Премини към съдържанието
Форумът в приложение

По-лесно сърфиране. Научи повече.
Kaldata.com - Форуми

Приложение на форума на цял екран с push известия, значки и други.

За да инсталирате това приложение на iOS и iPadOS
  1. Докоснете Иконата за споделяне в Safari
  2. Превъртете менюто и докоснете Добавяне към началния екран.
  3. Докоснете Добавяне в горния десен ъгъл.
За да инсталирате това приложение на Android
  1. Докоснете менюто с 3 точки (⋮) в горния десен ъгъл на браузъра.
  2. Докоснете Добавяне към началния екран или Инсталиране на приложение.
  3. Потвърдете, като докоснете Инсталиране.
Добави Kaldata.com в предпочитани източници в Google

tonitaakg

Потребител

  • Регистрация

  • Последно онлайн

Виж профила Намиране на съдържание

  1. Изчезнала информация от диск

    tonitaakg отговори в добавена от tonitaakg тема в Програми - Проблеми и Дискусии
    благодаря ви за бързия отговор, сега ще пробвам да видим какво ще стане

  2. Изчезнала информация от диск

    tonitaakg публикува тема в Програми - Проблеми и Дискусии
    Здравейте, проблемът ми е следния: незнам какво е станало, но абсолютно всичко ми е изчезвало от D-то, там съхранявах много ценна информацция за мен, както снимки ,музика и др. , но в един момент бум и всичко изчезна. ...

  3. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Надявам се да няма проблеми, но все пак ще следя с интерес форума

  4. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Невероятен си пълната проверка с Avast!5.0.377 Final не откри нищо благодаря за което

  5. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Имам още един въпрос да деинсталирам ли Malwarebytes' Anti-Malware , и дали Panda USB Vaccine и avast! 5.0.377 Final няма ли да си пречат

  6. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Много, много, ама много ти благодаря страхотен си

  7. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Ето това е логът: Malwarebytes' Anti-Malware 1.44 Версия на базата от данни: 3608 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 21.1.2010 г. 18:06:46 mbam-log-2010-01-21 (18-06-46).txt Тип сканиране: Пълно сканиране (C:\|D:\|E:\|F:\|) Сканирани обекти: 149075 Изминало време: 11 minute(s), 21 second(s) Заразени процеси в паметта: 0 Заразени модули в паметта: 0 Заразени ключове в регистратурата: 0 Заразени стойности в регистратурата: 0 Заразени информационни обекти в регистратурата: 0 Заразени папки: 0 Заразени файлове: 26 Заразени процеси в паметта: (Не бяха открити заплахи) Заразени модули в паметта: (Не бяха открити заплахи) Заразени ключове в регистратурата: (Не бяха открити заплахи) Заразени стойности в регистратурата: (Не бяха открити заплахи) Заразени информационни обекти в регистратурата: (Не бяха открити заплахи) Заразени папки: (Не бяха открити заплахи) Заразени файлове: C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001062.bat (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001063.bat (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001064.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001065.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001067.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001068.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001069.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001070.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001071.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001072.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001073.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001074.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001075.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001076.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001077.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001078.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001080.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001081.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001061.bat (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001079.exe (Trojan.KillAV) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001202.sys (Malware.Trace) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001354.sys (Malware.Trace) -> Quarantined and deleted successfully. C:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001406.sys (Malware.Trace) -> Quarantined and deleted successfully. D:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001083.bat (Trojan.KillAV) -> Quarantined and deleted successfully. D:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001084.bat (Trojan.KillAV) -> Quarantined and deleted successfully. D:\System Volume Information\_restore{2ACA4347-3042-4DDE-B1A5-C2CFD120346C}\RP2\A0001085.bat (Trojan.KillAV) -> Quarantined and deleted successfully.

  8. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    След стартирането на SafeBootReprir.exe ми се появи това: Reg export of SafeBoot key after repair: ======================== Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot] "AlternateShell"="cmd.exe" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\AppMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Base] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Boot file system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\CryptSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\DcomLaunch] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\dmserver] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\EventLog] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\HelpSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Netlogon] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PCI Configuration] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PlugPlay] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\PNP Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\Primary disk] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\RpcSs] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SCSI Class] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sermouse.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\SRService] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\System Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vga.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\WinMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}] @="Universal Serial Bus controllers" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}] @="CD-ROM Drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}] @="Standard floppy disk controller" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}] @="PCMCIA Adapters" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}] @="SCSIAdapter" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}] @="Floppy disk drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] @="Human Interface Devices" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AFD] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\AppMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Base] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Boot file system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Browser] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\CryptSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DcomLaunch] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Dhcp] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmadmin] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmboot.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmio.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmload.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\dmserver] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\DnsCache] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\EventLog] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\File system] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\HelpSvc] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ip6fw.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\ipnat.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanServer] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LanmanWorkstation] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\LmHosts] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Messenger] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NDIS Wrapper] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Ndisuio] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOS] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBIOSGroup] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetBT] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetDDEGroup] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Netlogon] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetMan] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Network] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NetworkProvider] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\NtLmSsp] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PCI Configuration] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PlugPlay] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP Filter] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\PNP_TDI] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Primary disk] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpcdd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpdd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdpwd.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\rdsessmgr] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\RpcSs] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SCSI Class] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sermouse.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SharedAccess] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\sr.sys] @="FSFilter System Recovery" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\SRService] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Streams Drivers] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\System Bus Extender] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\Tcpip] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\TDI] @="Driver Group" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdpipe.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\tdtcp.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\termservice] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vga.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\vgasave.sys] @="Driver" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WinMgmt] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\WZCSVC] @="Service" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{1a3e09be-1e45-494b-9174-d7385b45bbf5}] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{36FC9E60-C465-11CF-8056-444553540000}] @="Universal Serial Bus controllers" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}] @="CD-ROM Drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}] @="DiskDrive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}] @="Standard floppy disk controller" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}] @="Hdc" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}] @="Keyboard" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}] @="Mouse" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}] @="Net" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}] @="NetClient" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}] @="NetService" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}] @="NetTrans" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}] @="PCMCIA Adapters" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}] @="SCSIAdapter" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}] @="System" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}] @="Floppy disk drive" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] @="Volume" [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\safeboot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] @="Human Interface Devices" ========================

  9. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    ComboFix 10-01-20.05 - ! 01.2010 г. 16:47:46.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1791.1404 [GMT 2:00] Running from: c:\documents and settings\!\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\!\Desktop\CFScript.txt . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\!\Start Menu\Programs\Startup\desktop.ini c:\documents and settings\All Users\Start Menu\Programs\Startup\desktop.ini c:\documents and settings\Default User\Start Menu\Programs\Startup\desktop.ini c:\windows\system32\config\systemprofile\Start Menu\Programs\Startup\desktop.ini . --------------- FCopy --------------- c:\program files\ATI Technologies\ATI.ACE\Core-Implementation\ATIDEMGX.dll --> c:\windows\system32\ATIDEMGX.dll c:\windows\ie8\dxtmsft.dll --> c:\windows\system32\dxtmsft.dll c:\windows\ie8\dxtmsft.dll --> c:\windows\system32\dllcache\dxtmsft.dll c:\windows\ie8\dxtrans.dll --> c:\windows\system32\dxtrans.dll c:\windows\ie8\dxtrans.dll --> c:\windows\system32\dllcache\dxtrans.dll . ((((((((((((((((((((((((( Files Created from 2009-12-21 to 2010-01-21 ))))))))))))))))))))))))))))))) . 2010-01-21 13:42 . 2010-01-21 13:42 -------- d-----w- c:\documents and settings\!\Application Data\Malwarebytes 2010-01-21 13:42 . 2010-01-21 13:42 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2010-01-21 08:23 . 2010-01-21 08:23 -------- d-----w- C:\_OTL 2010-01-20 20:19 . 2010-01-20 20:19 -------- d-----w- c:\windows\system32\LogFiles 2010-01-20 19:56 . 2001-08-17 20:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll 2010-01-20 19:56 . 2001-08-17 20:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll 2010-01-20 19:56 . 2001-08-17 20:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll 2010-01-20 19:56 . 2001-08-17 20:36 8192 ----a-w- c:\windows\system32\kbdkor.dll 2010-01-20 19:56 . 2001-08-17 12:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll 2010-01-20 19:56 . 2001-08-17 12:55 6144 ----a-w- c:\windows\system32\kbd101c.dll 2010-01-20 19:56 . 2001-08-17 12:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll 2010-01-20 19:56 . 2001-08-17 12:55 5632 ----a-w- c:\windows\system32\kbd103.dll 2010-01-20 19:56 . 2001-08-17 12:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll 2010-01-20 19:56 . 2001-08-17 12:55 6144 ----a-w- c:\windows\system32\kbd101b.dll 2010-01-20 19:56 . 2008-04-14 03:39 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll 2010-01-20 19:56 . 2008-04-14 03:39 6144 ----a-w- c:\windows\system32\kbd106.dll 2010-01-18 15:18 . 2010-01-18 15:18 -------- d-----w- c:\documents and settings\!\Application Data\URSE Games 2010-01-14 14:07 . 2010-01-14 14:07 -------- d-----w- c:\documents and settings\!\Application Data\Virtual Prophecy 2010-01-13 14:35 . 2010-01-13 14:35 -------- d-----w- c:\documents and settings\!\Application Data\Dragon Altar Games 2010-01-13 13:42 . 2010-01-13 13:42 -------- d-----w- c:\documents and settings\!\Application Data\Aisle 5 Games, Inc 2010-01-13 13:42 . 2010-01-13 13:42 4096 ----a-w- c:\windows\d3dx.dat 2010-01-13 13:41 . 2010-01-13 13:41 -------- d-----w- c:\windows\G.H.O.S.T Chronicles - Phantom of the Renaissance Faire 2010-01-12 17:32 . 2010-01-12 17:32 -------- d-----w- c:\documents and settings\!\Local Settings\Application Data\Game Mill Files 2010-01-12 16:55 . 2008-04-14 03:41 21504 -c--a-w- c:\windows\system32\dllcache\hidserv.dll 2010-01-12 16:55 . 2008-04-14 03:41 21504 ----a-w- c:\windows\system32\hidserv.dll 2010-01-12 16:55 . 2001-08-17 11:48 12160 -c--a-w- c:\windows\system32\dllcache\mouhid.sys 2010-01-12 16:55 . 2001-08-17 11:48 12160 ----a-w- c:\windows\system32\drivers\mouhid.sys 2010-01-12 16:55 . 2008-04-13 22:09 14592 -c--a-w- c:\windows\system32\dllcache\kbdhid.sys 2010-01-12 16:55 . 2008-04-13 22:09 14592 ----a-w- c:\windows\system32\drivers\kbdhid.sys 2010-01-12 14:46 . 2010-01-12 14:46 -------- d-----w- c:\documents and settings\!\Application Data\TitanicMystery 2010-01-11 16:04 . 2010-01-11 16:04 -------- d-----w- c:\documents and settings\All Users\Application Data\Gogii 2010-01-11 16:03 . 2010-01-11 16:03 -------- d-----w- c:\program files\ReflexiveArcade 2010-01-07 14:29 . 2010-01-07 14:29 -------- d-----w- c:\documents and settings\!\Application Data\YoudaGames 2010-01-07 12:52 . 2010-01-07 12:52 -------- d-----w- c:\documents and settings\!\Application Data\Artogon 2010-01-06 21:26 . 2010-01-12 21:13 -------- d-----w- c:\documents and settings\All Users\Application Data\NOS 2010-01-06 21:26 . 2010-01-06 21:26 -------- d-----w- c:\program files\NOS 2010-01-06 15:15 . 2010-01-06 15:15 -------- d-----w- c:\documents and settings\!\Application Data\Orneon 2010-01-05 21:44 . 2010-01-05 21:44 -------- d-----w- c:\documents and settings\!\Application Data\Go-Go Gourmet Chef of the Year 2010-01-05 20:43 . 2010-01-05 20:43 -------- d-----w- c:\documents and settings\All Users\Application Data\JollyBear 2010-01-05 20:43 . 2010-01-05 20:43 -------- d-----w- c:\documents and settings\!\Local Settings\Application Data\JollyBear 2010-01-05 20:42 . 2010-01-05 20:42 -------- d-----w- c:\program files\Common Files\Oberon Media 2010-01-05 20:05 . 2010-01-05 20:05 -------- d-----w- c:\documents and settings\All Users\Application Data\Merscom 2010-01-05 20:05 . 2010-01-05 20:05 -------- d-----w- c:\documents and settings\!\Application Data\Merscom 2010-01-05 18:52 . 2010-01-05 19:16 -------- d-----w- c:\program files\Microids 2010-01-05 12:28 . 2010-01-05 12:28 -------- d-----w- c:\documents and settings\All Users\Application Data\PlayFirst 2010-01-05 12:28 . 2010-01-05 12:28 -------- d-----w- c:\documents and settings\!\Application Data\PlayFirst 2010-01-03 17:30 . 2010-01-03 17:30 -------- d-----w- c:\documents and settings\!\Application Data\Media Player Classic 2009-12-30 13:58 . 2009-12-30 13:58 -------- d--h--w- c:\windows\PIF 2009-12-30 10:25 . 2009-12-30 10:25 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Google 2009-12-30 10:14 . 2009-12-30 10:14 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-12-30 10:14 . 2010-01-21 09:21 -------- d-----w- c:\documents and settings\!\Application Data\skypePM 2009-12-30 10:13 . 2009-12-30 10:13 -------- d-----w- c:\program files\Common Files\Skype 2009-12-22 19:40 . 2010-01-20 19:03 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Panda Software 2009-12-22 19:40 . 2009-12-22 19:40 -------- d-----w- c:\documents and settings\All Users\Application Data\sentinel 2009-12-22 19:39 . 2010-01-20 19:03 -------- d-----w- c:\documents and settings\!\Local Settings\Application Data\Panda Software 2009-12-22 19:37 . 2010-01-20 19:04 -------- d-----w- c:\program files\Common Files\Panda Software 2009-12-22 19:33 . 2009-12-22 19:33 -------- d-sh--w- c:\documents and settings\LocalService\PrivacIE 2009-12-22 19:33 . 2009-12-30 10:14 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google 2009-12-22 19:33 . 2009-12-22 19:33 -------- d-sh--w- c:\documents and settings\LocalService\IECompatCache 2009-12-22 19:20 . 2008-12-17 17:41 884237 ----a-w- c:\documents and settings\!\Application Data\BSplayer PRO\FFDShow\ff_x264.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-01-21 14:43 . 2009-12-03 15:41 -------- d-----w- c:\program files\FlashGet 2010-01-21 14:27 . 2009-12-06 17:23 -------- d-----w- c:\documents and settings\!\Application Data\Skype 2010-01-21 12:54 . 2009-12-04 08:57 -------- d-----w- c:\program files\ESET 2010-01-21 12:40 . 2009-12-03 08:26 42168 ----a-w- c:\documents and settings\!\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-01-20 19:04 . 2009-12-03 08:31 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-01-11 17:43 . 2009-12-07 11:29 -------- d-----w- c:\documents and settings\!\Application Data\uTorrent 2010-01-07 23:35 . 2009-12-12 17:02 -------- d-----w- c:\documents and settings\!\Application Data\Big Fish Games 2010-01-07 23:28 . 2009-12-17 11:55 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2010-01-05 22:43 . 2009-12-18 13:18 -------- d-----w- c:\documents and settings\!\Application Data\ERS G-Studio 2009-12-30 10:14 . 2009-12-06 17:32 -------- d-----w- c:\program files\Google 2009-12-30 10:13 . 2009-12-04 09:02 -------- d-----r- c:\program files\Skype 2009-12-30 10:13 . 2009-12-04 09:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-12-22 19:21 . 2009-12-11 15:43 -------- d-----w- c:\documents and settings\!\Application Data\BSplayer PRO 2009-12-20 14:55 . 2009-12-20 14:55 -------- d-----w- c:\documents and settings\!\Application Data\Meridian93 2009-12-17 16:00 . 2009-12-17 14:54 -------- d-----w- c:\program files\Alawar 2009-12-17 14:57 . 2009-12-17 14:57 -------- d-----w- c:\documents and settings\!\Application Data\TMInc 2009-12-17 14:55 . 2009-12-17 14:55 -------- d-----w- c:\documents and settings\All Users\Application Data\AlawarGameBox 2009-12-17 11:56 . 2009-12-17 11:56 -------- d-----w- c:\documents and settings\!\Application Data\SunRay Games 2009-12-15 14:22 . 2009-12-15 14:22 8854 ----a-r- c:\documents and settings\!\Application Data\Microsoft\Installer\{DA5E6A2D-DEAA-4152-A43A-FDBDE29AA724}\Uninstall_DAMN_NFO_V_DA5E6A2DDEAA4152A43AFDBDE29AA724.exe 2009-12-15 14:22 . 2009-12-15 14:22 49152 ----a-r- c:\documents and settings\!\Application Data\Microsoft\Installer\{DA5E6A2D-DEAA-4152-A43A-FDBDE29AA724}\DAMN_NFO_Viewer.exe_DA5E6A2DDEAA4152A43AFDBDE29AA724.exe 2009-12-15 14:22 . 2009-12-15 14:22 49152 ----a-r- c:\documents and settings\!\Application Data\Microsoft\Installer\{DA5E6A2D-DEAA-4152-A43A-FDBDE29AA724}\ARPPRODUCTICON.exe 2009-12-15 12:22 . 2009-12-15 12:22 -------- d-----w- c:\documents and settings\!\Application Data\IronCode 2009-12-12 13:27 . 2009-12-12 13:27 -------- d-----w- c:\documents and settings\!\Application Data\casanova 2009-12-12 06:45 . 2009-12-12 06:45 -------- d-----w- c:\program files\Common Files\DirectX 2009-12-10 21:20 . 2009-12-10 21:20 -------- d-----w- c:\program files\KONAMI 2009-12-10 13:44 . 2009-12-10 13:44 -------- d-----w- c:\documents and settings\!\Application Data\ChaYoWo Games 2009-12-10 09:44 . 2009-12-10 09:44 -------- d-----w- c:\documents and settings\!\Application Data\V-Games 2009-12-09 21:47 . 2009-12-09 21:47 -------- d-----w- c:\program files\MSXML 4.0 2009-12-08 16:33 . 2009-12-08 16:33 -------- d-----w- c:\program files\Alwil Software 2009-12-08 12:22 . 2009-12-08 12:22 -------- d-----w- c:\documents and settings\!\Application Data\SmarThru4 2009-12-08 12:22 . 2009-12-08 12:21 -------- d-----w- c:\program files\SmarThru 4 2009-12-08 12:22 . 2009-12-08 12:22 -------- d-----w- c:\program files\Common Files\SRC Shared 2009-12-08 12:22 . 2009-12-08 12:21 -------- d-----w- c:\program files\Readiris10 2009-12-08 12:19 . 2009-12-08 12:19 -------- d-----w- c:\program files\SAMSUNG 2009-12-08 08:47 . 2009-12-04 09:02 -------- d-----w- c:\program files\Common Files\Adobe 2009-12-07 11:35 . 2009-12-07 11:35 0 ----a-w- c:\windows\nsreg.dat 2009-12-07 11:35 . 2009-12-07 11:35 -------- d-----w- c:\documents and settings\!\Application Data\CometNetwork 2009-12-07 11:33 . 2009-12-07 11:33 1032192 ----a-w- c:\documents and settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}\components\IBitCometExtension.dll 2009-12-07 10:09 . 2009-12-07 10:09 1961720 ----a-w- c:\documents and settings\!\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2009-12-06 22:05 . 2009-12-06 22:05 -------- d-----w- c:\program files\MSBuild 2009-12-06 22:05 . 2009-12-06 22:05 -------- d-----w- c:\program files\Reference Assemblies 2009-12-06 17:11 . 2009-12-06 17:11 -------- d-----w- c:\documents and settings\!\Application Data\Auslogics 2009-12-06 17:11 . 2009-12-06 17:11 -------- d-----w- c:\documents and settings\!\Application Data\Ahead 2009-12-04 09:09 . 2009-12-04 09:09 -------- d-----w- c:\program files\DAEMON Tools 2009-12-04 09:08 . 2009-12-04 09:08 685816 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-12-04 09:07 . 2009-12-04 09:07 177024 ----a-w- c:\documents and settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\FlashGot.exe 2009-12-04 09:05 . 2009-12-04 09:05 -------- d-----w- c:\program files\Microsoft ActiveSync 2009-12-04 09:04 . 2009-12-04 09:04 -------- d-----w- c:\program files\Microsoft.NET 2009-12-04 09:04 . 2009-12-04 09:04 -------- d-----w- c:\program files\Winamp 2009-12-04 09:03 . 2009-12-04 09:03 -------- d-----w- c:\program files\Common Files\Ahead 2009-12-04 09:03 . 2009-12-04 09:03 -------- d-----w- c:\program files\Nero 2009-12-04 09:01 . 2009-12-04 09:01 -------- d-----w- c:\program files\K-Lite Codec Pack 2009-12-04 09:01 . 2009-12-04 09:01 -------- d-----w- c:\program files\Auslogics 2009-12-04 08:57 . 2009-12-04 08:57 -------- d-----w- c:\documents and settings\All Users\Application Data\ATI 2009-12-04 08:57 . 2009-12-04 08:57 -------- d-----w- c:\documents and settings\!\Application Data\ATI 2009-12-04 08:56 . 2009-12-04 08:56 0 ----a-w- c:\windows\ativpsrm.bin 2009-12-04 08:55 . 2009-12-04 08:51 -------- d-----w- c:\program files\ATI Technologies 2009-12-04 08:54 . 2009-12-03 08:31 -------- d-----w- c:\program files\Common Files\InstallShield 2009-12-04 08:54 . 2009-12-04 08:54 9158 ----a-r- c:\documents and settings\!\Application Data\Microsoft\Installer\{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}\ARPPRODUCTICON.exe 2009-12-04 08:54 . 2009-12-04 08:54 -------- d-----w- c:\program files\Common Files\ATI Technologies 2009-12-04 08:27 . 2009-12-03 08:18 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2009-12-03 15:33 . 2009-12-03 15:33 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2009-12-03 15:32 . 2009-12-03 15:32 -------- d-----w- c:\program files\Realtek 2009-12-03 15:32 . 2009-12-03 15:32 315392 ----a-w- c:\windows\HideWin.exe 2009-12-03 08:19 . 2009-12-03 08:19 -------- d-----w- c:\program files\microsoft frontpage 2009-12-03 08:16 . 2009-12-03 08:16 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-11-24 21:57 . 2009-12-04 09:04 110 ----a-w- c:\program files\setup.cmd 2009-11-21 15:51 . 2008-04-14 12:00 471552 ----a-w- c:\windows\AppPatch\aclayers.dll 2009-10-29 07:45 . 2008-04-14 12:00 916480 ----a-w- c:\windows\system32\wininet.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2009-12-06 39408] "BitComet"="d:\programki\BitComet\BitComet.exe" [2009-12-28 2940664] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2008-05-16 16862720] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-01-21 61440] "Google Quick Search Box"="c:\program files\Google\Quick Search Box\GoogleQuickSearchBox.exe" [2009-12-06 122368] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-10-03 35696] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2009-09-04 935288] "Samsung PanelMgr"="c:\windows\Samsung\PanelMgr\ssmmgr.exe" [2006-08-16 503808] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system] "ConsentPromptBehaviorAdmin"= 0 (0x0) "ConsentPromptBehaviorUser"= 0 (0x0) "EnableInstallerDetection"= 0 (0x0) "EnableSecureUIAPaths"= 0 (0x0) "EnableVirtualization"= 0 (0x0) "PromptOnSecureDesktop"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\FlashGet\\FlashGet.exe"= "d:\\PROGRAMKI\\BitComet\\BitComet.exe"= "c:\\Program Files\\Skype\\Plugin Manager\\skypePM.exe"= "d:\\utorrent.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "25403:TCP"= 25403:TCP:BitComet 25403 TCP "25403:UDP"= 25403:UDP:BitComet 25403 UDP R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [04.12.2009 г. 11:08 685816] R3 AtcL001;NDIS Miniport Driver for Atheros L1 Gigabit Ethernet Controller;c:\windows\system32\drivers\l151x86.sys [03.12.2009 г. 10:31 37376] S2 gupdate1ca8938d8592458;Услуга Google Update (gupdate1ca8938d8592458);c:\program files\Google\Update\GoogleUpdate.exe [30.12.2009 г. 12:14 133104] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] getPlusHelper REG_MULTI_SZ getPlusHelper . Contents of the 'Scheduled Tasks' folder 2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-30 10:14] 2010-01-21 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2009-12-30 10:14] 2010-01-21 c:\windows\Tasks\User_Feed_Synchronization-{C92D3F70-81D1-4578-85AB-90349F363915}.job - c:\windows\system32\msfeedssync.exe [2009-03-08 02:31] . . ------- Supplementary Scan ------- . uStart Page = about:blank IE: &D&ownload &with BitComet - d:\programki\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all video with BitComet - d:\programki\BitComet\BitComet.exe/AddVideo.htm IE: &D&ownload all with BitComet - d:\programki\BitComet\BitComet.exe/AddAllLink.htm IE: &Download All with FlashGet - c:\program files\FlashGet\jc_all.htm IE: &Download with FlashGet - c:\program files\FlashGet\jc_link.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll/cmsidewiki.html FF - ProfilePath - c:\documents and settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\ FF - prefs.js: browser.startup.homepage - hxxp://google.atcomet.com/b/ FF - plugin: c:\program files\Google\Update\1.2.183.13\npGoogleOneClick8.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\K-Lite Codec Pack\Real\browser\plugins\nprpjplug.dll FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ . - - - - ORPHANS REMOVED - - - - AddRemove-CometBird (3.5.5) - c:\program files\CometBird\uninstall\helper.exe AddRemove-{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114643957} - c:\program files\Games Of The Month\Big City Adventure Sydney\Uninstall.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-01-21 16:50 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys sptd.sys >>UNKNOWN [0x89C408AC]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xba0ecf28 \Driver\ACPI -> ACPI.sys @ 0xb9e7dcb8 \Driver\atapi -> atapi.sys @ 0xb9e12b40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x805836a8 ParseProcedure -> ntkrnlpa.exe @ 0x805827e8 NDIS: Atheros L1 Gigabit Ethernet 10/100/1000Base-T Controller -> SendCompleteHandler -> NDIS.sys @ 0xb9d1bbb0 PacketIndicateHandler -> NDIS.sys @ 0xb9d28a21 SendHandler -> NDIS.sys @ 0xb9d0687b user & kernel MBR OK ************************************************************************** . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(768) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(4080) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\program files\Google\Quick Search Box\bin\1.2.1151.235\qsb.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\windows\RTHDCPL.EXE c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\ccc.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2010-01-21 16:51:54 - machine was rebooted ComboFix-quarantined-files.txt 2010-01-21 14:51 Pre-Run: 7 230 296 064 bytes free Post-Run: 7 195 320 320 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect - - End Of File - - F59033BAD38D0884D0AF96F8FD381B4C

  10. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Положението след онлайн скенера според мен е плачевен, но все пак резултата е следния: ESETSmartInstaller@High as downloader log: all ok # version=7 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6211 # api_version=3.0.2 # EOSSerial=2a5fbc392633864383e5632c77b12241 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2010-01-21 01:21:21 # local_time=2010-01-21 03:21:21 (+0200, FLE Standard Time) # country="Bulgaria" # lang=1033 # osver=5.1.2600 NT Service Pack 3 # compatibility_mode=768 16777215 100 0 3792276 3792276 0 0 # compatibility_mode=1536 16777215 100 0 0 0 0 0 # compatibility_mode=8192 67108863 100 0 3784 3784 0 0 # scanned=42757 # found=28 # cleaned=28 # scan_time=1419 C:\Documents and Settings\!\Desktop\FLASHKA\autorun.inf Win32/AutoRun.Agent.TE worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_\autorun.inf INF/Autorun.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_\fivioaclz.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_\pwneoekxpxaxa.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_\tynckycndjk.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_Documents and Settings\!\Local Settings\Temp\bqpogesnndotekmsohcew.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_Documents and Settings\!\Local Settings\Temp\yicwjclbwhnnturs.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_Documents and Settings\!\Local Settings\Temp\zalwakk.exe a variant of Win32/AutoRun.Agent.TG worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_Documents and Settings\!\Local Settings\Temp\zmjgwsexvjsveiimgxq.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\bqpogesnndotekmsohcew.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\fqlguoyplxefmomog.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\maywnkxrqfptdijojbvw.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\oawshcnfcpxzhkjmfv.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\siiibaplmdpvhoryvploho.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\yicwjclbwhnnturs.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\zmjgwsexvjsveiimgxq.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\bqpogesnndotekmsohcew.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\fqlguoyplxefmomog.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\maywnkxrqfptdijojbvw.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\oawshcnfcpxzhkjmfv.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\siiibaplmdpvhoryvploho.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\yicwjclbwhnnturs.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\C_WINDOWS\system32\zmjgwsexvjsveiimgxq.exe Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C C:\_OTL\MovedFiles\01212010_143508\D_\autorun.inf INF/Autorun.Gen virus (deleted - quarantined) 00000000000000000000000000000000 C D:\fivioaclz.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\pwneoekxpxaxa.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\tynckycndjk.bat Win32/AutoRun.Agent.UD worm (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\PROGRAMKI\Nero_BackItUpAndBurn-1.0.5_update.exe Win32/Toolbar.AskSBar application (deleted - quarantined) 00000000000000000000000000000000 C След сканирането със SystemLook резултата е следния: SystemLook v1.0 by jpshortstuff (11.01.10) Log created at 15:27 on 21/01/2010 by ! (Administrator - Elevation successful) ========== filefind ========== Searching for "ATIDEMGX.dll" C:\Program Files\ATI Technologies\ATI.ACE\Core-Implementation\ATIDEMGX.dll --a--- 421888 bytes [12:23 27/05/2008] [12:23 27/05/2008] DB527D8FE56923A44F3E8D844F167C5F C:\WINDOWS\system32\ATIDEMGX.dll --a--- 421888 bytes [08:47 04/12/2009] [08:11 25/06/2008] 576913F2B928327B57538E4110FA9977 Searching for "dxtmsft.dll" C:\WINDOWS\ie8\dxtmsft.dll --a--c 357888 bytes [08:48 04/12/2009] [12:00 14/04/2008] FB8B75D3BE728E4D41C19AFBA339151E C:\WINDOWS\system32\dllcache\dxtmsft.dll --a--c 348160 bytes [12:00 14/04/2008] [02:31 08/03/2009] 057D53F1490598D41D9D4DEE9A92B0B1 C:\WINDOWS\system32\dxtmsft.dll --a--- 348160 bytes [12:00 14/04/2008] [02:31 08/03/2009] 057D53F1490598D41D9D4DEE9A92B0B1 Searching for "dxtrans.dll" C:\WINDOWS\ie8\dxtrans.dll --a--c 205312 bytes [08:48 04/12/2009] [12:00 14/04/2008] F3B0AC8A0C792544BF56999ABDB25F0C C:\WINDOWS\system32\dllcache\dxtrans.dll --a--c 216064 bytes [12:00 14/04/2008] [02:31 08/03/2009] 5E1A0476E009A1930A524DFF4CA13982 C:\WINDOWS\system32\dxtrans.dll --a--- 216064 bytes [12:00 14/04/2008] [02:31 08/03/2009] 5E1A0476E009A1930A524DFF4CA13982 -=End Of File=-

  11. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    След Run Fix последва това? All processes killed ========== OTL ========== No active process named fqlguoyplxefmomog.exe was found! No active process named zalwakk.exe was found! Registry key HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ deleted successfully. C:\Program Files\Ask.com\GenericAskToolbar.dll moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\ deleted successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{D4027C7F-154A-4066-A1AD-4243D8127440} deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}\ not found. File C:\Program Files\Ask.com\GenericAskToolbar.dll not found. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\mmwgjs deleted successfully. C:\WINDOWS\system32\maywnkxrqfptdijojbvw.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\qwmclafriprn deleted successfully. C:\Documents and Settings\!\Local Settings\Temp\yicwjclbwhnnturs.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\fivioaclz deleted successfully. C:\WINDOWS\system32\fqlguoyplxefmomog.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Run\\mmwgjs deleted successfully. C:\Documents and Settings\!\Local Settings\Temp\bqpogesnndotekmsohcew.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\tynckycndjk deleted successfully. C:\Documents and Settings\!\Local Settings\Temp\zmjgwsexvjsveiimgxq.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce\\zalwakk deleted successfully. C:\WINDOWS\system32\yicwjclbwhnnturs.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\ycqelyblaf deleted successfully. C:\WINDOWS\system32\zmjgwsexvjsveiimgxq.exe moved successfully. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\RunOnce\\zalwakk deleted successfully. File C:\Documents and Settings\!\Local Settings\Temp\zmjgwsexvjsveiimgxq.exe not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\oqcotefn deleted successfully. C:\WINDOWS\yicwjclbwhnnturs.exe moved successfully. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\\bajsu deleted successfully. File C:\DOCUME~1\!\LOCALS~1\Temp\bqpogesnndotekmsohcew.exe not found. Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully. Registry value HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System\\DisableRegistryTools deleted successfully. C:\AUTOEXEC.BAT moved successfully. C:\autorun.inf moved successfully. D:\autorun.inf moved successfully. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\ deleted successfully. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{367ad49e-05ac-11df-be33-001fc659768e}\ not found. File G:\fivioaclz.bat not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{367ad49e-05ac-11df-be33-001fc659768e}\ not found. File G:\pwneoekxpxaxa.bat not found. Registry key HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\ not found. Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{367ad49e-05ac-11df-be33-001fc659768e}\ not found. File G:\tynckycndjk.bat not found. C:\WINDOWS\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj moved successfully. C:\WINDOWS\system32\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj moved successfully. C:\Program Files\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj moved successfully. C:\Documents and Settings\!\Local Settings\Application Data\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj moved successfully. C:\WINDOWS\system32\bajsucafppkzukwmsvamoewpwwv.npx moved successfully. C:\WINDOWS\bajsucafppkzukwmsvamoewpwwv.npx moved successfully. C:\Program Files\bajsucafppkzukwmsvamoewpwwv.npx moved successfully. C:\Documents and Settings\!\Local Settings\Application Data\bajsucafppkzukwmsvamoewpwwv.npx moved successfully. C:\WINDOWS\system32\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv moved successfully. C:\WINDOWS\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv moved successfully. C:\Program Files\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv moved successfully. C:\Documents and Settings\!\Local Settings\Application Data\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv moved successfully. C:\WINDOWS\zmjgwsexvjsveiimgxq.exe moved successfully. File C:\WINDOWS\yicwjclbwhnnturs.exe not found. C:\WINDOWS\siiibaplmdpvhoryvploho.exe moved successfully. C:\WINDOWS\oawshcnfcpxzhkjmfv.exe moved successfully. C:\WINDOWS\maywnkxrqfptdijojbvw.exe moved successfully. C:\WINDOWS\fqlguoyplxefmomog.exe moved successfully. C:\WINDOWS\bqpogesnndotekmsohcew.exe moved successfully. C:\pwneoekxpxaxa.bat moved successfully. File C:\autorun.inf not found. C:\WINDOWS\system32\siiibaplmdpvhoryvploho.exe moved successfully. C:\WINDOWS\system32\bqpogesnndotekmsohcew.exe moved successfully. File C:\WINDOWS\System32\maywnkxrqfptdijojbvw.exe not found. File C:\WINDOWS\System32\zmjgwsexvjsveiimgxq.exe not found. File C:\WINDOWS\System32\yicwjclbwhnnturs.exe not found. C:\WINDOWS\system32\oawshcnfcpxzhkjmfv.exe moved successfully. C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job moved successfully. File C:\WINDOWS\System32\fqlguoyplxefmomog.exe not found. C:\WINDOWS\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx moved successfully. C:\WINDOWS\system32\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx moved successfully. C:\Program Files\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx moved successfully. C:\Documents and Settings\!\Local Settings\Application Data\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx moved successfully. C:\WINDOWS\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct moved successfully. C:\WINDOWS\system32\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct moved successfully. C:\Program Files\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct moved successfully. C:\Documents and Settings\!\Local Settings\Application Data\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct moved successfully. C:\fivioaclz.bat moved successfully. File C:\pwneoekxpxaxa.bat not found. C:\tynckycndjk.bat moved successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:5216CD26 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:DB77E2C4 deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:981349EA deleted successfully. ADS C:\Documents and Settings\All Users\Application Data\TEMP:12D2EB9C deleted successfully. ========== FILES ========== File\Folder C:\WINDOWS\system32\fqlguoyplxefmomog.exe not found. C:\Documents and Settings\!\Local Settings\Temp\zalwakk.exe moved successfully. C:\WINDOWS\SET1C.tmp moved successfully. C:\WINDOWS\SET1F.tmp moved successfully. C:\WINDOWS\SET2B.tmp moved successfully. C:\WINDOWS\SET3.tmp moved successfully. C:\WINDOWS\SET4.tmp moved successfully. C:\WINDOWS\SET8.tmp moved successfully. C:\WINDOWS\System32\CONFIG.TMP moved successfully. C:\Program Files\Ask.com folder moved successfully. C:\RECYCLER\S-1-5-21-1757981266-746137067-1801674531-1003 folder moved successfully. C:\RECYCLER folder moved successfully. D:\RECYCLER\S-1-5-21-854245398-515967899-1801674531-1004 folder moved successfully. D:\RECYCLER\S-1-5-21-1757981266-746137067-1801674531-1003 folder moved successfully. D:\RECYCLER folder moved successfully. ========== REGISTRY ========== Registry value HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List\\D:\BitComet\BitComet.exe deleted successfully. ========== COMMANDS ========== [EMPTYTEMP] User: ! ->Temp folder emptied: 379220967 bytes ->Temporary Internet Files folder emptied: 109659478 bytes ->FireFox cache emptied: 55166982 bytes ->Google Chrome cache emptied: 5876372 bytes User: All Users User: Default User ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes User: LocalService ->Temp folder emptied: 66016 bytes ->Temporary Internet Files folder emptied: 4928363 bytes User: NetworkService ->Temp folder emptied: 0 bytes ->Temporary Internet Files folder emptied: 33170 bytes %systemdrive% .tmp files removed: 0 bytes %systemroot% .tmp files removed: 0 bytes %systemroot%\System32 .tmp files removed: 0 bytes %systemroot%\System32\dllcache .tmp files removed: 0 bytes %systemroot%\System32\drivers .tmp files removed: 0 bytes Windows Temp folder emptied: 17328227 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 33679926 bytes %systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes RecycleBin emptied: 0 bytes Total Files Cleaned = 578,00 mb OTL by OldTimer - Version 3.1.25.3 log created on 01212010_143508 Files\Folders moved on Reboot... Registry entries deleted on Reboot...

  12. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Здравей ето това се получи след сканирането: OTL.Txt OTL logfile created on: 21.1.2010 г. 10:25:20 - Run 2 OTL by OldTimer - Version 3.1.25.3 Folder = C:\Documents and Settings\!\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 20,00 Gb Total Space | 3,82 Gb Free Space | 19,09% Space Free | Partition Type: NTFS Drive D: | 212,87 Gb Total Space | 111,52 Gb Free Space | 52,39% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-0CCED92A1A Current User Name: ! Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Processes (SafeList) ========== PRC - C:\Documents and Settings\!\Desktop\OTL.exe (OldTimer Tools) PRC - C:\WINDOWS\system32\fqlguoyplxefmomog.exe () PRC - C:\Documents and Settings\!\Local Settings\Temp\zalwakk.exe () PRC - C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) PRC - C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) PRC - C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) PRC - C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) PRC - C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) PRC - C:\WINDOWS\explorer.exe (Microsoft Corporation) PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe (Advanced Micro Devices Inc.) PRC - C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe (ATI Technologies Inc.) PRC - C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe () ========== Modules (SafeList) ========== MOD - C:\Documents and Settings\!\Desktop\OTL.exe (OldTimer Tools) ========== Win32 Services (SafeList) ========== SRV - (gupdate1ca8938d8592458) Услуга Google Update (gupdate1ca8938d8592458) -- C:\Program Files\Google\Update\GoogleUpdate.exe (Google Inc.) SRV - (getPlusHelper) getPlus® -- C:\Program Files\NOS\bin\getPlus_Helper.dll (NOS Microsystems Ltd.) SRV - (gusvc) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe (Google) SRV - (Ati HotKey Poller) -- C:\WINDOWS\system32\ati2evxx.exe (ATI Technologies Inc.) SRV - (ose) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (Microsoft Corporation) ========== Driver Services (SafeList) ========== DRV - (sptd) -- C:\WINDOWS\System32\Drivers\sptd.sys () DRV - (AtcL001) -- C:\WINDOWS\system32\drivers\l151x86.sys (Atheros Communications, Inc.) DRV - (ati2mtag) -- C:\WINDOWS\system32\drivers\ati2mtag.sys (ATI Technologies Inc.) DRV - (AtiHdmiService) -- C:\WINDOWS\system32\drivers\AtiHdmi.sys (ATI Research Inc.) DRV - (IntcAzAudAddService) Service for Realtek HD Audio (WDM) -- C:\WINDOWS\system32\drivers\RtkHDAud.sys (Realtek Semiconductor Corp.) DRV - (HDAudBus) -- C:\WINDOWS\system32\drivers\hdaudbus.sys (Windows ® Server 2003 DDK provider) DRV - (Secdrv) -- C:\WINDOWS\system32\drivers\secdrv.sys (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) DRV - (Ptilink) -- C:\WINDOWS\system32\drivers\ptilink.sys (Parallel Technologies, Inc.) DRV - (amdide) -- C:\WINDOWS\system32\DRIVERS\amdide.sys (Advanced Micro Devices) DRV - (DgiVecp) -- C:\WINDOWS\system32\drivers\DGIVECP.SYS (Samsung Electronics Co., Ltd.) DRV - (MTsensor) -- C:\WINDOWS\system32\drivers\ASACPI.sys () ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.google.com/ie'>http://www.google.com/ie IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://www.google.com IE - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = about:blank IE - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\S-1-5-21-1757981266-746137067-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 ========== FireFox ========== FF - prefs.js..browser.startup.homepage: "http://google.atcomet.com/b/" FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010.01.12 16:18:16 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Mozilla Firefox 3.5.7\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2010.01.12 16:18:15 | 00,000,000 | ---D | M] FF - HKLM\software\mozilla\Thunderbird\Extensions\\[email protected]: C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2009.12.04 11:04:11 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Mozilla\Extensions [2010.01.05 20:12:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\extensions [2009.12.07 13:33:17 | 00,000,000 | ---D | M] (BitComet Video Downloader) -- C:\Documents and Settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB} [2010.01.04 12:59:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\extensions\staged-xpis [2009.12.07 13:30:52 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\extensions\[email protected] [2009.09.02 14:52:02 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\!\Application Data\Mozilla\Firefox\Profiles\w0e6djt8.default\searchplugins\askcom.xml [2010.01.15 14:07:35 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox\extensions [2009.12.04 11:04:12 | 00,000,000 | ---D | M] (FlashGot) -- C:\Program Files\Mozilla Firefox\extensions\{19503e42-ca3c-4c27-b1e2-9cdb2170ee34} [2009.07.17 10:40:12 | 00,704,512 | ---- | M] (BitComet) -- C:\Program Files\Mozilla Firefox\plugins\npBitCometAgent.dll O1 HOSTS File: ([2008.04.14 14:00:00 | 00,000,734 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated) O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com) O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - D:\PROGRAMKI\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet) O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.4.4525.1752\swg.dll (Google Inc.) O2 - BHO: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com) O3 - HKLM\..\Toolbar: (no name) - - No CLSID value found. O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKLM\..\Toolbar: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O3 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.) O3 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\..\Toolbar\WebBrowser: (Ask Toolbar) - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll (Ask.com) O4 - HKLM..\Run: [Adobe ARM] C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated) O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\Alcmtr.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Google Quick Search Box] C:\Program Files\Google\Quick Search Box\GoogleQuickSearchBox.exe (Google Inc.) O4 - HKLM..\Run: [mmwgjs] C:\WINDOWS\System32\maywnkxrqfptdijojbvw.exe () O4 - HKLM..\Run: [qwmclafriprn] C:\Documents and Settings\!\Local Settings\Temp\yicwjclbwhnnturs.exe () O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.exe (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\ssmmgr.exe () O4 - HKLM..\Run: [startCCC] C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe (Advanced Micro Devices, Inc.) O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\Run: [bitComet] D:\PROGRAMKI\BitComet\BitComet.exe (www.BitComet.com) O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\Run: [fivioaclz] C:\WINDOWS\System32\fqlguoyplxefmomog.exe () O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\Run: [mmwgjs] C:\Documents and Settings\!\Local Settings\Temp\bqpogesnndotekmsohcew.exe () O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe (Google Inc.) O4 - HKLM..\RunOnce: [tynckycndjk] C:\Documents and Settings\!\Local Settings\Temp\zmjgwsexvjsveiimgxq.exe () O4 - HKLM..\RunOnce: [zalwakk] C:\WINDOWS\System32\yicwjclbwhnnturs.exe () O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\RunOnce: [ycqelyblaf] C:\WINDOWS\System32\zmjgwsexvjsveiimgxq.exe () O4 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003..\RunOnce: [zalwakk] C:\Documents and Settings\!\Local Settings\Temp\zmjgwsexvjsveiimgxq.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: oqcotefn = yicwjclbwhnnturs.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: bajsu = C:\DOCUME~1\!\LOCALS~1\Temp\bqpogesnndotekmsohcew.exe () O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableInstallerDetection = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableSecureUIAPaths = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 1 O7 - HKU\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 1 O8 - Extra context menu item: &D&ownload &with BitComet - D:\PROGRAMKI\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all video with BitComet - D:\PROGRAMKI\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &D&ownload all with BitComet - D:\PROGRAMKI\BitComet\BitComet.exe (www.BitComet.com) O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM () O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM () O8 - Extra context menu item: Google Sidewiki... - C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_60D6097707281E79.dll (Google Inc.) O9 - Extra 'Tools' menuitem : Skype add-on for Internet Explorer - {5067A26B-1337-4436-8AFE-EE169C2DA79F} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - D:\PROGRAMKI\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet) O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com) O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone. O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab (get_atlcom Class) O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\AtiExtEvent: DllName - Ati2evxx.dll - C:\WINDOWS\System32\ati2evxx.dll (ATI Technologies Inc.) O24 - Desktop WallPaper: C:\Documents and Settings\!\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O24 - Desktop BackupWallPaper: C:\Documents and Settings\!\Local Settings\Application Data\Microsoft\Wallpaper1.bmp O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.12.03 10:19:08 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O32 - AutoRun File - [2010.01.21 10:11:04 | 00,000,826 | RHS- | M] () - C:\autorun.inf -- [ NTFS ] O32 - AutoRun File - [2010.01.21 10:11:05 | 00,000,820 | RHS- | M] () - D:\autorun.inf -- [ NTFS ] O33 - MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\Shell\AutoRun\command - "" = G:\fivioaclz.bat -- File not found O33 - MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\Shell\explore\Command - "" = G:\pwneoekxpxaxa.bat -- File not found O33 - MountPoints2\{367ad49e-05ac-11df-be33-001fc659768e}\Shell\open\Command - "" = G:\tynckycndjk.bat -- File not found O34 - HKLM BootExecute: (autocheck autochk *) - File not found O34 - HKLM BootExecute: (MACHINE BootExecut) - File not found O35 - comfile [open] -- "%1" %* O35 - exefile [open] -- "%1" %* NetSvcs: 6to4 - File not found NetSvcs: Ias - C:\WINDOWS\system32\ias [2009.12.03 11:52:04 | 00,000,000 | ---D | M] NetSvcs: Iprip - File not found NetSvcs: Irmon - File not found NetSvcs: NWCWorkstation - File not found NetSvcs: Nwsapagent - File not found NetSvcs: WmdmPmSp - File not found ActiveX: {10072CEC-8CC1-11D1-986E-00A0C955B42F} - Vector Graphics Rendering (VML) ActiveX: {2179C5D3-EBFF-11CF-B6FD-00AA00B4E220} - NetShow ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 6.4 ActiveX: {283807B5-2C60-11D0-A31D-00AA00B92C03} - DirectAnimation ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll ActiveX: {36f8ec70-c29a-11d1-b5c7-0000f8051515} - Dynamic HTML Data Binding for Java ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack ActiveX: {3bf42070-b3b1-11d1-b5c5-0000f8051515} - Uniscribe ActiveX: {4278c270-a269-11d1-b5bf-0000f8051515} - Advanced Authoring ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:OE /CALLER:WINNT /user /install ActiveX: {44BBA842-CC51-11CF-AAFA-00AA00B6015B} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msnetmtg.inf,NetMtg.Install.PerUser.NT ActiveX: {44BBA848-CC51-11CF-AAFA-00AA00B6015C} - DirectShow ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help ActiveX: {4f216970-c90c-11d1-b5c7-0000f8051515} - DirectAnimation Java Classes ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.7 ActiveX: {5056b317-8d4c-43ee-8543-b9d1e234b8f4} - Security Update for Windows XP (KB923789) ActiveX: {5945c046-1e7d-11d1-bc44-00c04fd912be} - rundll32.exe advpack.dll,LaunchINFSection C:\WINDOWS\INF\msmsgs.inf,BLC.QuietInstall.PerUser ActiveX: {5A8D6EE0-3E18-11D0-821E-444553540000} - ICW ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access ActiveX: {7131646D-CD3C-40F4-97B9-CD9E4E6262EF} - .NET Framework ActiveX: {73FA19D0-2D75-11D2-995D-00C04F98BBC9} - Web Folders ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - "%ProgramFiles%\Outlook Express\setup50.exe" /APP:WAB /CALLER:WINNT /user /install ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\WINDOWS\system32\ie4uinit.exe -BaseSettings ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\WINDOWS\system32\Rundll32.exe C:\WINDOWS\system32\mscories.dll,Install ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding ActiveX: {ACC563BC-4266-43f0-B6ED-9D38C4202C7E} - ActiveX: {C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F} - .NET Framework ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts ActiveX: {CC2A9BA0-3BDD-11D0-821E-444553540000} - Task Scheduler ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker v2.1 ActiveX: {D27CDB6E-AE6D-11cf-96B8-444553540000} - Adobe Flash Player ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface ActiveX: <{12d0ed0d-0ee0-4f90-8827-78cefb8f4988} - C:\WINDOWS\system32\ieudinit.exe ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - C:\WINDOWS\inf\unregmp2.exe /ShowWMP ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\WINDOWS\system32\ie4uinit.exe -UserIconConfig ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\WINDOWS\system32\rundll32.exe" "C:\WINDOWS\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF}MICROS - RunDLL32 IEDKCS32.DLL,BrandIE4 SIGNUP ActiveX: >{881dd1c5-3dcf-431b-b061-f3f88e8be88a} - %systemroot%\system32\shmgrate.exe OCInstallUserConfigOE Drivers32: msacm.ac3acm - C:\WINDOWS\System32\ac3acm.acm (fccHandler) Drivers32: msacm.iac2 - C:\WINDOWS\system32\iac25_32.ax (Intel Corporation) Drivers32: msacm.l3acm - C:\WINDOWS\system32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS) Drivers32: msacm.lameacm - C:\WINDOWS\System32\lameACM.acm (http://www.mp3dev.org/) Drivers32: msacm.sl_anet - C:\WINDOWS\System32\sl_anet.acm (Sipro Lab Telecom Inc.) Drivers32: msacm.trspch - C:\WINDOWS\System32\tssoft32.acm (DSP GROUP, INC.) Drivers32: vidc.cvid - C:\WINDOWS\System32\iccvid.dll (Radius Inc.) Drivers32: VIDC.DIVX - C:\WINDOWS\System32\divx.dll (DivX, Inc.) Drivers32: VIDC.FFDS - C:\WINDOWS\System32\ff_vfw.dll () Drivers32: vidc.iv31 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv32 - C:\WINDOWS\System32\ir32_32.dll () Drivers32: vidc.iv41 - C:\WINDOWS\System32\ir41_32.ax (Intel Corporation) Drivers32: vidc.iv50 - C:\WINDOWS\System32\ir50_32.dll (Intel Corporation) Drivers32: VIDC.XVID - C:\WINDOWS\System32\xvidvfw.dll () Drivers32: VIDC.YV12 - C:\WINDOWS\System32\yv12vfw.dll (www.helixcommunity.org) ========== Files/Folders - Created Within 30 Days ========== [2010.01.21 10:23:40 | 00,000,000 | ---D | C] -- C:\_OTL [2010.01.21 10:18:31 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\probi [2010.01.21 10:15:18 | 00,546,816 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\!\Desktop\OTL.exe [2010.01.20 22:19:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\LogFiles [2010.01.20 21:03:55 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Panda Software [2010.01.19 21:10:02 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\Ice.Age.Dawn.of.the.Dinosaurs.2009.CAM.XViD.BGAUDIO-CheFo [2010.01.18 17:18:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\URSE Games [2010.01.18 17:17:26 | 65,102,450 | ---- | C] (Adventurersbg.info ) -- C:\Documents and Settings\!\Desktop\Kellie Stanford - Turn of Fate - BG.exe [2010.01.17 21:27:46 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\The.Da.Vinci.Code[2006]DvDrip[Eng]-aXXo [2010.01.17 19:51:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\Ice Age - BG Audio [2010.01.14 16:07:03 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Virtual Prophecy [2010.01.13 16:35:43 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Dragon Altar Games [2010.01.13 15:42:38 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Aisle 5 Games, Inc [2010.01.13 15:41:23 | 00,000,000 | ---D | C] -- C:\WINDOWS\G.H.O.S.T Chronicles - Phantom of the Renaissance Faire [2010.01.12 21:14:09 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\FLASHKA [2010.01.12 19:32:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Local Settings\Application Data\Game Mill Files [2010.01.12 19:04:14 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\New Folder [2010.01.12 16:46:28 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\TitanicMystery [2010.01.11 19:08:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Desktop\astrea [2010.01.11 18:04:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Gogii [2010.01.11 18:03:11 | 00,000,000 | ---D | C] -- C:\Program Files\ReflexiveArcade [2010.01.07 16:29:44 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\YoudaGames [2010.01.07 14:52:37 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Artogon [2010.01.06 23:26:40 | 00,000,000 | ---D | C] -- C:\Program Files\NOS [2010.01.06 23:26:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\NOS [2010.01.06 17:15:40 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Orneon [2010.01.05 23:44:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Go-Go Gourmet Chef of the Year [2010.01.05 22:43:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\JollyBear [2010.01.05 22:43:22 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Local Settings\Application Data\JollyBear [2010.01.05 22:42:25 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Oberon Media [2010.01.05 22:05:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Merscom [2010.01.05 22:05:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Merscom [2010.01.05 20:52:59 | 00,000,000 | ---D | C] -- C:\Program Files\Microids [2010.01.05 14:28:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2010.01.05 14:28:13 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\PlayFirst [2010.01.03 19:30:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\Media Player Classic [2009.12.30 15:58:00 | 00,000,000 | -H-D | C] -- C:\WINDOWS\PIF [2009.12.30 12:25:00 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Google [2009.12.30 12:14:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Google [2009.12.30 12:14:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Application Data\skypePM [2009.12.30 12:13:51 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Skype [2009.12.22 21:40:21 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\sentinel [2009.12.22 21:39:00 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Local Settings\Application Data\Panda Software [2009.12.22 21:37:36 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\Panda Software [2009.12.22 21:33:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Macromedia [2009.12.22 21:33:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Adobe [2009.12.22 21:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Local Settings\Application Data\Microsoft [2009.12.22 21:33:10 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data\Google [2009.12.22 12:51:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\!\Local Settings\Application Data\Identities [2009.12.03 10:21:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Local Settings\Application Data\Microsoft [2009.12.03 10:19:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\NetworkService\Application Data\Microsoft [2009.12.03 10:19:06 | 00,000,000 | --SD | M] -- C:\Documents and Settings\LocalService\Application Data\Microsoft [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files - Modified Within 30 Days ========== [2010.01.21 10:25:30 | 00,002,408 | -H-- | M] () -- C:\WINDOWS\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.21 10:25:30 | 00,002,408 | -H-- | M] () -- C:\WINDOWS\System32\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.21 10:25:30 | 00,002,408 | -H-- | M] () -- C:\Program Files\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.21 10:25:30 | 00,002,408 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.21 10:25:30 | 00,000,280 | -H-- | M] () -- C:\WINDOWS\System32\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.21 10:25:30 | 00,000,280 | -H-- | M] () -- C:\WINDOWS\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.21 10:25:30 | 00,000,280 | -H-- | M] () -- C:\Program Files\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.21 10:25:30 | 00,000,280 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.21 10:25:01 | 00,000,316 | -H-- | M] () -- C:\WINDOWS\System32\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.21 10:25:01 | 00,000,316 | -H-- | M] () -- C:\WINDOWS\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.21 10:25:01 | 00,000,316 | -H-- | M] () -- C:\Program Files\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.21 10:25:01 | 00,000,316 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.21 10:25:00 | 00,001,044 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\zmjgwsexvjsveiimgxq.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\yicwjclbwhnnturs.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\siiibaplmdpvhoryvploho.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\oawshcnfcpxzhkjmfv.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\maywnkxrqfptdijojbvw.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\fqlguoyplxefmomog.exe [2010.01.21 10:24:36 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\bqpogesnndotekmsohcew.exe [2010.01.21 10:15:55 | 00,002,497 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office Word 2003.lnk [2010.01.21 10:15:21 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\!\Desktop\OTL.exe [2010.01.21 10:14:42 | 00,530,930 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI [2010.01.21 10:14:42 | 00,447,614 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat [2010.01.21 10:14:42 | 00,073,596 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat [2010.01.21 10:11:04 | 00,577,536 | RHS- | M] () -- C:\pwneoekxpxaxa.bat [2010.01.21 10:11:04 | 00,000,826 | RHS- | M] () -- C:\autorun.inf [2010.01.21 10:10:44 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2010.01.21 10:10:31 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\siiibaplmdpvhoryvploho.exe [2010.01.21 10:10:31 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\bqpogesnndotekmsohcew.exe [2010.01.21 10:10:30 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\maywnkxrqfptdijojbvw.exe [2010.01.21 10:10:29 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\zmjgwsexvjsveiimgxq.exe [2010.01.21 10:10:28 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\yicwjclbwhnnturs.exe [2010.01.21 10:10:26 | 00,001,040 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2010.01.21 10:10:25 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2010.01.21 10:10:24 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2010.01.21 10:07:40 | 00,000,414 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{C92D3F70-81D1-4578-85AB-90349F363915}.job [2010.01.21 10:04:25 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\oawshcnfcpxzhkjmfv.exe [2010.01.21 00:01:00 | 00,000,226 | ---- | M] () -- C:\WINDOWS\tasks\Scheduled Update for Ask Toolbar.job [2010.01.20 22:52:36 | 00,002,265 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2010.01.20 22:52:12 | 00,577,536 | RHS- | M] () -- C:\WINDOWS\System32\fqlguoyplxefmomog.exe [2010.01.20 22:13:25 | 04,456,448 | -H-- | M] () -- C:\Documents and Settings\!\NTUSER.DAT [2010.01.20 22:13:25 | 00,000,178 | -HS- | M] () -- C:\Documents and Settings\!\ntuser.ini [2010.01.20 20:49:45 | 00,000,073 | -H-- | M] () -- C:\WINDOWS\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | M] () -- C:\WINDOWS\System32\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | M] () -- C:\Program Files\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:48:18 | 00,004,248 | -H-- | M] () -- C:\WINDOWS\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | M] () -- C:\WINDOWS\System32\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | M] () -- C:\Program Files\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:16:45 | 00,038,489 | ---- | M] () -- C:\Documents and Settings\!\Desktop\_eml.zip [2010.01.19 22:09:15 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2010.01.19 22:09:06 | 00,015,360 | ---- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2010.01.19 15:31:09 | 00,303,824 | ---- | M] () -- C:\Documents and Settings\!\Desktop\matematika.zip [2010.01.19 15:25:32 | 00,002,495 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Microsoft Office Excel 2003.lnk [2010.01.18 17:18:34 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Кели Станфорд - Обратът на Съдбата.lnk [2010.01.18 17:17:38 | 65,102,450 | ---- | M] (Adventurersbg.info ) -- C:\Documents and Settings\!\Desktop\Kellie Stanford - Turn of Fate - BG.exe [2010.01.17 19:49:45 | 00,013,093 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Ice Age - BG Audio-[rarbg.com].torrent [2010.01.15 16:51:17 | 04,412,818 | -H-- | M] () -- C:\Documents and Settings\!\Local Settings\Application Data\IconCache.db [2010.01.15 13:45:43 | 00,055,454 | ---- | M] () -- C:\Documents and Settings\!\Desktop\31_12_2009.zip [2010.01.14 16:06:58 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Mishap An Accidental Haunting.lnk [2010.01.14 14:09:38 | 00,000,554 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\BitComet.lnk [2010.01.13 19:09:44 | 00,001,374 | ---- | M] () -- C:\WINDOWS\imsins.BAK [2010.01.13 15:42:33 | 00,004,096 | ---- | M] () -- C:\WINDOWS\d3dx.dat [2010.01.12 16:18:18 | 00,001,602 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Mozilla Firefox.lnk [2010.01.05 20:21:25 | 00,000,231 | ---- | M] () -- C:\WINDOWS\system.ini [2009.12.30 12:14:44 | 00,001,813 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2009.12.30 12:14:09 | 00,000,056 | -H-- | M] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.12.30 00:01:01 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Диети и Отслабване.doc [2009.12.22 21:41:08 | 00,000,630 | ---- | M] () -- C:\WINDOWS\win.ini [2009.12.22 21:30:00 | 00,002,577 | ---- | M] () -- C:\WINDOWS\System32\CONFIG.NT [6 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ] [1 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ] ========== Files Created - No Company Name ========== [2010.01.20 20:49:56 | 00,002,408 | -H-- | C] () -- C:\WINDOWS\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.20 20:49:56 | 00,002,408 | -H-- | C] () -- C:\WINDOWS\System32\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.20 20:49:56 | 00,002,408 | -H-- | C] () -- C:\Program Files\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.20 20:49:56 | 00,002,408 | -H-- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\tcvoasapjtyxccyyobqmyyaduengzldlaueji.njj [2010.01.20 20:49:45 | 00,000,316 | -H-- | C] () -- C:\WINDOWS\System32\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.20 20:49:45 | 00,000,316 | -H-- | C] () -- C:\WINDOWS\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.20 20:49:45 | 00,000,316 | -H-- | C] () -- C:\Program Files\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.20 20:49:45 | 00,000,316 | -H-- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\oawshcnfcpxzhkjmfvnmbejpjwieapkvnkxfhpsr.ndv [2010.01.20 20:49:45 | 00,000,073 | -H-- | C] () -- C:\WINDOWS\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | C] () -- C:\WINDOWS\System32\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | C] () -- C:\Program Files\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:49:45 | 00,000,073 | -H-- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\zmjgwsexvjsveiimgxqqgkqxsgtqndzlecqzclppt.exx [2010.01.20 20:48:54 | 00,000,826 | RHS- | C] () -- C:\autorun.inf [2010.01.20 20:48:18 | 00,004,248 | -H-- | C] () -- C:\WINDOWS\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | C] () -- C:\WINDOWS\System32\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | C] () -- C:\Program Files\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,004,248 | -H-- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\yicwjclbwhnntursjxnkxybfxismgtmvlgrxxd.bct [2010.01.20 20:48:18 | 00,000,280 | -H-- | C] () -- C:\WINDOWS\System32\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.20 20:48:18 | 00,000,280 | -H-- | C] () -- C:\WINDOWS\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.20 20:48:18 | 00,000,280 | -H-- | C] () -- C:\Program Files\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.20 20:48:18 | 00,000,280 | -H-- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\bajsucafppkzukwmsvamoewpwwv.npx [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\zmjgwsexvjsveiimgxq.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\zmjgwsexvjsveiimgxq.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\yicwjclbwhnnturs.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\yicwjclbwhnnturs.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\siiibaplmdpvhoryvploho.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\siiibaplmdpvhoryvploho.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\oawshcnfcpxzhkjmfv.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\oawshcnfcpxzhkjmfv.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\maywnkxrqfptdijojbvw.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\maywnkxrqfptdijojbvw.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\fqlguoyplxefmomog.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\fqlguoyplxefmomog.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\System32\bqpogesnndotekmsohcew.exe [2010.01.20 20:48:09 | 00,577,536 | RHS- | C] () -- C:\WINDOWS\bqpogesnndotekmsohcew.exe [2010.01.20 20:16:45 | 00,038,489 | ---- | C] () -- C:\Documents and Settings\!\Desktop\_eml.zip [2010.01.19 15:28:33 | 00,303,824 | ---- | C] () -- C:\Documents and Settings\!\Desktop\matematika.zip [2010.01.18 17:18:34 | 00,000,721 | ---- | C] () -- C:\Documents and Settings\!\Desktop\Кели Станфорд - Обратът на Съдбата.lnk [2010.01.17 19:48:38 | 00,013,093 | ---- | C] () -- C:\Documents and Settings\!\Desktop\Ice Age - BG Audio-[rarbg.com].torrent [2010.01.15 15:40:54 | 00,000,793 | ---- | C] () -- C:\Documents and Settings\!\Desktop\Mishap An Accidental Haunting.lnk [2010.01.15 13:45:41 | 00,055,454 | ---- | C] () -- C:\Documents and Settings\!\Desktop\31_12_2009.zip [2010.01.13 15:42:33 | 00,004,096 | ---- | C] () -- C:\WINDOWS\d3dx.dat [2009.12.30 12:20:16 | 00,001,044 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job [2009.12.30 12:20:15 | 00,001,040 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job [2009.12.30 12:14:44 | 00,001,813 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Google Chrome.lnk [2009.12.30 12:14:09 | 00,000,056 | -H-- | C] () -- C:\WINDOWS\System32\ezsidmv.dat [2009.12.30 00:01:01 | 00,048,640 | ---- | C] () -- C:\Documents and Settings\!\Desktop\Диети и Отслабване.doc [2009.12.22 21:07:58 | 00,015,360 | ---- | C] () -- C:\Documents and Settings\!\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.12.16 18:54:48 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.12.08 14:22:24 | 00,008,891 | ---- | C] () -- C:\Documents and Settings\!\Application Data\SmarThruOptions.xml [2009.12.08 14:22:13 | 00,163,840 | ---- | C] () -- C:\WINDOWS\System32\SecSNMP.dll [2009.12.08 14:22:00 | 00,000,124 | ---- | C] () -- C:\WINDOWS\Readiris.ini [2009.12.08 14:21:57 | 00,023,040 | ---- | C] () -- C:\WINDOWS\System32\irisco32.dll [2009.12.04 11:08:12 | 00,685,816 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009.12.04 11:05:45 | 00,000,376 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009.12.04 11:04:29 | 00,000,110 | ---- | C] () -- C:\Program Files\setup.cmd [2009.12.04 11:01:35 | 00,178,176 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.12.04 11:01:34 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009.12.04 11:01:28 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009.12.04 11:01:28 | 00,881,664 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009.12.04 11:01:28 | 00,205,824 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009.12.04 11:01:24 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009.12.04 11:01:23 | 00,085,504 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009.12.03 17:43:52 | 00,005,810 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys [2006.08.16 05:05:50 | 00,049,152 | ---- | C] () -- C:\WINDOWS\System32\WIASTIIO.dll [2006.08.16 05:05:48 | 00,106,496 | ---- | C] () -- C:\WINDOWS\System32\WIAIPH.dll [2006.08.16 05:05:48 | 00,081,920 | ---- | C] () -- C:\WINDOWS\System32\WIAEH.dll [2006.08.16 05:05:48 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\Sswiadrv.dll [2003.01.07 15:05:08 | 00,002,695 | ---- | C] () -- C:\WINDOWS\System32\OUTLPERF.INI ========== LOP Check ========== [2010.01.13 15:42:38 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Aisle 5 Games, Inc [2010.01.07 14:52:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Artogon [2009.12.06 19:11:46 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Auslogics [2010.01.08 01:35:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Big Fish Games [2009.12.22 21:21:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\BSplayer PRO [2009.12.12 15:27:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\casanova [2009.12.10 15:44:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\ChaYoWo Games [2009.12.07 13:35:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\CometNetwork [2010.01.13 16:35:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Dragon Altar Games [2010.01.06 00:43:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\ERS G-Studio [2010.01.05 23:44:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Go-Go Gourmet Chef of the Year [2009.12.15 14:22:09 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\IronCode [2009.12.20 16:55:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Meridian93 [2010.01.05 22:05:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Merscom [2010.01.06 17:15:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Orneon [2010.01.05 14:28:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\PlayFirst [2009.12.08 14:22:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\SmarThru4 [2010.01.12 16:46:59 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\TitanicMystery [2009.12.17 16:57:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\TMInc [2010.01.18 17:18:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\URSE Games [2010.01.11 19:43:39 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\uTorrent [2009.12.10 11:44:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\V-Games [2010.01.14 16:07:03 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\Virtual Prophecy [2010.01.07 16:29:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Application Data\YoudaGames [2009.12.17 16:55:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AlawarGameBox [2009.12.03 17:33:12 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESET [2010.01.11 18:04:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Gogii [2010.01.05 22:43:22 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\JollyBear [2010.01.05 22:05:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Merscom [2010.01.05 14:28:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PlayFirst [2009.12.22 21:40:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\sentinel [2010.01.08 01:28:19 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2010.01.21 00:01:00 | 00,000,226 | ---- | M] () -- C:\WINDOWS\Tasks\Scheduled Update for Ask Toolbar.job [2010.01.21 10:07:40 | 00,000,414 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{C92D3F70-81D1-4578-85AB-90349F363915}.job ========== Purity Check ========== ========== Custom Scans ========== < %SYSTEMDRIVE%\*.* > [2009.12.03 10:19:08 | 00,000,000 | ---- | M] () -- C:\AUTOEXEC.BAT [2010.01.21 10:11:04 | 00,000,826 | RHS- | M] () -- C:\autorun.inf [2009.12.03 10:14:35 | 00,000,211 | -HS- | M] () -- C:\boot.ini [2009.12.03 10:19:08 | 00,000,000 | ---- | M] () -- C:\CONFIG.SYS [2009.02.19 06:09:24 | 00,577,536 | RHS- | M] () -- C:\fivioaclz.bat [2009.12.03 10:19:08 | 00,000,000 | RHS- | M] () -- C:\IO.SYS [2009.12.03 10:19:08 | 00,000,000 | RHS- | M] () -- C:\MSDOS.SYS [2008.04.14 14:00:00 | 00,047,564 | RHS- | M] () -- C:\NTDETECT.COM [2008.04.14 14:00:00 | 00,250,048 | RHS- | M] () -- C:\ntldr [2010.01.21 10:10:17 | 21,453,86496 | -HS- | M] () -- C:\pagefile.sys [2010.01.21 10:11:04 | 00,577,536 | RHS- | M] () -- C:\pwneoekxpxaxa.bat [2007.07.14 02:03:08 | 00,301,090 | ---- | M] () -- C:\Toolbar_Install.bmp [2009.02.16 06:03:45 | 00,577,536 | RHS- | M] () -- C:\tynckycndjk.bat < MD5 for: AGP440.SYS > [2008.04.14 14:00:00 | 20,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:AGP440.sys < MD5 for: ATAPI.SYS > [2008.04.14 14:00:00 | 20,056,462 | ---- | M] () .cab file -- C:\WINDOWS\Driver Cache\i386\sp3.cab:atapi.sys [2008.04.14 14:00:00 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\drivers\atapi.sys [2008.04.14 14:00:00 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0000\DriverFiles\i386\atapi.sys [2008.04.14 14:00:00 | 00,096,512 | ---- | M] (Microsoft Corporation) MD5=9F3A2F5AA6875C72BF062C712CFA2674 -- C:\WINDOWS\system32\ReinstallBackups\0001\DriverFiles\i386\atapi.sys < MD5 for: EVENTLOG.DLL > [2008.04.14 14:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\dllcache\eventlog.dll [2008.04.14 14:00:00 | 00,056,320 | ---- | M] (Microsoft Corporation) MD5=6D4FEB43EE538FC5428CC7F0565AA656 -- C:\WINDOWS\system32\eventlog.dll < MD5 for: NETLOGON.DLL > [2008.04.14 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\dllcache\netlogon.dll [2008.04.14 14:00:00 | 00,407,040 | ---- | M] (Microsoft Corporation) MD5=1B7F071C51B77C272875C3A23E1E4550 -- C:\WINDOWS\system32\netlogon.dll < MD5 for: SCECLI.DLL > [2008.04.14 14:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\dllcache\scecli.dll [2008.04.14 14:00:00 | 00,181,248 | ---- | M] (Microsoft Corporation) MD5=A86BB5E61BF3E39B62AB4C7E7085A084 -- C:\WINDOWS\system32\scecli.dll < %systemroot%\*. /mp /s > < %systemroot%\system32\*.dll /lockedfiles > [2008.06.25 10:11:26 | 00,421,888 | ---- | M] (Advanced Micro Devices, Inc.) Unable to obtain MD5 -- C:\WINDOWS\system32\ATIDEMGX.dll [2009.03.08 04:31:44 | 00,348,160 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtmsft.dll [2009.03.08 04:31:38 | 00,216,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\system32\dxtrans.dll [1 C:\WINDOWS\system32\*.tmp files -> C:\WINDOWS\system32\*.tmp -> ] < %systemroot%\Tasks\*.job /lockedfiles > < %PROGRAMFILES%\*. > [2009.12.08 10:47:45 | 00,000,000 | ---D | M] -- C:\Program Files\Adobe [2009.12.17 18:00:27 | 00,000,000 | ---D | M] -- C:\Program Files\Alawar [2009.12.08 18:33:06 | 00,000,000 | ---D | M] -- C:\Program Files\Alwil Software [2009.12.07 13:30:54 | 00,000,000 | ---D | M] -- C:\Program Files\Ask.com [2009.12.04 10:55:38 | 00,000,000 | ---D | M] -- C:\Program Files\ATI Technologies [2009.12.04 11:01:19 | 00,000,000 | ---D | M] -- C:\Program Files\Auslogics [2010.01.20 21:10:33 | 00,000,000 | ---D | M] -- C:\Program Files\Common Files [2009.12.03 10:16:25 | 00,000,000 | ---D | M] -- C:\Program Files\ComPlus Applications [2009.12.04 11:09:28 | 00,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools [2010.01.20 22:14:11 | 00,000,000 | ---D | M] -- C:\Program Files\ESET [2010.01.21 10:17:30 | 00,000,000 | ---D | M] -- C:\Program Files\FlashGet [2009.12.30 12:14:48 | 00,000,000 | ---D | M] -- C:\Program Files\Google [2010.01.20 21:04:52 | 00,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information [2009.12.20 16:19:03 | 00,000,000 | ---D | M] -- C:\Program Files\Internet Explorer [2009.12.04 11:01:41 | 00,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack [2009.12.10 23:20:49 | 00,000,000 | ---D | M] -- C:\Program Files\KONAMI [2009.12.04 09:30:55 | 00,000,000 | ---D | M] -- C:\Program Files\Messenger [2010.01.05 21:16:29 | 00,000,000 | ---D | M] -- C:\Program Files\Microids [2009.12.04 11:05:14 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft ActiveSync [2009.12.03 10:19:25 | 00,000,000 | ---D | M] -- C:\Program Files\microsoft frontpage [2009.12.04 11:04:57 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft Office [2009.12.04 11:04:40 | 00,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET [2009.12.03 10:17:28 | 00,000,000 | ---D | M] -- C:\Program Files\Movie Maker [2010.01.20 22:24:10 | 00,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox [2009.12.07 00:05:38 | 00,000,000 | ---D | M] -- C:\Program Files\MSBuild [2009.12.03 10:15:29 | 00,000,000 | ---D | M] -- C:\Program Files\MSN [2009.12.03 10:16:06 | 00,000,000 | ---D | M] -- C:\Program Files\MSN Gaming Zone [2009.12.09 23:47:27 | 00,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0 [2009.12.04 11:03:13 | 00,000,000 | ---D | M] -- C:\Program Files\Nero [2009.12.03 10:17:42 | 00,000,000 | ---D | M] -- C:\Program Files\NetMeeting [2010.01.06 23:26:40 | 00,000,000 | ---D | M] -- C:\Program Files\NOS [2009.12.03 10:16:15 | 00,000,000 | ---D | M] -- C:\Program Files\Online Services [2009.12.04 09:28:38 | 00,000,000 | ---D | M] -- C:\Program Files\Outlook Express [2009.12.08 14:22:00 | 00,000,000 | ---D | M] -- C:\Program Files\Readiris10 [2009.12.03 17:32:24 | 00,000,000 | ---D | M] -- C:\Program Files\Realtek [2009.12.07 00:05:34 | 00,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies [2010.01.11 18:03:11 | 00,000,000 | ---D | M] -- C:\Program Files\ReflexiveArcade [2009.12.08 14:19:03 | 00,000,000 | ---D | M] -- C:\Program Files\SAMSUNG [2009.12.30 12:13:58 | 00,000,000 | R--D | M] -- C:\Program Files\Skype [2009.12.08 14:22:24 | 00,000,000 | ---D | M] -- C:\Program Files\SmarThru 4 [2009.12.03 10:23:57 | 00,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information [2009.12.04 11:04:29 | 00,000,000 | ---D | M] -- C:\Program Files\Winamp [2009.12.03 10:19:08 | 00,000,000 | ---D | M] -- C:\Program Files\Windows Media Player [2009.12.03 10:15:58 | 00,000,000 | ---D | M] -- C:\Program Files\Windows NT [2009.12.03 10:18:12 | 00,000,000 | -H-D | M] -- C:\Program Files\WindowsUpdate [2009.12.04 11:08:59 | 00,000,000 | ---D | M] -- C:\Program Files\WinRAR [2009.12.03 10:19:25 | 00,000,000 | ---D | M] -- C:\Program Files\xerox < %userprofile%\Desktop\*.* > [2010.01.15 13:45:43 | 00,055,454 | ---- | M] () -- C:\Documents and Settings\!\Desktop\31_12_2009.zip [2009.12.04 11:01:20 | 00,000,801 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Auslogics Disk Defrag.lnk [2010.01.21 10:23:43 | 00,039,138 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Extras.Txt [2009.12.04 11:01:44 | 00,000,682 | ---- | M] () -- C:\Documents and Settings\!\Desktop\FlashGet.lnk [2010.01.17 19:49:45 | 00,013,093 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Ice Age - BG Audio-[rarbg.com].torrent [2010.01.18 17:17:38 | 65,102,450 | ---- | M] (Adventurersbg.info ) -- C:\Documents and Settings\!\Desktop\Kellie Stanford - Turn of Fate - BG.exe [2010.01.19 15:31:09 | 00,303,824 | ---- | M] () -- C:\Documents and Settings\!\Desktop\matematika.zip [2010.01.14 16:06:58 | 00,000,793 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Mishap An Accidental Haunting.lnk [2009.12.04 11:03:42 | 00,000,678 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Nero Burning ROM.lnk [2010.01.21 10:15:21 | 00,546,816 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\!\Desktop\OTL.exe [2010.01.21 10:23:42 | 00,168,034 | ---- | M] () -- C:\Documents and Settings\!\Desktop\OTL.Txt [2009.12.04 11:04:30 | 00,000,654 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Winamp.lnk [2010.01.20 20:16:45 | 00,038,489 | ---- | M] () -- C:\Documents and Settings\!\Desktop\_eml.zip [2009.12.30 00:01:01 | 00,048,640 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Диети и Отслабване.doc [2010.01.18 17:18:34 | 00,000,721 | ---- | M] () -- C:\Documents and Settings\!\Desktop\Кели Станфорд - Обратът на Съдбата.lnk < %userprofile%\Desktop\*. > [2010.01.12 14:25:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\astrea [2010.01.12 21:17:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\FLASHKA [2010.01.17 20:10:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\Ice Age - BG Audio [2010.01.19 22:06:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\Ice.Age.Dawn.of.the.Dinosaurs.2009.CAM.XViD.BGAUDIO-CheFo [2010.01.11 20:20:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\kari [2010.01.19 15:22:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\New Folder [2010.01.21 10:18:50 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\probi [2010.01.17 21:28:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\!\Desktop\The.Da.Vinci.Code[2006]DvDrip[Eng]-aXXo < HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs > HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2010-01-13 17:09:49 ========== Alternate Data Streams ========== @Alternate Data Stream - 126 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:5216CD26 @Alternate Data Stream - 120 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DB77E2C4 @Alternate Data Stream - 113 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:981349EA @Alternate Data Stream - 108 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:12D2EB9C < End of report > Extras.Txt OTL Extras logfile created on: 21.1.2010 г. 10:25:20 - Run 2 OTL by OldTimer - Version 3.1.25.3 Folder = C:\Documents and Settings\!\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 8.0.6001.18702) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,00 Gb Available Physical Memory | 71,00% Memory free 4,00 Gb Paging File | 3,00 Gb Available in Paging File | 89,00% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 20,00 Gb Total Space | 3,82 Gb Free Space | 19,09% Space Free | Partition Type: NTFS Drive D: | 212,87 Gb Total Space | 111,52 Gb Free Space | 52,39% Space Free | Partition Type: NTFS E: Drive not present or media not loaded F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: USER-0CCED92A1A Current User Name: ! Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: On Skip Microsoft Files: On File Age = 30 Days Output = Minimal ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation) [HKEY_USERS\S-1-5-21-1757981266-746137067-1801674531-1003\SOFTWARE\Classes\<extension>] .html [@ = htmlfile] -- Reg Error: Key error. File not found ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* cmdfile [open] -- "%1" %* comfile [open] -- "%1" %* exefile [open] -- "%1" %* htmlfile [edit] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\OFFICE11\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S txtfile [edit] -- Reg Error: Key error. Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1 Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusDisableNotify" = 1 "FirewallDisableNotify" = 1 "UpdatesDisableNotify" = 1 "AntiVirusOverride" = 0 "FirewallOverride" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] "DisableMonitoring" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "EnableFirewall" = 1 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "25403:TCP" = 25403:TCP:*:Enabled:BitComet 25403 TCP "25403:UDP" = 25403:UDP:*:Enabled:BitComet 25403 UDP "1900:UDP" = 1900:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "C:\Program Files\FlashGet\FlashGet.exe" = C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget -- (FlashGet.com) "D:\BitComet\BitComet.exe" = D:\BitComet\BitComet.exe:*:Enabled:BitComet.exe -- File not found "D:\PROGRAMKI\BitComet\BitComet.exe" = D:\PROGRAMKI\BitComet\BitComet.exe:*:Enabled:BitComet -- (www.BitComet.com) "C:\Program Files\Skype\Plugin Manager\skypePM.exe" = C:\Program Files\Skype\Plugin Manager\skypePM.exe:*:Enabled:Skype Extras Manager -- (Skype Technologies) "D:\utorrent.exe" = D:\utorrent.exe:*:Enabled:µTorrent -- (BitTorrent, Inc.) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{03E256CC-9C17-16AE-CA3E-8285D3B29674}" = Catalyst Control Center Localization Dutch "{04E6C9A8-05A7-ED51-6004-D51DCB0F6C3C}" = CCC Help Russian "{055EE59D-217B-43A7-ABFF-507B966405D8}" = ATI Catalyst Control Center "{0BD0239E-4BF7-AADE-BF65-15591AD85E7E}" = Catalyst Control Center Localization French "{1131DBA1-6C25-AD3F-8466-76A6D0F18D86}" = Catalyst Control Center Localization Czech "{1289965E-A50A-759C-C365-2062F94CD55C}" = ccc-utility "{14D08502-FEE4-40E5-90D3-8A967A1D8BA2}" = Readiris Pro 10 "{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer "{1D2D8F2F-C012-98B1-155B-BE08FE7A944D}" = CCC Help Korean "{231731CD-27FF-DAF9-16CD-4EB28CE747DA}" = CCC Help Greek "{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer "{2675DE6E-4083-9491-14A1-AA99E3F126EA}" = Skins "{3100925A-26D6-E406-BB72-0ECE1BD44798}" = Catalyst Control Center Localization Japanese "{31CD452E-9415-7244-07EE-0DDD20C54326}" = CCC Help Czech "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{37099F28-2B3D-5BB8-4634-A513B85B7B54}" = Catalyst Control Center Localization Swedish "{376F7462-36DA-F929-3329-86CD85076974}" = Catalyst Control Center Localization Chinese Standard "{3A398E1C-BB28-5396-B3FE-76C35A302A2F}" = Catalyst Control Center Localization German "{3B0EC1C1-7A64-D405-3374-CE893AFA7597}" = CCC Help Finnish "{469BFD44-46D4-5A50-2B39-2662158361E5}" = CCC Help Danish "{4A44F3B9-A208-5457-24E6-448C88A329DA}" = CCC Help Japanese "{4E25D959-1080-2CB3-5408-AD88CE1D22F4}" = Catalyst Control Center Core Implementation "{53CA7C0D-3D10-E53E-6FE6-8CEA4170D659}" = Catalyst Control Center Graphics Full Existing "{541DEAC0-5F3D-45E6-B7CB-94ECF3B96748}" = Skype web features "{552332F5-8904-E6DB-6708-4D40A852DD9C}" = CCC Help Portuguese "{5811BFA6-916D-992E-2550-DAF921A72BA2}" = CCC Help Spanish "{5C14D074-7A75-B3B6-F734-F652EBC126C9}" = CCC Help Dutch "{61585999-E891-AB93-2C1A-BCFCB86F9EA1}" = Catalyst Control Center Graphics Full New "{6E19F210-3813-4002-B561-94D66AA182B6}" = Atheros Communications Inc.® L1 Gigabit Ethernet Driver "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{75D21040-CF6D-B67F-E794-13A49B5EFD90}" = Catalyst Control Center Localization Thai "{771DAF24-33A1-2EC4-2161-9DB6F0B4BB4F}" = Catalyst Control Center Localization Portuguese "{82C36957-D2B8-4EF2-B88C-5FA03AA848C7-114643957}" = Big City Adventure Sydney "{86D4B82A-ABED-442A-BE86-96357B70F4FE}" = Ask Toolbar "{893D6516-88C7-97F2-FF21-93FDFBC075D5}" = Catalyst Control Center Localization Hungarian "{89DE67AD-08B8-4699-A55D-CA5C0AF82BF3}" = ATI AVIVO Codecs "{90110409-6000-11D3-8CFE-0150048383C9}" = Microsoft Office Professional Edition 2003 "{901E0402-6000-11D3-8CFE-0150048383C9}" = Microsoft Office 2003 Bulgarian User Interface Pack "{90F1943D-EA4A-4460-B59F-30023F3BA69A}" = SmarThru 4 "{9299FBD5-3A59-F73B-0EA1-EE0E2E49EFCF}" = ccc-core-static "{9BF5501A-BA5F-E1E6-AD12-A00C54D253A1}" = CCC Help French "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper "{AC63D770-6466-6DA6-1893-A98F7E4979A9}" = CCC Help Norwegian "{AC76BA86-7AD7-1033-7B44-A92000000001}" = Adobe Reader 9.2 "{AC76BA86-7AD7-5464-3428-900000000004}" = Spelling Dictionaries Support For Adobe Reader 9 "{AE04A701-0B3D-80AF-1514-9676BC2B7E2D}" = CCC Help English "{AE7EA6CC-C55D-3C57-6540-4D73514E578A}" = CCC Help Italian "{AF9DF04A-4B60-61A7-3C56-6A7A231ADFFF}" = ccc-core-preinstall "{B2E88616-DB58-7570-2047-884C09841F0A}" = CCC Help Polish "{B5BD948A-408C-34EF-CA08-79F79D91EE63}" = CCC Help Chinese Traditional "{B8F66A22-6C6D-26ED-B69A-3DC704C274F4}" = CCC Help Chinese Standard "{BAB9CF35-B641-2D02-CF12-E8929150AE61}" = Catalyst Control Center Localization Chinese Traditional "{BD61A312-FC04-5FE8-3FA1-18FBA7068A26}" = Catalyst Control Center Graphics Light "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{C557E258-E9DB-B062-3E95-DCC3DF1DF6FD}" = Catalyst Control Center Graphics Previews Common "{C6FBE7BB-D63B-63AC-D856-791F70FAF2AC}" = Catalyst Control Center Localization Norwegian "{CB2BBE97-230C-641A-45C3-171E812FFF2B}" = Catalyst Control Center Localization Danish "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{D103C4BA-F905-437A-8049-DB24763BBE36}" = Skype™ 4.1 "{DA5E6A2D-DEAA-4152-A43A-FDBDE29AA724}" = DAMN NFO Viewer 2.10.0031 RC3 "{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag "{DFD9146F-CC1D-09AE-223F-F0F23A8D702C}" = Catalyst Control Center Localization Korean "{E2883E8F-472F-4fb0-9522-AC9BF37916A7}" = Adobe Download Manager "{E2963C46-06B4-2C13-06A4-967AC62EA44E}" = CCC Help German "{E34E9B33-46EC-4252-A52F-DDA3978CC0AF}" = Syberia "{E4628D0D-5DC8-49EC-985A-F0C12EDBF1D2}" = Agatha Christie - And Then There Were None "{E8B5AAC3-AA42-BA50-ED23-50691ACA9A68}" = Catalyst Control Center Localization Spanish "{EBCC80A8-4CE8-F0D8-2417-D07837152464}" = Catalyst Control Center Localization Russian "{EC625543-C1BC-52DA-E923-0D1611A8C33D}" = Catalyst Control Center Localization Italian "{EDC7CB81-59D7-9934-148C-458F1A4527BC}" = CCC Help Thai "{F0DC188E-E456-BFE0-F039-5D6EDDB322CA}" = CCC Help Turkish "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "{F1D42B14-EA0F-3A0B-9E58-7A2BD6D2D695}" = CCC Help Hungarian "{F2BFA1B3-F7A2-7DA1-EF5F-55E57D091942}" = Catalyst Control Center Localization Greek "{F33CD8AA-45B3-033B-29BA-7ACBDC049F96}" = CCC Help Swedish "{F4992E7A-C58D-4BC8-0957-A21D28F62479}" = Catalyst Control Center Localization Turkish "{F8D7DD12-6CE1-4A6B-C2EC-28EC3761B880}" = Catalyst Control Center Localization Finnish "{FA3A247D-437A-455E-A88F-7EB6E5F9E799}" = Catalyst Control Center - Branding "{FF59611E-238D-249F-B002-59CF89B3E7CA}" = Catalyst Control Center Localization Polish "Adobe Flash Player ActiveX" = Adobe Flash Player 10 ActiveX "Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin "All ATI Software" = ATI - Software Uninstall Utility "ATI Display Driver" = ATI Display Driver "BitComet" = BitComet 1.17 "Bulgarian_KBD'S_Atanasov" = Bulgarian Keyboards XP by G. Atanasov "Cate West - The Velvet Keys" = Cate West - The Velvet Keys "CometBird (3.5.5)" = CometBird (3.5.5) "FlashGet" = FlashGet 1.9.6.1073 "G.H.O.S.T Chronicles - Phantom of the Renaissance Faire" = G.H.O.S.T Chronicles - Phantom of the Renaissance Faire "Google Chrome" = Google Chrome "ie8" = Windows Internet Explorer 8 "Kellie Stanford - Turn of Fate 1.00" = Kellie Stanford - Turn of Fate 1.00 "KLiteCodecPack_is1" = K-Lite Mega Codec Pack 5.1.0 "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "Mishap An Accidental Haunting 1.00" = Mishap An Accidental Haunting 1.00 "Mozilla Firefox (3.5.7)" = Mozilla Firefox (3.5.7) "Nero 7 Lite_is1" = Nero 7 Lite 7.9.6.0 "Samsung SCX-4200 Series" = Samsung SCX-4200 Series "WinRAR archiver" = WinRAR archiver ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 04.12.2009 г. 05:08:07 | Computer Name = USER-0CCED92A1A | Source = crypt32 | ID = 131083 Description = Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: An internal certificate chaining error has occurred. Error - 06.12.2009 г. 13:17:39 | Computer Name = USER-0CCED92A1A | Source = MsiInstaller | ID = 11706 Description = Product: Microsoft Office Professional Edition 2003 -- Error 1706. Setup cannot find the required files. Check your connection to the network, or CD-ROM drive. For other potential solutions to this problem, see C:\Program Files\Microsoft Office\OFFICE11\1033\SETUP.CHM. Error - 07.12.2009 г. 06:03:10 | Computer Name = USER-0CCED92A1A | Source = LoadPerf | ID = 3001 Description = The performance counter name string value in the registry is incorrectly formatted. The bogus string is 3994, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section. Error - 07.12.2009 г. 06:03:10 | Computer Name = USER-0CCED92A1A | Source = LoadPerf | ID = 3011 Description = Unloading the performance counter strings for service ASP.NET_2.0.50727 (ASP.NET_2.0.50727) failed. The Error code is the first DWORD in Data section. Error - 07.12.2009 г. 06:03:11 | Computer Name = USER-0CCED92A1A | Source = LoadPerf | ID = 3001 Description = The performance counter name string value in the registry is incorrectly formatted. The bogus string is 3994, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section. Error - 07.12.2009 г. 06:03:11 | Computer Name = USER-0CCED92A1A | Source = LoadPerf | ID = 3011 Description = Unloading the performance counter strings for service aspnet_state (ASP.NET State Service) failed. The Error code is the first DWORD in Data section. Error - 07.12.2009 г. 06:03:11 | Computer Name = USER-0CCED92A1A | Source = LoadPerf | ID = 3001 Description = The performance counter name string value in the registry is incorrectly formatted. The bogus string is 3994, the bogus index value is the first DWORD in Data section while the last valid index values are the second and third DWORD in Data section. Error - 10.12.2009 г. 17:39:35 | Computer Name = USER-0CCED92A1A | Source = MsiInstaller | ID = 1013 Description = Product: SILENT HILL 3 -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe. Error - 10.12.2009 г. 17:39:52 | Computer Name = USER-0CCED92A1A | Source = MsiInstaller | ID = 1013 Description = Product: SILENT HILL 3 -- 1: This installation cannot be run by directly launching the MSI package. You must run setup.exe. [ System Events ] Error - 12.1.2010 г. 08:52:22 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 13.1.2010 г. 06:12:26 | Computer Name = USER-0CCED92A1A | Source = Dhcp | ID = 1002 Description = The IP address lease 192.168.1.2 for the Network Card with network address 001FC659768E has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message). Error - 13.1.2010 г. 06:13:17 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 13.1.2010 г. 13:49:46 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 14.1.2010 г. 08:06:28 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 15.1.2010 г. 07:28:22 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 17.1.2010 г. 12:38:06 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 18.1.2010 г. 10:12:03 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 19.1.2010 г. 04:10:43 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 Error - 19.1.2010 г. 06:53:55 | Computer Name = USER-0CCED92A1A | Source = Service Control Manager | ID = 7000 Description = The DgiVecp service failed to start due to the following error: %%20 < End of report >

  13. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg отговори в добавена от tonitaakg тема в Премахване на зловреден софтуер
    Има няколко човека тук ,които ще ти помогнат ! дано да се отзоват, защото е доста изнервящо

  14. Моля, помогнете не мога да изтегля антивирусна програма [РЕШЕН]

    tonitaakg публикува тема в Премахване на зловреден софтуер
    Здравейте, проблемът ми е следният:немога да изтегля антивирусна програма. Реших, че проблемът е в това, че антивирусната ми изтичаше, но уви. Истината е там, че сложих една флашка в компютъра и вероятно от там съм лепнала нещо. Към момента не мога да изтегля никаква антивирусна, освен това като напиша името на която и да е съм изхвърлена незабавно от нета.Пробвах с линк- ефекта е нулев, пробвах да ми изпратят изтеглена антивирусна- получих я но немога да я инсталирам. Моля ако някой може да помогне. Предварително благодаря.

Разглеждащи това в момента 0

  • Няма регистрирани потребители разглеждащи тази страница.

Профил

Навигация

Търсене

Търсене

Конфигуриране на push известия в браузъра
Chrome (Android)
  1. Докоснете иконата на катинар до адресната лента.
  2. Докоснете Разрешения → Известия.
  3. Променете предпочитанията си.
Chrome (Desktop)
  1. Кликнете върху иконата на катинар в адресната лента.
  2. Изберете Настройки на сайта.
  3. Намерете Известия и коригирайте предпочитанията си.