Премини към съдържанието

erito_77

Потребител
  • Публикации

    9
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за erito_77

  • Титла
    Новобранец
  1. PhotoRec - програма за възстановяване на повредени изображения :wors: :wors: Ето това ми оправи цялата дандания Благодаря много на icotonev и на всички останали , които се притекоха на помощ . :clap: Пожелавам Ви всичко най-хубаво и да продължавате да помагате на такива като мен в беда П.П. Защо след като ги въстанових някои от тях не са със оригинален размер (малко е изображението , не е оригинал (2048х1536) ) ?
  2. Не могат да се прехвърлят тези файлове , пробвах всичко !!! А относно поста на nikssi ще изчакам отговор от HiJack Team да прецени дали няма да прецакам работата така ....
  3. Много бих искал да Ви ги изпратя по-някакъв начин , но пробвах много варианти , и няма резултат ...... Ако Вие знаете някакъв начин за "Насилствено" да ги копирам или архивирам , ще Ви ги пратя веднага
  4. Recycler - http://dox.bg/files/dw?a=cb1b5dffc5 НОВО :
  5. Няма резултат ..... Само че този път ми се появиха още 3 папки .... Не знам какво става вече с тази карта .....
  6. Съжалявам , но аз дори не мога да ги копирам от картата памет където и да е , камо ли да ги кача на някой сървър . Ето и ЛОГ файла от първата програма : 21:26:22.0390 1748 Trojan-Ransom.Win32.Xorist decryptor tool 2.2.87.0 Aug 20 2012 09:10:38 21:26:22.0578 1748 ============================================================ 21:26:22.0578 1748 Current date / time: 2012/08/20 21:26:22.0578 21:26:22.0578 1748 SystemInfo: 21:26:22.0578 1748 21:26:22.0578 1748 OS Version: 5.1.2600 ServicePack: 3.0 21:26:22.0578 1748 Product type: Workstation 21:26:22.0578 1748 ComputerName: ERITO 21:26:22.0578 1748 UserName: Erhan 21:26:22.0578 1748 Windows directory: C:\WINXP 21:26:22.0578 1748 System windows directory: C:\WINXP 21:26:22.0578 1748 Processor architecture: Intel x86 21:26:22.0578 1748 Number of processors: 2 21:26:22.0578 1748 Page size: 0x1000 21:26:22.0578 1748 Boot type: Normal boot 21:26:22.0578 1748 ============================================================ 21:26:22.0578 1748 Initialize success 21:26:36.0781 0924 Can't init decryptor on file H:\Pictures\ю№оым.Ё>ю 21:26:42.0515 0512 Can't get encrypted file path 21:27:26.0625 3036 Can't init decryptor on file H:\Pictures\ю№оым.Ё>ю 21:27:30.0015 3964 Deinitialize success А за втората програма , стартирах я както ми беше описал , но накрая след проверката ми изписа " Encrypted files - 0 " и това беше
  7. DDS DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Erhan at 16:59:48 on 2012-08-20 Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.1022.288 [GMT 3:00] . AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} . ============== Running Processes ================ . C:WINXPsystem32nvsvc32.exe C:WINXPsystem32spoolsv.exe C:WINXPExplorer.EXE C:WINXPsystem32RUNDLL32.EXE C:WINXPSOUNDMAN.EXE C:WINXPALCWZRD.EXE C:WINXPsystem32ctfmon.exe C:Program FilesRocketDockRocketDock.exe C:Program FilesSkypePhoneSkype.exe C:WINXPDatecsFlex2K.exe C:WINXPsystem32PnkBstrA.exe C:WINXPSystem32alg.exe C:WINXPsystem32wscntfy.exe C:Program FilesMozilla Firefoxfirefox.exe C:Program FilesMozilla Firefoxplugin-container.exe C:Program FilesNorton AntiVirusEngine18.7.1.3ccSvcHst.exe C:Program FilesNorton AntiVirusEngine18.7.1.3ccSvcHst.exe C:WINXPsystem32wbemwmiprvse.exe C:WINXPSystem32svchost.exe -k netsvcs C:WINXPsystem32svchost.exe -k LocalService C:WINXPsystem32svchost.exe -k LocalService C:WINXPsystem32svchost.exe -k NetworkService . ============== Pseudo HJT Report =============== . BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:program filesnorton antivirusengine18.7.1.3ipsipsbho.dll uRun: [ctfmon.exe] c:winxpsystem32ctfmon.exe uRun: [DAEMON Tools Lite] "c:program filesdaemon tools liteDTLite.exe" -autorun uRun: [RocketDock] "c:program filesrocketdockRocketDock.exe" uRun: [Skype] "c:program filesskypephoneSkype.exe" /minimized /regrun mRun: [nwiz] c:program filesnvidia corporationnviewnwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:winxpsystem32NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:winxpsystem32NvCpl.dll,NvStartup mRun: [SoundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [Alcmtr] ALCMTR.EXE StartupFolder: c:docume~1alluse~1startm~1programsstartupflexty~1.lnk - c:winxpdatecsFlex2K.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:program filesmessengermsmsgs.exe TCP: NameServer = 192.168.1.1 TCP: Interfaces{919AE5D8-7387-43EA-8A71-FD18631E1823} : DHCPNameServer = 192.168.1.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:program filescommon filesskypeSkype4COM.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:winxpsystem32wpdshserviceobj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:documents and settingserhanapplication datamozillafirefoxprofilesmmmh68jt.default FF - prefs.js: browser.startup.homepage - google.bg FF - plugin: c:program filesfoxit softwarefoxit readerpluginsnpFoxitReaderPlugin.dll FF - plugin: c:program filesgoogleupdate1.3.21.115npGoogleUpdate3.dll FF - plugin: c:winxpsystem32macromedflashNPSWF32_11_3_300_271.dll . ============= SERVICES / DRIVERS =============== . R0 DSFKSVCS;Kernel Services for DSF;c:winxpsystem32driversdsfksvcs.sys [2010-2-8 479992] R0 dsfroot;root enumerated bus driver;c:winxpsystem32driversdsfroot.sys [2010-2-8 31608] R0 SymDS;Symantec Data Store;c:winxpsystem32driversnav1207010.003symds.sys [2012-8-20 340088] R0 SymEFA;Symantec Extended File Attributes;c:winxpsystem32driversnav1207010.003symefa.sys [2012-8-20 744568] R1 BHDrvx86;BHDrvx86;c:documents and settingsall usersapplication datanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nav_18.6.0.29definitionsbashdefs20120803.001BHDrvx86.sys [2012-8-3 821920] R1 dk12drv;DK12 WindowsNT Driver;c:winxpsystem32driversdk12drv.sys [2012-8-12 17336] R1 DK25DRV;DK25 DESkey Driver;c:winxpsystem32driversDK25DRV.SYS [2012-8-12 7648] R1 dk2drv;DK2 WindowsNT Driver;c:winxpsystem32driversdk2drv.sys [2012-8-11 49720] R1 DK47DRV;DK47 DESkey Driver;c:winxpsystem32driversDK47DRV.SYS [2012-8-12 16896] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:winxpsystem32driversdtsoftbus01.sys [2012-7-18 242240] R1 SymIRON;Symantec Iron Driver;c:winxpsystem32driversnav1207010.003ironx86.sys [2012-8-20 136312] R2 NAV;Norton AntiVirus;c:program filesnorton antivirusengine18.7.1.3ccsvchst.exe [2012-8-20 130008] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filescommon filessymantec sharedeengineEraserUtilRebootDrv.sys [2012-8-19 106656] R3 HRMCFGSPC;DSF General Configuration Space Redirection Module;c:winxpsystem32drivershrmcfgspc.sys [2010-2-8 92664] R3 IDSxpx86;IDSxpx86;c:documents and settingsall usersapplication datanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nav_18.6.0.29definitionsipsdefs20120817.001IDSXpx86.sys [2012-8-17 369632] R3 NAVENG;NAVENG;c:documents and settingsall usersapplication datanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nav_18.6.0.29definitionsvirusdefs20120819.007NAVENG.SYS [2012-8-20 87928] R3 NAVEX15;NAVEX15;c:documents and settingsall usersapplication datanorton{0c55c096-0f1d-4f28-aaa2-85ef591126e7}nav_18.6.0.29definitionsvirusdefs20120819.007NAVEX15.SYS [2012-8-20 1589752] R3 softehci;Microsoft USB 2.0 Enhanced Host Controller Interface (EHCI) Simulator Driver";c:winxpsystem32driverssoftehci.sys [2012-7-18 238720] R3 usbehci_dsf;Microsoft DSF-enabled USB 2.0 Enhanced Host Controller Interface (EHCI) Miniport Driver;c:winxpsystem32driversusbehci_dsf.sys [2012-7-18 27776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:winxpmicrosoft.netframeworkv4.0.30319mscorsvw.exe [2010-3-18 130384] S2 gupdate;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdate);c:program filesgoogleupdateGoogleUpdate.exe [2012-8-19 136176] S2 SkypeUpdate;Skype Updater;c:program filesskypeupdaterUpdater.exe [2012-7-13 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:winxpsystem32macromedflashFlashPlayerUpdateService.exe [2012-7-14 250056] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:program filesfinalwireaida64 extreme editionkerneld.x32 [2012-7-14 29336] S3 GGSAFERDriver;GGSAFER Driver;??c:program filesgarena plusroomsafedrv.sys --> c:program filesgarena plusroomsafedrv.sys [?] S3 gupdatem;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdatem);c:program filesgoogleupdateGoogleUpdate.exe [2012-8-19 136176] S3 HRMACPI;DSF ACPI Redirection Module;c:winxpsystem32drivershrmacpi.sys --> c:winxpsystem32driversHRMACPI.SYS [?] S3 HRMINTS;DSF Interrupt Redirection Module;c:winxpsystem32drivershrmints.sys [2010-2-8 89976] S3 HRMPORTS;DSF IO Port Redirection Module;c:winxpsystem32drivershrmports.sys [2010-2-8 103160] S3 huawei_cdcacm;huawei_cdcacm;c:winxpsystem32driversew_jucdcacm.sys --> c:winxpsystem32driversew_jucdcacm.sys [?] S3 huawei_enumerator;huawei_enumerator;c:winxpsystem32driversew_jubusenum.sys --> c:winxpsystem32driversew_jubusenum.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesmozilla maintenance servicemaintenanceservice.exe [2012-7-14 113120] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:winxpsystem32driversnmwcdnsu.sys [2012-8-11 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:winxpsystem32driversnmwcdnsuc.sys [2012-8-11 8576] S3 SOFTHIDUSBK;USB HID Layer;c:winxpsystem32driverssofthidusbk.sys [2012-7-18 148864] S3 SOFTUSBK;Generic USB device;c:winxpsystem32driverssoftusbk.sys [2012-7-18 475648] S3 SOFTUSBTESTHUB;Generic USB Test Hub;c:winxpsystem32driverssoftusbtesthub.sys --> c:winxpsystem32driversSOFTUSBTESTHUB.SYS [?] S3 SOFTWADP;Wireless adapter devices;c:winxpsystem32driverssoftwadp.sys --> c:winxpsystem32driversSOFTWADP.SYS [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:winxpmicrosoft.netframeworkv4.0.30319wpfWPFFontCache_v0400.exe [2010-3-18 753504] S3 WSOFTUSBK;Generic wireless USB device;c:winxpsystem32driverswsoftusbk.sys --> c:winxpsystem32driversWSOFTUSBK.SYS [?] . =============== Created Last 30 ================ . 2012-08-20 07:19:52 -------- d-----r- c:program filesSkype 2012-08-20 06:10:43 744568 ----a-r- c:winxpsystem32driversnav1207010.003symefa.sys 2012-08-20 06:10:43 516216 ----a-r- c:winxpsystem32driversnav1207010.003srtsp.sys 2012-08-20 06:10:43 50168 ----a-r- c:winxpsystem32driversnav1207010.003srtspx.sys 2012-08-20 06:10:43 369784 ----a-w- c:winxpsystem32driversnav1207010.003symtdi.sys 2012-08-20 06:10:43 340088 ----a-r- c:winxpsystem32driversnav1207010.003symds.sys 2012-08-20 06:10:43 331384 ----a-w- c:winxpsystem32driversnav1207010.003symtdiv.sys 2012-08-20 06:10:43 299640 ----a-w- c:winxpsystem32driversnav1207010.003symnets.sys 2012-08-20 06:10:43 136312 ----a-r- c:winxpsystem32driversnav1207010.003ironx86.sys 2012-08-20 06:10:27 -------- d-----w- c:winxpsystem32driversnav1207010.003 2012-08-19 14:22:43 60872 ----a-w- c:winxpsystem32S32EVNT1.DLL 2012-08-19 14:22:43 126584 ----a-w- c:winxpsystem32driversSYMEVENT.SYS 2012-08-19 14:22:43 -------- d-----w- c:program filesSymantec 2012-08-19 14:22:43 -------- d-----w- c:program filescommon filesSymantec Shared 2012-08-19 14:22:12 -------- d-----w- c:winxpsystem32driversNAV 2012-08-19 14:22:08 -------- d-----w- c:program filesNorton AntiVirus 2012-08-19 14:22:07 -------- d-----w- c:documents and settingsall usersapplication dataNorton 2012-08-19 14:21:42 -------- d-----w- c:program filesNortonInstaller 2012-08-19 14:21:21 -------- d-----w- c:documents and settingsall usersapplication dataNortonInstaller 2012-08-19 14:11:21 -------- d-----w- c:documents and settingserhanapplication dataZbshareware Lab 2012-08-19 14:11:21 -------- d-----w- c:documents and settingsall usersapplication dataZbshareware Lab 2012-08-19 14:10:55 -------- d-----w- c:program filesUSB Disk Security 2012-08-19 13:35:07 -------- d-----w- c:documents and settingserhanapplication dataMalwarebytes 2012-08-19 13:34:56 -------- d-----w- c:documents and settingsall usersapplication dataMalwarebytes 2012-08-19 13:12:00 -------- d-----w- c:documents and settingserhanlocal settingsapplication dataGoogle 2012-08-19 13:11:08 -------- d-----w- c:program filesAVAST Software 2012-08-19 13:11:08 -------- d-----w- c:documents and settingsall usersapplication dataAVAST Software 2012-08-12 13:25:28 -------- d-----w- c:program filesNKSL3Logger 2012-08-12 12:37:41 -------- d-----w- c:program filesNokia 2012-08-12 12:25:48 49152 ------w- c:winxpsystem32DK47DRV.DLL 2012-08-12 12:25:48 18652 ------w- c:winxpsystem32DK47WN32.DLL 2012-08-12 12:25:48 16896 ------w- c:winxpsystem32driversDK47DRV.SYS 2012-08-12 12:25:48 15872 ------w- c:winxpsystem32DK47WN16.DLL 2012-08-12 12:25:43 212992 ----a-w- c:winxpIsUninst.exe 2012-08-12 12:25:25 7648 ----a-w- c:winxpsystem32driversDK25DRV.SYS 2012-08-12 12:25:25 6144 ----a-w- c:winxpsystem32DK25VDD.DLL 2012-08-12 12:25:25 25600 ----a-w- c:winxpsystem32DK25DRV.DLL 2012-08-12 12:25:25 14848 ----a-w- c:winxpsystem32DK25WN16.DLL 2012-08-12 12:25:25 13824 ----a-w- c:winxpsystem32DK25WN32.DLL 2012-08-12 12:25:09 299008 ----a-w- c:winxpuninst.exe 2012-08-12 12:24:35 -------- d-----w- c:documents and settingserhanWINDOWS 2012-08-12 12:18:24 948784 ----a-w- c:winxpsystem32DK12INST.DLL 2012-08-12 12:18:24 18432 ----a-w- c:winxpsystem32DK12WN16.DLL 2012-08-12 12:18:24 17592 ----a-w- c:winxpsystem32driversdk12usb.sys 2012-08-12 12:18:24 17336 ----a-w- c:winxpsystem32driversdk12drv.sys 2012-08-12 12:18:24 109368 ----a-w- c:winxpsystem32DK12WN32.DLL 2012-08-12 12:18:20 77824 ----a-w- c:program filescommon filesinstallshieldengine6intel 32ctor.dll 2012-08-12 12:18:20 32768 ----a-w- c:program filescommon filesinstallshieldengine6intel 32objectps.dll 2012-08-12 12:18:20 225280 ----a-w- c:program filescommon filesinstallshieldiscriptiscript.dll 2012-08-12 12:18:20 176128 ----a-w- c:program filescommon filesinstallshieldengine6intel 32iuser.dll 2012-08-12 12:18:19 614532 ----a-w- c:program filescommon filesinstallshieldengine6intel 32IKernel.exe 2012-08-12 12:14:46 44544 ------w- c:winxpsystem32msxml4a.dll 2012-08-12 12:14:34 696320 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32iKernel.dll 2012-08-12 12:14:34 57344 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32ctor.dll 2012-08-12 12:14:34 5632 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32DotNetInstaller.exe 2012-08-12 12:14:34 237568 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32iscript.dll 2012-08-12 12:14:34 155648 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32iuser.dll 2012-08-12 12:14:33 282756 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32setup.dll 2012-08-12 12:14:33 163972 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0701intel32iGdi.dll 2012-08-12 12:08:44 90624 ----a-w- c:winxpsystem32nmwcdcls.dll 2012-08-12 12:07:38 35892 ----a-w- c:winxpsystem32SER9PL.sys 2012-08-12 12:07:38 26719 ----a-w- c:winxpsystem32SERSPL.VXD 2012-08-12 11:44:02 -------- d-----w- C:windows 2012-08-12 11:01:27 -------- d-----w- c:documents and settingserhanlocal settingsapplication dataHelp 2012-08-12 10:17:24 32377 ----a-w- c:winxpsystem32driversprodigy.sys 2012-08-12 10:17:19 -------- d-----w- c:program filesNSS 2012-08-12 10:17:13 -------- d-----w- c:program filesODEON 2012-08-11 19:25:33 26112 -c--a-w- c:winxpsystem32dllcacheusbser.sys 2012-08-11 19:25:33 26112 ----a-w- c:winxpsystem32driversusbser.sys 2012-08-11 19:11:47 -------- d-----w- c:documents and settingsall usersapplication dataNokia 2012-08-11 19:03:37 -------- d-----w- c:winxpDownloaded Installations 2012-08-11 19:03:12 8576 ----a-w- c:winxpsystem32driversnmwcdnsuc.sys 2012-08-11 19:03:12 137600 ----a-w- c:winxpsystem32driversnmwcdnsu.sys 2012-08-11 19:03:11 8192 ----a-w- c:winxpsystem32driversusbser_lowerfltj.sys 2012-08-11 19:03:10 8192 ----a-w- c:winxpsystem32driversusbser_lowerflt.sys 2012-08-11 19:03:09 23168 ----a-w- c:winxpsystem32driversccdcmbo.sys 2012-08-11 19:03:08 605696 ----a-w- c:winxpsystem32nmwcdcocls.dll 2012-08-11 19:03:08 18176 ----a-w- c:winxpsystem32driversccdcmb.sys 2012-08-11 19:03:08 1461992 ----a-w- c:winxpsystem32wdfcoinstaller01009.dll 2012-08-11 19:03:08 123904 ----a-w- c:winxpsystem32ccdcmbwu.dll 2012-08-11 19:02:35 -------- d-----w- c:program filesMSXML 6.0 2012-08-11 19:02:22 34944 ----a-w- c:winxpsystem32driverswinusb.sys 2012-08-11 19:02:22 16896 ----a-w- c:winxpsystem32winusb.dll 2012-08-11 19:02:16 -------- d-----w- c:program filescommon filesNokia 2012-08-11 07:18:10 -------- d-----w- C:col1832 2012-08-09 18:27:19 -------- d-----w- c:documents and settingserhanapplication dataFoxit Software 2012-08-09 10:38:45 -------- d-----w- c:program filesRocketDock 2012-07-31 13:20:53 -------- d-----w- c:documents and settingsall usersapplication dataVIVACOM 3G USB Modem 2012-07-31 13:20:28 16928 ------w- c:winxpsystem32spmsgXP_2k3.dll 2012-07-31 13:20:20 28672 ----a-w- c:winxpsystem32driversusbccid.sys 2012-07-31 13:20:20 1112288 ----a-w- c:winxpsystem32wdfcoinstaller01007.dll 2012-07-31 13:20:20 1112288 ----a-w- c:winxpsystem32driversWdfCoInstaller01007.dll 2012-07-31 13:19:44 -------- d-----w- c:documents and settingsall usersapplication dataDatacardService 2012-07-31 13:19:31 32128 -c--a-w- c:winxpsystem32dllcacheusbccgp.sys 2012-07-31 13:19:31 32128 ----a-w- c:winxpsystem32driversusbccgp.sys 2012-07-29 12:36:26 66872 ----a-w- c:winxpsystem32PnkBstrA.exe 2012-07-29 12:35:54 22328 ----a-w- c:winxpsystem32driversPnkBstrK.sys 2012-07-29 11:44:10 103736 ----a-w- c:winxpsystem32PnkBstrB.exe 2012-07-29 11:41:59 -------- d-----w- c:winxpsystem32LogFiles 2012-07-27 08:44:08 69715 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32ctor.dll 2012-07-27 08:44:08 5632 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32DotNetInstaller.exe 2012-07-27 08:44:08 266240 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32iscript.dll 2012-07-27 08:44:08 192512 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32iuser.dll 2012-07-27 08:44:07 729088 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32iKernel.dll 2012-07-27 08:44:02 311428 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32setup.dll 2012-07-27 08:44:02 188548 ----a-w- c:program filescommon filesinstallshieldprofessionalruntime0901intel32iGdi.dll 2012-07-26 10:44:02 -------- d-----w- c:program filesTunatic 2012-07-24 11:25:30 -------- d-----w- c:documents and settingserhanlocal settingsapplication dataThinstall 2012-07-24 11:25:30 -------- d-----w- c:documents and settingserhanapplication dataThinstall 2012-07-24 09:27:42 -------- d-----w- c:program filesXviD 2012-07-24 09:18:57 122880 ----a-w- c:winxpsystem32AC3ACM.acm 2012-07-24 09:18:38 294912 ----a-w- c:winxpsystem32AACACM.acm 2012-07-24 09:17:45 7168 ----a-w- c:winxpsystemvdremote.dll 2012-07-24 09:17:45 5120 ----a-w- c:winxpsystemvdsvrlnk.dll 2012-07-24 08:21:16 -------- d-----w- c:documents and settingserhanapplication dataABCMedia 2012-07-21 20:53:17 8992 ----a-w- c:winxpsystem32KBDBPH.dLL 2012-07-21 20:53:17 7440 ----a-w- c:winxpsystem32KBDDLL.DLL 2012-07-21 20:53:17 6928 ----a-w- c:winxpsystem32kbdhebx.Dll 2012-07-21 20:53:17 6416 ----a-w- c:winxpsystem32kbdinori.Dll 2012-07-21 20:53:17 6416 ----a-w- c:winxpsystem32kbdinasa.Dll 2012-07-21 20:53:17 6416 ----a-w- c:winxpsystem32kbdbp.Dll 2012-07-21 20:53:17 28672 ----a-w- c:winxpsystem32newdll.dll 2012-07-21 20:53:17 -------- d-----w- c:winxpDatecs . ==================== Find3M ==================== . 2012-08-15 14:23:04 70344 ----a-w- c:winxpsystem32FlashPlayerCPLApp.cpl 2012-08-15 14:23:04 426184 ----a-w- c:winxpsystem32FlashPlayerApp.exe 2012-08-13 06:01:20 81920 ----a-w- c:winxpALCFDRTM.VER 2012-08-12 12:18:24 92984 ----a-w- c:winxpsystem32dkcpanel.exe 2012-08-12 12:18:24 64312 ----a-w- c:winxpsystem32vercp32.dll 2012-08-12 12:18:24 60216 ----a-w- c:winxpsystem32DESkey32.cpl 2012-08-12 12:18:24 14856 ----a-w- c:winxpsystem32driversdkpccard.sys 2012-08-12 12:18:24 11576 ----a-w- c:winxpsystem32DKCLINST.DLL 2012-08-11 19:04:14 92984 ----a-w- c:winxpsystem32DNClnt32.dll 2012-08-11 19:04:14 89400 ----a-w- c:winxpsystem32DNCP32.DLL 2012-08-11 19:04:13 76600 ----a-w- c:winxpsystem32dk2cp32.dll 2012-08-11 19:04:13 49720 ----a-w- c:winxpsystem32driversdk2drv.sys 2012-08-11 19:04:13 32208 ----a-w- c:winxpsystem32dk2win16.dll 2012-08-11 19:04:13 30520 ----a-w- c:winxpsystem32DK2UInst.exe 2012-08-11 19:04:13 24488 ----a-w- c:winxpsystem32dk2vdd.dll 2012-08-11 19:04:13 18360 ----a-w- c:winxpsystem32driversDK2USB.sys 2012-08-11 19:04:12 2325304 ----a-w- c:winxpsystem32DK2INST.DLL 2012-07-18 12:08:47 81920 ----a-w- c:winxpALCFDRTM.EXE 2012-07-18 09:29:10 242240 ----a-w- c:winxpsystem32driversdtsoftbus01.sys 2012-07-14 18:52:04 315392 ----a-w- c:winxpHideWin.exe 2012-07-14 18:26:01 234112 ----a-w- c:winxpsystem32nvdrsdb0.bin 2012-07-14 18:26:01 1 ----a-w- c:winxpsystem32nvdrssel.bin 2012-07-14 18:25:56 234112 ----a-w- c:winxpsystem32nvdrsdb1.bin 2012-06-09 17:21:56 178688 ----a-w- c:winxpsystem32unrar.dll . ============= FINISH: 17:00:17.20 =============== Attach . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: DeviceHarddiskVolume1 Install Date: 7/14/2012 18:04:01 System Uptime: 8/20/2012 16:29:34 (1 hours ago) . Motherboard: Foxconn | | 915 7AD Series Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 478 | 3000/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 20 GiB total, 6.832 GiB free. D: is FIXED (NTFS) - 57 GiB total, 24.22 GiB free. E: is CDROM () F: is CDROM () G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Mass Storage Controller Device ID: PCIVEN_1283&DEV_8212&SUBSYS_0C2D105B&REV_134&10355354&0&28F0 Manufacturer: Name: Mass Storage Controller PNP Device ID: PCIVEN_1283&DEV_8212&SUBSYS_0C2D105B&REV_134&10355354&0&28F0 Service: . ==== System Restore Points =================== . RP27: 8/12/2012 14:24:39 - Installed Winlock5 RP28: 8/12/2012 15:02:10 - Removed PL-2303 USB-to-Serial RP29: 8/12/2012 15:05:39 - Removed Prince of Persia The Two Thrones RP30: 8/12/2012 15:06:07 - Removed Winlock5 RP31: 8/12/2012 15:07:38 - Installed PL-2303 USB-to-Serial RP32: 8/12/2012 15:14:46 - Installed Winlock5 RP33: 8/15/2012 10:02:39 - System Checkpoint RP34: 8/18/2012 09:35:37 - System Checkpoint RP35: 8/19/2012 15:54:04 - System Checkpoint RP36: 8/19/2012 16:11:08 - avast! Free Antivirus Инсталация RP37: 8/19/2012 17:19:23 - avast! Free Antivirus Инсталация . ==== Installed Programs ====================== . 3D Vision stereoplayer 12.4.18.0 AAC ACM Codec 1.9 AC-3 ACM Codec 2.2 Adobe Flash Player 11 Plugin AIDA64 Extreme Edition v2.50 BS.Player FREE DAEMON Tools Lite Device Simulation Framework 1.0.1 DK12 Drivers v2.4.0.6 DK2 DESkey Drivers v7.14.0.25 DK25 DESkey Device Driver DK47 DESkey Drivers DSF-KitSetup DVD Knife 4.0 DVDFab 8.1.9.6 (17/07/2012) Qt EAX4 Unified Redist FlexType 2K Foxit Reader Fuse Drivers Garena Garena Plus Google Chrome Google Update Helper GTA San Andreas K-Lite Codec Pack 9.0.2 (Full) Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 14.0.1 (x86 bg) Mozilla Maintenance Service MSXML 6.0 Parser Need for Speed™ ProStreet NKSL3Logger Nokia 2730c RM-578 Gr.RUS_sw-10.45_v7.0 Nokia Connectivity Cable Driver Nokia Flashing Cable Driver Norton AntiVirus NSS (remove only) NVIDIA Display Control Panel NVIDIA Drivers NVIDIA nView Desktop Manager Phoenix Service Software Phoenix Service Software 2012.04.003.47798 PL-2303 USB-to-Serial Prince of Persia T2T Realtek High Definition Audio Driver Recuva RocketDock 1.3.5 Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB980195) Skype™ 5.10 SpeedFan (remove only) Street Racing Syndicate (TM) Tunatic Update for Microsoft Windows (KB971513) Update for Windows XP (KB2467659) Update for Windows XP (KB898461) WebFldrs XP Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (01/17/2007 8.1.0.77) Winlock5 1.00.000 WinRAR 4.20 (32-bit) XviD Video Codec (remove only) µTorrent . ==== Event Viewer Messages From Past Week ======== . 8/19/2012 17:27:59, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton AntiVirus service, but this action failed with the following error: An instance of the service is already running. 8/19/2012 17:25:59, error: Service Control Manager [7031] - The Norton AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. . ==== End Of File =========================== Malware Malwarebytes Anti-Malware (PRO) 1.62.0.1300 www.malwarebytes.org Database version: v2012.08.20.07 Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Erhan :: ERITO [administrator] Protection: Disabled 8/20/2012 17:07:47 mbam-log-2012-08-20 (17-07-47).txt Scan type: Full scan (C:|D:|G:|H:|) Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 217695 Time elapsed: 34 minute(s), 43 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 6 C:Documents and SettingsErhanDesktopHaris DCT4 CALC V2.4dct3.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:Documents and SettingsErhanDesktopHaris DCT4 CALC V2.4dct4.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:Documents and SettingsErhanLocal SettingsTempCSME9.tmp (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully. D:Symantec Norton AntiVirus + Internet Security 2011 v18.6.0.29 incl. TrialReset-BOX1BOX_NTR2011.exe (RiskWare.Tool.CK) -> Quarantined and deleted successfully. D:System Volume Information_restore{BE315AB9-A551-4EC2-B497-F1505F70421F}RP36A0009759.exe (Riskware.Tool.CK) -> Quarantined and deleted successfully. D:System Volume Information_restore{BE315AB9-A551-4EC2-B497-F1505F70421F}RP36A0009770.exe (Trojan.Agent.CK) -> Quarantined and deleted successfully. (end) ComboFix ComboFix 12-08-20.01 - Erhan 08/20/2012 17:49:04.1.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.1022.321 [GMT 3:00] Running from: c:documents and settingsErhanDesktopComboFix.exe AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:documents and settingsErhanWINDOWS . . ((((((((((((((((((((((((( Files Created from 2012-07-20 to 2012-08-20 ))))))))))))))))))))))))))))))) . . 2012-08-20 14:03 . 2012-08-20 14:03 -------- d-----w- c:program filesMalwarebytes' Anti-Malware 2012-08-20 14:03 . 2012-07-03 10:46 22344 ----a-w- c:winxpsystem32driversmbam.sys 2012-08-20 07:20 . 2012-08-20 14:46 -------- d-----w- c:documents and settingsErhanApplication DataSkype 2012-08-20 07:19 . 2012-08-20 07:19 -------- d-----w- c:program filesCommon FilesSkype 2012-08-20 07:19 . 2012-08-20 07:19 -------- d-----r- c:program filesSkype 2012-08-20 07:19 . 2012-08-20 07:20 -------- d-----w- c:documents and settingsAll UsersApplication DataSkype 2012-08-19 17:15 . 2012-08-19 17:16 -------- d-----w- c:program filesRecuva 2012-08-19 14:22 . 2012-08-19 14:47 -------- d-----w- c:program filesCommon FilesSymantec Shared 2012-08-19 14:22 . 2012-08-19 14:22 -------- d-----w- c:program filesSymantec 2012-08-19 14:22 . 2012-08-19 14:22 60872 ----a-w- c:winxpsystem32S32EVNT1.DLL 2012-08-19 14:22 . 2012-08-19 14:22 126584 ----a-w- c:winxpsystem32driversSYMEVENT.SYS 2012-08-19 14:22 . 2012-08-20 13:30 -------- d-----w- c:winxpsystem32driversNAV 2012-08-19 14:22 . 2012-08-19 14:22 -------- d-----w- c:program filesNorton AntiVirus 2012-08-19 14:22 . 2012-08-19 14:22 -------- d-----w- c:program filesWindows Sidebar 2012-08-19 14:22 . 2012-08-19 14:26 -------- d-----w- c:documents and settingsAll UsersApplication DataNorton 2012-08-19 14:21 . 2012-08-19 14:21 -------- d-----w- c:program filesNortonInstaller 2012-08-19 14:11 . 2012-08-19 14:11 -------- d-----w- c:documents and settingsErhanApplication DataZbshareware Lab 2012-08-19 14:11 . 2012-08-19 14:11 -------- d-----w- c:documents and settingsAll UsersApplication DataZbshareware Lab 2012-08-19 14:10 . 2012-08-19 14:18 -------- d-----w- c:program filesUSB Disk Security 2012-08-19 13:35 . 2012-08-19 13:35 -------- d-----w- c:documents and settingsErhanApplication DataMalwarebytes 2012-08-19 13:34 . 2012-08-19 13:34 -------- d-----w- c:documents and settingsAll UsersApplication DataMalwarebytes 2012-08-19 13:12 . 2012-08-19 13:16 -------- d-----w- c:documents and settingsErhanLocal SettingsApplication DataGoogle 2012-08-19 13:12 . 2012-08-19 13:13 -------- d-----w- c:program filesGoogle 2012-08-19 13:11 . 2012-08-19 14:20 -------- d-----w- c:documents and settingsAll UsersApplication DataAVAST Software 2012-08-19 13:11 . 2012-08-19 13:11 -------- d-----w- c:program filesAVAST Software 2012-08-12 13:25 . 2012-08-12 13:25 -------- d-----w- c:program filesNKSL3Logger 2012-08-12 12:37 . 2012-08-12 12:40 -------- d-----w- c:program filesNokia 2012-08-12 12:25 . 1997-07-31 07:12 15872 ------w- c:winxpsystem32DK47WN16.DLL 2012-08-12 12:25 . 1997-03-13 11:02 18652 ------w- c:winxpsystem32DK47WN32.DLL 2012-08-12 12:25 . 1994-06-09 14:33 49152 ------w- c:winxpsystem32DK47DRV.DLL 2012-08-12 12:25 . 1994-02-25 01:25 16896 ------w- c:winxpsystem32driversDK47DRV.SYS 2012-08-12 12:25 . 2012-08-12 12:26 212992 ----a-w- c:winxpIsUninst.exe 2012-08-12 12:25 . 1997-11-04 11:43 13824 ----a-w- c:winxpsystem32DK25WN32.DLL 2012-08-12 12:25 . 1997-11-04 11:28 14848 ----a-w- c:winxpsystem32DK25WN16.DLL 2012-08-12 12:25 . 1997-10-17 07:10 25600 ----a-w- c:winxpsystem32DK25DRV.DLL 2012-08-12 12:25 . 1997-10-17 07:09 7648 ----a-w- c:winxpsystem32driversDK25DRV.SYS 2012-08-12 12:25 . 1997-10-09 09:50 6144 ----a-w- c:winxpsystem32DK25VDD.DLL 2012-08-12 12:25 . 1996-11-05 13:13 299008 ----a-w- c:winxpuninst.exe 2012-08-12 12:18 . 2012-08-12 12:18 18432 ----a-w- c:winxpsystem32DK12WN16.DLL 2012-08-12 12:18 . 2012-08-12 12:18 17592 ----a-w- c:winxpsystem32driversdk12usb.sys 2012-08-12 12:18 . 2012-08-12 12:18 17336 ----a-w- c:winxpsystem32driversdk12drv.sys 2012-08-12 12:18 . 2012-08-12 12:18 109368 ----a-w- c:winxpsystem32DK12WN32.DLL 2012-08-12 12:18 . 2009-11-23 06:09 948784 ----a-w- c:winxpsystem32DK12INST.DLL 2012-08-12 12:18 . 2001-09-05 02:18 77824 ----a-w- c:program filesCommon FilesInstallShieldEngine6Intel 32ctor.dll 2012-08-12 12:18 . 2001-09-05 02:18 225280 ----a-w- c:program filesCommon FilesInstallShieldIScriptiscript.dll 2012-08-12 12:18 . 2001-09-05 02:14 176128 ----a-w- c:program filesCommon FilesInstallShieldEngine6Intel 32iuser.dll 2012-08-12 12:18 . 2001-09-05 02:13 32768 ----a-w- c:program filesCommon FilesInstallShieldEngine6Intel 32objectps.dll 2012-08-12 12:18 . 2002-07-25 14:07 614532 ----a-w- c:program filesCommon FilesInstallShieldEngine6Intel 32IKernel.exe 2012-08-12 12:14 . 2002-02-03 22:43 44544 ------w- c:winxpsystem32msxml4a.dll 2012-08-12 12:14 . 2003-02-27 13:12 696320 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32iKernel.dll 2012-08-12 12:14 . 2002-12-05 11:10 155648 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32iuser.dll 2012-08-12 12:14 . 2002-12-02 12:22 5632 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32DotNetInstaller.exe 2012-08-12 12:14 . 2002-12-02 10:33 57344 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32ctor.dll 2012-08-12 12:14 . 2002-12-02 10:33 237568 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32iscript.dll 2012-08-12 12:14 . 2012-08-12 12:14 282756 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32setup.dll 2012-08-12 12:14 . 2012-08-12 12:14 163972 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0701Intel32iGdi.dll 2012-08-12 12:08 . 2008-02-01 13:17 90624 ----a-w- c:winxpsystem32nmwcdcls.dll 2012-08-12 12:07 . 2005-08-03 13:05 35892 ----a-w- c:winxpsystem32SER9PL.sys 2012-08-12 12:07 . 2005-08-03 13:04 26719 ----a-w- c:winxpsystem32SERSPL.VXD 2012-08-12 11:44 . 2012-08-12 11:44 -------- d-----w- C:windows 2012-08-12 11:01 . 2012-08-12 11:01 -------- d-----w- c:documents and settingsErhanLocal SettingsApplication DataHelp 2012-08-12 10:17 . 2006-08-29 14:56 32377 ----a-w- c:winxpsystem32driversprodigy.sys 2012-08-12 10:17 . 2012-08-12 13:24 -------- d-----w- c:program filesNSS 2012-08-12 10:17 . 2012-08-12 10:17 -------- d-----w- c:program filesODEON 2012-08-11 19:25 . 2008-04-13 19:15 26112 -c--a-w- c:winxpsystem32dllcacheusbser.sys 2012-08-11 19:25 . 2008-04-13 19:15 26112 ----a-w- c:winxpsystem32driversusbser.sys 2012-08-11 19:11 . 2012-08-11 19:11 -------- d-----w- c:documents and settingsAll UsersApplication DataNokia 2012-08-11 19:03 . 2012-08-11 19:03 -------- d-----w- c:winxpDownloaded Installations 2012-08-11 19:03 . 2011-11-01 07:07 8576 ----a-w- c:winxpsystem32driversnmwcdnsuc.sys 2012-08-11 19:03 . 2011-11-01 07:07 137600 ----a-w- c:winxpsystem32driversnmwcdnsu.sys 2012-08-11 19:03 . 2011-11-01 07:07 8192 ----a-w- c:winxpsystem32driversusbser_lowerfltj.sys 2012-08-11 19:03 . 2011-11-01 07:07 8192 ----a-w- c:winxpsystem32driversusbser_lowerflt.sys 2012-08-11 19:03 . 2011-11-01 07:07 23168 ----a-w- c:winxpsystem32driversccdcmbo.sys 2012-08-11 19:03 . 2011-11-01 07:07 1461992 ----a-w- c:winxpsystem32wdfcoinstaller01009.dll 2012-08-11 19:03 . 2011-11-01 07:07 18176 ----a-w- c:winxpsystem32driversccdcmb.sys 2012-08-11 19:03 . 2011-11-01 07:07 605696 ----a-w- c:winxpsystem32nmwcdcocls.dll 2012-08-11 19:03 . 2011-11-01 07:07 123904 ----a-w- c:winxpsystem32ccdcmbwu.dll 2012-08-11 19:02 . 2012-08-11 19:02 -------- d-----w- c:program filesMSXML 6.0 2012-08-11 19:02 . 2009-07-13 15:16 16896 ----a-w- c:winxpsystem32winusb.dll 2012-08-11 19:02 . 2009-07-13 13:51 34944 ----a-w- c:winxpsystem32driverswinusb.sys 2012-08-11 19:02 . 2012-08-12 12:39 -------- d-----w- c:program filesCommon FilesNokia 2012-08-11 07:18 . 2012-08-11 07:18 -------- d-----w- C:col1832 2012-08-11 07:14 . 2012-08-11 07:14 -------- d-----w- c:program filesDIFX 2012-08-09 18:27 . 2012-08-09 18:27 -------- d-----w- c:documents and settingsErhanApplication DataFoxit Software 2012-08-09 10:38 . 2012-08-09 10:38 -------- d-----w- c:program filesRocketDock 2012-07-31 13:20 . 2012-07-31 13:21 -------- d-----w- c:documents and settingsAll UsersApplication DataVIVACOM 3G USB Modem 2012-07-31 13:20 . 2008-11-07 15:55 16928 ------w- c:winxpsystem32spmsgXP_2k3.dll 2012-07-31 13:20 . 2012-07-31 13:20 28672 ----a-w- c:winxpsystem32driversusbccid.sys 2012-07-31 13:20 . 2012-07-31 13:20 1112288 ----a-w- c:winxpsystem32wdfcoinstaller01007.dll 2012-07-31 13:20 . 2012-07-31 13:20 1112288 ----a-w- c:winxpsystem32driversWdfCoInstaller01007.dll 2012-07-31 13:19 . 2012-08-03 09:25 -------- d-----w- c:documents and settingsAll UsersApplication DataDatacardService 2012-07-31 13:19 . 2008-04-13 19:15 32128 -c--a-w- c:winxpsystem32dllcacheusbccgp.sys 2012-07-31 13:19 . 2008-04-13 19:15 32128 ----a-w- c:winxpsystem32driversusbccgp.sys 2012-07-29 12:36 . 2012-07-31 10:13 66872 ----a-w- c:winxpsystem32PnkBstrA.exe 2012-07-29 12:35 . 2012-08-19 08:29 22328 ----a-w- c:winxpsystem32driversPnkBstrK.sys 2012-07-29 11:44 . 2012-08-19 08:29 103736 ----a-w- c:winxpsystem32PnkBstrB.exe 2012-07-29 11:41 . 2012-07-29 11:41 -------- d-----w- c:winxpsystem32LogFiles 2012-07-27 11:19 . 2012-07-27 11:19 -------- d-----w- c:documents and settingsErhanApplication DataMedia Player Classic 2012-07-27 08:44 . 2003-11-10 15:13 69715 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32ctor.dll 2012-07-27 08:44 . 2003-11-10 15:12 266240 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32iscript.dll 2012-07-27 08:44 . 2003-11-10 15:12 192512 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32iuser.dll 2012-07-27 08:44 . 2003-11-10 15:11 5632 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32DotNetInstaller.exe 2012-07-27 08:44 . 2003-11-10 15:14 729088 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32iKernel.dll 2012-07-27 08:44 . 2012-07-27 08:44 311428 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32setup.dll 2012-07-27 08:44 . 2012-07-27 08:44 188548 ----a-w- c:program filesCommon FilesInstallShieldProfessionalRunTime0901Intel32iGdi.dll 2012-07-26 10:44 . 2012-07-26 10:44 -------- d-----w- c:program filesTunatic 2012-07-24 11:37 . 2008-04-14 09:00 26624 ----a-w- c:documents and settingsLocalServiceApplication DataMicrosoftUPnP Device Hostupnphostudhisapi.dll 2012-07-24 11:25 . 2012-07-24 11:25 -------- d-----w- c:documents and settingsErhanLocal SettingsApplication DataThinstall 2012-07-24 11:25 . 2012-07-24 11:25 -------- d-----w- c:documents and settingsErhanApplication DataThinstall 2012-07-24 09:27 . 2012-07-24 09:27 -------- d-----w- c:program filesXviD 2012-07-24 09:18 . 2012-07-21 09:54 122880 ----a-w- c:winxpsystem32AC3ACM.acm 2012-07-24 09:18 . 2012-07-21 09:53 294912 ----a-w- c:winxpsystem32AACACM.acm 2012-07-24 09:17 . 2007-06-03 11:58 7168 ----a-w- c:winxpsystemvdremote.dll 2012-07-24 09:17 . 2007-06-03 11:58 5120 ----a-w- c:winxpsystemvdsvrlnk.dll 2012-07-24 08:21 . 2012-07-24 08:21 -------- d-----w- c:documents and settingsErhanApplication DataABCMedia 2012-07-21 20:53 . 2012-07-21 20:53 -------- d-----w- c:winxpDatecs 2012-07-21 20:53 . 2000-10-18 21:03 28672 ----a-w- c:winxpsystem32newdll.dll 2012-07-21 20:53 . 1999-12-07 11:00 6416 ----a-w- c:winxpsystem32kbdbp.Dll 2012-07-21 20:53 . 1999-11-18 07:04 7440 ----a-w- c:winxpsystem32KBDDLL.DLL 2012-07-21 20:53 . 1999-11-11 15:47 6416 ----a-w- c:winxpsystem32kbdinori.Dll 2012-07-21 20:53 . 1999-11-11 15:47 6416 ----a-w- c:winxpsystem32kbdinasa.Dll 2012-07-21 20:53 . 1999-11-11 15:47 6928 ----a-w- c:winxpsystem32kbdhebx.Dll 2012-07-21 20:53 . 1997-04-03 23:00 8992 ----a-w- c:winxpsystem32KBDBPH.dLL . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-08-15 14:23 . 2012-07-14 18:58 426184 ----a-w- c:winxpsystem32FlashPlayerApp.exe 2012-08-15 14:23 . 2012-07-14 18:58 70344 ----a-w- c:winxpsystem32FlashPlayerCPLApp.cpl 2012-08-13 06:01 . 2012-07-18 12:08 81920 ----a-w- c:winxpALCFDRTM.VER 2012-07-18 12:08 . 2012-07-18 12:08 81920 ----a-w- c:winxpALCFDRTM.EXE 2012-07-18 09:29 . 2012-07-18 09:29 242240 ----a-w- c:winxpsystem32driversdtsoftbus01.sys 2012-07-14 18:52 . 2012-07-14 18:52 315392 ----a-w- c:winxpHideWin.exe 2012-06-09 17:21 . 2012-07-18 13:30 178688 ----a-w- c:winxpsystem32unrar.dll 2012-07-19 08:40 . 2012-07-14 18:46 136672 ----a-w- c:program filesmozilla firefoxcomponentsbrowsercomps.dll . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun] "DAEMON Tools Lite"="c:program filesDAEMON Tools LiteDTLite.exe" [2012-04-17 3671872] "RocketDock"="c:program filesRocketDockRocketDock.exe" [2007-09-02 495616] . [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun] "nwiz"="c:program filesNVIDIA CorporationnViewnwiz.exe" [2010-08-18 1753192] "NvMediaCenter"="c:winxpsystem32NvMcTray.dll" [2010-08-19 110696] "NvCplDaemon"="c:winxpsystem32NvCpl.dll" [2010-08-19 13925480] "SoundMan"="SOUNDMAN.EXE" [2006-07-21 86016] "AlcWzrd"="ALCWZRD.EXE" [2006-05-04 2808832] "Malwarebytes' Anti-Malware"="c:program filesMalwarebytes' Anti-Malwarembamgui.exe" [2012-07-03 462920] . c:documents and settingsAll UsersStart MenuProgramsStartup FlexType 2K.lnk - c:winxpDatecsFlex2K.exe [2012-7-21 130048] . [HKEY_LOCAL_MACHINESYSTEMCurrentControlSetControlSafeBootMinimalWdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINEsoftwaremicrosoftsecurity center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofile] "EnableFirewall"= 0 (0x0) . [HKLM~servicessharedaccessparametersfirewallpolicystandardprofileAuthorizedApplicationsList] "%windir%Network Diagnosticxpnetdiag.exe"= "%windir%system32sessmgr.exe"= "c:Program FilesuTorrentuTorrent.exe"= "c:Program FilesSkypePhoneSkype.exe"= . R0 DSFKSVCS;Kernel Services for DSF;c:winxpsystem32driversdsfksvcs.sys [2/8/2010 21:52 479992] R0 dsfroot;root enumerated bus driver;c:winxpsystem32driversdsfroot.sys [2/8/2010 21:52 31608] R0 SymDS;Symantec Data Store;c:winxpsystem32driversNAV1207010.003symds.sys [8/20/2012 09:10 340088] R0 SymEFA;Symantec Extended File Attributes;c:winxpsystem32driversNAV1207010.003symefa.sys [8/20/2012 09:10 744568] R1 BHDrvx86;BHDrvx86;c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NAV_18.6.0.29DefinitionsBASHDefs20120803.001BHDrvx86.sys [8/3/2012 01:44 821920] R1 dk12drv;DK12 WindowsNT Driver;c:winxpsystem32driversdk12drv.sys [8/12/2012 15:18 17336] R1 DK25DRV;DK25 DESkey Driver;c:winxpsystem32driversDK25DRV.SYS [8/12/2012 15:25 7648] R1 dk2drv;DK2 WindowsNT Driver;c:winxpsystem32driversdk2drv.sys [8/11/2012 22:04 49720] R1 DK47DRV;DK47 DESkey Driver;c:winxpsystem32driversDK47DRV.SYS [8/12/2012 15:25 16896] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:winxpsystem32driversdtsoftbus01.sys [7/18/2012 12:29 242240] R1 SymIRON;Symantec Iron Driver;c:winxpsystem32driversNAV1207010.003ironx86.sys [8/20/2012 09:10 136312] R2 MBAMService;MBAMService;c:program filesMalwarebytes' Anti-Malwarembamservice.exe [8/20/2012 17:03 655944] R2 NAV;Norton AntiVirus;c:program filesNorton AntiVirusEngine18.7.1.3ccsvchst.exe [8/20/2012 09:10 130008] R3 EraserUtilRebootDrv;EraserUtilRebootDrv;c:program filesCommon FilesSymantec SharedEENGINEEraserUtilRebootDrv.sys [8/19/2012 17:54 106656] R3 HRMCFGSPC;DSF General Configuration Space Redirection Module;c:winxpsystem32drivershrmcfgspc.sys [2/8/2010 21:52 92664] R3 IDSxpx86;IDSxpx86;c:documents and settingsAll UsersApplication DataNorton{0C55C096-0F1D-4F28-AAA2-85EF591126E7}NAV_18.6.0.29DefinitionsIPSDefs20120817.001IDSXpx86.sys [8/17/2012 06:13 369632] R3 MBAMProtector;MBAMProtector;c:winxpsystem32driversmbam.sys [8/20/2012 17:03 22344] R3 softehci;Microsoft USB 2.0 Enhanced Host Controller Interface (EHCI) Simulator Driver";c:winxpsystem32driverssoftehci.sys [7/18/2012 12:47 238720] R3 usbehci_dsf;Microsoft DSF-enabled USB 2.0 Enhanced Host Controller Interface (EHCI) Miniport Driver;c:winxpsystem32driversusbehci_dsf.sys [7/18/2012 12:47 27776] S2 gupdate;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdate);c:program filesGoogleUpdateGoogleUpdate.exe [8/19/2012 16:12 136176] S2 SkypeUpdate;Skype Updater;c:program filesSkypeUpdaterUpdater.exe [7/13/2012 13:28 160944] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:winxpsystem32MacromedFlashFlashPlayerUpdateService.exe [7/14/2012 21:58 250056] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:program filesFinalWireAIDA64 Extreme Editionkerneld.x32 [7/14/2012 21:31 29336] S3 GGSAFERDriver;GGSAFER Driver;??c:program filesGarena PlusRoomsafedrv.sys --> c:program filesGarena PlusRoomsafedrv.sys [?] S3 gupdatem;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdatem);c:program filesGoogleUpdateGoogleUpdate.exe [8/19/2012 16:12 136176] S3 HRMACPI;DSF ACPI Redirection Module;c:winxpsystem32DRIVERSHRMACPI.SYS --> c:winxpsystem32DRIVERSHRMACPI.SYS [?] S3 HRMINTS;DSF Interrupt Redirection Module;c:winxpsystem32drivershrmints.sys [2/8/2010 21:52 89976] S3 HRMPORTS;DSF IO Port Redirection Module;c:winxpsystem32drivershrmports.sys [2/8/2010 21:53 103160] S3 huawei_cdcacm;huawei_cdcacm;c:winxpsystem32DRIVERSew_jucdcacm.sys --> c:winxpsystem32DRIVERSew_jucdcacm.sys [?] S3 huawei_enumerator;huawei_enumerator;c:winxpsystem32DRIVERSew_jubusenum.sys --> c:winxpsystem32DRIVERSew_jubusenum.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:program filesMozilla Maintenance Servicemaintenanceservice.exe [7/14/2012 21:46 113120] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:winxpsystem32driversnmwcdnsu.sys [8/11/2012 22:03 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:winxpsystem32driversnmwcdnsuc.sys [8/11/2012 22:03 8576] S3 SOFTHIDUSBK;USB HID Layer;c:winxpsystem32driverssofthidusbk.sys [7/18/2012 12:47 148864] S3 SOFTUSBK;Generic USB device;c:winxpsystem32driverssoftusbk.sys [7/18/2012 12:47 475648] S3 SOFTUSBTESTHUB;Generic USB Test Hub;c:winxpsystem32DRIVERSSOFTUSBTESTHUB.SYS --> c:winxpsystem32DRIVERSSOFTUSBTESTHUB.SYS [?] S3 SOFTWADP;Wireless adapter devices;c:winxpsystem32DRIVERSSOFTWADP.SYS --> c:winxpsystem32DRIVERSSOFTWADP.SYS [?] S3 WSOFTUSBK;Generic wireless USB device;c:winxpsystem32DRIVERSWSOFTUSBK.SYS --> c:winxpsystem32DRIVERSWSOFTUSBK.SYS [?] . Contents of the 'Scheduled Tasks' folder . 2012-08-20 c:winxpTasksAdobe Flash Player Updater.job - c:winxpsystem32MacromedFlashFlashPlayerUpdateService.exe [2012-07-14 14:23] . 2012-08-20 c:winxpTasksGoogleUpdateTaskMachineCore.job - c:program filesGoogleUpdateGoogleUpdate.exe [2012-08-19 13:12] . 2012-08-20 c:winxpTasksGoogleUpdateTaskMachineUA.job - c:program filesGoogleUpdateGoogleUpdate.exe [2012-08-19 13:12] . . ------- Supplementary Scan ------- . TCP: DhcpNameServer = 84.54.128.6 84.54.128.8 FF - ProfilePath - c:documents and settingsErhanApplication DataMozillaFirefoxProfilesmmmh68jt.default FF - prefs.js: browser.startup.homepage - google.bg . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-08-20 17:54 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINESystemControlSet001ServicesNAV] "ImagePath"=""c:program filesNorton AntiVirusEngine18.7.1.3ccSvcHst.exe" /s "NAV" /m "c:program filesNorton AntiVirusEngine18.7.1.3diMaster.dll" /prefetch:1" . [HKEY_LOCAL_MACHINESystemControlSet001ServicesDSFKSVCSMofImagePath] . . [HKEY_LOCAL_MACHINESystemControlSet001ServicesAIDA64Driver] "ImagePath"="??c:program filesFinalWireAIDA64 Extreme Editionkerneld.x32" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(2492) c:winxpsystem32WININET.dll c:winxpsystem32ieframe.dll c:winxpsystem32webcheck.dll c:winxpsystem32wpdshserviceobj.dll c:winxpsystem32portabledevicetypes.dll c:winxpsystem32portabledeviceapi.dll . Completion time: 2012-08-20 17:55:38 ComboFix-quarantined-files.txt 2012-08-20 14:55 . Pre-Run: 7,200,788,480 bytes free Post-Run: 7,385,034,752 bytes free . - - End Of File - - C669867BB4F6654FA8EE1EE7CFA55DAD Това са всички логове Надявам се да откриете нещо , което да ми помогне за проблема
  8. Пробвах , но не стана . Свободното ми място в картата е непроменено откакто ми изчезнаха снимките , не са се изтрили със сигурност . Мене дори в телефона не ми показва снимките , не е от антивирусната .....
  9. Здравейте . Имам следния проблем - наскоро бях си направил няколко снимки със моя телефон.Реших да си ги кача на компютъра да видя какво е станало , в следващия момент компютъра ми заби , и извадих УСБ кабела и пак го пъхнах . След като го пъхнах всичките ми снимки бяха изчезнали на тяхно място имаше само няколко картинки и 2 файла със загадачни имена : DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by Erhan at 17:37:04 on 2012-08-19 Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.1022.466 [GMT 3:00] . AV: Norton AntiVirus *Disabled/Updated* {E10A9785-9598-4754-B552-92431C1C35F8} . ============== Running Processes ================ . C:\WINXP\system32\nvsvc32.exe C:\WINXP\system32\spoolsv.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\RUNDLL32.EXE C:\WINXP\SOUNDMAN.EXE C:\WINXP\ALCWZRD.EXE C:\WINXP\system32\ctfmon.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINXP\Datecs\Flex2K.exe C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe C:\WINXP\system32\PnkBstrA.exe C:\WINXP\System32\alg.exe C:\WINXP\system32\wscntfy.exe C:\Program Files\Norton AntiVirus\Engine\18.6.0.29\ccSvcHst.exe C:\WINXP\system32\wbem\wmiprvse.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINXP\system32\wbem\wmiprvse.exe C:\WINXP\System32\svchost.exe -k netsvcs C:\WINXP\system32\svchost.exe -k NetworkService C:\WINXP\system32\svchost.exe -k LocalService C:\WINXP\system32\svchost.exe -k LocalService . ============== Pseudo HJT Report =============== . BHO: Symantec Intrusion Prevention: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - c:\program files\norton antivirus\engine\18.6.0.29\ips\IPSBHO.dll uRun: [ctfmon.exe] c:\winxp\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [RocketDock] "c:\program files\rocketdock\RocketDock.exe" mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet mRun: [NvMediaCenter] RUNDLL32.EXE c:\winxp\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\winxp\system32\NvCpl.dll,NvStartup mRun: [SoundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [Alcmtr] ALCMTR.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\flexty~1.lnk - c:\winxp\datecs\Flex2K.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 84.54.128.6 84.54.128.8 TCP: Interfaces\{919AE5D8-7387-43EA-8A71-FD18631E1823} : DHCPNameServer = 84.54.128.6 84.54.128.8 SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winxp\system32\wpdshserviceobj.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\erhan\application data\mozilla\firefox\profiles\mmmh68jt.default\ FF - prefs.js: browser.startup.homepage - google.bg FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\winxp\system32\macromed\flash\NPSWF32_11_3_300_271.dll . ============= SERVICES / DRIVERS =============== . R0 DSFKSVCS;Kernel Services for DSF;c:\winxp\system32\drivers\dsfksvcs.sys [2010-2-8 479992] R0 dsfroot;root enumerated bus driver;c:\winxp\system32\drivers\dsfroot.sys [2010-2-8 31608] R0 SymDS;Symantec Data Store;c:\winxp\system32\drivers\nav\1206000.01d\SymDS.sys [2012-8-19 340088] R0 SymEFA;Symantec Extended File Attributes;c:\winxp\system32\drivers\nav\1206000.01d\SymEFA.sys [2012-8-19 744568] R1 BHDrvx86;BHDrvx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\bashdefs\20110415.001\BHDrvx86.sys [2012-8-19 802936] R1 dk12drv;DK12 WindowsNT Driver;c:\winxp\system32\drivers\dk12drv.sys [2012-8-12 17336] R1 DK25DRV;DK25 DESkey Driver;c:\winxp\system32\drivers\DK25DRV.SYS [2012-8-12 7648] R1 dk2drv;DK2 WindowsNT Driver;c:\winxp\system32\drivers\dk2drv.sys [2012-8-11 49720] R1 DK47DRV;DK47 DESkey Driver;c:\winxp\system32\drivers\DK47DRV.SYS [2012-8-12 16896] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\winxp\system32\drivers\dtsoftbus01.sys [2012-7-18 242240] R1 SymIRON;Symantec Iron Driver;c:\winxp\system32\drivers\nav\1206000.01d\Ironx86.sys [2012-8-19 136312] R2 NAV;Norton AntiVirus;c:\program files\norton antivirus\engine\18.6.0.29\ccSvcHst.exe [2012-8-19 130008] R3 HRMCFGSPC;DSF General Configuration Space Redirection Module;c:\winxp\system32\drivers\hrmcfgspc.sys [2010-2-8 92664] R3 IDSxpx86;IDSxpx86;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\ipsdefs\20110330.001\IDSXpx86.sys [2012-8-19 341944] R3 NAVENG;NAVENG;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\virusdefs\20110418.018\NAVENG.SYS [2012-8-19 86136] R3 NAVEX15;NAVEX15;c:\documents and settings\all users\application data\norton\{0c55c096-0f1d-4f28-aaa2-85ef591126e7}\nav_18.6.0.29\definitions\virusdefs\20110418.018\NAVEX15.SYS [2012-8-19 1393144] R3 softehci;Microsoft USB 2.0 Enhanced Host Controller Interface (EHCI) Simulator Driver";c:\winxp\system32\drivers\softehci.sys [2012-7-18 238720] R3 usbehci_dsf;Microsoft DSF-enabled USB 2.0 Enhanced Host Controller Interface (EHCI) Miniport Driver;c:\winxp\system32\drivers\usbehci_dsf.sys [2012-7-18 27776] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-8-19 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\winxp\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-7-14 250056] S3 AIDA64Driver;FinalWire AIDA64 Kernel Driver;c:\program files\finalwire\aida64 extreme edition\kerneld.x32 [2012-7-14 29336] S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?] S3 gupdatem;Ус»уі° Ѕ° Google рєту°»ё·°цёя (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-8-19 136176] S3 HRMACPI;DSF ACPI Redirection Module;c:\winxp\system32\drivers\hrmacpi.sys --> c:\winxp\system32\drivers\HRMACPI.SYS [?] S3 HRMINTS;DSF Interrupt Redirection Module;c:\winxp\system32\drivers\hrmints.sys [2010-2-8 89976] S3 HRMPORTS;DSF IO Port Redirection Module;c:\winxp\system32\drivers\hrmports.sys [2010-2-8 103160] S3 huawei_cdcacm;huawei_cdcacm;c:\winxp\system32\drivers\ew_jucdcacm.sys --> c:\winxp\system32\drivers\ew_jucdcacm.sys [?] S3 huawei_enumerator;huawei_enumerator;c:\winxp\system32\drivers\ew_jubusenum.sys --> c:\winxp\system32\drivers\ew_jubusenum.sys [?] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-7-14 113120] S3 nmwcdnsu;Nokia USB Flashing Phone Parent;c:\winxp\system32\drivers\nmwcdnsu.sys [2012-8-11 137600] S3 nmwcdnsuc;Nokia USB Flashing Generic;c:\winxp\system32\drivers\nmwcdnsuc.sys [2012-8-11 8576] S3 SOFTHIDUSBK;USB HID Layer;c:\winxp\system32\drivers\softhidusbk.sys [2012-7-18 148864] S3 SOFTUSBK;Generic USB device;c:\winxp\system32\drivers\softusbk.sys [2012-7-18 475648] S3 SOFTUSBTESTHUB;Generic USB Test Hub;c:\winxp\system32\drivers\softusbtesthub.sys --> c:\winxp\system32\drivers\SOFTUSBTESTHUB.SYS [?] S3 SOFTWADP;Wireless adapter devices;c:\winxp\system32\drivers\softwadp.sys --> c:\winxp\system32\drivers\SOFTWADP.SYS [?] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 WSOFTUSBK;Generic wireless USB device;c:\winxp\system32\drivers\wsoftusbk.sys --> c:\winxp\system32\drivers\WSOFTUSBK.SYS [?] . =============== Created Last 30 ================ . 2012-08-19 14:21:42 -------- d-----w- c:\program files\NortonInstaller 2012-08-19 14:21:21 -------- d-----w- c:\documents and settings\all users\application data\NortonInstaller 2012-08-19 14:11:21 -------- d-----w- c:\documents and settings\erhan\application data\Zbshareware Lab 2012-08-19 14:11:21 -------- d-----w- c:\documents and settings\all users\application data\Zbshareware Lab 2012-08-19 14:10:55 -------- d-----w- c:\program files\USB Disk Security 2012-08-19 13:35:07 -------- d-----w- c:\documents and settings\erhan\application data\Malwarebytes 2012-08-19 13:34:56 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2012-08-19 13:12:00 -------- d-----w- c:\documents and settings\erhan\local settings\application data\Google 2012-08-19 13:11:08 -------- d-----w- c:\program files\AVAST Software 2012-08-19 13:11:08 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-08-12 13:25:28 -------- d-----w- c:\program files\NKSL3Logger 2012-08-12 12:37:41 -------- d-----w- c:\program files\Nokia 2012-08-12 12:25:48 49152 ------w- c:\winxp\system32\DK47DRV.DLL 2012-08-12 12:25:48 18652 ------w- c:\winxp\system32\DK47WN32.DLL 2012-08-12 12:25:48 16896 ------w- c:\winxp\system32\drivers\DK47DRV.SYS 2012-08-12 12:25:48 15872 ------w- c:\winxp\system32\DK47WN16.DLL 2012-08-12 12:25:43 212992 ----a-w- c:\winxp\IsUninst.exe 2012-08-12 12:25:25 7648 ----a-w- c:\winxp\system32\drivers\DK25DRV.SYS 2012-08-12 12:25:25 6144 ----a-w- c:\winxp\system32\DK25VDD.DLL 2012-08-12 12:25:25 25600 ----a-w- c:\winxp\system32\DK25DRV.DLL 2012-08-12 12:25:25 14848 ----a-w- c:\winxp\system32\DK25WN16.DLL 2012-08-12 12:25:25 13824 ----a-w- c:\winxp\system32\DK25WN32.DLL 2012-08-12 12:25:09 299008 ----a-w- c:\winxp\uninst.exe 2012-08-12 12:24:35 -------- d-----w- c:\documents and settings\erhan\WINDOWS 2012-08-12 12:18:24 948784 ----a-w- c:\winxp\system32\DK12INST.DLL 2012-08-12 12:18:24 18432 ----a-w- c:\winxp\system32\DK12WN16.DLL 2012-08-12 12:18:24 17592 ----a-w- c:\winxp\system32\drivers\dk12usb.sys 2012-08-12 12:18:24 17336 ----a-w- c:\winxp\system32\drivers\dk12drv.sys 2012-08-12 12:18:24 109368 ----a-w- c:\winxp\system32\DK12WN32.DLL 2012-08-12 12:18:20 77824 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\ctor.dll 2012-08-12 12:18:20 32768 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\objectps.dll 2012-08-12 12:18:20 225280 ----a-w- c:\program files\common files\installshield\iscript\iscript.dll 2012-08-12 12:18:20 176128 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\iuser.dll 2012-08-12 12:18:19 614532 ----a-w- c:\program files\common files\installshield\engine\6\intel 32\IKernel.exe 2012-08-12 12:14:46 44544 ------w- c:\winxp\system32\msxml4a.dll 2012-08-12 12:14:34 696320 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iKernel.dll 2012-08-12 12:14:34 57344 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\ctor.dll 2012-08-12 12:14:34 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\DotNetInstaller.exe 2012-08-12 12:14:34 237568 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iscript.dll 2012-08-12 12:14:34 155648 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iuser.dll 2012-08-12 12:14:33 282756 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\setup.dll 2012-08-12 12:14:33 163972 ----a-w- c:\program files\common files\installshield\professional\runtime\0701\intel32\iGdi.dll 2012-08-12 12:08:44 90624 ----a-w- c:\winxp\system32\nmwcdcls.dll 2012-08-12 12:07:38 35892 ----a-w- c:\winxp\system32\SER9PL.sys 2012-08-12 12:07:38 26719 ----a-w- c:\winxp\system32\SERSPL.VXD 2012-08-12 11:44:02 -------- d-----w- C:\windows 2012-08-12 11:01:27 -------- d-----w- c:\documents and settings\erhan\local settings\application data\Help 2012-08-12 10:17:24 32377 ----a-w- c:\winxp\system32\drivers\prodigy.sys 2012-08-12 10:17:19 -------- d-----w- c:\program files\NSS 2012-08-12 10:17:13 -------- d-----w- c:\program files\ODEON 2012-08-11 19:25:33 26112 -c--a-w- c:\winxp\system32\dllcache\usbser.sys 2012-08-11 19:25:33 26112 ----a-w- c:\winxp\system32\drivers\usbser.sys 2012-08-11 19:11:47 -------- d-----w- c:\documents and settings\all users\application data\Nokia 2012-08-11 19:03:37 -------- d-----w- c:\winxp\Downloaded Installations 2012-08-11 19:03:12 8576 ----a-w- c:\winxp\system32\drivers\nmwcdnsuc.sys 2012-08-11 19:03:12 137600 ----a-w- c:\winxp\system32\drivers\nmwcdnsu.sys 2012-08-11 19:03:11 8192 ----a-w- c:\winxp\system32\drivers\usbser_lowerfltj.sys 2012-08-11 19:03:10 8192 ----a-w- c:\winxp\system32\drivers\usbser_lowerflt.sys 2012-08-11 19:03:09 23168 ----a-w- c:\winxp\system32\drivers\ccdcmbo.sys 2012-08-11 19:03:08 605696 ----a-w- c:\winxp\system32\nmwcdcocls.dll 2012-08-11 19:03:08 18176 ----a-w- c:\winxp\system32\drivers\ccdcmb.sys 2012-08-11 19:03:08 1461992 ----a-w- c:\winxp\system32\wdfcoinstaller01009.dll 2012-08-11 19:03:08 123904 ----a-w- c:\winxp\system32\ccdcmbwu.dll 2012-08-11 19:02:35 -------- d-----w- c:\program files\MSXML 6.0 2012-08-11 19:02:22 34944 ----a-w- c:\winxp\system32\drivers\winusb.sys 2012-08-11 19:02:22 16896 ----a-w- c:\winxp\system32\winusb.dll 2012-08-11 19:02:16 -------- d-----w- c:\program files\common files\Nokia 2012-08-11 07:18:10 -------- d-----w- C:\col1832 2012-08-09 18:27:19 -------- d-----w- c:\documents and settings\erhan\application data\Foxit Software 2012-08-09 10:38:45 -------- d-----w- c:\program files\RocketDock 2012-07-31 13:20:53 -------- d-----w- c:\documents and settings\all users\application data\VIVACOM 3G USB Modem 2012-07-31 13:20:28 16928 ------w- c:\winxp\system32\spmsgXP_2k3.dll 2012-07-31 13:20:20 28672 ----a-w- c:\winxp\system32\drivers\usbccid.sys 2012-07-31 13:20:20 1112288 ----a-w- c:\winxp\system32\wdfcoinstaller01007.dll 2012-07-31 13:20:20 1112288 ----a-w- c:\winxp\system32\drivers\WdfCoInstaller01007.dll 2012-07-31 13:19:44 -------- d-----w- c:\documents and settings\all users\application data\DatacardService 2012-07-31 13:19:31 32128 -c--a-w- c:\winxp\system32\dllcache\usbccgp.sys 2012-07-31 13:19:31 32128 ----a-w- c:\winxp\system32\drivers\usbccgp.sys 2012-07-29 12:36:26 66872 ----a-w- c:\winxp\system32\PnkBstrA.exe 2012-07-29 12:35:54 22328 ----a-w- c:\winxp\system32\drivers\PnkBstrK.sys 2012-07-29 11:44:10 103736 ----a-w- c:\winxp\system32\PnkBstrB.exe 2012-07-29 11:41:59 -------- d-----w- c:\winxp\system32\LogFiles 2012-07-27 08:44:08 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\ctor.dll 2012-07-27 08:44:08 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\DotNetInstaller.exe 2012-07-27 08:44:08 266240 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iscript.dll 2012-07-27 08:44:08 192512 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iuser.dll 2012-07-27 08:44:07 729088 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iKernel.dll 2012-07-27 08:44:02 311428 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\setup.dll 2012-07-27 08:44:02 188548 ----a-w- c:\program files\common files\installshield\professional\runtime\09\01\intel32\iGdi.dll 2012-07-26 10:44:02 -------- d-----w- c:\program files\Tunatic 2012-07-24 11:25:30 -------- d-----w- c:\documents and settings\erhan\local settings\application data\Thinstall 2012-07-24 11:25:30 -------- d-----w- c:\documents and settings\erhan\application data\Thinstall 2012-07-24 09:27:42 -------- d-----w- c:\program files\XviD 2012-07-24 09:18:57 122880 ----a-w- c:\winxp\system32\AC3ACM.acm 2012-07-24 09:18:38 294912 ----a-w- c:\winxp\system32\AACACM.acm 2012-07-24 09:17:45 7168 ----a-w- c:\winxp\system\vdremote.dll 2012-07-24 09:17:45 5120 ----a-w- c:\winxp\system\vdsvrlnk.dll 2012-07-24 08:21:16 -------- d-----w- c:\documents and settings\erhan\application data\ABCMedia 2012-07-21 20:53:17 8992 ----a-w- c:\winxp\system32\KBDBPH.dLL 2012-07-21 20:53:17 7440 ----a-w- c:\winxp\system32\KBDDLL.DLL 2012-07-21 20:53:17 6928 ----a-w- c:\winxp\system32\kbdhebx.Dll 2012-07-21 20:53:17 6416 ----a-w- c:\winxp\system32\kbdinori.Dll 2012-07-21 20:53:17 6416 ----a-w- c:\winxp\system32\kbdinasa.Dll 2012-07-21 20:53:17 6416 ----a-w- c:\winxp\system32\kbdbp.Dll 2012-07-21 20:53:17 28672 ----a-w- c:\winxp\system32\newdll.dll 2012-07-21 20:53:17 -------- d-----w- c:\winxp\Datecs 2012-07-21 07:50:20 -------- d-----w- c:\program files\Foxit Software . ==================== Find3M ==================== . 2012-08-19 14:22:43 60872 ----a-w- c:\winxp\system32\S32EVNT1.DLL 2012-08-19 14:22:43 126584 ----a-w- c:\winxp\system32\drivers\SYMEVENT.SYS 2012-08-15 14:23:04 70344 ----a-w- c:\winxp\system32\FlashPlayerCPLApp.cpl 2012-08-15 14:23:04 426184 ----a-w- c:\winxp\system32\FlashPlayerApp.exe 2012-08-13 06:01:20 81920 ----a-w- c:\winxp\ALCFDRTM.VER 2012-08-12 12:18:24 92984 ----a-w- c:\winxp\system32\dkcpanel.exe 2012-08-12 12:18:24 64312 ----a-w- c:\winxp\system32\vercp32.dll 2012-08-12 12:18:24 60216 ----a-w- c:\winxp\system32\DESkey32.cpl 2012-08-12 12:18:24 14856 ----a-w- c:\winxp\system32\drivers\dkpccard.sys 2012-08-12 12:18:24 11576 ----a-w- c:\winxp\system32\DKCLINST.DLL 2012-08-11 19:04:14 92984 ----a-w- c:\winxp\system32\DNClnt32.dll 2012-08-11 19:04:14 89400 ----a-w- c:\winxp\system32\DNCP32.DLL 2012-08-11 19:04:13 76600 ----a-w- c:\winxp\system32\dk2cp32.dll 2012-08-11 19:04:13 49720 ----a-w- c:\winxp\system32\drivers\dk2drv.sys 2012-08-11 19:04:13 32208 ----a-w- c:\winxp\system32\dk2win16.dll 2012-08-11 19:04:13 30520 ----a-w- c:\winxp\system32\DK2UInst.exe 2012-08-11 19:04:13 24488 ----a-w- c:\winxp\system32\dk2vdd.dll 2012-08-11 19:04:13 18360 ----a-w- c:\winxp\system32\drivers\DK2USB.sys 2012-08-11 19:04:12 2325304 ----a-w- c:\winxp\system32\DK2INST.DLL 2012-07-18 12:08:47 81920 ----a-w- c:\winxp\ALCFDRTM.EXE 2012-07-18 09:29:10 242240 ----a-w- c:\winxp\system32\drivers\dtsoftbus01.sys 2012-07-14 18:52:04 315392 ----a-w- c:\winxp\HideWin.exe 2012-07-14 18:26:01 234112 ----a-w- c:\winxp\system32\nvdrsdb0.bin 2012-07-14 18:26:01 1 ----a-w- c:\winxp\system32\nvdrssel.bin 2012-07-14 18:25:56 234112 ----a-w- c:\winxp\system32\nvdrsdb1.bin 2012-06-09 17:21:56 178688 ----a-w- c:\winxp\system32\unrar.dll . ============= FINISH: 17:42:32.06 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/14/2012 18:04:01 System Uptime: 8/19/2012 17:29:00 (0 hours ago) . Motherboard: Foxconn | | 915 7AD Series Processor: Intel(R) Pentium(R) 4 CPU 3.00GHz | Socket 478 | 3000/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 20 GiB total, 7.007 GiB free. D: is FIXED (NTFS) - 57 GiB total, 24.22 GiB free. E: is CDROM () F: is CDROM () G: is Removable H: is Removable . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Mass Storage Controller Device ID: PCI\VEN_1283&DEV_8212&SUBSYS_0C2D105B&REV_13\4&10355354&0&28F0 Manufacturer: Name: Mass Storage Controller PNP Device ID: PCI\VEN_1283&DEV_8212&SUBSYS_0C2D105B&REV_13\4&10355354&0&28F0 Service: . ==== System Restore Points =================== . RP27: 8/12/2012 14:24:39 - Installed Winlock5 RP28: 8/12/2012 15:02:10 - Removed PL-2303 USB-to-Serial RP29: 8/12/2012 15:05:39 - Removed Prince of Persia The Two Thrones RP30: 8/12/2012 15:06:07 - Removed Winlock5 RP31: 8/12/2012 15:07:38 - Installed PL-2303 USB-to-Serial RP32: 8/12/2012 15:14:46 - Installed Winlock5 RP33: 8/15/2012 10:02:39 - System Checkpoint RP34: 8/18/2012 09:35:37 - System Checkpoint RP35: 8/19/2012 15:54:04 - System Checkpoint RP36: 8/19/2012 16:11:08 - avast! Free Antivirus Инсталация RP37: 8/19/2012 17:19:23 - avast! Free Antivirus Инсталация . ==== Installed Programs ====================== . 3D Vision stereoplayer 12.4.18.0 AAC ACM Codec 1.9 AC-3 ACM Codec 2.2 Adobe Flash Player 11 Plugin AIDA64 Extreme Edition v2.50 BS.Player FREE DAEMON Tools Lite Device Simulation Framework 1.0.1 DK12 Drivers v2.4.0.6 DK2 DESkey Drivers v7.14.0.25 DK25 DESkey Device Driver DK47 DESkey Drivers DSF-KitSetup DVD Knife 4.0 DVDFab 8.1.9.6 (17/07/2012) Qt EAX4 Unified Redist FlexType 2K Foxit Reader Fuse Drivers Garena Garena Plus Google Chrome Google Update Helper GTA San Andreas K-Lite Codec Pack 9.0.2 (Full) Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Kernel-Mode Driver Framework Feature Pack 1.7 Microsoft Kernel-Mode Driver Framework Feature Pack 1.9 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox 14.0.1 (x86 bg) Mozilla Maintenance Service MSXML 6.0 Parser Need for Speed™ ProStreet NKSL3Logger Nokia 2730c RM-578 Gr.RUS_sw-10.45_v7.0 Nokia Connectivity Cable Driver Nokia Flashing Cable Driver Norton AntiVirus NSS (remove only) NVIDIA Display Control Panel NVIDIA Drivers NVIDIA nView Desktop Manager Phoenix Service Software Phoenix Service Software 2012.04.003.47798 PL-2303 USB-to-Serial Prince of Persia T2T Realtek High Definition Audio Driver RocketDock 1.3.5 Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB980195) SpeedFan (remove only) Street Racing Syndicate (TM) Tunatic Update for Microsoft Windows (KB971513) Update for Windows XP (KB2467659) Update for Windows XP (KB898461) WebFldrs XP Windows Driver Package - Hewlett-Packard hp scanjet 3600 series (01/17/2007 8.1.0.77) Winlock5 1.00.000 WinRAR 4.20 (32-bit) XviD Video Codec (remove only) µTorrent . ==== Event Viewer Messages From Past Week ======== . 8/19/2012 17:27:59, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Norton AntiVirus service, but this action failed with the following error: An instance of the service is already running. 8/19/2012 17:25:59, error: Service Control Manager [7031] - The Norton AntiVirus service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 120000 milliseconds: Restart the service. . ==== End Of File =========================== Ако може някой да ми помогне да си възтановя снимките много ще съм му благодарен . Надявам се да съм бил изчерпателен със обяснението на проблема ми , ако нешо друго е необходимо да се направи от моя страна , кажете ще го направя . Поздрави ....
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.