Премини към съдържанието
Форумът в приложение

По-лесно сърфиране. Научи повече.
Kaldata.com - Форуми

Приложение на форума на цял екран с push известия, значки и други.

За да инсталирате това приложение на iOS и iPadOS
  1. Докоснете Иконата за споделяне в Safari
  2. Превъртете менюто и докоснете Добавяне към началния екран.
  3. Докоснете Добавяне в горния десен ъгъл.
За да инсталирате това приложение на Android
  1. Докоснете менюто с 3 точки (⋮) в горния десен ъгъл на браузъра.
  2. Докоснете Добавяне към началния екран или Инсталиране на приложение.
  3. Потвърдете, като докоснете Инсталиране.
Добави Kaldata.com в предпочитани източници в Google

Luccas

Потребител

  • Регистрация

  • Последно онлайн

Виж профила Намиране на съдържание

  1. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    ESETSmartInstaller@High as downloader log: all ok # version=6 # OnlineScannerApp.exe=1.0.0.1 # OnlineScanner.ocx=1.0.0.5889 # api_version=3.0.2 # EOSSerial=117635f361c880468f2bbef0d76ec803 # end=finished # remove_checked=true # archives_checked=true # unwanted_checked=true # unsafe_checked=true # antistealth_checked=true # utc_time=2009-08-02 10:25:33 # local_time=2009-08-03 01:25:33 (+0200, FLE Daylight Time) # country="Bulgaria" # lang=1033 # osver=5.1.2600 NT Service Pack 2 # scanned=46999 # found=2 # cleaned=2 # scan_time=2616 D:\sports_129\Counter-Strike Wall Hack.rar probably a variant of Win32/Agent trojan (deleted - quarantined) 00000000000000000000000000000000 C D:\sports_129\Counter-Strike Wall Hack\cswallhack\rename_18h.exe probably a variant of Win32/Agent trojan (cleaned by deleting - quarantined) 00000000000000000000000000000000 C

  2. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    ComboFix 09-07-31.04 - Stefan 08/02/2009 16:57.3.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.1791.1259 [GMT 3:00] Running from: c:\documents and settings\Stefan\Desktop\tool.exe.exe Command switches used :: c:\documents and settings\Stefan\Desktop\CFScript.txt.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((( Files Created from 2009-07-02 to 2009-08-02 ))))))))))))))))))))))))))))))) . 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\Stefan\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-31 19:10 . 2009-08-01 11:15 -------- d-----w- C:\HiJackThis 2009-07-30 19:56 . 2009-07-30 19:59 -------- d-----w- c:\program files\SopCast 2009-07-17 16:32 . 2005-01-03 06:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2009-07-17 16:31 . 2009-07-17 16:31 -------- d-----w- c:\program files\Common Files\INCA Shared 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\Stefan\Application Data\Activision 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Activision 2009-07-14 18:46 . 2009-07-14 18:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Criterion Games 2009-07-14 18:41 . 2009-07-14 18:41 7386 ----a-w- c:\windows\system32\ealregsnapshot1.reg 2009-07-14 18:41 . 2009-07-14 18:41 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Downloaded Installations 2009-07-12 11:46 . 2009-07-12 11:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Electronic Arts 2009-07-05 02:32 . 2009-07-08 16:51 -------- d-----w- c:\windows\SxsCaPendDel . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-02 13:46 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\Skype 2009-08-02 13:02 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\skypePM 2009-08-01 23:17 . 2009-02-20 10:12 -------- d-----w- c:\program files\BitComet 2009-07-22 13:09 . 2009-03-15 13:37 -------- d-----w- c:\documents and settings\Stefan\Application Data\Winamp 2009-07-05 02:34 . 2009-02-20 09:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-05 02:30 . 2009-02-20 09:07 -------- d-----w- c:\program files\Common Files\InstallShield 2009-07-02 21:25 . 2009-07-02 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2009-07-02 17:48 . 2009-06-24 20:09 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-02 17:48 . 2009-06-24 20:09 189448 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Publish Providers 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\program files\Vstplugins 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony 2009-07-02 10:52 . 2009-07-02 10:50 23510720 ----a-w- c:\documents and settings\Stefan\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe 2009-07-02 10:50 . 2009-07-02 10:50 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony Setup 2009-07-02 10:46 . 2009-02-23 20:34 -------- d-----w- c:\program files\vloader 2009-06-25 11:12 . 2009-06-24 20:09 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-05-10 12:33 . 2009-05-10 12:33 568 ----a-w- c:\windows\eReg.dat 2009-05-10 12:30 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2009-07-22 17:41 . 2009-04-12 00:49 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . ------- Sigcheck ------- [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\user32.dll [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\dllcache\user32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-08-01_12.41.02 ))))))))))))))))))))))))))))))))))))))))) . - 2001-08-23 12:00 . 2009-08-01 11:18 59440 c:\windows\system32\perfc009.dat + 2001-08-23 12:00 . 2009-08-01 22:40 59440 c:\windows\system32\perfc009.dat + 2001-08-23 12:00 . 2009-08-01 22:40 395200 c:\windows\system32\perfh009.dat - 2001-08-23 12:00 . 2009-08-01 11:18 395200 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "BitComet"="c:\program files\BitComet\BitComet.exe" [2009-01-20 2523960] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-13 17508864] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-09 1657376] c:\documents and settings\Stefan\Start Menu\Programs\Startup\ Indigo Prophecy Registration.lnk - c:\qoobox\Quarantine\C\WINDOWS\Installer\MSI1B17.tmp.vir [2009-4-17 11128832] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-9 113664] FlexType 2K.lnk - c:\program files\GRETECH\Datecs\FlexType 2K\FType2K.exe [2009-2-20 95232] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digest32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "d:\\Program Files\\mIRC\\mIRC\\mirc.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\System32\\svchost.exe"= "c:\\WINDOWS\\system32\\nvsvc32.exe"= "c:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"= "d:\\Program Files\\EA Sports\\FIFA Online 2\\FF2Client.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10935:TCP"= 10935:TCP:BitComet 10935 TCP "10935:UDP"= 10935:UDP:BitComet 10935 UDP "12687:TCP"= 12687:TCP:BitComet 12687 TCP "12687:UDP"= 12687:UDP:BitComet 12687 UDP S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2/20/2009 12:07 PM 1684736] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &С&валяне &с BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &С&валяне на всички с BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &С&валяне на всичкото видео с BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\nwvqoj6y.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-02 17:00 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1960408961-1364589140-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(3808) c:\windows\system32\newdll.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll c:\windows\system32\msi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Teleca Shared\CapabilityManager.exe c:\program files\Common Files\Teleca Shared\Generic.exe c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe . ************************************************************************** . Completion time: 2009-08-02 17:04 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-02 14:03 ComboFix2.txt 2009-08-01 22:39 ComboFix3.txt 2009-08-01 12:43 Pre-Run: 2,803,896,320 bytes free Post-Run: 2,810,081,280 bytes free 173

  3. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    ComboFix 09-07-31.04 - Stefan 08/02/2009 1:32.2.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.1791.1276 [GMT 3:00] Running from: c:\documents and settings\Stefan\Desktop\tool.exe.exe Command switches used :: c:\documents and settings\Stefan\Desktop\CFScript.txt.txt WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! FILE :: "c:\windows\Installer\MSI1B17.tmp" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\windows\Installer\MSI1B17.tmp . ((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 ))))))))))))))))))))))))))))))) . 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\Stefan\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-31 19:10 . 2009-08-01 11:15 -------- d-----w- C:\HiJackThis 2009-07-30 19:56 . 2009-07-30 19:59 -------- d-----w- c:\program files\SopCast 2009-07-17 16:32 . 2005-01-03 06:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2009-07-17 16:31 . 2009-07-17 16:31 -------- d-----w- c:\program files\Common Files\INCA Shared 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\Stefan\Application Data\Activision 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Activision 2009-07-14 18:46 . 2009-07-14 18:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Criterion Games 2009-07-14 18:41 . 2009-07-14 18:41 7386 ----a-w- c:\windows\system32\ealregsnapshot1.reg 2009-07-14 18:41 . 2009-07-14 18:41 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Downloaded Installations 2009-07-12 11:46 . 2009-07-12 11:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Electronic Arts 2009-07-05 02:32 . 2009-07-08 16:51 -------- d-----w- c:\windows\SxsCaPendDel 2009-07-03 05:00 . 2009-07-03 05:00 -------- d-----w- C:\profiles . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-01 22:36 . 2009-02-20 10:12 -------- d-----w- c:\program files\BitComet 2009-08-01 20:37 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\Skype 2009-08-01 13:32 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\skypePM 2009-07-22 13:09 . 2009-03-15 13:37 -------- d-----w- c:\documents and settings\Stefan\Application Data\Winamp 2009-07-05 02:34 . 2009-02-20 09:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-05 02:30 . 2009-02-20 09:07 -------- d-----w- c:\program files\Common Files\InstallShield 2009-07-02 21:25 . 2009-07-02 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI 2009-07-02 17:48 . 2009-06-24 20:09 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-02 17:48 . 2009-06-24 20:09 189448 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Publish Providers 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\program files\Vstplugins 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony 2009-07-02 10:52 . 2009-07-02 10:50 23510720 ----a-w- c:\documents and settings\Stefan\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe 2009-07-02 10:50 . 2009-07-02 10:50 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony Setup 2009-07-02 10:46 . 2009-02-23 20:34 -------- d-----w- c:\program files\vloader 2009-06-25 11:12 . 2009-06-24 20:09 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-05-10 12:33 . 2009-05-10 12:33 568 ----a-w- c:\windows\eReg.dat 2009-05-10 12:30 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2009-07-22 17:41 . 2009-04-12 00:49 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . ------- Sigcheck ------- [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\user32.dll [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\dllcache\user32.dll . ((((((((((((((((((((((((((((( SnapShot@2009-08-01_12.41.02 ))))))))))))))))))))))))))))))))))))))))) . - 2001-08-23 12:00 . 2009-08-01 11:18 59440 c:\windows\system32\perfc009.dat + 2001-08-23 12:00 . 2009-08-01 20:45 59440 c:\windows\system32\perfc009.dat + 2001-08-23 12:00 . 2009-08-01 20:45 395200 c:\windows\system32\perfh009.dat - 2001-08-23 12:00 . 2009-08-01 11:18 395200 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "BitComet"="c:\program files\BitComet\BitComet.exe" [2009-01-20 2523960] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-13 17508864] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-09 1657376] c:\documents and settings\Stefan\Start Menu\Programs\Startup\ Indigo Prophecy Registration.lnk - c:\qoobox\Quarantine\C\WINDOWS\Installer\MSI1B17.tmp.vir [2009-4-17 11128832] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-9 113664] FlexType 2K.lnk - c:\program files\GRETECH\Datecs\FlexType 2K\FType2K.exe [2009-2-20 95232] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digest32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "d:\\Program Files\\mIRC\\mIRC\\mirc.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\System32\\svchost.exe"= "c:\\WINDOWS\\system32\\nvsvc32.exe"= "c:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"= "d:\\Program Files\\EA Sports\\FIFA Online 2\\FF2Client.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10935:TCP"= 10935:TCP:BitComet 10935 TCP "10935:UDP"= 10935:UDP:BitComet 10935 UDP "12687:TCP"= 12687:TCP:BitComet 12687 TCP "12687:UDP"= 12687:UDP:BitComet 12687 UDP "4719:TCP"= 4719:TCP:4719 S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2/20/2009 12:07 PM 1684736] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] . . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &С&валяне &с BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &С&валяне на всички с BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &С&валяне на всичкото видео с BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\nwvqoj6y.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-02 01:36 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1960408961-1364589140-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'explorer.exe'(2016) c:\windows\system32\newdll.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrgui.dll c:\program files\Sony Ericsson\Mobile2\File Manager\fmgrguil.dll c:\windows\system32\msi.dll c:\windows\system32\browselc.dll c:\program files\Microsoft Office\Office12\1033\GrooveIntlResource.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\nvsvc32.exe c:\windows\system32\PnkBstrA.exe c:\windows\system32\wdfmgr.exe c:\windows\system32\wscntfy.exe c:\windows\system32\rundll32.exe c:\program files\Common Files\Teleca Shared\CapabilityManager.exe c:\program files\Common Files\Teleca Shared\Generic.exe c:\program files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe . ************************************************************************** . Completion time: 2009-08-01 1:39 - machine was rebooted ComboFix-quarantined-files.txt 2009-08-01 22:39 ComboFix2.txt 2009-08-01 12:43 Pre-Run: 2,840,788,992 bytes free Post-Run: 2,843,377,664 bytes free 182 Gmer : GMER 1.0.15.15011 [gmer.exe] - http://www.gmer.net Rootkit scan 2009-08-01 15:32:53 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.15 ---- SSDT spky.sys ZwCreateKey [0xB9EA80E0] SSDT spky.sys ZwEnumerateKey [0xB9EC6CA2] SSDT spky.sys ZwEnumerateValueKey [0xB9EC7030] SSDT spky.sys ZwOpenKey [0xB9EA80C0] SSDT spky.sys ZwQueryKey [0xB9EC7108] SSDT spky.sys ZwQueryValueKey [0xB9EC6F88] SSDT spky.sys ZwSetValueKey [0xB9EC719A] INT 0x62 ? 89C98BF8 INT 0x73 ? 89C88BF8 INT 0x83 ? 89C98BF8 INT 0xB4 ? 89C88BF8 ---- Kernel code sections - GMER 1.0.15 ---- ? qwknbbkx.sys The system cannot find the file specified. ! ? spky.sys The system cannot find the file specified. ! .text USBPORT.SYS!DllUnload B9C8362C 5 Bytes JMP 89C881D8 .text aqtzudeu.SYS B95D4386 35 Bytes [00, 00, 00, 00, 00, 00, 20, ...] .text aqtzudeu.SYS B95D43AA 24 Bytes [00, 00, 00, 00, 00, 00, 00, ...] .text aqtzudeu.SYS B95D43C4 3 Bytes [00, 70, 02] {ADD [EAX+0x2], DH} .text aqtzudeu.SYS B95D43C9 1 Byte [2E] .text aqtzudeu.SYS B95D43C9 11 Bytes [2E, 00, 00, 00, 5A, 02, 00, ...] .text ... ---- User code sections - GMER 1.0.15 ---- .text C:\WINDOWS\Explorer.EXE[1428] SHELL32.dll!SHFileOperationW 7CA6D1B9 5 Bytes JMP 10001102 C:\Program Files\Unlocker\UnlockerHook.dll ---- Kernel IAT/EAT - GMER 1.0.15 ---- IAT atapi.sys[HAL.dll!READ_PORT_UCHAR] [b9EA9040] spky.sys IAT atapi.sys[HAL.dll!READ_PORT_BUFFER_USHORT] [b9EA913C] spky.sys IAT atapi.sys[HAL.dll!READ_PORT_USHORT] [b9EA90BE] spky.sys IAT atapi.sys[HAL.dll!WRITE_PORT_BUFFER_USHORT] [b9EA97FC] spky.sys IAT atapi.sys[HAL.dll!WRITE_PORT_UCHAR] [b9EA96D2] spky.sys IAT \SystemRoot\system32\DRIVERS\i8042prt.sys[HAL.dll!READ_PORT_UCHAR] [b9EB9048] spky.sys IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KfAcquireSpinLock] 4B8BDF8B IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!READ_PORT_UCHAR] 8D3F0304 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KeGetCurrentIrql] CB033043 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KfRaiseIrql] 0673C13B IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KfLowerIrql] C13B0003 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!HalGetInterruptVector] 8366FA72 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!HalTranslateBusAddress] 75000E7B IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KeStallExecutionProcessor] 0B7D80E3 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!KfReleaseSpinLock] 307B8D00 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!READ_PORT_BUFFER_USHORT] 00AA840F IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!READ_PORT_USHORT] 83660000 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!WRITE_PORT_BUFFER_USHORT] 6A000E7A IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[HAL.dll!WRITE_PORT_UCHAR] C6647400 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[WMILIB.SYS!WmiSystemControl] 4F8B0200 IAT \SystemRoot\System32\Drivers\aqtzudeu.SYS[WMILIB.SYS!WmiCompleteRequest] 968D5140 ---- User IAT/EAT - GMER 1.0.15 ---- IAT C:\WINDOWS\RTHDCPL.EXE[144] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\RTHDCPL.EXE[144] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\RTHDCPL.EXE[144] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wscntfy.exe[200] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wscntfy.exe[200] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\RUNDLL32.EXE[464] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\RUNDLL32.EXE[464] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\RUNDLL32.EXE[464] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\RUNDLL32.EXE[464] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\csrss.exe[548] @ C:\WINDOWS\system32\winsrv.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\winlogon.exe[572] @ C:\WINDOWS\system32\winlogon.exe [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\winlogon.exe[572] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\winlogon.exe[572] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\winlogon.exe[572] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\winlogon.exe[572] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\services.exe[616] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\lsass.exe[628] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\lsass.exe[628] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\lsass.exe[628] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\lsass.exe[628] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[768] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[768] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[768] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[768] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[840] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[840] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[840] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[840] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[904] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[904] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[904] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[904] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\svchost.exe[904] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[968] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[968] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[968] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[968] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[1008] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[1008] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[1008] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[1008] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\svchost.exe[1008] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe[1060] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe[1060] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe[1060] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe[1060] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Unlocker\UnlockerAssistant.exe[1084] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Unlocker\UnlockerAssistant.exe[1084] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1172] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1172] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1172] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1172] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe[1172] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\spoolsv.exe[1212] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\spoolsv.exe[1212] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\spoolsv.exe[1212] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\spoolsv.exe[1212] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[1256] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[1256] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[1256] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\DAEMON Tools Lite\daemon.exe[1256] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe[1360] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe[1360] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe[1360] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe[1360] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\Explorer.EXE [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\Explorer.EXE[1428] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\ctfmon.exe[1492] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\ctfmon.exe[1492] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\ctfmon.exe[1492] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\ctfmon.exe[1492] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\nvsvc32.exe[1536] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\PnkBstrA.exe[1556] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\PnkBstrA.exe[1556] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe[1952] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe[1952] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe[1952] @ C:\WINDOWS\system32\wininet.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe[1952] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\alg.exe[2028] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\alg.exe[2028] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\alg.exe[2028] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\System32\alg.exe[2028] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\Generic.exe[2212] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\Generic.exe[2212] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\Generic.exe[2212] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Common Files\Teleca Shared\Generic.exe[2212] @ C:\WINDOWS\system32\WININET.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe[2356] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe[2356] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe[2356] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wuauclt.exe[2688] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wuauclt.exe[2688] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wuauclt.exe[2688] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\WINDOWS\system32\wuauclt.exe[2688] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Documents and Settings\Stefan\Desktop\gmer\gmer.exe[3692] @ C:\WINDOWS\system32\SHLWAPI.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Documents and Settings\Stefan\Desktop\gmer\gmer.exe[3692] @ C:\WINDOWS\system32\SHELL32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Documents and Settings\Stefan\Desktop\gmer\gmer.exe[3692] @ C:\WINDOWS\system32\USERENV.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) IAT C:\Documents and Settings\Stefan\Desktop\gmer\gmer.exe[3692] @ C:\WINDOWS\system32\ole32.dll [uSER32.dll!SetFocus] [77D4E5DC] C:\WINDOWS\system32\USER32.dll (Windows XP USER API Client DLL/Microsoft Corporation) ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 89C971F8 Device \Driver\sptd \Device\490035796 spky.sys Device \Driver\usbohci \Device\USBPDO-0 89C871F8 Device \Driver\usbehci \Device\USBPDO-1 89C851F8 Device \Driver\dmio \Device\DmControl\DmIoDaemon 89C2C1F8 Device \Driver\dmio \Device\DmControl\DmConfig 89C2C1F8 Device \Driver\dmio \Device\DmControl\DmPnP 89C2C1F8 Device \Driver\dmio \Device\DmControl\DmInfo 89C2C1F8 Device \Driver\usbohci \Device\USBPDO-2 89C871F8 Device \Driver\usbehci \Device\USBPDO-3 89C851F8 Device \Driver\Ftdisk \Device\HarddiskVolume1 89C991F8 Device \Driver\Ftdisk \Device\HarddiskVolume2 89C991F8 Device \Driver\Cdrom \Device\CdRom0 89ACC1F8 Device \Driver\Cdrom \Device\CdRom1 89ACC1F8 Device \Driver\atapi \Device\Ide\IdePort0 89C981F8 Device \Driver\atapi \Device\Ide\IdePort1 89C981F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T0L0-4 89C981F8 Device \Driver\atapi \Device\Ide\IdePort2 89C981F8 Device \Driver\atapi \Device\Ide\IdeDeviceP0T1L0-c 89C981F8 Device \Driver\atapi \Device\Ide\IdePort3 89C981F8 Device \Driver\Cdrom \Device\CdRom2 89ACC1F8 Device \Driver\Cdrom \Device\CdRom3 89ACC1F8 Device \Driver\Cdrom \Device\CdRom4 89ACC1F8 Device \Driver\PCI_PNP0796 \Device\0000003d spky.sys Device \Driver\NetBT \Device\NetBt_Wins_Export 89602500 Device \Driver\NetBT \Device\NetbiosSmb 89602500 Device \Driver\NetBT \Device\NetBT_Tcpip_{5B4E451C-B725-46DB-88B5-574A5687CA60} 89602500 Device \Driver\usbohci \Device\USBFDO-0 89C871F8 Device \Driver\usbehci \Device\USBFDO-1 89C851F8 Device \FileSystem\MRxSmb \Device\LanmanDatagramReceiver 895DD1F8 Device \Driver\usbohci \Device\USBFDO-2 89C871F8 Device \Driver\usbehci \Device\USBFDO-3 89C851F8 Device \FileSystem\MRxSmb \Device\LanmanRedirector 895DD1F8 Device \Driver\Ftdisk \Device\FtControl 89C991F8 Device \Driver\aqtzudeu \Device\Scsi\aqtzudeu1Port4Path0Target1Lun0 89ABC500 Device \Driver\aqtzudeu \Device\Scsi\aqtzudeu1Port4Path0Target3Lun0 89ABC500 Device \Driver\aqtzudeu \Device\Scsi\aqtzudeu1 89ABC500 Device \Driver\aqtzudeu \Device\Scsi\aqtzudeu1Port4Path0Target2Lun0 89ABC500 Device \Driver\aqtzudeu \Device\Scsi\aqtzudeu1Port4Path0Target0Lun0 89ABC500 Device \FileSystem\Cdfs \Cdfs 895B51F8 ---- Registry - GMER 1.0.15 ---- Reg HKLM\SYSTEM\CurrentControlSet\Control\Session Manager@PendingFileRenameOperations ???(??????X??H???H???H??LocalSystem??????%???????????A?????????????s?+??????????????????????????6????!????????????????????????6??????????@???????????????????????????@??????????????????6???6????????????6??{36FC9E60-C465-11CF-8056-444553540000}?SB ?????C????ATH<cr>??????C??????????????????????????????????????????? ??????????????????????????? ?????????????????????????????????6????LocalSystem?????USBSTOR_BULK????Sony Ericsson???k750mdm.sys??????F?B?F?C?F?F?C??? ???????$?????C??????? ??N?????????????????? ???????C?????C??????? ????????????'????????????????????3??? ???????C?????-?? ??A? ??"???&??????????????0??SCSI\CdRomSTGHWP__UZS563G1________1.03?SCSI\CdRomSTGHWP__UZS563G1________?SCSI\CdRomSTGHWP__?SCSI\STGHWP__UZS563G1________1?STGHWP__UZS563G1________1?GenCdRom??????SCSI\CdRomSTGHWP__UZS563G1________1.03?SCSI\CdRomSTGHWP__UZS563G1________?SCSI\CdRomSTGHWP__?SCSI\STGHWP__UZS563G1________1?STGHWP__UZS563G1________1?GenCdRom??????(Standard disk drives)???????K?K?K???????????5????????????,??C???+?????n?C???"????? Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s1 771343423 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@s2 285507792 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg@h0 1 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA2 0xC1 0x7B 0xC9 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7D 0x12 0x6C 0x1F ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x5A 0xBF 0xB6 0xC6 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x5D 0xFF 0xB2 0xBB ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x6A 0x21 0x2C 0x13 ... Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 Reg HKLM\SYSTEM\CurrentControlSet\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xBC 0xB3 0x3A 0xD6 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@p0 C:\Program Files\DAEMON Tools Lite\ Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@h0 0 Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4@khjeh 0xA2 0xC1 0x7B 0xC9 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@a0 0x20 0x01 0x00 0x00 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001@khjeh 0x7D 0x12 0x6C 0x1F ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf40@khjeh 0x5A 0xBF 0xB6 0xC6 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf41@khjeh 0x5D 0xFF 0xB2 0xBB ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf42@khjeh 0x6A 0x21 0x2C 0x13 ... Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43 (not active ControlSet) Reg HKLM\SYSTEM\ControlSet002\Services\sptd\Cfg\19659239224E364682FA4BAF72C53EA4\00000001\0Jf43@khjeh 0xBC 0xB3 0x3A 0xD6 ... ---- EOF - GMER 1.0.15 ----

  4. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    Трябва ми за да мога да правя клипове с Movie Maker ? Задължително ли трябва да го изтрия. ВЕЧЕ НЕ МИ ИЗЛИЗА НИКАКЪВ ЕРРОР ТРЯБВА ЛИ ОЩЕ НЕЩА ДА ПРАВЯ ?

  5. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    DDS : DDS (Ver_09-07-30.01) - NTFSx86 Run by Stefan at 15:33:19.03 on ±єЎ®І 08/01/2009 Internet Explorer: 6.0.2900.2180 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.1791.1311 [GMT 3:00] ============== Running Processes =============== C:\WINDOWS\system32\svchost -k DcomLaunch svchost.exe C:\WINDOWS\System32\svchost.exe -k netsvcs svchost.exe svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Winamp\winamp.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Stefan\Desktop\dds.scr ============== Pseudo HJT Report =============== uStart Page = hxxp://search.orbitdownloader.com uURLSearchHooks: H - No File BHO: Octh Class: {000123b4-9b42-4900-b3f7-f4b073efc214} - d:\program files\orbitdownloader\orbitcth.dll BHO: FG2CatchUrl: {1f364306-aa45-47b5-9f9d-39a8b94e7ef1} - c:\program files\flashget network\flashget universal\comdlls\bhoCATCH.dll BHO: Skype add-on (mastermind): {22bf413b-c6d2-4d91-82a9-a0f997ba588c} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dll BHO: Groove GFS Browser Helper: {72853161-30c5-4d22-b7f9-0bbc1d38a37e} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL TB: Grab Pro: {c55bbcd6-41ad-48ad-9953-3609c48eacc7} - d:\program files\orbitdownloader\GrabPro.dll TB: {2C688203-7EB3-4327-9995-1CB417BA23F9} - No File TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun uRun: [bitComet] "c:\program files\bitcomet\BitComet.exe" /tray uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe" uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [uniblue RegistryBooster 2009] d:\program files\uniblue\registrybooster\RegistryBooster.exe /S mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [<NO NAME>] mRun: [sony Ericsson PC Suite] "c:\program files\sony ericsson\mobile2\application launcher\Application Launcher.exe" /startoptions mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [Media Codec Update Service] c:\program files\essentials codec pack\update.exe -silent mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe mRun: [FlashGet] "c:\program files\flashget network\flashget universal\FlashGet.exe" /min mRun: [Windows System Update] c:\windows\temp\CSRSS.EXE mRun: [Language_Shortcut] c:\windows\temp\IEXPLORE.EXE mRun: [sYSTRAY_UPDATE] c:\windows\temp\systray.exe mRun: [RUNDLL32] c:\windows\temp\rundll32.exe StartupFolder: c:\docume~1\stefan\startm~1\programs\startup\indigo~1.lnk - c:\windows\installer\MSI1B17.tmp StartupFolder: c:\docume~1\stefan\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\flexty~1.lnk - c:\program files\gretech\datecs\flextype 2k\FType2K.exe StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\orbit.lnk - d:\program files\orbitdownloader\orbitdm.exe IE: &Download All by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\flashget network\flashget universal\comdlls\Bholink.htm IE: &Download by Orbit - d:\program files\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - d:\program files\orbitdownloader\orbitmxt.dll/204 IE: &С&валяне &с BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm IE: &С&валяне на всички с BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm IE: &С&валяне на всичкото видео с BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm IE: Do&wnload selected by Orbit - d:\program files\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - d:\program files\orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\micros~1\office12\EXCEL.EXE/3000 IE: {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://c:\program files\bitcomet\tools\BitCometBHO_1.3.1.15.dll/206 IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~1\office12\ONBttnIE.dll IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - c:\program files\skype\toolbars\internet explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~1\office12\REFIEBAR.DLL DPF: {31435657-9980-0010-8000-00AA00389B71} - hxxp://download.microsoft.com/download/e/2/f/e2fcec4b-6c8b-48b7-adab-ab9c403a978f/wvc1dmo.cab DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\progra~1\micros~1\office12\GR99D3~1.DLL Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL SEH: Groove GFS Stub Execution Hook: {b5a7f190-dda6-4420-b3ba-52453494e6cd} - c:\progra~1\micros~1\office12\GRA8E1~1.DLL SecurityProviders: msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, snapapi32.dll, digest32.dll, wowfx.dll ================= FIREFOX =================== FF - ProfilePath - c:\docume~1\stefan\applic~1\mozilla\firefox\profiles\nwvqoj6y.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com FF - plugin: c:\quicktime\plugins\npqtplugin.dll FF - plugin: c:\quicktime\plugins\npqtplugin2.dll FF - plugin: c:\quicktime\plugins\npqtplugin3.dll FF - plugin: c:\quicktime\plugins\npqtplugin4.dll FF - plugin: c:\quicktime\plugins\npqtplugin5.dll FF - plugin: c:\quicktime\plugins\npqtplugin6.dll FF - plugin: c:\quicktime\plugins\npqtplugin7.dll FF - plugin: d:\program files\adobe\acrobat 7.0\reader\browser\nppdf32.dll ============= SERVICES / DRIVERS =============== S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-2-20 1684736] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?] =============== Created Last 30 ================ 2009-07-31 22:53 <DIR> --d----- c:\docume~1\stefan\applic~1\Malwarebytes 2009-07-31 22:53 38,160 a------- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-31 22:53 19,096 a------- c:\windows\system32\drivers\mbam.sys 2009-07-31 22:53 <DIR> --d----- c:\program files\Malwarebytes' Anti-Malware 2009-07-31 22:53 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Malwarebytes 2009-07-31 22:10 <DIR> --d----- C:\HiJackThis 2009-07-30 22:56 <DIR> --d----- c:\program files\SopCast 2009-07-17 19:39 778 a------- c:\windows\FOE2.ini 2009-07-17 19:35 2,735,133 a------- c:\windows\system32\GameMon.des 2009-07-17 19:32 4,682 a------- c:\windows\system32\npptNT2.sys 2009-07-17 19:32 5,174 a------- c:\windows\system32\nppt9x.vxd 2009-07-17 19:31 <DIR> --d----- c:\program files\common files\INCA Shared 2009-07-17 02:47 <DIR> --d----- c:\docume~1\stefan\applic~1\Activision 2009-07-17 02:47 <DIR> --d----- c:\docume~1\alluse~1\applic~1\Activision 2009-07-14 21:41 7,386 a------- c:\windows\system32\ealregsnapshot1.reg 2009-07-06 00:20 398,267 a------- C:\AnalysisLog.sr0 2009-07-05 05:32 <DIR> --d----- c:\windows\SxsCaPendDel 2009-07-03 08:00 <DIR> --d----- c:\docume~1\stefan\applic~1\BITS 2009-07-03 08:00 <DIR> --d----- C:\profiles 2009-07-03 07:59 <DIR> --d----- c:\program files\FlashGet Network 2009-07-03 00:25 <DIR> --d----- c:\docume~1\alluse~1\applic~1\KONAMI ==================== Find3M ==================== 2009-07-02 20:48 138,016 a------- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-02 20:48 189,448 a------- c:\windows\system32\PnkBstrB.exe 2009-06-25 14:12 75,064 a------- c:\windows\system32\PnkBstrA.exe 2009-06-24 23:09 22,328 a------- c:\docume~1\stefan\applic~1\PnkBstrK.sys ============= FINISH: 15:33:24.17 =============== Attach : UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT DDS (Ver_09-07-30.01) Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 2/20/2009 9:56:48 AM System Uptime: 8/1/2009 2:13:34 PM (1 hours ago) Motherboard: ECS | | GeForce7050M-M Processor: AMD Athlon Processor LE-1620 | CPU 1 | 2394/200mhz ==== Disk Partitions ========================= A: is Removable C: is FIXED (NTFS) - 10 GiB total, 2.292 GiB free. D: is FIXED (NTFS) - 29 GiB total, 0.694 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () H: is CDROM () I: is CDROM () ==== Disabled Device Manager Items ============= Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: SM Bus Controller Device ID: PCI\VEN_10DE&DEV_0542&SUBSYS_26091019&REV_A2\3&267A616A&0&09 Manufacturer: Name: SM Bus Controller PNP Device ID: PCI\VEN_10DE&DEV_0542&SUBSYS_26091019&REV_A2\3&267A616A&0&09 Service: ==== System Restore Points =================== No restore point in system. ==== Installed Programs ====================== Adobe Flash Player 10 ActiveX Adobe Flash Player 10 Plugin Adobe Photoshop 7.0 Adobe Shockwave Player Apple Software Update BFL FIFA 09 fix 1 BitComet 1.09 Burnout Paradise The Ultimate Box Call of Duty® 4 - Modern Warfare Call of Duty® 4 - Modern Warfare 1.1 Patch Call of Duty® 4 - Modern Warfare 1.2 Patch Call of Duty® 4 - Modern Warfare 1.3 Patch Call of Duty® 4 - Modern Warfare 1.4 Patch Call of Duty® 4 - Modern Warfare 1.5 Multiplayer Patch Call of Duty® 4 - Modern Warfare 1.5 Patch Call of Duty® 4 - Modern Warfare 1.6 Patch Call of Duty® 4 - Modern Warfare 1.7 Patch Compatibility Pack for the 2007 Office system Delta Force Land Warrior EA Sports FIFA Online 2 EA SPORTS online 2008 EA SPORTS™ NBA LIVE 08 FIFA 08 FlashGet 2.0 FlexType 2K GOM Player Harry Potter and the Half-Blood Prince™ High Definition Audio Driver Package - KB888111 HijackThis 2.0.2 K-Lite Codec Pack 4.7.5 (Full) Malwarebytes' Anti-Malware Microsoft .NET Framework 2.0 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office PowerPoint Viewer 2003 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable mIRC Mozilla Firefox (3.0.12) MPEG2 Codec(libmpeg2/mad) Nero 6 Ultra Edition NVIDIA Drivers PhotoScape Pro Evolution Soccer 2009 Realtek High Definition Audio Driver Skype™ 4.0 SoccerJam by LiOL [amxbg.Team] Sony Ericsson PC Suite 1.20.173 SopCast 3.2.4 Texas Hold'em Poker 3D - Deluxe Edition 1.0 Transformers Revenge of the Fallen - The Game TVAnts 1.0 Unlocker 1.8.7 Vegas Movie Studio 9.0 vloader 1.8 vloader 2.4 vloader 2.5 WebFldrs XP Winamp Windows Essentials Media Codec Pack 1.0 Windows Installer 3.1 (KB893803) Windows Media Format Runtime WinRAR archiver ==== Event Viewer Messages From Past Week ======== 8/1/2009 2:14:18 PM, error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The system cannot find the file specified. 7/27/2009 11:52:20 AM, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the Task Scheduler service to connect. 7/27/2009 11:52:20 AM, error: Service Control Manager [7000] - The Task Scheduler service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 7/27/2009 11:50:57 AM, information: Windows File Protection [64005] - The protected system file user32.dll was not restored to its original, valid version because the Windows File Protection restoration process was cancelled by user interaction, user name is Stefan. The file version of the bad file is 5.1.2600.2180. 7/25/2009 1:35:15 AM, error: Service Control Manager [7034] - The Windows User Mode Driver Framework service terminated unexpectedly. It has done this 1 time(s). 7/25/2009 1:35:04 AM, error: Service Control Manager [7034] - The DNS Client service terminated unexpectedly. It has done this 1 time(s). ==== End Of File =========================== Tool.exe : ComboFix 09-07-31.04 - Stefan 08/01/2009 15:37.1.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1251.1.1033.18.1791.1275 [GMT 3:00] Running from: c:\documents and settings\Stefan\Desktop\tool.exe.exe * Created a new restore point WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\Stefan\Application Data\BITS c:\documents and settings\Stefan\Application Data\BITS\BITS.ini c:\documents and settings\Stefan\Application Data\BITS\DHTTable.dat c:\documents and settings\Stefan\Application Data\BITS\ProxyList.ini c:\program files\FlashGet Network c:\program files\FlashGet Network\FlashGet universal\btcore.dll c:\program files\FlashGet Network\FlashGet universal\btwrap.dll c:\program files\FlashGet Network\FlashGet universal\BugReport.dll c:\program files\FlashGet Network\FlashGet universal\BugReport.exe c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm c:\program files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhocfg.ini c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm c:\program files\FlashGet Network\FlashGet universal\ComDlls\ComDlls.ini c:\program files\FlashGet Network\FlashGet universal\ComDlls\flashget.xpi c:\program files\FlashGet Network\FlashGet universal\ComDlls\FlashgetXpi.dll c:\program files\FlashGet Network\FlashGet universal\ComDlls\IFlashgetXpi.xpt c:\program files\FlashGet Network\FlashGet universal\dbghelp.dll c:\program files\FlashGet Network\FlashGet universal\DBTrans.dll c:\program files\FlashGet Network\FlashGet universal\dbtrans_verbose.log c:\program files\FlashGet Network\FlashGet universal\DBTransC.exe c:\program files\FlashGet Network\FlashGet universal\ed2kwrap.dll c:\program files\FlashGet Network\FlashGet universal\explorerbar.dll c:\program files\FlashGet Network\FlashGet universal\fgoption.ini c:\program files\FlashGet Network\FlashGet universal\FGVer.dll c:\program files\FlashGet Network\FlashGet universal\flashget.exe c:\program files\FlashGet Network\FlashGet universal\gt.exe c:\program files\FlashGet Network\FlashGet universal\hashgen.dll c:\program files\FlashGet Network\FlashGet universal\Help\license.txt c:\program files\FlashGet Network\FlashGet universal\Help\Readme.txt c:\program files\FlashGet Network\FlashGet universal\Help\WHATSNEW.TXT c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBatchLinksDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddBTTask.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Added.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddEMTask.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddHpFpLink.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksDlgEx.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\AddLinksModern.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BrowserPlugins.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\BTOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CategoryView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ComfirmWhenExitDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\CommonDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ConfirmInvalidLinks.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ContextMenu.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DefaultDownloadsDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DeleteFilesDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\DetailStatus.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\EMServers.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExplorerPane.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ExtensionRuleDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FG2SearchTopPlugin.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileListCtrl.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FileRemovedDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FindTaskDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashgetAbout.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FlashGetDlg.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\FSUStatusBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageLoginDialog.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\GarageView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HotResource.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\HpFpOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Info.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\LogsOutput.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MACReader.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainMenu.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MainToolbar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\MonitorOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NormalOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\NotifyOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Option.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\P4PPluginMain.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\ProxySetting.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SearchBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Security.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityScan.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\SecurityToolbar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\Shutdown.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\StatusBar.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskDefOption.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskListView.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\TaskNotify.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\UserListCtrl.ini c:\program files\FlashGet Network\FlashGet universal\Langs\FGXL_ENG\XpEnhance.ini c:\program files\FlashGet Network\FlashGet universal\libupnp.dll c:\program files\FlashGet Network\FlashGet universal\LiveUpdateUI.dll c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\ComHelper.dll c:\program files\FlashGet Network\FlashGet universal\modules\ComHelper\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Downstat.dll c:\program files\FlashGet Network\FlashGet universal\modules\Downstat\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\P4pclient.dll c:\program files\FlashGet Network\FlashGet universal\modules\P4pclient\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource.ini c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\iexplorer.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\resource.xml c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\search.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\subscribe.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\Resource\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\modules\SearchTop\SearchTop.dll c:\program files\FlashGet Network\FlashGet universal\modules\Security\FunctionalRepair.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\Security\Scanning.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.bmp c:\program files\FlashGet Network\FlashGet universal\modules\Security\SECURITY.dll c:\program files\FlashGet Network\FlashGet universal\modules\Security\Security.xml c:\program files\FlashGet Network\FlashGet universal\modules\Security\SystemFix.bmp c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SamplerCli.dll c:\program files\FlashGet Network\FlashGet universal\modules\SnapShot\SnapShot.dll c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\Info.ini c:\program files\FlashGet Network\FlashGet universal\modules\tasknotifier\tasknotifier.dll c:\program files\FlashGet Network\FlashGet universal\P2PCfg.ini c:\program files\FlashGet Network\FlashGet universal\P2PCore.dll c:\program files\FlashGet Network\FlashGet universal\p2pprot.dll c:\program files\FlashGet Network\FlashGet universal\p2snetio.dll c:\program files\FlashGet Network\FlashGet universal\p2spmgr.dll c:\program files\FlashGet Network\FlashGet universal\p2spmgr.ini c:\program files\FlashGet Network\FlashGet universal\p2sprot.dll c:\program files\FlashGet Network\FlashGet universal\p2spwrap.dll c:\program files\FlashGet Network\FlashGet universal\p4spmgr.ini c:\program files\FlashGet Network\FlashGet universal\Profiles\config.dat c:\program files\FlashGet Network\FlashGet universal\Profiles\tasks.dat c:\program files\FlashGet Network\FlashGet universal\Skins\close_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\close_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\close_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\max_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_default.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_press.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\min_select.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\notify.wav c:\program files\FlashGet Network\FlashGet universal\Skins\notify_board.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\notify_icon.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Back.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Backward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\BrowserBarCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\FlashgetResource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Forward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarCT\Home.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Backward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\BrowserBarDisableCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Forward.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Home.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\BrowserBarDisableCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Available.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\CategoryTreeCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloaded.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Downloading.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Favorite.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Flashget.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Release.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Rubbish.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\CategoryTreeCT\Search.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\Expbar.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\garage.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\ExpBar\transfer.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\BT.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\EM.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\GlobalOptionCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\HpFp.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Monitor.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Normal.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Notify.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\Proxy.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\GlobalOptionCT\TaskDef.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Info.ini c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MainMenuCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveDownTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\MoveUpTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainMenuCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\MainToolbarCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\About.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\DeleteTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Folder.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\MainToolbarDisableCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\NewTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Open.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Option.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\PauseTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\Resource.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\StartTask.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\MainToolbarDisableCT\TaskProperties.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\InfoBkg.Bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\Monitor\MonitorBkg.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Down.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Error.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Normal.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\OutpuLogCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\OutpuLogCT\Up.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\All.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Book.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Bt.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Game.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Movie.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Music.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Phone.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Picture.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\SobarIconCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\SobarIconCT\Software.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Error.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\hashing.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\OK.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pause.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Pin.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Schedule.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Start.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\TaskListCT.xml c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Upload.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\ShadowGrayBlue\TaskListCT\Wait.bmp c:\program files\FlashGet Network\FlashGet universal\Skins\Thumbs.db c:\program files\FlashGet Network\FlashGet universal\storage.dll c:\program files\FlashGet Network\FlashGet universal\SysOpt.exe c:\program files\FlashGet Network\FlashGet universal\transaction.log c:\program files\FlashGet Network\FlashGet universal\uninst.exe c:\program files\FlashGet Network\FlashGet universal\zlib.dll c:\windows\struct~.ini . ((((((((((((((((((((((((( Files Created from 2009-07-01 to 2009-08-01 ))))))))))))))))))))))))))))))) . 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\Stefan\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2009-07-31 19:53 . 2009-07-31 19:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2009-07-31 19:53 . 2009-07-13 10:36 19096 ----a-w- c:\windows\system32\drivers\mbam.sys 2009-07-31 19:10 . 2009-08-01 11:15 -------- d-----w- C:\HiJackThis 2009-07-30 19:56 . 2009-07-30 19:59 -------- d-----w- c:\program files\SopCast 2009-07-17 16:32 . 2005-01-03 06:43 4682 ----a-w- c:\windows\system32\npptNT2.sys 2009-07-17 16:31 . 2009-07-17 16:31 -------- d-----w- c:\program files\Common Files\INCA Shared 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\Stefan\Application Data\Activision 2009-07-16 23:47 . 2009-07-16 23:47 -------- d-----w- c:\documents and settings\All Users\Application Data\Activision 2009-07-14 18:46 . 2009-07-14 18:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Criterion Games 2009-07-14 18:41 . 2009-07-14 18:41 7386 ----a-w- c:\windows\system32\ealregsnapshot1.reg 2009-07-14 18:41 . 2009-07-14 18:41 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Downloaded Installations 2009-07-12 11:46 . 2009-07-12 11:46 -------- d-----w- c:\documents and settings\Stefan\Local Settings\Application Data\Electronic Arts 2009-07-05 02:32 . 2009-07-08 16:51 -------- d-----w- c:\windows\SxsCaPendDel 2009-07-03 05:00 . 2009-07-03 05:00 -------- d-----w- C:\profiles 2009-07-02 21:25 . 2009-07-02 21:25 -------- d-----w- c:\documents and settings\All Users\Application Data\KONAMI . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-08-01 11:38 . 2009-04-10 23:35 -------- dc-h--w- c:\documents and settings\All Users\Application Data\~0 2009-08-01 11:15 . 2009-02-20 10:12 -------- d-----w- c:\program files\BitComet 2009-08-01 10:53 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\Skype 2009-07-31 21:03 . 2009-02-20 08:12 -------- d-----w- c:\documents and settings\Stefan\Application Data\skypePM 2009-07-22 13:09 . 2009-03-15 13:37 -------- d-----w- c:\documents and settings\Stefan\Application Data\Winamp 2009-07-05 02:34 . 2009-02-20 09:07 -------- d--h--w- c:\program files\InstallShield Installation Information 2009-07-05 02:30 . 2009-02-20 09:07 -------- d-----w- c:\program files\Common Files\InstallShield 2009-07-02 17:48 . 2009-06-24 20:09 138016 ----a-w- c:\windows\system32\drivers\PnkBstrK.sys 2009-07-02 17:48 . 2009-06-24 20:09 189448 ----a-w- c:\windows\system32\PnkBstrB.exe 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Publish Providers 2009-07-02 11:00 . 2009-07-02 11:00 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\program files\Vstplugins 2009-07-02 10:58 . 2009-07-02 10:58 -------- d-----w- c:\documents and settings\All Users\Application Data\Sony 2009-07-02 10:52 . 2009-07-02 10:50 23510720 ----a-w- c:\documents and settings\Stefan\Application Data\Sony Setup\09063B41-0916-4360-A80D-0C2A2B89D300\dotnetfx.exe 2009-07-02 10:50 . 2009-07-02 10:50 -------- d-----w- c:\documents and settings\Stefan\Application Data\Sony Setup 2009-07-02 10:46 . 2009-02-23 20:34 -------- d-----w- c:\program files\vloader 2009-06-25 11:12 . 2009-06-24 20:09 75064 ----a-w- c:\windows\system32\PnkBstrA.exe 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-06-24 20:09 . 2009-06-24 20:09 22328 ----a-w- c:\documents and settings\Stefan\Application Data\PnkBstrK.sys 2009-05-10 12:33 . 2009-05-10 12:33 568 ----a-w- c:\windows\eReg.dat 2009-05-10 12:30 . 2004-07-17 09:36 12400 ----a-w- c:\windows\system32\drivers\secdrv.sys 2009-07-22 17:41 . 2009-04-12 00:49 134648 ----a-w- c:\program files\mozilla firefox\components\brwsrcmp.dll . ------- Sigcheck ------- [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\user32.dll [-] 2006-01-04 01:30 577024 6DE681FDEABCDF846393CBB3C1784520 c:\windows\system32\dllcache\user32.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\daemon.exe" [2008-08-08 490952] "BitComet"="c:\program files\BitComet\BitComet.exe" [2009-01-20 2523960] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2004-08-03 15360] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2009-02-09 13680640] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2009-02-09 86016] "Sony Ericsson PC Suite"="c:\program files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" [2005-10-26 159744] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2008-05-02 15872] "GrooveMonitor"="c:\program files\Microsoft Office\Office12\GrooveMonitor.exe" [2006-10-26 31016] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2009-02-13 17508864] "nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2009-02-09 1657376] c:\documents and settings\Stefan\Start Menu\Programs\Startup\ Indigo Prophecy Registration.lnk - c:\windows\Installer\MSI1B17.tmp [2009-4-17 11128832] OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2006-10-26 98632] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Adobe Gamma Loader.lnk - c:\program files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe [2009-4-9 113664] FlexType 2K.lnk - c:\program files\GRETECH\Datecs\FlexType 2K\FType2K.exe [2009-2-20 95232] [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, digest.dll, msnsspc.dll, digest32.dll [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "d:\\Program Files\\mIRC\\mIRC\\mirc.exe"= "c:\\Program Files\\BitComet\\BitComet.exe"= "c:\\Program Files\\NetMeeting\\conf.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\GROOVE.EXE"= "c:\\Program Files\\Microsoft Office\\Office12\\ONENOTE.EXE"= "c:\\WINDOWS\\system32\\PnkBstrA.exe"= "c:\\WINDOWS\\system32\\PnkBstrB.exe"= "c:\\WINDOWS\\System32\\svchost.exe"= "c:\\WINDOWS\\system32\\nvsvc32.exe"= "c:\\WINDOWS\\system32\\wbem\\wmiprvse.exe"= "d:\\Program Files\\EA Sports\\FIFA Online 2\\FF2Client.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "10935:TCP"= 10935:TCP:BitComet 10935 TCP "10935:UDP"= 10935:UDP:BitComet 10935 UDP "12687:TCP"= 12687:TCP:BitComet 12687 TCP "12687:UDP"= 12687:UDP:BitComet 12687 UDP "4719:TCP"= 4719:TCP:4719 S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2/20/2009 12:07 PM 1684736] S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\GameMon.des -service --> c:\windows\system32\GameMon.des -service [?] --- Other Services/Drivers In Memory --- *NewlyCreated* - AUJASNKJ *Deregistered* - aujasnkj . Contents of the 'Scheduled Tasks' folder . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\Lib\NMBgMonitor.exe HKCU-Run-Uniblue RegistryBooster 2009 - d:\program files\Uniblue\RegistryBooster\RegistryBooster.exe HKLM-Run-Media Codec Update Service - c:\program files\Essentials Codec Pack\update.exe HKLM-Run-FlashGet - c:\program files\FlashGet Network\FlashGet universal\FlashGet.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://search.orbitdownloader.com IE: &Download All by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm IE: &Download by FlashGet - c:\program files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm IE: &Download by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/204 IE: &С&валяне &с BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm IE: &С&валяне на всички с BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm IE: &С&валяне на всичкото видео с BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm IE: Do&wnload selected by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - d:\program files\Orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~1\Office12\EXCEL.EXE/3000 FF - ProfilePath - c:\documents and settings\Stefan\Application Data\Mozilla\Firefox\Profiles\nwvqoj6y.default\ FF - prefs.js: browser.startup.homepage - hxxp://search.orbitdownloader.com . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-08-01 15:41 Windows 5.1.2600 Service Pack 2 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet001\Services\npggsvc] "ImagePath"="c:\windows\system32\GameMon.des -service" . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_USERS\S-1-5-21-1960408961-1364589140-725345543-1003\Software\Microsoft\SystemCertificates\AddressBook*] @Allowed: (Read) (RestrictedCode) @Allowed: (Read) (RestrictedCode) . Completion time: 2009-08-01 15:43 ComboFix-quarantined-files.txt 2009-08-01 12:42 Pre-Run: 2,383,085,568 bytes free Post-Run: 2,884,911,104 bytes free 404

  6. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    Malwarebytes' Anti-Malware 1.39 Database version: 2537 Windows 5.1.2600 Service Pack 2 8/1/2009 2:02:21 PM mbam-log-2009-08-01 (14-02-21).txt Scan type: Full Scan (C:\|D:\|) Objects scanned: 150354 Time elapsed: 4 hour(s), 14 minute(s), 21 second(s) Memory Processes Infected: 4 Memory Modules Infected: 1 Registry Keys Infected: 24 Registry Values Infected: 10 Registry Data Items Infected: 5 Folders Infected: 9 Files Infected: 32 Memory Processes Infected: C:\Documents and Settings\Stefan\Start Menu\Programs\Startup\userinit.exe (Trojan.Agent) -> Unloaded process successfully. C:\Documents and Settings\LocalService\svchost.exe (Trojan.Agent) -> Unloaded process successfully. C:\Documents and Settings\Stefan\svchost.exe (Trojan.Agent) -> Unloaded process successfully. C:\WINDOWS\system32\drivers\services.exe (Trojan.Agent) -> Unloaded process successfully. Memory Modules Infected: C:\WINDOWS\system32\wvUkLFya.dll (Trojan.Vundo.H) -> Delete on reboot. Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\wvuklfya (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\iyhflbzh1.qs (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\TypeLib\{7feed193-7a48-f7b6-984f-c603ce1de99b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{967a494a-6aec-4555-9caf-fa6eb00acf91} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{9692be2f-eb8f-49d9-a11c-c24c1ef734d5} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8a555e0e-6240-dd93-198d-45f571d4fd9b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{8a555e0e-6240-dd93-198d-45f571d4fd9b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8a555e0e-6240-dd93-198d-45f571d4fd9b} (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\iyhflbzh1.qs.1 (Trojan.FakeAlert) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{04b31ee9-ec66-4ced-8ff4-a9e7e22d1d8b} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{6e4fada4-d0b3-4e2d-ae91-646a7ca0f311} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d69c5018-e03f-4cc4-9e6b-e798f70d72d5} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{60422bd5-70f0-4edf-9aef-3267c4db3770} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{731b8592-4001-46d4-b1a5-33ec792b4501} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{731b8682-4001-46d4-b1a5-33ec792b4501} (Backdoor.Bot) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\altcompare (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\instkey (Trojan.Vundo) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\cs41275 (Malware.Trace) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks\{6d794cb4-c7cd-4c6f-bfdc-9b77afbdc02c} (Trojan.Vundo.H) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\[system] (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\sms by jeko ianev (Worm.P2P) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\[system] (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\UUSEE (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\winlogon (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_USERS\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\[system] (Trojan.Agent) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Windows Updater (Backdoor.Bot) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: c:\windows\system32\drivers\services.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Trojan.Agent) -> Data: system32\drivers\services.exe -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.QHost) -> Data: c:\windows\system32\wowfx.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows\AppInit_DLLs (Trojan.QHost) -> Data: system32\wowfx.dll -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Userinit (Hijack.Userinit) -> Bad: (C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe) Good: (Userinit.exe) -> Quarantined and deleted successfully. Folders Infected: C:\WINDOWS\system32\append.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\xlib254.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Program Files\altcmd (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Stefan\Local Settings\Temporary Internet Files\{5617ECA9-488D-4BA2-8562-9710B9AB78D2} (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Stefan\Local Settings\Application Data\DoubleD (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\application data\DoubleD\JuicyAccess Toolbar (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\application data\DoubleD\juicyaccess toolbar\4.1.4.20920 (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\application data\DoubleD\juicyaccess toolbar\4.1.4.20920\bin (Adware.DoubleD) -> Quarantined and deleted successfully. Files Infected: C:\WINDOWS\system32\wvUkLFya.dll (Trojan.Vundo.H) -> Delete on reboot. C:\Program Files\altcmd\altcmd32.dll (Trojan.FakeAlert) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\application data\DoubleD\juicyaccess toolbar\4.1.4.20920\bin\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\Temp\tmp0000b381 (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\Temp\tmp0000d0bd (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\Temp\tmp0000ec44 (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\Temp\tmp0000f7ae (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\productinfo.dll (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Setup.exe (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\stbup.exe (Adware.DoubleD) -> Quarantined and deleted successfully. c:\program files\SopCast\codec\h264dec.ax (Backdoor.Bot) -> Quarantined and deleted successfully. c:\program files\SopCast\codec\mpeg2dmx.ax (Backdoor.Bot) -> Quarantined and deleted successfully. c:\WINDOWS\system32\awttqrSK.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\WINDOWS\system32\ddcYqrSI.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. c:\WINDOWS\system32\tuvwWnki.dll (Trojan.Vundo.H) -> Quarantined and deleted successfully. d:\system volume information\_restore{15668112-3435-4a8a-8049-61d8347a3d3f}\RP57\A0035632.exe (Trojan.Downloader) -> Quarantined and deleted successfully. c:\program files\altcmd\altcmd.inf (Trojan.Agent) -> Quarantined and deleted successfully. c:\program files\altcmd\uninstall.bat (Trojan.Agent) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully. c:\documents and settings\Stefan\local settings\temporary internet files\{5617eca9-488d-4ba2-8562-9710b9ab78d2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\WINDOWS\system32\drivers\services.exe (Trojan.Agent) -> Delete on reboot. C:\Documents and Settings\Stefan\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\Stefan\Start Menu\Programs\Startup\userinit.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\digest32.dll (Trojan.Agent) -> Quarantined and deleted successfully. C:\Documents and Settings\LocalService\svchost.exe (Trojan.Agent) -> Quarantined and deleted successfully. C:\WINDOWS\system32\wowfx.dll (Trojan.QHost) -> Quarantined and deleted successfully. c:\userinit.exe (Trojan.FakeAlert) -> Quarantined and deleted successfully. C:\WINDOWS\Temp\System.exe (Backdoor.Bot) -> Delete on reboot. C:\WINDOWS\system32\snapapi32.dll (Trojan.Agent) -> Quarantined and deleted successfully. ето и от HiJack Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:16:17 PM, on 8/1/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\HiJackThis\post.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll (file missing) O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbitdownloader\GrabPro.dll (file missing) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min O4 - HKLM\..\Run: [Windows System Update] C:\WINDOWS\TEMP\CSRSS.EXE O4 - HKLM\..\Run: [Language_Shortcut] C:\WINDOWS\TEMP\IEXPLORE.EXE O4 - HKLM\..\Run: [sYSTRAY_UPDATE] C:\WINDOWS\TEMP\systray.exe O4 - HKLM\..\Run: [RUNDLL32] C:\WINDOWS\TEMP\rundll32.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] D:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - Startup: Indigo Prophecy Registration.lnk = C:\WINDOWS\Installer\MSI1B17.tmp O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: FlexType 2K.lnk = C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe O4 - Global Startup: Orbit.lnk = D:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &С&валяне &с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &С&валяне на всички с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &С&валяне на всичкото видео с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe (file missing) -- End of file - 7362 bytes

  7. HiJackThis/Log :Оптимизация/Анализ/Ревю

    Luccas отговори в добавена от lost in тема в Сигурност и антивирусна защита
    Пускам си компютъра и нали зареди и преди да покаже Welcome започна да ми излиза някакъв Error Bad Image , как мога да го премахна и повече да не ми излиза,защото например отварям Firefox и ми изиза : ВИЖТЕ КАКВО Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 10:13:30 PM, on 7/31/2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\drivers\services.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\TEMP\System.exe C:\WINDOWS\system32\drivers\services.exe C:\Documents and Settings\LocalService\svchost.exe C:\Program Files\DAEMON Tools Lite\daemon.exe C:\WINDOWS\system32\ctfmon.exe C:\WINDOWS\system32\drivers\services.exe C:\Documents and Settings\Stefan\svchost.exe C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe C:\Documents and Settings\Stefan\Start Menu\Programs\Startup\userinit.exe C:\Program Files\Common Files\Teleca Shared\CapabilityManager.exe C:\Program Files\Common Files\Teleca Shared\Generic.exe C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\PnkBstrA.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\WINDOWS\system32\svchost.exe C:\HiJackThis\post.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.orbitdownloader.com R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} - (no file) F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe,C:\WINDOWS\system32\drivers\services.exe O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - D:\Program Files\Orbitdownloader\orbitcth.dll (file missing) O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll O2 - BHO: (no name) - {6D794CB4-C7CD-4c6f-BFDC-9B77AFBDC02C} - C:\WINDOWS\system32\wvUkLFya.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~1\Office12\GRA8E1~1.DLL O2 - BHO: qs Class - {8A555E0E-6240-DD93-198D-45F571D4FD9B} - C:\Program Files\altcmd\altcmd32.dll O3 - Toolbar: Grab Pro - {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - D:\Program Files\Orbitdownloader\GrabPro.dll (file missing) O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [sony Ericsson PC Suite] "C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions O4 - HKLM\..\Run: [unlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe" O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silent O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [uUSEE] "C:\Program Files\Common Files\uusee\UUSeeMediaCenter.exe" O4 - HKLM\..\Run: [FlashGet] "C:\Program Files\FlashGet Network\FlashGet universal\FlashGet.exe" /min O4 - HKLM\..\Run: [Windows System Update] C:\WINDOWS\TEMP\CSRSS.EXE O4 - HKLM\..\Run: [Windows Updater] C:\WINDOWS\TEMP\System.exe O4 - HKLM\..\Run: [Language_Shortcut] C:\WINDOWS\TEMP\IEXPLORE.EXE O4 - HKLM\..\Run: [sYSTRAY_UPDATE] C:\WINDOWS\TEMP\systray.exe O4 - HKLM\..\Run: [RUNDLL32] C:\WINDOWS\TEMP\rundll32.exe O4 - HKLM\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe O4 - HKLM\..\Run: [winlogon] C:\Documents and Settings\Stefan\svchost.exe O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun O4 - HKCU\..\Run: [bitComet] "C:\Program Files\BitComet\BitComet.exe" /tray O4 - HKCU\..\Run: [sMS by Jeko Ianev] C:\Program Files\sms\sms.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [uniblue RegistryBooster 2009] D:\Program Files\Uniblue\RegistryBooster\RegistryBooster.exe /S O4 - HKCU\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe O4 - HKCU\..\Run: [winlogon] C:\Documents and Settings\Stefan\svchost.exe O4 - HKUS\S-1-5-18\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe (User 'SYSTEM') O4 - HKUS\S-1-5-18\..\Run: [winlogon] C:\Documents and Settings\LocalService\svchost.exe (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [[system]] C:\WINDOWS\system32\drivers\services.exe (User 'Default user') O4 - Startup: Indigo Prophecy Registration.lnk = C:\WINDOWS\Installer\MSI1B17.tmp O4 - Startup: OneNote 2007 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE O4 - Startup: userinit.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: FlexType 2K.lnk = C:\Program Files\GRETECH\Datecs\FlexType 2K\FType2K.exe O4 - Global Startup: Orbit.lnk = D:\Program Files\Orbitdownloader\orbitdm.exe O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm O8 - Extra context menu item: &Download by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &С&валяне &с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &С&валяне на всички с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &С&валяне на всичкото видео с BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://D:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~1\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - AppInit_DLLs: C:\WINDOWS\system32\wowfx.dll O20 - Winlogon Notify: wvUkLFya - C:\WINDOWS\SYSTEM32\wvUkLFya.dll O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe O23 - Service: Task Scheduler (Schedule) - Unknown owner - C:\WINDOWS\system32\drivers\services.exe -- End of file - 9030 bytes

  8. Erorr Bad Image ПОМОЩ

    Luccas публикува тема в Програми - Проблеми и Дискусии
    Пускам си компютъра и нали зареди и преди да покаже Welcome започна да ми излиза някакъв Error Bad Image , как мога да го премахна и повече да не ми излиза,защото например отварям Firefox и ми изиза : ВИЖТЕ КАКВО

  9. Проблем с USB драйвърите

    Luccas отговори в добавена от Luccas тема в Windows
    Ъпдейт-нах windows-а (ХР) и взе,че го разпозна .. Благодаря все пак на тези,които се отзоваха

  10. Проблем с USB драйвърите

    Luccas публикува тема в Windows
    При опит да си свържа компютъра с GSM-а ми се получава следния проблем: Пробвах да ъпдейт-на драйвъра,но не се получи.Преинсталирах USB драйвърите отново не се получи. В Device status box исписва следния проблем: Пробвах какви ли не съвети от Troubleshoot нищо не се получи .. чакам ваши съвети как да се справя с проблема..

Разглеждащи това в момента 0

  • Няма регистрирани потребители разглеждащи тази страница.

Профил

Навигация

Търсене

Търсене

Конфигуриране на push известия в браузъра
Chrome (Android)
  1. Докоснете иконата на катинар до адресната лента.
  2. Докоснете Разрешения → Известия.
  3. Променете предпочитанията си.
Chrome (Desktop)
  1. Кликнете върху иконата на катинар в адресната лента.
  2. Изберете Настройки на сайта.
  3. Намерете Известия и коригирайте предпочитанията си.