Премини към съдържанието

porata

Потребител
  • Публикации

    315
  • Регистрация

  • Последно онлайн

Всичко публикувано от porata

  1. Мисля че не успях да спра спай бота на време но все пак ето логовият файл вие ще прецените дали е станало п.с: Опитах се да изтрия спай бота и до голяма степен успях просто остана един файл който се казва сд-хелпер И като тръгна да го трия ми изписва ето това cannot delete sd:helper acces denied make sure disk is not full or write protected and that the file is not corently in use log.txt
  2. Значи свалих си програмата но нензнам нали коя програма да спра за това отворих сайтат но не разбирам много много от англ Затова ще попитам трябва ми регистрация за този сайт или мога и така да погледна информациата? А вие не бихте ли могли да ми подскажете коя програма да спра все пак мисля че знаете какви анти вирусни програми и блокиращи работи имам ;д А ми файлове които все едно са изчезнали и сега се възтановяват и до доста смисъл не са 1-2 повече са
  3. А извинете само да подчертая файлове които не ги бхя виждал от месеци можеби и от година се появиха отново ;д Това хубаво ли е или не ;д
  4. 1 во изклочително много ви благодаря за търпернието което проевихте и за помоща без която просто не бих могал да се справя в момента 2 ро Това лие файлат който трябва да кача от fix-a 02112011_155703.txt
  5. Добре ето файловете които е направила програмата дори може да видите в колко чеса са направени Ако има нещо друго искрено се извинявам просто не разбирам... Extras.Txt OTL.Txt
  6. Така и не разбрах това от горе в програмата ли да го сложа или не ? а кой точно файл от отл-то Защото мисля че качих отл.ехе? За този файл ли става дума ? OTL.Txt
  7. Извинявам се само да попитам че не разбрах от точка 2. Трябва да поставя тази информациа в самата програма с копи и пайст или просто след сканирането да я копитам и кача в сайта ? Results of screen317's Security Check version 0.99.8 Windows XP Service Pack 3 Internet Explorer 7 Out of date! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Enabled! WMI entry may not exist for antivirus; attempting automatic update. ``````````````````````````````` Anti-malware/Other Utilities Check: Malwarebytes' Anti-Malware TuneUp Utilities 2008 Adobe Flash Player 10.1.85.3 Mozilla Firefox (3.6.13) ```````````````````````````````` Process Check: objlist.exe by Laurent ``````````End of Log```````````` checkup.txt Extras.Txt
  8. Ок Лека и благодаря за помоща А само ако не те затруднявам нали утре флез само да погледнеш темата до каде е стигнала А иначе сега като ъпдейтнах програмата ми намери пак вируси ;д След малко ще кача пак логовият файл от програмата Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5735 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 11.2.2011 г. 02:01:01 mbam-log-2011-02-11 (02-01-01).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 174549 Time elapsed: 30 minute(s), 11 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 1 Files Infected: 7 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: (No malicious items detected) Registry Data Items Infected: (No malicious items detected) Folders Infected: c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013 (Worm.AutoRun.Gen) -> Quarantined and deleted successfully. Files Infected: c:\xdx.exe (Worm.Palevo) -> Quarantined and deleted successfully. c:\documents and settings\winXP\ms.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\winXP\local settings\temporary internet files\Content.IE5\C29HZDGK\ms[1].exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\winXP\local settings\temporary internet files\Content.IE5\C29HZDGK\udv[1].exe (Worm.Palevo) -> Quarantined and deleted successfully. c:\system volume information\_restore{3a7021a1-2d0b-4ca7-9ea7-9370ce104c39}\RP139\A0259427.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\system volume information\_restore{3a7021a1-2d0b-4ca7-9ea7-9370ce104c39}\RP139\A0260479.exe (Trojan.Agent) -> Quarantined and deleted successfully. c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\Desktop.ini (Worm.AutoRun.Gen) -> Quarantined and deleted successfully. Ето логовият файл след ъпдейта на програмата
  9. Само не разбрах това с паролата ифектед и ги качих така --- Качих файловете в линка към прекачения файл --- Благодаря - B-boy[styLe] Това е от attach.ext UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_10-12-12.02) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 13.7.2010 г. 14:36:38 System Uptime: 11.2.2011 г. 00:25:19 (0 hours ago) Motherboard: | | K7VT4APro Processor: AMD Duron | Socket-A | 1348/100mhz ==== Disk Partitions ========================= C: is FIXED (NTFS) - 20 GiB total, 2,796 GiB free. D: is FIXED (NTFS) - 19 GiB total, 6,131 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () H: is CDROM () I: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318} Description: VIA Compatable Fast Ethernet Adapter Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_30651849&REV_78\3&61AAA01&0&90 Manufacturer: VIA Technologies, Inc. Name: VIA Compatable Fast Ethernet Adapter PNP Device ID: PCI\VEN_1106&DEV_3065&SUBSYS_30651849&REV_78\3&61AAA01&0&90 Service: FETNDIS ==== System Restore Points =================== RP88: 05.12.2010 г. 06:54:58 - System Checkpoint RP89: 06.12.2010 г. 07:28:36 - System Checkpoint RP90: 07.12.2010 г. 15:06:01 - System Checkpoint RP91: 09.12.2010 г. 06:01:21 - System Checkpoint RP92: 10.12.2010 г. 13:44:08 - System Checkpoint RP93: 11.12.2010 г. 16:09:28 - System Checkpoint RP94: 12.12.2010 г. 18:29:57 - System Checkpoint RP95: 13.12.2010 г. 19:20:41 - System Checkpoint RP96: 14.12.2010 г. 20:08:59 - System Checkpoint RP97: 15.12.2010 г. 21:37:17 - System Checkpoint RP98: 17.12.2010 г. 04:45:24 - System Checkpoint RP99: 18.12.2010 г. 18:14:22 - System Checkpoint RP100: 19.12.2010 г. 18:20:36 - System Checkpoint RP101: 20.12.2010 г. 18:49:03 - System Checkpoint RP102: 21.12.2010 г. 18:52:36 - System Checkpoint RP103: 22.12.2010 г. 19:27:56 - System Checkpoint RP104: 23.12.2010 г. 19:54:39 - System Checkpoint RP105: 24.12.2010 г. 20:46:50 - System Checkpoint RP106: 26.12.2010 г. 06:17:08 - System Checkpoint RP107: 27.12.2010 г. 13:18:56 - System Checkpoint RP108: 29.12.2010 г. 14:05:18 - System Checkpoint RP109: 30.12.2010 г. 14:42:49 - System Checkpoint RP110: 31.12.2010 г. 15:31:11 - System Checkpoint RP111: 01.1.2011 г. 16:50:32 - System Checkpoint RP112: 02.1.2011 г. 21:36:48 - System Checkpoint RP113: 04.1.2011 г. 22:10:54 - System Checkpoint RP114: 05.1.2011 г. 23:04:30 - System Checkpoint RP115: 08.1.2011 г. 17:22:28 - System Checkpoint RP116: 09.1.2011 г. 18:23:22 - System Checkpoint RP117: 12.1.2011 г. 14:30:20 - System Checkpoint RP118: 14.1.2011 г. 05:19:17 - System Checkpoint RP119: 15.1.2011 г. 12:24:03 - System Checkpoint RP120: 16.1.2011 г. 16:32:22 - System Checkpoint RP121: 18.1.2011 г. 06:11:14 - System Checkpoint RP122: 19.1.2011 г. 14:14:37 - System Checkpoint RP123: 20.1.2011 г. 14:16:15 - System Checkpoint RP124: 21.1.2011 г. 18:28:37 - System Checkpoint RP125: 22.1.2011 г. 19:21:26 - System Checkpoint RP126: 24.1.2011 г. 17:58:01 - System Checkpoint RP127: 25.1.2011 г. 18:35:55 - System Checkpoint RP128: 27.1.2011 г. 06:23:17 - System Checkpoint RP129: 28.1.2011 г. 15:35:07 - System Checkpoint RP130: 29.1.2011 г. 16:12:32 - System Checkpoint RP131: 31.1.2011 г. 16:21:37 - System Checkpoint RP132: 02.2.2011 г. 16:26:22 - System Checkpoint RP133: 04.2.2011 г. 19:28:09 - System Checkpoint RP134: 05.2.2011 г. 20:53:16 - System Checkpoint RP135: 07.2.2011 г. 04:56:43 - System Checkpoint RP136: 09.2.2011 г. 07:37:27 - System Checkpoint RP137: 10.2.2011 г. 14:20:42 - System Checkpoint RP138: 10.2.2011 г. 22:07:14 - Installed Praetorians RP139: 10.2.2011 г. 22:10:20 - Installed LogMeIn Hamachi ==== Installed Programs ====================== Архиватор WinRAR µTorrent Adobe Acrobat 5.0 Adobe Flash Player 10 Plugin AIDA64 Extreme Edition v1.50 Browser Defender 2.0.6.11 C-Media 3D Audio Conduit Engine Counter-Strike Diablo II FIFA 07 Game Booster Garena 2010 K-Lite Codec Pack 5.0.0 (Standard) Malwarebytes' Anti-Malware Microsoft Office Professional Edition 2003 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Mozilla Firefox (3.6.13) MSXML 4.0 SP2 (KB941833) NVIDIA Drivers Skype™ 3.8 Steam TeamViewer 5 The KMPlayer 2.9.4.1434 TuneUp Utilities 2008 uTorrentBar Toolbar Warcraft III: All Products WebFldrs XP Winamp Windows Rights Management Client Backwards Compatibility SP2 Windows Rights Management Client with Service Pack 2 Worms World Party ==== Event Viewer Messages From Past Week ======== 11.2.2011 г. 00:30:13, error: Service Control Manager [7034] - The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s). 11.2.2011 г. 00:26:07, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 11.2.2011 г. 00:00:58, error: Service Control Manager [7034] - The Browser Defender Update Service service terminated unexpectedly. It has done this 1 time(s). 10.2.2011 г. 23:52:26, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 10.2.2011 г. 23:13:00, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 10.2.2011 г. 22:56:17, error: Service Control Manager [7034] - The LogMeIn Hamachi 2.0 Tunneling Engine service terminated unexpectedly. It has done this 1 time(s). 10.2.2011 г. 22:11:36, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0023C30543CC. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 10.2.2011 г. 22:11:06, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LogMeIn Hamachi 2.0 Tunneling Engine service to connect. 10.2.2011 г. 22:11:06, error: Service Control Manager [7000] - The LogMeIn Hamachi 2.0 Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10.2.2011 г. 22:11:02, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 0023C30543CC. The following error occurred: The operation was canceled by the user. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 10.2.2011 г. 22:10:43, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the LogMeIn Hamachi 2.0 Tunneling Engine service to connect. 10.2.2011 г. 22:10:43, error: Service Control Manager [7000] - The LogMeIn Hamachi 2.0 Tunneling Engine service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 10.2.2011 г. 21:49:45, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 10.2.2011 г. 18:30:58, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 10.2.2011 г. 15:18:00, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 10.2.2011 г. 07:22:41, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 10.2.2011 г. 01:24:04, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 09.2.2011 г. 19:20:09, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 09.2.2011 г. 07:20:10, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 09.2.2011 г. 01:11:24, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 08.2.2011 г. 22:10:11, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 08.2.2011 г. 07:27:14, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 08.2.2011 г. 07:25:55, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s). 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The Telephony service terminated unexpectedly. It has done this 1 time(s). 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s). 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 1 time(s). 08.2.2011 г. 00:32:12, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). 07.2.2011 г. 18:32:28, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 07.2.2011 г. 10:00:11, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 07.2.2011 г. 09:59:01, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 07.2.2011 г. 04:12:55, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 19:08:00, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 15:57:19, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 15:10:42, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 07:28:55, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 07:27:22, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Logical Disk Manager service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Fast User Switching Compatibility service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Error Reporting Service service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). 06.2.2011 г. 03:16:06, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 06.2.2011 г. 03:16:06, error: Service Control Manager [7031] - The Background Intelligent Transfer Service service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 06.2.2011 г. 03:12:55, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 06.2.2011 г. 00:51:47, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 05.2.2011 г. 21:53:57, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s). 05.2.2011 г. 21:53:57, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). 05.2.2011 г. 21:53:57, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 1 time(s). 05.2.2011 г. 21:53:57, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). 05.2.2011 г. 17:42:25, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 05.2.2011 г. 17:41:37, error: Dhcp [1001] - Your computer was not assigned an address from the network (by the DHCP Server) for the Network Card with network address 002127C581F0. The following error occurred: The semaphore timeout period has expired. . Your computer will continue to try and obtain an address on its own from the network address (DHCP) server. 05.2.2011 г. 17:37:59, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 05.2.2011 г. 07:23:41, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 05.2.2011 г. 01:28:09, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 04.2.2011 г. 20:13:52, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 04.2.2011 г. 18:07:31, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. 04.2.2011 г. 07:03:06, error: Service Control Manager [7023] - The System Center service terminated with the following error: The specified module could not be found. ==== End Of File =========================== А това е от dds.txt ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\RunDll32.exe C:\WINDOWS\system32\ctfmon.exe D:\Install\Ventrilo.exe C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\WINDOWS\explorer.exe C:\Documents and Settings\winXP\My Documents\Downloads\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://www.garena.com/ uURLSearchHooks: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll mWinlogon: Taskman=c:\recycler\r-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 5.0\reader\activex\AcroIEHelper.ocx BHO: PC Tools Browser Guard BHO: {2a0f3d1b-0909-4ff4-b272-609cce6054e7} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll BHO: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll BHO: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll BHO: JQSIEStartDetectorImpl: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - JQSIEStartDetectorImpl Class TB: uTorrentBar Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - c:\program files\utorrentbar\tbuTor.dll TB: Conduit Engine: {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\ConduitEngine.dll TB: PC Tools Browser Guard: {472734ea-242a-422b-adf8-83d1e48cc825} - c:\program files\spyware doctor\bdt\PCTBrowserDefender.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" uRun: [spybotSD TeaTimer] c:\program files\spybot - search & destroy\TeaTimer.exe mRun: [Cmaudio] "RunDll32" cmicnfg.cpl,CMICtrlWnd mRun: [NvCplDaemon] "RUNDLL32.EXE" c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] "nwiz.exe" /install mRun: [NvMediaCenter] "RunDLL32.exe" NvMCTray.dll,NvTaskbarInit mRun: [Microsoft Driver Setup] c:\windows\ggdrive32.exe mExplorerRun: [Microsoft Driver Setup] c:\windows\ggdrive32.exe StartupFolder: c:\docume~1\winxp\startm~1\programs\startup\my_aut~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe StartupFolder: c:\docume~1\winxp\startm~1\programs\startup\warkey~1.lnk - c:\program files\warkeys\autowarkey\autohotkey\AutoHotkey.exe IE: &Search - http://edits.myway.com/menusearch.jhtml?s=100000379&p=YI&si=&a=07762EBA-0A3D-4F40-A947-BEE7DE2F76CC&n=2010072906 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office11\EXCEL.EXE/3000 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office11\REFIEBAR.DLL IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\winxp\applic~1\mozilla\firefox\profiles\jv9j2wu0.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=ConduitEngine&SearchSource=3&q={searchTerms} FF - prefs.js: browser.search.selectedEngine - Conduit Engine Customized Web Search FF - prefs.js: browser.startup.homepage - hxxp://www.kaldata.com/forums/index.php?act=idx FF - prefs.js: keyword.URL - hxxp://vshare.toolbarhome.com/search.aspx?srch=ku&q= FF - component: c:\documents and settings\winxp\application data\mozilla\firefox\profiles\jv9j2wu0.default\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc}\components\RadioWMPCoreGecko19.dll FF - component: c:\documents and settings\winxp\application data\mozilla\firefox\profiles\jv9j2wu0.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Skype extension for Firefox: {B13721C7-F507-4982-B2E5-502A71474FED} - c:\program files\mozilla firefox\extensions\{B13721C7-F507-4982-B2E5-502A71474FED} FF - Ext: vShare Plugin: [email protected] - %profile%\extensions\[email protected] FF - Ext: Conduit Engine : [email protected] - %profile%\extensions\[email protected] FF - Ext: uTorrentBar Community Toolbar: {bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} - %profile%\extensions\{bf7380fa-e3b4-4db2-af3e-9d8783a45bfc} ============= SERVICES / DRIVERS =============== =============== Created Last 30 ================ 2011-02-10 22:24:15 709456 ----a-w- c:\windows\isRS-000.tmp 2011-02-10 22:15:32 -------- d-----w- c:\program files\Garena 2011-02-10 21:53:30 61440 ----a-w- c:\documents and settings\winxp\ms.exe 2011-02-10 21:52:50 40960 ----a-w- C:\xdx.exe 2011-02-10 21:46:57 -------- d-----w- c:\program files\Spybot - Search & Destroy 2011-02-10 21:46:57 -------- d-----w- c:\docume~1\alluse~1\applic~1\Spybot - Search & Destroy 2011-02-10 21:40:47 -------- d-----w- c:\docume~1\winxp\locals~1\applic~1\Threat Expert 2011-02-10 21:31:23 767952 ----a-w- c:\windows\BDTSupport.dll 2011-02-10 21:31:23 149456 ----a-w- c:\windows\SGDetectionTool.dll 2011-02-10 21:31:21 165840 ----a-w- c:\windows\PCTBDRes.dll 2011-02-10 21:31:21 1640400 ----a-w- c:\windows\PCTBDCore.dll 2011-02-10 21:31:11 233136 ----a-w- c:\windows\system32\drivers\pctgntdi.sys 2011-02-10 21:31:02 87784 ----a-w- c:\windows\system32\drivers\PCTAppEvent.sys 2011-02-10 21:31:02 207792 ----a-w- c:\windows\system32\drivers\PCTCore.sys 2011-02-10 21:30:52 70408 ----a-w- c:\windows\system32\drivers\pctplsg.sys 2011-02-10 21:30:40 -------- d-----w- c:\program files\Spyware Doctor 2011-02-10 21:30:40 -------- d-----w- c:\program files\common files\PC Tools 2011-02-10 21:30:40 -------- d-----w- c:\docume~1\winxp\applic~1\PC Tools 2011-02-10 21:30:40 -------- d-----w- c:\docume~1\alluse~1\applic~1\PC Tools 2011-02-10 20:50:18 61440 ----a-w- c:\windows\system32\58.exe 2011-02-10 20:38:31 61440 ----a-w- c:\windows\system32\56.exe 2011-02-10 20:29:34 61440 --sh--r- c:\windows\ggdrive32.exe 2011-02-10 20:29:24 61440 ----a-w- c:\windows\system32\10.exe 2011-02-10 20:10:52 -------- d-----w- c:\docume~1\winxp\locals~1\applic~1\LogMeIn Hamachi 2011-02-10 20:09:53 -------- d-----w- c:\program files\GameSpy Arcade 2011-02-07 14:06:02 -------- d-----w- c:\docume~1\winxp\applic~1\Auto-Joiner 2011-02-02 14:45:08 -------- d-----w- c:\program files\FinalWire ==================== Find3M ==================== 2010-12-18 00:04:34 21840 ----a-w- c:\windows\system32\SIntfNT.dll 2010-12-18 00:04:34 17212 ----a-w- c:\windows\system32\SIntf32.dll 2010-12-18 00:04:34 12067 ----a-w- c:\windows\system32\SIntf16.dll 2010-12-18 00:02:31 94208 ----a-w- c:\windows\DIIUnin.exe 2010-12-18 00:02:31 2829 ----a-w- c:\windows\DIIUnin.pif 2010-11-21 15:17:27 266240 ----a-w- c:\windows\CMIUninstall.exe 2010-11-21 15:17:27 225280 ----a-w- c:\windows\CmiRmRedundDir.exe 2010-11-21 15:17:21 306688 ----a-w- c:\windows\IsUninst.exe 2010-11-21 15:17:19 233472 ----a-w- c:\windows\system32\cmirmdrv.exe 2010-11-21 15:17:19 20480 ----a-w- c:\windows\system32\cliconfg.exe 2010-11-21 15:17:18 249856 ----a-w- c:\windows\system32\drmupgds.exe 2010-11-21 15:17:17 46592 ----a-w- c:\windows\system32\dxdllreg.exe 2010-11-21 15:17:16 425984 ----a-w- c:\windows\system32\keystone.exe 2010-11-21 15:17:14 51712 ----a-w- c:\windows\system32\migpwd.exe 2010-11-21 15:13:50 139264 ----a-w- c:\windows\War3Unin.exe 2010-11-21 14:15:56 355840 ----a-w- c:\windows\system32\TuneUpDefragService.exe 2010-11-21 14:15:56 1622016 ----a-w- c:\windows\system32\nwiz.exe ============= FINISH: 0:46:16,26 =============== Malware все още сканира след малко ще кача и неговиа логов файл Malwarebytes' Anti-Malware 1.50.1.1100 www.malwarebytes.org Database version: 5363 Windows 5.1.2600 Service Pack 3 Internet Explorer 7.0.5730.13 11.2.2011 г. 01:07:10 mbam-log-2011-02-11 (01-07-10).txt Scan type: Full scan (C:\|D:\|) Objects scanned: 169701 Time elapsed: 37 minute(s), 1 second(s) Memory Processes Infected: 1 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 3 Registry Data Items Infected: 3 Folders Infected: 0 Files Infected: 5 Memory Processes Infected: c:\WINDOWS\ggdrive32.exe (Backdoor.IRCBot) -> 544 -> Unloaded process successfully. Memory Modules Infected: (No malicious items detected) Registry Keys Infected: (No malicious items detected) Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Microsoft Driver Setup (Backdoor.IRCBot) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Microsoft Driver Setup (Backdoor.IRCBot) -> Value: Microsoft Driver Setup -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Agent) -> Value: Taskman -> Delete on reboot. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Taskman (Trojan.Autorun) -> Bad: (c:\RECYCLER\R-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe) Good: () -> Delete on reboot. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\AntiVirusDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (PUM.Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: c:\RECYCLER\r-1-5-21-1482476501-1644491937-682003330-1013\acleaner.exe (Trojan.Autorun) -> Delete on reboot. c:\documents and settings\networkservice\local settings\temporary internet files\Content.IE5\N7VGXCG2\udv[1].exe (Trojan.Autorun) -> Quarantined and deleted successfully. c:\documents and settings\winXP\local settings\temporary internet files\Content.IE5\0FB0MRHO\udv[1].exe (Trojan.Autorun) -> Quarantined and deleted successfully. c:\system volume information\_restore{3a7021a1-2d0b-4ca7-9ea7-9370ce104c39}\RP139\A0260480.exe (Trojan.Autorun) -> Quarantined and deleted successfully. c:\WINDOWS\ggdrive32.exe (Backdoor.IRCBot) -> Quarantined and deleted successfully. Логовиат файл от програмата и снимка на вирусите Сега какво да правя ? URL.txt
  10. 3начи свалих някакви работи от един сайт няма да го казвам щото ще е смешно в такъв сайт да има вируси Както и да е свалих си хамачи но след като рестартирах комп-ат усетих че нещо не е наред всичко което изисква интернет не работи и имам два нови файла единиа се казва хдх.ехе другият е мс.ехе Качил съм и снимки на файловете.Спрях някакви неща в таск мениджъра иначе нямаше да мога да отворя и този сайт че да направя тема Свалям някаква програма антивирусна тя по подразбиране иска да я ъпдейтнеш Но нестава защото ъпейтът използва интернет.... Направо незнам ако някой може да ми помогне да пише Ще му дам скайп за повече инфромациа каквото каже... Благодаря предварително
  11. Вече не ги прави тези неща но забелязах друго примерно долу чесъ ако изключа комп-а в 15:00 и го пусна в 17:00 Той си остава с чесъ от 15:00 Там кадето съм го спрял от там тва вече незнам от какво ще да е...
  12. 3начи преди около 5-6 месеца пак имах проблем с пц-то и го дадох нали на ремонт и този човек ми каза че е рам памета и ми сложи чисто нова сега незнам дали е чисто ножа или си е сложил някаква от неговиа комп но моята рам е само една плочка 256 такаче няма какво да сменям...
  13. Ето това което можах да снимам а иначе звуците бяха постоянни туууут туууут туууут.... сякаш сичко е забило и неможе се напвари нищо клавиатурата от горе нъм.. кап.. и сцр-то светеха постоянно без да спрат Ако трябва ви трябва още нещо пишете само какво Ето нещо инт което успях да видя на 3 тата снимка така ли трябва да е ? при батериите
  14. Доста интересен проблем до сега не бях срещал такъв при моя доста стар компютар Като пусна комп-а пищялката започва да издава някакви доста странни звуци пордължителни.. Така около 3-4 пути на 5 тия пут зареди стигна до там кадето пц-то зарежда win-a и заби След това нещо си помислих че нещо не е наред с win-а.Но от друга страна пък след като старателно го изчистих от прах вентилаторат започна да шуми доста странно.Та въпросът ми е дали може тези рестарти и тези проблеми при стартирането да са от вентилатора или просто win-a ми е отишал Да подчертая че не ми вади никакви грешки апсолютно никаде Благодаря предварително
  15. Може ли да ми обясните каде мога да намеря фаил-папката на вируса мога ли да го намеря ?
  16. Днес разбрах че имам същият вирус но като тръгна да преинсталирам уин-а ми пише следното нещо Setup did not found any hard disk drivers instaled in your computer Така казаха ми да си сваля драйвери сата направих го но пак не стана нищо малко повече инфо Как да се спрая с проблема и ако може на по прост език
  17. Свалих си сата драйверите и пак пробвах и пак нищо не стана .. Дори сега ми извади и някъв ерор 6094 при сетъп-ат
  18. Само да питам тва другото репайр ли е кво е дали ще помогне за вируса ?
  19. Е то каква е разликата то щом от дискът не става...
  20. Точно това е че нямам записвачка иначе можеве да си потърся хп-то направо от нета Бе майче ще караме така ;д Видях едно клипче как на 1 му става по същият начин и той някак си с някаква програма wmware или нещо от родъ... Незнам ;д
  21. Неудобно ми е вече да питам като идиот съм Но като ги сваля как точно се процедира с тях защото не виждам от каде да се инсталират примерно и каде се поставят имат ли точно определено място кадето трябва да ги поставя ? Извинявам се за въпросите през 1м....
  22. Съжелявам но не разбирам много много английски и немога да разбера точно какво пише
  23. Ето още инфо по темата там кадето трябва да чакам 1-2м дето ми зарежда там в линдолс систем Ми излиза ето това setup was unable to load support for the mass storage device you specified corently setup wil load support for the following mass storage device (s) Продължавам до там кадето ми пише следното Маке sure any hard disk drivers are powered on and properly connected to your computer and that any disk -related hardware configuration is or setup program Вижще ако това ще ви помогне
  24. Значи тръгвам да преинсталирвам и сичко е Ок Боотвам диск-а изчаквам да зардят файловете 1-2м След което ме пита дали искам да репайр или да продължа цъкам да продължа с инсталирването на диск-а И после ми излиза едно че немога да продължа инсталацията поради Setup did not found any hard disk drivers installed in your computer Какво е това и защо ми го пише
  25. Какво по точно прави този вирус и ще издържи ли системата поне още седмица ? А и лошото е че незнам как се преинсталлва ;д Има ли друг начин който може да замести преинстала?
  • Разглеждащи това в момента   0 потребители

    • Няма регистрирани потребители разглеждащи тази страница.
×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване