Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

Gangosa

Съмнение за интелигентна гадинка

Препоръчан отговор


Здравейте от 1 2 дена не мога да си ъпдейтна уиндоуса не мога да инсталирам някои програми които искат по големи привилегии изобщо компютъра ми не го усещам като преди в чудо се видях тия 2 дена и си истрих даже акаунти на уина които ми дава няма пак си знае неговата нямам достъп ето това е съобщението при опит от моя страна да стартирам инсталационно ексе

Публикувано изображение

DDS (Ver_2011-09-30.01) - NTFS_x86

Internet Explorer: 8.0.6001.18702

Run by Administrator at 3:48:11 on 2012-03-28

.

============== Running Processes ================

.

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\igfxtray.exe

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Unlocker\UnlockerAssistant.exe

C:\WINDOWS\PixArt\PAC207\Monitor.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\Program Files\Lock Folder XP\LFService.exe

C:\Program Files\Internet Download Manager\IDMan.exe

C:\Program Files\Free Desktop Clock\DesktopClock.exe

C:\Program Files\Backup8\Backup8Sch.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\DOS2USB\elSVC.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe

C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE

C:\WINDOWS\System32\alg.exe

C:\Program Files\Internet Download Manager\IEMonitor.exe

C:\Program Files\SeaMonkey\seamonkey.exe

D:\Programi\4avdo Script\mirc.exe

D:\Programi\Skype.exe

D:\Programi\Skype.exe

C:\WINDOWS\system32\taskmgr.exe

C:\Program Files\VideoLAN\VLC\vlc.exe

C:\Program Files\WinUtilities\WinUtil.exe

C:\Program Files\WinUtilities\ToolDiskDefrag.exe

C:\Program Files\SeaMonkey\plugin-container.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

C:\WINDOWS\system32\svchost.exe -k NetworkService

C:\WINDOWS\system32\svchost.exe -k LocalService

C:\WINDOWS\system32\svchost.exe -k LocalService

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxp://www.windowsxlive.net

uWindow Title = Internet Explorer, optimized for Bing and MSN

BHO: IDM integration (IDMIEHlprObj Class): {0055C089-8582-441B-A0BF-17B458C2A3A8} - c:\program files\internet download manager\IDMIECC.dll

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office14\GROOVEEX.DLL

BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll

BHO: ZoneAlarm Security Engine Registrar: {8A4A36C2-0535-4D2C-BD3D-496CB7EED6E3} - LocalServer32 - <no file>

BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - c:\program files\microsoft office\office14\URLREDIR.DLL

BHO: CoTGT_BHO Class: {C333CF63-767F-4831-94AC-E683D962C63C} - c:\program files\tgtsoft\stylexp\TGT_BHO.dll

BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: StylerToolBar: {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - c:\program files\styler\tb\StylerTB.dll

TB: ZoneAlarm Security Engine: {EE2AC4E5-B0B0-4EC6-88A9-BCA1A32AB107} - LocalServer32 - <no file>

uRun: [iDMan] c:\program files\internet download manager\IDMan.exe /onboot

uRun: [skinClock] c:\program files\free desktop clock\DesktopClock.exe

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe" /MINIMIZED

uRun: [sTYLEXP] c:\program files\tgtsoft\stylexp\StyleXP.exe -Hide

mRun: [igfxTray] c:\windows\system32\igfxtray.exe

mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe

mRun: [Persistence] c:\windows\system32\igfxpers.exe

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [unlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe"

mRun: [PAC207_Monitor] c:\windows\pixart\pac207\Monitor.exe

mRun: [Monitor] c:\windows\pixart\pac207\Monitor.exe

mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice

mRun: [LFService] c:\program files\lock folder xp\LFService.exe -start

mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray

mRunOnce: [Auto Apply Theme ] c:\windows\ApplyTheme.exe

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-Explorer: NoSMMyPictures = dword:0

mPolicies-Explorer: NoStartMenuMyMusic = dword:0

mPolicies-Explorer: NoCommonGroups = dword:0

mPolicies-Explorer: NoSimpleStartMenu = dword:0

mPolicies-Explorer: HideClock = dword:0

mPolicies-Explorer: NoDriveTypeAutoRun = dword:145

IE: Свали всички линкове с IDM - c:\program files\internet download manager\IEGetAll.htm

IE: Свали с IDM - c:\program files\internet download manager\IEExt.htm

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office14\ONBttnIE.dll

IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\office14\ONBttnIELinkedNotes.dll

IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab

TCP: NameServer = 192.168.1.1

TCP: Interfaces\{41875326-97CA-43BD-BD1C-BFC5CD0668EE} : DHCPNameServer = 192.168.1.1

Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - c:\program files\common files\microsoft shared\office14\MSOXMLMF.DLL

Notify: igfxcui - igfxdev.dll

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office14\GROOVEEX.DLL

SecurityProviders: SecurityProviders = msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll

LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg

.

================= FIREFOX ===================

.

FF - ProfilePath - c:\documents and settings\administrator\application data\mozilla\firefox\profiles\95ucwukm.default\

FF - prefs.js: browser.startup.homepage - hxxp://www.windowsxlive.net

FF - plugin: c:\progra~1\micros~3\office14\NPAUTHZ.DLL

FF - plugin: c:\progra~1\micros~3\office14\NPSPWRAP.DLL

FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll

FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll

FF - plugin: c:\program files\microsoft silverlight\5.0.61118.0\npctrlui.dll

FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_160.dll

.

============= SERVICES / DRIVERS ===============

.

.

=============== Created Last 30 ================

.

2012-03-27 23:33:36 -------- d-----w- c:\documents and settings\administrator\application data\Styler

2012-03-27 23:26:58 997376 ----a-w- c:\windows\system32\msgina.backup

2012-03-27 23:24:11 1949184 ----a-w- c:\windows\system32\OLD1C9.tmp

2012-03-27 23:22:59 218624 ----a-w- c:\windows\system32\uxtheme.backup

2012-03-27 23:22:58 514560 ----a-w- c:\windows\system32\logonui.backup

2012-03-27 23:22:54 -------- d-----w- c:\windows\Icon_Patcher

2012-03-27 22:39:13 -------- d-----w- c:\documents and settings\administrator\application data\TeamViewer

2012-03-27 22:37:03 -------- d-----w- c:\documents and settings\administrator\application data\FastStone

2012-03-27 22:21:30 -------- d-----w- c:\documents and settings\administrator\application data\Parallels

2012-03-27 22:17:32 -------- d-----w- c:\documents and settings\administrator\application data\Malwarebytes

2012-03-27 22:17:05 -------- d-----w- c:\windows\system32\wbem\Logs

2012-03-27 22:13:29 -------- d-----w- c:\documents and settings\administrator\application data\uTorrent

2012-03-27 22:09:15 -------- d-----w- c:\program files\SeaMonkey

2012-03-27 22:06:55 -------- d-----w- c:\documents and settings\administrator\application data\IDM

2012-03-27 22:06:55 -------- d-----w- c:\documents and settings\administrator\application data\DMCache

2012-03-27 22:05:15 -------- d-----w- c:\documents and settings\administrator\local settings\application data\Mozilla

2012-03-27 22:00:22 -------- d-sh--w- c:\documents and settings\administrator\IECompatCache

2012-03-27 21:58:59 221184 ----a-w- c:\windows\system32\wmpns.dll

2012-03-27 21:35:37 128 ----a-w- c:\windows\system32\91207717.sys

2012-03-27 21:35:36 -------- d-----w- c:\program files\ScanMyReg

2012-03-27 21:18:54 -------- d-----w- c:\documents and settings\all users\application data\Parallels

2012-03-27 02:39:20 -------- d-----w- c:\documents and settings\all users\application data\Innovative Solutions

2012-03-27 02:39:16 -------- d-----w- c:\program files\Innovative Solutions

2012-03-27 02:26:34 32768 ----a-w- c:\windows\system32\svcmgr.ocx

2012-03-27 02:26:33 -------- d-----w- c:\program files\RefreshPC

2012-03-26 06:42:28 70760 ----a-w- c:\windows\system32\drivers\extit.sys

2012-03-26 00:27:49 -------- d-----w- c:\program files\Exterminate It!

2012-03-25 01:20:01 -------- d-----w- c:\program files\Ccleaner Business Edition x64 x86 Tom_Da_Man

2012-03-25 00:56:15 -------- d-----w- c:\windows\system32\SoftwareDistribution

2012-03-25 00:30:14 -------- d--h--w- c:\windows\msdownld.tmp

2012-03-24 02:19:56 592824 ----a-w- c:\program files\mozilla firefox\gkmedias.dll

2012-03-24 02:19:56 44472 ----a-w- c:\program files\mozilla firefox\mozglue.dll

2012-03-24 02:08:39 -------- d-----w- c:\program files\Free Desktop Clock

2012-03-23 00:54:25 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe

2012-03-23 00:37:26 16640 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383.sys

2012-03-23 00:37:24 -------- d-----w- c:\program files\Wondershare

2012-03-23 00:28:11 -------- d-----w- C:\downloads

2012-03-18 21:57:59 -------- d-----w- c:\program files\MediaInfo

2012-03-17 00:28:37 -------- d-----w- c:\program files\Bloom

2012-03-16 21:20:02 -------- d-----w- c:\program files\Ace Translator

2012-03-16 08:50:00 -------- d-----w- c:\program files\Movie Subtitles Searcher

2012-03-13 04:04:07 -------- d-----w- c:\windows\AutoKMS

2012-03-13 04:03:26 151552 ----a-w- c:\windows\KMSEmulator.exe

2012-03-13 03:48:37 -------- d-----w- c:\program files\Microsoft Synchronization Services

2012-03-13 03:48:08 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition

2012-03-13 03:48:08 -------- d-----w- c:\documents and settings\all users\Microsoft

2012-03-13 03:46:36 -------- d-----w- c:\program files\Microsoft Visual Studio 8

2012-03-13 03:45:51 -------- d-----w- c:\program files\Microsoft Analysis Services

2012-03-13 03:45:44 -------- d-----w- c:\windows\SHELLNEW

2012-03-12 12:25:50 -------- d-----w- c:\program files\Backup8

2012-03-12 12:11:52 -------- d-----w- c:\program files\WinTools Software

2012-03-12 12:06:54 647872 ----a-w- c:\windows\system32\mscomct2.ocx

2012-03-12 12:06:54 244024 ----a-w- c:\windows\system32\msflxgrd.ocx

2012-03-12 12:06:54 -------- d-----w- c:\program files\Easy Money 6x

2012-03-11 13:53:29 -------- d-----w- c:\program files\FreeFixer

2012-03-11 09:17:09 -------- d-----w- c:\program files\Lock Folder XP

2012-03-11 09:17:09 -------- d-----w- c:\program files\common files\Everstrike Software

2012-03-11 06:41:54 -------- d-----w- c:\program files\CPUID

2012-03-10 14:23:02 -------- d-----w- c:\program files\Windows Resource Kits

2012-03-10 13:48:09 -------- d-----w- C:\Tijan Script v6.2

2012-03-10 09:41:26 -------- d-----w- c:\program files\InspIRCd

2012-03-09 10:57:32 526184 ----a-w- c:\windows\system32\XceedCry.dll

2012-03-09 10:57:32 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL

2012-03-09 10:57:32 224016 ----a-w- c:\windows\system32\Tabctl32.ocx

2012-03-09 10:57:32 132880 ----a-w- c:\windows\system32\Msinet.ocx

2012-03-09 10:57:32 110602 ----a-w- c:\windows\system32\xcdsfx32.bin

2012-03-09 10:57:31 -------- d-----w- c:\program files\Driver Magician

2012-03-08 13:33:10 499712 ----a-w- c:\windows\system32\msvcp71.dll

2012-03-08 13:33:10 348160 ----a-w- c:\windows\system32\msvcr71.dll

2012-03-08 13:33:10 1047552 ----a-w- c:\windows\system32\mfc71u.dll

2012-03-04 06:53:01 -------- d-----w- c:\program files\ESET

2012-03-03 08:32:24 -------- d-sh--w- c:\documents and settings\administrator\PrivacIE

2012-03-03 07:58:04 -------- d-----w- c:\program files\MSXML 6.0

2012-03-03 07:41:28 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys

2012-03-03 07:41:26 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys

2012-03-02 03:39:11 -------- d--h--w- C:\$WINDOWS.~BT

2012-03-02 03:26:38 24064 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2012-03-02 03:06:41 -------- d-----w- c:\documents and settings\all users\application data\Malwarebytes

2012-03-02 03:06:40 20464 ----a-w- c:\windows\system32\drivers\mbam.sys

2012-03-02 03:06:40 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware

2012-03-01 13:35:03 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys

2012-03-01 13:35:00 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys

2012-03-01 13:34:53 -------- d-----w- c:\program files\Oracle

2012-02-27 03:08:52 -------- d-----w- C:\WinSetupFromUSB-Modified

2012-02-27 03:07:10 -------- d-----w- c:\program files\RMPrepUSB

.

==================== Find3M ====================

.

2012-03-27 23:25:59 93696 ----a-w- c:\windows\system32\OLD39B.tmp

2012-03-23 01:02:19 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl

2012-03-11 12:54:38 6656 ----a-w- c:\windows\system32\lpcio.dll

2012-02-25 08:39:23 10534 ----a-w- c:\documents and settings\all users\snddrv.sys

2012-02-19 03:56:45 73728 ----a-w- c:\windows\system32\javacpl.cpl

2012-02-19 03:56:45 472808 ----a-w- c:\windows\system32\deployJava1.dll

2012-02-11 09:30:30 2560 ----a-w- c:\windows\_MSRSTRT.EXE

2012-02-08 01:13:32 104456 ----a-w- c:\windows\system32\drivers\idmtdi.sys

2012-02-03 09:26:17 1869184 ----a-w- c:\windows\system32\win32k.sys

2012-01-28 22:02:12 21344 ----a-w- c:\windows\system32\drivers\phylock.sys

2012-01-12 14:13:29 3186 ----a-w- c:\windows\system32\presetup.cmd

2012-01-12 14:13:29 28672 ----a-w- c:\windows\system32\setupold.exe

2012-01-12 14:11:57 5632 ----a-w- c:\windows\system32\drivers\mv64xxmm.sys

2012-01-12 14:11:57 13616 ----a-w- c:\windows\system32\drivers\mvxxmm.sys

2012-01-12 14:11:57 13616 ----a-w- c:\windows\system32\drivers\mv61xxmm.sys

2012-01-12 14:10:03 1614848 ----a-w- c:\windows\system32\sfcfiles.dll

2012-01-12 14:05:52 990208 ----a-w- c:\windows\system32\syssetup.dll

2012-01-12 14:04:57 9472 ----a-w- c:\windows\system32\drivers\dumpdrv.sys

2012-01-12 14:03:59 552448 ----a-w- c:\windows\system32\oleaut32.dll

2012-01-12 14:02:59 1033728 ----a-w- c:\windows\explorer.exe

2012-01-12 13:59:11 10240 ----a-w- c:\windows\system32\advpack.dll.mui

2012-01-12 13:59:10 236544 ----a-w- c:\windows\system32\webcheck.backup

2012-01-12 13:59:10 236544 ----a-w- C:\_@3AF.tmp

2012-01-12 13:59:09 420864 ----a-w- c:\windows\system32\vbscript.dll

2012-01-12 13:59:06 48128 ----a-w- c:\windows\system32\mshtmler.dll

2012-01-12 13:59:06 1638912 ----a-w- c:\windows\system32\mshtml.tlb

2012-01-12 13:59:06 156160 ----a-w- c:\windows\system32\msls31.dll

2012-01-12 13:59:00 45568 ----a-w- c:\windows\system32\mshta.exe

2012-01-12 13:58:56 34816 ----a-w- c:\windows\system32\imgutil.dll

2012-01-12 13:58:55 71680 ----a-w- c:\windows\system32\iesetup.dll

2012-01-12 13:58:49 72704 ----a-w- c:\windows\system32\admparse.dll

2012-01-12 13:58:49 18944 ----a-w- c:\windows\system32\corpol.dll

2012-01-11 19:06:47 3072 ------w- c:\windows\system32\iacenc.dll

2012-01-09 16:19:13 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys

.

============= FINISH: 3:49:01,57 ===============

.

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

.

DDS (Ver_2011-09-30.01)

.

.

==== Disk Partitions =========================

.

.

==== Disabled Device Manager Items =============

.

==== System Restore Points ===================

.

No restore point in system.

.

==== Installed Programs ======================

.

µTorrent

Ace Translator 9.3.1

Adobe Flash Player 11 ActiveX

Adobe Flash Player 11 Plugin

Backup8 version 1.248

Bit Che

Bloom

Bulgarian (Phonetic) by Iliya Dankov

Counter-Strike 1.6

Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition

DoSHTTP 2.5.1

Driver Magician 3.55

DriverMax 5

Easy Money 6.2

ESET Antivirus License Finder (MiNODLogin)

ESET NOD32 Antivirus

Exterminate It!

FastStone Capture 6.8

FastStone Image Viewer 4.5

Foxit Reader 5.1

Free Desktop Clock

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Image for Windows 2.69 Trial

Intel® Graphics Media Accelerator Driver

Internet Download Manager

Java Auto Updater

Java 6 Update 31

Lock Folder XP

MagicDisc 2.7.106

Malwarebytes Anti-Malware version 1.60.1.1000

MediaInfo 0.7.53

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft .NET Framework 4 Client Profile

Microsoft .NET Framework 4 Extended

Microsoft Office 2010 Service Pack 1 (SP1)

Microsoft Office Access MUI (English) 2010

Microsoft Office Access Setup Metadata MUI (English) 2010

Microsoft Office Excel MUI (English) 2010

Microsoft Office Groove MUI (English) 2010

Microsoft Office InfoPath MUI (English) 2010

Microsoft Office OneNote MUI (English) 2010

Microsoft Office Outlook MUI (English) 2010

Microsoft Office PowerPoint MUI (English) 2010

Microsoft Office Professional Plus 2010

Microsoft Office Proof (English) 2010

Microsoft Office Proof (French) 2010

Microsoft Office Proof (Spanish) 2010

Microsoft Office Proofing (English) 2010

Microsoft Office Publisher MUI (English) 2010

Microsoft Office ScreenTip Language 2010 – български

Microsoft Office Shared MUI (English) 2010

Microsoft Office Shared Setup Metadata MUI (English) 2010

Microsoft Office Word MUI (English) 2010

Microsoft Silverlight

Microsoft Software Update for Web Folders (English) 14

MiPony 1.6.0

Movie Subtitles Searcher 1.0

Mozilla Firefox 11.0 (x86 bg)

MSXML 6.0 Parser

MSXML 6.0 SDK

Oracle VM VirtualBox 4.1.8

Process Hacker 2.27 (r4957)

REALTEK GbE & FE Ethernet PCI-E NIC Driver

Realtek High Definition Audio Driver

RefreshPC

RMPrepUSB

ScanMyReg 2.0

SeaMonkey (2.8)

Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)

Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)

Security Update for Microsoft .NET Framework 4 Extended (KB2487367)

Security Update for Microsoft .NET Framework 4 Extended (KB2656351)

Security Update for Microsoft Office 2010 (KB2553091)

Security Update for Microsoft Office 2010 (KB2553096)

Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition

Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition

Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)

Security Update for Microsoft Visio Viewer 2010 (KB2597170) 32-Bit Edition

Security Update for Windows Internet Explorer 8 (KB2647516)

Styler

StyleXP (remove only)

TBIView 4.27 - TBIMount 1.06

TeamViewer 7

Tijan Script v6.2

Trust 100K Series Webcam

Unlocker 1.9.1

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Microsoft Excel 2010 (KB2553439) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553065)

Update for Microsoft Office 2010 (KB2553092)

Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition

Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition

Update for Microsoft Office 2010 (KB2566458)

Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition

Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition

Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition

Update for Microsoft Outlook 2010 (KB2553323) 32-Bit Edition

Update for Microsoft Outlook Social Connector (KB2583935)

VC 9.0 Runtime

Vista Anthracite Pack - Lite 1.30

VLC media player 2.0.1

WebFldrs XP

Windows Essentials Media Codec Pack 3.6 [32-Bit]

Windows Internet Explorer 8

Windows Resource Kit Tools - SubInAcl.exe

WinRAR 4.01 (32-битова версия)

WinTools.net 11.7.1 Professional

WinUtilities 10.44 Professional Edition

Your Uninstaller! 7

.

==== End Of File ===========================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!Виждат се някои неща които не ми харесват...:

Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук или тук и го запазете на десктопа си.

 • Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs
 • Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.
Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
 • Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repair режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.
 • Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console. В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.
** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.

Публикувано изображение

След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:

Публикувано изображение

Изберете Yes, за да продължи сканирането за зловреден софтуер.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:\ComboFix.txt в следващия Ви коментар в тази тема.

Бележка:

 • Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа.
 • ComboFix ще нулира всички настройки на Microsoft Internet Explorer, включително да направи IE браузър по подразбиране.
 • ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразяват чрез autorun. Ако това е проблем за вас - моля, уведомете ме.
 • ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си.
 • В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:\BUG.txt в следващия Ви коментар в тази тема.
Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ешд вджь oT яньхсиьхешд ComboFix 12-03-29.02 - Administrator 03.2012 г. 20:52:33.1.2 - x86 Running from: c:\documents and settings\Administrator\My Documents\Downloads\Programs\ComboFix.exe * Created a new restore point . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\ESET\MiNODLogin\MiNODLogin.jar c:\program files\ESET\MiNODLogin\MiNODLoginLib.dll c:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe c:\program files\ESET\MiNODLogin\servidores.xml c:\windows\explorer.backup . . ((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-28 ))))))))))))))))))))))))))))))) . . 2012-03-27 23:33 . 2012-03-27 23:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Styler 2012-03-27 23:29 . 2012-03-28 01:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc 2012-03-27 23:26 . 2008-04-14 11:00 997376 ----a-w- c:\windows\system32\msgina.backup 2012-03-27 23:22 . 2008-04-14 11:00 218624 ----a-w- c:\windows\system32\uxtheme.backup 2012-03-27 23:22 . 2008-04-14 11:00 514560 ----a-w- c:\windows\system32\logonui.backup 2012-03-27 23:22 . 2012-03-27 23:27 -------- d-----w- c:\windows\Icon_Patcher 2012-03-27 22:39 . 2012-03-27 22:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer 2012-03-27 22:37 . 2012-03-27 22:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\FastStone 2012-03-27 22:21 . 2012-03-27 22:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\Parallels 2012-03-27 22:17 . 2012-03-27 22:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-03-27 22:17 . 2012-03-27 22:58 -------- d-----w- c:\windows\system32\wbem\Logs 2012-03-27 22:13 . 2012-03-28 17:52 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent 2012-03-27 22:09 . 2012-03-27 22:09 -------- d-----w- c:\program files\SeaMonkey 2012-03-27 22:06 . 2012-03-28 17:55 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache 2012-03-27 22:06 . 2012-03-28 00:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM 2012-03-27 22:05 . 2012-03-27 22:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla 2012-03-27 22:00 . 2012-03-27 22:00 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache 2012-03-27 21:58 . 2008-04-14 11:00 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-03-27 21:35 . 2012-03-27 22:40 128 ----a-w- c:\windows\system32\91207717.sys 2012-03-27 21:35 . 2012-03-27 21:36 -------- d-----w- c:\program files\ScanMyReg 2012-03-27 21:18 . 2012-03-27 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Parallels 2012-03-27 02:39 . 2012-03-27 02:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions 2012-03-27 02:39 . 2012-03-27 02:39 -------- d-----w- c:\program files\Innovative Solutions 2012-03-27 02:26 . 2002-06-13 10:02 32768 ----a-w- c:\windows\system32\svcmgr.ocx 2012-03-27 02:26 . 2012-03-27 02:27 -------- d-----w- c:\program files\RefreshPC 2012-03-26 06:42 . 2012-03-26 06:42 70760 ----a-w- c:\windows\system32\drivers\extit.sys 2012-03-26 00:27 . 2012-03-27 02:28 -------- d-----w- c:\program files\Exterminate It! 2012-03-25 01:20 . 2012-03-25 01:20 -------- d-----w- c:\program files\Ccleaner Business Edition x64 x86 Tom_Da_Man 2012-03-25 00:30 . 2012-03-25 00:30 -------- d--h--w- c:\windows\msdownld.tmp 2012-03-24 02:08 . 2012-03-24 02:08 -------- d-----w- c:\program files\Free Desktop Clock 2012-03-23 00:54 . 2012-03-23 01:02 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-23 00:37 . 2008-11-19 16:41 16640 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383.sys 2012-03-23 00:37 . 2012-03-23 00:37 -------- d-----w- c:\program files\Wondershare 2012-03-23 00:28 . 2012-03-23 00:28 -------- d-----w- C:\downloads 2012-03-18 21:57 . 2012-03-18 21:59 -------- d-----w- c:\program files\MediaInfo 2012-03-17 00:28 . 2012-03-17 00:28 -------- d-----w- c:\program files\Bloom 2012-03-16 21:20 . 2012-03-16 21:20 -------- d-----w- c:\program files\Ace Translator 2012-03-16 08:50 . 2012-03-16 08:50 -------- d-----w- c:\program files\Movie Subtitles Searcher 2012-03-13 04:04 . 2012-03-14 04:04 -------- d-----w- c:\windows\AutoKMS 2012-03-13 04:03 . 2012-03-28 17:46 151552 ----a-w- c:\windows\KMSEmulator.exe 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft Sync Framework 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\documents and settings\All Users\Microsoft 2012-03-13 03:46 . 2012-03-13 03:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-03-13 03:45 . 2012-03-13 03:45 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-03-13 03:45 . 2012-03-15 03:40 -------- d-----w- c:\windows\SHELLNEW 2012-03-13 03:45 . 2012-03-19 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2012-03-13 03:45 . 2012-03-13 03:45 -------- d-----r- C:\MSOCache 2012-03-12 12:25 . 2012-03-12 12:25 -------- d-----w- c:\documents and settings\LocalService\Application Data\backup8 2012-03-12 12:25 . 2012-03-12 12:25 -------- d-----w- c:\program files\Backup8 2012-03-12 12:11 . 2012-03-12 12:11 -------- d-----w- c:\program files\WinTools Software 2012-03-12 12:06 . 2012-03-12 12:07 -------- d-----w- c:\program files\Easy Money 6x 2012-03-12 12:06 . 2000-05-22 03:00 647872 ----a-w- c:\windows\system32\mscomct2.ocx 2012-03-12 12:06 . 1998-06-24 06:00 244024 ----a-w- c:\windows\system32\msflxgrd.ocx 2012-03-11 13:53 . 2012-03-11 14:22 -------- d-----w- c:\program files\FreeFixer 2012-03-11 09:17 . 2012-03-11 09:17 -------- d-----w- c:\program files\Lock Folder XP 2012-03-11 09:17 . 2012-03-11 09:17 -------- d-----w- c:\program files\Common Files\Everstrike Software 2012-03-11 06:41 . 2012-03-27 12:32 -------- d-----w- c:\program files\CPUID 2012-03-10 14:23 . 2012-03-10 14:23 -------- d-----w- c:\program files\Windows Resource Kits 2012-03-10 13:48 . 2012-03-27 22:38 -------- d-----w- C:\Tijan Script v6.2 2012-03-10 09:41 . 2012-03-10 09:44 -------- d-----w- c:\program files\InspIRCd 2012-03-09 10:57 . 2005-01-12 19:19 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL 2012-03-09 10:57 . 2004-09-28 19:13 526184 ----a-w- c:\windows\system32\XceedCry.dll 2012-03-09 10:57 . 2004-08-11 23:55 110602 ----a-w- c:\windows\system32\xcdsfx32.bin 2012-03-09 10:57 . 2004-03-09 08:00 224016 ----a-w- c:\windows\system32\Tabctl32.ocx 2012-03-09 10:57 . 2004-03-09 08:00 132880 ----a-w- c:\windows\system32\Msinet.ocx 2012-03-09 10:57 . 2012-03-12 08:56 -------- d-----w- c:\program files\Driver Magician 2012-03-08 13:33 . 2003-03-19 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-03-08 13:33 . 2003-03-19 18:12 1047552 ----a-w- c:\windows\system32\mfc71u.dll 2012-03-08 13:33 . 2003-02-22 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-03-04 06:53 . 2012-03-04 12:46 -------- d-----w- c:\program files\ESET 2012-03-04 06:53 . 2012-03-04 06:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2012-03-03 08:32 . 2012-03-03 08:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-03-03 07:58 . 2012-03-03 07:58 -------- d-----w- c:\program files\MSXML 6.0 2012-03-03 07:41 . 2012-03-03 07:41 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys 2012-03-03 07:41 . 2012-03-03 07:41 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2012-03-02 03:39 . 2012-03-02 03:39 -------- d-----w- C:\$WINDOWS.~BT 2012-03-02 03:26 . 2012-03-02 03:26 24064 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-03-02 03:06 . 2012-03-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-02 03:06 . 2012-03-02 03:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-02 03:06 . 2011-12-10 23:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-01 13:35 . 2011-12-19 22:11 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2012-03-01 13:35 . 2011-12-19 22:11 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2012-03-01 13:34 . 2012-03-01 13:34 -------- d-----w- c:\program files\Oracle . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-27 23:25 . 2008-04-14 11:00 55296 ----a-w- c:\windows\system32\migpwd.exe 2012-03-23 01:02 . 2008-04-14 11:00 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 12:54 . 2012-01-12 14:03 6656 ----a-w- c:\windows\system32\lpcio.dll 2012-02-25 08:39 . 2012-02-25 08:39 10534 ----a-w- c:\documents and settings\All Users\snddrv.sys 2012-02-19 03:56 . 2012-02-19 03:56 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-02-19 03:56 . 2012-02-11 17:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-11 09:30 . 2012-02-11 09:30 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2012-02-08 01:13 . 2011-08-29 14:47 104456 ----a-w- c:\windows\system32\drivers\idmtdi.sys 2012-02-03 09:26 . 2012-01-12 14:04 1869184 ----a-w- c:\windows\system32\win32k.sys 2012-01-28 22:02 . 2012-02-16 09:45 21344 ----a-w- c:\windows\system32\drivers\phylock.sys 2012-01-12 14:13 . 2012-01-12 14:13 3186 ----a-w- c:\windows\system32\presetup.cmd 2012-01-12 14:13 . 2012-01-12 14:13 28672 ----a-w- c:\windows\system32\setupold.exe 2012-01-12 14:11 . 2012-01-12 14:11 5632 ----a-w- c:\windows\system32\drivers\mv64xxmm.sys 2012-01-12 14:11 . 2012-01-12 14:11 13616 ----a-w- c:\windows\system32\drivers\mvxxmm.sys 2012-01-12 14:11 . 2012-01-12 14:11 13616 ----a-w- c:\windows\system32\drivers\mv61xxmm.sys 2012-01-12 14:10 . 2012-01-12 14:10 1614848 ----a-w- c:\windows\system32\sfcfiles.dll 2012-01-12 14:09 . 2011-10-25 12:52 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-01-12 14:09 . 2009-11-27 17:23 17920 ----a-w- c:\windows\system32\msyuv.dll 2012-01-12 14:09 . 2009-11-27 16:28 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2012-01-12 14:09 . 2008-04-22 17:03 483328 ----a-w- c:\windows\system32\wzcsvc.dll 2012-01-12 14:09 . 2008-04-14 03:42 52736 ----a-w- c:\windows\system32\wzcsapi.dll 2012-01-12 14:09 . 2008-04-14 03:42 35328 ----a-w- c:\windows\system32\pid.dll 2012-01-12 14:09 . 2008-04-14 03:42 15360 ----a-w- c:\windows\system32\pjlmon.dll 2012-01-12 14:09 . 2008-04-14 03:41 20992 ----a-w- c:\windows\system32\hid.dll 2012-01-12 14:09 . 2008-04-14 03:41 52224 ----a-w- c:\windows\system32\dmutil.dll 2012-01-12 14:09 . 2008-04-14 03:41 47104 ----a-w- c:\windows\system32\cnbjmon.dll 2012-01-12 14:09 . 2008-04-13 22:30 30080 ----a-w- c:\windows\system32\drivers\modem.sys 2012-01-12 14:09 . 2008-04-13 22:26 12288 ----a-w- c:\windows\system32\drivers\tunmp.sys 2012-01-12 14:09 . 2008-04-13 22:26 14592 ----a-w- c:\windows\system32\drivers\ndisuio.sys 2012-01-12 14:09 . 2008-04-13 22:21 61824 ----a-w- c:\windows\system32\drivers\nic1394.sys 2012-01-12 14:09 . 2008-04-13 22:21 60800 ----a-w- c:\windows\system32\drivers\arp1394.sys 2012-01-12 14:09 . 2008-04-13 22:16 25344 ----a-w- c:\windows\system32\drivers\sonydcam.sys 2012-01-12 14:09 . 2008-04-13 22:15 15872 ----a-w- c:\windows\system32\drivers\usbintel.sys 2012-01-12 14:09 . 2008-04-13 22:15 25728 ----a-w- c:\windows\system32\drivers\usbcamd2.sys 2012-01-12 14:09 . 2008-04-13 22:15 25600 ----a-w- c:\windows\system32\drivers\usbcamd.sys 2012-01-12 14:09 . 2008-04-13 22:10 80128 ----a-w- c:\windows\system32\drivers\parport.sys 2012-01-12 14:09 . 2008-04-13 22:09 4352 ----a-w- c:\windows\system32\drivers\swenum.sys 2012-01-12 14:09 . 2008-04-13 22:09 23040 ----a-w- c:\windows\system32\drivers\mouclass.sys 2012-01-12 14:09 . 2008-04-13 22:06 15488 ----a-w- c:\windows\system32\drivers\mssmbios.sys 2012-01-12 14:09 . 2008-04-13 22:06 63744 ----a-w- c:\windows\system32\drivers\mf.sys 2012-01-12 14:09 . 2008-04-13 22:01 37760 ----a-w- c:\windows\system32\drivers\amdk7.sys 2012-01-12 14:09 . 2008-04-13 22:01 37376 ----a-w- c:\windows\system32\drivers\amdk6.sys 2012-01-12 14:09 . 2008-04-13 22:01 36736 ----a-w- c:\windows\system32\drivers\crusoe.sys 2012-01-12 14:09 . 2008-04-13 22:01 42752 ----a-w- c:\windows\system32\drivers\p3.sys 2012-01-12 14:09 . 2008-04-13 22:01 35840 ----a-w- c:\windows\system32\drivers\processr.sys 2012-01-12 14:09 . 2009-11-27 16:28 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2012-01-12 14:09 . 2001-08-17 20:37 77891 ----a-w- c:\windows\system32\usrmlnka.exe 2012-01-12 14:09 . 2001-08-17 20:37 69700 ----a-w- c:\windows\system32\usrshuta.exe 2012-01-12 14:09 . 2001-08-17 20:37 61508 ----a-w- c:\windows\system32\usrprbda.exe 2012-01-12 14:09 . 2001-08-17 20:36 55296 ----a-w- c:\windows\system32\dvdplay.exe 2012-01-12 14:09 . 2001-08-17 20:36 3200 ----a-w- c:\windows\system32\wowfax.dll 2012-01-12 14:09 . 2001-08-17 20:36 13824 ----a-w- c:\windows\system32\wowfaxui.dll 2012-01-12 14:09 . 2001-08-17 20:36 86073 ----a-w- c:\windows\system32\usrfaxa.dll 2012-01-12 14:09 . 2001-08-17 20:36 77890 ----a-w- c:\windows\system32\usrdpa.dll 2012-01-12 14:09 . 2001-08-17 20:36 77883 ----a-w- c:\windows\system32\usrrtosa.dll 2012-01-12 14:09 . 2001-08-17 20:36 69699 ----a-w- c:\windows\system32\usrcoina.dll 2012-01-12 14:09 . 2001-08-17 20:36 61500 ----a-w- c:\windows\system32\usrcntra.dll 2012-01-12 14:09 . 2001-08-17 20:36 53305 ----a-w- c:\windows\system32\usrlbva.dll 2012-01-12 14:09 . 2001-08-17 20:36 49211 ----a-w- c:\windows\system32\usrvpa.dll 2012-01-12 14:09 . 2001-08-17 20:36 49211 ----a-w- c:\windows\system32\usrsdpia.dll 2012-01-12 14:09 . 2001-08-17 20:36 49209 ----a-w- c:\windows\system32\usrv80a.dll 2012-01-12 14:09 . 2001-08-17 20:36 45116 ----a-w- c:\windows\system32\usrvoica.dll 2012-01-12 14:09 . 2001-08-17 20:36 41019 ----a-w- c:\windows\system32\usrsvpia.dll 2012-01-12 14:09 . 2001-08-17 20:36 323641 ----a-w- c:\windows\system32\usrdtea.dll 2012-01-12 14:09 . 2001-08-17 20:36 102457 ----a-w- c:\windows\system32\usrv42a.dll 2012-01-12 14:09 . 2001-08-17 20:36 8192 ----a-w- c:\windows\system32\streamci.dll 2012-01-12 14:09 . 2001-08-17 20:36 72192 ----a-w- c:\windows\system32\sprio800.dll 2012-01-12 14:09 . 2001-08-17 20:36 70656 ----a-w- c:\windows\system32\sprio600.dll 2012-01-12 14:09 . 2001-08-17 20:36 69632 ----a-w- c:\windows\system32\spnike.dll 2012-01-12 14:09 . 2001-08-17 20:36 157696 ----a-w- c:\windows\system32\paqsp.dll 2012-01-12 14:09 . 2001-08-17 20:36 147968 ----a-w- c:\windows\system32\mdwmdmsp.dll 2012-01-12 14:09 . 2001-08-17 12:06 21376 ----a-w- c:\windows\system32\drivers\tsbvcap.sys 2012-01-12 14:09 . 2001-08-17 12:02 262528 ----a-w- c:\windows\system32\drivers\cinemst2.sys 2012-01-12 14:09 . 2001-08-17 12:02 58112 ----a-w- c:\windows\system32\drivers\vdmindvd.sys 2012-01-12 14:09 . 2001-08-17 12:01 51712 ----a-w- c:\windows\system32\drivers\tosdvd.sys 2012-01-12 14:09 . 2001-08-17 11:57 12160 ----a-w- c:\windows\system32\drivers\fsvga.sys 2012-01-12 14:09 . 2001-08-17 11:52 18688 ----a-w- c:\windows\system32\drivers\cdaudio.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\riodrv.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\rio8drv.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\nikedrv.sys 2012-01-12 14:09 . 2001-08-17 11:24 11776 ----a-w- c:\windows\system32\drivers\cpqdap01.sys 2012-01-12 14:05 . 2012-01-12 14:05 990208 ----a-w- c:\windows\system32\syssetup.dll 2012-01-12 14:05 . 2012-01-12 14:05 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2012-01-12 14:05 . 2012-01-12 14:05 44536 ----a-w- c:\windows\system32\wups2.dll 2012-01-12 14:05 . 2012-01-12 14:05 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys 2012-01-12 14:05 . 2012-01-12 14:05 223232 ----a-w- c:\windows\system32\wksprt.exe 2012-01-12 14:05 . 2012-01-12 14:05 12800 ----a-w- c:\windows\system32\wksprtps.dll 2012-01-12 14:05 . 2008-04-14 11:00 14840 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-01-12 14:05 . 2008-04-14 11:00 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2012-01-12 14:05 . 2012-01-12 14:05 57344 ----a-w- c:\windows\system32\uexfat.dll 2012-01-12 14:05 . 2012-01-12 14:05 46080 ----a-w- c:\windows\system32\tswbprxy.exe 2012-01-12 14:05 . 2012-01-12 14:05 62848 ----a-w- c:\windows\system32\drivers\rspndr.sys 2012-01-12 14:05 . 2012-01-12 14:05 558984 ----a-w- c:\windows\system32\SecProc.dll 2012-01-12 14:05 . 2008-04-14 11:00 562064 ----a-w- c:\windows\system32\SecProc_isv.dll 2012-01-12 14:05 . 2008-04-14 11:00 192912 ----a-w- c:\windows\system32\SecProc_ssp_isv.dll 2012-01-12 14:05 . 2008-04-14 11:00 192904 ----a-w- c:\windows\system32\SecProc_ssp.dll 2012-01-12 14:05 . 2012-01-12 14:05 10752 ----a-w- c:\windows\system32\rspndr.exe 2012-01-12 14:05 . 2008-04-14 11:00 575880 ----a-w- c:\windows\system32\RmActivate_isv.exe 2012-01-12 14:05 . 2008-04-14 11:00 362888 ----a-w- c:\windows\system32\RmActivate_ssp.exe 2012-01-12 14:05 . 2008-04-14 11:00 361872 ----a-w- c:\windows\system32\RmActivate_ssp_isv.exe 2012-03-24 02:19 . 2012-03-12 12:37 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-01-12 . E17798E1E6FF1CA9C67B8576570E05EE . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-03-16 3478936] "SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2010-11-21 1113600] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-03-27 750456] "STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 1372160] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-12 141336] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-12 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-12 141336] "RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264] "LFService"="c:\program files\Lock Folder XP\LFService.exe" [2011-10-28 60248] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoSimpleStartMenu"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Update ESET's license.lnk] backup=c:\windows\pss\Update ESET's license.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Gangosan^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Google Update . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess] 2011-07-22 06:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 22:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "d:\\Programi\\4avdo Script\\mirc.exe"= "d:\\Programi\\Skype.exe"= . R2 Backup8 Scheduler;Backup8 Scheduler;c:\program files\Backup8\Backup8Sch.exe [2012-03-04 1248768] R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R2 elAPIsvc;elAPI - Service Server;c:\program files\DOS2USB\elSVC.exe [2010-03-23 45056] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-23 253600] R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480] R3 cpuz134;cpuz134;c:\docume~1\Gangosan\LOCALS~1\Temp\Rar$EX25.752\pcwiz_x32.sys [x] R3 cpuz135;cpuz135;c:\docume~1\Gangosan\LOCALS~1\Temp\Rar$EX93.352\pcwiz_x32.sys [x] R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2012-03-03 23456] R3 ExterminateIt;ExterminateIt;c:\windows\system32\drivers\extit.sys [2012-03-26 70760] R3 icsak;icsak;c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-03-02 24064] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 SIWIO;SIWIO;c:\windows\TEMP\SiwIo.sys [x] R3 TBIMount;TBIMount;c:\windows\System32\drivers\tbimount.sys [2010-12-02 87648] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 LFSys;LFSys;c:\windows\System32\Drivers\LFSys.sys [2011-10-28 75096] S0 mv61xxmm;mv61xxmm; [x] S0 mv64xxmm;mv64xxmm; [x] S0 mvxxmm;mvxxmm; [x] S0 phylock;phylock;c:\windows\system32\drivers\phylock.sys [2012-01-28 21344] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104] S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2011-08-04 103112] S1 IDMTDI;IDMTDI;c:\windows\system32\DRIVERS\idmtdi.sys [2012-02-08 104456] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000] S3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 618112] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640] . . Contents of the 'Scheduled Tasks' folder . 2012-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-23 01:02] . 2012-03-28 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2012-03-13 04:04] . 2012-03-28 c:\windows\Tasks\User_Feed_Synchronization-{A91B78CE-27CA-441B-B726-44F0B8DEA91D}.job - c:\windows\system32\msfeedssync.exe [2008-04-14 13:59] . 2012-03-28 c:\windows\Tasks\User_Feed_Synchronization-{CBF30B99-3F17-4E4E-B321-08DA89C32295}.job - c:\windows\system32\msfeedssync.exe [2008-04-14 13:59] . 2012-03-28 c:\windows\Tasks\Windows Codec Update Service.job - c:\program files\Essentials Codec Pack\WECPUpdate.exe [2011-07-14 08:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.windowsxlive.net IE: Свали всички линкове с IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Свали с IDM - c:\program files\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\95ucwukm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.windowsxlive.net . - - - - ORPHANS REMOVED - - - - . Toolbar-Locked - (no file) AddRemove-MiNODLogin - c:\program files\ESET\MiNODLogin\MiNODLoginUninst.exe . . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-28 20:55 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1078081533-117609710-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,c1,97,78,6c,29,57,48,ae,c9,d4,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,c1,97,78,6c,29,57,48,ae,c9,d4,\ . Completion time: 2012-03-28 20:56:13 ComboFix-quarantined-files.txt 2012-03-28 17:56 . Pre-Run: 22 201 176 064 bytes free Post-Run: 22 181 896 192 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional (bootscreen)" /noexecute=optin /fastdetect /KERNEL=kernel1.exe multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect . - - End Of File - - BAA6D65902FA3EBC021D541CD02C128B

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Копирайте текста в карето на notepad и го запазвате с име CFScript.txt на десктопа си:

KILLALL::

File::
c:\windows\system32\91207717.sys

След съхранението преместете CFScript.txt на иконата на ComboFix.exe

Публикувано изображение

Генерирания рапорт прикачете в следващия си пост..!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Пробвах го това но ми заби системата и CFScript.txt изчезна от десктопа сега ще пробвам пак А при втория ми опит се получи лог файла които искахте ето го заповядайте: ComboFix 12-03-29.02 - Administrator 03.2012 г. 21:34:55.2.2 - x86 Running from: c:\documents and settings\Administrator\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Administrator\Desktop\CFScript.txt * Created a new restore point . FILE :: "c:\windows\system32\91207717.sys" . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\program files\ESET\MiNODLogin c:\windows\system32\91207717.sys . . ((((((((((((((((((((((((( Files Created from 2012-02-28 to 2012-03-28 ))))))))))))))))))))))))))))))) . . 2012-03-27 23:33 . 2012-03-27 23:33 -------- d-----w- c:\documents and settings\Administrator\Application Data\Styler 2012-03-27 23:29 . 2012-03-28 01:10 -------- d-----w- c:\documents and settings\Administrator\Application Data\vlc 2012-03-27 23:26 . 2008-04-14 11:00 997376 ----a-w- c:\windows\system32\msgina.backup 2012-03-27 23:22 . 2008-04-14 11:00 218624 ----a-w- c:\windows\system32\uxtheme.backup 2012-03-27 23:22 . 2008-04-14 11:00 514560 ----a-w- c:\windows\system32\logonui.backup 2012-03-27 23:22 . 2012-03-27 23:27 -------- d-----w- c:\windows\Icon_Patcher 2012-03-27 22:39 . 2012-03-27 22:39 -------- d-----w- c:\documents and settings\Administrator\Application Data\TeamViewer 2012-03-27 22:37 . 2012-03-27 22:37 -------- d-----w- c:\documents and settings\Administrator\Application Data\FastStone 2012-03-27 22:21 . 2012-03-27 22:21 -------- d-----w- c:\documents and settings\Administrator\Application Data\Parallels 2012-03-27 22:17 . 2012-03-27 22:17 -------- d-----w- c:\documents and settings\Administrator\Application Data\Malwarebytes 2012-03-27 22:17 . 2012-03-27 22:58 -------- d-----w- c:\windows\system32\wbem\Logs 2012-03-27 22:13 . 2012-03-28 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\uTorrent 2012-03-27 22:09 . 2012-03-27 22:09 -------- d-----w- c:\program files\SeaMonkey 2012-03-27 22:06 . 2012-03-28 18:38 -------- d-----w- c:\documents and settings\Administrator\Application Data\DMCache 2012-03-27 22:06 . 2012-03-28 00:42 -------- d-----w- c:\documents and settings\Administrator\Application Data\IDM 2012-03-27 22:05 . 2012-03-27 22:09 -------- d-----w- c:\documents and settings\Administrator\Local Settings\Application Data\Mozilla 2012-03-27 22:00 . 2012-03-27 22:00 -------- d-sh--w- c:\documents and settings\Administrator\IECompatCache 2012-03-27 21:58 . 2008-04-14 11:00 221184 ----a-w- c:\windows\system32\wmpns.dll 2012-03-27 21:35 . 2012-03-27 21:36 -------- d-----w- c:\program files\ScanMyReg 2012-03-27 21:18 . 2012-03-27 21:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Parallels 2012-03-27 02:39 . 2012-03-27 02:39 -------- d-----w- c:\documents and settings\All Users\Application Data\Innovative Solutions 2012-03-27 02:39 . 2012-03-27 02:39 -------- d-----w- c:\program files\Innovative Solutions 2012-03-27 02:26 . 2002-06-13 10:02 32768 ----a-w- c:\windows\system32\svcmgr.ocx 2012-03-27 02:26 . 2012-03-27 02:27 -------- d-----w- c:\program files\RefreshPC 2012-03-26 06:42 . 2012-03-26 06:42 70760 ----a-w- c:\windows\system32\drivers\extit.sys 2012-03-26 00:27 . 2012-03-27 02:28 -------- d-----w- c:\program files\Exterminate It! 2012-03-25 01:20 . 2012-03-25 01:20 -------- d-----w- c:\program files\Ccleaner Business Edition x64 x86 Tom_Da_Man 2012-03-25 00:30 . 2012-03-25 00:30 -------- d--h--w- c:\windows\msdownld.tmp 2012-03-24 02:08 . 2012-03-24 02:08 -------- d-----w- c:\program files\Free Desktop Clock 2012-03-23 00:54 . 2012-03-23 01:02 417440 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-03-23 00:37 . 2008-11-19 16:41 16640 ----a-w- c:\windows\system32\drivers\WsAudioDevice_383.sys 2012-03-23 00:37 . 2012-03-23 00:37 -------- d-----w- c:\program files\Wondershare 2012-03-23 00:28 . 2012-03-23 00:28 -------- d-----w- C:\downloads 2012-03-18 21:57 . 2012-03-18 21:59 -------- d-----w- c:\program files\MediaInfo 2012-03-17 00:28 . 2012-03-17 00:28 -------- d-----w- c:\program files\Bloom 2012-03-16 21:20 . 2012-03-16 21:20 -------- d-----w- c:\program files\Ace Translator 2012-03-16 08:50 . 2012-03-16 08:50 -------- d-----w- c:\program files\Movie Subtitles Searcher 2012-03-13 04:04 . 2012-03-14 04:04 -------- d-----w- c:\windows\AutoKMS 2012-03-13 04:03 . 2012-03-28 18:38 151552 ----a-w- c:\windows\KMSEmulator.exe 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft Synchronization Services 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft Sync Framework 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\program files\Microsoft SQL Server Compact Edition 2012-03-13 03:48 . 2012-03-13 03:48 -------- d-----w- c:\documents and settings\All Users\Microsoft 2012-03-13 03:46 . 2012-03-13 03:46 -------- d-----w- c:\program files\Microsoft Visual Studio 8 2012-03-13 03:45 . 2012-03-13 03:45 -------- d-----w- c:\program files\Microsoft Analysis Services 2012-03-13 03:45 . 2012-03-15 03:40 -------- d-----w- c:\windows\SHELLNEW 2012-03-13 03:45 . 2012-03-19 00:13 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2012-03-13 03:45 . 2012-03-13 03:45 -------- d-----r- C:\MSOCache 2012-03-12 12:25 . 2012-03-12 12:25 -------- d-----w- c:\documents and settings\LocalService\Application Data\backup8 2012-03-12 12:25 . 2012-03-12 12:25 -------- d-----w- c:\program files\Backup8 2012-03-12 12:11 . 2012-03-12 12:11 -------- d-----w- c:\program files\WinTools Software 2012-03-12 12:06 . 2012-03-12 12:07 -------- d-----w- c:\program files\Easy Money 6x 2012-03-12 12:06 . 2000-05-22 03:00 647872 ----a-w- c:\windows\system32\mscomct2.ocx 2012-03-12 12:06 . 1998-06-24 06:00 244024 ----a-w- c:\windows\system32\msflxgrd.ocx 2012-03-11 13:53 . 2012-03-11 14:22 -------- d-----w- c:\program files\FreeFixer 2012-03-11 09:17 . 2012-03-11 09:17 -------- d-----w- c:\program files\Lock Folder XP 2012-03-11 09:17 . 2012-03-11 09:17 -------- d-----w- c:\program files\Common Files\Everstrike Software 2012-03-11 06:41 . 2012-03-27 12:32 -------- d-----w- c:\program files\CPUID 2012-03-10 14:23 . 2012-03-10 14:23 -------- d-----w- c:\program files\Windows Resource Kits 2012-03-10 13:48 . 2012-03-27 22:38 -------- d-----w- C:\Tijan Script v6.2 2012-03-10 09:41 . 2012-03-10 09:44 -------- d-----w- c:\program files\InspIRCd 2012-03-09 10:57 . 2005-01-12 19:19 456536 ----a-w- c:\windows\system32\XCEEDZIP.DLL 2012-03-09 10:57 . 2004-09-28 19:13 526184 ----a-w- c:\windows\system32\XceedCry.dll 2012-03-09 10:57 . 2004-08-11 23:55 110602 ----a-w- c:\windows\system32\xcdsfx32.bin 2012-03-09 10:57 . 2004-03-09 08:00 224016 ----a-w- c:\windows\system32\Tabctl32.ocx 2012-03-09 10:57 . 2004-03-09 08:00 132880 ----a-w- c:\windows\system32\Msinet.ocx 2012-03-09 10:57 . 2012-03-12 08:56 -------- d-----w- c:\program files\Driver Magician 2012-03-08 13:33 . 2003-03-19 20:14 499712 ----a-w- c:\windows\system32\msvcp71.dll 2012-03-08 13:33 . 2003-03-19 18:12 1047552 ----a-w- c:\windows\system32\mfc71u.dll 2012-03-08 13:33 . 2003-02-22 04:42 348160 ----a-w- c:\windows\system32\msvcr71.dll 2012-03-04 06:53 . 2012-03-28 18:37 -------- d-----w- c:\program files\ESET 2012-03-04 06:53 . 2012-03-04 06:53 -------- d-----w- c:\documents and settings\All Users\Application Data\ESET 2012-03-03 08:32 . 2012-03-03 08:32 -------- d-sh--w- c:\documents and settings\Administrator\PrivacIE 2012-03-03 07:58 . 2012-03-03 07:58 -------- d-----w- c:\program files\MSXML 6.0 2012-03-03 07:41 . 2012-03-03 07:41 5810 ----a-w- c:\windows\system32\drivers\ASACPI.sys 2012-03-03 07:41 . 2012-03-03 07:41 23456 ----a-w- c:\windows\system32\drivers\DrvAgent32.sys 2012-03-02 03:39 . 2012-03-02 03:39 -------- d-----w- C:\$WINDOWS.~BT 2012-03-02 03:26 . 2012-03-02 03:26 24064 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys 2012-03-02 03:06 . 2012-03-02 03:06 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes 2012-03-02 03:06 . 2012-03-02 03:06 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2012-03-02 03:06 . 2011-12-10 23:24 20464 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-03-01 13:35 . 2011-12-19 22:11 158512 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2012-03-01 13:35 . 2011-12-19 22:11 91440 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2012-03-01 13:34 . 2012-03-01 13:34 -------- d-----w- c:\program files\Oracle . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-27 23:25 . 2008-04-14 11:00 55296 ----a-w- c:\windows\system32\migpwd.exe 2012-03-23 01:02 . 2008-04-14 11:00 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-11 12:54 . 2012-01-12 14:03 6656 ----a-w- c:\windows\system32\lpcio.dll 2012-02-25 08:39 . 2012-02-25 08:39 10534 ----a-w- c:\documents and settings\All Users\snddrv.sys 2012-02-19 03:56 . 2012-02-19 03:56 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-02-19 03:56 . 2012-02-11 17:00 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-02-11 09:30 . 2012-02-11 09:30 2560 ----a-w- c:\windows\_MSRSTRT.EXE 2012-02-08 01:13 . 2011-08-29 14:47 104456 ----a-w- c:\windows\system32\drivers\idmtdi.sys 2012-02-03 09:26 . 2012-01-12 14:04 1869184 ----a-w- c:\windows\system32\win32k.sys 2012-01-28 22:02 . 2012-02-16 09:45 21344 ----a-w- c:\windows\system32\drivers\phylock.sys 2012-01-12 14:13 . 2012-01-12 14:13 3186 ----a-w- c:\windows\system32\presetup.cmd 2012-01-12 14:13 . 2012-01-12 14:13 28672 ----a-w- c:\windows\system32\setupold.exe 2012-01-12 14:11 . 2012-01-12 14:11 5632 ----a-w- c:\windows\system32\drivers\mv64xxmm.sys 2012-01-12 14:11 . 2012-01-12 14:11 13616 ----a-w- c:\windows\system32\drivers\mvxxmm.sys 2012-01-12 14:11 . 2012-01-12 14:11 13616 ----a-w- c:\windows\system32\drivers\mv61xxmm.sys 2012-01-12 14:10 . 2012-01-12 14:10 1614848 ----a-w- c:\windows\system32\sfcfiles.dll 2012-01-12 14:09 . 2011-10-25 12:52 2027008 ----a-w- c:\windows\system32\ntkrnlpa.exe 2012-01-12 14:09 . 2009-11-27 17:23 17920 ----a-w- c:\windows\system32\msyuv.dll 2012-01-12 14:09 . 2009-11-27 16:28 48128 ----a-w- c:\windows\system32\iyuv_32.dll 2012-01-12 14:09 . 2008-04-22 17:03 483328 ----a-w- c:\windows\system32\wzcsvc.dll 2012-01-12 14:09 . 2008-04-14 03:42 52736 ----a-w- c:\windows\system32\wzcsapi.dll 2012-01-12 14:09 . 2008-04-14 03:42 35328 ----a-w- c:\windows\system32\pid.dll 2012-01-12 14:09 . 2008-04-14 03:42 15360 ----a-w- c:\windows\system32\pjlmon.dll 2012-01-12 14:09 . 2008-04-14 03:41 20992 ----a-w- c:\windows\system32\hid.dll 2012-01-12 14:09 . 2008-04-14 03:41 52224 ----a-w- c:\windows\system32\dmutil.dll 2012-01-12 14:09 . 2008-04-14 03:41 47104 ----a-w- c:\windows\system32\cnbjmon.dll 2012-01-12 14:09 . 2008-04-13 22:30 30080 ----a-w- c:\windows\system32\drivers\modem.sys 2012-01-12 14:09 . 2008-04-13 22:26 12288 ----a-w- c:\windows\system32\drivers\tunmp.sys 2012-01-12 14:09 . 2008-04-13 22:26 14592 ----a-w- c:\windows\system32\drivers\ndisuio.sys 2012-01-12 14:09 . 2008-04-13 22:21 61824 ----a-w- c:\windows\system32\drivers\nic1394.sys 2012-01-12 14:09 . 2008-04-13 22:21 60800 ----a-w- c:\windows\system32\drivers\arp1394.sys 2012-01-12 14:09 . 2008-04-13 22:16 25344 ----a-w- c:\windows\system32\drivers\sonydcam.sys 2012-01-12 14:09 . 2008-04-13 22:15 15872 ----a-w- c:\windows\system32\drivers\usbintel.sys 2012-01-12 14:09 . 2008-04-13 22:15 25728 ----a-w- c:\windows\system32\drivers\usbcamd2.sys 2012-01-12 14:09 . 2008-04-13 22:15 25600 ----a-w- c:\windows\system32\drivers\usbcamd.sys 2012-01-12 14:09 . 2008-04-13 22:10 80128 ----a-w- c:\windows\system32\drivers\parport.sys 2012-01-12 14:09 . 2008-04-13 22:09 4352 ----a-w- c:\windows\system32\drivers\swenum.sys 2012-01-12 14:09 . 2008-04-13 22:09 23040 ----a-w- c:\windows\system32\drivers\mouclass.sys 2012-01-12 14:09 . 2008-04-13 22:06 15488 ----a-w- c:\windows\system32\drivers\mssmbios.sys 2012-01-12 14:09 . 2008-04-13 22:06 63744 ----a-w- c:\windows\system32\drivers\mf.sys 2012-01-12 14:09 . 2008-04-13 22:01 37760 ----a-w- c:\windows\system32\drivers\amdk7.sys 2012-01-12 14:09 . 2008-04-13 22:01 37376 ----a-w- c:\windows\system32\drivers\amdk6.sys 2012-01-12 14:09 . 2008-04-13 22:01 36736 ----a-w- c:\windows\system32\drivers\crusoe.sys 2012-01-12 14:09 . 2008-04-13 22:01 42752 ----a-w- c:\windows\system32\drivers\p3.sys 2012-01-12 14:09 . 2008-04-13 22:01 35840 ----a-w- c:\windows\system32\drivers\processr.sys 2012-01-12 14:09 . 2009-11-27 16:28 8704 ----a-w- c:\windows\system32\tsbyuv.dll 2012-01-12 14:09 . 2001-08-17 20:37 77891 ----a-w- c:\windows\system32\usrmlnka.exe 2012-01-12 14:09 . 2001-08-17 20:37 69700 ----a-w- c:\windows\system32\usrshuta.exe 2012-01-12 14:09 . 2001-08-17 20:37 61508 ----a-w- c:\windows\system32\usrprbda.exe 2012-01-12 14:09 . 2001-08-17 20:36 55296 ----a-w- c:\windows\system32\dvdplay.exe 2012-01-12 14:09 . 2001-08-17 20:36 3200 ----a-w- c:\windows\system32\wowfax.dll 2012-01-12 14:09 . 2001-08-17 20:36 13824 ----a-w- c:\windows\system32\wowfaxui.dll 2012-01-12 14:09 . 2001-08-17 20:36 86073 ----a-w- c:\windows\system32\usrfaxa.dll 2012-01-12 14:09 . 2001-08-17 20:36 77890 ----a-w- c:\windows\system32\usrdpa.dll 2012-01-12 14:09 . 2001-08-17 20:36 77883 ----a-w- c:\windows\system32\usrrtosa.dll 2012-01-12 14:09 . 2001-08-17 20:36 69699 ----a-w- c:\windows\system32\usrcoina.dll 2012-01-12 14:09 . 2001-08-17 20:36 61500 ----a-w- c:\windows\system32\usrcntra.dll 2012-01-12 14:09 . 2001-08-17 20:36 53305 ----a-w- c:\windows\system32\usrlbva.dll 2012-01-12 14:09 . 2001-08-17 20:36 49211 ----a-w- c:\windows\system32\usrvpa.dll 2012-01-12 14:09 . 2001-08-17 20:36 49211 ----a-w- c:\windows\system32\usrsdpia.dll 2012-01-12 14:09 . 2001-08-17 20:36 49209 ----a-w- c:\windows\system32\usrv80a.dll 2012-01-12 14:09 . 2001-08-17 20:36 45116 ----a-w- c:\windows\system32\usrvoica.dll 2012-01-12 14:09 . 2001-08-17 20:36 41019 ----a-w- c:\windows\system32\usrsvpia.dll 2012-01-12 14:09 . 2001-08-17 20:36 323641 ----a-w- c:\windows\system32\usrdtea.dll 2012-01-12 14:09 . 2001-08-17 20:36 102457 ----a-w- c:\windows\system32\usrv42a.dll 2012-01-12 14:09 . 2001-08-17 20:36 8192 ----a-w- c:\windows\system32\streamci.dll 2012-01-12 14:09 . 2001-08-17 20:36 72192 ----a-w- c:\windows\system32\sprio800.dll 2012-01-12 14:09 . 2001-08-17 20:36 70656 ----a-w- c:\windows\system32\sprio600.dll 2012-01-12 14:09 . 2001-08-17 20:36 69632 ----a-w- c:\windows\system32\spnike.dll 2012-01-12 14:09 . 2001-08-17 20:36 157696 ----a-w- c:\windows\system32\paqsp.dll 2012-01-12 14:09 . 2001-08-17 20:36 147968 ----a-w- c:\windows\system32\mdwmdmsp.dll 2012-01-12 14:09 . 2001-08-17 12:06 21376 ----a-w- c:\windows\system32\drivers\tsbvcap.sys 2012-01-12 14:09 . 2001-08-17 12:02 262528 ----a-w- c:\windows\system32\drivers\cinemst2.sys 2012-01-12 14:09 . 2001-08-17 12:02 58112 ----a-w- c:\windows\system32\drivers\vdmindvd.sys 2012-01-12 14:09 . 2001-08-17 12:01 51712 ----a-w- c:\windows\system32\drivers\tosdvd.sys 2012-01-12 14:09 . 2001-08-17 11:57 12160 ----a-w- c:\windows\system32\drivers\fsvga.sys 2012-01-12 14:09 . 2001-08-17 11:52 18688 ----a-w- c:\windows\system32\drivers\cdaudio.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\riodrv.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\rio8drv.sys 2012-01-12 14:09 . 2001-08-17 11:24 12032 ----a-w- c:\windows\system32\drivers\nikedrv.sys 2012-01-12 14:09 . 2001-08-17 11:24 11776 ----a-w- c:\windows\system32\drivers\cpqdap01.sys 2012-01-12 14:05 . 2012-01-12 14:05 990208 ----a-w- c:\windows\system32\syssetup.dll 2012-01-12 14:05 . 2012-01-12 14:05 5120 ----a-w- c:\windows\system32\xpsp4res.dll 2012-01-12 14:05 . 2012-01-12 14:05 44536 ----a-w- c:\windows\system32\wups2.dll 2012-01-12 14:05 . 2012-01-12 14:05 29184 ----a-w- c:\windows\system32\drivers\usbccid.sys 2012-01-12 14:05 . 2012-01-12 14:05 223232 ----a-w- c:\windows\system32\wksprt.exe 2012-01-12 14:05 . 2012-01-12 14:05 12800 ----a-w- c:\windows\system32\wksprtps.dll 2012-01-12 14:05 . 2008-04-14 11:00 14840 ----a-w- c:\windows\system32\wuapi.dll.mui 2012-01-12 14:05 . 2008-04-14 11:00 611328 ----a-w- c:\windows\system32\uiautomationcore.dll 2012-01-12 14:05 . 2012-01-12 14:05 57344 ----a-w- c:\windows\system32\uexfat.dll 2012-01-12 14:05 . 2012-01-12 14:05 46080 ----a-w- c:\windows\system32\tswbprxy.exe 2012-01-12 14:05 . 2012-01-12 14:05 62848 ----a-w- c:\windows\system32\drivers\rspndr.sys 2012-01-12 14:05 . 2012-01-12 14:05 558984 ----a-w- c:\windows\system32\SecProc.dll 2012-01-12 14:05 . 2008-04-14 11:00 562064 ----a-w- c:\windows\system32\SecProc_isv.dll 2012-01-12 14:05 . 2008-04-14 11:00 192912 ----a-w- c:\windows\system32\SecProc_ssp_isv.dll 2012-01-12 14:05 . 2008-04-14 11:00 192904 ----a-w- c:\windows\system32\SecProc_ssp.dll 2012-01-12 14:05 . 2012-01-12 14:05 10752 ----a-w- c:\windows\system32\rspndr.exe 2012-01-12 14:05 . 2008-04-14 11:00 575880 ----a-w- c:\windows\system32\RmActivate_isv.exe 2012-01-12 14:05 . 2008-04-14 11:00 362888 ----a-w- c:\windows\system32\RmActivate_ssp.exe 2012-01-12 14:05 . 2008-04-14 11:00 361872 ----a-w- c:\windows\system32\RmActivate_ssp_isv.exe 2012-03-24 02:19 . 2012-03-12 12:37 97208 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll . . ------- Sigcheck ------- Note: Unsigned files aren't necessarily malware. . [-] 2012-01-12 . E17798E1E6FF1CA9C67B8576570E05EE . 1614848 . . [5.1.2600.5512] . . c:\windows\system32\sfcfiles.dll . ((((((((((((((((((((((((((((( SnapShot@2012-03-28_17.55.22 ))))))))))))))))))))))))))))))))))))))))) . + 2012-03-28 18:38 . 2012-03-28 18:38 16384 c:\windows\temp\Perflib_Perfdata_7dc.dat + 2008-04-14 11:00 . 2012-03-28 18:26 85314 c:\windows\system32\perfc009.dat - 2008-04-14 11:00 . 2012-03-28 17:50 85314 c:\windows\system32\perfc009.dat + 2008-04-14 11:00 . 2012-03-28 18:26 496830 c:\windows\system32\perfh009.dat - 2008-04-14 11:00 . 2012-03-28 17:50 496830 c:\windows\system32\perfh009.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\IDM Shell Extension] @="{CDC95B92-E27C-4745-A8C5-64A52A78855D}" [HKEY_CLASSES_ROOT\CLSID\{CDC95B92-E27C-4745-A8C5-64A52A78855D}] 2012-02-08 00:49 22376 ----a-w- c:\program files\Internet Download Manager\IDMShellExt.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2012-03-16 3478936] "SkinClock"="c:\program files\Free Desktop Clock\DesktopClock.exe" [2010-11-21 1113600] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2012-03-27 750456] "STYLEXP"="c:\program files\TGTSoft\StyleXP\StyleXP.exe" [2006-05-24 1372160] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IgfxTray"="c:\windows\system32\igfxtray.exe" [2008-11-12 141336] "HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2008-11-12 173592] "Persistence"="c:\windows\system32\igfxpers.exe" [2008-11-12 141336] "RTHDCPL"="RTHDCPL.EXE" [2011-12-05 20065384] "UnlockerAssistant"="c:\program files\Unlocker\UnlockerAssistant.exe" [2010-07-04 17408] "PAC207_Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584] "Monitor"="c:\windows\PixArt\PAC207\Monitor.exe" [2007-12-10 323584] "egui"="c:\program files\ESET\ESET NOD32 Antivirus\egui.exe" [2011-09-22 3080264] "LFService"="c:\program files\Lock Folder XP\LFService.exe" [2011-10-28 60248] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2012-01-13 460872] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360] . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoSMMyPictures"= 0 (0x0) "NoStartMenuMyMusic"= 0 (0x0) "NoCommonGroups"= 0 (0x0) "NoSimpleStartMenu"= 0 (0x0) . [HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders] SecurityProviders msapsspc.dll, schannel.dll, credssp.dll, digest.dll, msnsspc.dll . [HKLM\~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Update ESET's license.lnk] backup=c:\windows\pss\Update ESET's license.lnkCommon Startup . [HKLM\~\startupfolder\C:^Documents and Settings^Gangosan^Start Menu^Programs^Startup^OneNote 2010 Screen Clipper and Launcher.lnk] backup=c:\windows\pss\OneNote 2010 Screen Clipper and Launcher.lnkStartup . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\OfficeSyncProcess] 2011-07-22 06:07 718720 ----a-w- c:\program files\Microsoft Office\Office14\MSOSYNC.EXE . [HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SunJavaUpdateSched] 2012-01-18 22:02 254696 ----a-w- c:\program files\Common Files\Java\Java Update\jusched.exe . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\VideoLAN\\VLC\\vlc.exe"= "c:\\Program Files\\Counter-Strike 1.6\\hl.exe"= "d:\\Programi\\4avdo Script\\mirc.exe"= "d:\\Programi\\Skype.exe"= . R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384] R3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-23 253600] R3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2009-11-18 1691480] R3 cpuz134;cpuz134;c:\docume~1\Gangosan\LOCALS~1\Temp\Rar$EX25.752\pcwiz_x32.sys [x] R3 cpuz135;cpuz135;c:\docume~1\Gangosan\LOCALS~1\Temp\Rar$EX93.352\pcwiz_x32.sys [x] R3 DrvAgent32;DrvAgent32;c:\windows\system32\Drivers\DrvAgent32.sys [2012-03-03 23456] R3 ExterminateIt;ExterminateIt;c:\windows\system32\drivers\extit.sys [2012-03-26 70760] R3 icsak;icsak;c:\program files\CheckPoint\ZAForceField\AK\icsak.sys [x] R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys [2012-03-02 24064] R3 Microsoft SharePoint Workspace Audit Service;Microsoft SharePoint Workspace Audit Service;c:\program files\Microsoft Office\Office14\GROOVE.EXE [2011-06-12 31125880] R3 SIWIO;SIWIO;c:\windows\TEMP\SiwIo.sys [x] R3 TBIMount;TBIMount;c:\windows\System32\drivers\tbimount.sys [2010-12-02 87648] R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504] S0 LFSys;LFSys;c:\windows\System32\Drivers\LFSys.sys [2011-10-28 75096] S0 mv61xxmm;mv61xxmm; [x] S0 mv64xxmm;mv64xxmm; [x] S0 mvxxmm;mvxxmm; [x] S0 phylock;phylock;c:\windows\system32\drivers\phylock.sys [2012-01-28 21344] S1 ehdrv;ehdrv;c:\windows\system32\DRIVERS\ehdrv.sys [2011-08-04 118104] S1 epfwtdir;epfwtdir;c:\windows\system32\DRIVERS\epfwtdir.sys [2011-08-04 103112] S1 IDMTDI;IDMTDI;c:\windows\system32\DRIVERS\idmtdi.sys [2012-02-08 104456] S1 VBoxDrv;VirtualBox Service;c:\windows\system32\DRIVERS\VBoxDrv.sys [2011-12-19 158512] S1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\DRIVERS\VBoxUSBMon.sys [2011-12-19 91440] S2 Backup8 Scheduler;Backup8 Scheduler;c:\program files\Backup8\Backup8Sch.exe [2012-03-04 1248768] S2 ekrn;ESET Service;c:\program files\ESET\ESET NOD32 Antivirus\ekrn.exe [2011-09-22 974944] S2 elAPIsvc;elAPI - Service Server;c:\program files\DOS2USB\elSVC.exe [2010-03-23 45056] S2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2012-01-13 652360] S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2011-12-10 20464] S3 osppsvc;Office Software Protection Platform;c:\program files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-10 4640000] S3 PAC207;Trust 100K Series Webcam;c:\windows\system32\DRIVERS\PFC027.SYS [2008-02-13 618112] S3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\DRIVERS\VBoxNetAdp.sys [2011-12-19 104752] S3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\DRIVERS\VBoxNetFlt.sys [2011-12-19 116016] S3 WsAudioDevice_383;WsAudioDevice_383;c:\windows\system32\drivers\WsAudioDevice_383.sys [2008-11-19 16640] . . Contents of the 'Scheduled Tasks' folder . 2012-03-28 c:\windows\Tasks\Adobe Flash Player Updater.job - c:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2012-03-23 01:02] . 2012-03-28 c:\windows\Tasks\AutoKMS.job - c:\windows\AutoKMS\AutoKMS.exe [2012-03-13 04:04] . 2012-03-28 c:\windows\Tasks\User_Feed_Synchronization-{A91B78CE-27CA-441B-B726-44F0B8DEA91D}.job - c:\windows\system32\msfeedssync.exe [2008-04-14 13:59] . 2012-03-28 c:\windows\Tasks\User_Feed_Synchronization-{CBF30B99-3F17-4E4E-B321-08DA89C32295}.job - c:\windows\system32\msfeedssync.exe [2008-04-14 13:59] . 2012-03-28 c:\windows\Tasks\Windows Codec Update Service.job - c:\program files\Essentials Codec Pack\WECPUpdate.exe [2011-07-14 08:31] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.windowsxlive.net IE: Свали всички линкове с IDM - c:\program files\Internet Download Manager\IEGetAll.htm IE: Свали с IDM - c:\program files\Internet Download Manager\IEExt.htm TCP: DhcpNameServer = 192.168.1.1 FF - ProfilePath - c:\documents and settings\Administrator\Application Data\Mozilla\Firefox\Profiles\95ucwukm.default\ FF - prefs.js: browser.startup.homepage - hxxp://www.windowsxlive.net . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-03-28 21:38 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_USERS\S-1-5-21-1078081533-117609710-1801674531-500\Software\Microsoft\Internet Explorer\User Preferences] @Denied: (2) (Administrator) "88D7D0879DAB32E14DE5B3A805A34F98AFF34F5977"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,c1,97,78,6c,29,57,48,ae,c9,d4,\ "2D53CFFC5C1A3DD2E97B7979AC2A92BD59BC839E81"=hex:01,00,00,00,d0,8c,9d,df,01,15, d1,11,8c,7a,00,c0,4f,c2,97,eb,01,00,00,00,d6,c1,97,78,6c,29,57,48,ae,c9,d4,\ . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'explorer.exe'(5532) c:\windows\system32\WININET.dll c:\progra~1\COMMON~1\MICROS~1\OFFICE14\Cultures\office.odf c:\progra~1\MICROS~3\Office14\1033\GrooveIntlResource.dll c:\program files\Internet Download Manager\IDMShellExt.dll c:\program files\Internet Download Manager\IDMNetMon.DLL c:\windows\system32\msi.dll c:\windows\system32\ieframe.dll c:\program files\Free Desktop Clock\Clock.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\program files\TGTSoft\StyleXP\StyleXPService.exe c:\program files\Java\jre6\bin\jqs.exe c:\windows\RTHDCPL.EXE . ************************************************************************** . Completion time: 2012-03-28 21:40:23 - machine was rebooted ComboFix-quarantined-files.txt 2012-03-28 18:40 ComboFix2.txt 2012-03-28 17:56 . Pre-Run: 22 344 409 088 bytes free Post-Run: 22 335 008 768 bytes free . - - End Of File - - D72AB5ECD018BC195451C8A128785316


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Все още не мога да стартирам някои ексе файлове Пробвах и с инструмента на Микрософт за ъпдейта същата работа мисля че сериозно са ме наранили

Публикувано изображение

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Да направим така:

Моля от Start => run => CMD.exe => в конзолата изпълнете командата sfc /scannow и натиснете Enter

Изчакайте проверката да завърши и рестартирайте.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Поставих диска зареди до някъде пак ми поиска диск искарах диска с уиндоус екс пи професионалист сп3 вкарах го пак но ми исписа това ето снимката сега ще рестартирам както казахте.

Публикувано изображение

Така сканирането завърши рестартирах сега какво следва

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

А с проблема ви какво се случва...?

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

За голямо мое съжаление го има все още

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Аз обаче да ви кажа че този проблем не се дължи на зловреден софтуер....!

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Добре благодаря за помоща

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Моля, изтеглете aswMBR и го запазете на вашия десктоп.

 • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
 • Изчакайте да изтегли дефинициите на avast!
 • От падащото меню посочете дял C:\ както е на снимката:
Публикувано изображение
 • Изберете Scan бутона, за да започне проверката.
 • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.
Публикувано изображение Моля,изтрийте изтрийте вашата версия на TDSSKiller , изтеглете последната версия на TDSSKiller - оттук и я запазете на вашия декстоп.
 • Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.

  Публикувано изображение

 • Сложете отметки пред Verify Driver Digital Signature и Detect TDLFS file system и натиснете ОК.

  Публикувано изображение

 • Натиснете бутона Start Scan.

  Публикувано изображение

 • Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.

  Публикувано изображение

 • Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.

  Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.

  Публикувано изображение

  Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.

 • Лог файл ще бъде създаден в свободната директория на дял C:\ . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето лога от aswMBR aswMBR version 0.9.9.1665 Copyright© 2011 AVAST Software Run date: 2012-03-29 17:10:35 ----------------------------- 17:10:35.625 OS Version: Windows 5.1.2600 Service Pack 3 17:10:35.625 Number of processors: 2 586 0x170A 17:10:35.625 ComputerName: GANGOSAN-12E3A8 UserName: Administrator 17:10:35.921 Initialize success 17:13:33.203 AVAST engine defs: 12033000 17:14:25.031 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3 17:14:25.031 Disk 0 Vendor: HDT722516DLAT80 V43OA70A Size: 157065MB BusType: 3 17:14:25.031 Disk 0 MBR read successfully 17:14:25.031 Disk 0 MBR scan 17:14:25.062 Disk 0 Windows XP default MBR code 17:14:25.062 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 35000 MB offset 63 17:14:25.062 Disk 0 Partition - 00 0F Extended LBA 122056 MB offset 71682030 17:14:25.078 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 49999 MB offset 71682093 17:14:25.078 Disk 0 Partition - 00 05 Extended 72057 MB offset 174080340 17:14:25.093 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 72057 MB offset 174080403 17:14:25.093 Disk 0 scanning sectors +321653430 17:14:25.156 Disk 0 scanning C:\WINDOWS\system32\drivers 17:14:30.125 Service scanning 17:14:45.625 Modules scanning 17:14:51.343 Disk 0 trace - called modules: 17:14:51.359 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys hal.dll atapi.sys pciide.sys PCIIDEX.SYS 17:14:51.359 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x8a187ab8] 17:14:51.359 3 CLASSPNP.SYS[f7637fd7] -> nt!IofCallDriver -> \Device\00000079[0x8a1f9f18] 17:14:51.359 5 ACPI.sys[f75ae620] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP0T0L0-3[0x8a1f7940] 17:14:51.796 AVAST engine scan C:\ 18:07:48.750 Scan finished successfully 18:08:05.468 Disk 0 MBR has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\MBR.dat" 18:08:05.468 The log file has been saved successfully to "C:\Documents and Settings\Administrator\Desktop\aswMBR.txt" А ето и лог от tdsskiller 18:15:48.0000 1668 TDSS rootkit removing tool 2.7.23.0 Mar 26 2012 13:40:18 18:15:48.0218 1668 ============================================================ 18:15:48.0218 1668 Current date / time: 2012/03/29 18:15:48.0218 18:15:48.0218 1668 SystemInfo: 18:15:48.0218 1668 18:15:48.0218 1668 OS Version: 5.1.2600 ServicePack: 3.0 18:15:48.0218 1668 Product type: Workstation 18:15:48.0218 1668 ComputerName: GANGOSAN-12E3A8 18:15:48.0218 1668 UserName: Administrator 18:15:48.0218 1668 Windows directory: C:\WINDOWS 18:15:48.0218 1668 System windows directory: C:\WINDOWS 18:15:48.0218 1668 Processor architecture: Intel x86 18:15:48.0218 1668 Number of processors: 2 18:15:48.0218 1668 Page size: 0x1000 18:15:48.0218 1668 Boot type: Normal boot 18:15:48.0218 1668 ============================================================ 18:15:49.0765 1668 Drive \Device\Harddisk0\DR0 - Size: 0x26589D7E00 (153.38 Gb), SectorSize: 0x200, Cylinders: 0x4E37, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000054 18:15:49.0765 1668 \Device\Harddisk0\DR0: 18:15:49.0765 1668 MBR used 18:15:49.0765 1668 \Device\Harddisk0\DR0\Partition0: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x445C7AF 18:15:49.0781 1668 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x445C82D, BlocksNum 0x61A7927 18:15:49.0796 1668 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0xA604193, BlocksNum 0x8CBC923 18:15:49.0906 1668 Initialize success 18:15:49.0906 1668 ============================================================ 18:16:15.0734 2252 ============================================================ 18:16:15.0734 2252 Scan started 18:16:15.0734 2252 Mode: Manual; SigCheck; TDLFS; 18:16:15.0734 2252 ============================================================ 18:16:16.0671 2252 Abiosdsk - ok 18:16:16.0687 2252 abp480n5 - ok 18:16:16.0718 2252 ACPI (8fd99680a539792a30e97944fdaecf17) C:\WINDOWS\system32\DRIVERS\ACPI.sys 18:16:16.0968 2252 ACPI - ok 18:16:17.0062 2252 ACPIEC (9859c0f6936e723e4892d7141b1327d5) C:\WINDOWS\system32\drivers\ACPIEC.sys 18:16:17.0140 2252 ACPIEC - ok 18:16:17.0187 2252 AdobeFlashPlayerUpdateSvc (300b79deceef4f385523765acc4f351a) C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe 18:16:17.0218 2252 AdobeFlashPlayerUpdateSvc - ok 18:16:17.0250 2252 adpu160m - ok 18:16:17.0296 2252 aec (8bed39e3c35d6a489438b8141717a557) C:\WINDOWS\system32\drivers\aec.sys 18:16:17.0375 2252 aec - ok 18:16:17.0421 2252 AFD (f6b7b1ecd7b41736bdb6ff4b092bcb79) C:\WINDOWS\System32\drivers\afd.sys 18:16:17.0437 2252 AFD - ok 18:16:17.0484 2252 Aha154x - ok 18:16:17.0500 2252 aic78u2 - ok 18:16:17.0515 2252 aic78xx - ok 18:16:17.0531 2252 Alerter (a9a3daa780ca6c9671a19d52456705b4) C:\WINDOWS\system32\alrsvc.dll 18:16:17.0625 2252 Alerter - ok 18:16:17.0687 2252 ALG (8c515081584a38aa007909cd02020b3d) C:\WINDOWS\System32\alg.exe 18:16:17.0718 2252 ALG - ok 18:16:17.0765 2252 AliIde - ok 18:16:17.0875 2252 Ambfilt (267fc636801edc5ab28e14036349e3be) C:\WINDOWS\system32\drivers\Ambfilt.sys 18:16:18.0484 2252 Ambfilt - ok 18:16:18.0531 2252 amsint - ok 18:16:18.0562 2252 AppMgmt (d8849f77c0b66226335a59d26cb4edc6) C:\WINDOWS\System32\appmgmts.dll 18:16:18.0609 2252 AppMgmt - ok 18:16:18.0656 2252 asc - ok 18:16:18.0671 2252 asc3350p - ok 18:16:18.0687 2252 asc3550 - ok 18:16:18.0750 2252 aspnet_state (776acefa0ca9df0faa51a5fb2f435705) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe 18:16:18.0750 2252 aspnet_state - ok 18:16:18.0859 2252 AsyncMac (b153affac761e7f5fcfa822b9c4e97bc) C:\WINDOWS\system32\DRIVERS\asyncmac.sys 18:16:18.0937 2252 AsyncMac - ok 18:16:18.0968 2252 atapi (9f3a2f5aa6875c72bf062c712cfa2674) C:\WINDOWS\system32\DRIVERS\atapi.sys 18:16:19.0078 2252 atapi - ok 18:16:19.0125 2252 Atdisk - ok 18:16:19.0156 2252 Atmarpc (9916c1225104ba14794209cfa8012159) C:\WINDOWS\system32\DRIVERS\atmarpc.sys 18:16:19.0234 2252 Atmarpc - ok 18:16:19.0515 2252 AudioSrv (def7a7882bec100fe0b2ce2549188f9d) C:\WINDOWS\System32\audiosrv.dll 18:16:19.0671 2252 AudioSrv - ok 18:16:19.0687 2252 audstub (d9f724aa26c010a217c97606b160ed68) C:\WINDOWS\system32\DRIVERS\audstub.sys 18:16:19.0781 2252 audstub - ok 18:16:19.0890 2252 Backup8 Scheduler (0061ce82442aae2553df4a91c08dc40e) C:\Program Files\Backup8\Backup8Sch.exe 18:16:19.0937 2252 Backup8 Scheduler ( UnsignedFile.Multi.Generic ) - warning 18:16:19.0937 2252 Backup8 Scheduler - detected UnsignedFile.Multi.Generic (1) 18:16:20.0031 2252 Beep (da1f27d85e0d1525f6621372e7b685e9) C:\WINDOWS\system32\drivers\Beep.sys 18:16:20.0109 2252 Beep - ok 18:16:20.0140 2252 BITS (574738f61fca2935f5265dc4e5691314) C:\WINDOWS\system32\qmgr.dll 18:16:20.0250 2252 BITS - ok 18:16:20.0265 2252 Browser (a06ce3399d16db864f55faeb1f1927a9) C:\WINDOWS\System32\browser.dll 18:16:20.0359 2252 Browser - ok 18:16:20.0359 2252 catchme - ok 18:16:20.0437 2252 cbidf2k (90a673fc8e12a79afbed2576f6a7aaf9) C:\WINDOWS\system32\drivers\cbidf2k.sys 18:16:20.0515 2252 cbidf2k - ok 18:16:20.0546 2252 CCDECODE (0be5aef125be881c4f854c554f2b025c) C:\WINDOWS\system32\DRIVERS\CCDECODE.sys 18:16:20.0656 2252 CCDECODE - ok 18:16:20.0656 2252 cd20xrnt - ok 18:16:20.0687 2252 Cdaudio (c1b486a7658353d33a10cc15211a873b) C:\WINDOWS\system32\drivers\Cdaudio.sys 18:16:20.0765 2252 Cdaudio - ok 18:16:20.0781 2252 Cdfs (c885b02847f5d2fd45a24e219ed93b32) C:\WINDOWS\system32\drivers\Cdfs.sys 18:16:20.0890 2252 Cdfs - ok 18:16:20.0953 2252 Cdrom (4b0a100eaf5c49ef3cca8c641431eacc) C:\WINDOWS\system32\DRIVERS\cdrom.sys 18:16:20.0968 2252 Cdrom - ok 18:16:20.0968 2252 Changer - ok 18:16:20.0984 2252 CiSvc (1cfe720eb8d93a7158a4ebc3ab178bde) C:\WINDOWS\system32\cisvc.exe 18:16:21.0093 2252 CiSvc - ok 18:16:21.0109 2252 ClipSrv (34cbe729f38138217f9c80212a2a0c82) C:\WINDOWS\system32\clipsrv.exe 18:16:21.0187 2252 ClipSrv - ok 18:16:21.0234 2252 clr_optimization_v2.0.50727_32 (d87acaed61e417bba546ced5e7e36d9c) C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe 18:16:21.0234 2252 clr_optimization_v2.0.50727_32 - ok 18:16:21.0296 2252 clr_optimization_v4.0.30319_32 (c5a75eb48e2344abdc162bda79e16841) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe 18:16:21.0296 2252 clr_optimization_v4.0.30319_32 - ok 18:16:21.0343 2252 CmdIde - ok 18:16:21.0343 2252 COMSysApp - ok 18:16:21.0390 2252 Cpqarray - ok 18:16:21.0515 2252 cpuz134 - ok 18:16:21.0515 2252 cpuz135 - ok 18:16:21.0578 2252 CryptSvc (3d4e199942e29207970e04315d02ad3b) C:\WINDOWS\System32\cryptsvc.dll 18:16:21.0656 2252 CryptSvc - ok 18:16:21.0687 2252 dac2w2k - ok 18:16:21.0703 2252 dac960nt - ok 18:16:21.0734 2252 DcomLaunch (9222562d44021b988b9f9f62207fb6f2) C:\WINDOWS\system32\rpcss.dll 18:16:21.0750 2252 DcomLaunch - ok 18:16:21.0765 2252 Dhcp (c51de19619d50cbd03708647aca10e70) C:\WINDOWS\System32\dhcpcsvc.dll 18:16:21.0781 2252 Dhcp - ok 18:16:21.0921 2252 Disk (47b6aaec570f2c11d8bad80a064d8ed1) C:\WINDOWS\system32\DRIVERS\disk.sys 18:16:21.0937 2252 Disk - ok 18:16:21.0937 2252 dmadmin - ok 18:16:21.0984 2252 dmboot (d992fe1274bde0f84ad826acae022a41) C:\WINDOWS\system32\drivers\dmboot.sys 18:16:22.0109 2252 dmboot - ok 18:16:22.0187 2252 dmio (7c824cf7bbde77d95c08005717a95f6f) C:\WINDOWS\system32\drivers\dmio.sys 18:16:22.0281 2252 dmio - ok 18:16:22.0296 2252 dmload (e9317282a63ca4d188c0df5e09c6ac5f) C:\WINDOWS\system32\drivers\dmload.sys 18:16:22.0390 2252 dmload - ok 18:16:22.0421 2252 dmserver (57edec2e5f59f0335e92f35184bc8631) C:\WINDOWS\System32\dmserver.dll 18:16:22.0531 2252 dmserver - ok 18:16:22.0609 2252 DMusic (8a208dfcf89792a484e76c40e5f50b45) C:\WINDOWS\system32\drivers\DMusic.sys 18:16:22.0703 2252 DMusic - ok 18:16:22.0734 2252 Dnscache (d977659ae4d8ece5286d99d1ed34614d) C:\WINDOWS\System32\dnsrslvr.dll 18:16:22.0750 2252 Dnscache - ok 18:16:22.0765 2252 Dot3svc (b4109c8c3d54c83246997a777724f318) C:\WINDOWS\System32\dot3svc.dll 18:16:22.0781 2252 Dot3svc - ok 18:16:22.0875 2252 dpti2o - ok 18:16:22.0890 2252 drmkaud (8f5fcff8e8848afac920905fbd9d33c8) C:\WINDOWS\system32\drivers\drmkaud.sys 18:16:22.0968 2252 drmkaud - ok 18:16:23.0000 2252 DrvAgent32 (651554e483712b708ede864d0ca1aa73) C:\WINDOWS\system32\Drivers\DrvAgent32.sys 18:16:23.0015 2252 DrvAgent32 ( UnsignedFile.Multi.Generic ) - warning 18:16:23.0015 2252 DrvAgent32 - detected UnsignedFile.Multi.Generic (1) 18:16:23.0093 2252 eamon (9309c5c9831203436e64cf2ae605c5d7) C:\WINDOWS\system32\DRIVERS\eamon.sys 18:16:23.0109 2252 eamon - ok 18:16:23.0156 2252 EapHost (2187855a7703adef0cef9ee4285182cc) C:\WINDOWS\System32\eapsvc.dll 18:16:23.0250 2252 EapHost - ok 18:16:23.0265 2252 ehdrv (deff87f04ab5f6dd5edf2b80853bbe10) C:\WINDOWS\system32\DRIVERS\ehdrv.sys 18:16:23.0281 2252 ehdrv - ok 18:16:23.0328 2252 ekrn (c7bb95cf9631aa401e4aded1648f6af7) C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe 18:16:23.0359 2252 ekrn - ok 18:16:23.0390 2252 elAPIsvc (7d3cd999c0a7d25be48bb4c354181815) C:\Program Files\DOS2USB\elSVC.exe 18:16:23.0406 2252 elAPIsvc ( UnsignedFile.Multi.Generic ) - warning 18:16:23.0406 2252 elAPIsvc - detected UnsignedFile.Multi.Generic (1) 18:16:23.0484 2252 epfwtdir (06c65ac0a703cf8eea4f284d901a1550) C:\WINDOWS\system32\DRIVERS\epfwtdir.sys 18:16:23.0484 2252 epfwtdir - ok 18:16:23.0531 2252 ERSvc (bc93b4a066477954555966d77fec9ecb) C:\WINDOWS\System32\ersvc.dll 18:16:23.0609 2252 ERSvc - ok 18:16:23.0687 2252 Eventlog (c519e15665cd89a91ad383fce3cb556a) C:\WINDOWS\system32\services.exe 18:16:23.0703 2252 Eventlog - ok 18:16:23.0734 2252 EventSystem (f17f6226bdc0cd5f0bef0daf84d29bec) C:\WINDOWS\system32\es.dll 18:16:23.0765 2252 EventSystem - ok 18:16:23.0890 2252 exFat (4d893323dae445e34a4c9038b0551bc9) C:\WINDOWS\system32\drivers\exFat.sys 18:16:23.0906 2252 exFat - ok 18:16:23.0953 2252 ExterminateIt (8ef8166e412988f210186e2fae88d083) C:\WINDOWS\system32\drivers\extit.sys 18:16:23.0953 2252 ExterminateIt - ok 18:16:24.0078 2252 Fastfat (38d332a6d56af32635675f132548343e) C:\WINDOWS\system32\drivers\Fastfat.sys 18:16:24.0171 2252 Fastfat - ok 18:16:24.0218 2252 FastUserSwitchingCompatibility (888cd7b39c37e13a2419becfaaf0a28c) C:\WINDOWS\System32\shsvcs.dll 18:16:24.0250 2252 FastUserSwitchingCompatibility - ok 18:16:24.0281 2252 Fdc (92cdd60b6730b9f50f6a1a0c1f8cdc81) C:\WINDOWS\system32\drivers\Fdc.sys 18:16:24.0375 2252 Fdc - ok 18:16:24.0468 2252 Fips (d45926117eb9fa946a6af572fbe1caa3) C:\WINDOWS\system32\drivers\Fips.sys 18:16:24.0546 2252 Fips - ok 18:16:24.0562 2252 Flpydisk (9d27e7b80bfcdf1cdd9b555862d5e7f0) C:\WINDOWS\system32\drivers\Flpydisk.sys 18:16:24.0671 2252 Flpydisk - ok 18:16:24.0703 2252 FltMgr (b2cf4b0786f8212cb92ed2b50c6db6b0) C:\WINDOWS\system32\DRIVERS\fltMgr.sys 18:16:24.0781 2252 FltMgr - ok 18:16:24.0906 2252 FontCache3.0.0.0 (8ba7c024070f2b7fdd98ed8a4ba41789) C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe 18:16:24.0921 2252 FontCache3.0.0.0 - ok 18:16:24.0968 2252 Fs_Rec (30d42943a54704ef13e2562911dbfcea) C:\WINDOWS\system32\drivers\Fs_Rec.sys 18:16:24.0984 2252 Fs_Rec - ok 18:16:25.0078 2252 Ftdisk (6ac26732762483366c3969c9e4d2259d) C:\WINDOWS\system32\DRIVERS\ftdisk.sys 18:16:25.0171 2252 Ftdisk - ok 18:16:25.0218 2252 Gpc (0a02c63c8b144bd8c86b103dee7c86a2) C:\WINDOWS\system32\DRIVERS\msgpc.sys 18:16:25.0296 2252 Gpc - ok 18:16:25.0328 2252 HDAudBus (573c7d0a32852b48f3058cfd8026f511) C:\WINDOWS\system32\DRIVERS\HDAudBus.sys 18:16:25.0421 2252 HDAudBus - ok 18:16:25.0468 2252 helpsvc (4fcca060dfe0c51a09dd5c3843888bcd) C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll 18:16:25.0562 2252 helpsvc - ok 18:16:25.0593 2252 HidServ - ok 18:16:25.0609 2252 hkmsvc (8878bd685e490239777bfe51320b88e9) C:\WINDOWS\System32\kmsvc.dll 18:16:25.0703 2252 hkmsvc - ok 18:16:25.0718 2252 hpn - ok 18:16:25.0750 2252 HTTP (937031c085718c1c04a9c0864625ec6b) C:\WINDOWS\system32\Drivers\HTTP.sys 18:16:25.0781 2252 HTTP - ok 18:16:25.0875 2252 HTTPFilter (6100a808600f44d999cebdef8841c7a3) C:\WINDOWS\System32\w3ssl.dll 18:16:25.0953 2252 HTTPFilter - ok 18:16:25.0968 2252 i2omgmt - ok 18:16:25.0968 2252 i2omp - ok 18:16:26.0000 2252 i8042prt (4a0b06aa8943c1e332520f7440c0aa30) C:\WINDOWS\system32\DRIVERS\i8042prt.sys 18:16:26.0125 2252 i8042prt - ok 18:16:26.0312 2252 ialm (9acb03875cfe068d5cc0e98fb2cf7017) C:\WINDOWS\system32\DRIVERS\igxpmp32.sys 18:16:26.0593 2252 ialm - ok 18:16:26.0625 2252 icsak - ok 18:16:26.0718 2252 IDMTDI (eb5a63adbf35314465cfbc33558cdaf7) C:\WINDOWS\system32\DRIVERS\idmtdi.sys 18:16:26.0734 2252 IDMTDI - ok 18:16:26.0859 2252 idsvc (c01ac32dc5c03076cfb852cb5da5229c) C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe 18:16:26.0906 2252 idsvc - ok 18:16:26.0968 2252 Imapi (083a052659f5310dd8b6a6cb05edcf8e) C:\WINDOWS\system32\DRIVERS\imapi.sys 18:16:27.0078 2252 Imapi - ok 18:16:27.0093 2252 ImapiService (30deaf54a9755bb8546168cfe8a6b5e1) C:\WINDOWS\system32\imapi.exe 18:16:27.0187 2252 ImapiService - ok 18:16:27.0203 2252 ini910u - ok 18:16:27.0406 2252 IntcAzAudAddService (5d138adc44c43bf37634c8e528d75b1f) C:\WINDOWS\system32\drivers\RtkHDAud.sys 18:16:27.0765 2252 IntcAzAudAddService - ok 18:16:27.0843 2252 IntelIde - ok 18:16:27.0875 2252 intelppm (8c953733d8f36eb2133f5bb58808b66b) C:\WINDOWS\system32\DRIVERS\intelppm.sys 18:16:27.0968 2252 intelppm - ok 18:16:27.0984 2252 Ip6Fw (3bb22519a194418d5fec05d800a19ad0) C:\WINDOWS\system32\DRIVERS\Ip6Fw.sys 18:16:28.0078 2252 Ip6Fw - ok 18:16:28.0125 2252 IpFilterDriver (731f22ba402ee4b62748adaf6363c182) C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys 18:16:28.0218 2252 IpFilterDriver - ok 18:16:28.0281 2252 IpInIp (b87ab476dcf76e72010632b5550955f5) C:\WINDOWS\system32\DRIVERS\ipinip.sys 18:16:28.0359 2252 IpInIp - ok 18:16:28.0375 2252 IpNat (cc748ea12c6effde940ee98098bf96bb) C:\WINDOWS\system32\DRIVERS\ipnat.sys 18:16:28.0484 2252 IpNat - ok 18:16:28.0500 2252 IPSec (23c74d75e36e7158768dd63d92789a91) C:\WINDOWS\system32\DRIVERS\ipsec.sys 18:16:28.0578 2252 IPSec - ok 18:16:28.0671 2252 IRENUM (c93c9ff7b04d772627a3646d89f7bf89) C:\WINDOWS\system32\DRIVERS\irenum.sys 18:16:28.0703 2252 IRENUM - ok 18:16:28.0750 2252 isapnp (05a299ec56e52649b1cf2fc52d20f2d7) C:\WINDOWS\system32\DRIVERS\isapnp.sys 18:16:28.0859 2252 isapnp - ok 18:16:28.0921 2252 JavaQuickStarterService (0a5709543986843d37a92290b7838340) C:\Program Files\Java\jre6\bin\jqs.exe 18:16:28.0937 2252 JavaQuickStarterService - ok 18:16:29.0000 2252 Kbdclass (463c1ec80cd17420a542b7f36a36f128) C:\WINDOWS\system32\DRIVERS\kbdclass.sys 18:16:29.0109 2252 Kbdclass - ok 18:16:29.0156 2252 KLIF - ok 18:16:29.0187 2252 kmixer (692bcf44383d056aed41b045a323d378) C:\WINDOWS\system32\drivers\kmixer.sys 18:16:29.0265 2252 kmixer - ok 18:16:29.0296 2252 KSecDD (c6ebf1d6ad71df30db49b8d3287e1368) C:\WINDOWS\system32\drivers\KSecDD.sys 18:16:29.0312 2252 KSecDD - ok 18:16:29.0343 2252 LanmanServer (3695b8d03745b2f8022b161238347a9d) C:\WINDOWS\System32\srvsvc.dll 18:16:29.0375 2252 LanmanServer - ok 18:16:29.0468 2252 lanmanworkstation (3b9324d60dd321bab7bf6f77931d3fd1) C:\WINDOWS\System32\wkssvc.dll 18:16:29.0468 2252 lanmanworkstation - ok 18:16:29.0484 2252 lbrtfdc - ok 18:16:29.0515 2252 LFSys (708ad0b2db1e5869fb9eb4f682317e75) C:\WINDOWS\system32\Drivers\LFSys.sys 18:16:29.0515 2252 LFSys - ok 18:16:29.0562 2252 LmHosts (a7db739ae99a796d91580147e919cc59) C:\WINDOWS\System32\lmhsvc.dll 18:16:29.0656 2252 LmHosts - ok 18:16:29.0718 2252 mbamchameleon (7ffd29fafcde7aaf89b689b6e156d5b0) C:\WINDOWS\system32\drivers\mbamchameleon.sys 18:16:29.0718 2252 mbamchameleon ( UnsignedFile.Multi.Generic ) - warning 18:16:29.0718 2252 mbamchameleon - detected UnsignedFile.Multi.Generic (1) 18:16:29.0765 2252 MBAMProtector (b7ca8cc3f978201856b6ab82f40953c3) C:\WINDOWS\system32\drivers\mbam.sys 18:16:29.0781 2252 MBAMProtector - ok 18:16:29.0859 2252 MBAMService (056b19651bd7b7ce5f89a3ac46dbdc08) C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe 18:16:29.0890 2252 MBAMService - ok 18:16:29.0953 2252 mcdbus (8fd868e32459ece2a1bb0169f513d31e) C:\WINDOWS\system32\DRIVERS\mcdbus.sys 18:16:29.0968 2252 mcdbus ( UnsignedFile.Multi.Generic ) - warning 18:16:29.0968 2252 mcdbus - detected UnsignedFile.Multi.Generic (1) 18:16:30.0000 2252 Messenger (986b1ff5814366d71e0ac5755c88f2d3) C:\WINDOWS\System32\msgsvc.dll 18:16:30.0109 2252 Messenger - ok 18:16:30.0156 2252 Microsoft SharePoint Workspace Audit Service - ok 18:16:30.0265 2252 mnmdd (4ae068242760a1fb6e1a44bf4e16afa6) C:\WINDOWS\system32\drivers\mnmdd.sys 18:16:30.0343 2252 mnmdd - ok 18:16:30.0375 2252 mnmsrvc (d18f1f0c101d06a1c1adf26eed16fcdd) C:\WINDOWS\system32\mnmsrvc.exe 18:16:30.0468 2252 mnmsrvc - ok 18:16:30.0484 2252 Modem (dfcbad3cec1c5f964962ae10e0bcc8e1) C:\WINDOWS\system32\drivers\Modem.sys 18:16:30.0578 2252 Modem - ok 18:16:30.0703 2252 Monfilt (c7d9f9717916b34c1b00dd4834af485c) C:\WINDOWS\system32\drivers\Monfilt.sys 18:16:30.0765 2252 Monfilt - ok 18:16:30.0781 2252 Mouclass (35c9e97194c8cfb8430125f8dbc34d04) C:\WINDOWS\system32\DRIVERS\mouclass.sys 18:16:30.0875 2252 Mouclass - ok 18:16:30.0906 2252 MountMgr (1a1faa5102466f418494e94ff9b0b091) C:\WINDOWS\system32\drivers\MountMgr.sys 18:16:30.0906 2252 MountMgr - ok 18:16:30.0968 2252 mraid35x - ok 18:16:30.0984 2252 MRxDAV (4fefd389d71126ee581b9f9cb2918be4) C:\WINDOWS\system32\DRIVERS\mrxdav.sys 18:16:30.0984 2252 MRxDAV - ok 18:16:31.0015 2252 MRxSmb (fb2fccc70f7174c7bf64f48e96d3adf4) C:\WINDOWS\system32\DRIVERS\mrxsmb.sys 18:16:31.0093 2252 MRxSmb - ok 18:16:31.0156 2252 MSDTC (a137f1470499a205abbb9aafb3b6f2b1) C:\WINDOWS\system32\msdtc.exe 18:16:31.0265 2252 MSDTC - ok 18:16:31.0281 2252 Msfs (c941ea2454ba8350021d774daf0f1027) C:\WINDOWS\system32\drivers\Msfs.sys 18:16:31.0359 2252 Msfs - ok 18:16:31.0375 2252 MSIServer - ok 18:16:31.0390 2252 MSKSSRV (d1575e71568f4d9e14ca56b7b0453bf1) C:\WINDOWS\system32\drivers\MSKSSRV.sys 18:16:31.0500 2252 MSKSSRV - ok 18:16:31.0515 2252 MSPCLOCK (325bb26842fc7ccc1fcce2c457317f3e) C:\WINDOWS\system32\drivers\MSPCLOCK.sys 18:16:31.0593 2252 MSPCLOCK - ok 18:16:31.0671 2252 MSPQM (bad59648ba099da4a17680b39730cb3d) C:\WINDOWS\system32\drivers\MSPQM.sys 18:16:31.0765 2252 MSPQM - ok 18:16:31.0781 2252 mssmbios (af5f4f3f14a8ea2c26de30f7a1e17136) C:\WINDOWS\system32\DRIVERS\mssmbios.sys 18:16:31.0890 2252 mssmbios - ok 18:16:31.0906 2252 MSTEE (e53736a9e30c45fa9e7b5eac55056d1d) C:\WINDOWS\system32\drivers\MSTEE.sys 18:16:32.0000 2252 MSTEE - ok 18:16:32.0093 2252 MTsensor (d48659bb24c48345d926ecb45c1ebdf5) C:\WINDOWS\system32\DRIVERS\ASACPI.sys 18:16:32.0109 2252 MTsensor - ok 18:16:32.0140 2252 Mup (f7b1ad991491f02af6da70b00b8bf114) C:\WINDOWS\system32\drivers\Mup.sys 18:16:32.0156 2252 Mup - ok 18:16:32.0203 2252 mv61xxmm (75b85f6a5cdccb602ec98e0d37ccc072) C:\WINDOWS\system32\drivers\mv61xxmm.sys 18:16:32.0203 2252 mv61xxmm - ok 18:16:32.0234 2252 mv64xxmm (6090786daa545a3ec7d34a46a8cd1661) C:\WINDOWS\system32\drivers\mv64xxmm.sys 18:16:32.0234 2252 mv64xxmm ( UnsignedFile.Multi.Generic ) - warning 18:16:32.0234 2252 mv64xxmm - detected UnsignedFile.Multi.Generic (1) 18:16:32.0250 2252 mvxxmm (45a7b1dc4c099ae8d424190a23aa8168) C:\WINDOWS\system32\drivers\mvxxmm.sys 18:16:32.0250 2252 mvxxmm - ok 18:16:32.0281 2252 NABTSFEC (5b50f1b2a2ed47d560577b221da734db) C:\WINDOWS\system32\DRIVERS\NABTSFEC.sys 18:16:32.0375 2252 NABTSFEC - ok 18:16:32.0406 2252 napagent (0102140028fad045756796e1c685d695) C:\WINDOWS\System32\qagentrt.dll 18:16:32.0484 2252 napagent - ok 18:16:32.0546 2252 NDIS (1df7f42665c94b825322fae71721130d) C:\WINDOWS\system32\drivers\NDIS.sys 18:16:32.0640 2252 NDIS - ok 18:16:32.0656 2252 NdisIP (7ff1f1fd8609c149aa432f95a8163d97) C:\WINDOWS\system32\DRIVERS\NdisIP.sys 18:16:32.0734 2252 NdisIP - ok 18:16:32.0812 2252 NdisTapi (091735a5f20acb1dc147383a905ae002) C:\WINDOWS\system32\DRIVERS\ndistapi.sys 18:16:32.0812 2252 NdisTapi - ok 18:16:32.0875 2252 Ndisuio (f927a4434c5028758a842943ef1a3849) C:\WINDOWS\system32\DRIVERS\ndisuio.sys 18:16:32.0953 2252 Ndisuio - ok 18:16:32.0968 2252 NdisWan (edc1531a49c80614b2cfda43ca8659ab) C:\WINDOWS\system32\DRIVERS\ndiswan.sys 18:16:33.0046 2252 NdisWan - ok 18:16:33.0078 2252 NDProxy (816460bd4b4acd27937d1d0813e2e9e9) C:\WINDOWS\system32\drivers\NDProxy.sys 18:16:33.0093 2252 NDProxy - ok 18:16:33.0109 2252 NetBIOS (5d81cf9a2f1a3a756b66cf684911cdf0) C:\WINDOWS\system32\DRIVERS\netbios.sys 18:16:33.0203 2252 NetBIOS - ok 18:16:33.0312 2252 NetBT (74b2b2f5bea5e9a3dc021d685551bd3d) C:\WINDOWS\system32\DRIVERS\netbt.sys 18:16:33.0390 2252 NetBT - ok 18:16:33.0406 2252 NetDDE (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 18:16:33.0531 2252 NetDDE - ok 18:16:33.0531 2252 NetDDEdsdm (b857ba82860d7ff85ae29b095645563b) C:\WINDOWS\system32\netdde.exe 18:16:33.0609 2252 NetDDEdsdm - ok 18:16:33.0671 2252 Netlogon (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 18:16:33.0765 2252 Netlogon - ok 18:16:33.0781 2252 Netman (13e67b55b3abd7bf3fe7aae5a0f9a9de) C:\WINDOWS\System32\netman.dll 18:16:33.0875 2252 Netman - ok 18:16:33.0937 2252 NetTcpPortSharing (d22cd77d4f0d63d1169bb35911bff12d) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe 18:16:33.0937 2252 NetTcpPortSharing - ok 18:16:33.0984 2252 Nla (fcee5fcb99f7c724593365c706d28388) C:\WINDOWS\System32\mswsock.dll 18:16:34.0000 2252 Nla - ok 18:16:34.0078 2252 Npfs (3182d64ae053d6fb034f44b6def8034a) C:\WINDOWS\system32\drivers\Npfs.sys 18:16:34.0171 2252 Npfs - ok 18:16:34.0234 2252 Ntfs (4c51d5275ae8a16999edfe7e647d00de) C:\WINDOWS\system32\drivers\Ntfs.sys 18:16:34.0281 2252 Ntfs - ok 18:16:34.0296 2252 NtLmSsp (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 18:16:34.0390 2252 NtLmSsp - ok 18:16:34.0484 2252 NtmsSvc (156f64a3345bd23c600655fb4d10bc08) C:\WINDOWS\system32\ntmssvc.dll 18:16:34.0562 2252 NtmsSvc - ok 18:16:34.0593 2252 Null (73c1e1f395918bc2c6dd67af7591a3ad) C:\WINDOWS\system32\drivers\Null.sys 18:16:34.0687 2252 Null - ok 18:16:34.0718 2252 NwlnkFlt (b305f3fad35083837ef46a0bbce2fc57) C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys 18:16:34.0796 2252 NwlnkFlt - ok 18:16:34.0859 2252 NwlnkFwd (c99b3415198d1aab7227f2c88fd664b9) C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys 18:16:34.0937 2252 NwlnkFwd - ok 18:16:34.0984 2252 ose (9d10f99a6712e28f8acd5641e3a7ea6b) C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE 18:16:35.0000 2252 ose - ok 18:16:35.0156 2252 osppsvc (358a9cca612c68eb2f07ddad4ce1d8d7) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE 18:16:35.0328 2252 osppsvc - ok 18:16:35.0406 2252 PAC207 (4a410c7aea51123519c20d43a20bce96) C:\WINDOWS\system32\DRIVERS\PFC027.SYS 18:16:35.0500 2252 PAC207 - ok 18:16:35.0515 2252 Parport (5575faf8f97ce5e713d108c2a58d7c7c) C:\WINDOWS\system32\drivers\Parport.sys 18:16:35.0609 2252 Parport - ok 18:16:35.0671 2252 PartMgr (beb3ba25197665d82ec7065b724171c6) C:\WINDOWS\system32\drivers\PartMgr.sys 18:16:35.0750 2252 PartMgr - ok 18:16:35.0828 2252 ParVdm (70e98b3fd8e963a6a46a2e6247e0bea1) C:\WINDOWS\system32\drivers\ParVdm.sys 18:16:35.0906 2252 ParVdm - ok 18:16:35.0921 2252 PCI (a219903ccf74233761d92bef471a07b1) C:\WINDOWS\system32\DRIVERS\pci.sys 18:16:36.0015 2252 PCI - ok 18:16:36.0062 2252 PCIDump - ok 18:16:36.0140 2252 PCIIde (ccf5f451bb1a5a2a522a76e670000ff0) C:\WINDOWS\system32\DRIVERS\pciide.sys 18:16:36.0203 2252 PCIIde - ok 18:16:36.0250 2252 Pcmcia (9e89ef60e9ee05e3f2eef2da7397f1c1) C:\WINDOWS\system32\drivers\Pcmcia.sys 18:16:36.0328 2252 Pcmcia - ok 18:16:36.0375 2252 PDCOMP - ok 18:16:36.0390 2252 PDFRAME - ok 18:16:36.0406 2252 PDRELI - ok 18:16:36.0421 2252 PDRFRAME - ok 18:16:36.0437 2252 perc2 - ok 18:16:36.0437 2252 perc2hib - ok 18:16:36.0468 2252 phylock (304d62b921d173bc866d4eeee28b2ac8) C:\WINDOWS\system32\drivers\phylock.sys 18:16:36.0484 2252 phylock - ok 18:16:36.0500 2252 PlugPlay (c519e15665cd89a91ad383fce3cb556a) C:\WINDOWS\system32\services.exe 18:16:36.0500 2252 PlugPlay - ok 18:16:36.0531 2252 PolicyAgent (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 18:16:36.0593 2252 PolicyAgent - ok 18:16:36.0640 2252 PptpMiniport (efeec01b1d3cf84f16ddd24d9d9d8f99) C:\WINDOWS\system32\DRIVERS\raspptp.sys 18:16:36.0718 2252 PptpMiniport - ok 18:16:36.0734 2252 ProtectedStorage (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 18:16:36.0796 2252 ProtectedStorage - ok 18:16:36.0859 2252 PSched (d8e11d311785f89f1d70a28b0e879127) C:\WINDOWS\system32\DRIVERS\psched.sys 18:16:36.0875 2252 PSched - ok 18:16:36.0890 2252 Ptilink (80d317bd1c3dbc5d4fe7b1678c60cadd) C:\WINDOWS\system32\DRIVERS\ptilink.sys 18:16:36.0968 2252 Ptilink - ok 18:16:37.0062 2252 ql1080 - ok 18:16:37.0062 2252 Ql10wnt - ok 18:16:37.0078 2252 ql12160 - ok 18:16:37.0093 2252 ql1240 - ok 18:16:37.0093 2252 ql1280 - ok 18:16:37.0109 2252 RasAcd (fe0d99d6f31e4fad8159f690d68ded9c) C:\WINDOWS\system32\DRIVERS\rasacd.sys 18:16:37.0187 2252 RasAcd - ok 18:16:37.0218 2252 RasAuto (ad188be7bdf94e8df4ca0a55c00a5073) C:\WINDOWS\System32\rasauto.dll 18:16:37.0312 2252 RasAuto - ok 18:16:37.0328 2252 Rasl2tp (11b4a627bc9614b885c4969bfa5ff8a6) C:\WINDOWS\system32\DRIVERS\rasl2tp.sys 18:16:37.0406 2252 Rasl2tp - ok 18:16:37.0468 2252 RasMan (76a9a3cbeadd68cc57cda5e1d7448235) C:\WINDOWS\System32\rasmans.dll 18:16:37.0546 2252 RasMan - ok 18:16:37.0546 2252 RasPppoe (5bc962f2654137c9909c3d4603587dee) C:\WINDOWS\system32\DRIVERS\raspppoe.sys 18:16:37.0625 2252 RasPppoe - ok 18:16:37.0703 2252 Raspti (fdbb1d60066fcfbb7452fd8f9829b242) C:\WINDOWS\system32\DRIVERS\raspti.sys 18:16:37.0781 2252 Raspti - ok 18:16:37.0812 2252 Rdbss (77050c6615f6eb5402f832b27fd695e0) C:\WINDOWS\system32\DRIVERS\rdbss.sys 18:16:37.0828 2252 Rdbss - ok 18:16:37.0875 2252 RDPCDD (4912d5b403614ce99c28420f75353332) C:\WINDOWS\system32\DRIVERS\RDPCDD.sys 18:16:37.0937 2252 RDPCDD - ok 18:16:37.0968 2252 rdpdr (47ea20320e3d6fdc7b7bb22b2b881ca6) C:\WINDOWS\system32\DRIVERS\rdpdr.sys 18:16:37.0984 2252 rdpdr - ok 18:16:38.0093 2252 RDPWD (2d293b720c206473a05950ce007db12a) C:\WINDOWS\system32\drivers\RDPWD.sys 18:16:38.0109 2252 RDPWD - ok 18:16:38.0140 2252 RDSessMgr (3c37bf86641bda977c3bf8a840f3b7fa) C:\WINDOWS\system32\sessmgr.exe 18:16:38.0218 2252 RDSessMgr - ok 18:16:38.0281 2252 redbook (f828dd7e1419b6653894a8f97a0094c5) C:\WINDOWS\system32\DRIVERS\redbook.sys 18:16:38.0359 2252 redbook - ok 18:16:38.0406 2252 RemoteAccess (7e699ff5f59b5d9de5390e3c34c67cf5) C:\WINDOWS\System32\mprdim.dll 18:16:38.0500 2252 RemoteAccess - ok 18:16:38.0515 2252 RemoteRegistry (5b19b557b0c188210a56a6b699d90b8f) C:\WINDOWS\system32\regsvc.dll 18:16:38.0609 2252 RemoteRegistry - ok 18:16:38.0671 2252 RpcLocator (aaed593f84afa419bbae8572af87cf6a) C:\WINDOWS\system32\locator.exe 18:16:38.0750 2252 RpcLocator - ok 18:16:38.0796 2252 RpcSs (9222562d44021b988b9f9f62207fb6f2) C:\WINDOWS\System32\rpcss.dll 18:16:38.0828 2252 RpcSs - ok 18:16:38.0906 2252 rspndr (743d7d59767073a617b1dcc6c546f234) C:\WINDOWS\system32\DRIVERS\rspndr.sys 18:16:38.0906 2252 rspndr - ok 18:16:38.0937 2252 RSVP (471b3f9741d762abe75e9deea4787e47) C:\WINDOWS\system32\rsvp.exe 18:16:39.0015 2252 RSVP - ok 18:16:39.0046 2252 RTLE8023xp (b0e1648aae1e59bdd0854af07a605399) C:\WINDOWS\system32\DRIVERS\Rtenicxp.sys 18:16:39.0093 2252 RTLE8023xp - ok 18:16:39.0140 2252 SamSs (bf2466b3e18e970d8a976fb95fc1ca85) C:\WINDOWS\system32\lsass.exe 18:16:39.0234 2252 SamSs - ok 18:16:39.0296 2252 SCardSvr (86d007e7a654b9a71d1d7d856b104353) C:\WINDOWS\System32\SCardSvr.exe 18:16:39.0375 2252 SCardSvr - ok 18:16:39.0421 2252 Schedule (0a9a7365a1ca4319aa7c1d6cd8e4eafa) C:\WINDOWS\system32\schedsvc.dll 18:16:39.0546 2252 Schedule - ok 18:16:39.0609 2252 Secdrv (90a3935d05b494a5a39d37e71f09a677) C:\WINDOWS\system32\DRIVERS\secdrv.sys 18:16:39.0640 2252 Secdrv - ok 18:16:39.0687 2252 seclogon (cbe612e2bb6a10e3563336191eda1250) C:\WINDOWS\System32\seclogon.dll 18:16:39.0765 2252 seclogon - ok 18:16:39.0812 2252 SENS (7fdd5d0684eca8c1f68b4d99d124dcd0) C:\WINDOWS\system32\sens.dll 18:16:39.0921 2252 SENS - ok 18:16:39.0937 2252 serenum (0f29512ccd6bead730039fb4bd2c85ce) C:\WINDOWS\system32\DRIVERS\serenum.sys 18:16:40.0015 2252 serenum - ok 18:16:40.0078 2252 Serial (cca207a8896d4c6a0c9ce29a4ae411a7) C:\WINDOWS\system32\DRIVERS\serial.sys 18:16:40.0171 2252 Serial - ok 18:16:40.0265 2252 Sfloppy (8e6b8c671615d126fdc553d1e2de5562) C:\WINDOWS\system32\drivers\Sfloppy.sys 18:16:40.0359 2252 Sfloppy - ok 18:16:40.0421 2252 SharedAccess (4f10a2fa76b5bd54cd68afa94e8adb39) C:\WINDOWS\System32\ipnathlp.dll 18:16:40.0468 2252 SharedAccess - ok 18:16:40.0484 2252 ShellHWDetection (888cd7b39c37e13a2419becfaaf0a28c) C:\WINDOWS\System32\shsvcs.dll 18:16:40.0500 2252 ShellHWDetection - ok 18:16:40.0531 2252 Simbad - ok 18:16:40.0531 2252 SIWIO - ok 18:16:40.0578 2252 SLIP (866d538ebe33709a5c9f5c62b73b7d14) C:\WINDOWS\system32\DRIVERS\SLIP.sys 18:16:40.0671 2252 SLIP - ok 18:16:40.0718 2252 Sparrow - ok 18:16:40.0796 2252 splitter (ab8b92451ecb048a4d1de7c3ffcb4a9f) C:\WINDOWS\system32\drivers\splitter.sys 18:16:40.0890 2252 splitter - ok 18:16:40.0937 2252 Spooler (258dd5d4283fd9f9a7166be9ae45ce73) C:\WINDOWS\system32\spoolsv.exe 18:16:40.0953 2252 Spooler - ok 18:16:41.0031 2252 sr (76bb022c2fb6902fd5bdd4f78fc13a5d) C:\WINDOWS\system32\DRIVERS\sr.sys 18:16:41.0078 2252 sr - ok 18:16:41.0109 2252 srservice (3805df0ac4296a34ba4bf93b346cc378) C:\WINDOWS\system32\srsvc.dll 18:16:41.0140 2252 srservice - ok 18:16:41.0187 2252 Srv (9b390283569ea58d43d2586032b892f5) C:\WINDOWS\system32\DRIVERS\srv.sys 18:16:41.0234 2252 Srv - ok 18:16:41.0281 2252 SSDPSRV (0a5679b3714edab99e357057ee88fca6) C:\WINDOWS\System32\ssdpsrv.dll 18:16:41.0312 2252 SSDPSRV - ok 18:16:41.0359 2252 stisvc (8bad69cbac032d4bbacfce0306174c30) C:\WINDOWS\system32\wiaservc.dll 18:16:41.0468 2252 stisvc - ok 18:16:41.0515 2252 streamip (77813007ba6265c4b6098187e6ed79d2) C:\WINDOWS\system32\DRIVERS\StreamIP.sys 18:16:41.0609 2252 streamip - ok 18:16:41.0671 2252 StyleXPHelper (7e40b43922b2896f40a5930af7489c60) C:\Program Files\TGTSoft\StyleXP\StyleXPHelper.exe 18:16:41.0687 2252 StyleXPHelper ( UnsignedFile.Multi.Generic ) - warning 18:16:41.0687 2252 StyleXPHelper - detected UnsignedFile.Multi.Generic (1) 18:16:41.0718 2252 StyleXPService (564286a42af81fb2b61eed32fcde020c) C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe 18:16:41.0734 2252 StyleXPService ( UnsignedFile.Multi.Generic ) - warning 18:16:41.0734 2252 StyleXPService - detected UnsignedFile.Multi.Generic (1) 18:16:41.0875 2252 swenum (3941d127aef12e93addf6fe6ee027e0f) C:\WINDOWS\system32\DRIVERS\swenum.sys 18:16:41.0953 2252 swenum - ok 18:16:42.0000 2252 swmidi (8ce882bcc6cf8a62f2b2323d95cb3d01) C:\WINDOWS\system32\drivers\swmidi.sys 18:16:42.0093 2252 swmidi - ok 18:16:42.0125 2252 SwPrv - ok 18:16:42.0125 2252 symc810 - ok 18:16:42.0140 2252 symc8xx - ok 18:16:42.0156 2252 sym_hi - ok 18:16:42.0156 2252 sym_u3 - ok 18:16:42.0187 2252 sysaudio (8b83f3ed0f1688b4958f77cd6d2bf290) C:\WINDOWS\system32\drivers\sysaudio.sys 18:16:42.0281 2252 sysaudio - ok 18:16:42.0312 2252 SysmonLog (c7abbc59b43274b1109df6b24d617051) C:\WINDOWS\system32\smlogsvc.exe 18:16:42.0390 2252 SysmonLog - ok 18:16:42.0468 2252 TapiSrv (e2b32b10acc5d97623275aafb67e5f03) C:\WINDOWS\System32\tapisrv.dll 18:16:42.0484 2252 TapiSrv - ok 18:16:42.0546 2252 TBIMount (ca17a20aebd5a253e129187396e7751d) C:\WINDOWS\System32\drivers\tbimount.sys 18:16:42.0546 2252 TBIMount - ok 18:16:42.0593 2252 Tcpip (51e41f16acd80b8b39c0ae703a213f09) C:\WINDOWS\system32\DRIVERS\tcpip.sys 18:16:42.0625 2252 Tcpip - ok 18:16:42.0687 2252 TDPIPE (6471a66807f5e104e4885f5b67349397) C:\WINDOWS\system32\drivers\TDPIPE.sys 18:16:42.0765 2252 TDPIPE - ok 18:16:42.0859 2252 TDTCP (c0578456f29e5f26285f81b7b71fe57d) C:\WINDOWS\system32\drivers\TDTCP.sys 18:16:42.0875 2252 TDTCP - ok 18:16:42.0906 2252 TermDD (88155247177638048422893737429d9e) C:\WINDOWS\system32\DRIVERS\termdd.sys 18:16:42.0984 2252 TermDD - ok 18:16:43.0046 2252 TermService (5128852a18ae46c387f87bf27da4c9dd) C:\WINDOWS\System32\termsrv.dll 18:16:43.0062 2252 TermService - ok 18:16:43.0109 2252 Themes (888cd7b39c37e13a2419becfaaf0a28c) C:\WINDOWS\System32\shsvcs.dll 18:16:43.0109 2252 Themes - ok 18:16:43.0140 2252 TlntSvr (db7205804759ff62c34e3efd8a4cc76a) C:\WINDOWS\system32\tlntsvr.exe 18:16:43.0171 2252 TlntSvr - ok 18:16:43.0218 2252 TosIde - ok 18:16:43.0265 2252 TrkWks (55bca12f7f523d35ca3cb833c725f54e) C:\WINDOWS\system32\trkwks.dll 18:16:43.0359 2252 TrkWks - ok 18:16:43.0375 2252 Udfs (5787b80c2e3c5e2f56c2a233d91fa2c9) C:\WINDOWS\system32\drivers\Udfs.sys 18:16:43.0468 2252 Udfs - ok 18:16:43.0515 2252 ultra - ok 18:16:43.0546 2252 Update (402ddc88356b1bac0ee3dd1580c76a31) C:\WINDOWS\system32\DRIVERS\update.sys 18:16:43.0640 2252 Update - ok 18:16:43.0703 2252 upnphost (1ebafeb9a3fbdc41b8d9c7f0f687ad91) C:\WINDOWS\System32\upnphost.dll 18:16:43.0750 2252 upnphost - ok 18:16:43.0796 2252 UPS (05365fb38fca1e98f7a566aaaf5d1815) C:\WINDOWS\System32\ups.exe 18:16:43.0906 2252 UPS - ok 18:16:43.0953 2252 usbehci (52674b5dbee499342a599c7771abecaa) C:\WINDOWS\system32\DRIVERS\usbehci.sys 18:16:43.0968 2252 usbehci - ok 18:16:44.0000 2252 usbhub (1ab3cdde553b6e064d2e754efe20285c) C:\WINDOWS\system32\DRIVERS\usbhub.sys 18:16:44.0078 2252 usbhub - ok 18:16:44.0125 2252 USBSTOR (a32426d9b14a089eaa1d922e0c5801a9) C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS 18:16:44.0218 2252 USBSTOR - ok 18:16:44.0312 2252 usbuhci (26496f9dee2d787fc3e61ad54821ffe6) C:\WINDOWS\system32\DRIVERS\usbuhci.sys 18:16:44.0375 2252 usbuhci - ok 18:16:44.0421 2252 VBoxDrv (103b23ec82c08fc4bdbc369552ffab2a) C:\WINDOWS\system32\DRIVERS\VBoxDrv.sys 18:16:44.0437 2252 VBoxDrv - ok 18:16:44.0484 2252 VBoxNetAdp (226cd9e42be28a84ec56430fbb57224f) C:\WINDOWS\system32\DRIVERS\VBoxNetAdp.sys 18:16:44.0500 2252 VBoxNetAdp - ok 18:16:44.0531 2252 VBoxNetFlt (0a5d6512dcb14135a388d0e7e69e01bb) C:\WINDOWS\system32\DRIVERS\VBoxNetFlt.sys 18:16:44.0546 2252 VBoxNetFlt - ok 18:16:44.0578 2252 VBoxUSBMon (96a478edfb1fbf1fc663beb09b4175a8) C:\WINDOWS\system32\DRIVERS\VBoxUSBMon.sys 18:16:44.0578 2252 VBoxUSBMon - ok 18:16:44.0625 2252 VgaSave (0d3a8fafceacd8b7625cd549757a7df1) C:\WINDOWS\System32\drivers\vga.sys 18:16:44.0718 2252 VgaSave - ok 18:16:44.0765 2252 ViaIde - ok 18:16:44.0843 2252 VirtualFD - ok 18:16:44.0890 2252 VolSnap (4c8fcb5cc53aab716d810740fe59d025) C:\WINDOWS\system32\drivers\VolSnap.sys 18:16:44.0984 2252 VolSnap - ok 18:16:45.0046 2252 VSS (7a9db3a67c333bf0bd42e42b8596854b) C:\WINDOWS\System32\vssvc.exe 18:16:45.0109 2252 VSS - ok 18:16:45.0125 2252 W32Time (9f8a0d0cbb2fa265a754516128c00e22) C:\WINDOWS\system32\w32time.dll 18:16:45.0156 2252 W32Time - ok 18:16:45.0203 2252 Wanarp (e20b95baedb550f32dd489265c1da1f6) C:\WINDOWS\system32\DRIVERS\wanarp.sys 18:16:45.0281 2252 Wanarp - ok 18:16:45.0312 2252 WDICA - ok 18:16:45.0343 2252 wdmaud (6768acf64b18196494413695f0c3a00f) C:\WINDOWS\system32\drivers\wdmaud.sys 18:16:45.0421 2252 wdmaud - ok 18:16:45.0468 2252 WebClient (703591cd1403bc19e7198ca7b314e132) C:\WINDOWS\System32\webclnt.dll 18:16:45.0484 2252 WebClient - ok 18:16:45.0531 2252 winmgmt (2d0e4ed081963804ccc196a0929275b5) C:\WINDOWS\system32\wbem\WMIsvc.dll 18:16:45.0625 2252 winmgmt - ok 18:16:45.0687 2252 WmdmPmSN (c7e39ea41233e9f5b86c8da3a9f1e4a8) C:\WINDOWS\system32\mspmsnsv.dll 18:16:45.0765 2252 WmdmPmSN - ok 18:16:45.0812 2252 Wmi (c8a6c82f90b055149925dc7526b2d78c) C:\WINDOWS\System32\advapi32.dll 18:16:45.0906 2252 Wmi - ok 18:16:45.0984 2252 WmiApSrv (e0673f1106e62a68d2257e376079f821) C:\WINDOWS\system32\wbem\wmiapsrv.exe 18:16:46.0109 2252 WmiApSrv - ok 18:16:46.0281 2252 WPFFontCache_v0400 (dcf3e3edf5109ee8bc02fe6e1f045795) C:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe 18:16:46.0296 2252 WPFFontCache_v0400 - ok 18:16:46.0375 2252 WS2IFSL (6abe6e225adb5a751622a9cc3bc19ce8) C:\WINDOWS\System32\drivers\ws2ifsl.sys 18:16:46.0468 2252 WS2IFSL - ok 18:16:46.0500 2252 WsAudioDevice_383 (85ece26f326c2d07ba77a60343468272) C:\WINDOWS\system32\drivers\WsAudioDevice_383.sys 18:16:46.0500 2252 WsAudioDevice_383 ( UnsignedFile.Multi.Generic ) - warning 18:16:46.0500 2252 WsAudioDevice_383 - detected UnsignedFile.Multi.Generic (1) 18:16:46.0531 2252 wscsvc (7c278e6408d1dce642230c0585a854d5) C:\WINDOWS\system32\wscsvc.dll 18:16:46.0609 2252 wscsvc - ok 18:16:46.0703 2252 WSTCODEC (c98b39829c2bbd34e454150633c62c78) C:\WINDOWS\system32\DRIVERS\WSTCODEC.SYS 18:16:46.0781 2252 WSTCODEC - ok 18:16:46.0796 2252 wuauserv (dcb24800bf4616dc2df5d38ed3ef4c27) C:\WINDOWS\system32\wuauserv.dll 18:16:46.0812 2252 wuauserv - ok 18:16:46.0890 2252 WZCSVC (349b8d2bb755e8c3b0e3e82a87663e55) C:\WINDOWS\System32\wzcsvc.dll 18:16:46.0937 2252 WZCSVC - ok 18:16:46.0984 2252 xmlprov (295d21f14c335b53cb8154e5b1f892b9) C:\WINDOWS\System32\xmlprov.dll 18:16:47.0062 2252 xmlprov - ok 18:16:47.0093 2252 MBR (0x1B8) (8f558eb6672622401da993e1e865c861) \Device\Harddisk0\DR0 18:16:47.0296 2252 \Device\Harddisk0\DR0 - ok 18:16:47.0312 2252 Boot (0x1200) (285c2075a1f870dfbc7ea6934bd63487) \Device\Harddisk0\DR0\Partition0 18:16:47.0312 2252 \Device\Harddisk0\DR0\Partition0 - ok 18:16:47.0328 2252 Boot (0x1200) (65493ffaf638a2169489bf2ada04384c) \Device\Harddisk0\DR0\Partition1 18:16:47.0328 2252 \Device\Harddisk0\DR0\Partition1 - ok 18:16:47.0343 2252 Boot (0x1200) (3c43eea90af2fffdec819a507ee4bdb0) \Device\Harddisk0\DR0\Partition2 18:16:47.0343 2252 \Device\Harddisk0\DR0\Partition2 - ok 18:16:47.0343 2252 ============================================================ 18:16:47.0343 2252 Scan finished 18:16:47.0343 2252 ============================================================ 18:16:47.0468 2228 Detected object count: 9 18:16:47.0468 2228 Actual detected object count: 9 18:17:33.0203 2228 Backup8 Scheduler ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 Backup8 Scheduler ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 DrvAgent32 ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 DrvAgent32 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 elAPIsvc ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 elAPIsvc ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 mbamchameleon ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 mbamchameleon ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 mcdbus ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 mcdbus ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 mv64xxmm ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 mv64xxmm ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0203 2228 StyleXPHelper ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0203 2228 StyleXPHelper ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0218 2228 StyleXPService ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0218 2228 StyleXPService ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:17:33.0218 2228 WsAudioDevice_383 ( UnsignedFile.Multi.Generic ) - skipped by user 18:17:33.0218 2228 WsAudioDevice_383 ( UnsignedFile.Multi.Generic ) - User select action: Skip 18:18:14.0093 0696 Deinitialize success Леле без да искам натиснах клозе или ок или ексит без да прегледам на скип функцията дали мога да задам Cure

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук

* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

* Ако има намерени обновявания, тя ще ги изтегли и инсталира.

* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Ето го лога Windows XP Service Pack 3 x86 NTFS Internet Explorer 8.0.6001.18702 Administrator :: GANGOSAN-12E3A8 [administrator] Protection: Disabled 29.3.2012 г. 18:47:28 mbam-log-2012-03-29 (18-47-28).txt Scan type: Full scan Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM Scan options disabled: P2P Objects scanned: 240416 Time elapsed: 38 minute(s), 13 second(s) Memory Processes Detected: 0 (No malicious items detected) Memory Modules Detected: 0 (No malicious items detected) Registry Keys Detected: 0 (No malicious items detected) Registry Values Detected: 0 (No malicious items detected) Registry Data Items Detected: 0 (No malicious items detected) Folders Detected: 0 (No malicious items detected) Files Detected: 1 C:\Qoobox\Quarantine\C\Program Files\ESET\MiNODLogin\MiNODLoginUninst.exe.vir (Riskware.KG) -> Quarantined and deleted successfully. (end)

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Чисто..!

Деинсталирайте Комбофикс така:

1.Натиснете Start ==> Run ==> въведете командата Combofix /Uninstall ==> OK

Публикувано изображение

2.Изтеглете Публикувано изображениеOTCleanIt или от тук,стартирайте и натиснете Публикувано изображение

Деинсталирай/изтрий всички програмки, фиксове и логове които използвахме в темата (които са останали селд горните процедури).

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Благодаря маркираме проблема за отстранен снощи си ресторнах от бекъпа и сега всичко е на 6

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.