Премини към съдържанието
  • Добре дошли!

    Добре дошли в нашите форуми, пълни с полезна информация. Имате проблем с компютъра или телефона си? Публикувайте нова тема и ще намерите решение на всичките си проблеми. Общувайте свободно и открийте безброй нови приятели.

    Моля, регистрирайте се за да публикувате тема и да получите пълен достъп до всички функции.

     

Препоръчан отговор


Добра новина..!;)Подгответе следните логове:

  • Изтеглете Malwarebytes' Anti-Malware Free от тук
  • Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.
  • Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.
  • Ако има намерени обновявания, тя ще ги изтегли и инсталира.
  • Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.
  • Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.
  • Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.
  • Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.
  • Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.
Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Следвайте следната инструкция за работа с DDS:

  • Изтеглете DDS: от bleepingcomputer.
  • След изтегляне на файла го запишете (бутон Save -> Save as) DDS на вашия десктоп, снимка:

    Публикувано изображение

  • След като изтеглите DDS на десктопа, иконката на програмата би трябвало да изглежда така: Публикувано изображение
  • Прекратете временно работата на всички скрипт блокиращи приложения, ако има такива или разрешете изпълнението на dds.scr. След това стартирайте DDS с двоен клик на иконката, като потвърдите с Run.
  • След приключване на работата на DDS копирайте с Copy текста от двата файлови лога, които ще се появят в Notepad: DDS.txt и Attach.txt и ги запазете (бутон Save -> Save as) на десктопа. После прикачете двата лога към следващия си коментар по темата (погледнете опцията "прикачени файлове", когато публикувате мнение).

ВАЖНО!

  • Спазвайте инструкциите по-горе в същата подредба, в която са написани.
  • След като сте генерирали по-горе поисканите лог файлове, моля да не правите промени по вашата система. Ако все пак се появи нов проблем или вие сте променяли настройки, деинсталирали сте програми или сте правили други промени, моля да генерирате нов лог файл от DDS по описаният по-горе начин. След което го публикувайте отново във вашата тема с информация за това какво сте променили.
Изтеглете ComboFix от тук или тук и го запазете на десктопа си.

  • Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.

Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs

  • Стартирайте Combo-Fix.com и следвайте инструкциите.

Бележка: ComboFix ще се стартира без инсталирана Recovery Console.

  • Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repair режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.

  • Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console. В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.

** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.

Публикувано изображение

След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:

Публикувано изображение

Изберете Yes, за да продължи сканирането за зловреден софтуер.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:\ComboFix.txt в следващия Ви коментар в тази тема.

Бележка:

  • Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа.
  • ComboFix ще нулира всички настройки на Microsoft Internet Explorer, включително да направи IE браузър по подразбиране.
  • ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразяват чрез autorun. Ако това е проблем за вас - моля, уведомете ме.
  • ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си.
  • В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:\BUG.txt в следващия Ви коментар в тази тема.

Работата на ComboFix, може да отнеме до 20-30 минути, за да завърши, моля имайте търпение.

Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

Линк към този отговор
Сподели в други сайтове

Malwarebytes' Anti-Malware 1.50.1.1100

www.malwarebytes.org

Database version: 6017

Windows 5.1.2600 Service Pack 2

Internet Explorer 7.0.5730.11

11.3.2011 г. 14:18:56

mbam-log-2011-03-11 (14-18-56).txt

Scan type: Full scan (C:\|D:\|E:\|F:\|)

Objects scanned: 208876

Time elapsed: 18 minute(s), 59 second(s)

Memory Processes Infected: 0

Memory Modules Infected: 0

Registry Keys Infected: 0

Registry Values Infected: 0

Registry Data Items Infected: 0

Folders Infected: 0

Files Infected: 0

Memory Processes Infected:

(No malicious items detected)

Memory Modules Infected:

(No malicious items detected)

Registry Keys Infected:

(No malicious items detected)

Registry Values Infected:

(No malicious items detected)

Registry Data Items Infected:

(No malicious items detected)

Folders Infected:

(No malicious items detected)

Files Infected:

(No malicious items detected)

---

Attach

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_11-03-05.01)

.

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 24.7.2010 г. 00:01:53

System Uptime: 11.3.2011 г. 13:44:17 (1 hours ago)

.

Motherboard: ASRock | | M3A770DE

Processor: AMD Athlon II X2 215 Processor | CPUSocket | 2693/200mhz

Processor: AMD Athlon II X2 215 Processor | CPUSocket | 2693/200mhz

.

==== Disk Partitions =========================

.

C: is FIXED (NTFS) - 49 GiB total, 33,652 GiB free.

D: is CDROM ()

E: is FIXED (NTFS) - 417 GiB total, 61,248 GiB free.

F: is CDROM ()

.

==== Disabled Device Manager Items =============

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Realtek RTL8168D(P)/8111D(P) PCI-E Gigabit Ethernet NIC

Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&463EB5A&0&0050

Manufacturer: Realtek Semiconductor Corp.

Name: Realtek RTL8168D(P)/8111D(P) PCI-E Gigabit Ethernet NIC

PNP Device ID: PCI\VEN_10EC&DEV_8168&SUBSYS_81681849&REV_03\4&463EB5A&0&0050

Service: RTLE8023xp

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Realtek RTL8139 Family PCI Fast Ethernet NIC

Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&2966AB86&0&30A4

Manufacturer: Realtek

Name: Realtek RTL8139 Family PCI Fast Ethernet NIC

PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&2966AB86&0&30A4

Service: rtl8139

.

Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}

Description: Bluetooth PAN Network Adapter

Device ID: ROOT\NET\0000

Manufacturer: IVT Corporation

Name: Bluetooth PAN Network Adapter

PNP Device ID: ROOT\NET\0000

Service: BT

.

==== System Restore Points ===================

.

RP1: 09.3.2011 г. 13:08:53 - System Checkpoint

RP2: 10.3.2011 г. 23:44:50 - Software Distribution Service 3.0

RP3: 11.3.2011 г. 13:20:54 - Software Distribution Service 3.0

.

==== Installed Programs ======================

.

32 Bit HP CIO Components Installer

Adobe Acrobat 6.0 Professional

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

AMD Processor Driver

BitComet 0.89

Bluesoleil2.7.0.8 VoIP Release 070930

BS.Player FREE

CCleaner

Counter-Strike 1.6

DFX for Winamp

EDIMAX Edimax Wireless LAN

ESET NOD32 Antivirus

EVEREST Ultimate Edition v5.50

FlexType 2K

FormatFactory 2.60

Fraps (remove only)

Garena 2010

GTA San Andreas

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB981793)

HP Photosmart C5300 All-In-One Driver 12.0 Rel .4

Java Auto Updater

Java 6 Update 20

K-Lite Mega Codec Pack 3.4.0

Koral English Dictionary 2.0

Left 4 Dead 2 Standalone Patch™

Malwarebytes' Anti-Malware

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Office Professional Edition 2003

Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148

Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.15)

Mp3 Knife 3.2

MSXML 4.0 SP2 (KB954430)

MSXML 4.0 SP2 (KB973688)

MSXML 6 Service Pack 2 (KB973686)

NVIDIA Display Control Panel

NVIDIA Drivers

NVIDIA nView Desktop Manager

NVIDIA PhysX

Platform

PS_AIO_04_C5300_Software_Min

RealPlayer

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Scan

Secunia PSI (2.0.0.3001)

Security Update for Windows Internet Explorer 7 (KB938127-v2)

Security Update for Windows Internet Explorer 7 (KB982381)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player (KB978695)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows XP (KB2229593)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956744)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB971032)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975562)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978542)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979482)

Security Update for Windows XP (KB979559)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980195)

Security Update for Windows XP (KB980218)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981349)

SkypeLauncher

Skype™ 3.6

Software Update for Web Folders

SVD

Toolbox

Update for Windows XP (KB955759)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

VIA ї»ї

VirtualDub MPEG2 1.6.11

Warcraft III: All Products

Winamp

Windows Imaging Component

Windows Uptime 1.6

WinPcap 3.1

WinRAR archiver

XviD MPEG-4 Video Codec

ZD Soft Screen Video Decoder

µTorrent

.

==== Event Viewer Messages From Past Week ========

.

11.3.2011 і. 13:44:40, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

11.3.2011 і. 13:19:21, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

09.3.2011 і. 13:08:50, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 21:53:56, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 21:47:54, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 21:17:07, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 21:10:45, error: System Error [1003] - Error code 10000050, parameter1 b8459c42, parameter2 00000008, parameter3 80540b64, parameter4 00000000.

08.3.2011 і. 21:10:36, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 20:45:30, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 20:08:25, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 19:14:26, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 17:20:14, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume.

08.3.2011 і. 17:20:00, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

08.3.2011 і. 15:25:58, error: System Error [1003] - Error code 10000050, parameter1 9f254584, parameter2 00000000, parameter3 9f5fc616, parameter4 00000000.

08.3.2011 і. 15:25:15, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

08.3.2011 і. 15:25:15, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

07.3.2011 і. 15:45:47, error: Service Control Manager [7000] - The SSDP Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.

07.3.2011 і. 15:45:46, error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: Access is denied. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

07.3.2011 і. 15:44:58, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

07.3.2011 і. 15:44:58, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

07.3.2011 і. 14:47:36, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

07.3.2011 і. 14:47:36, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

06.3.2011 і. 20:47:15, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

06.3.2011 і. 20:47:15, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

06.3.2011 і. 20:45:45, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

06.3.2011 і. 20:45:45, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

06.3.2011 і. 20:43:15, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

06.3.2011 і. 20:43:15, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

06.3.2011 і. 13:18:57, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

06.3.2011 і. 13:18:57, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

05.3.2011 і. 15:18:26, error: System Error [1003] - Error code 10000050, parameter1 9e828584, parameter2 00000000, parameter3 a0680616, parameter4 00000000.

05.3.2011 і. 15:18:00, error: Service Control Manager [7038] - The SSDPSRV service was unable to log on as NT AUTHORITY\LocalService with the currently configured password due to the following error: Access is denied. To ensure that the service is configured properly, use the Services snap-in in Microsoft Management Console (MMC).

05.3.2011 і. 15:18:00, error: Service Control Manager [7000] - The SSDP Discovery Service service failed to start due to the following error: The service did not start due to a logon failure.

05.3.2011 і. 15:17:54, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

05.3.2011 і. 15:17:54, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

05.3.2011 і. 15:13:37, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

05.3.2011 і. 15:13:37, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

05.3.2011 і. 00:14:08, error: WPDMTPDriver [15300] - MTP WPD Driver has failed to start. Error 0x80070005.

04.3.2011 і. 10:27:55, error: Service Control Manager [7023] - The SSHNAS service terminated with the following error: The specified module could not be found.

04.3.2011 і. 10:27:55, error: Service Control Manager [7000] - The Diablo II Close Game Server service failed to start due to the following error: The system cannot find the file specified.

.

==== End Of File ===========================

----

DDS

.

DDS (Ver_11-03-05.01) - NTFSx86

Run by CM STORM at 14:21:42,51 on 11.03.2011 Ј.

Internet Explorer: 7.0.5730.11 BrowserJavaVersion: 1.6.0_20

Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.927 [GMT 2:00]

.

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

.

============== Running Processes ===============

.

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup

svchost.exe

svchost.exe

C:\WINDOWS\system32\spoolsv.exe

svchost.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\WINDOWS\System32\svchost.exe -k HPZ12

C:\Program Files\Secunia\PSI\PSIA.exe

C:\Program Files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\Secunia\PSI\sua.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\Program Files\DAEMON Tools Lite\DTLite.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Adobe\Acrobat 6.0\Distillr\acrotray.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\WINDOWS\Datecs\Flex2K.exe

C:\Program Files\Secunia\PSI\psi_tray.exe

C:\Program Files\Windows Uptime\Windows Uptime.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil VoIP Plugin.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Webteh\BSplayer\bsplayer.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Documents and Settings\CM STORM\Desktop\dds.scr

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://bksly.startya.com/?cfg=2-564-0-0&engine_id=3&provider_id=3&product_id=564&country=BG

mStart Page = hxxp://www.bigseekpro.com/mediaget/{EE347621-0F28-4E82-AF9B-738DBDA781EE}

uInternet Settings,ProxyOverride = *.local

BHO: AcroIEHlprObj Class: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\adobe\acrobat 6.0\acrobat\activex\AcroIEHelper.dll

BHO: BitComet Helper: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - c:\program files\bitcomet\tools\BitCometBHO_1.1.5.19.dll

BHO: AcroIEToolbarHelper Class: {ae7cd045-e861-484f-8273-0445ee161910} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

BHO: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

TB: Adobe PDF: {47833539-d0c5-4125-9fa8-0819e2eaac93} - c:\program files\adobe\acrobat 6.0\acrobat\AcroIEFavClient.dll

TB: BS Player Toolbar: {fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\bs_player\tbBS_P.dll

TB: {32099AAC-C132-4136-9E9A-4E364A424E17} - No File

TB: {D4027C7F-154A-4066-A1AD-4243D8127440} - No File

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "c:\program files\common files\ahead\lib\NMBgMonitor.exe"

uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe

mRun: [HDAudDeck] c:\program files\via\viaudioi\hdadeck\HDeck.exe 1

mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit

mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup

mRun: [ZSSnp211] c:\windows\ZSSnp211.exe

mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe"

mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet

mRun: [Domino] c:\windows\Domino.exe

mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot

mRunOnce: [Malwarebytes' Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32

dRunOnce: [iE7-11] rundll32 advpack.dll,LaunchINFSection NR_IE7en.inf,AfterUserStart

StartupFolder: c:\docume~1\cmstor~1\startm~1\programs\startup\window~1.lnk - c:\program files\windows uptime\Windows Uptime.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\acroba~1.lnk - c:\program files\adobe\acrobat 6.0\distillr\acrotray.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\blueso~1.lnk - c:\program files\ivt corporation\bluesoleil\BlueSoleil.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\flexty~1.lnk - c:\windows\datecs\Flex2K.exe

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\secuni~1.lnk - c:\program files\secunia\psi\psi_tray.exe

IE: Download all links using BitComet - c:\program files\bitcomet\BitComet.exe/AddAllLink.htm

IE: Download all videos using BitComet - c:\program files\bitcomet\BitComet.exe/AddVideo.htm

IE: Download link using &BitComet - c:\program files\bitcomet\BitComet.exe/AddLink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_20-windows-i586.cab

DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\docume~1\cmstor~1\applic~1\mozilla\firefox\profiles\meqro65v.default\

FF - prefs.js: browser.startup.homepage - hxxp://bksly.startya.com/?cfg=2-564-0-0&engine_id=3&provider_id=3&product_id=564&country=BG

FF - prefs.js: keyword.URL - hxxp://bksly.startya.com/s/?src=FF-Address&site=Yahoo!&cfg=2-564-0-0&q=

FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Quick Starter: [email protected] - c:\program files\java\jre6\lib\deploy\jqs\ff

FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}

FF - Ext: Bulgarian Dictionary: [email protected] - %profile%\extensions\[email protected]

.

============= SERVICES / DRIVERS ===============

.

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [2009-9-11 108792]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [2009-9-11 96408]

R2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2009-9-11 735960]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\secunia\psi\psia.exe [2011-1-10 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\secunia\psi\sua.exe [2011-1-10 399416]

R2 Start BT in service;Start BT in service;c:\program files\ivt corporation\bluesoleil\StartSkysolSvc.exe [2007-9-30 51816]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [2010-9-1 15544]

R3 rt2870;Ralink 802.11n USB Wireless LAN Card Driver;c:\windows\system32\drivers\rt2870.sys [2010-7-24 619136]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [2010-7-24 993280]

S2 D2GS;Diablo II Close Game Server;e:\download firefox\d2gs-109c(3)\d2gssvc.exe --> e:\download firefox\d2gs-109c(3)\D2GSSVC.exe [?]

S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\cmstor~1\locals~1\temp\ppv1849.tmp --> c:\docume~1\cmstor~1\locals~1\temp\PPV1849.tmp [?]

S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena\safedrv.sys --> c:\program files\garena\safedrv.sys [?]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2005-8-2 32512]

S3 scrcap;scrcap;c:\windows\system32\drivers\scrcap.sys --> c:\windows\system32\drivers\scrcap.sys [?]

S3 vvftav211;vvftav211;c:\windows\system32\drivers\vvftav211.sys --> c:\windows\system32\drivers\vvftav211.sys [?]

S3 ZSMC30x;USB PC Camera Service ZSMC30x;c:\windows\system32\drivers\zs211.sys --> c:\windows\system32\drivers\ZS211.sys [?]

.

=============== Created Last 30 ================

.

2011-03-11 11:29:28 -------- d-----w- c:\windows\system32\CatRoot_bak

2011-03-11 11:25:08 -------- d-----w- c:\windows\system32\KB905474

2011-03-11 11:22:58 -------- d-----w- c:\windows\ServicePackFiles

2011-03-11 11:21:46 -------- d-----w- c:\program files\MSXML 6.0

2011-03-10 21:52:28 221184 ----a-w- c:\windows\system32\wmpns.dll

2011-03-10 21:45:26 -------- d-----w- c:\program files\MSXML 4.0

2011-03-10 21:44:54 -------- d--h--w- c:\windows\$hf_mig$

2011-03-10 12:19:58 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-03-10 12:19:58 272128 ------w- c:\windows\system32\drivers\bthport.sys

2011-03-10 12:19:29 457216 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2011-03-10 12:19:11 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-03-10 12:19:11 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-03-10 12:19:10 63488 -c----w- c:\windows\system32\dllcache\icardie.dll

2011-03-10 12:19:10 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-03-10 12:19:10 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll

2011-03-10 12:19:10 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe

2011-03-10 12:19:09 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat

2011-03-10 12:19:06 6071296 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-03-10 12:18:35 53248 -c----w- c:\windows\system32\dllcache\tsgqec.dll

2011-03-10 12:18:35 290816 -c----w- c:\windows\system32\dllcache\rhttpaa.dll

2011-03-10 12:18:34 136192 -c----w- c:\windows\system32\dllcache\aaclient.dll

2011-03-10 12:18:23 2143744 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2011-03-10 12:18:22 2186880 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2011-03-10 12:18:21 2021888 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2011-03-10 12:18:20 2063744 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2011-03-10 12:17:20 293376 ------w- c:\windows\system32\browserchoice.exe

2011-03-10 12:08:56 274288 ----a-w- c:\windows\system32\mucltui.dll

2011-03-10 12:08:56 16736 ----a-w- c:\windows\system32\mucltui.dll.mui

2011-03-10 12:08:50 21728 ----a-w- c:\windows\system32\wucltui.dll.mui

2011-03-10 12:08:50 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui

2011-03-10 12:08:50 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2011-03-10 12:08:50 15064 ----a-w- c:\windows\system32\wuapi.dll.mui

2011-03-10 12:08:50 -------- d-----w- c:\windows\system32\SoftwareDistribution

2011-03-08 19:08:42 -------- d-sha-r- C:\cmdcons

2011-03-08 14:51:00 -------- d-----w- c:\docume~1\cmstor~1\applic~1\Malwarebytes

2011-03-08 14:50:51 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-08 14:50:51 -------- d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2011-03-08 14:50:48 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-08 14:50:48 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-03-06 19:38:43 -------- d-----w- c:\program files\SkypeLauncher

2011-03-03 22:30:09 8192 ----a-w- c:\program files\mozilla firefox\plugins\nprjplug.dll

2011-03-03 22:30:07 -------- d-----w- c:\program files\common files\xing shared

2011-03-03 22:30:03 144984 ----a-w- c:\program files\mozilla firefox\plugins\nppl3260.dll

2011-03-03 22:30:00 94208 ----a-w- c:\program files\mozilla firefox\plugins\nprpjplug.dll

2011-03-03 22:29:59 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-03-03 22:29:59 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-03-03 22:28:44 569397 ----a-w- c:\program files\internet explorer\plugins\richfx\player\nprfxins.dll

2011-03-03 22:24:56 -------- d-----w- c:\program files\common files\Real

2011-03-03 22:11:42 -------- d-----w- c:\program files\FormatFactory

2011-03-03 21:54:24 -------- d-----w- c:\program files\VirtualDub MPEG2 1.6.11

2011-03-03 15:55:45 2829 ----a-w- c:\windows\War3Unin.pif

2011-03-03 15:55:44 139264 ----a-w- c:\windows\War3Unin.exe

2011-03-03 14:00:12 -------- d-----w- c:\docume~1\cmstor~1\locals~1\applic~1\Secunia PSI

2011-03-03 14:00:03 -------- d-----w- c:\program files\Secunia

2011-03-03 08:35:05 -------- d-----w- c:\program files\CCleaner

2011-03-02 19:38:51 -------- d-----w- c:\program files\Wise Disk Cleaner

2011-03-02 19:16:37 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys

2011-03-02 19:16:37 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2011-03-02 19:16:37 129520 ------w- c:\windows\system32\pxafs.dll

2011-03-02 18:23:42 -------- d-----w- c:\docume~1\cmstor~1\locals~1\applic~1\DFX

2011-03-02 18:22:31 -------- d-----w- c:\docume~1\alluse~1\applic~1\DFX

2011-03-02 18:22:28 -------- d-----w- c:\program files\common files\DFX

2011-03-02 17:04:59 303236 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\setup.dll

2011-03-02 17:04:59 180356 ----a-w- c:\program files\common files\installshield\professional\runtime\10\00\intel32\iGdi.dll

2011-03-02 15:54:07 -------- d-----w- c:\program files\Windows Uptime

2011-02-22 15:40:31 -------- d-----w- c:\program files\Garena

2011-02-19 20:39:07 69715 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\ctor.dll

2011-02-19 20:39:07 5632 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\DotNetInstaller.exe

2011-02-19 20:39:07 274432 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iscript.dll

2011-02-19 20:39:07 180224 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iuser.dll

2011-02-19 20:39:06 749568 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iKernel.dll

2011-02-19 20:39:04 192644 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\iGdi.dll

2011-02-19 20:39:03 323716 ----a-w- c:\program files\common files\installshield\professional\runtime\10\50\intel32\setup.dll

2011-02-12 21:17:58 -------- d-----w- c:\program files\uTorrent

2011-02-12 18:28:48 152848 ----a-w- c:\windows\system32\comdlg32.ocx

2011-02-12 18:28:48 1386496 ----a-w- c:\windows\system32\msvbvm60.dll

2011-02-12 18:28:48 -------- d-----w- c:\program files\Mp3 Knife

.

==================== Find3M ====================

.

2011-02-19 20:46:09 98304 ----a-w- c:\windows\system32\CmdLineExt.dll

2011-01-19 16:19:36 232968 ----a-w- c:\windows\system32\nvdrsdb0.bin

2011-01-19 16:19:36 1 ----a-w- c:\windows\system32\nvdrssel.bin

2011-01-15 14:23:36 21840 ----atw- c:\windows\system32\SIntfNT.dll

2011-01-15 14:23:36 17212 ----atw- c:\windows\system32\SIntf32.dll

2011-01-15 14:23:36 12067 ----atw- c:\windows\system32\SIntf16.dll

.

============= FINISH: 14:22:16,79 ===============

----

Това е лога от ComboFix

ComboFix 11-03-10.03 - CM STORM 03.2011 г. 14:29:33.3.2 - x86

Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.2047.1154 [GMT 2:00]

Running from: e:\download firefox\ComboFix.exe

AV: ESET NOD32 Antivirus 4.0 *Enabled/Updated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

* Resident AV is active

.

.

.

((((((((((((((((((((((((( Files Created from 2011-02-11 to 2011-03-11 )))))))))))))))))))))))))))))))

.

.

2011-03-11 11:29 . 2011-03-11 11:39 -------- d-----w- c:\windows\system32\CatRoot_bak

2011-03-11 11:25 . 2011-03-11 11:25 -------- d-----w- c:\windows\system32\KB905474

2011-03-11 11:22 . 2011-03-11 11:22 -------- d-----w- c:\windows\ServicePackFiles

2011-03-11 11:21 . 2011-03-11 11:21 -------- d-----w- c:\program files\MSXML 6.0

2011-03-10 21:52 . 2004-08-03 23:56 221184 ----a-w- c:\windows\system32\wmpns.dll

2011-03-10 21:45 . 2011-03-10 21:45 -------- d-----w- c:\program files\MSXML 4.0

2011-03-10 21:44 . 2011-03-11 11:28 -------- d--h--w- c:\windows\$hf_mig$

2011-03-10 12:19 . 2008-06-13 13:10 272128 -c----w- c:\windows\system32\dllcache\bthport.sys

2011-03-10 12:19 . 2008-06-13 13:10 272128 ------w- c:\windows\system32\drivers\bthport.sys

2011-03-10 12:19 . 2010-02-24 12:48 457216 -c----w- c:\windows\system32\dllcache\mrxsmb.sys

2011-03-10 12:19 . 2010-05-04 17:20 459264 -c----w- c:\windows\system32\dllcache\msfeeds.dll

2011-03-10 12:19 . 2010-05-04 17:20 268288 -c----w- c:\windows\system32\dllcache\iertutil.dll

2011-03-10 12:19 . 2010-05-04 17:20 52224 -c----w- c:\windows\system32\dllcache\msfeedsbs.dll

2011-03-10 12:19 . 2010-05-04 17:20 63488 -c----w- c:\windows\system32\dllcache\icardie.dll

2011-03-10 12:19 . 2010-05-04 17:20 380928 -c----w- c:\windows\system32\dllcache\ieapfltr.dll

2011-03-10 12:19 . 2010-04-16 13:20 13824 -c----w- c:\windows\system32\dllcache\ieudinit.exe

2011-03-10 12:19 . 2010-02-22 22:04 2452872 -c----w- c:\windows\system32\dllcache\ieapfltr.dat

2011-03-10 12:19 . 2010-05-04 17:20 6071296 -c----w- c:\windows\system32\dllcache\ieframe.dll

2011-03-10 12:18 . 2009-06-09 14:53 53248 -c----w- c:\windows\system32\dllcache\tsgqec.dll

2011-03-10 12:18 . 2009-06-09 14:53 290816 -c----w- c:\windows\system32\dllcache\rhttpaa.dll

2011-03-10 12:18 . 2009-06-09 14:53 136192 -c----w- c:\windows\system32\dllcache\aaclient.dll

2011-03-10 12:18 . 2010-02-16 17:35 2143744 -c----w- c:\windows\system32\dllcache\ntkrnlmp.exe

2011-03-10 12:18 . 2010-02-16 17:37 2186880 -c----w- c:\windows\system32\dllcache\ntoskrnl.exe

2011-03-10 12:18 . 2010-02-16 16:57 2021888 -c----w- c:\windows\system32\dllcache\ntkrpamp.exe

2011-03-10 12:18 . 2010-02-17 09:57 2063744 -c----w- c:\windows\system32\dllcache\ntkrnlpa.exe

2011-03-10 12:17 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe

2011-03-10 12:08 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll

2011-03-10 12:08 . 2009-08-06 17:24 21728 ----a-w- c:\windows\system32\wucltui.dll.mui

2011-03-10 12:08 . 2009-08-06 17:24 15072 ----a-w- c:\windows\system32\wuaucpl.cpl.mui

2011-03-10 12:08 . 2009-08-06 17:24 15064 ----a-w- c:\windows\system32\wuapi.dll.mui

2011-03-10 12:08 . 2009-08-06 17:24 17632 ----a-w- c:\windows\system32\wuaueng.dll.mui

2011-03-08 14:51 . 2011-03-08 14:51 -------- d-----w- c:\documents and settings\CM STORM\Application Data\Malwarebytes

2011-03-08 14:50 . 2011-03-08 14:50 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes

2011-03-08 14:50 . 2010-12-20 16:09 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2011-03-08 14:50 . 2011-03-11 11:59 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2011-03-08 14:50 . 2010-12-20 16:08 20952 ----a-w- c:\windows\system32\drivers\mbam.sys

2011-03-06 19:38 . 2011-03-06 19:38 -------- d-----w- c:\program files\SkypeLauncher

2011-03-03 22:30 . 2011-03-03 22:30 -------- d-----w- c:\program files\Common Files\xing shared

2011-03-03 22:29 . 2011-03-03 22:29 499712 ----a-w- c:\windows\system32\msvcp71.dll

2011-03-03 22:29 . 2011-03-03 22:29 348160 ----a-w- c:\windows\system32\msvcr71.dll

2011-03-03 22:29 . 2011-03-03 22:29 -------- d-----w- c:\program files\Real

2011-03-03 22:28 . 2011-03-03 22:28 569397 ----a-w- c:\program files\Internet Explorer\PLUGINS\RichFX\Player\nprfxins.dll

2011-03-03 22:24 . 2011-03-03 22:30 -------- d-----w- c:\program files\Common Files\Real

2011-03-03 22:11 . 2011-03-03 22:12 -------- d-----w- c:\program files\FormatFactory

2011-03-03 21:54 . 2011-03-03 21:54 -------- d-----w- c:\program files\VirtualDub MPEG2 1.6.11

2011-03-03 15:55 . 2011-03-03 16:00 2829 ----a-w- c:\windows\War3Unin.pif

2011-03-03 15:55 . 2011-03-03 16:00 139264 ----a-w- c:\windows\War3Unin.exe

2011-03-03 14:00 . 2011-03-03 14:00 -------- d-----w- c:\documents and settings\CM STORM\Local Settings\Application Data\Secunia PSI

2011-03-03 14:00 . 2011-03-03 14:00 -------- d-----w- c:\program files\Secunia

2011-03-03 08:35 . 2011-03-03 08:35 -------- d-----w- c:\program files\CCleaner

2011-03-02 19:54 . 2011-03-08 18:57 -------- d-----w- c:\documents and settings\CM STORM\Application Data\Winamp

2011-03-02 19:54 . 2011-03-02 19:56 -------- d-----w- c:\program files\Winamp

2011-03-02 19:38 . 2011-03-07 13:46 -------- d-----w- c:\program files\Wise Disk Cleaner

2011-03-02 19:16 . 2009-04-28 20:20 129520 ------w- c:\windows\system32\pxafs.dll

2011-03-02 19:16 . 2007-03-07 23:51 9464 ------w- c:\windows\system32\drivers\cdralw2k.sys

2011-03-02 19:16 . 2007-03-07 23:51 9336 ------w- c:\windows\system32\drivers\cdr4_xp.sys

2011-03-02 18:23 . 2011-03-02 18:23 -------- d-----w- c:\documents and settings\CM STORM\Local Settings\Application Data\DFX

2011-03-02 18:22 . 2011-03-02 18:24 -------- d-----w- c:\documents and settings\All Users\Application Data\DFX

2011-03-02 18:22 . 2011-03-02 18:22 -------- d-----w- c:\documents and settings\SUPPORT_388945a0

2011-03-02 18:22 . 2011-03-02 18:22 -------- d-----w- c:\documents and settings\HelpAssistant

2011-03-02 18:22 . 2011-03-02 18:22 -------- d-----w- c:\documents and settings\Guest

2011-03-02 18:22 . 2011-03-02 18:22 -------- d-----w- c:\documents and settings\Administrator

2011-03-02 18:22 . 2011-03-02 18:22 -------- d-----w- c:\program files\Common Files\DFX

2011-03-02 17:04 . 2011-03-02 17:04 303236 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\setup.dll

2011-03-02 17:04 . 2011-03-02 17:04 180356 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\00\Intel32\iGdi.dll

2011-03-02 16:40 . 2011-03-02 16:40 -------- d-----w- c:\documents and settings\CM STORM\Application Data\Leadertech

2011-03-02 15:54 . 2011-03-02 15:54 -------- d-----w- c:\program files\Windows Uptime

2011-02-22 15:40 . 2011-03-10 15:52 -------- d-----w- c:\program files\Garena

2011-02-19 20:39 . 2004-10-22 00:17 69715 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\ctor.dll

2011-02-19 20:39 . 2004-10-22 00:17 274432 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iscript.dll

2011-02-19 20:39 . 2004-10-22 00:16 180224 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iuser.dll

2011-02-19 20:39 . 2004-10-22 00:16 5632 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\DotNetInstaller.exe

2011-02-19 20:39 . 2004-10-22 00:18 749568 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iKernel.dll

2011-02-19 20:39 . 2011-02-19 20:39 192644 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\iGdi.dll

2011-02-19 20:39 . 2011-02-19 20:39 323716 ----a-w- c:\program files\Common Files\InstallShield\Professional\RunTime\10\50\Intel32\setup.dll

2011-02-13 10:29 . 2011-02-13 10:29 -------- d-----w- c:\documents and settings\All Users\Application Data\FLEXnet

2011-02-12 21:17 . 2011-02-12 21:17 -------- d-----w- c:\program files\uTorrent

2011-02-12 18:28 . 2011-02-12 18:28 -------- d-----w- c:\program files\Mp3 Knife

2011-02-12 18:28 . 2004-04-12 15:27 152848 ----a-w- c:\windows\system32\comdlg32.ocx

2011-02-12 18:28 . 2004-04-12 15:27 1386496 ----a-w- c:\windows\system32\msvbvm60.dll

.

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2011-02-19 20:46 . 2010-10-26 19:54 98304 ----a-w- c:\windows\system32\CmdLineExt.dll

2011-01-15 14:23 . 2010-12-20 17:14 21840 ----atw- c:\windows\system32\SIntfNT.dll

2011-01-15 14:23 . 2010-12-20 17:14 17212 ----atw- c:\windows\system32\SIntf32.dll

2011-01-15 14:23 . 2010-12-20 17:14 12067 ----atw- c:\windows\system32\SIntf16.dll

.

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"DAEMON Tools Lite"="c:\program files\DAEMON Tools Lite\DTLite.exe" [2009-10-30 369200]

"Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-02-01 21898024]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"HDAudDeck"="c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe" [2009-01-09 33570816]

"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2010-07-09 110696]

"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2010-07-09 13923432]

"SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2010-02-18 248040]

"nwiz"="c:\program files\NVIDIA Corporation\nView\nwiz.exe" [2010-07-07 1746432]

"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2011-03-03 185896]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]

"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2004-08-03 15360]

.

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]

"ShowDeskFix"="shell32" [X]

"IE7-11"="advpack.dll" [2010-05-04 124928]

.

c:\documents and settings\CM STORM\Start Menu\Programs\Startup\

Windows Uptime.lnk - c:\program files\Windows Uptime\Windows Uptime.exe [2002-12-23 159232]

.

c:\documents and settings\All Users\Start Menu\Programs\Startup\

Acrobat Assistant.lnk - c:\program files\Adobe\Acrobat 6.0\Distillr\acrotray.exe [2003-5-15 217193]

BlueSoleil.lnk - c:\program files\IVT Corporation\BlueSoleil\BlueSoleil.exe [2007-9-30 691720]

FlexType 2K.lnk - c:\windows\Datecs\Flex2K.exe [2010-7-24 151552]

Secunia PSI Tray.lnk - c:\program files\Secunia\PSI\psi_tray.exe [2011-1-10 291896]

.

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\egui]

2009-09-11 04:23 2054360 ----a-w- c:\program files\ESET\ESET NOD32 Antivirus\egui.exe

.

[HKEY_LOCAL_MACHINE\software\microsoft\security center]

"AntiVirusOverride"=dword:00000001

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]

"EnableFirewall"= 0 (0x0)

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]

"%windir%\\Network Diagnostic\\xpnetdiag.exe"=

"%windir%\\system32\\sessmgr.exe"=

"c:\\Program Files\\BitComet\\BitComet.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfcCopy.exe"=

"c:\\Program Files\\HP\\Digital Imaging\\bin\\hpiscnapp.exe"=

"c:\\Program Files\\IVT Corporation\\BlueSoleil\\BlueSoleil.exe"=

"c:\\Program Files\\VIA\\VIAudioi\\HDADeck\\HDeck.exe"=

"e:\\Game\\Warcraft III\\war3.exe"=

"c:\\Program Files\\Garena\\Garena.exe"=

"c:\\WINDOWS\\system32\\dpvsetup.exe"=

"c:\\Program Files\\Java\\jre6\\bin\\java.exe"=

"c:\\Program Files\\Webteh\\BSplayer\\bsplayer.exe"=

"c:\\Program Files\\uTorrent\\uTorrent.exe"=

"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]

"26449:TCP"= 26449:TCP:BitComet 26449 TCP

"26449:UDP"= 26449:UDP:BitComet 26449 UDP

.

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings]

"AllowInboundEchoRequest"= 1 (0x1)

.

R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [24.9.2010 і. 21:34 691696]

R1 ehdrv;ehdrv;c:\windows\system32\drivers\ehdrv.sys [11.9.2009 і. 06:23 108792]

R1 epfwtdir;epfwtdir;c:\windows\system32\drivers\epfwtdir.sys [11.9.2009 і. 06:26 96408]

R2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [11.9.2009 і. 06:24 735960]

R2 Secunia PSI Agent;Secunia PSI Agent;c:\program files\Secunia\PSI\psia.exe [10.1.2011 і. 16:24 993848]

R2 Secunia Update Agent;Secunia Update Agent;c:\program files\Secunia\PSI\sua.exe [10.1.2011 і. 16:24 399416]

R2 Start BT in service;Start BT in service;c:\program files\IVT Corporation\BlueSoleil\StartSkysolSvc.exe [30.9.2007 і. 08:16 51816]

R3 PSI;PSI;c:\windows\system32\drivers\psi_mf.sys [01.9.2010 і. 10:30 15544]

R3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys [24.7.2010 і. 11:25 993280]

S2 D2GS;Diablo II Close Game Server;e:\download firefox\D2GS-109c(3)\D2GSSVC.exe --> e:\download firefox\D2GS-109c(3)\D2GSSVC.exe [?]

S3 GarenaPEngine;GarenaPEngine;\??\c:\docume~1\CMSTOR~1\LOCALS~1\Temp\PPV1849.tmp --> c:\docume~1\CMSTOR~1\LOCALS~1\Temp\PPV1849.tmp [?]

S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\Garena\safedrv.sys --> c:\program files\Garena\safedrv.sys [?]

S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [02.8.2005 і. 23:10 32512]

S3 scrcap;scrcap;c:\windows\system32\DRIVERS\scrcap.sys --> c:\windows\system32\DRIVERS\scrcap.sys [?]

S3 vvftav211;vvftav211;c:\windows\system32\drivers\vvftav211.sys --> c:\windows\system32\drivers\vvftav211.sys [?]

S3 ZSMC30x;USB PC Camera Service ZSMC30x;c:\windows\system32\Drivers\ZS211.sys --> c:\windows\system32\Drivers\ZS211.sys [?]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]

HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12

.

Contents of the 'Scheduled Tasks' folder

.

2011-03-11 c:\windows\Tasks\WGASetup.job

- c:\windows\system32\KB905474\wgasetup.exe [2011-03-11 20:18]

.

.

------- Supplementary Scan -------

.

uStart Page = hxxp://bksly.startya.com/?cfg=2-564-0-0&engine_id=3&provider_id=3&product_id=564&country=BG

mStart Page = hxxp://www.bigseekpro.com/mediaget/{EE347621-0F28-4E82-AF9B-738DBDA781EE}

uInternet Settings,ProxyOverride = *.local

IE: Download all links using BitComet - c:\program files\BitComet\BitComet.exe/AddAllLink.htm

IE: Download all videos using BitComet - c:\program files\BitComet\BitComet.exe/AddVideo.htm

IE: Download link using &BitComet - c:\program files\BitComet\BitComet.exe/AddLink.htm

IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.html

FF - ProfilePath - c:\documents and settings\CM STORM\Application Data\Mozilla\Firefox\Profiles\meqro65v.default\

FF - prefs.js: browser.startup.homepage - hxxp://bksly.startya.com/?cfg=2-564-0-0&engine_id=3&provider_id=3&product_id=564&country=BG

FF - prefs.js: keyword.URL - hxxp://bksly.startya.com/s/?src=FF-Address&site=Yahoo!&cfg=2-564-0-0&q=

FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

FF - Ext: Java Quick Starter: [email protected] - c:\program files\Java\jre6\lib\deploy\jqs\ff

FF - Ext: Aquatint Black: {7694c49c-9fbd-11dc-8314-0800200c9a66} - %profile%\extensions\{7694c49c-9fbd-11dc-8314-0800200c9a66}

FF - Ext: Bulgarian Dictionary: [email protected] - %profile%\extensions\[email protected]

.

- - - - ORPHANS REMOVED - - - -

.

BHO-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\BS_Player\tbBS_P.dll

Toolbar-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\BS_Player\tbBS_P.dll

WebBrowser-{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5} - c:\program files\BS_Player\tbBS_P.dll

WebBrowser-{D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)

HKCU-Run-BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA} - c:\program files\Common Files\Ahead\lib\NMBgMonitor.exe

HKLM-Run-ZSSnp211 - c:\windows\ZSSnp211.exe

HKLM-Run-Domino - c:\windows\Domino.exe

.

.

.

**************************************************************************

.

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net

Rootkit scan 2011-03-11 14:31

Windows 5.1.2600 Service Pack 2 NTFS

.

scanning hidden processes ...

.

scanning hidden autostart entries ...

.

HKLM\Software\Microsoft\Windows\CurrentVersion\Run

HDAudDeck = c:\program files\VIA\VIAudioi\HDADeck\HDeck.exe 1????????????????????????????????????????????????

.

scanning hidden files ...

.

scan completed successfully

hidden files: 0

.

**************************************************************************

.

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\GarenaPEngine]

"ImagePath"="\??\c:\docume~1\CMSTOR~1\LOCALS~1\Temp\PPV1849.tmp"

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\[email protected]=5 *=0 *C*C*l*e*a*n*e*r*& \command]

@="c:\\Program Files\\CCleaner\\ccleaner.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\LocalServer32]

@="c:\\WINDOWS\\system32\\Macromed\\Flash\\FlashUtil10l_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{A483C63A-CDBC-426E-BF93-872502E8144E}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}]

@Denied: (A 2) (Everyone)

@="IFlashBroker4"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\software\Classes\Interface\{E3F2C3CB-5EB8-4A04-B22C-7E3B4B6AF30F}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

--------------------- DLLs Loaded Under Running Processes ---------------------

.

- - - - - - - > 'explorer.exe'(1448)

c:\windows\system32\WININET.dll

c:\windows\system32\IEFRAME.dll

c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\10\OWC10.DLL

c:\progra~1\COMMON~1\MICROS~1\WEBCOM~1\11\OWC11.DLL

c:\program files\Webteh\BSplayer\mmkeybsupp.dll

c:\windows\system32\mshtml.dll

c:\windows\system32\wpdshserviceobj.dll

c:\windows\system32\portabledevicetypes.dll

c:\windows\system32\portabledeviceapi.dll

.

Completion time: 2011-03-11 14:33:14

ComboFix-quarantined-files.txt 2011-03-11 12:33

.

Pre-Run: 36 908 023 808 bytes free

Post-Run: 36 900 134 912 bytes free

.

- - End Of File - - BAFC11629628E4EC71B909EB62BF8381

----

Линк към този отговор
Сподели в други сайтове

Компютъра ми е добре,той си е добре винаги и преди нямаше проблем с изключението на синия екран след 15-18 часа включено положение.Сега проблем както и преди нямах освен ония екран. Не мога да го разбера сега как е.Проблема който ме дразни е захранването но мисля,че не е това темата поради пречина,че ако кажа мое да е нарушение на правилата и да бъда наказан.

Линк към този отговор
Сподели в други сайтове

Да...проблема със захранването не е за този раздел..!

Така още няколко препоръки от мен..:

Деинсталирай Комбофикс така :

1.Натиснете Start ==> Run ==> въведете командата Combofix /Uninstall ==> OK

Публикувано изображение

2.Изтеглете OTCleanIt или от тук,стартирайте и натиснете Clean up

  • Изтеглете програмата: ESET Online Scanner
  • Стартирайте esetsmartinstaller_enu.exe Публикувано изображение
  • Сложете отметка на YES, I accept the Terms of Use и изберете Start:

    Публикувано изображение

  • Скенерът ще започне да изтегля компонентите, които са му необходими:

    Публикувано изображение

  • Уверете се, че има отметки на следните редове:

    Публикувано изображение

    Накрая изберете Start

  • Скенерът ще започне да изтегля последните дефиниции.
  • След, като сканирането завърши изберете Finish.
  • Отидете в: C:\Program Files\ESET\ESET Online Scanner
  • Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар.

  • Изтеглете Security Check (автор: screen317) от тук или от тук и го запишете на десктопа.
  • Кликнете два пъти върху SecurityCheck.exe и следвайте инструкциите.
  • Когато програмата завърши работата си, ще се отвори един текстов документ: checkup.txt.
  • Копирайте съдържанието с Копирай (Copy) на checkup.txt и с Постави (Paste) го поставете в следващия си коментар.

Линк към този отговор
Сподели в други сайтове

Само да попитам след като пуснах OTClean и компютъра ми се рестартира добре но ми излезе това.Какво да дам някаква инсталация ама не знам каква е. post-265062-0-63301000-1299851132_thumb.

Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

ЕSET Scanner..

[email protected] as downloader log:

all ok

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6425

# api_version=3.0.2

# EOSSerial=a73846063c31394ca28e1943df11ed78

# end=finished

# remove_checked=true

# archives_checked=false

# unwanted_checked=true

# unsafe_checked=false

# antistealth_checked=true

# utc_time=2011-03-11 02:50:38

# local_time=2011-03-11 04:50:38 (+0200, FLE Standard Time)

# country="Bulgaria"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=8199 39157077 100 100 681488 47211110 0 0

# scanned=55870

# found=0

# cleaned=0

# scan_time=1302

# nod_component=V3 Build:0x30000000

# version=7

# OnlineScannerApp.exe=1.0.0.1

# OnlineScanner.ocx=1.0.0.6425

# api_version=3.0.2

# EOSSerial=a73846063c31394ca28e1943df11ed78

# end=finished

# remove_checked=true

# archives_checked=true

# unwanted_checked=true

# unsafe_checked=true

# antistealth_checked=true

# utc_time=2011-03-11 03:44:29

# local_time=2011-03-11 05:44:29 (+0200, FLE Standard Time)

# country="Bulgaria"

# lang=1033

# osver=5.1.2600 NT Service Pack 2

# compatibility_mode=8199 39157077 100 100 683008 47212630 0 0

# scanned=55922

# found=5

# cleaned=5

# scan_time=3013

# nod_component=V3 Build:0x30000000

E:\Game\diablo II Instal\Dreaming Diablo II\Diablo_II_Maphack_v1.10.rar probably a variant of Win32/TrojanClicker.VB.GSIGOAY trojan (deleted - quarantined) 00000000000000000000000000000000 C

E:\Game\diablo II Instal\fails\k3cbot2.134fix.rar probably a variant of Win32/Adware.Virtumonde.KUYSYXT application (deleted - quarantined) 00000000000000000000000000000000 C

E:\Game\diablo II Instal\fails\Maphack 6.00.rar probably a variant of Win32/TrojanClicker.VB.GSIGOAY trojan (deleted - quarantined) 00000000000000000000000000000000 C

E:\Game\LFS\LFS_ip-patch.rar Win32/HackTool.Patcher.A application (deleted - quarantined) 00000000000000000000000000000000 C

E:\Game\LFS\Z28.rar Win32/HackTool.Patcher.A application (deleted - quarantined) 00000000000000000000000000000000 C

От SecurityCheck лога

Results of screen317's Security Check version 0.99.9

Windows XP Service Pack 2

Out of date service pack!!

Internet Explorer 7 Out of date!

``````````````````````````````

Antivirus/Firewall Check:

Windows Firewall Disabled!

ESET NOD32 Antivirus

ESET Online Scanner v3

Antivirus up to date!

```````````````````````````````

Anti-malware/Other Utilities Check:

Malwarebytes' Anti-Malware

CCleaner

Java 6 Update 20

Out of date Java installed!

Adobe Flash Player 10.0.42.34

Mozilla Firefox (3.6.15)

````````````````````````````````

Process Check:

objlist.exe by Laurent

``````````End of Log````````````

Редактирано от RiverBastard (преглед на промените)
Линк към този отговор
Сподели в други сайтове

Супер...!:)

Накрая сме......остава да си надградиш системата със Windows XP Service Pack 3

обновяваш Java™ - с последната Version 6 Update 24

обновяваш и Internet Explorer 7 с Internet Explorer 8

Не забравяй да деинсталираш и ESET Online Scanner

Линк към този отговор
Сподели в други сайтове

Вируса още имам ли го ? Къде пише на български как да я инсталирам тая версия на Windows SP3. Мерси за голямата помощ и отделеното време.

Линк към този отговор
Сподели в други сайтове

Системата ти е чиста...не виждам активни зарази..!:) За Windows SP3, е много лесно ....изтегляш пакета от линка който съм ти дал....запомняш на декстопа ....затваряш всички стартирани програми ....и инсталираш SP3 ....рестарт на компютъра и си готов...!:clap: Успех..!:clap:

Линк към този отговор
Сподели в други сайтове

Много време се инсталира ама търпеливо си го изчаках аз.Сега имам още няколко въпроса. Как да махна правилно и сложа нова антивирусна правилно. Да премахна това.Винаги се показва като си включа компютъра. post-265062-0-41178200-1299866082_thumb. Ако не са за тоя раздел може ли линк къде да направя тема.

Линк към този отговор
Сподели в други сайтове

Много време се инсталира ама търпеливо си го изчаках аз.Сега имам още няколко въпроса.

Как да махна правилно и сложа нова антивирусна правилно.

Да премахна това.Винаги се показва като си включа компютъра.

post-265062-0-41178200-1299866082_thumb.

Ако не са за тоя раздел може ли линк къде да направя тема.

"това", което Ви се появява винаги при включване на компютъра е забележка от Microsoft, че Вашата операционна система не е оригинална (пиратска) има много начини да се махне, (в Google е описано как), но "политиката" на този форум НЕ позволява да ти пратя инструкции!

Потърсете в Google: ТУК

И попринцип най-лесно се оправя с купен лиценз или нов (оригинаен) Windows! :whist:

Редактирано от Gibs0n (преглед на промените)
Линк към този отговор
Сподели в други сайтове
публикувано (редактирано)

Добро утро.Добре оставям я.А сега отново ми се появи тоя синия екран със същия проблем.След като беше оставен от снощи включен. Излезе ми още някакъв син прозорец като си пуснах Garena програмата. post-265062-0-34094300-1299907150_thumb. Интересно е ,че след като го рестартирах не се появи при пускането и.

Редактирано от RiverBastard (преглед на промените)
Линк към този отговор
Сподели в други сайтове

Добавете отговор

Можете да публикувате отговор сега и да се регистрирате по-късно. Ако имате регистрация, влезте в профила си за да публикувате от него.
Бележка: Вашата публикация изисква одобрение от модератор, преди да стане видима за всички.

Гост
Напишете отговор в тази тема...

×   Вмъкнахте текст, който съдържа форматиране.   Премахни форматирането на текста

  Разрешени са само 75 емотикони.

×   Съдържанието от линка беше вградено автоматично.   Премахни съдържанието и покажи само линк

×   Съдържанието, което сте написали преди беше възстановено..   Изтрий всичко

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Добави ново...

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите Условия за ползване