Премини към съдържанието

TheSa1nt

Потребител
  • Публикации

    6
  • Регистрация

  • Последно онлайн

Харесвания

0 Неутрална репутация

Всичко за TheSa1nt

  • Титла
    Новобранец
  1. ESETSmartInstaller@High as downloader log: all ok # version=6 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.6050 # api_version=3.0.2 # EOSSerial=ee960a30e1a9a34f9da6b5bdc969e10b # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2009-10-23 06:22:40 # local_time=2009-10-23 09:22:40 (+0200, FLE Daylight Time) # country="Bulgaria" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # compatibility_mode=769 21 100 100 41390625000 # scanned=37475 # found=4 # cleaned=4 # scan_time=3808 C:\System Volume Information\_restore{5B6B268F-5DDB-408F-8F12-947ED76B695D}\RP10\A0003890.exe Win32/Adware.WhenU.SaveNow application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C D:\Programi\brutus-aet2.zip Win32/PSWTool.Brutus application (deleted - quarantined) 00000000000000000000000000000000 C D:\Programi\RatioMaster-1.7.5.zip probably a variant of Win32/Spy.Agent trojan (deleted - quarantined) 00000000000000000000000000000000 C D:\Programi\brutus\BrutusA2.exe Win32/PSWTool.Brutus application (cleaned by deleting - quarantined) 00000000000000000000000000000000 C
  2. ComboFix 09-10-17.01 - ilian 10.2009 г. 16:26.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.1023.617 [GMT 3:00] Running from: c:\documents and settings\ilian\Desktop\Tool.exe Command switches used :: c:\documents and settings\ilian\Desktop\CFScript.txt.txt AV: avast! antivirus 4.8.1351 [VPS 091017-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-09-18 to 2009-10-18 ))))))))))))))))))))))))))))))) . 2009-10-18 13:03 . 2009-10-18 13:09 -------- d-----w- C:\ComboFix 2009-10-18 10:45 . 2009-10-18 10:45 -------- d-----w- c:\program files\Foxit Software 2009-10-18 10:45 . 2009-10-18 10:45 -------- d-----w- c:\documents and settings\ilian\Application Data\Foxit 2009-10-17 14:09 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-17 14:09 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-17 10:05 . 2009-10-17 10:10 -------- d-----w- c:\documents and settings\ilian\Application Data\Uniblue 2009-10-17 10:05 . 2009-10-17 10:10 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-10-17 10:01 . 2009-10-17 10:01 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\eSupport.com 2009-10-17 09:22 . 2009-10-17 09:22 -------- d-----w- c:\program files\Trend Micro 2009-10-16 21:17 . 2009-10-16 21:17 -------- d-----w- c:\documents and settings\ilian\Application Data\Malwarebytes 2009-10-16 21:17 . 2009-10-16 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-10-11 08:42 . 2009-10-11 08:42 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\Adobe 2009-09-19 17:07 . 2009-09-19 17:07 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\Identities 2009-09-18 19:09 . 2001-08-17 19:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll 2009-09-18 19:09 . 2001-08-17 19:36 8192 ----a-w- c:\windows\system32\kbdkor.dll 2009-09-18 19:09 . 2001-08-17 19:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll 2009-09-18 19:09 . 2001-08-17 19:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd106.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd101c.dll 2009-09-18 19:09 . 2001-08-17 11:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll 2009-09-18 19:09 . 2001-08-17 11:55 5632 ----a-w- c:\windows\system32\kbd103.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd101b.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-18 13:23 . 2009-09-07 14:31 -------- d-----w- c:\documents and settings\ilian\Application Data\Skype 2009-10-18 10:40 . 2009-09-07 14:03 -------- d-----w- c:\program files\NVIDIA Corporation 2009-10-17 22:45 . 2009-09-07 16:19 -------- d-----w- c:\program files\Garena 2009-09-27 09:30 . 2009-09-07 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth 2009-09-25 05:56 . 2004-08-04 12:00 662016 ------w- c:\windows\system32\wininet.dll 2009-09-25 05:56 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-13 01:19 . 2009-09-13 01:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-13 01:18 . 2009-09-13 01:17 4096 ----a-w- c:\windows\system32\detoured.dll 2009-09-13 01:17 . 2009-09-07 15:22 17144 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT 2009-09-11 14:33 . 2004-08-04 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 21:00 . 2009-09-10 21:00 -------- d-----w- c:\program files\Gabest 2009-09-10 14:37 . 2009-09-10 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-09-07 16:09 . 2009-09-07 16:09 -------- d-----w- c:\program files\IVT Corporation 2009-09-07 15:56 . 2009-09-07 15:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-09-07 15:55 . 2009-09-07 15:25 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-09-07 15:55 . 2009-09-07 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-09-07 15:55 . 2009-09-07 15:51 -------- d-----w- c:\documents and settings\ilian\Application Data\DAEMON Tools Lite 2009-09-07 15:54 . 2009-09-07 15:54 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-07 15:54 . 2009-09-07 15:49 -------- d-----w- c:\program files\VVSN 2009-09-07 15:51 . 2009-09-07 15:51 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-09-07 15:51 . 2009-09-07 15:51 -------- d-----w- c:\program files\Spider Video Downloader 2009-09-07 15:50 . 2009-09-07 15:50 -------- d-----w- c:\documents and settings\ilian\Application Data\AVI ReComp 2009-09-07 15:47 . 2009-09-07 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2009-09-07 15:46 . 2009-09-07 15:42 -------- d-----w- c:\documents and settings\ilian\Application Data\Winamp 2009-09-07 15:45 . 2009-09-07 15:42 -------- d-----w- c:\program files\Winamp 2009-09-07 15:31 . 2009-09-07 15:31 -------- d-----w- c:\program files\Nero 2009-09-07 15:31 . 2009-09-07 15:31 -------- d-----w- c:\program files\Common Files\Ahead 2009-09-07 15:12 . 2009-09-07 15:12 -------- d-----w- c:\program files\Alwil Software 2009-09-07 15:08 . 2009-09-07 15:08 14 ----a-w- c:\windows\system32\SystemInfo32.sys 2009-09-07 15:08 . 2009-09-07 15:08 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD X Studios 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\program files\Codec Pack - All In 1 2009-09-07 15:04 . 2009-09-07 15:04 737280 ----a-w- c:\windows\iun6002.exe 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\documents and settings\ilian\Application Data\GRETECH 2009-09-07 15:03 . 2009-09-07 15:03 -------- d-----w- c:\program files\GRETECH 2009-09-07 15:03 . 2009-09-07 15:03 -------- d-----w- c:\program files\Combined Community Codec Pack 2009-09-07 15:02 . 2009-09-07 15:02 -------- d-----w- c:\program files\XP Codec Pack 2009-09-07 15:02 . 2009-09-07 15:02 -------- d-----w- c:\program files\Xvid 2009-09-07 14:49 . 2009-09-07 14:49 -------- d-----w- c:\program files\Common Files\Skype 2009-09-07 14:49 . 2009-09-07 14:31 -------- d-----w- c:\program files\Skype 2009-09-07 14:31 . 2009-09-07 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-09-07 14:20 . 2009-09-07 14:20 -------- d-----w- c:\program files\AMD 2009-09-07 14:20 . 2009-09-07 14:03 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-07 14:04 . 2009-09-07 14:00 -------- d-----w- c:\program files\Common Files\InstallShield 2009-09-07 14:03 . 2009-09-07 14:03 -------- d-----w- c:\program files\Common Files\NVIDIA Shared 2009-09-07 12:49 . 2009-09-07 12:49 12328 ----a-w- c:\documents and settings\ilian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-07 12:43 . 2009-09-07 12:43 -------- d-----w- c:\program files\microsoft frontpage 2009-09-07 12:39 . 2009-09-07 12:39 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-09-04 20:45 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-26 08:16 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-17 16:10 . 2009-09-07 16:00 1279456 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-17 16:06 . 2009-09-07 16:00 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-17 16:06 . 2009-09-07 16:00 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-17 16:05 . 2009-09-07 16:00 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-17 16:05 . 2009-09-07 16:00 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:04 . 2009-09-07 16:00 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-17 16:04 . 2009-09-07 16:00 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-17 16:03 . 2009-09-07 16:00 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-17 16:02 . 2009-09-07 16:00 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-05 09:11 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-04 14:00 . 2004-08-04 12:00 2180352 ------w- c:\windows\system32\ntoskrnl.exe 2009-08-04 13:13 . 2004-08-03 22:59 2057728 ------w- c:\windows\system32\ntkrnlpa.exe 2009-07-29 04:53 . 2004-08-04 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-07-29 04:53 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll . ((((((((((((((((((((((((((((( SnapShot@2009-10-18_13.08.31 ))))))))))))))))))))))))))))))))))))))))) . + 2009-10-18 13:30 . 2009-10-18 13:30 16384 c:\windows\Temp\Perflib_Perfdata_b40.dat + 2009-10-18 13:29 . 2009-10-18 13:29 16384 c:\windows\Temp\Perflib_Perfdata_754.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-12-11 25343016] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-6-6 657168] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12971:TCP"= 12971:TCP:BitComet 12971 TCP "12971:UDP"= 12971:UDP:BitComet 12971 UDP R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [07.9.2009 г. 17:02 16640] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07.9.2009 г. 19:00 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07.9.2009 г. 19:00 20560] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp --> c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp [?] S3 KTalk;KTalk;\??\c:\docume~1\ilian\LOCALS~1\Temp\ktalk.sys --> c:\docume~1\ilian\LOCALS~1\Temp\ktalk.sys [?] . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: {14528C1A-5C98-4F8D-85BB-7179F5C41578} = 212.50.0.10,212.50.0.15 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-18 16:29 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3628) c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\tool\CF8132.exe c:\windows\system32\rundll32.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\wdfmgr.exe c:\program files\Alwil Software\Avast4\ashMaiSv.exe c:\program files\Alwil Software\Avast4\ashWebSv.exe c:\program files\Skype\Plugin Manager\skypePM.exe c:\windows\system32\wscntfy.exe . ************************************************************************** . Completion time: 2009-10-18 16:32 - machine was rebooted ComboFix-quarantined-files.txt 2009-10-18 13:32 ComboFix2.txt 2009-10-18 13:09 Pre-Run: 14 720 774 144 bytes free Post-Run: 14 681 743 360 bytes free 189 --- E O F --- 2009-10-17 10:25
  3. ComboFix 09-10-17.01 - ilian 10.2009 г. 16:03.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.1023.567 [GMT 3:00] Running from: c:\documents and settings\ilian\Desktop\ComboFix.exe AV: avast! antivirus 4.8.1351 [VPS 091017-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\438e7.msi c:\windows\Installer\47f8c.msi . ((((((((((((((((((((((((( Files Created from 2009-09-18 to 2009-10-18 ))))))))))))))))))))))))))))))) . 2009-10-18 10:45 . 2009-10-18 10:45 -------- d-----w- c:\program files\Foxit Software 2009-10-18 10:45 . 2009-10-18 10:45 -------- d-----w- c:\documents and settings\ilian\Application Data\Foxit 2009-10-17 14:09 . 2009-09-10 11:54 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-17 14:09 . 2009-09-10 11:53 19160 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-10-17 10:05 . 2009-10-17 10:10 -------- d-----w- c:\documents and settings\ilian\Application Data\Uniblue 2009-10-17 10:05 . 2009-10-17 10:10 -------- d-----w- c:\documents and settings\All Users\Application Data\DriverScanner 2009-10-17 10:01 . 2009-10-17 10:01 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\eSupport.com 2009-10-17 09:22 . 2009-10-17 09:22 -------- d-----w- c:\program files\Trend Micro 2009-10-16 21:17 . 2009-10-16 21:17 -------- d-----w- c:\documents and settings\ilian\Application Data\Malwarebytes 2009-10-16 21:17 . 2009-10-16 21:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-10-11 08:42 . 2009-10-11 08:42 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\Adobe 2009-09-19 17:07 . 2009-09-19 17:07 -------- d-----w- c:\documents and settings\ilian\Local Settings\Application Data\Identities 2009-09-18 19:09 . 2001-08-17 19:36 8192 -c--a-w- c:\windows\system32\dllcache\kbdkor.dll 2009-09-18 19:09 . 2001-08-17 19:36 8192 ----a-w- c:\windows\system32\kbdkor.dll 2009-09-18 19:09 . 2001-08-17 19:36 8704 -c--a-w- c:\windows\system32\dllcache\kbdjpn.dll 2009-09-18 19:09 . 2001-08-17 19:36 8704 ----a-w- c:\windows\system32\kbdjpn.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd106.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101c.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd106.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd101c.dll 2009-09-18 19:09 . 2001-08-17 11:55 5632 -c--a-w- c:\windows\system32\dllcache\kbd103.dll 2009-09-18 19:09 . 2001-08-17 11:55 5632 ----a-w- c:\windows\system32\kbd103.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 -c--a-w- c:\windows\system32\dllcache\kbd101b.dll 2009-09-18 19:09 . 2001-08-17 11:55 6144 ----a-w- c:\windows\system32\kbd101b.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-10-18 13:06 . 2009-09-07 14:31 -------- d-----w- c:\documents and settings\ilian\Application Data\Skype 2009-10-18 10:40 . 2009-09-07 14:03 -------- d-----w- c:\program files\NVIDIA Corporation 2009-10-17 22:45 . 2009-09-07 16:19 -------- d-----w- c:\program files\Garena 2009-09-27 09:30 . 2009-09-07 16:54 -------- d-----w- c:\documents and settings\All Users\Application Data\Bluetooth 2009-09-25 05:56 . 2004-08-04 12:00 662016 ----a-w- c:\windows\system32\wininet.dll 2009-09-25 05:56 . 2004-08-04 12:00 81920 ----a-w- c:\windows\system32\ieencode.dll 2009-09-13 01:19 . 2009-09-13 01:16 -------- d---a-w- c:\documents and settings\All Users\Application Data\TEMP 2009-09-13 01:18 . 2009-09-13 01:17 4096 ----a-w- c:\windows\system32\detoured.dll 2009-09-13 01:17 . 2009-09-07 15:22 17144 ----a-w- c:\windows\system32\GDIPFONTCACHEV1.DAT 2009-09-11 14:33 . 2004-08-04 12:00 133632 ----a-w- c:\windows\system32\msv1_0.dll 2009-09-10 21:00 . 2009-09-10 21:00 -------- d-----w- c:\program files\Gabest 2009-09-10 14:37 . 2009-09-10 14:37 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2009-09-07 16:09 . 2009-09-07 16:09 -------- d-----w- c:\program files\IVT Corporation 2009-09-07 15:56 . 2009-09-07 15:54 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2009-09-07 15:55 . 2009-09-07 15:25 -------- d-----w- c:\program files\Spybot - Search & Destroy 2009-09-07 15:55 . 2009-09-07 15:25 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2009-09-07 15:55 . 2009-09-07 15:51 -------- d-----w- c:\documents and settings\ilian\Application Data\DAEMON Tools Lite 2009-09-07 15:54 . 2009-09-07 15:54 -------- d-----w- c:\program files\DAEMON Tools Lite 2009-09-07 15:54 . 2009-09-07 15:49 -------- d-----w- c:\program files\VVSN 2009-09-07 15:51 . 2009-09-07 15:51 721904 ----a-w- c:\windows\system32\drivers\sptd.sys 2009-09-07 15:51 . 2009-09-07 15:51 -------- d-----w- c:\program files\Spider Video Downloader 2009-09-07 15:50 . 2009-09-07 15:50 -------- d-----w- c:\documents and settings\ilian\Application Data\AVI ReComp 2009-09-07 15:47 . 2009-09-07 15:47 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2009-09-07 15:46 . 2009-09-07 15:42 -------- d-----w- c:\documents and settings\ilian\Application Data\Winamp 2009-09-07 15:45 . 2009-09-07 15:42 -------- d-----w- c:\program files\Winamp 2009-09-07 15:31 . 2009-09-07 15:31 -------- d-----w- c:\program files\Nero 2009-09-07 15:31 . 2009-09-07 15:31 -------- d-----w- c:\program files\Common Files\Ahead 2009-09-07 15:12 . 2009-09-07 15:12 -------- d-----w- c:\program files\Alwil Software 2009-09-07 15:08 . 2009-09-07 15:08 14 ----a-w- c:\windows\system32\SystemInfo32.sys 2009-09-07 15:08 . 2009-09-07 15:08 -------- d-----w- c:\documents and settings\All Users\Application Data\DVD X Studios 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\program files\Codec Pack - All In 1 2009-09-07 15:04 . 2009-09-07 15:04 737280 ----a-w- c:\windows\iun6002.exe 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\documents and settings\All Users\Application Data\GRETECH 2009-09-07 15:04 . 2009-09-07 15:04 -------- d-----w- c:\documents and settings\ilian\Application Data\GRETECH 2009-09-07 15:03 . 2009-09-07 15:03 -------- d-----w- c:\program files\GRETECH 2009-09-07 15:03 . 2009-09-07 15:03 -------- d-----w- c:\program files\Combined Community Codec Pack 2009-09-07 15:02 . 2009-09-07 15:02 -------- d-----w- c:\program files\XP Codec Pack 2009-09-07 15:02 . 2009-09-07 15:02 -------- d-----w- c:\program files\Xvid 2009-09-07 14:49 . 2009-09-07 14:49 -------- d-----w- c:\program files\Common Files\Skype 2009-09-07 14:49 . 2009-09-07 14:31 -------- d-----w- c:\program files\Skype 2009-09-07 14:31 . 2009-09-07 14:31 -------- d-----w- c:\documents and settings\All Users\Application Data\Skype 2009-09-07 14:20 . 2009-09-07 14:20 -------- d-----w- c:\program files\AMD 2009-09-07 14:20 . 2009-09-07 14:03 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-09-07 14:04 . 2009-09-07 14:00 -------- d-----w- c:\program files\Common Files\InstallShield 2009-09-07 14:03 . 2009-09-07 14:03 -------- d-----w- c:\program files\Common Files\NVIDIA Shared 2009-09-07 12:49 . 2009-09-07 12:49 12328 ----a-w- c:\documents and settings\ilian\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-09-07 12:43 . 2009-09-07 12:43 -------- d-----w- c:\program files\microsoft frontpage 2009-09-07 12:39 . 2009-09-07 12:39 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2009-09-04 20:45 . 2004-08-04 12:00 58880 ----a-w- c:\windows\system32\msasn1.dll 2009-08-26 08:16 . 2004-08-04 12:00 247326 ----a-w- c:\windows\system32\strmdll.dll 2009-08-17 16:10 . 2009-09-07 16:00 1279456 ----a-w- c:\windows\system32\aswBoot.exe 2009-08-17 16:06 . 2009-09-07 16:00 93392 ----a-w- c:\windows\system32\drivers\aswmon.sys 2009-08-17 16:06 . 2009-09-07 16:00 94160 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2009-08-17 16:05 . 2009-09-07 16:00 114768 ----a-w- c:\windows\system32\drivers\aswSP.sys 2009-08-17 16:05 . 2009-09-07 16:00 20560 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2009-08-17 16:04 . 2009-09-07 16:00 51376 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2009-08-17 16:04 . 2009-09-07 16:00 23152 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2009-08-17 16:03 . 2009-09-07 16:00 26944 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2009-08-17 16:02 . 2009-09-07 16:00 97480 ----a-w- c:\windows\system32\AvastSS.scr 2009-08-05 09:11 . 2004-08-04 12:00 204800 ----a-w- c:\windows\system32\mswebdvd.dll 2009-08-04 14:00 . 2004-08-04 12:00 2180352 ----a-w- c:\windows\system32\ntoskrnl.exe 2009-08-04 13:13 . 2004-08-03 22:59 2057728 ----a-w- c:\windows\system32\ntkrnlpa.exe 2009-07-29 04:53 . 2004-08-04 12:00 82432 ----a-w- c:\windows\system32\fontsub.dll 2009-07-29 04:53 . 2004-08-04 12:00 119808 ----a-w- c:\windows\system32\t2embed.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2006-12-11 25343016] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe" [2005-09-03 94208] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2009-04-23 691656] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NVMixerTray"="c:\program files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" [2004-12-20 131072] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-10-07 13574144] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-10-07 86016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "avast!"="c:\progra~1\ALWILS~1\Avast4\ashDisp.exe" [2009-08-17 81000] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-10-07 1630208] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-04 15360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-6-6 657168] Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "12971:TCP"= 12971:TCP:BitComet 12971 TCP "12971:UDP"= 12971:UDP:BitComet 12971 UDP R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [07.9.2009 г. 17:02 16640] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [07.9.2009 г. 19:00 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [07.9.2009 г. 19:00 20560] S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp --> c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp [?] S3 KTalk;KTalk;\??\c:\docume~1\ilian\LOCALS~1\Temp\ktalk.sys --> c:\docume~1\ilian\LOCALS~1\Temp\ktalk.sys [?] --- Other Services/Drivers In Memory --- *NewlyCreated* - UWLOAUOB *Deregistered* - uwloauob . . ------- Supplementary Scan ------- . uStart Page = hxxp://google.com/ IE: Е&кспортирай в Microsoft Excel - c:\progra~1\MICROS~2\Office10\EXCEL.EXE/3000 TCP: {14528C1A-5C98-4F8D-85BB-7179F5C41578} = 212.50.0.10,212.50.0.15 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-10-18 16:08 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine] "ImagePath"="\??\c:\docume~1\ilian\LOCALS~1\Temp\BOC2.tmp" . Completion time: 2009-10-18 16:09 ComboFix-quarantined-files.txt 2009-10-18 13:09 Pre-Run: 14 049 316 864 bytes free Post-Run: 14 713 929 728 bytes free 170 --- E O F --- 2009-10-17 10:25
  4. Деинсталирал съм NVIDIA ForceWare Network Access Manager и Adobe Reader 7.0,а Skype Plugin Managerне присъстваше в списъка с програми.Инсталирал съм Foxit Reader 3.1.2 Build 1013.Ето и лога от GMER: GMER 1.0.15.15163 - http://www.gmer.net Rootkit scan 2009-10-18 15:13:28 Windows 5.1.2600 Service Pack 2 Running: tool.exe; Driver: C:\DOCUME~1\ilian\LOCALS~1\Temp\uwloauob.sys ---- System - GMER 1.0.15 ---- SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwClose [0xEB46F6B8] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwCreateKey [0xEB46F574] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDeleteValueKey [0xEB46FA52] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwDuplicateObject [0xEB46F14C] SSDT spdr.sys ZwEnumerateKey [0xF72A4CA4] SSDT spdr.sys ZwEnumerateValueKey [0xF72A5032] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenKey [0xEB46F64E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenProcess [0xEB46F08C] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwOpenThread [0xEB46F0F0] SSDT spdr.sys ZwQueryKey [0xF72A510A] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwQueryValueKey [0xEB46F76E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwRestoreKey [0xEB46F72E] SSDT \SystemRoot\System32\Drivers\aswSP.SYS (avast! self protection module/ALWIL Software) ZwSetValueKey [0xEB46F8AE] INT 0x62 ? 86571BF8 INT 0x63 ? 863A2BF8 INT 0x73 ? 865DDBF8 INT 0x82 ? 86571BF8 INT 0x83 ? 865DDBF8 INT 0xB4 ? 863A2BF8 ---- Kernel code sections - GMER 1.0.15 ---- ? spdr.sys The system cannot find the file specified. ! .text USBPORT.SYS!DllUnload F62A762C 5 Bytes JMP 863A21D8 .text abj16ak1.SYS F5667386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text abj16ak1.SYS F56673AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text abj16ak1.SYS F56673C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text abj16ak1.SYS F56673C9 1 Byte [30] .text abj16ak1.SYS F56673C9 11 Bytes [30, 00, 00, 00, 5C, 02, 00, ...] {XOR [EAX], AL; ADD [EAX], AL; POP ESP; ADD AL, [EAX]; ADD [EAX], AL; ADD [EAX], AL} .text ... ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [F7287042] spdr.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [F728713E] spdr.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [F72870C0] spdr.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [F7287800] spdr.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [F72876D6] spdr.sys IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KfAcquireSpinLock] 0C8D1C46 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!READ_PORT_UCHAR] B08B8932 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KeGetCurrentIrql] 89000001 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KfRaiseIrql] 0001BC83 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KfLowerIrql] 24468B00 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!HalGetInterruptVector] 89820C8D IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!HalTranslateBusAddress] D18BF84D IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KeStallExecutionProcessor] 860F1639 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!KfReleaseSpinLock] 000000BD IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 0208B389 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 7400067E IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[HAL.dll!WRITE_PORT_UCHAR] 89D60320 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[WMILIB.SYS!WmiSystemControl] 8D168B00 IAT \SystemRoot\System32\Drivers\abj16ak1.SYS[WMILIB.SYS!WmiCompleteRequest] F0003284 IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [F7296E9C] spdr.sys ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\system32\services.exe[936] @ C:\WINDOWS\system32\services.exe [ADVAPI32.dll!CreateProcessAsUserW] 00370002 IAT C:\WINDOWS\system32\services.exe[936] @ C:\WINDOWS\system32\services.exe [KERNEL32.dll!CreateProcessW] 00370000 ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 865DC1F8 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbohci \Device\USBPDO-0 862ED1F8 Device \Driver\usbehci \Device\USBPDO-1 862E9500 Device \Driver\dmio \Device\DmControl\DmIoDaemon 865721F8 Device \Driver\dmio \Device\DmControl\DmConfig 865721F8 Device \Driver\dmio \Device\DmControl\DmPnP 865721F8 Device \Driver\dmio \Device\DmControl\DmInfo 865721F8 AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\PCI_PNP6990 \Device\00000057 spdr.sys Device \Driver\Ftdisk \Device\HarddiskVolume1 865DF1F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 865DF1F8 Device \Driver\Cdrom \Device\CdRom0 863721F8 Device \Driver\Cdrom \Device\CdRom1 863721F8 Device \Driver\NetBT \Device\NetBt_Wins_Export 852E01F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{14528C1A-5C98-4F8D-85BB-7179F5C41578} 852E01F8 Device \Driver\sptd \Device\2451468240 spdr.sys Device \Driver\NetBT \Device\NetbiosSmb 852E01F8 AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) Device \Driver\usbohci \Device\USBFDO-0 862ED1F8 Device \Driver\NetBT \Device\NetBT_Tcpip_{8851D721-FC48-44C4-AF95-91EC8E49A647} 852E01F8 Device \Driver\usbehci \Device\USBFDO-1 862E9500 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 8538F1F8 Device \Driver\nvata \Device\NvAta1 865DD1F8 Device \Driver\nvata \Device\NvAta2 865DD1F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 8538F1F8 Device \Driver\Ftdisk \Device\FtControl 865DF1F8 Device \Driver\abj16ak1 \Device\Scsi\abj16ak11 862F7490 Device \Driver\abj16ak1 \Device\Scsi\abj16ak11Port3Path0Target0Lun0 862F7490 Device \FileSystem\Cdfs \Cdfs 8622D500 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x20 0xB5 0x5E 0x8E ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9F 0xD2 0xEB 0x4F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7C 0xBE 0xCB 0x8D ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC@hdf12 0x20 0xB5 0x5E 0x8E ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001@hdf12 0x9F 0xD2 0xEB 0x4F ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\14919EA49A8F3B4AA3CF1058D9A64CEC\00000001\gdq0@hdf12 0x7C 0xBE 0xCB 0x8D ... ---- EOF - GMER 1.0.15 ---- И накрая,но не на последно място линка към www.rapidshare.com : http://rapidshare.com/files/294601732/Mini091409-01.dmp.html
  5. При включване на скенера на RootRepeal ми изписва на син екран,че е открит проблем и компютъра ще се изключи за да бъде предпазен от повреди ... Ето лога от Security Check : Results of screen317's Security Check version 0.99.0 Windows XP Service Pack 2 Out of date service pack!! `````````````````````````````` Antivirus/Firewall Check: Windows Firewall Disabled! avast! Antivirus Antivirus up to date! `````````````````````````````` Anti-malware/Other Utilities Check: HijackThis 2.0.2 Adobe Flash Player 10 Adobe Reader 7.0 Out of date Adobe Reader installed! `````````````````````````````` Process Check: objlist.exe by Laurent Alwil Software Avast4 aswUpdSv.exe Alwil Software Avast4 ashServ.exe Alwil Software Avast4 ashDisp.exe Alwil Software Avast4 ashMaiSv.exe Alwil Software Avast4 ashWebSv.exe `````````````````````````````` DNS Vulnerability Check: `````````End of Log``````````` DDS (Ver_09-10-13.01) - NTFSx86 Run by ilian at 4:09:38,48 on 18.10.2009 Ј. Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.1023.668 [GMT 3:00] AV: avast! antivirus 4.8.1351 [VPS 091017-0] *On-access scanning disabled* (Updated) {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: NVIDIA Firewall *enabled* {EDC10449-64D1-46c7-A59A-EC20D662F26D} ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\spoolsv.exe svchost.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\ilian\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://google.com/ BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 7.0\activex\AcroIEHelper.dll TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun mRun: [NVMixerTray] "c:\program files\nvidia corporation\nvmixer\NVMixerTray.exe" mRun: [nTrayFw] c:\program files\nvidia corporation\networkaccessmanager\bin\nTrayFw.exe mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [avast!] c:\progra~1\alwils~1\avast4\ashDisp.exe dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adober~1.lnk - c:\program files\adobe\acrobat 7.0\reader\reader_sl.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\micros~1.lnk - c:\program files\microsoft office\office10\OSA.EXE IE: Е&кспортирай в Microsoft Excel - c:\progra~1\micros~2\office10\EXCEL.EXE/3000 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: %SYSTEMROOT%\system32\nvappfilter.dll TCP: {14528C1A-5C98-4F8D-85BB-7179F5C41578} = 212.50.0.10,212.50.0.15 Handler: cdo - {CD00020A-8B95-11D1-82DB-00C04FB1625D} - c:\program files\common files\microsoft shared\web folders\PKMCDO.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL ============= SERVICES / DRIVERS =============== R0 nvcchflt;NVIDIA Disk Cache Filter Driver;c:\windows\system32\drivers\nvcchflt.sys [2009-9-7 16640] R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [2009-9-7 114768] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2009-9-7 20560] S3 GarenaPEngine;GarenaPEngine;c:\docume~1\ilian\locals~1\temp\BOC2.tmp [2009-10-18 25360] S3 KTalk;KTalk;c:\docume~1\ilian\locals~1\temp\ktalk.sys [2009-9-7 4428] S3 rootrepeal;rootrepeal;\??\c:\windows\system32\drivers\rootrepeal.sys --> c:\windows\system32\drivers\rootrepeal.sys [?] =============== Created Last 30 ================ 2009-10-17 17:09 38,224 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-10-17 17:09 19,160 a------- c:\windows\system32\drivers\mbam.sys 2009-10-17 13:05 <DIR> --d----- c:\docume~1\ilian\applic~1\Uniblue 2009-10-17 13:05 <DIR> --d----- c:\docume~1\alluse~1\applic~1\DriverScanner 2009-10-17 12:22 <DIR> --d----- c:\program files\Trend Micro 2009-10-17 00:17 <DIR> --d----- c:\docume~1\ilian\applic~1\Malwarebytes 2009-10-17 00:17 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-10-17 00:10 17,144 a------- c:\docume~1\ilian\applic~1\GDIPFONTCACHEV1.DAT 2009-09-18 22:09 8,192 ac------ c:\windows\system32\dllcache\kbdkor.dll 2009-09-18 22:09 8,192 a------- c:\windows\system32\kbdkor.dll 2009-09-18 22:09 8,704 ac------ c:\windows\system32\dllcache\kbdjpn.dll 2009-09-18 22:09 6,144 ac------ c:\windows\system32\dllcache\kbd106.dll 2009-09-18 22:09 6,144 ac------ c:\windows\system32\dllcache\kbd101c.dll 2009-09-18 22:09 5,632 ac------ c:\windows\system32\dllcache\kbd103.dll 2009-09-18 22:09 8,704 a------- c:\windows\system32\kbdjpn.dll 2009-09-18 22:09 6,144 a------- c:\windows\system32\kbd106.dll 2009-09-18 22:09 6,144 a------- c:\windows\system32\kbd101c.dll 2009-09-18 22:09 5,632 a------- c:\windows\system32\kbd103.dll 2009-09-18 22:09 6,144 ac------ c:\windows\system32\dllcache\kbd101b.dll 2009-09-18 22:09 6,144 a------- c:\windows\system32\kbd101b.dll ==================== Find3M ==================== 2009-09-25 08:56 662,016 a------- c:\windows\system32\wininet.dll 2009-09-25 08:56 81,920 a------- c:\windows\system32\ieencode.dll 2009-09-13 04:18 4,096 a------- c:\windows\system32\detoured.dll 2009-09-13 04:17 17,144 a------- c:\windows\system32\GDIPFONTCACHEV1.DAT 2009-09-11 17:33 133,632 a------- c:\windows\system32\msv1_0.dll 2009-09-07 18:51 721,904 a------- c:\windows\system32\drivers\sptd.sys 2009-09-07 18:04 737,280 a------- c:\windows\iun6002.exe 2009-09-07 16:21 86,327 a------- c:\windows\pchealth\helpctr\offlinecache\index.dat 2009-09-07 15:39 21,640 a------- c:\windows\system32\emptyregdb.dat 2009-09-04 23:45 58,880 a------- c:\windows\system32\msasn1.dll 2009-08-26 11:16 247,326 a------- c:\windows\system32\strmdll.dll 2009-08-05 12:11 204,800 a------- c:\windows\system32\mswebdvd.dll 2009-08-04 17:00 2,180,352 a------- c:\windows\system32\ntoskrnl.exe 2009-08-04 16:13 2,057,728 a------- c:\windows\system32\ntkrnlpa.exe 2009-07-29 07:53 119,808 a------- c:\windows\system32\t2embed.dll 2009-07-29 07:53 82,432 a------- c:\windows\system32\fontsub.dll ============= FINISH: 4:09:47,95 =============== UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-10-13.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 07.9.2009 г. 15:45:52 System Uptime: 18.10.2009 г. 04:02:27 (0 hours ago) Motherboard: | | NF-CK804 Processor: AMD Sempron Processor 3000+ | Socket 940 | 1809/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 20 GiB total, 13,012 GiB free. D: is FIXED (NTFS) - 92 GiB total, 74,444 GiB free. E: is CDROM () F: is CDROM () ==== Disabled Device Manager Items ============= ==== System Restore Points =================== RP1: 07.9.2009 г. 15:49:14 - System Checkpoint RP2: 07.9.2009 г. 17:04:30 - Installed NVIDIA ForceWare Network Access Manager RP3: 07.9.2009 г. 17:10:50 - Configured NVIDIA ForceWare Network Access Manager RP4: 07.9.2009 г. 17:20:03 - Installed AMD Processor Driver RP5: 07.9.2009 г. 17:54:27 - Installed Microsoft Office XP Professional RP6: 07.9.2009 г. 18:05:48 - Installed Windows Installer KB893803v2. RP7: 07.9.2009 г. 18:31:46 - Installed Nero 7 Premium RP8: 07.9.2009 г. 18:43:25 - Installed Windows Media Format Runtime RP9: 07.9.2009 г. 18:43:39 - Installed Adobe Reader 7.0 RP10: 07.9.2009 г. 18:51:47 - SPTD setup V1.58 RP11: 07.9.2009 г. 19:09:40 - Installed Bluesoleil2.6.0.9 Release 070606 RP12: 07.9.2009 г. 19:52:21 - Software Distribution Service 3.0 RP13: 08.9.2009 г. 02:32:53 - Software Distribution Service 3.0 RP14: 08.9.2009 г. 14:14:19 - Software Distribution Service 3.0 RP15: 08.9.2009 г. 14:52:25 - Installed Windows XP WgaNotify. RP16: 09.9.2009 г. 03:00:16 - Software Distribution Service 3.0 RP17: 10.9.2009 г. 03:00:23 - Software Distribution Service 3.0 RP18: 10.9.2009 г. 16:59:20 - Installed Microsoft Visual C++ 2005 Redistributable RP19: 10.9.2009 г. 16:59:38 - Installed DirectX RP20: 11.9.2009 г. 17:55:08 - System Checkpoint RP21: 12.9.2009 г. 21:06:04 - System Checkpoint RP22: 13.9.2009 г. 21:12:32 - System Checkpoint RP23: 18.9.2009 г. 21:45:11 - System Checkpoint RP24: 19.9.2009 г. 21:58:05 - System Checkpoint RP25: 20.9.2009 г. 22:23:23 - System Checkpoint RP26: 22.9.2009 г. 11:47:02 - System Checkpoint RP27: 26.9.2009 г. 17:34:44 - System Checkpoint RP28: 02.10.2009 г. 18:47:53 - System Checkpoint RP29: 03.10.2009 г. 20:19:17 - System Checkpoint RP30: 09.10.2009 г. 17:01:16 - System Checkpoint RP31: 10.10.2009 г. 17:04:38 - System Checkpoint RP32: 11.10.2009 г. 17:43:41 - System Checkpoint RP33: 16.10.2009 г. 18:47:33 - System Checkpoint RP34: 17.10.2009 г. 00:40:23 - Software Distribution Service 3.0 RP35: 17.10.2009 г. 13:01:00 - Installed Uniblue DriverScanner v1.0 RP36: 17.10.2009 г. 13:25:05 - Software Distribution Service 3.0 ==== Installed Programs ====================== Архиватор WinRAR Adobe Flash Player 10 ActiveX Adobe Reader 7.0 AMD Processor Driver avast! Antivirus Bluesoleil2.6.0.9 Release 070606 Codec Pack - All In 1 6.0.3.0 Combined Community Codec Pack 2008-09-21 16:18 Garena GOM Player HijackThis 2.0.2 Hotfix for Windows XP (KB952287) Hotfix for Windows XP (KB970653-v3) Malwarebytes' Anti-Malware Microsoft Office XP Professional Microsoft Visual C++ 2005 Redistributable Nero 7 Premium NVIDIA Drivers NVIDIA ForceWare Network Access Manager NvMixer Security Update for Windows Media Player (KB952069) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows XP (KB938464-v2) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB946648) Security Update for Windows XP (KB950762) Security Update for Windows XP (KB950974) Security Update for Windows XP (KB951376-v2) Security Update for Windows XP (KB952004) Security Update for Windows XP (KB952954) Security Update for Windows XP (KB956572) Security Update for Windows XP (KB956803) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB957097) Security Update for Windows XP (KB958687) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB959426) Security Update for Windows XP (KB960225) Security Update for Windows XP (KB960859) Security Update for Windows XP (KB961371-v2) Security Update for Windows XP (KB961501) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB971486) Security Update for Windows XP (KB971557) Security Update for Windows XP (KB971633) Security Update for Windows XP (KB971657) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972260) Security Update for Windows XP (KB973346) Security Update for Windows XP (KB973507) Security Update for Windows XP (KB973525) Security Update for Windows XP (KB973869) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974455) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Skype 3.0 Skype Plugin Manager SVD 1.4.6 Update for Windows XP (KB898461) Update for Windows XP (KB967715) Update for Windows XP (KB968389) VobSub v2.23 (Remove Only) WebFldrs XP Winamp Windows Genuine Advantage Notifications (KB905474) Windows Installer 3.1 (KB893803) Windows Media Format Runtime Windows XP Hotfix - KB885884 XP Codec Pack Xvid 1.1.3 final uninstall ==== Event Viewer Messages From Past Week ======== 17.10.2009 г. 18:29:23, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 805348a5, parameter3 bae18458, parameter4 00000000. 17.10.2009 г. 18:29:20, error: System Error [1003] - Error code 000000c2, parameter1 00000007, parameter2 00000cd4, parameter3 80553420, parameter4 851dada0. 17.10.2009 г. 18:29:15, error: System Error [1003] - Error code 1000008e, parameter1 c0000005, parameter2 804ee5e0, parameter3 edb5ebf4, parameter4 00000000. 17.10.2009 г. 00:40:39, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x80246007: Update for Windows XP (KB968389). ==== End Of File ===========================
  6. Проблема се появи преди 2-3.Процесора се натоварва на 95-100% дори при минимални операции.Сканирах с Malwarebytes' Anti-Malware и не открих абсолютно нищо,а ето и какво излезе след намесата на TrendMicro™ HijackThis™ : Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 18:08:14, on 17.10.2009 г. Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe C:\Program Files\Alwil Software\Avast4\ashServ.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe C:\Program Files\Alwil Software\Avast4\ashWebSv.exe C:\Program Files\Skype\Plugin Manager\SkypePM.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Programi\Anti-Virusni\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/ O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [nTrayFw] C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nTrayFw.exe O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\RunOnce: [Malwarebytes' Anti-Malware] D:\Programi\Anti-Virusni\Malwarebytes' Anti-Malware\mbamgui.exe /install /silent O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe O4 - Global Startup: BlueSoleil.lnk = C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: Е&кспортирай в Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{14528C1A-5C98-4F8D-85BB-7179F5C41578}: NameServer = 212.50.0.10,212.50.0.15 O17 - HKLM\System\CS1\Services\Tcpip\..\{14528C1A-5C98-4F8D-85BB-7179F5C41578}: NameServer = 212.50.0.10,212.50.0.15 O17 - HKLM\System\CS2\Services\Tcpip\..\{14528C1A-5C98-4F8D-85BB-7179F5C41578}: NameServer = 212.50.0.10,212.50.0.15 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 5560 bytes
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.