Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

slav.bg

Съмнение за заразена система

Препоръчан отговор


От два три дена нещо му стана на единия компютър, започна да се рестартира Уиндоса и да се зарежда бавно, браузерите и те се саморестартирарат или блокират, системата стана като цяло по-бавна. Направих пълен скан с Аваст, но не откри нищо. Пробвах и МалуерБайтс, обаче още докато се опитвам да и обновя дефинициите забива. DDS: DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31 Run by VGV at 12:39:00 on 2012-04-03 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.959.554 [GMT 3:00] . AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: PC Tools Firewall Plus *Enabled* . ============== Running Processes ================ . C:\Program Files\Emsisoft Anti-Malware\a2service.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\Explorer.EXE C:\Program Files\AVAST Software\Avast\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\PC Tools Firewall Plus\FWService.exe C:\Program Files\Macrium\Reflect\ReflectService.exe C:\Program Files\PC Tools Firewall Plus\FirewallGUI.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcAppFlt.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\AVAST Software\Avast\avastUI.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin32\nSvcIp.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\system32\taskmgr.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://tv.unicsbg.net/ BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll BHO: Java Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll BHO: Java Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll TB: Grab Pro: {C55BBCD6-41AD-48AD-9953-3609C48EACC7} - c:\program files\orbitdownloader\GrabPro.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe uRun: [autosandboxtest] If you can see this text even from a non-virtualized application then the application (avast! autosandboxme) wasn't sandboxed properly. mRun: [RTHDCPL] RTHDCPL.EXE mRun: [00PCTFW] "c:\program files\pc tools firewall plus\FirewallGUI.exe" -s mRun: [snpstd3] c:\windows\vsnpstd3.exe mRun: [PCSuiteTrayApplication] c:\program files\nokia\nokia pc suite 6\LaunchApplication.exe -startup mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [nwiz] nwiz.exe /install mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui dRun: [Nokia.PCSync] c:\program files\nokia\nokia pc suite 6\PcSync2.exe /NoDialog uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Windows\System: Allow-LogonScript-NetbiosDisabled = dword:1 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: %SYSTEMROOT%\system32\nvLsp.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://go.microsoft.com/fwlink/?linkid=39204 DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} - hxxp://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} - hxxp://www.nvidia.com/content/DriverDownload/nforce/NvidiaSmartScan.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: NameServer = 46.40.72.9 46.40.72.13 TCP: Interfaces\{E6E639BC-1063-459A-860E-F6FA70CB094B} : DHCPNameServer = 46.40.72.9 46.40.72.13 Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL Hosts: 127.0.0.1 www.spywareinfo.com . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\vgv\application data\mozilla\firefox\profiles\5fodehtv.default\ FF - component: c:\documents and settings\vgv\application data\mozilla\firefox\profiles\5fodehtv.default\extensions\jsobrier@zscaler.com\platform\winnt_x86-msvc\components\mozpopen.dll FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll FF - plugin: c:\program files\foxit software\foxit reader\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\inhatchteam\inhatch\npinhatch.dll FF - plugin: c:\program files\java\jre6\bin\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\npjpi160_31.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mozilla firefox\plugins\npFoxitReaderPlugin.dll FF - plugin: c:\program files\opera\program\plugins\np_gp.dll FF - plugin: c:\program files\opera\program\plugins\nporbit.dll FF - plugin: c:\program files\veetle\player\npvlc.dll FF - plugin: c:\program files\veetle\plugins\npVeetle.dll FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} FF - Ext: BlackSheep: jsobrier@zscaler.com - %profile%\extensions\jsobrier@zscaler.com FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\java\jre6\lib\deploy\jqs\ff FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\avast software\avast\webrep\FF . ============= SERVICES / DRIVERS =============== . R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [2010-7-29 15328] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-3-15 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-3-15 337880] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [2010-11-29 249616] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2010-6-12 162544] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2010-6-12 44784] R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\emsisoft anti-malware\a2service.exe [2010-9-12 3045688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-3-15 20696] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2011-5-18 21992] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [2010-6-25 35088] R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [2010-11-29 160448] R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [2010-11-29 89192] R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [2010-11-29 57536] R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [2010-11-29 124992] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [2010-9-14 33792] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2010-6-7 111280] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2011-4-26 122224] S3 a2acc;a2acc;c:\program files\emsisoft anti-malware\a2accx86.sys [2010-9-12 51632] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [2010-5-25 1684736] S3 cpuz134;cpuz134;c:\program files\cpuid\pc wizard 2010\pcwiz_x32.sys [2011-5-18 20328] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-3-28 40776] S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [2010-11-29 57536] S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [2010-7-29 44512] . =============== File Associations =============== . ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" . =============== Created Last 30 ================ . 2012-03-28 15:05:38 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-03-23 10:19:13 -------- d-sh--w- C:\found.002 2012-03-15 13:53:33 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-15 13:52:20 -------- d-----w- c:\program files\AVAST Software 2012-03-15 13:52:20 -------- d-----w- c:\documents and settings\all users\application data\AVAST Software 2012-03-15 12:28:13 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-15 12:08:27 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2012-03-15 12:08:26 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-03-15 12:08:26 3072 ------w- c:\windows\system32\iacenc.dll 2012-03-15 12:07:51 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys . ==================== Find3M ==================== . 2012-03-15 12:27:51 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-15 12:21:40 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-15 12:06:01 260448 ----a-w- c:\windows\system32\nvdrsdb0.bin 2012-03-15 12:06:01 1 ----a-w- c:\windows\system32\nvdrssel.bin 2012-03-15 12:06:00 260440 ----a-w- c:\windows\system32\nvdrsdb1.bin 2012-03-07 00:15:19 41184 ----a-w- c:\windows\avastSS.scr 2012-02-03 09:22:18 1860096 ----a-w- c:\windows\system32\win32k.sys 2012-01-09 16:20:25 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys . ============= FINISH: 12:40:27,96 =============== ATTACH : . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 24.5.2010 г. 16:05:51 System Uptime: 03.4.2012 г. 11:04:36 (1 hours ago) . Motherboard: | | ALiveNF4G-DVI Processor: AMD Sempron Processor 2800+ | CPUSocket | 2000/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 19 GiB total, 6,603 GiB free. D: is FIXED (NTFS) - 130 GiB total, 21,14 GiB free. E: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . No restore point in system. . ==== Installed Programs ====================== . µTorrent Adobe Flash Player 10 ActiveX Adobe Flash Player 11 Plugin Ashampoo Burning Studio 6 FREE v.6.80 avast! Free Antivirus BusinessCardsMX 3.42 CCleaner CoreAVC Professional Edition (remove only) CPUID CPU-Z 1.57.1 DTS+AC3 Filter Emsisoft Anti-Malware 5.0 ESET Online Scanner v3 Eye Corrector Foxit Reader GOM Player Haali Media Splitter HD Tune 2.55 Hotfix for Windows XP (KB976002-v5) Inhatch web plugins IP-TV Player 0.28.1.8819 Java Auto Updater Java 6 Update 31 JustVoip LibreOffice 3.4 Macrium Reflect - Free Edition Malwarebytes Anti-Malware, версия 1.60.1.1000 Microsoft Silverlight Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Mozilla Firefox (3.6.15) MPEG2 Codec(libmpeg2/mad) Nokia Connectivity Cable Driver Nokia PC Suite NVIDIA Control Panel 270.61 NVIDIA Drivers NVIDIA ForceWare Network Access Manager NVIDIA Graphics Driver 270.61 NVIDIA Install Application NVIDIA nView 135.70 NVIDIA nView Desktop Manager Opera 11.62 Oracle VM VirtualBox 4.0.6 Orbit Downloader PC Connectivity Solution PC Tools Firewall Plus 7.0 PC Wizard 2010.1.96 Realtek High Definition Audio Driver runtime Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2647516) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Skype™ 5.3 SUPERAntiSpyware System Requirements Lab TrueCrypt Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Veetle TV VLC media player 1.1.11 WebFldrs XP Windows Driver Package - Advanced Micro Devices (AmdK8) Processor (04/28/2006 1.3.1.0) Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) Windows Driver Package - Nokia Modem (02/15/2007 3.1) Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) Windows Internet Explorer 8 Windows Media Player Firefox Plugin Windows XP Service Pack 3 WinPcap 4.1.2 WinRAR archiver . ==== Event Viewer Messages From Past Week ======== . 31.3.2012 г. 18:22:40, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 31.3.2012 г. 18:22:40, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 31.3.2012 г. 18:22:22, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:22:22, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:22:22, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:22:22, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:22:22, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:20:10, error: System Error [1003] - Error code 1000008e, parameter1 c000001d, parameter2 f01b8cb4, parameter3 b77572ac, parameter4 00000000. 31.3.2012 г. 18:19:57, error: Service Control Manager [7034] - The Terminal Services service terminated unexpectedly. It has done this 1 time(s). 31.3.2012 г. 18:19:57, error: Service Control Manager [7031] - The DCOM Server Process Launcher service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 31.3.2012 г. 18:19:54, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 31.3.2012 г. 18:19:54, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 31.3.2012 г. 18:19:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:19:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:19:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:19:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 18:19:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:57:22, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 31.3.2012 г. 17:57:22, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 31.3.2012 г. 17:56:13, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:56:13, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:56:13, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:56:13, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:56:13, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:51:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:51:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:51:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:51:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 17:51:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 14:43:28, error: Service Control Manager [7009] - Timeout (30000 milliseconds) waiting for the ForceWare Intelligent Application Manager (IAM) service to connect. 31.3.2012 г. 14:43:28, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 31.3.2012 г. 14:43:28, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 31.3.2012 г. 14:43:28, error: Service Control Manager [7000] - The ForceWare Intelligent Application Manager (IAM) service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion. 31.3.2012 г. 14:42:16, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 14:42:16, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 14:42:16, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 14:42:16, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 14:42:16, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:52:22, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 31.3.2012 г. 13:52:22, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 31.3.2012 г. 13:51:52, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:51:52, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:51:52, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:51:52, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:51:52, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:48:08, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:48:08, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:48:08, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:48:08, error: NetBT [4311] - Initialization failed because the driver device could not be created. 31.3.2012 г. 13:48:08, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 15:43:27, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 30.3.2012 г. 15:43:27, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 30.3.2012 г. 10:34:40, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 10:34:40, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 10:34:40, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 10:34:40, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 10:34:40, error: NetBT [4311] - Initialization failed because the driver device could not be created. 30.3.2012 г. 10:34:38, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 30.3.2012 г. 10:34:38, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 29.3.2012 г. 17:49:53, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 29.3.2012 г. 17:49:53, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 29.3.2012 г. 17:49:19, error: NetBT [4311] - Initialization failed because the driver device could not be created. 29.3.2012 г. 17:49:19, error: NetBT [4311] - Initialization failed because the driver device could not be created. 29.3.2012 г. 17:49:19, error: NetBT [4311] - Initialization failed because the driver device could not be created. 29.3.2012 г. 17:49:19, error: NetBT [4311] - Initialization failed because the driver device could not be created. 29.3.2012 г. 17:49:19, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:25:33, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 28.3.2012 г. 19:25:33, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 28.3.2012 г. 19:24:27, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:24:27, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:24:27, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:24:27, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:24:27, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:21:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:21:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:21:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:21:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 19:21:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:04:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:04:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:04:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:04:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:04:07, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:03:59, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 28.3.2012 г. 18:03:59, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 28.3.2012 г. 18:01:27, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 28.3.2012 г. 18:00:36, error: DCOM [10005] - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF} 28.3.2012 г. 18:00:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:00:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:00:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:00:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 18:00:30, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 12:21:19, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 28.3.2012 г. 12:21:19, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 28.3.2012 г. 12:21:17, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 12:21:17, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 12:21:17, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 12:21:17, error: NetBT [4311] - Initialization failed because the driver device could not be created. 28.3.2012 г. 12:21:17, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:58, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:58, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:58, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:58, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:58, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:06:48, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 27.3.2012 г. 13:06:48, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 27.3.2012 г. 13:04:04, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:04:04, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:04:04, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:04:04, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:04:04, error: NetBT [4311] - Initialization failed because the driver device could not be created. 27.3.2012 г. 13:04:02, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 27.3.2012 г. 13:04:02, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 03.4.2012 г. 11:05:44, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 11:05:44, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 03.4.2012 г. 11:05:18, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 11:05:18, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 11:05:18, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 11:05:18, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 11:05:18, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 06:14:20, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 03.4.2012 г. 06:14:20, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 03.4.2012 г. 06:13:42, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 06:13:41, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 06:13:41, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 06:13:41, error: NetBT [4311] - Initialization failed because the driver device could not be created. 03.4.2012 г. 06:13:41, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 23:15:26, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02.4.2012 г. 23:15:26, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 02.4.2012 г. 23:15:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 23:15:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 23:15:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 23:15:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 23:15:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 16:13:10, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02.4.2012 г. 16:13:10, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 02.4.2012 г. 16:13:03, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 16:13:03, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 16:13:03, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 16:13:03, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 16:13:03, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 12:23:14, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 02.4.2012 г. 12:23:14, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 02.4.2012 г. 12:23:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 12:23:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 12:23:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 12:23:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 02.4.2012 г. 12:23:00, error: NetBT [4311] - Initialization failed because the driver device could not be created. 01.4.2012 г. 14:06:57, error: Service Control Manager [7001] - The Computer Browser service depends on the Server service which failed to start because of the following error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it. 01.4.2012 г. 14:06:57, error: Service Control Manager [7000] - The NVIDIA Update Service Daemon service failed to start due to the following error: The system cannot find the path specified. 01.4.2012 г. 14:06:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 01.4.2012 г. 14:06:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 01.4.2012 г. 14:06:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 01.4.2012 г. 14:06:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. 01.4.2012 г. 14:06:21, error: NetBT [4311] - Initialization failed because the driver device could not be created. . ==== End Of File ===========================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!Дневниците изглеждат наред..!Предлагам да направим още няколко проверки!

Публикувано изображение Моля, изтеглете aswMBR и го запазете на вашия десктоп.

  • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
  • Изчакайте да изтегли дефинициите на avast!
  • От падащото меню посочете дял C:\ както е на снимката:
Публикувано изображение
  • Изберете Scan бутона, за да започне проверката.
  • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.
Публикувано изображение Моля,изтрийте изтрийте вашата версия на TDSSKiller , изтеглете последната версия на TDSSKiller - оттук и я запазете на вашия декстоп.
  • Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.

    Публикувано изображение

  • Сложете отметки пред Verify Driver Digital Signature и Detect TDLFS file system и натиснете ОК.

    Публикувано изображение

  • Натиснете бутона Start Scan.

    Публикувано изображение

  • Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.

    Публикувано изображение

  • Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.

    Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.

    Публикувано изображение

    Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.

  • Лог файл ще бъде създаден в свободната директория на дял C:\ . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Извинявам се за закъснението ! Компютъра не е използван от последния ми коментар, тоест не пипано и променяно нищо по него. Ето и логовете на ТДСС и aswMBR от преди малко : aswMBR.txt TDSSKiller.2.7.26.0_05.04.2012_10.50.05_log.txt ПС Незнайно защо немога да пейстна логовете, затова ги прикачвам.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Няма проблем...обаче в тези логове аз не виждам нищо притеснително..чисти са..!:)

Публикувано изображение Изтеглете ComboFix Публикувано изображение от тук или тук и го запазете на десктопа си.

  • Изключете вашата антивирусна и антишпионска програма, обикновено това става чрез натискане на десния бутон на мишката върху иконата на програма в системния трей.
Бележка: Ако не можете я спрете или не сте сигурни коя програма да изключите, моля прегледайте информацията от този линк: How to Disable your Security Programs
  • Стартирайте Combo-Fix.com Публикувано изображение и следвайте инструкциите.
Бележка: ComboFix ще се стартира без инсталирана Recovery Console.
  • Като част от неговата работа, ComboFix ще провери дали Microsoft Windows Recovery Console е инсталирана. Предвид бързо развиващия се зловреден софтуер е силно препоръчително да бъде инсталирана преди премахването на зловредния софтуер. Това ще Ви позволи да влезете в специален recovery/repair режим, който ще ни позволи по-лесно да решите проблем, който би могъл да възникне при премахване на зловредния софтуер.
  • Следвайте инструкциите, за да позволите на ComboFix да изтегли и инсталира Microsoft Windows Recovery Console. В един момент ще бъдете попитани дали сте съгласни с лицензното споразумение. Необходимо е да потвърдите, че сте съгласни, за да инсталирате Microsoft Windows Recovery Console.
** Забележете: Ако Microsoft Windows Recovery Console е вече инсталирана, ComboFix ще продължи към процеса по премахване на зловредния софтуер.

Публикувано изображение

След като Microsoft Windows Recovery Console е инсталирана, използвайки ComboFix, Вие ще видите следното съобщение:

Публикувано изображение

Изберете Yes, за да продължи сканирането за зловреден софтуер.

Когато процесът приключи успешно, инструментът ще създаде лог файл. Моля, включете съдържанието на C:\ComboFix.txt в следващия Ви коментар в тази тема.

Бележка:

  • Моля, не движете мишката, докато ComboFix работи. Това може да наруши процеса на работа.
  • ComboFix ще нулира всички настройки на Microsoft Internet Explorer, включително да направи IE браузър по подразбиране.
  • ComboFix ще изключи autorun функцията на ВСИЧКИ CD, Floppy и USB устройства, за да помогне при премахването на зловредния софтуер и Ви защити от бъдещи вируси/заплахи, които поразяват чрез autorun. Ако това е проблем за вас - моля, уведомете ме.
  • ComboFix ще изключи вашата интернет връзка. Интернет връзката ще се възстанови автоматично, преди ComboFix да завърши процеса на работа. При проблем, той ще прекрати интернет връзката. За да възстановите интернет връзката си, рестартирайте компютъра си.
  • В случай на проблем с ComboFix, той може да създаде лог файл. Моля, включете съдържанието на C:\BUG.txt в следващия Ви коментар в тази тема.
Публикувано изображение Моля, не прикачвайте лог файла/овете от програмата, а го/ги копирайте и поставете в следващия Ви коментар в тази тема.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

ComboFix 12-04-07.01 - VGV 04.2012 г. 9:58.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.959.546 [GMT 3:00] Running from: c:\documents and settings\VGV\Desktop\ComboFix.exe AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D} FW: PC Tools Firewall Plus *Enabled* {ABBD5028-5A95-4B6D-996E-98D64AE88D52} . . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . . c:\documents and settings\All Users\Application Data\TEMP c:\windows\system32\CddbCdda.dll c:\windows\system32\dllcache\dlimport.exe c:\windows\system32\Thumbs.db . . ((((((((((((((((((((((((( Files Created from 2012-03-07 to 2012-04-07 ))))))))))))))))))))))))))))))) . . 2012-03-28 15:05 . 2012-03-28 15:05 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2012-03-23 10:19 . 2012-03-23 10:19 -------- d-----w- C:\found.002 2012-03-15 13:54 . 2012-03-07 00:01 20696 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys 2012-03-15 13:54 . 2012-03-07 00:03 337880 ----a-w- c:\windows\system32\drivers\aswSP.sys 2012-03-15 13:53 . 2012-03-07 00:02 35672 ----a-w- c:\windows\system32\drivers\aswRdr.sys 2012-03-15 13:53 . 2012-03-07 00:01 53848 ----a-w- c:\windows\system32\drivers\aswTdi.sys 2012-03-15 13:53 . 2012-03-07 00:03 612184 ----a-w- c:\windows\system32\drivers\aswSnx.sys 2012-03-15 13:53 . 2012-03-07 00:01 95704 ----a-w- c:\windows\system32\drivers\aswmon2.sys 2012-03-15 13:53 . 2012-03-07 00:01 89048 ----a-w- c:\windows\system32\drivers\aswmon.sys 2012-03-15 13:53 . 2012-03-06 23:58 24920 ----a-w- c:\windows\system32\drivers\aavmker4.sys 2012-03-15 13:52 . 2012-03-07 00:15 201352 ----a-w- c:\windows\system32\aswBoot.exe 2012-03-15 13:52 . 2012-03-15 13:52 -------- d-----w- c:\program files\AVAST Software 2012-03-15 13:52 . 2012-03-15 13:52 -------- d-----w- c:\documents and settings\All Users\Application Data\AVAST Software 2012-03-15 12:28 . 2012-03-15 12:28 -------- d-----w- c:\program files\Common Files\Java 2012-03-15 12:28 . 2012-03-15 12:27 73728 ----a-w- c:\windows\system32\javacpl.cpl 2012-03-15 12:27 . 2012-03-15 12:27 -------- d-----w- c:\program files\Java 2012-03-15 12:08 . 2011-07-08 14:02 10496 -c----w- c:\windows\system32\dllcache\ndistapi.sys 2012-03-15 12:08 . 2012-01-11 19:06 3072 -c----w- c:\windows\system32\dllcache\iacenc.dll 2012-03-15 12:08 . 2012-01-11 19:06 3072 ------w- c:\windows\system32\iacenc.dll 2012-03-15 12:07 . 2012-01-09 16:20 139784 -c----w- c:\windows\system32\dllcache\rdpwd.sys . . . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2012-03-15 12:27 . 2011-06-17 12:54 472808 ----a-w- c:\windows\system32\deployJava1.dll 2012-03-15 12:21 . 2011-06-08 07:29 414368 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-03-07 00:15 . 2011-01-13 14:57 41184 ----a-w- c:\windows\avastSS.scr 2012-02-03 09:22 . 2006-01-25 09:58 1860096 ----a-w- c:\windows\system32\win32k.sys 2012-01-09 16:20 . 2010-05-24 12:59 139784 ----a-w- c:\windows\system32\drivers\rdpwd.sys . . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 . [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast] @="{472083B0-C522-11CF-8763-00608CC02F24}" [HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}] 2012-03-07 00:15 123536 ----a-w- c:\program files\AVAST Software\Avast\ashShell.dll . [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "autosandboxtest"="If you can see this text even from a non-virtualized application then the application (avast! autosandboxme) wasn't sandboxed properly." [X] . [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2009-10-06 18750976] "00PCTFW"="c:\program files\PC Tools Firewall Plus\FirewallGUI.exe" [2010-11-29 2676696] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "PCSuiteTrayApplication"="c:\program files\Nokia\Nokia PC Suite 6\LaunchApplication.exe" [2007-06-18 271360] "NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2011-04-07 111208] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2011-04-07 13891176] "nwiz"="nwiz.exe" [2009-01-16 1657376] "SunJavaUpdateSched"="c:\program files\Common Files\Java\Java Update\jusched.exe" [2012-01-18 254696] "avast"="c:\program files\AVAST Software\Avast\avastUI.exe" [2012-03-07 4241512] . [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "Nokia.PCSync"="c:\program files\Nokia\Nokia PC Suite 6\PcSync2.exe" [2007-06-19 1241088] . [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] . [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) "DisableUnicastResponsesToMulticastBroadcast"= 0 (0x0) . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\JustVoip.com\\JustVoip\\JustVoip.exe"= "c:\\Program Files\\Orbitdownloader\\orbitdm.exe"= "c:\\Program Files\\Orbitdownloader\\orbitnet.exe"= "c:\\Program Files\\Mozilla Firefox\\firefox.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= "c:\\Program Files\\Veetle\\Player\\VeetleNet.exe"= "c:\\Program Files\\IP-TV Player\\IpTvPlayer.exe"= . [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "2706:TCP"= 2706:TCP:Inhatch P2P Streaming "2707:TCP"= 2707:TCP:Inhatch P2P Streaming "2708:TCP"= 2708:TCP:Inhatch P2P Streaming "2709:TCP"= 2709:TCP:Inhatch P2P Streaming "10950:TCP"= 10950:TCP:Inhatch P2P Streaming "10951:TCP"= 10951:TCP:Inhatch P2P Streaming "10952:TCP"= 10952:TCP:Inhatch P2P Streaming "10953:TCP"= 10953:TCP:Inhatch P2P Streaming "49780:UDP"= 49780:UDP:Inhatch P2P Streaming . R0 pssnap;Paramount Software Snapshot Filter;c:\windows\system32\drivers\pssnap.sys [29.7.2010 г. 20:28 15328] R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [15.3.2012 г. 16:53 612184] R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [15.3.2012 г. 16:54 337880] R1 pctgntdi;pctgntdi;c:\windows\system32\drivers\pctgntdi.sys [29.11.2010 г. 23:06 249616] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17.2.2010 г. 21:25 12872] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10.5.2010 г. 21:41 67656] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [12.6.2010 г. 15:16 162544] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [12.6.2010 г. 15:16 44784] R2 a2AntiMalware;Emsisoft Anti-Malware 5.0 - Service;c:\program files\Emsisoft Anti-Malware\a2service.exe [12.9.2010 г. 23:34 3045688] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [15.3.2012 г. 16:54 20696] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [18.5.2011 г. 14:46 21992] R2 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [25.6.2010 г. 20:07 35088] R2 PCTAppEvent;PCTAppEvent Driver;c:\windows\system32\drivers\PCTAppEvent.sys [29.11.2010 г. 23:06 160448] R2 ReflectService;Macrium Reflect Image Mounting Service;c:\program files\Macrium\Reflect\ReflectService.exe [29.7.2010 г. 20:27 220128] R3 PCTFW-PacketFilter;PCTools Firewall - Packet filter driver;c:\windows\system32\drivers\pctNdis-PacketFilter.sys [29.11.2010 г. 23:05 89192] R3 pctNdisMP;PC Tools Driver;c:\windows\system32\drivers\pctNdis.sys [29.11.2010 г. 23:05 57536] R3 pctplfw;pctplfw;c:\windows\system32\drivers\pctplfw.sys [29.11.2010 г. 23:05 124992] R3 RMSPPPOE;WAN Miniport (PPP over Ethernet Protocol);c:\windows\system32\drivers\RMSPPPOE.SYS [14.9.2010 г. 15:23 33792] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [07.6.2010 г. 14:38 111280] R3 VBoxNetFlt;VBoxNetFlt Service;c:\windows\system32\drivers\VBoxNetFlt.sys [26.4.2011 г. 15:10 122224] S2 nvUpdatusService;NVIDIA Update Service Daemon; [x] S3 a2acc;a2acc;c:\program files\Emsisoft Anti-Malware\a2accx86.sys [12.9.2010 г. 23:34 51632] S3 Ambfilt;Ambfilt;c:\windows\system32\drivers\Ambfilt.sys [25.5.2010 г. 14:20 1684736] S3 cpuz134;cpuz134;c:\program files\CPUID\PC Wizard 2010\pcwiz_x32.sys [18.5.2011 г. 19:42 20328] S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [28.3.2012 г. 18:05 40776] S3 pctNdis;PC Tools Firewall Intermediate Filter Service;c:\windows\system32\drivers\pctNdis.sys [29.11.2010 г. 23:05 57536] S3 PSMounter;Macrium Reflect Image Explorer Service;c:\windows\system32\drivers\psmounter.sys [29.7.2010 г. 20:27 44512] . . ------- Supplementary Scan ------- . uStart Page = hxxp://tv.unicsbg.net/ IE: &Download by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/204 IE: Do&wnload selected by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\Orbitdownloader\orbitmxt.dll/202 LSP: %SYSTEMROOT%\system32\nvLsp.dll TCP: DhcpNameServer = 46.40.72.9 46.40.72.13 FF - ProfilePath - c:\documents and settings\VGV\Application Data\Mozilla\Firefox\Profiles\5fodehtv.default\ FF - Ext: Default: {972ce4c6-7e08-4474-a285-3208198ce6fd} - c:\program files\Mozilla Firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} FF - Ext: Java Console: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - c:\program files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} FF - Ext: BlackSheep: jsobrier@zscaler.com - %profile%\extensions\jsobrier@zscaler.com FF - Ext: Java Quick Starter: jqs@sun.com - c:\program files\Java\jre6\lib\deploy\jqs\ff FF - Ext: avast! WebRep: wrc@avast.com - c:\program files\AVAST Software\Avast\WebRep\FF . . ************************************************************************** . catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2012-04-07 10:06 Windows 5.1.2600 Service Pack 3 NTFS . scanning hidden processes ... . scanning hidden autostart entries ... . scanning hidden files ... . scan completed successfully hidden files: 0 . ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- . [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\Shell\B20@O=5 *=0 *C*C*l*e*a*n*e*r*& \command] @="c:\\Program Files\\CCleaner\\ccleaner.exe" . [HKEY_LOCAL_MACHINE\software\Microsoft\Environment*] "Licence0"="04F0D21-79D8-7A25-D702-433F" . --------------------- DLLs Loaded Under Running Processes --------------------- . - - - - - - - > 'winlogon.exe'(1644) c:\program files\SUPERAntiSpyware\SASWINLO.DLL c:\windows\system32\WININET.dll . - - - - - - - > 'lsass.exe'(1700) c:\windows\system32\nvLsp.dll . Completion time: 2012-04-07 10:10:20 ComboFix-quarantined-files.txt 2012-04-07 07:10 . Pre-Run: 7 087 210 496 bytes free Post-Run: 7 043 837 952 bytes free . WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons UnsupportedDebug="do not select this" /debug multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /fastdetect /NoExecute=OptOut . - - End Of File - - 9E2A9296E5360714131AC845E250EE2B


Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Публикувано изображение Изтеглете Malwarebytes' Anti-Malware или от тук

* Кликнете два пъти върху mbam-setup.exe, за да инсталирате програмата.

* Уверете се, че са поставени отметки на Update Malwarebytes' Anti-Malware и Launch Malwarebytes' Anti-Malware. След това кликнете на Finish.

* Ако има намерени обновявания, тя ще ги изтегли и инсталира.

* Стартирайте програмата и изберете "Perform Full Scan", след това кликнете на Scan.

* Сканирането ще отнеме малко време, затова моля да бъдете търпеливи.

* Когато сканирането завърши, кликнете на OK, след това Show Results, за да видите резултата.

* Уверете се, че на всички редове има отметки, и кликнете на Remove Selected.

* Когато всичко бъде премахнато, в Notepad ще бъде отворен лог. Копирайте този лог и го публикувайте в следващия си коментар по темата.

Забележка: Ако MalwareBytes' Anti-Malware се затрудни в премахването на откритите вируси/заплахи, той ще поиска да рестартира компютъра Ви и по време на рестартирането да премахне проблемните вируси/заплахи. Ако бъдете попитани, потвърдете че желаете вашия компютър да бъде рестартиран.

Публикувано изображение Изтеглете програмата: ESET Online Scanner

  • Стартирайте esetsmartinstaller_enu.exe Публикувано изображение
  • Сложете отметка на YES, I accept the Terms of Use и изберете Start:

    Публикувано изображение

  • Скенерът ще започне да изтегля компонентите, които са му необходими:

    Публикувано изображение

  • Уверете се, че има отметки на следните редове:

    Публикувано изображение

    Накрая изберете Start

  • Скенерът ще започне да изтегля последните дефиниции.
  • След, като сканирането завърши изберете Finish.
  • Отидете в: C:\Program Files\ESET\ESET Online Scanner
  • Отворете файла log.txt , копирайте съдържанието му и го поставете в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.