново с Malwarebytes' и ето резултата Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5809 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 19/02/2011 18:26:37 mbam-log-2011-02-19 (18-26-37).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 255797 Time elapsed: 46 minute(s), 12 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 2 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_CURRENT_USER\SOFTWARE\VXEG3ZNNE5 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\Zones\ (Hijack.Zones) -> Quarantined and deleted successfully. Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Ето и лог от DDS DDS (Ver_10-12-12.01) - NTFSx86 Run by User at 18:36:48.21 on 19/02/2011 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1386 [GMT 2:00] AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} AV: ESET NOD32 antivirus system 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Destruct Script\mirc.exe C:\Program Files\Opera\opera.exe C:\Program Files\Winamp\winamp.exe C:\Documents and Settings\User\Desktop\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://start.icq.com/ uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: H - No File mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 uPolicies-explorer: DisallowRun = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll IFEO: image file execution options - svchost.exe Hosts: 62.231.97.137 L2authd.lineage2.com Hosts: 216.107.250.194 nprotect.lineage2.com Hosts: 96.44.181.245 www.google.com Hosts: 96.44.181.245 google.com Hosts: 96.44.181.245 google.com.au Note: multiple HOSTS entries found. Please refer to Attach.txt ============= SERVICES / DRIVERS =============== R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2011-2-19 294608] R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [2009-4-7 12160] R1 SASDIFSV;SASDIFSV;c:\docume~1\user\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\docume~1\user\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2011-2-19 17744] R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2011-2-19 40384] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [2009-4-7 9728] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2009-7-6 219264] S3 GarenaPEngine;GarenaPEngine;c:\docume~1\user\locals~1\temp\TUS2602.tmp [2010-1-4 25616] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-4-19 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] =============== File Associations =============== .scr=AutoCADScriptFile =============== Created Last 30 ================ 2011-02-19 14:48:20 38848 ----a-w- c:\windows\avastSS.scr 2011-02-19 14:48:15 -------- d-----w- c:\docume~1\alluse~1\applic~1\Alwil Software 2011-02-17 22:41:30 -------- d-----w- c:\docume~1\user\locals~1\applic~1\Opera 2011-01-30 14:37:44 -------- d-----w- c:\docume~1\user\applic~1\Malwarebytes 2011-01-30 14:37:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-01-30 14:37:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 14:37:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\user\applic~1\SUPERAntiSpyware.com 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com 2011-01-30 12:57:00 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-01-29 18:36:33 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32:19 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09:32 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SIJZFASAP 2011-01-29 18:09:06 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\0ceb77 ==================== Find3M ==================== 2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr ============= FINISH: 18:37:02.09 ===============

  10. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Направих всичко което бе написано по-нагоре.Ето ги и логовете. DDS DDS (Ver_10-12-12.01) - NTFSx86 Run by User at 16:00:04.60 on 19/02/2011 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1549 [GMT 2:00] AV: ESET NOD32 antivirus system 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\WINDOWS\system32\ctfmon.exe svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\Ylyvaa.exe C:\Documents and Settings\User\Desktop\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://start.icq.com/ uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: H - No File mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 uPolicies-explorer: DisallowRun = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll IFEO: image file execution options - svchost.exe Hosts: 62.231.97.137 L2authd.lineage2.com Hosts: 216.107.250.194 nprotect.lineage2.com Hosts: 96.44.181.245 www.google.com Hosts: 96.44.181.245 google.com Hosts: 96.44.181.245 google.com.au Note: multiple HOSTS entries found. Please refer to Attach.txt ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\google\google updater\2.4.1908.5032\npCIDetect14.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Extension: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Extension: Advertising Cookie Opt-out: [email protected] - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\extensions\[email protected] ============= SERVICES / DRIVERS =============== R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [2009-4-7 12160] R1 SASDIFSV;SASDIFSV;c:\docume~1\user\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\docume~1\user\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [2009-4-7 9728] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2009-7-6 219264] S3 GarenaPEngine;GarenaPEngine;c:\docume~1\user\locals~1\temp\TUS2602.tmp [2010-1-4 25616] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-4-19 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] =============== File Associations =============== .scr=AutoCADScriptFile =============== Created Last 30 ================ 2011-02-17 22:41:30 -------- d-----w- c:\docume~1\user\locals~1\applic~1\Opera 2011-02-07 17:57:21 189952 ----a-w- c:\windows\Ylyvaa.exe 2011-01-30 14:37:44 -------- d-----w- c:\docume~1\user\applic~1\Malwarebytes 2011-01-30 14:37:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-01-30 14:37:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 14:37:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\user\applic~1\SUPERAntiSpyware.com 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com 2011-01-30 12:57:00 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-01-29 18:36:33 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32:19 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09:32 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SIJZFASAP 2011-01-29 18:09:06 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\0ceb77 ==================== Find3M ==================== 2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr ============= FINISH: 16:00:29.75 =============== Attach UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 15/03/2009 16:54:58 System Uptime: 19/02/2011 15:51:48 (1 hours ago) Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | P31 Neo-F V2(MS-7392) Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | CPU1 | 1995/200mhz Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | CPU1 | 1995/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 38 GiB total, 11.165 GiB free. D: is FIXED (NTFS) - 195 GiB total, 154.361 GiB free. E: is CDROM () F: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP627: 23/01/2011 22:39:59 - System Checkpoint RP628: 24/01/2011 22:57:08 - System Checkpoint RP629: 26/01/2011 10:02:43 - System Checkpoint RP630: 27/01/2011 12:31:21 - System Checkpoint RP631: 28/01/2011 15:05:20 - System Checkpoint RP632: 29/01/2011 18:32:12 - System Checkpoint RP633: 29/01/2011 20:34:07 - Removed Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) RP634: 29/01/2011 20:36:53 - Software Distribution Service 3.0 RP635: 29/01/2011 21:06:30 - Software Distribution Service 3.0 RP636: 30/01/2011 21:31:09 - System Checkpoint RP637: 01/02/2011 12:12:10 - System Checkpoint RP638: 02/02/2011 12:59:30 - System Checkpoint RP639: 03/02/2011 13:05:17 - System Checkpoint RP640: 04/02/2011 13:46:37 - System Checkpoint RP641: 05/02/2011 16:22:01 - System Checkpoint RP642: 06/02/2011 21:48:15 - System Checkpoint RP643: 07/02/2011 22:34:52 - System Checkpoint RP644: 08/02/2011 22:38:19 - System Checkpoint RP645: 10/02/2011 11:50:47 - System Checkpoint RP646: 11/02/2011 14:06:18 - System Checkpoint RP647: 12/02/2011 14:51:44 - System Checkpoint RP648: 13/02/2011 17:21:32 - System Checkpoint RP649: 14/02/2011 02:34:08 - Software Distribution Service 3.0 RP650: 14/02/2011 23:09:30 - Software Distribution Service 3.0 RP651: 16/02/2011 11:48:32 - System Checkpoint RP652: 17/02/2011 12:32:10 - System Checkpoint RP653: 18/02/2011 12:52:05 - System Checkpoint RP654: 19/02/2011 13:00:53 - System Checkpoint ==== Hosts File Hijack ====================== Hosts: 62.231.97.137 L2authd.lineage2.com Hosts: 216.107.250.194 nprotect.lineage2.com Hosts: 96.44.181.245 www.google.com Hosts: 96.44.181.245 google.com Hosts: 96.44.181.245 google.com.au Hosts: 96.44.181.245 www.google.com.au Hosts: 96.44.181.245 google.be Hosts: 96.44.181.245 www.google.be Hosts: 96.44.181.245 google.com.br Hosts: 96.44.181.245 www.google.com.br Hosts: 96.44.181.245 google.ca Hosts: 96.44.181.245 www.google.ca Hosts: 96.44.181.245 google.ch Hosts: 96.44.181.245 www.google.ch Hosts: 96.44.181.245 google.de Hosts: 96.44.181.245 www.google.de Hosts: 96.44.181.245 google.dk Hosts: 96.44.181.245 www.google.dk Hosts: 96.44.181.245 google.fr Hosts: 96.44.181.245 www.google.fr Hosts: 96.44.181.245 google.ie Hosts: 96.44.181.245 www.google.ie Hosts: 96.44.181.245 google.it Hosts: 96.44.181.245 www.google.it Hosts: 96.44.181.245 google.co.jp Hosts: 96.44.181.245 www.google.co.jp Hosts: 96.44.181.245 google.nl Hosts: 96.44.181.245 google.no Hosts: 96.44.181.245 www.google.no Hosts: 96.44.181.245 google.co.nz Hosts: 96.44.181.245 www.google.co.nz Hosts: 96.44.181.245 google.pl Hosts: 96.44.181.245 www.google.pl Hosts: 96.44.181.245 google.se Hosts: 96.44.181.245 www.google.se Hosts: 96.44.181.245 google.co.uk Hosts: 96.44.181.245 www.google.co.uk Hosts: 96.44.181.245 google.co.za Hosts: 96.44.181.245 www.google.co.za Hosts: 96.44.181.245 www.google-analytics.com Hosts: 96.44.181.245 www.bing.com Hosts: 96.44.181.245 search.yahoo.com Hosts: 96.44.181.245 www.search.yahoo.com Hosts: 96.44.181.245 uk.search.yahoo.com Hosts: 96.44.181.245 ca.search.yahoo.com Hosts: 96.44.181.245 de.search.yahoo.com Hosts: 96.44.181.245 fr.search.yahoo.com Hosts: 96.44.181.245 au.search.yahoo.com ==== Installed Programs ====================== µTorrent Acrobat.com Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Flash Player 9 ActiveX Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader 9.4.2 Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AutoCAD 2009 - English AutoCAD Mechanical 2008 AutoCAD Mechanical 2011 AutoCAD Mechanical 2011 Language Pack - English Autodesk Design Review 2008 Autodesk Design Review 2011 Autodesk Inventor View 2011 Autodesk Inventor View 2011 English Autodesk Inventor View 2011 English Language Pack Autodesk Material Library 2011 Autodesk Material Library 2011 Base Image library Autodesk Vault 2008 Autodesk Vault 2011 (Client) Autodesk Vault 2011 (Client) English Language Pack CCleaner DestrucT ScripT DWG TrueView 2011 FARO LS 1.1.406.58 Garena 2010 Google Desktop Google Updater Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB981793) IrfanView (remove only) Java 6 Update 16 K-Lite Codec Pack 4.7.0 (Full) Lineage II Malwarebytes' Anti-Malware Media-Tech Camera(0025.2010.0208.1028) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft WSE 3.0 Runtime mIRC Mozilla Firefox (3.6.13) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) Nero 6 Ultra Edition NVIDIA Drivers NVIDIA PhysX Opera 11.01 PDF Settings Picasa 3 Q-Type REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB944338-v2) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971032) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981349) Segoe UI SHOUTcast Source DSP 1.9.1 (remove only) Skype™ 4.2 Software Update for Web Folders Solstice Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy 1.4 TeamSpeak 3 Client Unlocker 1.8.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Outlook 2007 Junk Email Filter (KB2492475) Update for Windows XP (KB955759) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VBA (2627.01) Ventrilo Client Winamp Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Upload Tool Windows Presentation Foundation WinPcap 4.0.2 WinRAR archiver XML Paper Specification Shared Components Pack 1.0 ==== Event Viewer Messages From Past Week ======== 18/02/2011 11:39:26, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 14/02/2011 02:35:01, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0ea: Cumulative Security Update for Internet Explorer 7 for Windows XP (KB982381). 12/02/2011 11:23:40, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The system cannot find the path specified. 12/02/2011 11:23:40, error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified. ==== End Of File =========================== Сега пък при стартиране на firefox ми дава тази грещка http://img194.imageshack.us/img194/6793/pffn.png

  11. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    ето ги и логовете DDS DDS (Ver_10-12-12.01) - NTFSx86 Run by User at 14:54:57.20 on 19/02/2011 Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_16 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1332 [GMT 2:00] AV: Spyware Doctor with AntiVirus *Disabled/Updated* {D3C23B96-C9DC-477F-8EF1-69AF17A6EFF6} AV: ESET NOD32 antivirus system 2.70 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\PixArt\PAC7302\Monitor.exe C:\Program Files\Eset\nod32kui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Windows Live\Messenger\msnmsgr.exe svchost.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\User\Desktop\dds.pif ============== Pseudo HJT Report =============== uStart Page = hxxp://start.icq.com/ uURLSearchHooks: H - No File uURLSearchHooks: H - No File mURLSearchHooks: H - No File mURLSearchHooks: H - No File BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: : {53707962-6f74-2d53-2644-206d7942484f} - c:\progra~1\spybot~1\SDHelper.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [Google Desktop Search] "c:\program files\google\google desktop search\GoogleDesktop.exe" /startup mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [PAC7302_Monitor] c:\windows\pixart\pac7302\Monitor.exe mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32 uPolicies-explorer: DisallowRun = 1 (0x1) IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~2\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office12\REFIEBAR.DLL LSP: c:\windows\system32\imon.dll LSP: c:\program files\common files\pc tools\lsp\PCTLsp.dll DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} - hxxp://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} - hxxp://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_16-windows-i586.cab TCP: {5F213A59-A695-41DC-B4ED-04304775FE02} = 10.4.0.1 TCP: {ED16B7DC-E7EA-4D9F-B3C5-1D33FC860185} = 10.4.0.1,217.79.66.178 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL AppInit_DLLs: c:\progra~1\google\google~4\GOEC62~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll IFEO: image file execution options - svchost.exe Hosts: 62.231.97.137 L2authd.lineage2.com Hosts: 216.107.250.194 nprotect.lineage2.com Hosts: 96.44.181.245 www.google.com Hosts: 96.44.181.245 google.com Hosts: 96.44.181.245 google.com.au Note: multiple HOSTS entries found. Please refer to Attach.txt ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\ FF - prefs.js: network.proxy.type - 0 FF - plugin: c:\program files\google\google updater\2.4.1908.5032\npCIDetect14.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Extension: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Extension: Java Console: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA} FF - Extension: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\DotNetAssistantExtension FF - Extension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\extensions\{20a82645-c095-46ed-80e3-08825760534b} FF - Extension: Advertising Cookie Opt-out: [email protected] - c:\docume~1\user\applic~1\mozilla\firefox\profiles\j7tuid96.default\extensions\[email protected] ============= SERVICES / DRIVERS =============== R0 PCTCore;PCTools KDS;c:\windows\system32\drivers\PCTCore.sys [2010-4-19 239168] R0 pctDS;PC Tools Data Store;c:\windows\system32\drivers\pctDS.sys [2011-1-29 338880] R0 pctEFA;PC Tools Extended File Attributes;c:\windows\system32\drivers\pctEFA.sys [2011-1-29 656320] R1 kbfilter;Keyboard Filter Driver;c:\windows\system32\drivers\kbfilter.sys [2009-4-7 12160] R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2011-2-10 15424] R1 SASDIFSV;SASDIFSV;c:\docume~1\user\locals~1\temp\sas_selfextract\SASDIFSV.SYS [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\docume~1\user\locals~1\temp\sas_selfextract\SASKUTIL.SYS [2010-5-10 67656] R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2011-2-7 552064] R2 UsbFltr;WayTech Filter Driver;c:\windows\system32\drivers\UsbFltr.sys [2009-4-7 9728] S3 BTCAMDRV;Mobiola Web Camera driver;c:\windows\system32\drivers\BTCamDrv.sys [2009-7-6 219264] S3 GarenaPEngine;GarenaPEngine;c:\docume~1\user\locals~1\temp\TUS2602.tmp [2010-1-4 25616] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?] S3 GoogleDesktopManager-051210-111108;Google Desktop Manager 5.9.1005.12335;c:\program files\google\google desktop search\GoogleDesktop.exe [2010-4-19 30192] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2007-11-6 34064] S3 sdAuxService;PC Tools Auxiliary Service;c:\program files\spyware doctor\pctsAuxs.exe [2011-1-30 366840] S3 sdCoreService;PC Tools Security Service;c:\program files\spyware doctor\pctsSvc.exe [2011-1-30 1150936] =============== File Associations =============== .scr=AutoCADScriptFile =============== Created Last 30 ================ 2011-02-17 22:41:30 -------- d-----w- c:\docume~1\user\locals~1\applic~1\Opera 2011-02-10 10:18:19 15424 ----a-w- c:\windows\system32\drivers\nod32drv.sys 2011-02-07 18:19:44 512096 ----a-w- c:\windows\system32\drivers\amon.sys 2011-02-07 18:19:44 298104 ----a-w- c:\windows\system32\imon.dll 2011-02-07 17:57:21 189952 ----a-w- c:\windows\Ylyvaa.exe 2011-01-30 14:37:44 -------- d-----w- c:\docume~1\user\applic~1\Malwarebytes 2011-01-30 14:37:42 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2011-01-30 14:37:41 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes 2011-01-30 14:37:38 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-01-30 14:37:38 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\user\applic~1\SUPERAntiSpyware.com 2011-01-30 13:18:46 -------- d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com 2011-01-30 12:57:00 103864 ----a-w- c:\program files\mozilla firefox\plugins\nppdf32.dll 2011-01-29 19:21:03 656320 ----a-w- c:\windows\system32\drivers\pctEFA.sys 2011-01-29 19:21:03 338880 ----a-w- c:\windows\system32\drivers\pctDS.sys 2011-01-29 18:36:33 265728 -c----w- c:\windows\system32\dllcache\http.sys 2011-01-29 18:32:19 293376 ------w- c:\windows\system32\browserchoice.exe 2011-01-29 18:09:32 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\SIJZFASAP 2011-01-29 18:09:06 -------- d-sh--w- c:\docume~1\alluse~1\applic~1\0ceb77 ==================== Find3M ==================== 2010-12-02 03:35:18 4280320 ----a-w- c:\windows\system32\GPhotos.scr ============= FINISH: 14:55:40.95 =============== Attach UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 15/03/2009 16:54:58 System Uptime: 19/02/2011 10:56:34 (4 hours ago) Motherboard: MICRO-STAR INTERNATIONAL CO.,LTD | | P31 Neo-F V2(MS-7392) Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | CPU1 | 1995/200mhz Processor: Intel® Pentium® Dual CPU E2180 @ 2.00GHz | CPU1 | 1995/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 38 GiB total, 10.897 GiB free. D: is FIXED (NTFS) - 195 GiB total, 154.361 GiB free. E: is CDROM () F: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP627: 23/01/2011 22:39:59 - System Checkpoint RP628: 24/01/2011 22:57:08 - System Checkpoint RP629: 26/01/2011 10:02:43 - System Checkpoint RP630: 27/01/2011 12:31:21 - System Checkpoint RP631: 28/01/2011 15:05:20 - System Checkpoint RP632: 29/01/2011 18:32:12 - System Checkpoint RP633: 29/01/2011 20:34:07 - Removed Shared Add-in Support Update for Microsoft .NET Framework 2.0 (KB908002) RP634: 29/01/2011 20:36:53 - Software Distribution Service 3.0 RP635: 29/01/2011 21:06:30 - Software Distribution Service 3.0 RP636: 30/01/2011 21:31:09 - System Checkpoint RP637: 01/02/2011 12:12:10 - System Checkpoint RP638: 02/02/2011 12:59:30 - System Checkpoint RP639: 03/02/2011 13:05:17 - System Checkpoint RP640: 04/02/2011 13:46:37 - System Checkpoint RP641: 05/02/2011 16:22:01 - System Checkpoint RP642: 06/02/2011 21:48:15 - System Checkpoint RP643: 07/02/2011 22:34:52 - System Checkpoint RP644: 08/02/2011 22:38:19 - System Checkpoint RP645: 10/02/2011 11:50:47 - System Checkpoint RP646: 11/02/2011 14:06:18 - System Checkpoint RP647: 12/02/2011 14:51:44 - System Checkpoint RP648: 13/02/2011 17:21:32 - System Checkpoint RP649: 14/02/2011 02:34:08 - Software Distribution Service 3.0 RP650: 14/02/2011 23:09:30 - Software Distribution Service 3.0 RP651: 16/02/2011 11:48:32 - System Checkpoint RP652: 17/02/2011 12:32:10 - System Checkpoint RP653: 18/02/2011 12:52:05 - System Checkpoint RP654: 19/02/2011 13:00:53 - System Checkpoint ==== Hosts File Hijack ====================== Hosts: 62.231.97.137 L2authd.lineage2.com Hosts: 216.107.250.194 nprotect.lineage2.com Hosts: 96.44.181.245 www.google.com Hosts: 96.44.181.245 google.com Hosts: 96.44.181.245 google.com.au Hosts: 96.44.181.245 www.google.com.au Hosts: 96.44.181.245 google.be Hosts: 96.44.181.245 www.google.be Hosts: 96.44.181.245 google.com.br Hosts: 96.44.181.245 www.google.com.br Hosts: 96.44.181.245 google.ca Hosts: 96.44.181.245 www.google.ca Hosts: 96.44.181.245 google.ch Hosts: 96.44.181.245 www.google.ch Hosts: 96.44.181.245 google.de Hosts: 96.44.181.245 www.google.de Hosts: 96.44.181.245 google.dk Hosts: 96.44.181.245 www.google.dk Hosts: 96.44.181.245 google.fr Hosts: 96.44.181.245 www.google.fr Hosts: 96.44.181.245 google.ie Hosts: 96.44.181.245 www.google.ie Hosts: 96.44.181.245 google.it Hosts: 96.44.181.245 www.google.it Hosts: 96.44.181.245 google.co.jp Hosts: 96.44.181.245 www.google.co.jp Hosts: 96.44.181.245 google.nl Hosts: 96.44.181.245 google.no Hosts: 96.44.181.245 www.google.no Hosts: 96.44.181.245 google.co.nz Hosts: 96.44.181.245 www.google.co.nz Hosts: 96.44.181.245 google.pl Hosts: 96.44.181.245 www.google.pl Hosts: 96.44.181.245 google.se Hosts: 96.44.181.245 www.google.se Hosts: 96.44.181.245 google.co.uk Hosts: 96.44.181.245 www.google.co.uk Hosts: 96.44.181.245 google.co.za Hosts: 96.44.181.245 www.google.co.za Hosts: 96.44.181.245 www.google-analytics.com Hosts: 96.44.181.245 www.bing.com Hosts: 96.44.181.245 search.yahoo.com Hosts: 96.44.181.245 www.search.yahoo.com Hosts: 96.44.181.245 uk.search.yahoo.com Hosts: 96.44.181.245 ca.search.yahoo.com Hosts: 96.44.181.245 de.search.yahoo.com Hosts: 96.44.181.245 fr.search.yahoo.com Hosts: 96.44.181.245 au.search.yahoo.com ==== Installed Programs ====================== µTorrent Acrobat.com Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Flash Player 9 ActiveX Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe PDF Library Files Adobe Photoshop CS3 Adobe Reader 9.4.2 Adobe Setup Adobe Stock Photos CS3 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe WinSoft Linguistics Plugin Adobe XMP Panels CS3 AutoCAD 2009 - English AutoCAD Mechanical 2008 AutoCAD Mechanical 2011 AutoCAD Mechanical 2011 Language Pack - English Autodesk Design Review 2008 Autodesk Design Review 2011 Autodesk Inventor View 2011 Autodesk Inventor View 2011 English Autodesk Inventor View 2011 English Language Pack Autodesk Material Library 2011 Autodesk Material Library 2011 Base Image library Autodesk Vault 2008 Autodesk Vault 2011 (Client) Autodesk Vault 2011 (Client) English Language Pack CCleaner DestrucT ScripT DWG TrueView 2011 FARO LS 1.1.406.58 Garena 2010 Google Desktop Google Updater Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Player 11 (KB939683) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB976098-v2) Hotfix for Windows XP (KB981793) IrfanView (remove only) Java 6 Update 16 K-Lite Codec Pack 4.7.0 (Full) Lineage II Malwarebytes' Anti-Malware Media-Tech Camera(0025.2010.0208.1028) Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Kernel-Mode Driver Framework Feature Pack 1.5 Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft WSE 3.0 Runtime mIRC Mozilla Firefox (3.6.13) MSVCRT MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6 Service Pack 2 (KB973686) Nero 6 Ultra Edition NOD32 Antivirus System NOD32 FiX v2.1 NVIDIA Drivers NVIDIA PhysX Opera 11.01 PDF Settings Picasa 3 Q-Type REALTEK GbE & FE Ethernet PCI-E NIC Driver Realtek High Definition Audio Driver Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2289158) Security Update for 2007 Microsoft Office System (KB2344875) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Excel 2007 (KB2345035) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB982158) Security Update for Microsoft Office PowerPoint Viewer (KB2413381) Security Update for Microsoft Office Publisher 2007 (KB2284697) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Windows Internet Explorer 7 (KB938127-v2) Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player 11 (KB954154) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB923561) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB944338-v2) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951066) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB951748) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB955069) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956744) Security Update for Windows XP (KB956802) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958644) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960803) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970238) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971032) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973354) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB981349) Segoe UI SHOUTcast Source DSP 1.9.1 (remove only) Skype™ 4.2 Software Update for Web Folders Solstice Spelling Dictionaries Support For Adobe Reader 9 Spybot - Search & Destroy 1.4 Spyware Doctor with AntiVirus 8.0 TeamSpeak 3 Client Unlocker 1.8.3 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2412171) Update for Outlook 2007 Junk Email Filter (KB2492475) Update for Windows XP (KB955759) Update for Windows XP (KB961503) Update for Windows XP (KB967715) Update for Windows XP (KB968389) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB973815) VBA (2627.01) Ventrilo Client Winamp Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Notifications (KB905474) Windows Imaging Component Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live OneCare safety scanner Windows Live Sign-in Assistant Windows Live Upload Tool Windows Presentation Foundation WinPcap 4.0.2 WinRAR archiver XML Paper Specification Shared Components Pack 1.0 ==== Event Viewer Messages From Past Week ======== 18/02/2011 11:39:26, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 15/02/2011 03:52:10, error: Service Control Manager [7000] - The Yahoo! Updater service failed to start due to the following error: The system cannot find the path specified. 15/02/2011 03:52:10, error: Service Control Manager [7000] - The npkcrypt service failed to start due to the following error: The system cannot find the path specified. 14/02/2011 23:09:46, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0ea: Cumulative Security Update for Internet Explorer 7 for Windows XP (KB982381). ==== End Of File ===========================

  12. Проблем с влизане в сайт [Решен]

    dan4ina отговори в добавена от dan4ina тема в Премахване на зловреден софтуер
    Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5804 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 19/02/2011 01:07:09 mbam-log-2011-02-19 (01-07-09).txt Scan type: Quick scan Objects scanned: 162444 Time elapsed: 6 minute(s), 28 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 0 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: (No malicious items detected) Пробвах и този сайт, но отново ми отваря разни символи и букви.. MZђяяё@Ђєґ Н!ёLН!This program cannot be run in DOS mode. $PEL+ЌIа2n¬ђ@Ђём ФgЏ`ґ.codePp PEC2FO а.rsrc `r аёьsSPdя5d‰%3А‰PECompact2VТЛK¬ЗСћз†мёoTN<N<Tѓ#™®=L34w ьl©TS`M6lЉХЌ[РеNP‘бH?r_0)aђґгютШѕ,нfЅъЩ)|‚ь®BЕЈЁҐ§3]ЛЈoKj„v›©hХёЄ-–…PЫШw4l4’јтев`ђЄµѕе \¤№3пnfйwp‰"ns„ЕeЂЏXcеЌЭDgтсПЁ«эД|ў0 Oь·EцфДJЌ\#2\ьЗзbNк\MkК(Х^EKҐ]m Г<Р_А@ѓtЅ•‰HЋУw,KЪДнШ{ІіY®wCИd•Aэњ§Ej]…vWЄbЪ°Н.зП“cF§(C&{џ™;Щзy U2ш)[)g*ж®uј¬ЕЉЎ0К«дњЃ¬Mх•е‘Ћsяј PKЪџ}C’b{/¬p=шћП_ЇэI«РЕС¶_чєІА'ФЦђ`гVS™JYg«ШЗД№Ў№з|Ѓ_KwћИD;6аР•ўoћ†OЄсGЮSМ·cЏ7дK ЂУgB-‘6XfvвфћС-§pДќЗјљЋљ]ъPmйЪUuу ¤;вк’Зпя&ЖІoЙЙYъ-00 +—=пC<%#ЙљxЙuћЃМсОC1y4jS†фT»і)еќрљЕь<HЮзћ]ЉлрnхќўЫwСиPђв§Иmq*?>тЛ?НЖ244Ѕ їi)mнЮK‚бЄ†­П+:@уоC (((((((((

  13. Проблем с влизане в сайт [Решен]

    dan4ina публикува тема в Премахване на зловреден софтуер
    Здравейте на всички.User exwol ме пренасочи към този раздел, след като направих тема за моят проблем ето тук http://www.kaldata.com/forums/index.php?showtopic=171894 Програмите които ползвам за защита на моят комп са Nod32 и Malwarebytes' Anti-Malware.С Windows xp съм.Не използваm proxy, не съм с реално IP.Досадният вирус за който споменах в предната тема беше, такъв който не ми позволяваше да отварям IE и FireFox. След като сканирах комп си проблема изчезна, но забелязах, че от тогава влизането с акаунт в www.youtube.com и www.gmail.com е невъзможно.Прочетох инструкциите, но записването на dds файл се подразбира като acad файл... и не ми излиза иконка на файла таква каквато е в инструкциите.. http://img508.imageshack.us/img508/1943/dddsv.jpg лог-а от Malwarebytes е тук Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5783 Windows 5.1.2600 Service Pack 2 Internet Explorer 7.0.5730.11 18/02/2011 18:10:32 mbam-log-2011-02-18 (18-10-32).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 255843 Time elapsed: 41 minute(s), 46 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 Files Infected: 2 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: (No malicious items detected) Files Infected: c:\system volume information\_restore{819bd4c9-4fd6-4342-968c-e03a54a83fd4}\RP635\A0192807.exe (Rogue.SmartInternetProtection) -> Quarantined and deleted successfully. c:\system volume information\_restore{819bd4c9-4fd6-4342-968c-e03a54a83fd4}\RP635\A0192812.DLL (PUP.FunWebProducts) -> Quarantined and deleted successfully. Оптах се да стратирам DDS файла.. отваря ми разни символи, разбъркани букви и чертички :S

  14. Проблем с влизане в сайт

    dan4ina отговори в добавена от dan4ina тема в Програми - Проблеми и Дискусии
    хмммм сайта се отвори без проблем, също така направих това коетo си написал по-нагоре, но без резултат :/

  15. Проблем с влизане в сайт

    dan4ina отговори в добавена от dan4ina тема в Програми - Проблеми и Дискусии
    Да

Разглеждащи това в момента 0

  • Няма регистрирани потребители разглеждащи тази страница.

Профил

Навигация

Търсене

Търсене

Конфигуриране на push известия в браузъра
Chrome (Android)
  1. Докоснете иконата на катинар до адресната лента.
  2. Докоснете Разрешения → Известия.
  3. Променете предпочитанията си.
Chrome (Desktop)
  1. Кликнете върху иконата на катинар в адресната лента.
  2. Изберете Настройки на сайта.
  3. Намерете Известия и коригирайте предпочитанията си.