Премини към съдържанието

teodor911

Потребител
  • Публикации

    17
  • Регистрация

  • Последно онлайн

Харесвания

0 Неутрална репутация

Всичко за teodor911

  • Титла
    Потребител
  1. teodor911

    Проблем с Word

    Документа ми трябва за утре ако някой друг може да помогне ще съм му благодарен
  2. teodor911

    Проблем с Word

    Документът аз го писах вчера запазих го и днес като го отварям не мога да правя промени
  3. teodor911

    Проблем с Word

    Не мога да цъкам на options
  4. Имам следния проблем:когато отварих текстов документ на Word и реших да нанеса корекции ми изписва "Тази промяна не е позволена защото документът е заключен.Надявам се някой да може да ми помогне.Благодаря предварително !
  5. teodor911

    Проблем с шрифта

    Благодаря !
  6. Имам следния проблем : при някои програми като Dictionary (англйиско-български речник) и Visual Basic текстове на български се виждат като йероглифи (неразбиераемо),но при Word всичко е наред.Надявам се да можете да ми помогнете.
  7. teodor911

    Проблем с интернета

    Май съм дотук.Струва ми се че няма да се справя с преинсталирането.Все пак благодаря за търпението и отделеното време !
  8. teodor911

    Проблем с интернета

    Може ли да ми дадеш малко по-подробно описание как трябва да стане преинсталацията.Благодаря предварително !
  9. teodor911

    Проблем с интернета

    Няма проблем . ComboFix 09-10-16.09 - User 10.2009 г. 23:44.4.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1620 [GMT 3:00] Running from: c:\documents and settings\User\Desktop\Tools.exe.exe . ((((((((((((((((((((((((( Files Created from 2009-09-17 to 2009-10-17 ))))))))))))))))))))))))))))))) . 2009-10-17 20:33 . 2009-10-17 20:19 42496 ----a-w- c:\windows\system32\ftp.exe 2009-10-17 20:33 . 2009-10-17 20:21 361600 ----a-w- c:\windows\system32\drivers\tcpip.sys 2009-10-17 20:33 . 2009-10-17 20:21 1614848 ----a-w- c:\windows\system32\sfcfiles.dll 2009-10-17 20:27 . 2009-10-17 20:28 -------- d-----w- c:\documents and settings\Administrator 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\xircom 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\wbem\snmp 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\program files\microsoft frontpage 2009-10-16 22:00 . 2009-10-16 22:04 -------- d-----w- C:\Tools.exe 2009-10-16 20:27 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-16 20:27 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-26 11:13 . 2009-09-26 11:13 -------- d-----w- c:\program files\Networx-BG 2009-09-21 18:58 . 2009-09-21 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-09-20 15:27 . 2009-09-20 15:38 -------- d-----w- c:\documents and settings\User\Application Data\Dev-Cpp 2009-09-20 15:14 . 2009-09-20 15:41 -------- d-----w- c:\program files\DevCpp 2009-09-18 13:32 . 2009-09-18 13:32 -------- d-----w- c:\documents and settings\User\Application Data\Capcom . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-17 20:26 . 2009-07-29 21:47 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2009-10-17 18:19 . 2009-08-11 12:01 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2009-10-17 05:41 . 2009-08-24 19:33 -------- d-----w- c:\program files\ESET 2009-10-16 21:56 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-10-16 20:27 . 2009-08-20 19:00 -------- d-----w- c:\program files\Malwarebytes 2009-10-16 19:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\BitTorrent 2009-10-09 13:59 . 2009-07-29 21:47 -------- d-----w- c:\program files\Skype 2009-10-05 14:40 . 2009-07-29 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-17 12:44 . 2009-07-29 20:27 18904 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-17 11:32 . 2009-09-11 16:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2009-09-15 19:10 . 2009-09-15 19:10 -------- d-----w- c:\program files\AGEIA Technologies 2009-09-13 19:44 . 2009-09-13 19:24 184632 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\MSBuild 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\Reference Assemblies 2009-09-12 16:11 . 2009-09-12 16:11 -------- d-----w- c:\program files\Axis Communications 2009-09-12 12:48 . 2009-09-12 12:48 -------- d-----w- c:\program files\NOD32 2009-09-11 17:02 . 2009-09-11 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-09-11 16:55 . 2009-09-11 16:55 -------- d--h--r- c:\documents and settings\User\Application Data\SecuROM 2009-09-09 10:07 . 2009-09-09 10:05 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-05 11:51 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-05 09:37 . 2009-08-17 11:56 -------- d-----w- c:\program files\DeamonTools 2009-09-01 21:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\Winamp 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\User\Application Data\Ubisoft 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft 2009-08-31 13:04 . 2009-08-19 16:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-31 13:04 . 2009-08-19 16:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-30 19:58 . 2009-08-30 19:58 -------- d-----w- c:\program files\Common Files\snpstd3 2009-08-29 09:35 . 2009-07-29 21:01 -------- d-----w- c:\program files\Common Files\InstallShield 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-20 19:07 . 2009-08-20 19:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\documents and settings\User\Application Data\Sammsoft 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\program files\Advanced Registry Optimizer 2009-08-19 16:31 . 2009-08-19 16:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-19 11:37 . 2009-08-19 11:37 -------- d-----w- c:\documents and settings\User\Application Data\Media Player Classic 2009-08-17 11:57 . 2009-08-17 11:57 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-11 12:01 . 2009-08-11 12:01 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-07 16:51 . 2009-08-07 16:51 15308424 ----a-w- c:\windows\system32\xlive.dll 2009-08-07 16:51 . 2009-08-07 16:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-07-29 21:01 . 2009-07-29 21:01 315392 ----a-w- c:\windows\HideWin.exe 2009-07-29 20:07 . 2009-07-29 20:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-20 06:34 . 2009-07-20 06:34 70936 ----a-w- c:\windows\system32\PhysXLoader.dll . ------- Sigcheck ------- [-] 2009-10-17 . 9AEFA14BD6B182D61E3119FA5F436D3D . 361600 . . [5.1.2600.5625] . . c:\windows\system32\drivers\tcpip.sys . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-08-03 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Games\\COD4\\iw3mp.exe"= "c:\program files\Networx-BG\Helper\winvnc.exe"= c:\program files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Enabled:Networx-BG Helper VNC "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowOutboundPacketTooBig"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowInboundEchoRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.bg/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000 TCP: {30564426-6383-42AF-B910-74ADD32B43A7} = 212.25.58.8 212.25.58.2 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://87.120.43.139/activex/AMC.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-17 23:46 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-583907252-1757981266-682003330-1003\Software\SecuROM\License information*] "datasecu"=hex:ce,61,a3,9e,1a,80,bf,5d,a6,30,36,ca,3c,a1,72,99,a9,03,42,95,a5, 17,cd,23,e0,ae,43,fd,bf,9b,69,69,95,0e,02,46,11,e2,73,15,f0,e5,f0,b8,7d,03,\ "rkeysecu"=hex:1a,17,71,26,ad,56,13,63,d0,9e,62,3c,30,fd,07,4a . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3192) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-10-17 23:47 ComboFix-quarantined-files.txt 2009-10-17 20:47 ComboFix2.txt 2009-10-17 15:19 ComboFix3.txt 2009-10-17 08:41 ComboFix4.txt 2009-10-16 22:04 Pre-Run: 19 666 870 272 bytes free Post-Run: 20 129 697 792 bytes free 155
  10. teodor911

    Проблем с интернета

    Компютъра ми се рестартира докато програмата работеше и като се пусна ми показа loga. ComboFix 09-10-16.09 - User 10.2009 г. 18:15.3.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1591 [GMT 3:00] Running from: c:\documents and settings\User\Desktop\Tools.exe.exe Command switches used :: c:\documents and settings\User\Desktop\CFScript.txt . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\ftp.exe . . . is infected!! . ((((((((((((((((((((((((( Files Created from 2009-09-17 to 2009-10-17 ))))))))))))))))))))))))))))))) . 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\xircom 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\wbem\snmp 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\program files\microsoft frontpage 2009-10-16 22:00 . 2009-10-16 22:04 -------- d-----w- C:\Tools.exe 2009-10-16 20:27 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-16 20:27 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-26 11:13 . 2009-09-26 11:13 -------- d-----w- c:\program files\Networx-BG 2009-09-21 18:58 . 2009-09-21 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-09-20 15:27 . 2009-09-20 15:38 -------- d-----w- c:\documents and settings\User\Application Data\Dev-Cpp 2009-09-20 15:14 . 2009-09-20 15:41 -------- d-----w- c:\program files\DevCpp 2009-09-18 13:32 . 2009-09-18 13:32 -------- d-----w- c:\documents and settings\User\Application Data\Capcom . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-17 15:11 . 2009-07-29 21:47 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2009-10-17 13:01 . 2009-08-11 12:01 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2009-10-17 05:41 . 2009-08-24 19:33 -------- d-----w- c:\program files\ESET 2009-10-16 21:56 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-10-16 20:27 . 2009-08-20 19:00 -------- d-----w- c:\program files\Malwarebytes 2009-10-16 19:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\BitTorrent 2009-10-09 13:59 . 2009-07-29 21:47 -------- d-----w- c:\program files\Skype 2009-10-05 14:40 . 2009-07-29 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-17 12:44 . 2009-07-29 20:27 18904 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-17 11:32 . 2009-09-11 16:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2009-09-15 19:10 . 2009-09-15 19:10 -------- d-----w- c:\program files\AGEIA Technologies 2009-09-13 19:44 . 2009-09-13 19:24 184632 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\MSBuild 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\Reference Assemblies 2009-09-12 16:11 . 2009-09-12 16:11 -------- d-----w- c:\program files\Axis Communications 2009-09-12 13:25 . 2008-04-14 04:42 42496 ----a-w- c:\windows\system32\ftp.exe 2009-09-12 12:48 . 2009-09-12 12:48 -------- d-----w- c:\program files\NOD32 2009-09-11 17:02 . 2009-09-11 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-09-11 16:55 . 2009-09-11 16:55 -------- d--h--r- c:\documents and settings\User\Application Data\SecuROM 2009-09-09 10:07 . 2009-09-09 10:05 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-05 11:51 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-05 09:37 . 2009-08-17 11:56 -------- d-----w- c:\program files\DeamonTools 2009-09-01 21:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\Winamp 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\User\Application Data\Ubisoft 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft 2009-08-31 13:04 . 2009-08-19 16:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-31 13:04 . 2009-08-19 16:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-30 19:58 . 2009-08-30 19:58 -------- d-----w- c:\program files\Common Files\snpstd3 2009-08-29 09:35 . 2009-07-29 21:01 -------- d-----w- c:\program files\Common Files\InstallShield 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-20 19:07 . 2009-08-20 19:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\documents and settings\User\Application Data\Sammsoft 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\program files\Advanced Registry Optimizer 2009-08-19 16:31 . 2009-08-19 16:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-19 11:37 . 2009-08-19 11:37 -------- d-----w- c:\documents and settings\User\Application Data\Media Player Classic 2009-08-17 11:57 . 2009-08-17 11:57 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-11 12:01 . 2009-08-11 12:01 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-07 16:51 . 2009-08-07 16:51 15308424 ----a-w- c:\windows\system32\xlive.dll 2009-08-07 16:51 . 2009-08-07 16:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-07-29 21:01 . 2009-07-29 21:01 315392 ----a-w- c:\windows\HideWin.exe 2009-07-29 20:07 . 2009-07-29 20:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-20 06:34 . 2009-07-20 06:34 70936 ----a-w- c:\windows\system32\PhysXLoader.dll . ------- Sigcheck ------- [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-08-03 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Games\\COD4\\iw3mp.exe"= "c:\program files\Networx-BG\Helper\winvnc.exe"= c:\program files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Enabled:Networx-BG Helper VNC "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowOutboundPacketTooBig"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowInboundEchoRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.bg/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000 TCP: {30564426-6383-42AF-B910-74ADD32B43A7} = 212.25.58.8 212.25.58.2 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://87.120.43.139/activex/AMC.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-17 18:18 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-583907252-1757981266-682003330-1003\Software\SecuROM\License information*] "datasecu"=hex:ce,61,a3,9e,1a,80,bf,5d,a6,30,36,ca,3c,a1,72,99,a9,03,42,95,a5, 17,cd,23,e0,ae,43,fd,bf,9b,69,69,95,0e,02,46,11,e2,73,15,f0,e5,f0,b8,7d,03,\ "rkeysecu"=hex:1a,17,71,26,ad,56,13,63,d0,9e,62,3c,30,fd,07,4a . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3276) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\IoctlSvc.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\wscntfy.exe c:\windows\system32\rundll32.exe . ************************************************************************** . Completion time: 2009-10-17 18:19 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-17 15:19 ComboFix2.txt 2009-10-17 08:41 ComboFix3.txt 2009-10-16 22:04 Pre-Run: 20 153 384 960 bytes free Post-Run: 20 171 083 776 bytes free 168
  11. teodor911

    Проблем с интернета

    Пропуснал съм нещо.След това,което съм написал по горе , на нов ред е числото 164
  12. teodor911

    Проблем с интернета

    Съжалявам за забавянето , но имах малко работа. ComboFix 09-10-16.09 - User 10.2009 г. 11:39.2.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1635 [GMT 3:00] Running from: c:\documents and settings\User\Desktop\Tools.exe.exe Command switches used :: c:\documents and settings\User\Desktop\WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\ftp.exe . . . is infected!! . ((((((((((((((((((((((((( Files Created from 2009-09-17 to 2009-10-17 ))))))))))))))))))))))))))))))) . 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\xircom 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\windows\system32\wbem\snmp 2009-10-17 05:41 . 2009-10-17 05:41 -------- d-----w- c:\program files\microsoft frontpage 2009-10-16 22:00 . 2009-10-16 22:04 -------- d-----w- C:\Tools.exe 2009-10-16 20:27 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-16 20:27 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-26 11:13 . 2009-09-26 11:13 -------- d-----w- c:\program files\Networx-BG 2009-09-21 18:58 . 2009-09-21 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-09-20 15:27 . 2009-09-20 15:38 -------- d-----w- c:\documents and settings\User\Application Data\Dev-Cpp 2009-09-20 15:14 . 2009-09-20 15:41 -------- d-----w- c:\program files\DevCpp 2009-09-18 13:32 . 2009-09-18 13:32 -------- d-----w- c:\documents and settings\User\Application Data\Capcom 2009-09-17 12:44 . 2009-09-17 12:44 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Rockstar Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-17 08:35 . 2009-07-29 21:47 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2009-10-17 06:31 . 2009-08-11 12:01 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2009-10-17 05:41 . 2009-08-24 19:33 -------- d-----w- c:\program files\ESET 2009-10-16 21:56 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-10-16 20:27 . 2009-08-20 19:00 -------- d-----w- c:\program files\Malwarebytes 2009-10-16 19:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\BitTorrent 2009-10-09 13:59 . 2009-07-29 21:47 -------- d-----w- c:\program files\Skype 2009-10-05 14:40 . 2009-07-29 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-17 12:44 . 2009-07-29 20:27 18904 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-17 11:32 . 2009-09-11 16:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2009-09-15 19:10 . 2009-09-15 19:10 -------- d-----w- c:\program files\AGEIA Technologies 2009-09-13 19:44 . 2009-09-13 19:24 184632 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\MSBuild 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\Reference Assemblies 2009-09-12 16:11 . 2009-09-12 16:11 -------- d-----w- c:\program files\Axis Communications 2009-09-12 13:25 . 2008-04-14 04:42 42496 ----a-w- c:\windows\system32\ftp.exe 2009-09-12 12:48 . 2009-09-12 12:48 -------- d-----w- c:\program files\NOD32 2009-09-11 17:02 . 2009-09-11 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-09-11 16:55 . 2009-09-11 16:55 -------- d--h--r- c:\documents and settings\User\Application Data\SecuROM 2009-09-09 10:07 . 2009-09-09 10:05 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-05 11:51 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-05 09:37 . 2009-08-17 11:56 -------- d-----w- c:\program files\DeamonTools 2009-09-01 21:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\Winamp 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\User\Application Data\Ubisoft 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft 2009-08-31 13:04 . 2009-08-19 16:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-31 13:04 . 2009-08-19 16:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-30 19:58 . 2009-08-30 19:58 -------- d-----w- c:\program files\Common Files\snpstd3 2009-08-29 09:35 . 2009-07-29 21:01 -------- d-----w- c:\program files\Common Files\InstallShield 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-20 19:07 . 2009-08-20 19:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\documents and settings\User\Application Data\Sammsoft 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\program files\Advanced Registry Optimizer 2009-08-19 16:31 . 2009-08-19 16:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-19 11:37 . 2009-08-19 11:37 -------- d-----w- c:\documents and settings\User\Application Data\Media Player Classic 2009-08-17 11:57 . 2009-08-17 11:57 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-11 12:01 . 2009-08-11 12:01 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-07 16:51 . 2009-08-07 16:51 15308424 ----a-w- c:\windows\system32\xlive.dll 2009-08-07 16:51 . 2009-08-07 16:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-07-29 21:01 . 2009-07-29 21:01 315392 ----a-w- c:\windows\HideWin.exe 2009-07-29 20:07 . 2009-07-29 20:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-20 06:34 . 2009-07-20 06:34 70936 ----a-w- c:\windows\system32\PhysXLoader.dll . ------- Sigcheck ------- [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-08-03 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Games\\COD4\\iw3mp.exe"= "c:\program files\Networx-BG\Helper\winvnc.exe"= c:\program files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Enabled:Networx-BG Helper VNC "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowOutboundPacketTooBig"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowInboundEchoRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.bg/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000 TCP: {30564426-6383-42AF-B910-74ADD32B43A7} = 212.25.58.8 212.25.58.2 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://87.120.43.139/activex/AMC.cab . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-17 11:41 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-583907252-1757981266-682003330-1003\Software\SecuROM\License information*] "datasecu"=hex:ce,61,a3,9e,1a,80,bf,5d,a6,30,36,ca,3c,a1,72,99,a9,03,42,95,a5, 17,cd,23,e0,ae,43,fd,bf,9b,69,69,95,0e,02,46,11,e2,73,15,f0,e5,f0,b8,7d,03,\ "rkeysecu"=hex:1a,17,71,26,ad,56,13,63,d0,9e,62,3c,30,fd,07,4a . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2168) c:\windows\system32\msi.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . Completion time: 2009-10-17 11:41 ComboFix-quarantined-files.txt 2009-10-17 08:41 ComboFix2.txt 2009-10-16 22:04 Pre-Run: 20 223 381 504 bytes free Post-Run: 20 203 229 184 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect /usepmtimer
  13. teodor911

    Проблем с интернета

    При мен работата на ComboFix не отне повече от 5 мин. И не бях прочел това че не трябва да мърдам мишката.Ако е необходимо бих повторил процедурата отново.А ето го и ComboFix.txt ComboFix 09-10-16.03 - User 10.2009 г. 1:01.1.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.2047.1460 [GMT 3:00] Running from: c:\documents and settings\User\Desktop\Tools.exe.exe * Resident AV is active WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\system32\axaltocm.dll c:\windows\system32\Microsoft\backup.ftp c:\windows\system32\ftp.exe . . . is infected!! . ((((((((((((((((((((((((( Files Created from 2009-09-16 to 2009-10-16 ))))))))))))))))))))))))))))))) . 2009-10-16 20:27 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-16 20:27 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-09-26 11:13 . 2009-09-26 11:13 -------- d-----w- c:\program files\Networx-BG 2009-09-21 18:58 . 2009-09-21 18:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Blizzard 2009-09-20 15:27 . 2009-09-20 15:38 -------- d-----w- c:\documents and settings\User\Application Data\Dev-Cpp 2009-09-20 15:14 . 2009-09-20 15:41 -------- d-----w- c:\program files\DevCpp 2009-09-18 13:32 . 2009-09-18 13:32 -------- d-----w- c:\documents and settings\User\Application Data\Capcom 2009-09-17 12:44 . 2009-09-17 12:44 -------- d-----w- c:\documents and settings\User\Local Settings\Application Data\Rockstar Games . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-16 21:57 . 2009-08-24 19:33 -------- d-----w- c:\program files\ESET 2009-10-16 21:56 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-10-16 20:27 . 2009-08-20 19:00 -------- d-----w- c:\program files\Malwarebytes 2009-10-16 20:15 . 2009-07-29 21:47 -------- d-----w- c:\documents and settings\User\Application Data\Skype 2009-10-16 19:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\BitTorrent 2009-10-16 18:13 . 2009-08-11 12:01 -------- d-----w- c:\documents and settings\User\Application Data\skypePM 2009-10-09 13:59 . 2009-07-29 21:47 -------- d-----w- c:\program files\Skype 2009-10-05 14:40 . 2009-07-29 21:01 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-17 12:44 . 2009-07-29 20:27 18904 ----a-w- c:\documents and settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-17 11:32 . 2009-09-11 16:53 -------- d-----w- c:\program files\Microsoft Games for Windows - LIVE 2009-09-15 19:10 . 2009-09-15 19:10 -------- d-----w- c:\program files\AGEIA Technologies 2009-09-13 19:44 . 2009-09-13 19:24 184632 ----a-w- c:\documents and settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\MSBuild 2009-09-13 19:24 . 2009-09-13 19:24 -------- d-----w- c:\program files\Reference Assemblies 2009-09-12 16:11 . 2009-09-12 16:11 -------- d-----w- c:\program files\Axis Communications 2009-09-12 13:28 . 2009-09-12 12:49 298104 ----a-w- c:\windows\system32\imon.dll 2009-09-12 13:25 . 2008-04-14 04:42 42496 ----a-w- c:\windows\system32\ftp.exe 2009-09-12 12:48 . 2009-09-12 12:48 -------- d-----w- c:\program files\NOD32 2009-09-11 17:02 . 2009-09-11 17:02 107888 ----a-w- c:\windows\system32\CmdLineExt.dll 2009-09-11 16:55 . 2009-09-11 16:55 -------- d--h--r- c:\documents and settings\User\Application Data\SecuROM 2009-09-09 10:07 . 2009-09-09 10:05 43520 ----a-w- c:\windows\system32\CmdLineExt03.dll 2009-09-05 11:51 . 2009-09-05 09:38 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-05 09:37 . 2009-08-17 11:56 -------- d-----w- c:\program files\DeamonTools 2009-09-01 21:12 . 2009-07-29 21:48 -------- d-----w- c:\documents and settings\User\Application Data\Winamp 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\User\Application Data\Ubisoft 2009-09-01 15:27 . 2009-09-01 15:27 -------- d-----w- c:\documents and settings\All Users\Application Data\Ubisoft 2009-08-31 13:04 . 2009-08-19 16:31 22328 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-08-31 13:04 . 2009-08-19 16:31 103736 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-08-30 19:58 . 2009-08-30 19:58 -------- d-----w- c:\program files\Common Files\snpstd3 2009-08-29 09:35 . 2009-07-29 21:01 -------- d-----w- c:\program files\Common Files\InstallShield 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\User\Application Data\Malwarebytes 2009-08-20 19:16 . 2009-08-20 19:16 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-08-20 19:07 . 2009-08-20 19:02 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\documents and settings\User\Application Data\Sammsoft 2009-08-20 18:57 . 2009-08-20 18:57 -------- d-----w- c:\program files\Advanced Registry Optimizer 2009-08-19 16:31 . 2009-08-19 16:31 66872 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-08-19 11:37 . 2009-08-19 11:37 -------- d-----w- c:\documents and settings\User\Application Data\Media Player Classic 2009-08-17 11:57 . 2009-08-17 11:57 717296 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-08-11 12:01 . 2009-08-11 12:01 56 ---ha-w- c:\windows\system32\ezsidmv.dat 2009-08-07 16:51 . 2009-08-07 16:51 15308424 ----a-w- c:\windows\system32\xlive.dll 2009-08-07 16:51 . 2009-08-07 16:51 13642888 ----a-w- c:\windows\system32\xlivefnt.dll 2009-07-29 21:01 . 2009-07-29 21:01 315392 ----a-w- c:\windows\HideWin.exe 2009-07-29 20:07 . 2009-07-29 20:07 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-07-20 06:34 . 2009-07-20 06:34 70936 ----a-w- c:\windows\system32\PhysXLoader.dll . ------- Sigcheck ------- [-] 2009-01-08 . 5AE1C2695F6523AD98B948F2887D8C5E . 361600 . . [5.1.2600.5649] . . c:\windows\system32\drivers\tcpip.sys [-] 2009-01-08 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2009-07-08 1657376] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-07-14 86016] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-07-14 13877248] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-02 32768] "WinampAgent"="c:\program files\Winamp\winampa.exe" [2009-02-25 37888] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2008-04-28 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-02-18 2221352] "snpstd3"="c:\windows\vsnpstd3.exe" [2004-07-30 286720] "Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe" [2009-09-10 1312080] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.exe [2007-09-27 16844800] "SkyTel"="SkyTel.EXE" - c:\windows\SkyTel.exe [2007-08-03 1826816] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "_nltide_2"="shell32" [X] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\BitTorrent\\bittorrent.exe"= "d:\\Games\\COD4\\iw3mp.exe"= "c:\program files\Networx-BG\Helper\winvnc.exe"= c:\program files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Enabled:Networx-BG Helper VNC "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowOutboundPacketTooBig"= 1 (0x1) "AllowOutboundDestinationUnreachable"= 1 (0x1) "AllowOutboundSourceQuench"= 1 (0x1) "AllowRedirect"= 1 (0x1) "AllowInboundEchoRequest"= 1 (0x1) "AllowInboundRouterRequest"= 1 (0x1) "AllowOutboundTimeExceeded"= 1 (0x1) "AllowOutboundParameterProblem"= 1 (0x1) "AllowInboundTimestampRequest"= 1 (0x1) "AllowInboundMaskRequest"= 1 (0x1) R4 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys --> c:\windows\system32\drivers\nod32drv.sys [?] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.bg/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~1\Office10\EXCEL.EXE/3000 TCP: {30564426-6383-42AF-B910-74ADD32B43A7} = 212.25.58.8 212.25.58.2 DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} - hxxp://87.120.43.139/activex/AMC.cab . - - - - ORPHANS REMOVED - - - - AddRemove-HijackThis - c:\program files\HiJackThis\HijackThis.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-17 01:03 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-583907252-1757981266-682003330-1003\Software\SecuROM\License information*] "datasecu"=hex:ce,61,a3,9e,1a,80,bf,5d,a6,30,36,ca,3c,a1,72,99,a9,03,42,95,a5, 17,cd,23,e0,ae,43,fd,bf,9b,69,69,95,0e,02,46,11,e2,73,15,f0,e5,f0,b8,7d,03,\ "rkeysecu"=hex:1a,17,71,26,ad,56,13,63,d0,9e,62,3c,30,fd,07,4a . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'lsass.exe'(572) c:\windows\system32\imon.dll . Completion time: 2009-10-16 1:04 ComboFix-quarantined-files.txt 2009-10-16 22:04 Pre-Run: 16 991 014 912 bytes free Post-Run: 20 214 853 632 bytes free 156
  14. teodor911

    Проблем с интернета

    Само не ведях къде да сложа отметки преди дяловете. Results of screen317's Security Check version 0.99.0 Windows XP Service Pack 3 `````````````````````````````` Antivirus/Firewall Check: Windows Security Center service is not running! This report may not be accurate! Windows Firewall Disabled! NOD32 Antivirus System Antivirus out of date! `````````````````````````````` Anti-malware/Other Utilities Check: HijackThis 2.0.2 `````````````````````````````` Process Check: objlist.exe by Laurent Eset nod32kui.exe Eset nod32krn.exe `````````````````````````````` DNS Vulnerability Check: POOR! (Vulnerable to DNS cache poisoning!!-- Consider OPENDNS) `````````End of Log``````````` ROOTREPEAL © AD, 2007-2009 ================================================== Scan Start Time: 2009/10/17 00:22 Program Version: Version 1.3.5.0 Windows Version: Windows XP SP3 ================================================== Drivers ------------------- Name: dump_atapi.sys Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys Address: 0xB4A57000 Size: 98304 File Visible: No Signed: - Status: - Name: dump_WMILIB.SYS Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS Address: 0xB85F6000 Size: 8192 File Visible: No Signed: - Status: - Name: PCI_PNP5256 Image Path: \Driver\PCI_PNP5256 Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - Name: rootrepeal.sys Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys Address: 0xB3BB6000 Size: 49152 File Visible: No Signed: - Status: - Name: spnj.sys Image Path: spnj.sys Address: 0xB7EA7000 Size: 1048576 File Visible: No Signed: - Status: - Name: sptd Image Path: \Driver\sptd Address: 0x00000000 Size: 0 File Visible: No Signed: - Status: - SSDT ------------------- #: 041 Function Name: NtCreateKey Status: Hooked by "spnj.sys" at address 0xb7ea80e0 #: 071 Function Name: NtEnumerateKey Status: Hooked by "spnj.sys" at address 0xb7ec6ca2 #: 073 Function Name: NtEnumerateValueKey Status: Hooked by "spnj.sys" at address 0xb7ec7030 #: 119 Function Name: NtOpenKey Status: Hooked by "spnj.sys" at address 0xb7ea80c0 #: 160 Function Name: NtQueryKey Status: Hooked by "spnj.sys" at address 0xb7ec7108 #: 177 Function Name: NtQueryValueKey Status: Hooked by "spnj.sys" at address 0xb7ec6f88 #: 247 Function Name: NtSetValueKey Status: Hooked by "spnj.sys" at address 0xb7ec719a ==EOF== OTL logfile created on: 17.10.2009 г. 00:30:15 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\User\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,35% Memory free 3,85 Gb Paging File | 3,22 Gb Available in Paging File | 83,76% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,00 Gb Total Space | 15,81 Gb Free Space | 63,22% Space Free | Partition Type: NTFS Drive D: | 136,52 Gb Total Space | 28,81 Gb Free Space | 21,11% Space Free | Partition Type: NTFS Drive E: | 136,55 Gb Total Space | 65,76 Gb Free Space | 48,16% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ADMIN Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Processes (SafeList) ========== PRC - [2009.10.17 00:28:52 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe PRC - [2009.10.17 00:19:16 | 00,843,167 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe PRC - [2009.10.16 23:53:31 | 00,401,720 | ---- | M] (Trend Micro Inc.) -- C:\Program Files\HiJackThis\Kaldata.exe.exe PRC - [2009.09.12 16:28:14 | 00,949,376 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32kui.exe PRC - [2009.09.12 16:28:14 | 00,552,064 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe PRC - [2009.08.19 19:31:09 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe PRC - [2009.07.14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe PRC - [2009.02.26 00:26:00 | 00,037,888 | ---- | M] () -- C:\Program Files\Winamp\winampa.exe PRC - [2009.01.08 22:07:03 | 01,033,728 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE PRC - [2008.12.19 07:25:25 | 00,634,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Internet Explorer\IEXPLORE.EXE PRC - [2008.04.14 07:42:16 | 00,389,120 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\cmd.exe PRC - [2008.02.18 17:29:12 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe PRC - [2007.09.27 14:20:18 | 16,844,800 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\RTHDCPL.EXE PRC - [2006.12.19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe PRC - [2004.11.02 20:24:46 | 00,032,768 | ---- | M] (Cyberlink Corp.) -- C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe PRC - [2004.07.30 18:50:24 | 00,286,720 | ---- | M] () -- C:\WINDOWS\vsnpstd3.exe ========== Win32 Services (SafeList) ========== SRV - [2009.09.12 16:28:14 | 00,552,064 | ---- | M] (Eset ) -- C:\Program Files\Eset\nod32krn.exe -- (NOD32krn [Auto | Running]) SRV - [2009.08.19 19:31:09 | 00,066,872 | ---- | M] () -- C:\WINDOWS\System32\PnkBstrA.exe -- (PnkBstrA [Auto | Running]) SRV - [2009.07.14 13:34:58 | 00,168,004 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (nvsvc [Auto | Running]) SRV - [2008.07.29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped]) SRV - [2008.07.29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [unknown | Stopped]) SRV - [2008.07.29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped]) SRV - [2008.07.25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped]) SRV - [2008.07.25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped]) SRV - [2008.04.14 07:42:04 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running]) SRV - [2008.02.28 18:07:48 | 00,529,704 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Stopped]) SRV - [2008.02.18 17:29:12 | 00,877,864 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe -- (Nero BackItUp Scheduler 3 [Auto | Running]) SRV - [2006.12.19 10:30:26 | 00,081,920 | ---- | M] (Prolific Technology Inc.) -- C:\WINDOWS\System32\IoctlSvc.exe -- (PLFlash DeviceIoControl Service [Auto | Running]) SRV - [2006.10.18 19:05:24 | 00,913,408 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped]) ========== Driver Services (SafeList) ========== DRV - [2009.09.12 16:28:14 | 00,512,096 | ---- | M] (Eset ) -- C:\WINDOWS\system32\drivers\amon.sys -- (AMON [Auto | Running]) DRV - [2009.09.12 16:28:14 | 00,015,424 | ---- | M] () -- C:\WINDOWS\system32\drivers\nod32drv.sys -- (nod32drv [system | Running]) DRV - [2009.08.17 14:57:12 | 00,717,296 | ---- | M] () -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd [boot | Running]) DRV - [2009.07.14 21:54:00 | 07,741,664 | ---- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\DRIVERS\nv4_mini.sys -- (nv [On_Demand | Running]) DRV - [2008.08.20 20:58:58 | 00,044,944 | ---- | M] (Sonic Solutions) -- C:\WINDOWS\System32\Drivers\PxHelp20.sys -- (PxHelp20 [boot | Running]) DRV - [2008.04.14 01:05:40 | 00,020,992 | ---- | M] (Realtek Semiconductor Corporation) -- C:\WINDOWS\System32\DRIVERS\RTL8139.SYS -- (rtl8139 [On_Demand | Running]) DRV - [2008.04.14 00:09:16 | 00,020,480 | ---- | M] (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K.) -- C:\WINDOWS\System32\DRIVERS\secdrv.sys -- (Secdrv [On_Demand | Stopped]) DRV - [2008.04.14 00:06:06 | 00,144,384 | ---- | M] (Windows ® Server 2003 DDK provider) -- C:\WINDOWS\System32\DRIVERS\HDAudBus.sys -- (HDAudBus [On_Demand | Running]) DRV - [2007.10.02 16:32:14 | 04,613,120 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\System32\drivers\RtkHDAud.sys -- (IntcAzAudAddService [On_Demand | Running]) DRV - [2004.11.25 15:42:34 | 00,419,200 | ---- | M] () -- C:\WINDOWS\System32\DRIVERS\snpstd3.sys -- (SNPSTD3 [On_Demand | Running]) DRV - [2001.08.23 14:00:00 | 00,017,792 | ---- | M] (Parallel Technologies, Inc.) -- C:\WINDOWS\System32\DRIVERS\ptilink.sys -- (Ptilink [On_Demand | Running]) ========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data] IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 IE - HKU\.DEFAULT\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-18\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 IE - HKU\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm IE - HKU\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 IE - HKU\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://google.bg/ IE - HKU\S-1-5-21-583907252-1757981266-682003330-1003\S-1-5-21-583907252-1757981266-682003330-1003\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0 FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009.09.13 22:24:51 | 00,000,000 | ---D | M] O1 HOSTS File: (734 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts O1 - Hosts: 127.0.0.1 localhost O2 - BHO: (Skype add-on (mastermind)) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O3 - HKU\S-1-5-21-583907252-1757981266-682003330-1003\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll () O4 - HKLM..\Run: [Alcmtr] C:\WINDOWS\ALCMTR.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation) O4 - HKLM..\Run: [NBKeyScan] C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe (Nero AG) O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG) O4 - HKLM..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe (Eset ) O4 - HKLM..\Run: [NvCplDaemon] C:\WINDOWS\System32\NvCpl.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [NvMediaCenter] C:\WINDOWS\System32\NvMcTray.DLL (NVIDIA Corporation) O4 - HKLM..\Run: [nwiz] C:\Program Files\NVIDIA Corporation\nView\nwiz.exe () O4 - HKLM..\Run: [RemoteControl] C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe (Cyberlink Corp.) O4 - HKLM..\Run: [RTHDCPL] C:\WINDOWS\RTHDCPL.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [skyTel] C:\WINDOWS\SkyTel.EXE (Realtek Semiconductor Corp.) O4 - HKLM..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe () O4 - HKLM..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe () O4 - HKLM..\RunOnce: [Malwarebytes' Anti-Malware] C:\Program Files\Malwarebytes\Malwarebytes' Anti-Malware\mbamgui.exe (Malwarebytes Corporation) O4 - HKU\.DEFAULT..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-18..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-19..\RunOnce: [_nltide_2] File not found O4 - HKU\S-1-5-20..\RunOnce: [_nltide_2] File not found O4 - Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (Microsoft Corporation) O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext = O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1 O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableTaskMgr = 1 O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145 O7 - HKU\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0 O8 - Extra context menu item: Е&кспортирай в Microsoft Excel - C:\Program Files\Microsoft Office\Office10\EXCEL.EXE (Microsoft Corporation) O9 - Extra Button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll (Skype Technologies S.A.) O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation) O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation) O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000003 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000004 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000005 - C:\WINDOWS\System32\imon.dll (Eset ) O10 - Protocol_Catalog9\Catalog_Entries\000000000023 - C:\WINDOWS\System32\imon.dll (Eset ) O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} http://87.120.43.139/activex/AMC.cab (AxisMediaControlEmb Class) O18 - Protocol\Handler\cdo {CD00020A-8B95-11D1-82DB-00C04FB1625D} - C:\Program Files\Common Files\Microsoft Shared\Web Folders\PKMCDO.DLL (Microsoft Corporation) O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\ipp - No CLSID value found O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp - No CLSID value found O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\OLE DB\msdaipp.dll (Microsoft Corporation) O18 - Protocol\Handler\mso-offdap {3D9F03FA-7A94-11D3-BE81-0050048385D1} - C:\Program Files\Common Files\Microsoft Shared\Web Components\10\OWC10.DLL (Microsoft Corporation) O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies) O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation) O20 - Winlogon\Notify\WgaLogon: DllName - WgaLogon.dll - File not found O24 - Desktop Components:0 (My Current Home Page) - About:Home O31 - SafeBoot: AlternateShell - cmd.exe O32 - HKLM CDRom: AutoRun - 1 O32 - AutoRun File - [2009.07.29 23:10:07 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ] O34 - HKLM BootExecute: (autocheck) - File not found O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation) O34 - HKLM BootExecute: (*) - File not found O35 - comfile [open] -- "%1" %* File not found O35 - exefile [open] -- "%1" %* File not found ========== Files/Folders - Created Within 30 Days ========== [2009.09.21 21:58:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2009.09.18 16:32:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Capcom [2009.09.20 18:27:36 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Application Data\Dev-Cpp [2009.09.17 15:44:55 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Local Settings\Application Data\Rockstar Games [2009.09.20 18:14:35 | 00,000,000 | ---D | C] -- C:\Program Files\DevCpp [2009.10.16 23:53:19 | 00,000,000 | ---D | C] -- C:\Program Files\HiJackThis [2009.09.26 14:13:20 | 00,000,000 | ---D | C] -- C:\Program Files\Networx-BG [2009.10.17 00:28:38 | 00,521,216 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe [2009.10.17 00:21:49 | 00,472,064 | ---- | C] ( ) -- C:\Documents and Settings\User\Desktop\RootRepeal.exe [2009.10.16 23:27:18 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2009.10.16 23:27:17 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys [2009.10.16 21:51:24 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\18 WoS Extreme Trucker [2009.10.14 18:39:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\FIFA 10 [2009.10.10 14:29:41 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Music [2009.10.09 18:46:12 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\New Folder [2009.10.09 18:26:06 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Музика [2009.09.26 22:20:17 | 00,009,728 | ---- | C] (by NiO_ShOoTer) -- C:\Documents and Settings\User\Desktop\RORO2.exe [2009.09.26 14:22:15 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\Desktop\Free Servers [2009.09.20 23:28:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\FIFA 09 [2009.09.20 18:38:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\DevC++ [2009.09.17 14:33:59 | 00,000,000 | ---D | C] -- C:\Documents and Settings\User\My Documents\Rockstar Games [2009.08.30 22:58:08 | 00,061,440 | ---- | C] ( ) -- C:\WINDOWS\System32\csnpstd3.dll [2009.08.30 22:58:08 | 00,057,344 | ---- | C] ( ) -- C:\WINDOWS\System32\rsnpstd3.dll [2009.08.30 22:58:08 | 00,036,864 | ---- | C] ( ) -- C:\WINDOWS\System32\vsnpstd3.dll ========== Files - Modified Within 30 Days ========== [1 C:\WINDOWS\System32\*.tmp files] [3 C:\WINDOWS\*.tmp files] [2009.10.17 00:28:52 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\User\Desktop\OTL.exe [2009.10.17 00:22:11 | 00,000,000 | ---- | M] () -- C:\Documents and Settings\User\Desktop\settings.dat [2009.10.17 00:21:39 | 00,464,491 | ---- | M] () -- C:\Documents and Settings\User\Desktop\RootRepeal.zip [2009.10.17 00:19:16 | 00,843,167 | ---- | M] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe [2009.10.16 23:27:21 | 00,000,807 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009.10.16 23:23:37 | 00,243,457 | ---- | M] () -- C:\WINDOWS\System32\NvApps.xml [2009.10.16 23:23:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT [2009.10.16 23:23:34 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat [2009.10.16 23:22:41 | 02,641,962 | -H-- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db [2009.10.16 23:21:12 | 00,005,188 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\devcpp.ini [2009.10.16 23:21:12 | 00,000,462 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\devcpp.cfg [2009.10.16 21:12:33 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini [2009.10.16 21:11:54 | 00,002,257 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Skype.lnk [2009.10.16 15:20:55 | 00,000,196 | ---- | M] () -- C:\Documents and Settings\User\Desktop\options.bel [2009.10.16 12:51:54 | 00,193,420 | ---- | M] () -- C:\Documents and Settings\User\Desktop\tortskr.jpg [2009.10.15 16:17:37 | 00,002,353 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\SA Dictionary 2008 Beta 4.lnk [2009.10.14 18:36:36 | 00,001,603 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FIFA 10.lnk [2009.10.12 23:26:19 | 00,000,076 | ---- | M] () -- C:\Documents and Settings\User\Desktop\settings.ini [2009.10.12 14:53:49 | 00,002,206 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl [2009.10.10 15:59:12 | 00,000,340 | ---- | M] () -- C:\WINDOWS\MP3trt.ini [2009.10.09 21:46:14 | 09,162,753 | ---- | M] () -- C:\Documents and Settings\User\Desktop\12.Toni Dacheva i ork.Kristal - Bedni i bogati.mp3 [2009.10.07 21:48:55 | 00,402,838 | ---- | M] () -- C:\Documents and Settings\User\Desktop\061020091457.jpg [2009.10.07 21:48:44 | 00,437,015 | ---- | M] () -- C:\Documents and Settings\User\Desktop\061020091463.jpg [2009.10.07 20:28:07 | 00,891,960 | ---- | M] () -- C:\Documents and Settings\User\Desktop\Screen(10_07-20_24)-0000.jpg [2009.09.29 22:51:36 | 00,000,040 | ---- | M] () -- C:\WINDOWS\System32\imon1.dat [2009.09.26 22:20:17 | 00,009,728 | ---- | M] (by NiO_ShOoTer) -- C:\Documents and Settings\User\Desktop\RORO2.exe [2009.09.26 15:37:29 | 00,000,618 | ---- | M] () -- C:\Documents and Settings\User\Desktop\cs1.6.lnk [2009.09.23 17:44:08 | 00,051,872 | ---- | M] () -- C:\Documents and Settings\User\My Documents\1rad.jpg [2009.09.22 19:59:34 | 00,000,558 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\Favorite-Games.lnk [2009.09.19 22:16:27 | 00,000,681 | ---- | M] () -- C:\Documents and Settings\All Users\Desktop\FIFA 09.lnk [2009.09.19 22:14:42 | 00,000,706 | ---- | M] () -- C:\Documents and Settings\User\Desktop\MP3 To Ringtone Gold.lnk [2009.09.18 14:10:55 | 00,014,336 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.09.17 15:44:42 | 00,018,904 | ---- | M] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT ========== Files - No Company Name ========== [2009.10.17 00:22:11 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\User\Desktop\settings.dat [2009.10.17 00:21:33 | 00,464,491 | ---- | C] () -- C:\Documents and Settings\User\Desktop\RootRepeal.zip [2009.10.17 00:19:10 | 00,843,167 | ---- | C] () -- C:\Documents and Settings\User\Desktop\SecurityCheck.exe [2009.10.16 23:27:21 | 00,000,807 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Malwarebytes' Anti-Malware.lnk [2009.10.16 12:52:12 | 00,193,420 | ---- | C] () -- C:\Documents and Settings\User\Desktop\tortskr.jpg [2009.10.14 18:36:36 | 00,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\FIFA 10.lnk [2009.10.09 21:45:57 | 09,162,753 | ---- | C] () -- C:\Documents and Settings\User\Desktop\12.Toni Dacheva i ork.Kristal - Bedni i bogati.mp3 [2009.10.07 21:48:51 | 00,402,838 | ---- | C] () -- C:\Documents and Settings\User\Desktop\061020091457.jpg [2009.10.07 21:48:40 | 00,437,015 | ---- | C] () -- C:\Documents and Settings\User\Desktop\061020091463.jpg [2009.10.07 20:25:25 | 00,891,960 | ---- | C] () -- C:\Documents and Settings\User\Desktop\Screen(10_07-20_24)-0000.jpg [2009.10.07 13:51:01 | 00,000,076 | ---- | C] () -- C:\Documents and Settings\User\Desktop\settings.ini [2009.10.06 13:42:11 | 00,000,196 | ---- | C] () -- C:\Documents and Settings\User\Desktop\options.bel [2009.09.29 22:51:36 | 00,000,040 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat [2009.09.26 15:37:28 | 00,000,618 | ---- | C] () -- C:\Documents and Settings\User\Desktop\cs1.6.lnk [2009.09.23 17:44:06 | 00,051,872 | ---- | C] () -- C:\Documents and Settings\User\My Documents\1rad.jpg [2009.09.22 19:59:34 | 00,000,558 | ---- | C] () -- C:\Documents and Settings\All Users\Desktop\Favorite-Games.lnk [2009.09.20 18:42:26 | 00,000,462 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\devcpp.cfg [2009.09.20 18:42:24 | 00,005,188 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\devcpp.ini [2009.09.12 23:24:47 | 00,000,340 | ---- | C] () -- C:\WINDOWS\MP3trt.ini [2009.09.12 23:24:45 | 00,278,528 | ---- | C] () -- C:\WINDOWS\System32\ammpp.dll [2009.09.12 23:24:45 | 00,065,536 | ---- | C] () -- C:\WINDOWS\System32\a1.dll [2009.09.12 15:49:37 | 00,015,424 | ---- | C] () -- C:\WINDOWS\System32\drivers\nod32drv.sys [2009.09.09 13:05:38 | 00,043,520 | ---- | C] () -- C:\WINDOWS\System32\CmdLineExt03.dll [2009.09.07 00:59:38 | 00,018,904 | ---- | C] () -- C:\Documents and Settings\User\Application Data\GDIPFONTCACHEV1.DAT [2009.08.30 22:58:09 | 00,419,200 | ---- | C] () -- C:\WINDOWS\System32\drivers\snpstd3.sys [2009.08.30 22:58:09 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\dsnpstd3.dll [2009.08.30 22:58:09 | 00,015,498 | ---- | C] () -- C:\WINDOWS\snpstd3.ini [2009.08.30 22:55:50 | 00,172,032 | ---- | C] () -- C:\WINDOWS\JAPI2.DLL [2009.08.30 22:55:50 | 00,106,496 | ---- | C] () -- C:\WINDOWS\JAPI.DLL [2009.08.28 12:03:18 | 00,354,816 | ---- | C] () -- C:\WINDOWS\System32\psisdecd.dll [2009.08.19 19:31:22 | 00,022,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys [2009.08.17 15:12:50 | 00,000,273 | ---- | C] () -- C:\WINDOWS\game.ini [2009.08.17 14:57:12 | 00,717,296 | ---- | C] () -- C:\WINDOWS\System32\drivers\sptd.sys [2009.08.10 14:17:00 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini [2009.08.07 19:51:34 | 00,178,430 | ---- | C] () -- C:\WINDOWS\System32\xlive.dll.cat [2009.07.30 01:59:10 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini [2009.07.30 00:49:44 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll [2009.07.30 00:49:44 | 00,000,038 | ---- | C] () -- C:\WINDOWS\avisplitter.ini [2009.07.30 00:49:42 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll [2009.07.30 00:49:42 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll [2009.07.30 00:49:41 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll [2009.07.30 00:49:39 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest [2009.07.30 00:49:38 | 00,084,480 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll [2009.07.30 00:10:15 | 00,014,336 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini [2009.07.30 00:07:37 | 00,000,406 | ---- | C] () -- C:\WINDOWS\ODBC.INI [2009.07.30 00:03:54 | 02,641,962 | -H-- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\IconCache.db [2009.07.29 23:27:46 | 00,018,904 | ---- | C] () -- C:\Documents and Settings\User\Local Settings\Application Data\GDIPFONTCACHEV1.DAT [2009.07.29 23:23:14 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\User\Application Data\desktop.ini [2009.06.19 20:06:22 | 00,197,912 | ---- | C] () -- C:\WINDOWS\System32\physxcudart_20.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelTraditionalChinese.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSwedish.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSpanish.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelSimplifiedChinese.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelPortugese.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelKorean.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelJapanese.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelGerman.dll [2009.06.19 20:06:22 | 00,058,648 | ---- | C] () -- C:\WINDOWS\System32\AgCPanelFrench.dll [2001.08.23 14:00:00 | 00,000,927 | ---- | C] () -- C:\WINDOWS\win.ini [2001.08.23 14:00:00 | 00,000,231 | ---- | C] () -- C:\WINDOWS\system.ini ========== LOP Check ========== [2009.10.05 17:40:56 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data [2009.09.21 21:58:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Blizzard [2009.07.30 00:47:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\CyberLink [2009.08.17 14:59:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DAEMON Tools Lite [2009.08.20 22:07:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP [2009.09.01 18:27:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ubisoft [2009.07.30 01:59:10 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Default User\Application Data [2009.07.29 23:12:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\LocalService\Application Data [2009.07.29 23:12:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\NetworkService\Application Data [2009.09.20 18:27:36 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\User\Application Data [2009.10.16 22:12:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\BitTorrent [2009.09.18 16:32:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Capcom [2009.08.17 15:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DAEMON Tools [2009.08.17 15:01:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DAEMON Tools Lite [2009.08.17 15:00:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DAEMON Tools Pro [2009.09.20 18:38:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Dev-Cpp [2009.08.18 00:32:44 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\DNA [2009.08.17 16:58:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Leadertech [2009.08.20 21:57:58 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Sammsoft [2009.09.11 19:55:42 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\User\Application Data\SecuROM [2009.09.01 18:27:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\User\Application Data\Ubisoft [2001.08.23 14:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini [2009.10.16 23:23:35 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT ========== Purity Check ========== ========== Alternate Data Streams ========== @Alternate Data Stream - 110 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2 < End of report > OTL Extras logfile created on: 17.10.2009 г. 00:30:15 - Run 1 OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\User\Desktop Windows XP Professional Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation Internet Explorer (Version = 7.0.5730.13) Locale: 00000402 | Country: Bulgaria | Language: BGR | Date Format: dd.M.yyyy 'г.' 2,00 Gb Total Physical Memory | 1,35 Gb Available Physical Memory | 67,35% Memory free 3,85 Gb Paging File | 3,22 Gb Available in Paging File | 83,76% Paging File free Paging file location(s): C:\pagefile.sys 2046 4092 [binary data] %SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files Drive C: | 25,00 Gb Total Space | 15,81 Gb Free Space | 63,22% Space Free | Partition Type: NTFS Drive D: | 136,52 Gb Total Space | 28,81 Gb Free Space | 21,11% Space Free | Partition Type: NTFS Drive E: | 136,55 Gb Total Space | 65,76 Gb Free Space | 48,16% Space Free | Partition Type: NTFS F: Drive not present or media not loaded G: Drive not present or media not loaded H: Drive not present or media not loaded I: Drive not present or media not loaded Computer Name: ADMIN Current User Name: User Logged in as Administrator. Current Boot Mode: Normal Scan Mode: All users Company Name Whitelist: Off Skip Microsoft Files: Off File Age = 30 Days Output = Standard ========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>] .chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation) .html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) ========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command] batfile [open] -- "%1" %* File not found chm.file [open] -- "C:\WINDOWS\hh.exe" %1 (Microsoft Corporation) cmdfile [open] -- "%1" %* File not found comfile [open] -- "%1" %* File not found exefile [open] -- "%1" %* File not found htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" %1 (Microsoft Corporation) htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) htmlfile [print] -- "C:\Program Files\Microsoft Office\Office10\msohtmed.exe" /p %1 (Microsoft Corporation) http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" -nohome (Microsoft Corporation) piffile [open] -- "%1" %* File not found regfile [merge] -- Reg Error: Key error. scrfile [config] -- "%1" File not found scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation) scrfile [open] -- "%1" /S File not found txtfile [edit] -- Reg Error: Key error. Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Directory [Winamp.Bookmark] -- "C:\Program Files\Winamp\winamp.exe" /BOOKMARK "%1" (Nullsoft) Directory [Winamp.Enqueue] -- "C:\Program Files\Winamp\winamp.exe" /ADD "%1" (Nullsoft) Directory [Winamp.Play] -- "C:\Program Files\Winamp\winamp.exe" "%1" (Nullsoft) Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation) Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation) Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation) Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation) CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation) ========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center] "FirstRunDisabled" = 1 "AntiVirusOverride" = 1 "FirewallOverride" = 1 "AntiVirusDisableNotify" = 0 "FirewallDisableNotify" = 0 "UpdatesDisableNotify" = 0 [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile] "DisableNotifications" = 0 [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List] "1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007 "2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008 ========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List] "%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation) "C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.) "C:\Program Files\BitTorrent\bittorrent.exe" = C:\Program Files\BitTorrent\bittorrent.exe:*:Enabled:BitTorrent -- (BitTorrent, Inc.) "C:\Program Files\FlashGet\flashget.exe" = C:\Program Files\FlashGet\flashget.exe:*:Enabled:Flashget -- File not found "D:\Games\CS\hl.exe" = D:\Games\CS\hl.exe:*:Enabled:Half-Life Launcher -- File not found "D:\Games\COD4\iw3mp.exe" = D:\Games\COD4\iw3mp.exe:*:Enabled:Call of Duty® 4 - Modern Warfare -- () "D:\Games\MotoGP\Launcher.exe" = D:\Games\MotoGP\Launcher.exe:*:Enabled:MotoGP 08 -- File not found "D:\Games\WOW\World of Warcraft\WoW-3.2.0-enUS-downloader.exe" = D:\Games\WOW\World of Warcraft\WoW-3.2.0-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\Games\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe" = D:\Games\WOW\World of Warcraft\WoW-3.2.0.10192-to-3.2.0.10314-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "D:\Games\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe" = D:\Games\WOW\World of Warcraft\WoW-3.2.0.10314-to-3.2.2.10482-enUS-downloader.exe:*:Enabled:Blizzard Downloader -- File not found "C:\Program Files\Networx-BG\Helper\winvnc.exe" = C:\Program Files\Networx-BG\Helper\winvnc.exe:192.168.11.0/255.255.255.0:Enabled:Networx-BG Helper VNC -- (Constantin Kaplinsky) "C:\Program Files\Skype\Phone\Skype.exe" = C:\Program Files\Skype\Phone\Skype.exe:*:Enabled:Skype -- (Skype Technologies S.A.) ========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "{055A5AF0-9FEB-440D-B00A-18935C7C171C}" = SA Dictionary 2008 Beta 4 "{11202615-E557-4ECF-9B86-F59C81E52909}" = FIFA 10 "{2315B23D-3E21-4920-837D-AE6460934ECB}" = FIFA 09 "{2E660A2A-A55F-43CD-9F73-CAD7382EEB78}" = Microsoft Games for Windows - LIVE Redistributable "{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP "{3921A67A-5AB1-4E48-9444-C71814CF3027}" = VCRedistSetup "{3C5F1B30-B10B-4579-86DD-D00F662E487A}" = Nero 8 Ultra Edition HD "{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml "{5A438E06-0BB3-4C5F-0085-B14F1F4077E6}" = FIFA 07 "{5C82DAE5-6EB0-4374-9254-BE3319BA4E82}" = Skype™ 3.8 "{5DB65884-C963-4454-AABA-4CA3089281FA}" = NVIDIA PhysX "{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}" = PowerDVD "{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable "{90110402-6000-11D3-8CFE-0050048383C9}" = Microsoft Office XP Professional "{9964DA70-CA9D-48BD-93E6-19F121143958}" = Helper "{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2 "{ADE91A13-434D-4229-00BC-182BAD607303}" = Need for Speed™ Most Wanted "{BBF0A67B-5DBA-452F-9D2E-6F168BC226E4}" = Need for Speed™ SHIFT "{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2 "{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1 "{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "{ECD03DA7-5952-406A-8156-5F0C93618D1F}" = A4 TECH USB PC Camera "{F112F66E-25CA-42DD-983C-6118EB38F606}" = Microsoft Games for Windows - LIVE "{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver "Advanced Registry Optimizer_is1" = Advanced Registry Optimizer "AXIS Media Control Embedded" = AXIS Media Control Embedded "BFL 07 v2.0" = BFL 07 v2.0 "BSPlayer1" = BSPlayer "DAEMON Tools Toolbar" = DAEMON Tools Toolbar "Deer Hunter Tournament_is1" = Deer Hunter Tournament "EVEREST Corporate Edition_is1" = EVEREST Corporate Edition v4.50 "Favorite-Games_is1" = Favorite-Games 5.16 "HijackThis" = HijackThis 2.0.2 "InstallShield_{E48469CC-635E-4FD5-A122-1497C286D217}" = Call of Duty® 4 - Modern Warfare "KLiteCodecPack_is1" = K-Lite Codec Pack 4.8.5 (Full) "Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware "Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1 "MP3 To Ringtone Gold_is1" = MP3 To Ringtone Gold 3.16 "MSNINST" = MSN "NOD32" = NOD32 Antivirus System "NVIDIA Drivers" = NVIDIA Drivers "NVIDIA nView Desktop Manager" = NVIDIA nView Desktop Manager "Steam" = Steam "Winamp" = Winamp "Windows Media Format Runtime" = Windows Media Format 11 runtime "WinRAR archiver" = WinRAR archiver "WMFDist11" = Windows Media Format 11 runtime ========== HKEY_USERS Uninstall List ========== [HKEY_USERS\S-1-5-21-583907252-1757981266-682003330-1003\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall] "BitTorrent" = BitTorrent "BitTorrent DNA" = DNA ========== Last 10 Event Log Errors ========== [ Application Events ] Error - 20.9.2009 г. 07:20:05 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application shift.exe, version 1.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 20.9.2009 г. 11:15:08 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 20.9.2009 г. 11:17:43 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application IEXPLORE.EXE, version 7.0.6000.16791, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 20.9.2009 г. 16:06:09 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application shift.exe, version 1.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 21.9.2009 г. 04:06:05 | Computer Name = ADMIN | Source = Application Error | ID = 1000 Description = Faulting application vroach.exe, version 1.5.0.7, faulting module vroach.exe, version 1.5.0.7, fault address 0x0001b04c. Error - 21.9.2009 г. 06:08:08 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application shift.exe, version 1.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 21.9.2009 г. 13:29:50 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application shift.exe, version 1.0.0.0, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 23.9.2009 г. 07:22:08 | Computer Name = ADMIN | Source = Application Hang | ID = 1002 Description = Hanging application hl.exe, version 1.1.1.1, hang module hungapp, version 0.0.0.0, hang address 0x00000000. Error - 23.9.2009 г. 12:05:20 | Computer Name = ADMIN | Source = Application Error | ID = 1000 Description = Faulting application hlds.exe, version 4.1.1.1, faulting module swds.dll, version 0.0.0.0, fault address 0x00096305. Error - 23.9.2009 г. 12:17:54 | Computer Name = ADMIN | Source = Application Error | ID = 1000 Description = Faulting application hlds.exe, version 4.1.1.1, faulting module swds.dll, version 0.0.0.0, fault address 0x00096305. [ System Events ] Error - 01.10.2009 г. 10:39:45 | Computer Name = ADMIN | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 02.10.2009 г. 06:22:51 | Computer Name = ADMIN | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 02.10.2009 г. 06:22:51 | Computer Name = ADMIN | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 02.10.2009 г. 06:22:57 | Computer Name = ADMIN | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 02.10.2009 г. 06:22:57 | Computer Name = ADMIN | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 02.10.2009 г. 06:23:30 | Computer Name = ADMIN | Source = W32Time | ID = 39452689 Description = Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) Error - 02.10.2009 г. 06:23:30 | Computer Name = ADMIN | Source = W32Time | ID = 39452701 Description = The time provider NtpClient is configured to acquire time from one or more time sources, however none of the sources are currently accessible. No attempt to contact a source will be made for 14 minutes. NtpClient has no source of accurate time. Error - 05.10.2009 г. 10:39:38 | Computer Name = ADMIN | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error - 05.10.2009 г. 13:56:15 | Computer Name = ADMIN | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} Error - 16.10.2009 г. 16:22:30 | Computer Name = ADMIN | Source = DCOM | ID = 10005 Description = DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334} < End of report >
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.