Премини към съдържанието

Ladys_Fire

Потребител
  • Публикации

    74
  • Регистрация

  • Последно онлайн

Харесвания

4 Неутрална репутация

1 Последовател

Всичко за Ladys_Fire

  • Титла
    Редовен потребител

Информация

  • Пол
    Жена

Последни посетители

2069 прегледа на профила
  1. Не.Опитах се да изтрия всички папки и след това се заключи.
  2. Изписва,че не може да бъде форматира. Да,извадих картата и рестартирах компютъра.
  3. Здравейте!Опитах да си форматирам картата,но ми изписа "Дискът е защитен срещу запис".Опитах да кача музика на нея,пак ми изписа същото.Пробвах да форматирам чрез SD Card Formatter,но без успех.Пробвах да премахна защитата чрез команден ред и чрез системния регистър на Windows,но нямаше ефект.Моля помагайте!
  4. Разбрах как трябва да го разделя.Благодаря много!
  5. ,а в момента имам само това като дискове
  6. Може и да прозвучи глупаво,но как да го създам?
  7. Здравейте,на лаптопа ми има само диск С:,опитах да направя и D:,ама нещо не се получава.Пробвах да го разделя с EaseUS Partition Master,но не ми дава да си избера каква да е File System.Моля за съвет и помощ.
  8. # DelFix v1.011 - Logfile created 11/02/2016 at 13:49:15 # Updated 18/08/2015 by Xplode # Username : user - USER-65A647FB5E # Operating System : Microsoft Windows XP Service Pack 3 (32 bits) ~ Removing disinfection tools ... Deleted : C:\Qoobox Deleted : C:\FRST Deleted : C:\SecurityCheck Deleted : C:\ComboFix.txt Deleted : C:\Documents and Settings\user\Desktop\ComboFix.exe Deleted : C:\WINDOWS\grep.exe Deleted : C:\WINDOWS\PEV.exe Deleted : C:\WINDOWS\NIRCMD.exe Deleted : C:\WINDOWS\MBR.exe Deleted : C:\WINDOWS\SED.exe Deleted : C:\WINDOWS\SWREG.exe Deleted : C:\WINDOWS\SWSC.exe Deleted : C:\WINDOWS\SWXCACLS.exe Deleted : C:\WINDOWS\Zip.exe Deleted : HKCU\Software\IDAVLab Deleted : HKLM\SOFTWARE\IDAVLab Deleted : HKLM\SOFTWARE\Swearware Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\combofix.exe ~ Cleaning system restore ... Deleted : RP #1 [Контролна точка на системата | 02/04/2016 15:33:46] Deleted : RP #2 [Revo Uninstaller's restore point - YAC(Yet Another Cleaner!) | 02/04/2016 21:50:05] Deleted : RP #3 [Контролна точка на системата | 02/06/2016 17:01:40] Deleted : RP #4 [Контролна точка на системата | 02/07/2016 17:21:30] Deleted : RP #5 [Контролна точка на системата | 02/08/2016 18:02:28] Deleted : RP #6 [Точка на възстановяване на HitmanPro | 02/09/2016 14:25:19] Deleted : RP #7 [Software Distribution Service 3.0 | 02/10/2016 08:16:25] New restore point created ! ########## - EOF - ########## Благодаря много за помоща.Лек и спорен ден и на Вас!
  9. Инсталирах си антивирусната,сега вече всичко е наред.
  10. Malwarebytes Anti-Malware www.malwarebytes.org Дата на сканиране: 09.02.2016 Час на сканиране: 15:28:36 Дневник: Администратор: Да Версия: 2.2.0.1024 База от данни за злонамерен софтуер: v2016.02.09.02 База от данни за рууткити: v2016.02.08.01 Лиценз: Безплатен Защита от злонамерен софтуер: Забранено Защита от злонамерени страници: Забранено Самозащита: Забранено ОС: Windows XP Service Pack 3 Процесор: x86 Файлова система: NTFS Потребител: user Тип сканиране: Сканиране за заплахи Резултат: Завършено Сканиране обекти: 456620 Изминало време: 38 мин. 1 сек. Памет: Разрешено Начално стартиране: Разрешено Файлова система: Разрешено Архиви: Разрешено Рууткити: Разрешено Дълбоко сканиране за рууткити: Разрешено Евристика: Разрешено ПНП: Разрешено ПНИ: Разрешено Процеси: 0 (Не бяха открити злонамерени обекти) Модули: 0 (Не бяха открити злонамерени обекти) Ключове в системния регистър: 5 PUP.Optional.MediaFinder, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aacbndibbcpajfgnkdkaakeiojmmgmnk, Поставен под карантина, [f3b3e876ddbc73c38725d511fa09cb35], PUP.Optional.MediaFinder, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\jpihmmhdcobmllpcnpfbhnipmhamldje, Поставен под карантина, [70365b031485290db3fa6581976c758b], PUP.Optional.APNToolBar.Gen, HKU\S-1-5-18\SOFTWARE\AskPartnerNetwork, Поставен под карантина, [8026ca946c2d61d5beacae45f70be020], PUP.Optional.uTorrentBar, HKU\S-1-5-18\SOFTWARE\uTorrentBar, Поставен под карантина, [fbabbf9fbddc46f063b817eb10f4b44c], PUP.Optional.Spigot, HKU\S-1-5-21-1960408961-1303643608-1417001333-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\738E6FAB8C584E50BF668AAA08B73E29, Поставен под карантина, [bbebfd61adecd561cad36c8f58ab0af6], Стойности в системния регистър: 2 PUP.Optional.WebSearchInfo, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES|DefaultScope, {BB74DE59-BC4C-4172-9AC4-73315F71CFFE}, Поставен под карантина, [7c2a0c525b3e2b0ba9307640ca398d73] PUP.Optional.Spigot, HKU\S-1-5-21-1960408961-1303643608-1417001333-1003\SOFTWARE\MICROSOFT\INTERNET EXPLORER\SEARCHSCOPES\738E6FAB8C584E50BF668AAA08B73E29|URL, http://search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=407453&p={searchTerms}, Поставен под карантина, [bbebfd61adecd561cad36c8f58ab0af6] Данни в системния регистър: 0 (Не бяха открити злонамерени обекти) Папки: 37 Trojan.StolenData, C:\Documents and Settings\user\Application Data\Imminent\Logs, Поставен под карантина, [0b9be47af8a18fa738469593ba4a9f61], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduit, Поставен под карантина, [8323e17d8019ae88bf59219727db9769], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduit\facebook, Поставен под карантина, [8323e17d8019ae88bf59219727db9769], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\Images, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.uTorrentBar, C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentBar, Поставен под карантина, [6c3a8dd1a4f5fc3a532bc6184fb3867a], PUP.Optional.uTorrentBar, C:\Documents and Settings\NetworkService\Local Settings\Application Data\uTorrentBar\Logs, Поставен под карантина, [6c3a8dd1a4f5fc3a532bc6184fb3867a], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\apps, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\AddedAppDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\DefualtImages, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\DetectedAppDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\EngineFirstTimeDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\images, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\images, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\Images, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarUntrustedAppsApprovalDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UninstallDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAddedAppDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppApprovalDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppPendingDialog, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\emailnotifier, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\MyStuffComponents, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\weather, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], Файлове: 155 Trojan.Agent, C:\Documents and Settings\user\Desktop\ПРОГРАМИ\Duplicate Cleaner Pro 3.2.6 + Crack [KaranPC].rar, Не е избрано действие от потребителя, [aafccd91712877bf5f8b6e86669a1fe1], RiskWare.Tool.HCK, C:\Documents and Settings\user\Desktop\ПРОГРАМИ\Нова папка\AIDA64-Business-Edition-4.20.2800.rar, Не е избрано действие от потребителя, [2482144a4b4e1620dbee8b8bca38fc04], RiskWare.Tool.HCK, C:\Documents and Settings\user\Desktop\ПРОГРАМИ\Нова папка\AIDA64 Business Edition 4.20.2800\chili-keygen.exe, Не е избрано действие от потребителя, [11952836405974c228a130e61de52cd4], RiskWare.Tool.HCK, C:\Documents and Settings\user\Desktop\ПРОГРАМИ\Нова папка\AIDA64 Business Edition 4.20.2800\Keygen-CHiLi.rar, Не е избрано действие от потребителя, [3d69df7fd0c963d32e9b1bfb758d4db3], PUP.Optional.Amonetize, C:\Documents and Settings\user\My Documents\Downloads\367.tmp, Поставен под карантина, [86204816c3d64aec4b99e59be51cb64a], Trojan.StolenData, C:\Documents and Settings\user\Application Data\Imminent\Logs\21-11-2015, Поставен под карантина, [0b9be47af8a18fa738469593ba4a9f61], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduit\alertDB.sqlite, Поставен под карантина, [8323e17d8019ae88bf59219727db9769], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduit\facebook\menu-en.xml, Поставен под карантина, [8323e17d8019ae88bf59219727db9769], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduit\facebook\settings.xml, Поставен под карантина, [8323e17d8019ae88bf59219727db9769], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\notificationDB.sqlite, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs.zip, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\servicesMap.json, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\DialogsAPI.js, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\PIE.htc, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\settings.js, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\AppNotification.js, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\initialNotification.html, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\main.html, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\NotificationDialogStyle.css, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\NotificationDialogStyleIE9.css, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\sampleNotification.html, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\alert\Dialogs\AppNotificationDialog\Images\Thumbs.db, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Chat.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\DataStructures.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\EBEncryption.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\ExternalLibraryLoader.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\HTTP.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\IO.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Log.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\MainSingleton.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\MD5.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Notifications.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\ObserversAndEvents.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Prefs.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\SearchProtector.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\SearchSuggestIO.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\String.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\TEAEncryption.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Timer.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Twitter.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\URL.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\Windows.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.7.0.6\XML.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Chat.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\DataStructures.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\EBEncryption.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\ExternalLibraryLoader.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\HTTP.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\IO.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Log.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\MainSingleton.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\MD5.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Notifications.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\ObserversAndEvents.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Prefs.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\SearchProtector.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\SearchSuggestIO.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\String.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\TEAEncryption.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Timer.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Twitter.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\URL.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\Windows.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\conduitCommon\modules\3.9.0.3\XML.jsm, Поставен под карантина, [52542638485192a4d841c5f329d922de], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\appsMetaData.json, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\getAppsContextMenu.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\languagePack.json, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\LocalSettings.txt, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\postAppsContextMenu.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\searchInNewTabData.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\ServiceMap.json, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\ThirdPartyComponents.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\toolbarContextMenu.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\unsharedAppsContextMenu.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\UserAdditionalComponents.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\apps\3f1fb211-71a8-4dc5-899a-620ccb0159b7.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\apps\669b38ac-3a22-419e-adee-c15bf40bb3f0.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\apps\9896f949-9ffe-4ac7-b76c-531397037310.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\apps\list.json, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\DialogsAPI.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\excanvas.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\generalDialogStyle.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\PIE.htc, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\RoundedCorners.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\RoundedCornersIE9.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\settings.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\AddedAppDialog\app-added.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\AddedAppDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\DetectedAppDialog\app-2go.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\DetectedAppDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\EngineFirstTimeDialog\EngineFirstTimeDialog.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\EngineFirstTimeDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\EngineFirstTimeDialog\right-click.gif, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\SearchProtector.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\SearchProtector.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\images\ok-button.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\NewSearchProtectorDialog\images\separation-line.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\bubble.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\bubble.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\images\x-default-LTR.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\images\x-default-RTL.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-LTR.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorBubbleDialog\images\x-mouseover-RTL.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\SearchProtector.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\SearchProtector.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\Images\ok-on.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\SearchProtectorDialog\Images\ok.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.css, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\ToolbarFirstTimeDialog.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\app-store-icon.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\arrow.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\divider.png, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\emailNotifier.gif, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\radio.GIF, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\Thumbs.db, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\truste_welcome.GIF, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarFirstTimeDialog\images\weather.GIF, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarUntrustedAppsApprovalDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\ToolbarUntrustedAppsApprovalDialog\ToolbarUntrustedAppsApprovalDialog.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAddedAppDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAddedAppDialog\UT-app-dialog-added.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppApprovalDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppApprovalDialog\UT-app-dialog-needs-your-approval.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppPendingDialog\main.html, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\Dialogs\UntrustedAppPendingDialog\UT-app-dialog-is-waiting.js, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\emailnotifier\acc, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_cf=all_ned=us_hl=en_topic=h_num=3_output=rss_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___feeds_news_com_au_public_rss_2_0_news_breaking_news_32_xml_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___feeds_reuters_com_reuters_topNews_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___feeds_reuters_com_reuters_topNews_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___newsrss_bbc_co_uk_rss_newsonline_world_edition_front_page_rss_xml_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_cf=all_ned=fr_hl=fr_topic=h_num=3_output=rss_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_cf=all_ned=fr_hl=fr_topic=h_num=3_output=rss_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_cf=all_ned=us_hl=en_topic=h_num=3_output=rss_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_pz=1_cf=all_ned=nl_nl_hl=nl_topic=h_num=3_output=rss_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___news_google_nl_news_pz=1_cf=all_ned=nl_nl_hl=nl_topic=h_num=3_output=rss_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_cbc_ca_lineup_latest_xml_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_cbc_ca_lineup_latest_xml_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_cnn_com_rss_cnn_latest_rss_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_cnn_com_rss_cnn_latest_rss_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_news_yahoo_com_rss_world_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___rss_news_yahoo_com_rss_world_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___worldpress_org_feeds_topstories_xml_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___worldpress_org_feeds_topstories_xml_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\feed\http___www_thesun_co_uk_sol_homepage_feeds_rss_article312900_ece_structured.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\weather\forecast_en.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.ConduitTB.Gen, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\CT2786678\weather\history.xml, Поставен под карантина, [d3d3bca2f9a094a2e5296f7982805aa6], PUP.Optional.QuickStart, C:\Documents and Settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\prefs.js, Добър: (), Лош: (user_pref("browser.newtab.url", "chrome://quick_start/content/index.html");), Заменен,[941257070297d85eff320ef417eec63a] Физически сектори: 0 (Не бяха открити злонамерени обекти) (end) За съжаление не успях да стартирам EmsisoftEmergencyKit,инсталира се,но после ми изписва,че е за Win7 HitmanPro_20160209_1625.log
  11. Нередността може би е,че повечето програми не се обновяват,но това е от операционната система.Като цяло всичко си работи перфектно и най-вече че ми изписва,че нямам Антивирусна програма и мога да си инсталирам друга.Благодаря много за помощта!
  12. ComboFix 16-02-05.01 - user 08.02.2016 14:11:29.6.2 - x86 Microsoft Windows XP Professional 5.1.2600.3.1251. 359.1033.18.2046.1071 [GMT 2:00] Running from: c:\documents and settings\user\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\user\Desktop\CFScript.txt AV: Emsisoft Anti-Malware *Disabled/Outdated* {0F8591BB-342B-4493-91C3-4E948ED21255} . WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . FILE :: "c:\windows\system32\drivers\avgntflt.sys" "c:\windows\system32\drivers\avipbb.sys" . . ((((((((((((((((((((((((( Files Created from 2016-01-08 to 2016-02-08 ))))))))))))))))))))))))))))))) . . 2016-02-07 03:06 . 2016-02-07 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Playrix Entertainment 2016-02-05 10:15 . 2015-12-17 04:41 58024 ----a-w- c:\program files\Mozilla Firefox\browser\components\browsercomps.dll 2016-02-05 10:15 . 2015-12-17 06:56 975520 ----a-w- c:\program files\Mozilla Firefox\uninstall\helper.exe 2016-02-05 10:15 . 2015-12-17 04:41 190632 ----a-w- c:\program files\Mozilla Firefox\gmp-clearkey\0.1\clearkey.dll 2016-02-04 11:42 . 2016-02-05 09:54 -------- d-----w- c:\documents and settings\user\Application Data\Elex-tech 2016-02-04 11:26 . 2016-02-04 11:26 -------- d-----w- c:\documents and settings\All Users\Application Data\OPSWAT 2016-02-03 19:09 . 2016-02-05 10:15 -------- d-----w- c:\program files\Mozilla Maintenance Service 2016-02-02 17:04 . 2016-02-02 17:50 -------- d-----w- C:\SecurityCheck 2016-02-01 15:36 . 2016-02-02 16:38 -------- d-----w- C:\FRST 2016-01-31 17:19 . 2016-01-31 17:19 -------- d-----w- c:\program files\Common Files\Java 2016-01-31 17:19 . 2016-01-31 17:18 146432 ----a-w- c:\windows\system32\javacpl.cpl 2016-01-31 17:18 . 2016-01-31 17:18 95840 ----a-w- c:\windows\system32\WindowsAccessBridge.dll 2016-01-31 14:19 . 2016-01-31 14:19 -------- d--h--w- c:\windows\system32\GroupPolicy 2016-01-31 14:15 . 2016-01-31 12:10 146432 ----a-w- c:\windows\system32javacpl.cpl 2016-01-28 21:42 . 2016-01-28 21:42 -------- d-----w- c:\documents and settings\user\Application Data\GeoGebra 5.0 2016-01-28 21:38 . 2016-01-28 21:39 -------- d-----w- c:\program files\GeoGebra 5.0 . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2016-01-20 15:51 . 2012-09-14 13:59 796864 -c--a-w- c:\windows\system32\FlashPlayerApp.exe 2016-01-20 15:51 . 2011-07-13 23:03 142528 -c--a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2015-12-01 17:25 . 2013-11-13 16:32 136272 -c--a-w- c:\windows\system32\drivers\avipbb.sys 2015-12-01 17:25 . 2013-11-13 16:32 106968 -c--a-w- c:\windows\system32\drivers\avgntflt.sys 2015-11-21 00:30 . 2015-11-21 00:31 8192 -c--a-w- c:\windows\system32\srvany.exe . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2008-07-12 . 362BC5AF8EAF712832C58CC13AE05750 . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "tsiVideo"="runme" [X] "GrooveMonitor"="c:\program files\Microsoft Office\Office14\GROOVEMN.EXE" [2010-03-24 944008] "uTorrent"="c:\documents and settings\user\Application Data\uTorrent\uTorrent.exe" [2016-02-07 2065944] "CCleaner Monitoring"="c:\program files\CCleaner\CCleaner.exe" [2015-12-08 6602152] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "36X Raid Configurer"="c:\windows\system32\xRaidSetup.exe" [2007-05-25 1957888] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2015-07-07 998104] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2012-02-29 15494464] "NvMediaCenter"="NvMCTray.dll" [2012-02-29 108352] "BCSSync"="c:\program files\Microsoft Office\Office14\BCSSync.exe" [2010-03-13 91520] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce] "nltide_2"="shell32" [X] . [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\policies\explorer] "NoThumbnailCache"= 1 (0x1) . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE] @="" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys] @="Driver" . [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc] @="Service" . [HKLM\~\startupfolder\C:^Documents and Settings^user^Start Menu^Programs^Startup^Microsoft SharePoint Workspace.lnk] path=c:\documents and settings\user\Start Menu\Programs\Startup\Microsoft SharePoint Workspace.lnk backup=c:\windows\pss\Microsoft SharePoint Workspace.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe Photo Downloader] 2007-09-10 21:43 67488 -c--a-w- c:\program files\Adobe\Photoshop Elements 6.0\apdproxy.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Alcmtr] 2005-05-03 10:43 69632 -c----r- c:\windows\Alcmtr.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BingSvc] 2015-11-12 16:07 144008 -c--a-w- c:\documents and settings\user\Local Settings\Application Data\Microsoft\BingSvc\BingSvc.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring] 2015-12-08 19:23 6602152 -c--a-w- c:\program files\CCleaner\CCleaner.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CDAServer] 2012-03-09 06:58 350072 -c--a-w- c:\program files\Common Files\Common Desktop Agent\CDASrv.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Ultra Agent] 2014-07-10 08:01 3639568 -c--a-w- c:\program files\DAEMON Tools Ultra\DTAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\JMB36X IDE Setup] 2007-03-20 06:36 36864 -c----r- c:\windows\RaidTool\xInsIDE.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesPreload] 2014-02-14 19:55 1564992 -c--a-w- c:\program files\Samsung\Kies\Kies.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KiesTrayAgent] 2014-02-14 19:55 311616 -c--a-w- c:\program files\Samsung\Kies\KiesTrayAgent.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RTHDCPL] 2007-08-10 07:21 16384000 -c----r- c:\windows\RTHDCPL.exe . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent] 2012-06-28 15:40 74752 -c--a-w- c:\program files\Winamp\winampa.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\WINDOWS\\twain_32\\Samsung\\SLM2070\\ScanCDLM\\ScanCDLM.exe"= "c:\\Program Files\\Samsung\\Easy Printer Manager\\IDS.Application.exe"= "c:\\Program Files\\Samsung\\Easy Printer Manager\\OrderSupplies.exe"= "c:\\Program Files\\Samsung\\Easy Printer Manager\\IDSAlert.exe"= "c:\\Program Files\\Samsung\\Easy Printer Manager\\uninstall.exe"= "c:\\Program Files\\Samsung\\Easy Printer Manager\\CDAS2PC\\CDAS2PC.exe"= "c:\\Program Files\\Samsung\\Easy Document Creator\\EDC.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Microsoft Office\\Office14\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\ONENOTE.EXE"= "c:\\Program Files\\Microsoft Office\\Office14\\OUTLOOK.EXE"= "c:\\Documents and Settings\\user\\Local Settings\\Application Data\\Google\\Chrome\\Application\\chrome.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Documents and Settings\\user\\Application Data\\uTorrent\\uTorrent.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "1688:TCP"= 1688:TCP:KMS emulator . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 0 (0x0) . R0 BtHidBus;Bluetooth HID Bus Service;c:\windows\system32\drivers\BtHidBus.sys [07.01.2009 23:39 20744] R0 Lbd;Lbd;c:\windows\system32\drivers\Lbd.sys [22.09.2010 00:55 64288] R0 sptd;sptd;\SystemRoot\\SystemRoot\System32\Drivers\sptd.sys --> \SystemRoot\\SystemRoot\System32\Drivers\sptd.sys [?] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [31.10.2011 06:06 232512] R2 Mobile Broadband HL Service;Mobile Broadband HL Service;c:\documents and settings\All Users\Application Data\MobileBrServ\mbbService.exe [05.01.2016 11:35 239184] R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;c:\windows\system32\drivers\AtihdXP3.sys [10.09.2012 18:06 103040] R3 dtscsibus;DAEMON Tools Virtual SCSI Bus;c:\windows\system32\drivers\dtscsibus.sys [25.08.2015 02:15 24704] R3 pcouffin;VSO Software pcouffin;c:\windows\system32\drivers\pcouffin.sys [22.10.2009 12:31 47360] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [24.03.2011 12:46 31424] S1 SASKUTIL;SASKUTIL;\??\c:\program files\SUPERAntiSpyware\SASKUTIL.SYS --> c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [?] S2 KMService;KMService;c:\windows\system32\srvany.exe [21.11.2015 02:31 8192] S2 SkypeUpdate;Skype Updater;c:\program files\Skype\Updater\Updater.exe [09.07.2015 12:14 327296] S3 btnetBUs;Bluetooth PAN Bus Service;c:\windows\system32\drivers\btnetBus.sys [07.12.2008 12:44 30088] S3 Disc Soft Bus Service;Disc Soft Bus Service;c:\program files\DAEMON Tools Ultra\DiscSoftBusService.exe [10.07.2014 10:01 887056] S3 eapihdrv;eapihdrv;\??\c:\docume~1\user\LOCALS~1\Temp\ehdrv.sys --> c:\docume~1\user\LOCALS~1\Temp\ehdrv.sys [?] S3 FsUsbExDisk;FsUsbExDisk;c:\windows\system32\FsUsbExDisk.Sys [19.10.2010 21:38 36608] S3 FsUsbExService;FsUsbExService;c:\windows\system32\FsUsbExService.Exe [19.10.2010 21:38 238952] S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?] S3 IvtBtBUs;IVT Bluetooth Bus Service;c:\windows\system32\drivers\IvtBtBus.sys [02.07.2008 14:58 26248] S3 VMUVC;Vimicro Camera Service VMUVC;c:\windows\system32\drivers\VMUVC.sys [15.02.2011 17:13 256512] S3 vvftUVC;Vimicro Camera Filter Service VMUVC;c:\windows\system32\drivers\vvftUVC.sys [15.02.2011 17:13 398720] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost] HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12 . [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] 2007-04-19 10:23 452136 -c--a-w- c:\program files\Common Files\LightScribe\LSRunOnce.exe . Contents of the 'Scheduled Tasks' folder . 2016-02-06 c:\windows\Tasks\Adobe Flash Player PPAPI Notifier.job - c:\windows\system32\Macromed\Flash\FlashUtil32_20_0_0_286_pepper.exe [2016-01-20 15:51] . 2016-02-08 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-09-14 15:51] . 2016-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-18 18:33] . 2016-02-08 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job - c:\program files\Google\Update\GoogleUpdate.exe [2010-05-18 18:33] . 2016-02-07 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1303643608-1417001333-1003Core.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-11-10 19:05] . 2016-02-08 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1960408961-1303643608-1417001333-1003UA.job - c:\documents and settings\user\Local Settings\Application Data\Google\Update\GoogleUpdate.exe [2012-11-10 19:05] . 2016-02-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Logon.job - c:\windows\system32\xp_eos.exe [2014-04-04 01:59] . 2015-12-08 c:\windows\Tasks\Microsoft Windows XP End of Service Notification Monthly.job - c:\windows\system32\xp_eos.exe [2014-04-04 01:59] . 2016-02-07 c:\windows\Tasks\User_Feed_Synchronization-{4A9CF932-FD1E-4416-B9EE-F97FA2CE0FFB}.job - c:\windows\system32\msfeedssync.exe [2008-07-12 01:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.google.bg/ mStart Page = about:blank uInternet Connection Wizard,ShellNext = iexplore IE: &Експортиране към Microsoft Excel - c:\progra~1\MICROS~2\Office14\EXCEL.EXE/3000 IE: &Изпрати към OneNote - c:\progra~1\MICROS~2\Office14\ONBttnIE.dll/105 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 Trusted Zone: localhost Trusted Zone: webcompanion.com TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\user\Application Data\Mozilla\Firefox\Profiles\rlui7ct5.default\ FF - prefs.js: browser.search.selectedEngine - Bing FF - prefs.js: browser.startup.homepage - hxxp://www.google.bg/ . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2016-02-08 14:18 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\.Default\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (LocalSystem) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,96,eb,3a,21,20,36,33,46,a4,85,3e,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,96,eb,3a,21,20,36,33,46,a4,85,3e,\ . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\[email protected]=5 *=0 *C*C*l*e*a*n*e*r*& \command] @="c:\\Program Files\\CCleaner\\ccleaner.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}] @Denied: (A 2) (Everyone) @="FlashBroker" "LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe,-101" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation] "Enabled"=dword:00000001 . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32] @="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil32_20_0_0_286_ActiveX.exe" . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}] @Denied: (A 2) (Everyone) @="IFlashBroker6" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32] @="{00020424-0000-0000-C000-000000000046}" . [HKEY_LOCAL_MACHINE\software\Classes\Interface\{299817DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib] @="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}" "Version"="1.0" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(808) c:\windows\system32\Ati2evxx.dll c:\windows\system32\atiadlxx.dll . - - - - - - - > 'explorer.exe'(1456) c:\windows\system32\WININET.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~2\Office14\1026\GrooveIntlResource.dll c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll c:\windows\system32\wpdshserviceobj.dll c:\windows\system32\portabledevicetypes.dll c:\windows\system32\portabledeviceapi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\program files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe c:\windows\system32\wscntfy.exe c:\documents and settings\user\Application Data\uTorrent\updates\3.4.5_41712\utorrentie.exe c:\documents and settings\user\Application Data\uTorrent\updates\3.4.5_41712\utorrentie.exe . ************************************************************************** . Completion time: 2016-02-08 14:21:13 - machine was rebooted ComboFix-quarantined-files.txt 2016-02-08 12:21 ComboFix2.txt 2016-02-08 08:27 . Pre-Run: 50467225600 bytes free Post-Run: 50440949760 bytes free . - - End Of File - - F6E6AD168D176311F6D42465FCDB9F77 8F558EB6672622401DA993E1E865C861
  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

×
×
  • Добави ново...