Премини към съдържанието

mstoyanova

Потребител
  • Публикации

    3
  • Регистрация

  • Последно онлайн

Харесвания

1 Неутрална репутация

Всичко за mstoyanova

  • Титла
    Новобранец
  1. Здравейте, за съжаление не мога да изтегля въпросния сканер. На всички мои опити (и от линка и с търсене в Google) ми излиза съобщение, че страницата не може да бъде намерена. Какво да правя?
  2. ComboFix 11-12-19.01 - Nikolay Hanchev 12.2011 г. 20:47:34.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.1023.411 [GMT 2:00] Running from: c:\documents and settings\Nikolay Hanchev\Desktop\Tool.exe.exe . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\docume~1\NIKOLA~1\LOCALS~1\Temp\SAS56.tmp c:\docume~1\NIKOLA~1\LOCALS~1\Temp\SAS57.tmp c:\documents and settings\All Users\Application Data\TEMP c:\documents and settings\Nikolay Hanchev\Local Settings\Temp\SAS56.tmp c:\documents and settings\Nikolay Hanchev\Local Settings\Temp\SAS57.tmp c:\documents and settings\Nikolay Hanchev\WINDOWS c:\windows\alcrmv.exe . . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . . -------\Legacy_DAC970NT -------\Service_dac970nt . . ((((((((((((((((((((((((( Files Created from 2011-11-19 to 2011-12-19 ))))))))))))))))))))))))))))))) . . 2011-12-19 18:53 . 2011-12-19 18:53 4096 ----a-w- c:\windows\system32\01.tmp 2011-12-19 04:56 . 2011-12-19 05:23 -------- d-----w- c:\windows\system32\NtmsData 2011-12-18 12:22 . 2011-12-18 12:22 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\Curiolab 2011-12-18 10:05 . 2011-12-18 10:05 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2011-12-18 09:46 . 2011-12-18 09:46 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\Malwarebytes 2011-12-18 09:46 . 2011-12-18 09:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2011-12-18 09:46 . 2011-12-18 09:46 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-12-18 09:46 . 2011-08-31 15:00 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-18 09:27 . 2006-06-19 11:01 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2011-12-18 09:27 . 2006-05-25 13:52 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2011-12-18 09:27 . 2005-08-25 23:50 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2011-12-18 09:27 . 2002-03-05 23:00 75264 ----a-w- c:\windows\system32\unacev2.dll 2011-12-18 09:27 . 2003-02-02 18:06 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2011-12-17 09:28 . 2011-12-17 09:28 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\Orneon 2011-12-16 12:41 . 2011-12-16 12:41 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\AVG10 2011-12-16 12:30 . 2011-12-19 16:03 -------- d-----w- c:\windows\system32\drivers\AVG 2011-12-16 12:30 . 2011-12-18 10:56 -------- d-----w- c:\documents and settings\All Users\Application Data\AVG10 2011-12-16 12:25 . 2011-12-16 12:41 -------- d-----w- c:\documents and settings\All Users\Application Data\MFAData 2011-12-13 19:06 . 2011-12-15 17:32 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\BSplayer 2011-12-13 19:06 . 2011-12-13 19:06 -------- d-----w- c:\program files\Webteh 2011-12-13 19:06 . 2011-12-13 19:06 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\BSplayer Pro 2011-12-13 19:03 . 2011-12-19 16:51 -------- d-----w- C:\Downloads 2011-12-13 19:03 . 2011-12-19 18:52 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Application Data\BitComet 2011-12-13 19:03 . 2011-12-13 19:03 -------- d-----w- c:\program files\BitComet 2011-12-13 18:48 . 2011-12-13 18:48 -------- d-----w- c:\documents and settings\Nikolay Hanchev\Local Settings\Application Data\Google 2011-12-12 18:11 . 2004-08-03 21:07 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2011-12-12 18:11 . 2004-08-03 21:07 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2011-12-12 18:11 . 2004-08-03 22:56 90624 ----a-w- c:\windows\system32\kswdmcap.ax 2011-12-12 18:11 . 2004-08-03 22:56 61952 ----a-w- c:\windows\system32\kstvtune.ax 2011-12-12 18:11 . 2004-08-03 22:56 28672 ----a-w- c:\windows\system32\vidcap.ax 2011-12-12 18:11 . 2004-08-03 22:56 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2011-12-12 18:11 . 2004-08-03 22:56 53760 ----a-w- c:\windows\system32\vfwwdm32.dll 2011-12-12 18:11 . 2004-08-03 21:10 78464 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys 2011-12-12 18:11 . 2004-08-03 21:10 78464 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-12-12 18:11 . 2004-08-03 22:56 43008 ----a-w- c:\windows\system32\ksxbar.ax 2011-12-12 18:11 . 2004-08-03 22:56 20992 ----a-w- c:\windows\system32\dshowext.ax . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2011-12-12 19:44 . 2009-09-15 16:53 60416 ----a-w- c:\windows\ALCFDRTM.VER . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools\daemon.exe" [2007-12-29 486856] "BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Common Files\Nero\Lib\NMBgMonitor.exe" [2007-09-20 275752] "BitComet"="c:\program files\BitComet\BitComet.exe" [2011-11-11 11292464] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2006-08-11 7630848] "nwiz"="nwiz.exe" [2006-08-11 1589248] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2006-08-11 86016] "SoundMan"="SOUNDMAN.EXE" [2005-07-12 81920] "NeroFilterCheck"="c:\program files\Common Files\Nero\Lib\NeroCheck.exe" [2007-03-01 226864] "AVG_TRAY"="c:\program files\AVG\AVG10\avgtray.exe" [2011-09-10 2412384] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2011-08-31 523336] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360] . c:\documents and settings\All Users\Start Menu\Programs\Startup\ FlexType 2K.lnk - c:\program files\Flex Type\Flex2K.exe [2009-9-15 132096] . [HKEY_USERS\.default\software\microsoft\windows\currentversion\policies\system] "DisableTaskMgr"= 1 (0x1) "DisableRegistryTools"= 1 (0x1) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\session manager] BootExecute REG_MULTI_SZ autocheck autochk *\0c:\progra~1\AVG\AVG10\avgrsx.exe /sync /restart . [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 "FirewallOverride"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\microsoft\security center\Svc] "AntiVirusOverride"=dword:00000001 "AntiVirusDisableNotify"=dword:00000001 "FirewallDisableNotify"=dword:00000001 "FirewallOverride"=dword:00000001 "UpdatesDisableNotify"=dword:00000001 "UacDisableNotify"=dword:00000001 . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\AVG\\AVG10\\avgmfapx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgdiagex.exe"= "c:\\Program Files\\AVG\\AVG10\\avgnsx.exe"= "c:\\Program Files\\AVG\\AVG10\\avgemcx.exe"= "d:\\Echoes of the Past The Citadels of Time Collectors Edition\\EchoesofthePast_TheCitadelsofTime.exe"= "c:\\WINDOWS\\system32\\nwiz.exe"= "c:\\Documents and Settings\\Nikolay Hanchev\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\AVG\\AVG10\\avgwdsvc.exe"= "c:\\Program Files\\Samsung\\Samsung SCX-4x21 Series\\PSU\\FaxRCP.exe"= "c:\\Program Files\\AVG\\AVG10\\avgtray.exe"= "c:\\Program Files\\Samsung\\Samsung SCX-4x21 Series\\PSU\\Scan2pc.exe"= "c:\\Program Files\\Common Files\\Nero\\Lib\\NMBgMonitor.exe"= "c:\\Program Files\\Common Files\\Nero\\Lib\\NMIndexStoreSvr.exe"= "c:\\Documents and Settings\\Nikolay Hanchev\\Local Settings\\Application Data\\Google\\Update\\GoogleUpdate.exe"= "c:\\WINDOWS\\system32\\netsh.exe"= "c:\\Program Files\\Malwarebytes' Anti-Malware\\mbam.exe"= "c:\\Documents and Settings\\Nikolay Hanchev\\Local Settings\\Application Data\\Google\\Update\\1.3.21.79\\GoogleCrashHandler.exe"= "c:\\WINDOWS\\SOUNDMAN.EXE"= "c:\\WINDOWS\\TEMP\\stluoi.exe"= "c:\\WINDOWS\\TEMP\\winerlw.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "15869:TCP"= 15869:TCP:BitComet 15869 TCP "15869:UDP"= 15869:UDP:BitComet 15869 UDP "4212:TCP"= 4212:TCP:dazzxvt . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [22.2.2011 г. 08:13 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [16.3.2011 г. 16:03 32592] R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [15.9.2009 г. 19:38 715248] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [07.1.2011 г. 06:41 248656] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [05.4.2011 г. 00:59 297168] R2 avgwd;AVG WatchDog;c:\program files\AVG\AVG10\avgwdsvc.exe [08.2.2011 г. 05:33 339152] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [18.12.2011 г. 11:46 366152] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [18.12.2011 г. 11:46 22216] S2 gqwhafikl;Time Network;c:\windows\system32\svchost.exe -k netsvcs [04.8.2004 г. 00:56 14336] S2 SSPORT;SSPORT;\??\c:\windows\system32\Drivers\SSPORT.sys --> c:\windows\system32\Drivers\SSPORT.sys [?] S3 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [18.8.2011 г. 01:33 7390560] S3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [14.4.2011 г. 21:28 134480] S3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [10.2.2011 г. 07:53 24144] S3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [10.2.2011 г. 07:53 27216] . --- Other Services/Drivers In Memory --- . *NewlyCreated* - DAC970NT . HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs xiaxhmcb gqwhafikl . Contents of the 'Scheduled Tasks' folder . 2011-12-18 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-515967899-839522115-1003Core.job - c:\documents and settings\Nikolay Hanchev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-13 18:48] . 2011-12-19 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-823518204-515967899-839522115-1003UA.job - c:\documents and settings\Nikolay Hanchev\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2011-12-13 18:48] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.bg/ uInternet Connection Wizard,ShellNext = hxxp://192.168.0.3/ IE: &D&ownload &with BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 TCP: Interfaces\{E61D5FAF-6C9E-41CB-B3F5-22E0A6C917DE}: NameServer = 77.71.21.1 . - - - - ORPHANS REMOVED - - - - . Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file) . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2011-12-19 20:54 Windows 5.1.2600 Service Pack 2 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\gqwhafikl] "ServiceDll"="c:\windows\system32\txhir.dll" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(1600) c:\windows\system32\newdll.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\RUNDLL32.EXE c:\windows\SOUNDMAN.EXE c:\windows\system32\wdfmgr.exe c:\windows\system32\rundll32.exe c:\program files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe c:\program files\AVG\AVG10\avgnsx.exe c:\program files\AVG\AVG10\avgemcx.exe c:\program files\Common Files\Nero\Lib\NMIndexingService.exe c:\program files\Common Files\Nero\Lib\NMIndexStoreSvr.exe c:\windows\TEMP\stluoi.exe c:\windows\system32\imapi.exe . ************************************************************************** . Completion time: 2011-12-19 20:57:39 - machine was rebooted ComboFix-quarantined-files.txt 2011-12-19 18:57 . Pre-Run: 11 901 935 616 bytes free Post-Run: 13 322 670 080 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - 20C2D248110D5C68A01BF3DEAA6274F0
  3. Здравейте, имам нужда от помощ. Накратко историята е следната: Първо ми направи впечатление наличието на един същ RAR файл във всички дялове на твърдия диск. Аз го изтривах той се появяваше наново. Антивирусната - AVG започна да недоволства. Пускам снан, уж открива нещо и оправя проблема и след 5 минути отново съобщение за абсолютно същия файл. Реших да я сменя. Изтеглих Avira и какво беше учудването ми като се оказа че не мога да инсталирам. Инсталирах наново AVG, но на следващият ден видях че и тя е извадена от строя-Resident Shield Not Active, а скан въобще не тръгва. Усетих, че нещо въобще не е добре. Изтеглих Malwarebytes' Anti-Malware и Super Antispyware и сканирах - и двата откриха Trojan.KillAV, но не могат да се справят с него. Иии стигнах до вас. Моля помогнете, доколкото четох този вирус дори и преинстал не го оправя . Ето и DDS-ите: . DDS (Ver_2011-08-26.01) - NTFSx86 Internet Explorer: 6.0.2900.2180 Run by Nikolay Hanchev at 19:32:21 on 2011-12-19 Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.1023.294 [GMT 2:00] . . ============== Running Processes =============== . C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\AVG\AVG10\avgtray.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools\daemon.exe C:\Program Files\Common Files\Nero\Lib\NMBgMonitor.exe C:\Program Files\SUPERAntiSpyware\SASCORE.EXE C:\Program Files\AVG\AVG10\avgwdsvc.exe C:\Program Files\BitComet\BitComet.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\Program Files\Flex Type\Flex2K.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe C:\Program Files\AVG\AVG10\avgnsx.exe C:\Program Files\AVG\AVG10\avgemcx.exe C:\Program Files\Common Files\Nero\Lib\NMIndexingService.exe C:\Program Files\Common Files\Nero\Lib\NMIndexStoreSvr.exe C:\DOCUME~1\NIKOLA~1\LOCALS~1\Temp\jahwa.exe C:\Documents and Settings\Nikolay Hanchev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nikolay Hanchev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nikolay Hanchev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nikolay Hanchev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\Nikolay Hanchev\Local Settings\Application Data\Google\Chrome\Application\chrome.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.google.bg/ uInternet Connection Wizard,ShellNext = hxxp://192.168.0.3/ mURLSearchHooks: H - No File BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg10\avgssie.dll BHO: Skype Browser Helper: {ae805869-2e5c-4ed4-8f7b-f1f7851a4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll TB: {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools\daemon.exe" uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\nero\lib\NMBgMonitor.exe" uRun: [Google Update] "c:\documents and settings\nikolay hanchev\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [bitComet] "c:\program files\bitcomet\BitComet.exe" /tray uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe uRunOnce: [spchecker] "c:\program files\avg\avg10\notification\SPCheckerTE.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [soundMan] SOUNDMAN.EXE mRun: [NeroFilterCheck] c:\program files\common files\nero\lib\NeroCheck.exe mRun: [userFaultCheck] %systemroot%\system32\dumprep 0 -u mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\flexty~1.lnk - c:\program files\flex type\Flex2K.exe uPolicies-system: DisableTaskMgr = 1 (0x1) uPolicies-system: DisableRegistryTools = 1 (0x1) mPolicies-system: EnableLUA = 0 (0x0) dPolicies-system: DISABLETASKMGR = 1 (0x1) IE: &D&ownload &with BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &D&ownload all with BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.5.4.11.dll/206 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://fpdownload.macromedia.com/pub/shockwave/cabs/flash/swflash.cab TCP: Interfaces\{E61D5FAF-6C9E-41CB-B3F5-22E0A6C917DE} : NameServer = 77.71.21.1 Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL . ============= SERVICES / DRIVERS =============== . R0 AVGIDSEH;AVGIDSEH;c:\windows\system32\drivers\AVGIDSEH.sys [2011-2-22 22992] R0 Avgrkx86;AVG Anti-Rootkit Driver;c:\windows\system32\drivers\avgrkx86.sys [2011-3-16 32592] R1 Avgldx86;AVG AVI Loader Driver;c:\windows\system32\drivers\avgldx86.sys [2011-1-7 248656] R1 Avgmfx86;AVG Mini-Filter Resident Anti-Virus Shield;c:\windows\system32\drivers\avgmfx86.sys [2011-3-1 34896] R1 Avgtdix;AVG TDI Driver;c:\windows\system32\drivers\avgtdix.sys [2011-4-5 297168] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-12 67664] R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2011-8-12 116608] R2 AVGIDSAgent;AVGIDSAgent;c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [2011-8-18 7390560] R2 avgwd;AVG WatchDog;c:\program files\avg\avg10\avgwdsvc.exe [2011-2-8 339152] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2011-12-18 366152] R3 AVGIDSDriver;AVGIDSDriver;c:\windows\system32\drivers\AVGIDSDriver.sys [2011-4-14 134480] R3 AVGIDSFilter;AVGIDSFilter;c:\windows\system32\drivers\AVGIDSFilter.sys [2011-2-10 24144] R3 AVGIDSShim;AVGIDSShim;c:\windows\system32\drivers\AVGIDSShim.sys [2011-2-10 27216] R3 dac970nt;dac970nt;\??\c:\windows\system32\drivers\nomknt.sys --> c:\windows\system32\drivers\nomknt.sys [?] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-18 22216] S2 SSPORT;SSPORT;\??\c:\windows\system32\drivers\ssport.sys --> c:\windows\system32\drivers\SSPORT.sys [?] . =============== Created Last 30 ================ . 2011-12-19 05:13:04 -------- d-----w- c:\program files\Exterminate It! 2011-12-19 04:56:08 -------- d-----w- c:\windows\system32\NtmsData 2011-12-18 12:22:18 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\Curiolab 2011-12-18 10:06:30 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\SUPERAntiSpyware.com 2011-12-18 10:05:36 -------- d-----w- c:\program files\SUPERAntiSpyware 2011-12-18 10:05:36 -------- d-----w- c:\documents and settings\all users\application data\SUPERAntiSpyware.com 2011-12-18 09:46:54 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\Malwarebytes 2011-12-18 09:46:47 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes 2011-12-18 09:46:44 22216 ----a-w- c:\windows\system32\drivers\mbam.sys 2011-12-18 09:46:44 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2011-12-18 09:27:28 77312 ----a-w- c:\windows\system32\ztvunace26.dll 2011-12-18 09:27:28 75264 ----a-w- c:\windows\system32\unacev2.dll 2011-12-18 09:27:28 69632 ----a-w- c:\windows\system32\ztvcabinet.dll 2011-12-18 09:27:28 162304 ----a-w- c:\windows\system32\ztvunrar36.dll 2011-12-18 09:27:27 153088 ----a-w- c:\windows\system32\UNRAR3.dll 2011-12-17 09:28:57 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\Orneon 2011-12-16 12:41:26 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\AVG10 2011-12-16 12:30:56 -------- d-----w- c:\windows\system32\drivers\AVG 2011-12-16 12:30:56 -------- d-----w- c:\documents and settings\all users\application data\AVG10 2011-12-16 12:25:58 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2011-12-13 19:06:21 -------- d-----w- c:\program files\Webteh 2011-12-13 19:06:21 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\BSplayer Pro 2011-12-13 19:06:21 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\BSplayer 2011-12-13 19:03:58 -------- d-----w- C:\Downloads 2011-12-13 19:03:42 -------- d-----w- c:\documents and settings\nikolay hanchev\application data\BitComet 2011-12-13 19:03:41 -------- d-----w- c:\program files\BitComet 2011-12-13 18:48:34 -------- d-----w- c:\documents and settings\nikolay hanchev\local settings\application data\Google 2011-12-12 18:11:58 59264 -c--a-w- c:\windows\system32\dllcache\usbaudio.sys 2011-12-12 18:11:58 59264 ----a-w- c:\windows\system32\drivers\USBAUDIO.sys 2011-12-12 18:11:51 90624 ----a-w- c:\windows\system32\kswdmcap.ax 2011-12-12 18:11:51 78464 -c--a-w- c:\windows\system32\dllcache\usbvideo.sys 2011-12-12 18:11:51 78464 ----a-w- c:\windows\system32\drivers\usbvideo.sys 2011-12-12 18:11:51 61952 ----a-w- c:\windows\system32\kstvtune.ax 2011-12-12 18:11:51 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2011-12-12 18:11:51 53760 ----a-w- c:\windows\system32\vfwwdm32.dll 2011-12-12 18:11:51 28672 ----a-w- c:\windows\system32\vidcap.ax 2011-12-12 18:11:50 43008 ----a-w- c:\windows\system32\ksxbar.ax 2011-12-12 18:11:50 20992 ----a-w- c:\windows\system32\dshowext.ax . ==================== Find3M ==================== . 2011-12-12 19:44:01 60416 ----a-w- c:\windows\ALCFDRTM.VER . ============= FINISH: 19:32:58,89 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-08-26.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 13.9.2009 г. 15:45:38 System Uptime: 19.12.2011 г. 17:57:29 (2 hours ago) . Motherboard: ASUSTeK Computer INC. | | K8N4-E Processor: AMD Sempron Processor 3000+ | Socket 939 | 2249/250mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 20 GiB total, 10,723 GiB free. D: is FIXED (NTFS) - 10 GiB total, 8,501 GiB free. E: is FIXED (NTFS) - 28 GiB total, 16,498 GiB free. F: is FIXED (NTFS) - 10 GiB total, 9,422 GiB free. G: is FIXED (NTFS) - 29 GiB total, 28,724 GiB free. H: is CDROM (CDFS) J: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . ACDSee 8 Adobe Flash Player 10 ActiveX Adobe Reader 9 Lite AVG 2011 BitComet 1.30 BS.Player FREE Echoes of the Past The Citadels of Time Collectors Edition 1.00 Exterminate It! FlexType 2K Google Chrome K-Lite Codec Pack 4.3.4 (Full) Malwarebytes' Anti-Malware version 1.51.2.1300 Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Nero 8 neroxml NVIDIA Drivers Readiris Pro 9 Realtek AC'97 Audio SA Dictionary 2005 T2 Skype Click to Call Skype™ 5.5 SmarThru 4 SmarThru PC Fax SUPERAntiSpyware VCRedistSetup WebFldrs XP Windows Media Format Runtime WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 19.12.2011 г. 17:59:38, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 19.12.2011 г. 05:16:42, error: MRxSmb [8003] - The master browser has received a server announcement from the computer MONIKA that believes that it is the master browser for the domain on transport NetBT_Tcpip_{E61D5FAF-6C9E-41CB-B3. The master browser is stopping or an election is being forced. 18.12.2011 г. 20:53:03, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 18.12.2011 г. 16:30:24, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 16:05:20, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 15:42:16, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 15:29:58, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 14:05:07, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 13:54:15, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 13:02:39, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 12:49:58, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 12:32:17, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Workstation service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Wireless Zero Configuration service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Windows Time service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Windows Firewall/Internet Connection Sharing (ICS) service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Windows Audio service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Telephony service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The System Restore Service service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The System Event Notification service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Shell Hardware Detection service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Server service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Secondary Logon service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Remote Access Connection Manager service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Network Location Awareness (NLA) service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Network Connections service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Logical Disk Manager service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Fast User Switching Compatibility service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Distributed Link Tracking Client service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The DHCP Client service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Cryptographic Services service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The Computer Browser service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7034] - The COM+ Event System service terminated unexpectedly. It has done this 1 time(s). 18.12.2011 г. 12:06:02, error: Service Control Manager [7031] - The Windows Management Instrumentation service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 18.12.2011 г. 12:06:02, error: Service Control Manager [7031] - The Themes service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service. 18.12.2011 г. 12:06:02, error: Service Control Manager [7031] - The Task Scheduler service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 6000 milliseconds: Restart the service. 18.12.2011 г. 12:06:02, error: Service Control Manager [7031] - The Help and Support service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 100 milliseconds: Restart the service. 18.12.2011 г. 12:06:02, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 12:03:35, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 18.12.2011 г. 11:59:49, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 11:48:47, error: Service Control Manager [7000] - The MBAMSwissArmy service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 11:37:59, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 11:31:28, error: Service Control Manager [7023] - The Microsoft Image service terminated with the following error: A dynamic link library (DLL) initialization routine failed. 18.12.2011 г. 11:31:28, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 18.12.2011 г. 08:45:50, error: Service Control Manager [7023] - The Microsoft Image service terminated with the following error: A dynamic link library (DLL) initialization routine failed. 18.12.2011 г. 08:45:50, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 17.12.2011 г. 20:53:04, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service BITS with arguments "" in order to run the server: {4991D34B-80A1-4291-83B6-3328366B9097} 16.12.2011 г. 21:53:05, error: Service Control Manager [7023] - The Microsoft Image service terminated with the following error: Access is denied. 16.12.2011 г. 21:53:05, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 16.12.2011 г. 21:28:14, error: Service Control Manager [7023] - The Microsoft Image service terminated with the following error: Access is denied. 16.12.2011 г. 21:28:14, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 16.12.2011 г. 11:10:47, error: SideBySide [59] - Resolve Partial Assembly failed for Microsoft.VC90.CRT. Reference error message: The referenced assembly is not installed on your system. . 16.12.2011 г. 11:10:47, error: SideBySide [59] - Generate Activation Context failed for C:\DOCUME~1\NIKOLA~1\LOCALS~1\Temp\RarSFX0\redist.dll. Reference error message: The operation completed successfully. . 16.12.2011 г. 11:10:47, error: SideBySide [32] - Dependent Assembly Microsoft.VC90.CRT could not be found and Last Error was The referenced assembly is not installed on your system. 16.12.2011 г. 10:37:32, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 16.12.2011 г. 10:24:38, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 15.12.2011 г. 19:40:19, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 15.12.2011 г. 16:58:16, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 15.12.2011 г. 10:02:09, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 13.12.2011 г. 16:41:15, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 12.12.2011 г. 20:13:56, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. 12.12.2011 г. 20:11:33, error: Service Control Manager [7000] - The SSPORT service failed to start due to the following error: The system cannot find the file specified. . ==== End Of File ===========================
  • Разглеждащи в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×

Информация

Този сайт използва бисквитки (cookies), за най-доброто потребителско изживяване. С използването му, вие приемате нашите Условия за ползване.