Премини към съдържанието
Форумът в приложение

По-лесно сърфиране. Научи повече.
Kaldata.com - Форуми

Приложение на форума на цял екран с push известия, значки и други.

За да инсталирате това приложение на iOS и iPadOS
  1. Докоснете Иконата за споделяне в Safari
  2. Превъртете менюто и докоснете Добавяне към началния екран.
  3. Докоснете Добавяне в горния десен ъгъл.
За да инсталирате това приложение на Android
  1. Докоснете менюто с 3 точки (⋮) в горния десен ъгъл на браузъра.
  2. Докоснете Добавяне към началния екран или Инсталиране на приложение.
  3. Потвърдете, като докоснете Инсталиране.
Добави Kaldata.com в предпочитани източници в Google

stan.s

Потребител

  • Регистрация

  • Последно онлайн

Виж профила Намиране на съдържание

  1. Проблем (firmware) на Sitecom рутер.

    stan.s отговори в добавена от stan.s тема в Рутери, Модеми, Суичове
    Благодаря. Пробвах първо с втория:Но след като зададох файла нищо не стана,загуби се страницата.После зададох първия файл.. инсталира се , зададох на ново втория и тогава го прие.Сега ще тествам новия firmware и ако не се оправят нещата много ще съм ви благодарен ако ми дадете съвети как да се справя с този проблем.

  2. Проблем (firmware) на Sitecom рутер.

    stan.s отговори в добавена от stan.s тема в Рутери, Модеми, Суичове
    Благодаря. Съпътващи документи няма.Само тези два файла. Обаче има по-стара версия ,която е една версия по-нова от моята. Още не съм я инсталирал.Трябва ли и нея да инсталирам или направо най-новата.

  3. Проблем (firmware) на Sitecom рутер.

    stan.s отговори в добавена от stan.s тема в Рутери, Модеми, Суичове
    Моля ви Като разархивирах пакетчето има два файла: WL-341-342-APPS-V1-9-0-10.dlf WL-341-342-KNL-V1-9-0-23.dlf Кой от двата трябва да се инсталира или и двата?

  4. Проблем (firmware) на Sitecom рутер.

    stan.s публикува тема в Рутери, Модеми, Суичове
    Здравейте, трябва ми малко помощ за да си инсталирам новия firmware на рутера. Причината е ,че много ми сече интернета през WI-FI то. Примерно когато зарежда някой сайт или вкл.Скайп,прекъсва връзката към рутера и после веднага пак се свързва. Може причината да се крие другаде,но не ми са ясни тия неща за това моля за малко помощ. Рутера е : WL-341 - Wireless Router 300N X2 version: v2 002 Моят сайт Моят е със версия: firmware:1.7 Сега виждам ,че във сайта има две версйи по нови. Как трябва да процедирам? Направо да инсталирам най-новата или по-ред.Как се инсталира.И трябва ли после да пипам нещо по настройките? Моят сайт

  5. Затваряне на (Speaker Phone Companion)

    stan.s отговори в добавена от stan.s тема в Програми - Проблеми и Дискусии
    Пробвах не става... пак си излиза това телефонче. То май е екстра на аудиокартата.Току що четох как става в един форум но там е описано за SoundMax карта а моята е IDT и не мога да намеря къде е опцията. http://www.vrbones.com/2008/02/close-speaker-phone-companion-in-system.html

  6. Затваряне на (Speaker Phone Companion)

    stan.s публикува тема в Програми - Проблеми и Дискусии
    Здравейте, Може ли някой да ми каже как да си изключа тази опция ,че много ме дразни.Изкача едно черно телефонче и трябва постоянно да го махам.Преди го нямаше но се появи след като инсталирах по-нова версия на Skype.От начало мислех,че като се върна на по стара версия ще се махне но неще... Благодаря ви предварително.

  7. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Невероятни сте.... Сърдечни благодарности на целия екип и най вече на колегата ви (nologo) P.S-И нека повече хора да следват вашия пример, независимо за коя проф.област се отнася!!!

  8. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Ето файла: combofix.txt

  9. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Оооо няма проблем ,за мене е удоволствие.Така се краде занаят(шега) П.П- Нортона ми е лицензиран.Преди имах 2009 сега съм със 2010,и понеже не съм компютърен спец,реших да си плащам за лицензиран антивирусен софтуер,да нямам подобни проблеми.Но уви!!!! За това сега малко ме е яд. Това е файла. Само дето забравих да сменя името на програмата в ff2.exe ако е проблем ,ще сканирам на ново. Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1251.359.1043.18.2046.1133 [GMT 2:00] Running from: c:\users\Makro\Desktop\ComboFix.exe AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} SP: Avira AntiVir PersonalEdition *enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\users\Makro\AppData\Roaming\Microsoft\Windows\Recent\Comfy Cakes.pif D:\nc.exe . ((((((((((((((((((((((((( Files Created from 2010-04-08 to 2010-05-08 ))))))))))))))))))))))))))))))) . 2010-05-07 11:48 . 2010-05-07 11:48 -------- d-----w- c:\program files\Windows Portable Devices 2010-05-07 11:36 . 2009-10-01 01:02 30208 ----a-w- c:\windows\system32\WPDShextAutoplay.exe 2010-05-07 11:35 . 2009-10-08 21:08 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2010-05-07 11:35 . 2009-10-08 21:08 234496 ----a-w- c:\windows\system32\oleacc.dll 2010-05-07 11:35 . 2009-10-08 21:07 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2010-05-07 11:33 . 2010-01-06 15:39 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-05-07 11:33 . 2010-01-06 15:38 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-05-07 11:33 . 2010-01-06 13:30 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-05-07 11:05 . 2010-05-07 11:06 -------- d-----w- c:\windows\system32\ca-ES 2010-05-07 11:05 . 2010-05-07 11:06 -------- d-----w- c:\windows\system32\eu-ES 2010-05-07 11:05 . 2010-05-07 11:06 -------- d-----w- c:\windows\system32\vi-VN 2010-05-07 10:36 . 2010-05-07 10:36 -------- d-----w- c:\windows\system32\EventProviders 2010-05-07 10:28 . 2009-02-18 18:38 619864 ----a-w- c:\windows\system32\icardagt.exe 2010-05-07 10:27 . 2009-04-11 06:32 53736 ----a-w- c:\windows\system32\drivers\disk.sys 2010-05-07 10:26 . 2009-04-11 06:28 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll 2010-05-07 10:26 . 2009-04-11 06:28 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll 2010-05-07 10:26 . 2009-04-11 06:28 189440 ----a-w- c:\windows\system32\wbem\mofd.dll 2010-05-07 10:26 . 2009-04-11 06:28 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2010-05-07 10:26 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll 2010-05-07 10:26 . 2009-04-11 06:28 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll 2010-05-07 10:26 . 2009-04-11 06:28 265728 ----a-w- c:\windows\system32\wbem\esscli.dll 2010-05-07 10:26 . 2009-04-11 06:28 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2010-05-07 10:26 . 2009-04-11 06:28 218624 ----a-w- c:\windows\system32\wdscore.dll 2010-05-07 10:26 . 2009-04-11 06:27 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2010-05-07 10:25 . 2009-04-11 06:28 247808 ----a-w- c:\windows\system32\drvstore.dll 2010-05-07 09:37 . 2008-05-27 04:59 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2010-05-07 00:03 . 2010-05-07 00:03 -------- d-----w- C:\PerfLogs 2010-05-06 22:42 . 2008-01-18 21:36 6656 ----a-w- c:\windows\system32\sdspres.dll 2010-05-06 22:42 . 2008-01-18 21:33 193024 ----a-w- c:\windows\system32\recdisc.exe 2010-05-06 22:41 . 2008-01-18 21:36 28160 ----a-w- c:\windows\system32\sxproxy.dll 2010-05-06 22:34 . 2008-01-18 21:35 87552 ----a-w- c:\windows\system32\msoert2.dll 2010-05-06 22:33 . 2008-01-18 21:34 18944 ----a-w- c:\windows\system32\ias.dll 2010-05-06 22:28 . 2010-05-06 22:28 -------- d-----w- C:\7bf05734d24c706bfe25b610 2010-05-01 21:09 . 2010-05-01 21:09 388096 ----a-r- c:\users\Makro\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe 2010-05-01 21:09 . 2010-05-01 21:09 -------- d-----w- c:\program files\Trend Micro 2010-05-01 18:43 . 2010-05-01 18:43 -------- d-----w- c:\users\Makro\AppData\Roaming\Malwarebytes 2010-05-01 18:42 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-01 18:42 . 2010-05-01 18:42 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-01 18:42 . 2010-05-01 18:42 -------- d-----w- c:\programdata\Malwarebytes 2010-05-01 18:42 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-01 17:08 . 2010-04-12 15:29 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-28 16:17 . 2010-04-28 16:17 -------- d-----w- c:\windows\system32\drivers\NSS 2010-04-28 16:17 . 2010-04-28 16:17 -------- d-----w- c:\program files\Norton Security Scan 2010-04-27 23:22 . 2010-04-27 23:22 57344 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.dll 2010-04-27 23:22 . 2010-04-27 23:21 754984 ----a-w- c:\programdata\DivX\Setup\Resource.dll 2010-04-27 23:22 . 2010-04-27 23:22 56766 ----a-w- c:\programdata\DivX\DivXPlusShortcuts\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:21 1180952 ----a-w- c:\programdata\DivX\Setup\DivXSetup.exe 2010-04-27 23:22 . 2010-04-27 23:22 56978 ----a-w- c:\programdata\DivX\WebPlayer\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:22 57409 ----a-w- c:\programdata\DivX\ControlPanel\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:22 53600 ----a-w- c:\programdata\DivX\Update\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:22 52963 ----a-w- c:\programdata\DivX\MSVC80CRTRedist\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:22 54073 ----a-w- c:\programdata\DivX\Qt4.5\Uninstaller.exe 2010-04-27 23:22 . 2010-04-27 23:22 -------- d-----w- c:\program files\Common Files\DivX Shared 2010-04-27 23:21 . 2010-04-27 23:21 144696 ----a-w- c:\programdata\DivX\RunAsUser\RUNASUSERPROCESS.exe 2010-04-27 23:21 . 2010-04-27 23:22 -------- d-----w- c:\programdata\DivX 2010-04-22 09:42 . 2010-03-05 14:01 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-04-21 11:15 . 2009-03-08 11:32 72704 ----a-w- c:\windows\system32\admparse.dll 2010-04-16 12:00 . 2010-04-16 12:00 5430 ----a-r- c:\users\Makro\AppData\Roaming\Microsoft\Installer\{DA084DC0-F7C4-4285-9304-D0EB88AF0998}\_F7BD5300A94D01B980311C.exe 2010-04-16 12:00 . 2010-04-16 12:00 5430 ----a-r- c:\users\Makro\AppData\Roaming\Microsoft\Installer\{DA084DC0-F7C4-4285-9304-D0EB88AF0998}\_6FEFF9B68218417F98F549.exe 2010-04-16 12:00 . 2010-04-16 12:00 5430 ----a-r- c:\users\Makro\AppData\Roaming\Microsoft\Installer\{DA084DC0-F7C4-4285-9304-D0EB88AF0998}\_4C2FBD8A940F15BB854FB5.exe 2010-04-16 11:58 . 2010-04-16 11:56 39936 ----a-w- c:\programdata\Readon\plugins\libstream_out_standard_plugin.dll 2010-04-16 11:57 . 2010-04-16 11:56 46080 ----a-w- c:\programdata\Readon\plugins\libflacsys_plugin.dll 2010-04-16 11:56 . 2010-04-16 11:56 44032 ----a-w- c:\programdata\Readon\plugins\libaout_directx_plugin.dll 2010-04-14 11:41 . 2010-02-23 11:10 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-04-14 11:41 . 2010-02-23 11:10 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-04-14 11:41 . 2010-02-23 11:10 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-04-14 11:40 . 2010-02-18 14:07 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-04-14 11:40 . 2010-02-18 14:07 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-04-14 11:40 . 2010-02-18 14:07 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-04-14 11:40 . 2010-02-18 13:30 200704 ----a-w- c:\windows\system32\iphlpsvc.dll 2010-04-14 11:40 . 2010-02-18 11:28 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys 2010-04-14 11:40 . 2008-01-19 05:55 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS 2010-04-14 11:38 . 2009-12-23 11:33 172032 ----a-w- c:\windows\system32\wintrust.dll 2010-04-14 11:38 . 2010-01-13 17:34 98304 ----a-w- c:\windows\system32\cabview.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-08 23:24 . 2006-11-02 16:11 666310 ----a-w- c:\windows\system32\perfh013.dat 2010-05-08 23:24 . 2006-11-02 16:11 130884 ----a-w- c:\windows\system32\perfc013.dat 2010-05-08 22:13 . 2007-05-27 00:48 -------- d-----w- c:\users\Makro\AppData\Roaming\Skype 2010-05-08 22:05 . 2007-05-27 00:50 -------- d-----w- c:\users\Makro\AppData\Roaming\skypePM 2010-05-08 12:09 . 2010-01-28 01:17 -------- d-----w- c:\users\Makro\AppData\Roaming\vlc 2010-05-07 11:48 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-05-07 11:48 . 2010-05-07 11:48 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2010-05-07 11:47 . 2010-05-07 11:47 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2010-05-07 11:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar 2010-05-07 11:07 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar 2010-05-07 11:07 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail 2010-05-07 11:06 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Journal 2010-05-07 11:06 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Collaboration 2010-05-07 11:06 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Photo Gallery 2010-05-07 11:06 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender 2010-05-07 11:03 . 2010-05-07 11:03 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2010-05-07 11:02 . 2010-05-07 11:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2010-05-06 23:49 . 2006-11-02 10:32 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2010-05-06 23:49 . 2006-11-02 10:32 82432 ----a-w- c:\windows\system32\axaltocm.dll 2010-05-06 21:57 . 2009-11-23 00:29 -------- d-----w- c:\program files\Microsoft 2010-05-04 12:09 . 2008-03-23 06:28 -------- d-----w- c:\users\Makro\AppData\Roaming\uTorrent 2010-05-01 17:08 . 2008-05-05 22:00 -------- d-----w- c:\program files\Java 2010-04-29 17:44 . 2010-04-29 17:44 201616 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHRules.dll 2010-04-29 17:44 . 2010-04-29 17:44 1407888 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHEngine.dll 2010-04-29 17:44 . 2010-04-29 17:44 678448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx64.sys 2010-04-29 17:44 . 2010-04-29 17:44 537136 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx86.sys 2010-04-29 17:44 . 2010-04-29 17:44 611216 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\bbRGen.dll 2010-04-28 16:17 . 2009-06-13 20:30 -------- d-----w- c:\programdata\Norton 2010-04-28 16:17 . 2010-03-13 17:54 -------- d-----w- c:\program files\NortonInstaller 2010-04-27 23:35 . 2008-02-21 00:24 -------- d-----w- c:\program files\Google 2010-04-27 23:22 . 2009-03-14 22:00 -------- d-----w- c:\program files\DivX 2010-04-16 12:00 . 2010-01-25 14:54 -------- d-----w- c:\program files\Readon Technology 2010-04-16 11:59 . 2010-04-16 11:56 -------- d-----w- c:\programdata\Readon 2010-04-16 11:55 . 2010-04-16 11:57 38912 ----a-w- c:\programdata\Readon\plugins\libes_plugin.dll 2010-04-14 22:08 . 2009-10-22 21:22 -------- d-----w- c:\programdata\Microsoft Help 2010-04-14 12:36 . 2010-01-22 18:27 -------- d-----w- c:\users\Makro\AppData\Roaming\dvdcss 2010-04-02 16:23 . 2008-05-05 21:58 -------- d-----w- c:\program files\Common Files\Java 2010-03-25 23:29 . 2010-03-13 18:03 786800 ----a-r- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll 2010-03-13 18:09 . 2007-07-05 07:11 -------- d-----w- c:\program files\Common Files\Symantec Shared 2010-03-13 18:07 . 2010-05-08 23:48 84912 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\NAVENG.SYS 2010-03-13 18:07 . 2010-05-08 23:48 177520 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\NAVENG32.DLL 2010-03-13 18:07 . 2010-05-08 23:48 1647984 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\NAVEX32A.DLL 2010-03-13 18:07 . 2010-05-08 23:48 1324720 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\NAVEX15.SYS 2010-03-13 18:07 . 2010-05-08 23:48 371248 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\EECTRL.SYS 2010-03-13 18:07 . 2010-05-08 23:48 2747440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\CCERASER.DLL 2010-03-13 18:07 . 2010-05-08 23:48 259440 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\ECMSVR32.DLL 2010-03-13 18:07 . 2010-05-08 23:48 102448 ----a-w- c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\VirusDefs\20100508.019\ERASER.SYS 2010-03-13 18:02 . 2010-03-13 18:02 -------- d-----w- c:\program files\Symantec 2010-03-13 18:02 . 2010-03-13 18:02 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2010-03-13 18:02 . 2010-03-13 18:02 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2010-03-13 18:02 . 2010-03-13 18:02 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-03-13 18:01 . 2010-03-13 18:01 -------- d-----w- c:\program files\Norton Internet Security 2010-03-13 17:54 . 2009-06-13 20:27 -------- d-----w- c:\programdata\NortonInstaller 2010-03-04 11:50 . 2010-03-04 11:50 261152 ----a-w- c:\windows\system32\drivers\Rtlh86.sys 2010-02-25 16:07 . 2008-01-16 10:12 102808 ----a-w- c:\users\Makro\AppData\Local\GDIPFONTCACHEV1.DAT 2010-02-23 06:39 . 2010-04-21 11:19 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-23 06:33 . 2010-04-21 11:19 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-02-23 06:33 . 2010-04-21 11:19 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-02-23 04:55 . 2010-04-21 11:19 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-02-20 23:06 . 2010-03-10 13:59 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-02-20 23:05 . 2010-03-10 13:59 30720 ----a-w- c:\windows\system32\httpapi.dll 2010-02-20 20:53 . 2010-03-10 13:59 411648 ----a-w- c:\windows\system32\drivers\http.sys 2010-02-12 10:49 . 2010-04-05 16:09 293376 ----a-w- c:\windows\system32\browserchoice.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920] "ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-18 125952] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe" [2007-02-26 149040] "Google Update"="c:\users\Makro\AppData\Local\Google\Update\GoogleUpdate.exe" [2009-11-01 133104] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Windows Defender"="c:\program files\Windows Defender\MSASCui.exe" [2008-01-18 1008184] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2006-11-10 90112] "RtHDVCpl"="RtHDVCpl.exe" [2007-04-10 4431872] "SMSERIAL"="c:\program files\Motorola\SMSERIAL\sm56hlpr.exe" [2006-11-22 630784] "NeroFilterCheck"="c:\program files\Common Files\Ahead\Lib\NeroCheck.exe" [2007-02-26 153136] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-07-22 116040] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2008-10-25 31072] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2010-04-02 40368] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "Skytel"="Skytel.exe" [2007-04-04 1822720] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "EnableUIADesktopToggle"= 0 (0x0) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend] @="Service" [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Picasa Media Detector] c:\program files\Picasa2\PicasaMediaDetector [X] [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate] 2010-04-12 22:46 1135912 ----a-w- c:\program files\DivX\DivX Update\DivXUpdate.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task] 2008-05-27 08:50 413696 ----a-w- c:\program files\QuickTime\QTTask.exe [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2010-02-18 09:43 248040 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall] "DisableMonitoring"=dword:00000001 [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "VistaSp2"=hex(b):4f,65,d3,6d,d6,ed,ca,01 R2 gupdate;Google Updateservice (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 136176] R3 bcm;Beceem Communications Inc. Tarang3;c:\windows\system32\DRIVERS\drxvi314.sys [x] R3 bcmbusctr;Beceem Devices' Enumerator;c:\windows\system32\DRIVERS\BcmBusCtr.sys [x] R4 sptd;sptd;c:\windows\system32\Drivers\sptd.sys [x] S0 SymDS;Symantec Data Store;c:\windows\system32\drivers\NIS\1106000.020\SYMDS.SYS [2009-08-30 328752] S0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\NIS\1106000.020\SYMEFA.SYS [2010-02-04 172592] S1 BHDrvx86;BHDrvx86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\BASHDefs\20100429.001\BHDrvx86.sys [2010-04-29 537136] S1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\NIS\1106000.020\ccHPx86.sys [2010-02-25 501888] S1 IDSVix86;IDSVix86;c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\Definitions\IPSDefs\20100505.001\IDSvix86.sys [2009-11-17 343088] S1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\NIS\1106000.020\Ironx86.SYS [2010-02-27 116784] S1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\System32\Drivers\NIS\1106000.020\SYMTDIV.SYS [2010-02-04 340016] S2 NIS;Norton Internet Security;c:\program files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe [2010-02-25 126392] S3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2010-03-13 102448] S3 itecir;ITECIR Infrared Receiver;c:\windows\system32\DRIVERS\itecir.sys [2007-04-04 46592] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] LocalServiceAndNoImpersonation REG_MULTI_SZ FontCache . Contents of the 'Scheduled Tasks' folder 2010-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 23:34] 2010-05-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-04-27 23:34] 2010-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1016335641-426247505-854909016-1000Core.job - c:\users\Makro\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-01 01:26] 2010-05-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1016335641-426247505-854909016-1000UA.job - c:\users\Makro\AppData\Local\Google\Update\GoogleUpdate.exe [2009-11-01 01:26] 2010-05-07 c:\windows\Tasks\Norton Internet Security - Volledige systeemscan - Makro.job - c:\program files\Norton Internet Security\Engine\17.6.0.32\navw32.exe [2010-04-06 23:51] 2010-05-08 c:\windows\Tasks\Norton Security Scan for Makro.job - c:\program files\Norton Security Scan\Engine\2.7.3.34\Nss.exe [2010-04-28 22:04] 2010-05-07 c:\windows\Tasks\User_Feed_Synchronization-{EBDD2B2F-455C-49D9-8BAC-8F75430D9ACA}.job - c:\windows\system32\msfeedssync.exe [2010-04-21 04:54] . . ------- Supplementary Scan ------- . FF - ProfilePath - c:\users\Makro\AppData\Roaming\Mozilla\Firefox\Profiles\o739yd37.default\ FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\coFFPlgn\components\coFFPlgn.dll FF - component: c:\programdata\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_17.0.0.136\IPSFFPlgn\components\IPSFFPl.dll FF - plugin: c:\program files\DivX\DivX Plus Web Player\npdivx32.dll FF - plugin: c:\program files\Google\Google Earth\plugin\npgeplugin.dll FF - plugin: c:\program files\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\Microsoft\Office Live\npOLW.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\np-mswmp.dll FF - plugin: c:\program files\Mozilla Firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\Picasa2\npPicasa2.dll FF - plugin: c:\users\Makro\AppData\Local\Google\Update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ ---- FIREFOX POLICIES ---- c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); . - - - - ORPHANS REMOVED - - - - MSConfigStartUp-avgnt - c:\program files\Avira\AntiVir PersonalEdition Premium\avgnt.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-09 01:47 Windows 6.0.6002 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... c:\users\Makro\AppData\Local\Temp\catchme.dll 53248 bytes executable scan completed successfully hidden files: 1 ************************************************************************** [HKEY_LOCAL_MACHINE\system\ControlSet001\Services\NIS] "ImagePath"="\"c:\program files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe\" /s \"NIS\" /m \"c:\program files\Norton Internet Security\Engine\17.6.0.32\diMaster.dll\" /prefetch:1" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\system\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings] @Denied: (A) (Users) @Denied: (A) (Everyone) @Allowed: (B 1 2 3 4 5) (S-1-5-20) "BlindDial"=dword:00000000 "MSCurrentCountry"=dword:000000b5 . Completion time: 2010-05-09 01:52:31 ComboFix-quarantined-files.txt 2010-05-08 23:52 Pre-Run: 40 924 901 376 bytes beschikbaar Post-Run: 40 664 580 096 bytes beschikbaar - - End Of File - - 78456CF24B7198224A7F2D68B7E34634

  10. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    А как според вас е влезнала тая зараза? Аз по принцип ползвам Гоогле Хроом като браузер.Но забелязах,че при другите браузери ИЕ и Мозила антивирусната НИС-2010 ми показва кои сайт е безопасен и кои не.А при Хрооме тази опция липсва.Да не би антивирусната да не подържа Хрома и от там да си минават заразите или просто не я бива.И ако е така коя антивирусна бихте ми препоръчали за в бъдеще.

  11. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Ооох направо ми олекна. Те понеже не бяха инсталирани,и аз за това ги махнах дирекно от декстопа.Повече нищо няма да махам докато не превършим. А мога ли да попитам самоВ какво състояние ми е Windows-a.Защото аз следвам итструкцйите,но почти нищо не разбирам какво правя. AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} Виждам ,че има много зацапано,понеже тая Авира преди 2г, я бях инсталирал временно,после не можах да я исчистя тотално и сега ми се появява от време на време да ме дразни.

  12. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Аз изтрих дирекно от декстопа OTL.exe TFC.exe RootRepeal: преди да инсталирам сервизните пакети. : JavaRa изтри старите версий,но махнах файла преди да го копирам. Малко оплесках работите май!!!

  13. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Ето първия: DDS (Ver_10-03-17.01) - NTFSx86 Run by Makro at 19:08:24,64 on ±єЎ 08.05.2010 Ј. Internet Explorer: 8.0.6001.18904 BrowserJavaVersion: 1.6.0_20 Microsoft® Windows Vista™ Home Premium 6.0.6002.2.1251.359.1043.18.2046.1104 [GMT 2:00] AV: Avira AntiVir PersonalEdition *On-access scanning enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} AV: Norton Internet Security *On-access scanning enabled* (Updated) {E10A9785-9598-4754-B552-92431C1C35F8} SP: Windows Defender *disabled* (Outdated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46} SP: Avira AntiVir PersonalEdition *enabled* (Outdated) {C19476D9-52BC-4E93-8AF3-CCF59F7AE8FE} SP: Norton Internet Security *enabled* (Updated) {CBB7EE13-8244-4DAB-8B55-D5C7AA91E59A} FW: Norton Internet Security *enabled* {7C21A4C9-F61F-4AC4-B722-A6E19C16F220} ============== Running Processes =============== C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k rpcss C:\Windows\system32\Ati2evxx.exe C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k GPSvcGroup C:\Windows\system32\SLsvc.exe C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\Ati2evxx.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe C:\Windows\system32\taskeng.exe C:\Windows\system32\Dwm.exe C:\Windows\system32\taskeng.exe C:\Windows\Explorer.EXE C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted C:\Program Files\CyberLink\Shared Files\RichVideo.exe C:\Windows\system32\svchost.exe -k imgsvc C:\firststeps\OnlineDiagnostic\TestManager\TestHandler.exe C:\Windows\System32\svchost.exe -k WerSvcGroup C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE C:\Windows\RtHDVCpl.exe C:\Program Files\Motorola\SMSERIAL\sm56hlpr.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe c:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.EXE C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Windows\ehome\ehtray.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Windows\ehome\ehmsas.exe C:\Users\Makro\AppData\Local\Google\Update\1.2.183.23\GoogleCrashHandler.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe C:\Program Files\Norton Internet Security\Engine\17.6.0.32\ccSvcHst.exe C:\Windows\system32\wbem\unsecapp.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Windows\system32\DllHost.exe C:\Windows\system32\DllHost.exe C:\Users\Makro\Desktop\dds.scr C:\Windows\system32\conime.exe C:\Windows\system32\wbem\wmiprvse.exe ============== Pseudo HJT Report =============== uSearch Bar = Preserve BHO: Adobe PDF Reader Help bij koppelingen: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - No File BHO: Symantec NCO BHO: {602adb0e-4aff-4217-8aa1-95dac4dfa408} - c:\program files\norton internet security\engine\17.6.0.32\coIEPlg.dll BHO: Symantec Intrusion Prevention: {6d53ec84-6aae-4787-aeee-f4628f01010c} - c:\program files\norton internet security\engine\17.6.0.32\IPSBHO.DLL BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Aanmeldhulp voor Windows Live ID: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll TB: Norton Toolbar: {7febefe3-6b19-4349-98d2-ffb09d4b49ca} - c:\program files\norton internet security\engine\17.6.0.32\coIEPlg.dll uRun: [sidebar] c:\program files\windows sidebar\sidebar.exe /autoRun uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [Google Update] "c:\users\makro\appdata\local\google\update\GoogleUpdate.exe" /c mRun: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide mRun: [startCCC] c:\program files\ati technologies\ati.ace\core-static\CLIStart.exe mRun: [RtHDVCpl] RtHDVCpl.exe mRun: [sMSERIAL] c:\program files\motorola\smserial\sm56hlpr.exe mRun: [NeroFilterCheck] c:\program files\common files\ahead\lib\NeroCheck.exe mRun: [AppleSyncNotifier] c:\program files\common files\apple\mobile device support\bin\AppleSyncNotifier.exe mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe" mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe" mRun: [skytel] Skytel.exe mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0) mPolicies-system: EnableUIADesktopToggle = 0 (0x0) IE: {0E17D5B7-9F5D-4fee-9DF6-CA6EE38B68A8} - res://c:\program files\iespell\iespell.dll/SPELLCHECK.HTM IE: {1606D6F9-9D3B-4aea-A025-ED5B2FD488E7} - res://c:\program files\iespell\iespell.dll/SPELLOPTION.HTM IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll ================= FIREFOX =================== FF - ProfilePath - c:\users\makro\appdata\roaming\mozilla\firefox\profiles\o739yd37.default\ FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\coffplgn\components\coFFPlgn.dll FF - component: c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\ipsffplgn\components\IPSFFPl.dll FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\picasa2\npPicasa2.dll FF - plugin: c:\users\makro\appdata\local\google\update\1.2.183.23\npGoogleOneClick8.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\ FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA} FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} ---- FIREFOX POLICIES ---- c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", ""); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false); c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true); ============= SERVICES / DRIVERS =============== R0 SymDS;Symantec Data Store;c:\windows\system32\drivers\nis\1106000.020\symds.sys [2010-4-6 328752] R0 SymEFA;Symantec Extended File Attributes;c:\windows\system32\drivers\nis\1106000.020\symefa.sys [2010-4-6 172592] R1 BHDrvx86;BHDrvx86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\definitions\bashdefs\20100429.001\BHDrvx86.sys [2010-4-29 537136] R1 ccHP;Symantec Hash Provider;c:\windows\system32\drivers\nis\1106000.020\cchpx86.sys [2010-4-6 501888] R1 IDSVix86;IDSVix86;c:\programdata\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nis_17.0.0.136\definitions\ipsdefs\20100505.001\IDSvix86.sys [2010-5-7 343088] R1 SymIRON;Symantec Iron Driver;c:\windows\system32\drivers\nis\1106000.020\ironx86.sys [2010-4-6 116784] R1 SYMTDIv;Symantec Vista Network Dispatch Driver;c:\windows\system32\drivers\nis\1106000.020\symtdiv.sys [2010-4-6 340016] R2 NIS;Norton Internet Security;c:\program files\norton internet security\engine\17.6.0.32\ccsvchst.exe [2010-4-6 126392] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:\program files\common files\symantec shared\eengine\EraserUtilRebootDrv.sys [2010-3-13 102448] R3 itecir;ITECIR Infrared Receiver;c:\windows\system32\drivers\itecir.sys [2007-7-5 46592] S2 AntiVirScheduler;AntiVir PersonalEdition Premium Planer;"c:\program files\avira\antivir personaledition premium\sched.exe" --> c:\program files\avira\antivir personaledition premium\sched.exe [?] S2 gupdate;Google Updateservice (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-4-28 136176] S3 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2010-5-7 21504] =============== Created Last 30 ================ 2010-05-07 22:41:31 468372526 ----a-w- c:\windows\MEMORY.DMP 2010-05-07 11:48:21 0 d-----w- c:\program files\Windows Portable Devices 2010-05-07 11:48:08 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_07_00.Wdf 2010-05-07 11:47:45 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_07_00.Wdf 2010-05-07 11:36:52 81920 ----a-w- c:\windows\system32\wpdbusenum.dll 2010-05-07 11:35:48 555520 ----a-w- c:\windows\system32\UIAutomationCore.dll 2010-05-07 11:35:48 4096 ----a-w- c:\windows\system32\oleaccrc.dll 2010-05-07 11:35:48 234496 ----a-w- c:\windows\system32\oleacc.dll 2010-05-07 11:33:45 1696256 ----a-w- c:\windows\system32\gameux.dll 2010-05-07 11:33:44 4240384 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll 2010-05-07 11:33:44 28672 ----a-w- c:\windows\system32\Apphlpdm.dll 2010-05-07 11:05:24 0 d-----w- c:\windows\system32\eu-ES 2010-05-07 11:05:24 0 d-----w- c:\windows\system32\ca-ES 2010-05-07 11:05:22 0 d-----w- c:\windows\system32\vi-VN 2010-05-07 11:03:02 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdFs_01_00_00.Wdf 2010-05-07 11:02:23 0 ---ha-w- c:\windows\system32\drivers\Msft_User_WpdMtpDr_01_00_00.Wdf 2010-05-07 10:36:52 0 d-----w- c:\windows\system32\EventProviders 2010-05-07 10:28:58 619864 ----a-w- c:\windows\system32\icardagt.exe 2010-05-07 10:27:59 627200 ----a-w- c:\windows\system32\sethc.exe 2010-05-07 10:26:54 83968 ----a-w- c:\windows\system32\wbem\wmiutils.dll 2010-05-07 10:26:54 30208 ----a-w- c:\windows\system32\wbem\wbemprox.dll 2010-05-07 10:26:54 189440 ----a-w- c:\windows\system32\wbem\mofd.dll 2010-05-07 10:26:53 744448 ----a-w- c:\windows\system32\wbem\wbemcore.dll 2010-05-07 10:26:53 614912 ----a-w- c:\windows\system32\wbem\fastprox.dll 2010-05-07 10:26:53 265728 ----a-w- c:\windows\system32\wbem\repdrvfs.dll 2010-05-07 10:26:53 265728 ----a-w- c:\windows\system32\wbem\esscli.dll 2010-05-07 10:26:39 705536 ----a-w- c:\windows\system32\SmiEngine.dll 2010-05-07 10:26:15 218624 ----a-w- c:\windows\system32\wdscore.dll 2010-05-07 10:26:15 130560 ----a-w- c:\windows\system32\PkgMgr.exe 2010-05-07 10:25:05 247808 ----a-w- c:\windows\system32\drvstore.dll 2010-05-07 09:37:41 18904 ----a-w- c:\windows\system32\StructuredQuerySchemaTrivial.bin 2010-05-07 09:37:38 11967524 ----a-w- c:\windows\system32\korwbrkr.lex 2010-05-07 00:03:34 0 d-----w- C:\PerfLogs 2010-05-06 22:42:47 6656 ----a-w- c:\windows\system32\sdspres.dll 2010-05-06 22:42:41 193024 ----a-w- c:\windows\system32\recdisc.exe 2010-05-06 22:41:07 28160 ----a-w- c:\windows\system32\sxproxy.dll 2010-05-06 22:34:59 87552 ----a-w- c:\windows\system32\msoert2.dll 2010-05-06 22:33:58 18944 ----a-w- c:\windows\system32\ias.dll 2010-05-06 22:29:10 196608 ----a-w- c:\windows\SPInstall.etl 2010-05-06 22:28:54 0 d-----w- C:\7bf05734d24c706bfe25b610 2010-05-01 21:09:31 0 d-----w- c:\program files\Trend Micro 2010-05-01 18:43:18 0 d-----w- c:\users\makro\appdata\roaming\Malwarebytes 2010-05-01 18:42:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-01 18:42:53 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-01 18:42:53 0 d-----w- c:\programdata\Malwarebytes 2010-05-01 18:42:53 0 d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-01 17:08:10 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-04-28 16:17:10 0 d-----w- c:\windows\system32\drivers\NSS 2010-04-28 16:17:10 0 d-----w- c:\program files\Norton Security Scan 2010-04-27 23:22:18 0 d-----w- c:\program files\common files\DivX Shared 2010-04-27 23:21:15 0 d-----w- c:\programdata\DivX 2010-04-22 09:42:49 420352 ----a-w- c:\windows\system32\vbscript.dll 2010-04-21 11:15:46 72704 ----a-w- c:\windows\system32\admparse.dll 2010-04-16 11:56:28 0 d-----w- c:\programdata\Readon 2010-04-14 11:41:05 79360 ----a-w- c:\windows\system32\drivers\mrxsmb20.sys 2010-04-14 11:41:05 212992 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys 2010-04-14 11:41:04 106496 ----a-w- c:\windows\system32\drivers\mrxsmb.sys 2010-04-14 11:40:59 3600776 ----a-w- c:\windows\system32\ntkrnlpa.exe 2010-04-14 11:40:59 3548040 ----a-w- c:\windows\system32\ntoskrnl.exe 2010-04-14 11:40:39 62464 ----a-w- c:\windows\system32\l3codeca.acm 2010-04-14 11:40:39 220672 ----a-w- c:\windows\system32\l3codecp.acm 2010-04-14 11:40:36 904576 ----a-w- c:\windows\system32\drivers\tcpip.sys 2010-04-14 11:40:36 25088 ----a-w- c:\windows\system32\drivers\tunnel.sys 2010-04-14 11:40:36 200704 ----a-w- c:\windows\system32\iphlpsvc.dll 2010-04-14 11:40:35 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS 2010-04-14 11:38:26 172032 ----a-w- c:\windows\system32\wintrust.dll 2010-04-14 11:38:19 98304 ----a-w- c:\windows\system32\cabview.dll ==================== Find3M ==================== 2010-05-08 06:37:10 666310 ----a-w- c:\windows\system32\perfh013.dat 2010-05-08 06:37:10 130884 ----a-w- c:\windows\system32\perfc013.dat 2010-05-07 11:48:13 86016 ----a-w- c:\windows\inf\infstor.dat 2010-05-07 11:48:13 665600 ----a-w- c:\windows\inf\drvindex.dat 2010-05-07 11:48:13 51200 ----a-w- c:\windows\inf\infpub.dat 2010-05-07 11:48:13 143360 ----a-w- c:\windows\inf\infstrng.dat 2010-05-07 10:51:25 37665 ----a-w- c:\windows\fonts\GlobalUserInterface.CompositeFont 2010-05-07 00:16:33 174 --sha-w- c:\program files\desktop.ini 2010-05-06 23:49:17 101888 ----a-w- c:\windows\system32\ifxcardm.dll 2010-05-06 23:49:07 82432 ----a-w- c:\windows\system32\axaltocm.dll 2010-03-13 18:02:36 805 ----a-w- c:\windows\system32\drivers\SYMEVENT.INF 2010-03-13 18:02:36 7443 ----a-w- c:\windows\system32\drivers\SYMEVENT.CAT 2010-03-13 18:02:36 124976 ----a-w- c:\windows\system32\drivers\SYMEVENT.SYS 2010-02-23 06:39:13 916480 ----a-w- c:\windows\system32\wininet.dll 2010-02-23 06:33:45 71680 ----a-w- c:\windows\system32\iesetup.dll 2010-02-23 06:33:45 109056 ----a-w- c:\windows\system32\iesysprep.dll 2010-02-23 04:55:36 133632 ----a-w- c:\windows\system32\ieUnatt.exe 2010-02-20 23:06:41 24064 ----a-w- c:\windows\system32\nshhttp.dll 2010-02-20 23:05:14 30720 ----a-w- c:\windows\system32\httpapi.dll 2010-02-12 10:49:08 293376 ----a-w- c:\windows\system32\browserchoice.exe 2006-11-02 16:08:26 41976 ----a-w- c:\windows\inf\perflib\0413\perfd.dat 2006-11-02 16:08:26 41976 ----a-w- c:\windows\inf\perflib\0413\perfc.dat 2006-11-02 16:08:26 336440 ----a-w- c:\windows\inf\perflib\0413\perfi.dat 2006-11-02 16:08:26 336440 ----a-w- c:\windows\inf\perflib\0413\perfh.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfi.dat 2006-11-02 09:20:21 287440 ----a-w- c:\windows\inf\perflib\0000\perfh.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfd.dat 2006-11-02 09:20:19 30674 ----a-w- c:\windows\inf\perflib\0000\perfc.dat 2010-01-12 22:11:40 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\history\history.ie5\index.dat 2010-01-12 22:11:40 32768 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\local\microsoft\windows\temporary internet files\content.ie5\index.dat 2010-01-12 22:11:40 16384 --sha-w- c:\windows\serviceprofiles\networkservice\appdata\roaming\microsoft\windows\cookies\index.dat 2008-05-20 00:32:35 32768 --sha-w- c:\windows\system32\config\systemprofile\appdata\local\microsoft\windows\history\history.ie5\mshist012008052020080521\index.dat ============= FINISH: 19:09:34,65 =============== Ето и втория: UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-03-17.01) Microsoft® Windows Vista™ Home Premium Boot Device: \Device\HarddiskVolume2 Install Date: 16.1.2008 г. 10:59:22 System Uptime: 5.8.2010 г. 08:31:02 (-2125 hours ago) Motherboard: FUJITSU SIEMENS | | F42 Processor: Intel® Core2 Duo CPU T7100 @ 1.80GHz | U2E1 | 1801/mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 91 GiB total, 37,766 GiB free. D: is FIXED (NTFS) - 46 GiB total, 22,835 GiB free. E: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP594: 7.5.2010 г. 00:29:31 - Windows Vista Service Pack 1 RP595: 7.5.2010 г. 11:25:41 - Windows Update RP596: 7.5.2010 г. 12:35:26 - Windows Update RP597: 7.5.2010 г. 13:33:53 - Windows Update RP598: 8.5.2010 г. 14:35:22 - Gepland herstelpunt ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Reader 8.2.2 - Nederlands Adobe Shockwave Player 11.5 Apple Mobile Device Support ATI Catalyst Install Manager ATI Uninstaller Catalyst Control Center Core Implementation Catalyst Control Center Graphics Full Existing Catalyst Control Center Graphics Full New Catalyst Control Center Graphics Light Catalyst Control Center Graphics Previews Vista Catalyst Control Center Localization Chinese Standard Catalyst Control Center Localization Chinese Traditional Catalyst Control Center Localization Dutch Catalyst Control Center Localization French Catalyst Control Center Localization German Catalyst Control Center Localization Italian Catalyst Control Center Localization Japanese Catalyst Control Center Localization Korean Catalyst Control Center Localization Portuguese Catalyst Control Center Localization Spanish Catalyst Control Center Localization Swedish ccc-core-static ccc-utility CCC Help Chinese Standard CCC Help Chinese Traditional CCC Help Dutch CCC Help English CCC Help French CCC Help German CCC Help Italian CCC Help Japanese CCC Help Korean CCC Help Portuguese CCC Help Spanish CCC Help Swedish CCleaner (remove only) DivX Setup FinePix Studio FirstSteps Diagnostics Google Chrome Google Update Helper Google чµјя HiJackThis Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) ieSpell inSSIDer Japanese Fonts Support For Adobe Reader 8 Java Auto Updater Java 6 Update 20 Java 6 Update 5 Java 6 Update 7 Luxor Luxor Amun Rising Luxor Mahjong Malwarebytes' Anti-Malware Microsoft .NET Framework 1.1 Microsoft .NET Framework 1.1 Security Update (KB953297) Microsoft .NET Framework 3.5 Language Pack SP1 - nld Microsoft .NET Framework 3.5 SP1 Microsoft Application Error Reporting Microsoft Choice Guard Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Enterprise 2007 Trial Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Live Add-in 1.4 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Project 2007 Service Pack 2 (SP2) Microsoft Office Project MUI (English) 2007 Microsoft Office Project Professional 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Silverlight Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Works Motorola SM56 Data Fax Modem Mozilla Firefox (3.5.9) MSVCRT MSXML 4.0 SP2 (KB936181) MSXML 4.0 SP2 (KB941833) MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) Nero 7 Essentials Norton Internet Security Norton Security Scan Picasa 2 PowerDV Prince of Persia T2T QuickTime Readon TV Movie Radio Player 6.3.1.0 Realtek High Definition Audio Driver Revo Uninstaller 1.71 Ricochet Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB978380) Security Update for Microsoft Office Excel 2007 (KB978382) Security Update for Microsoft Office Outlook 2007 (KB972363) Security Update for Microsoft Office PowerPoint 2007 (KB957789) Security Update for Microsoft Office Publisher 2007 (KB980470) Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB969613) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Windows Media Encoder (KB954156) Skins Skype™ 4.0 Taalpakket voor Microsoft .NET Framework 3.5 SP1 - NL TreeSize Free V2.1 Update for 2007 Microsoft Office System (KB967642) Update for 2007 Microsoft Office System (KB981715) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 Help for Common Features (KB963673) Update for Microsoft Office Access 2007 Help (KB963663) Update for Microsoft Office Excel 2007 Help (KB963678) Update for Microsoft Office InfoPath 2007 (KB976416) Update for Microsoft Office Infopath 2007 Help (KB963662) Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office OneNote 2007 Help (KB963670) Update for Microsoft Office Outlook 2007 Help (KB963677) Update for Microsoft Office Powerpoint 2007 Help (KB963669) Update for Microsoft Office Project 2007 Help (KB963668) Update for Microsoft Office Publisher 2007 Help (KB963667) Update for Microsoft Office Script Editor Help (KB963671) Update for Microsoft Office Word 2007 (KB974561) Update for Microsoft Office Word 2007 Help (KB963665) Update for Outlook 2007 Junk Email Filter (kb981433) VC80CRTRedist - 8.0.50727.4053 VLC media player 1.0.3 Windows Live - Hulpprogramma voor uploaden Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live ID Sign-in Assistant Windows Live Messenger Windows Media Encoder 9 Series Windows Media Player Firefox Plugin WinRAR archiver XnView 1.96.5 µTorrent ==== End Of File ===========================

  14. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Аааа благодаря,благодаря вече съм със SP2.Първия го изтеглих,после ъпдеитнах няколко пъти.... и втория ми дойде с ъпдетите. Тука малко не ми е ясно какво означава скрипт блокиращи приложения и разрешете изпълнението на dds.scr. -тука снимката не се отваря при мен

  15. Троян - (appcrash - iexplore.exe) [РЕШЕН]

    stan.s отговори в добавена от stan.s тема в Премахване на зловреден софтуер
    Не мога да го кача,за това го копирах.Но десния ред на файла не се вижда!!! Eто и файла: GMER 1.0.15.15281 - http://www.gmer.net Rootkit scan 2010-05-08 00:33:51 Windows 6.0.6002 Service Pack 2 Running: Tool.exe.exe; Driver: C:\Users\Makro\AppData\Local\Temp\pxtcakow.sys ---- System - GMER 1.0.15 ---- SSDT 92FF6068 ZwAlertResumeThread SSDT 92DFD118 ZwAlertThread SSDT 93B7BB60 ZwAllocateVirtualMemory SSDT 914450B0 ZwAlpcConnectPort SSDT 931F62C8 ZwAssignProcessToJobObject SSDT 93BB45B0 ZwCreateMutant SSDT 93BB9F80 ZwCreateSymbolicLinkObject SSDT 93B7C948 ZwCreateThread SSDT 931ECF90 ZwDebugActiveProcess SSDT 93B7C4B8 ZwDuplicateObject SSDT 93B7B680 ZwFreeVirtualMemory SSDT 92BF3068 ZwImpersonateAnonymousToken SSDT 92FFC108 ZwImpersonateThread SSDT 91446B88 ZwLoadDriver SSDT 93B7B5A8 ZwMapViewOfSection SSDT 92BF8138 ZwOpenEvent SSDT 93B7C9E8 ZwOpenProcess SSDT 92A5C120 ZwOpenProcessToken SSDT 92DF9518 ZwOpenSection SSDT 93B7C588 ZwOpenThread SSDT 93BB8A78 ZwProtectVirtualMemory SSDT 92DF9068 ZwResumeThread SSDT 92DF6120 ZwSetContextThread SSDT 93B7BE78 ZwSetInformationProcess SSDT 931EBCA8 ZwSetSystemInformation SSDT 92BF61B0 ZwSuspendProcess SSDT 92DFA120 ZwSuspendThread SSDT 915FB120 ZwTerminateProcess SSDT 92DFB108 ZwTerminateThread SSDT 92BFD118 ZwUnmapViewOfSection SSDT 93B7B8D0 ZwWriteVirtualMemory SSDT 93BB8238 ZwCreateThreadEx INT 0x51 ? 89816F00 INT 0x52 ? 89816F00 INT 0x62 ? 8768ABF8 INT 0x72 ? 8768ABF8 INT 0x92 ? 8801EBF8 INT 0x92 ? 89816F00 INT 0x92 ? 8801EBF8 INT 0xA2 ? 89816F00 INT 0xB3 ? 89816F00 ---- Kernel code sections - GMER 1.0.15 ---- .text ntkrnlpa.exe!KeSetEvent + 11D 852EB880 8 Bytes [68, 60, FF, 92, 18, D1, DF, ...] {PUSH 0x1892ff60; RCR EDI, 0x1; XCHG EDX, EAX} .text ntkrnlpa.exe!KeSetEvent + 131 852EB894 4 Bytes [60, BB, B7, 93] .text ntkrnlpa.exe!KeSetEvent + 13D 852EB8A0 4 Bytes [b0, 50, 44, 91] {MOV AL, 0x50; INC ESP; XCHG ECX, EAX} .text ntkrnlpa.exe!KeSetEvent + 191 852EB8F4 4 Bytes [C8, 62, 1F, 93] {ENTER 0x1f62, 0x93} .text ntkrnlpa.exe!KeSetEvent + 1F5 852EB958 4 Bytes [b0, 45, BB, 93] .text ... ? System32\Drivers\spvp.sys Het systeem kan het opgegeven pad niet vinden. ! .text USBPORT.SYS!DllUnload 90BC641B 5 Bytes JMP 898164E0 .text acgkvzpd.SYS 9010E000 22 Bytes [82, 33, 21, 85, 6C, 32, 21, ...] .text acgkvzpd.SYS 9010E017 80 Bytes [00, 32, B7, F9, 8A, 3D, B5, ...] .text acgkvzpd.SYS 9010E068 24 Bytes [4D, DA, 27, 85, 00, 4F, 28, ...] .text acgkvzpd.SYS 9010E081 53 Bytes [4A, 28, 85, 98, 5E, 2E, 85, ...] .text acgkvzpd.SYS 9010E0B7 22 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortUchar] [8AE926D2] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUchar] [8AE92040] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortWritePortBufferUshort] [8AE927FC] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortUshort] [8AE920BE] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\system32\drivers\atapi.sys[ataport.SYS!AtaPortReadPortBufferUshort] [8AE9213C] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [8AEA2048] \SystemRoot\System32\Drivers\spvp.sys IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortNotification] F73BFF33 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortWritePortUchar] B85F0B75 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortWritePortUlong] FFFFFFFE IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortGetPhysicalAddress] 08C25D5E IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortConvertPhysicalAddressToUlong] 5D8B5300 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortGetScatterGatherList] 74DF3B0C IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortReadPortUchar] 01FB8311 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortStallExecution] 5F5B0C74 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortGetParentBusType] FFFFFEB8 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortRequestCallback] C25D5EFF IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortWritePortBufferUshort] 7E390008 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortGetUnCachedExtension] C7077524 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortCompleteRequest] C1642446 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortMoveMemory] 7E399011 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortCompleteAllActiveRequests] C7077528 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortReleaseRequestSenseIrb] C1902846 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortBuildRequestSenseIrb] 468B9011 IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortReadPortUshort] 244E8B2C IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortReadPortBufferUshort] 7468016A IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortInitialize] 500000FA IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortGetDeviceBase] C73BD1FF IAT \SystemRoot\System32\Drivers\acgkvzpd.SYS[ataport.SYS!AtaPortDeviceStateChange] 5F5B0C75 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 880211F8 Device \Driver\volmgr \Device\VolMgrControl 8801C1F8 Device \Driver\netbt \Device\NetBT_Tcpip_{BA55B2B6-B27B-41DD-8D11-B2ACF3CA5B96} 914511F8 Device \Driver\usbuhci \Device\USBPDO-0 877211F8 Device \Driver\usbuhci \Device\USBPDO-1 877211F8 Device \Driver\usbehci \Device\USBPDO-2 8771F1F8 Device \Driver\usbuhci \Device\USBPDO-3 877211F8 Device \Driver\usbuhci \Device\USBPDO-4 877211F8 AttachedDevice \Driver\tdx \Device\Tcp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) Device \Driver\PCI_PNP5076 \Device\00000056 spvp.sys Device \Driver\usbuhci \Device\USBPDO-5 877211F8 Device \Driver\usbehci \Device\USBPDO-6 8771F1F8 Device \Driver\volmgr \Device\HarddiskVolume1 8801C1F8 Device \Driver\volmgr \Device\HarddiskVolume2 8801C1F8 Device \Driver\netbt \Device\NetBT_Tcpip_{1BB8512B-6E95-418F-A66E-E3CA7617CB6B} 914511F8 Device \Driver\cdrom \Device\CdRom0 8992E1F8 Device \Driver\volmgr \Device\HarddiskVolume3 8801C1F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-0 8801F1F8 Device \Driver\iaStor \Device\Ide\iaStor0 [8B153D30] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\atapi \Device\Ide\IdePort0 8801F1F8 Device \Driver\atapi \Device\Ide\IdePort1 8801F1F8 Device \Driver\iaStor \Device\Ide\IAAStorageDevice-0 [8B153D30] \SystemRoot\system32\DRIVERS\iaStor.sys[unknown section] {MOV EDX, [ESP+0x8]; LEA ECX, [ESP+0x4]; PUSH EAX; MOV EAX, ESP; PUSH EAX} Device \Driver\netbt \Device\NetBt_Wins_Export 914511F8 Device \Driver\Smb \Device\NetbiosSmb 914771F8 Device \Driver\iScsiPrt \Device\RaidPort0 8992C1F8 AttachedDevice \Driver\tdx \Device\Udp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) AttachedDevice \Driver\tdx \Device\RawIp SYMTDIV.SYS (Network Dispatch Driver/Symantec Corporation) Device \Driver\usbuhci \Device\USBFDO-0 877211F8 Device \Driver\usbuhci \Device\USBFDO-1 877211F8 Device \Driver\usbehci \Device\USBFDO-2 8771F1F8 Device \Driver\usbuhci \Device\USBFDO-3 877211F8 Device \Driver\usbuhci \Device\USBFDO-4 877211F8 Device \Driver\usbuhci \Device\USBFDO-5 877211F8 Device \Driver\sptd \Device\1455627088 spvp.sys Device \Driver\usbehci \Device\USBFDO-6 8771F1F8 Device \Driver\acgkvzpd \Device\Scsi\acgkvzpd1 899691F8 Device \FileSystem\cdfs \Cdfs ABE781F8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 -1718817394 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 -33898185 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE9 0x62 0xCB 0x4E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x48 0x7D 0x90 0xB1 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x85 0x82 0x13 0x71 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xE9 0x62 0xCB 0x4E ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x48 0x7D 0x90 0xB1 ... Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet003\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x85 0x82 0x13 0x71 ... ---- EOF - GMER 1.0.15 ----

Разглеждащи това в момента 0

  • Няма регистрирани потребители разглеждащи тази страница.

Профил

Навигация

Търсене

Търсене

Конфигуриране на push известия в браузъра
Chrome (Android)
  1. Докоснете иконата на катинар до адресната лента.
  2. Докоснете Разрешения → Известия.
  3. Променете предпочитанията си.
Chrome (Desktop)
  1. Кликнете върху иконата на катинар в адресната лента.
  2. Изберете Настройки на сайта.
  3. Намерете Известия и коригирайте предпочитанията си.