Премини към съдържанието

Архивирана тема

Темата е твърде стара и е архивирана. Не можете да добавяте нови отговори в нея, но винаги можете да публикувате нова тема, в която да продължи дискусията. Регистрирайте се или влезте във вашия профил за да публикувате нова тема.

Stormborn

Често прекъсване на интернета (съмнение за вирус)

Препоръчан отговор


Здравейте! От 1 седмица насам интернетът прекъсва доста често. Както си браузвам, не иска да ми зарежда страниците, след 10-15 опита зарежда, но често не всичко; не мога да изгледам и един клип. Обаждах се на доставчика, казват че статусът е нормален, помолиха ме да рестартирам рутера, но и след това отново прекъсва. С другия компютър и телефона всичко си зарежда нормално. Остава варианта, че проблемът е причинен от вирус. Сканирах с Malware Bytes, ни нищо не откри. Ето и логовете от DDS: DDS (Ver_2011-09-30.01) - NTFS_AMD64 Internet Explorer: 8.0.7601.17514 Run by user at 19:32:18 on 2012-06-24 Microsoft Windows 7 Ultimate 6.1.7601.1.1251.359.1026.18.4040.2136 [GMT 3:00] . AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C} SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\Windows\system32\wininit.exe C:\Windows\system32\lsm.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\system32\svchost.exe -k LocalService C:\Program Files\NVIDIA Corporation\Display\NvXDSync.exe C:\Windows\system32\nvvsvc.exe C:\Windows\system32\svchost.exe -k NetworkService C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\Windows\System32\spoolsv.exe C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Windows\system32\taskhost.exe C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe C:\Windows\system32\svchost.exe -k imgsvc C:\Windows\Explorer.EXE C:\Windows\system32\Dwm.exe C:\Windows\system32\svchost.exe -k bthsvcs C:\Windows\System32\igfxtray.exe C:\Windows\System32\hkcmd.exe C:\Windows\System32\igfxpers.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe C:\Program Files\Synaptics\SynTP\SynTPHelper.exe C:\Program Files (x86)\Lenovo\Energy Management\utility.exe C:\Program Files\Windows Sidebar\sidebar.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe C:\Program Files\Alwil Software\Avast5\AvastUI.exe C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\Windows\system32\SearchIndexer.exe C:\Program Files\Windows Media Player\wmpnetwk.exe C:\Windows\System32\svchost.exe -k LocalServicePeerNet C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe C:\Windows\System32\svchost.exe -k secsvcs C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe C:\Windows\system32\taskhost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_3_300_262.exe C:\Program Files (x86)\WinRAR\WinRAR.exe C:\Windows\system32\wbem\wmiprvse.exe C:\Windows\system32\vssvc.exe C:\Windows\System32\svchost.exe -k swprv C:\Windows\system32\conhost.exe C:\Windows\System32\cscript.exe . ============== Pseudo HJT Report =============== . mWinlogon: Userinit = userinit.exe, BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll BHO: Skype add-on (mastermind): {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll uRun: [skype] "C:\Program Files (x86)\Skype\\Phone\Skype.exe" /nosplash /minimized uRun: [DAEMON Tools Lite] "D:\Daemon Tools\DAEMON Tools Lite\DTLite.exe" -autorun uRun: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun uRun: [AdobeBridge] <no file> uRunOnce: [FlashPlayerUpdate] C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_11_2_202_235_Plugin.exe -update plugin mRun: [iAStorIcon] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe mRun: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe" mRun: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" mRun: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui mRun: [AdobeCS5.5ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS5.5ServiceManager\CS5.5ServiceManager.exe" -launchedbylogin mRun: [switchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [TkBellExe] "C:\Program Files (x86)\Real\RealPlayer\update\realsched.exe" -osboot StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\BLUETO~1.LNK - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe mPolicies-Explorer: NoActiveDesktop = dword:1 mPolicies-Explorer: NoActiveDesktopChanges = dword:1 mPolicies-System: ConsentPromptBehaviorAdmin = dword:0 mPolicies-System: ConsentPromptBehaviorUser = dword:3 mPolicies-System: EnableLUA = dword:0 mPolicies-System: EnableUIADesktopToggle = dword:0 mPolicies-System: PromptOnSecureDesktop = dword:0 IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000 IE: Изпращане на изображение към &Bluetooth устройство... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm IE: Изпращане на страница към &Bluetooth устройство... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm IE: {77BF5300-1474-4EC7-9980-D32B190E9B07} - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm TCP: NameServer = 195.54.44.22 195.54.44.23 192.168.1.1 TCP: Interfaces\{4DC23DD9-32C3-45DE-BA8D-4D4CD2335789} : DHCPNameServer = 195.54.44.22 195.54.44.23 192.168.1.1 TCP: Interfaces\{4DC23DD9-32C3-45DE-BA8D-4D4CD2335789}\45563686E6F636964797 : DHCPNameServer = 192.168.2.1 TCP: Interfaces\{4DC23DD9-32C3-45DE-BA8D-4D4CD2335789}\46563796 : DHCPNameServer = 192.168.0.1 TCP: Interfaces\{CC46432A-1ACF-4E4D-9D2F-BFBBE088A203} : DHCPNameServer = 192.168.137.1 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll SSODL: WebCheck - <orphaned> x64-BHO: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-TB: avast! WebRep: {318A227B-5E9F-45bd-8999-7F8F10CA4CF5} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE64.dll x64-Run: [igfxTray] C:\Windows\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s x64-Run: [synTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe x64-Run: [updatePRCShortCut] "C:\Program Files\Lenovo\OneKey App\OneKey Recovery\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\OneKey App\OneKey Recovery" UpdateWithCreateOnce "Software\Lenovo\OneKey App\OneKey Recovery" x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned> x64-Notify: igfxcui - igfxdev.dll x64-SSODL: WebCheck - <orphaned> Hosts: 127.0.0.1 validation.sls.microsoft.com . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\ecwgkt9r.default\ FF - prefs.js: browser.startup.homepage - google.bg FF - plugin: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll FF - plugin: C:\Program Files (x86)\Google\Update\1.3.21.111\npGoogleUpdate3.dll FF - plugin: C:\Program Files (x86)\Real\RealPlayer\Netscape6\nprpplugin.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll FF - plugin: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_262.dll . ============= SERVICES / DRIVERS =============== . R0 LHDmgr;LHDmgr;C:\Windows\System32\drivers\LhdX64.sys [2012-2-17 39008] R0 nvpciflt;nvpciflt;C:\Windows\System32\drivers\nvpciflt.sys [2012-2-17 25960] R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2012-2-17 819032] R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2012-2-17 337240] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\Windows\System32\drivers\dtsoftbus01.sys [2012-2-18 283200] R2 {FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};{FE4C91E7-22C2-4D0C-9F6B-82F1B7742054};C:\Program Files (x86)\CyberLink\PowerDVD8\000.fcl [2008-2-1 32240] R2 AdobeARMservice;Adobe Acrobat Update Service;C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2012-1-3 63928] R2 aswFsBlk;aswFsBlk;C:\Windows\System32\drivers\aswFsBlk.sys [2012-2-17 24408] R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2012-2-17 69976] R2 avast! Antivirus;avast! Antivirus;C:\Program Files\Alwil Software\Avast5\AvastSvc.exe [2012-3-19 44768] R2 IAStorDataMgrSvc;Intel® Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe [2012-2-17 13336] R2 nvUpdatusService;NVIDIA Update Service Daemon;C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe [2012-2-17 2009704] R2 PSI_SVC_2_x64;Protexis Licensing V2 x64;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2010-11-30 336824] R2 UNS;Intel® Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe [2012-2-17 2656280] R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\Windows\System32\drivers\AcpiVpc.sys [2010-10-25 29792] R3 BTWAMPFL;BTWAMPFL;C:\Windows\System32\drivers\btwampfl.sys [2012-2-17 437288] R3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-2-17 89640] R3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2012-2-17 39976] R3 IntcDAud;Intel® Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2012-2-17 317440] R3 JMCR;JMCR;C:\Windows\System32\drivers\jmcr.sys [2012-2-17 174168] R3 k57nd60a;Broadcom NetLink ™ Gigabit Ethernet - NDIS 6.0;C:\Windows\System32\drivers\k57nd60a.sys [2011-5-9 425000] R3 MEIx64;Intel® Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2010-10-20 56344] R3 NETwNv64;___ Intel® Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\NETwNv64.sys [2012-2-17 8377856] R3 nusb3hub;Renesas Electronics USB 3.0 Hub Driver;C:\Windows\System32\drivers\nusb3hub.sys [2010-11-19 80384] R3 nusb3xhc;Renesas Electronics USB 3.0 Host Controller Driver;C:\Windows\System32\drivers\nusb3xhc.sys [2010-11-19 181248] R3 rtsuvc;Lenovo EasyCamera;C:\Windows\System32\drivers\rtsuvc.sys [2012-2-17 8199016] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2010-3-18 138576] S2 gupdate;Услуга на Google Актуализация (gupdate);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-19 136176] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-4-4 250056] S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168] S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2012-6-19 136176] S3 MozillaMaintenance;Mozilla Maintenance Service;C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2012-5-4 129976] S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-21 20992] S3 SwitchBoard;Adobe SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096] S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960] S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816] S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-21 59392] S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-21 31232] S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248] S3 wsvd;wsvd;C:\Windows\System32\drivers\wsvd.sys [2009-7-21 121840] . =============== Created Last 30 ================ . 2012-06-24 11:57:45 -------- d-----w- C:\Users\user\AppData\Local\Macromedia 2012-06-19 15:36:54 -------- d-----w- C:\Users\user\AppData\Local\Real 2012-06-19 15:36:40 -------- d-----w- C:\Program Files (x86)\Common Files\xing shared 2012-06-19 15:35:46 -------- d-----w- C:\Users\user\AppData\Local\Google 2012-06-18 20:26:14 69000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66B7C2AF-DA16-4939-B743-9CD091432115}\offreg.dll 2012-06-18 20:25:31 8955792 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{66B7C2AF-DA16-4939-B743-9CD091432115}\mpengine.dll 2012-05-27 13:58:47 -------- d-----w- C:\ProgramData\Protexis64 2012-05-27 13:57:19 -------- d-----w- C:\Program Files (x86)\Common Files\Corel 2012-05-27 13:57:16 -------- d-----w- C:\Program Files\Common Files\Protexis 2012-05-27 13:57:15 -------- d-----w- C:\ProgramData\Corel 2012-05-27 13:55:37 -------- d-----w- C:\ProgramData\Corel Painter 12 . ==================== Find3M ==================== . 2012-06-23 16:03:46 70344 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl 2012-06-23 16:03:46 426184 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe 2012-06-23 16:03:39 9815752 ----a-w- C:\Windows\SysWow64\FlashPlayerInstaller.exe 2012-06-19 15:36:32 499712 ----a-w- C:\Windows\SysWow64\msvcp71.dll 2012-06-19 15:36:32 348160 ----a-w- C:\Windows\SysWow64\msvcr71.dll 2012-04-04 12:56:40 24904 ----a-w- C:\Windows\System32\drivers\mbam.sys . ============= FINISH: 19:32:38,16 =============== DDS (Ver_2011-09-30.01) . Microsoft Windows 7 Ultimate Boot Device: \Device\HarddiskVolume1 Install Date: 17.2.2012 г. 10:46:26 System Uptime: 21.6.2012 г. 16:33:18 (75 hours ago) . Motherboard: LENOVO | | Base Board Product Name Processor: Intel® Core™ i7-2670QM CPU @ 2.20GHz | CPU1 | 2201/1333mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 45 GiB total, 19,857 GiB free. D: is FIXED (NTFS) - 654 GiB total, 523,731 GiB free. E: is CDROM () F: is CDROM () . ==== Disabled Device Manager Items ============= . Class GUID: Description: Bluetooth периферно устройство Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00B1\8&37F2AC4B&0&002668F387F3_C00000000 Manufacturer: Name: Bluetooth периферно устройство PNP Device ID: BTHENUM\{00005557-0000-1000-8000-0002EE000001}_VID&00010001_PID&00B1\8&37F2AC4B&0&002668F387F3_C00000000 Service: . ==== System Restore Points =================== . RP23: 22.6.2012 г. 22:53:59 - Планирана контролна точка . ==== Installed Programs ====================== . µTorrent 1ClickDownloader Ableton Live 8 Adobe AIR Adobe Community Help Adobe Flash Player 11 Plugin Adobe Illustrator CS5.1 Adobe Photoshop CS5.1 Adobe Reader X (10.1.3) AIDA64 Extreme Edition v2.20 ArtRage Studio Pro Demo avast! Free Antivirus Broadcom InConcert Maestro Broadcom NetLink Controller Corel Painter 12 Corel Painter 12 - IPM CyberLink PowerDVD 8 DAEMON Tools Lite Dia (remove only) Energy Management FastStone Image Viewer 4.5 Google Chrome Google Update Helper IconHandler 64 bit Intel® Management Engine Components Intel® Processor Graphics Intel® Rapid Storage Technology JMicron Flash Media Controller Driver Lenovo Bluetooth with Enhanced Data Rate Software Lenovo EasyCamera Lenovo OneKey Recovery Malwarebytes Anti-Malware, версия 1.61.0.1400 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Office Professional Edition 2003 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 Microsoft_VC80_ATL_x86 Microsoft_VC80_ATL_x86_x64 Microsoft_VC80_CRT_x86 Microsoft_VC80_CRT_x86_x64 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFC_x86_x64 Microsoft_VC80_MFCLOC_x86 Microsoft_VC80_MFCLOC_x86_x64 Microsoft_VC90_ATL_x86 Microsoft_VC90_ATL_x86_x64 Microsoft_VC90_CRT_x86 Microsoft_VC90_CRT_x86_x64 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFC_x86_x64 Microsoft_VC90_MFCLOC_x86 Microsoft_VC90_MFCLOC_x86_x64 Mozilla Firefox 12.0 (x86 bg) Mozilla Maintenance Service Nero Multimedia Suite NVIDIA 3D Vision Controller Driver NVIDIA 3D Vision Controller Driver 266.34 NVIDIA Control Panel 268.44 NVIDIA Graphics Driver 268.44 NVIDIA Install Application NVIDIA Optimus 1.0.21 NVIDIA Update Components Painter 12 - Content Painter 12 - Core Painter 12 - Corex64 Painter 12 - EN Painter 12 - Setup Files PDF Settings CS5 RealNetworks - Microsoft Visual C++ 2008 Runtime RealPlayer Realtek High Definition Audio Driver RealUpgrade 1.1 Renesas Electronics USB 3.0 Host Controller Driver Skype™ 3.8 Synaptics Pointing Device Driver The KMPlayer (remove only) Winamp Windows Driver Package - Lenovo (ACPIVPC) System (12/02/2010 6.1.0.1) WinRAR archiver Xilisoft Video Converter Ultimate . ==== Event Viewer Messages From Past Week ======== . 21.6.2012 г. 05:41:56, Error: Service Control Manager [7000] - Услуга Услуга на Google Актуализация (gupdate) не може да бъде стартирана поради следната грешка: Каналът е затворен. 21.6.2012 г. 05:41:56, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "109" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69} . ==== End Of File ===========================

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

Здравейте..!От предоставения дневник не се виждат зловредни неща..!Въпреки това да направим още няколко проверки.

Публикувано изображение Моля, изтеглете aswMBR и го запазете на вашия десктоп.

  • Кликнете с двоен клин на мишката върху файла aswMBR.exe за да го стартирате.
  • Изчакайте да изтегли дефинициите на avast!
  • От падащото меню посочете дял C:\ както е на снимката:
Публикувано изображение
  • Изберете Scan бутона, за да започне проверката.
  • Когато проверката завърши, натиснете бутона save log, запазете съдържанието на лог файла на десктопа и публикувайте съдържанието му в следващия си коментар.
Публикувано изображение Моля, изтеглете последната версия на TDSSKiller - оттук и я запазете на вашия декстоп.
  • Стартирайте TDSSKiller.exe за да стартирате приложението. След това кликнете върху бутона Change parameters.

    Публикувано изображение

  • Сложете отметки пред Verify Driver Digital Signature и Detect TDLFS file system и натиснете ОК.

    Публикувано изображение

  • Натиснете бутона Start Scan.

    Публикувано изображение

  • Ако подозрителен обект бъде засечен, действието по подразбиране ще бъде Skip, кликнете върху Continue.

    Публикувано изображение

  • Ако зловредни обекти бъдат намерени, тогава от падащото меню ще имате три възможности.

    Бъдете сигурни, че избраното действие е Cure и натиснете върху Continue > Рестартирайте за да бъде завършена поправката.

    Публикувано изображение

    Забележка: Ако Cure бутона не е наличен от възможностите, тогава моля изберете Skip бутона, не избирайте Delete освен ако не сте инструктирани затова.

  • Лог файл ще бъде създаден в свободната директория на дял C:\ . Потърсете за лог с името "TDSSKiller.[Version]_[Date]_[Time]_log.txt" и копирайте съдържанието му в следващия си пост.
Публикувано изображение Моля, изтеглете Farbar Service Scanner и я стартирайте.
  • Сложете всички отметки и натиснете бутона "Scan".
  • Ще се създаде лог файл с името (FSS.txt) в папката откъдето стартирате инструмента.
  • Копирайте съдържанието на лог файла в следващия си пост.
Публикувано изображение Моля, изтеглете MiniToolBox.exe, запазете го на десктопа и стартирайте програмата.
  • Сложете отметка пред всички обекти и натиснете Go. Изчакайте да завърши сканирането.
  • Копирайте съдържанието на файла Result.txt в следващия си коментар.

Сподели този отговор


Линк към този отговор
Сподели в други сайтове

  • Разглеждащи това в момента   0 потребители

    Няма регистрирани потребители разглеждащи тази страница.

  • Горещи теми в момента

  • Подобни теми

    • от vasilvas
      Имам съмнения, че системата ми е инфектирана. Ето логовете генерирани от D.D.S


      Attach: . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 22.4.2010 г. 11:13:49 System Uptime: 06.8.2012 г. 11:12:32 (0 hours ago) . Motherboard: | | 4Core1333-FullHD Processor: Genuine Intel(R) CPU 2160 @ 1.80GHz | CPUSocket | 1795/200mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 29 GiB total, 10,8 GiB free. D: is FIXED (NTFS) - 120 GiB total, 61,129 GiB free. E: is CDROM () F: is CDROM () G: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP199: 04.8.2012 г. 12:05:57 - System Checkpoint RP200: 04.8.2012 г. 15:34:57 - Installed Python 3.2.3 RP201: 04.8.2012 г. 22:33:28 - Software Distribution Service 3.0 RP202: 05.8.2012 г. 13:37:43 - Installed Oracle VM VirtualBox 4.1.18 RP203: 06.8.2012 г. 08:56:58 - Software Distribution Service 3.0 RP204: 06.8.2012 г. 11:25:58 - Software Distribution Service 3.0 . ==== Installed Programs ====================== . Архиватор WinRAR µTorrent Acoustica Effects Pack Acoustica Mixcraft 5 Adobe After Effects CS3 Adobe After Effects CS3 Presets Adobe AIR Adobe Anchor Service CS3 Adobe Asset Services CS3 Adobe Audition CS5.5 Adobe Bridge CS3 Adobe Bridge Start Meeting Adobe Camera Raw 4.0 Adobe CMaps Adobe Color - Photoshop Specific Adobe Color Common Settings Adobe Community Help Adobe Default Language CS3 Adobe Device Central CS3 Adobe ExtendScript Toolkit 2 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Fonts All Adobe Help Viewer CS3 Adobe Linguistics CS3 Adobe Media Player Adobe MotionPicture Color Files Adobe PDF Library Files Adobe Photoshop CS5 Adobe Reader X (10.1.1) Adobe Setup Adobe Shockwave Player 11.6 Adobe Type Support Adobe Update Manager CS3 Adobe Version Cue CS3 Client Adobe Video Profiles Adobe XMP DVA Panels CS3 Adobe XMP Panels CS3 Advanced SystemCare 5 Akamai NetSession Interface Antares Autotune VST v5.09 Apple Application Support Apple Software Update Assassin's Creed Audacity 2.0 Auto Shut Down 1.2 AviSynth 2.5 Babylon toolbar on IE Bandicam Bandisoft MPEG-1 Decoder BFL_FIFA_10 Blender (remove only) BSPlayer Build Your Own Net Dream (remove only) Camtasia Studio 7 Cheat Engine 6.0 Combined Community Codec Pack BETA 2009-12-03 Counter-Strike 1.6 Professional Edition v2.0 CPUID CPU-Z 1.60 Curse Client CyberGhost VPN DAudioK 0.1.9 beta Decal Converter DeskPins (remove only) DirectVobSub 2.40.3093 x86 Dragon Nest SEA EA SPORTS online 2006 EASEUS Partition Master 9.1.0 Home Edition EasyBits GO Enable Viacam 1.5.3 File Type Assistant FileZilla Client 3.3.5.1 Florensia 2.00.01 Foxit Reader Fraps (remove only) Game Booster 3 GameGain Garena Plus GMail Drive Shell Extension GOM Player Google Земя Google App Engine Google Toolbar for Internet Explorer Google Update Helper Haali Media Splitter Havij 1.14 Free Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595) Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484) Hotfix for Windows Media Format 11 SDK (KB929399) Hotfix for Windows XP (KB2158563) Hotfix for Windows XP (KB2443685) Hotfix for Windows XP (KB2570791) Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB932716-v2) Hotfix for Windows XP (KB942288-v3) Hotfix for Windows XP (KB954550-v5) Hotfix for Windows XP (KB961118) Hotfix for Windows XP (KB976002-v5) Hotfix for Windows XP (KB979306) Hotfix for Windows XP (KB981793) Hotspot Shield 2.67 Icy Tower v1.5 ImgBurn Instant HD Advanced ItaEst - Taka e! Java Auto Updater Java(TM) 6 Update 22 Just Great Software EditPad Lite 7.0.4 K-Lite Mega Codec Pack 5.1.0 KillProcess 2.44 Left 4 Dead Left 4 Dead Standalone Patch LogMeIn Hamachi MacroGamer 2.7.5 Malwarebytes Anti-Malware version 1.62.0.1300 ManyCam 2.6.55 (remove only) Mass Effect 2 MessengerDiscovery 3.2.180 Microsoft .NET Framework 2.0 Service Pack 2 Microsoft .NET Framework 3.0 Service Pack 2 Microsoft .NET Framework 3.5 SP1 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Antimalware Microsoft Application Error Reporting Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Choice Guard Microsoft Games for Windows - LIVE Microsoft Games for Windows - LIVE Redistributable Microsoft Office 2007 Service Pack 2 (SP2) Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office File Validation Add-In Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2) Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Security Client Microsoft Security Essentials Microsoft Silverlight Microsoft Software Update for Web Folders (English) 12 Microsoft SQL Server 2008 Management Objects Microsoft SQL Server 2008 Native Client Microsoft SQL Server Compact 3.5 SP1 Design Tools English Microsoft SQL Server Compact 3.5 SP1 English Microsoft User-Mode Driver Framework Feature Pack 1.0 Microsoft Visual Basic 6.0 Professional Edition Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 Microsoft Visual C++ 2005 Redistributable Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 Microsoft Web Publishing Wizard 1.53 Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 Microsoft XML Parser Microsoft XNA Framework Redistributable 4.0 Microsoft_VC80_ATL_x86 Microsoft_VC80_CRT_x86 Microsoft_VC80_MFC_x86 Microsoft_VC80_MFCLOC_x86 Microsoft_VC90_ATL_x86 Microsoft_VC90_CRT_x86 Microsoft_VC90_MFC_x86 Microsoft_VC90_MFCLOC_x86 MKVtoolnix 4.8.0 Motherboard Monitor 5 Mozilla Firefox 10.0 (x86 en-US) Mozilla Thunderbird (3.1.3) MSI Afterburner 2.1.0 MSN MSVCRT MSVCRT Redists MSXML 4.0 MSXML 4.0 SP2 (KB954430) MSXML 4.0 SP2 (KB973688) MSXML 6.0 Parser (KB933579) Naruto Naiteki Kensei Nero 8 Lite Nexon Game Manager nHancer No-IP DUC Norton PartitionMagic Norton PartitionMagic 8.0 Note-It v4.6 Notepad++ NVIDIA Control Panel 301.42 NVIDIA Graphics Driver 301.42 NVIDIA Install Application NVIDIA nView 135.95 NVIDIA PhysX NVIDIA PhysX System Software 9.12.0213 NVIDIA Update 1.8.15 NVIDIA Update Components Oracle VM VirtualBox 4.1.18 Orbit Downloader oZone3D.Net FurMark v1.8.2 Panda USB Vaccine 1.0.1.4 Pando Media Booster PCSX2 - Playstation 2 Emulator PDF Settings CS5 PE Explorer 1.99 R6 PerfectDisk 12 Professional PicPick Pivot Stickfigure Animator PlayClaw Pro Evolution Soccer 2012 1.01 Prototype Proxifier version 2.7 Python 2.6.4 Python 3.2.3 QuickStores-Toolbar 1.1.0 QuickTime QuickTime Alternative 1.76 Rapidshare Auto Downloader 4.1 RapidTyping ReadManiac 2.5.2 Realtek High Definition Audio Driver RivaTuner v2.24 MSI Master Overclocking Arena 2009 edition S4 League_EU Samsung USB Driver Sandboxie 3.64 (32-bit) Security Update for 2007 Microsoft Office System (KB2288621) Security Update for 2007 Microsoft Office System (KB2288931) Security Update for 2007 Microsoft Office System (KB2345043) Security Update for 2007 Microsoft Office System (KB2553089) Security Update for 2007 Microsoft Office System (KB2553090) Security Update for 2007 Microsoft Office System (KB2584063) Security Update for 2007 Microsoft Office System (KB969559) Security Update for 2007 Microsoft Office System (KB976321) Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424) Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708) Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663) Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870) Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636) Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078) Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351) Security Update for Microsoft .NET Framework 4 Extended (KB2416472) Security Update for Microsoft .NET Framework 4 Extended (KB2487367) Security Update for Microsoft .NET Framework 4 Extended (KB2656351) Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition Security Update for Microsoft Office Access 2007 (KB979440) Security Update for Microsoft Office Groove 2007 (KB2552997) Security Update for Microsoft Office InfoPath 2007 (KB2510061) Security Update for Microsoft Office InfoPath 2007 (KB979441) Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition Security Update for Microsoft Office Publisher 2007 (KB2596705) 32-Bit Edition Security Update for Microsoft Office system 2007 (972581) Security Update for Microsoft Office system 2007 (KB974234) Security Update for Microsoft Office Visio Viewer 2007 (KB973709) Security Update for Microsoft Office Word 2007 (KB2344993) Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2183461) Security Update for Windows Internet Explorer 8 (KB2360131) Security Update for Windows Internet Explorer 8 (KB2416400) Security Update for Windows Internet Explorer 8 (KB2482017) Security Update for Windows Internet Explorer 8 (KB2497640) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2530548) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2559049) Security Update for Windows Internet Explorer 8 (KB2586448) Security Update for Windows Internet Explorer 8 (KB2618444) Security Update for Windows Internet Explorer 8 (KB971961) Security Update for Windows Internet Explorer 8 (KB981332) Security Update for Windows Internet Explorer 8 (KB982381) Security Update for Windows Media Player (KB2378111) Security Update for Windows Media Player (KB954155) Security Update for Windows Media Player (KB968816) Security Update for Windows Media Player (KB973540) Security Update for Windows Media Player (KB975558) Security Update for Windows Media Player (KB978695) Security Update for Windows Media Player (KB979402) Security Update for Windows XP (KB2079403) Security Update for Windows XP (KB2115168) Security Update for Windows XP (KB2121546) Security Update for Windows XP (KB2160329) Security Update for Windows XP (KB2229593) Security Update for Windows XP (KB2259922) Security Update for Windows XP (KB2279986) Security Update for Windows XP (KB2286198) Security Update for Windows XP (KB2296011) Security Update for Windows XP (KB2296199) Security Update for Windows XP (KB2347290) Security Update for Windows XP (KB2360937) Security Update for Windows XP (KB2387149) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2423089) Security Update for Windows XP (KB2436673) Security Update for Windows XP (KB2440591) Security Update for Windows XP (KB2443105) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2476687) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479628) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485376) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2503658) Security Update for Windows XP (KB2503665) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2506223) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508272) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2511455) Security Update for Windows XP (KB2524375) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2536276) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2544893) Security Update for Windows XP (KB2555917) Security Update for Windows XP (KB2562937) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2567053) Security Update for Windows XP (KB2567680) Security Update for Windows XP (KB2570222) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2639417) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB941569) Security Update for Windows XP (KB956844) Security Update for Windows XP (KB958869) Security Update for Windows XP (KB969059) Security Update for Windows XP (KB969947) Security Update for Windows XP (KB970430) Security Update for Windows XP (KB971468) Security Update for Windows XP (KB971961) Security Update for Windows XP (KB972270) Security Update for Windows XP (KB973904) Security Update for Windows XP (KB974112) Security Update for Windows XP (KB974318) Security Update for Windows XP (KB974392) Security Update for Windows XP (KB974571) Security Update for Windows XP (KB975025) Security Update for Windows XP (KB975467) Security Update for Windows XP (KB975560) Security Update for Windows XP (KB975561) Security Update for Windows XP (KB975562) Security Update for Windows XP (KB975713) Security Update for Windows XP (KB977816) Security Update for Windows XP (KB977914) Security Update for Windows XP (KB978037) Security Update for Windows XP (KB978262) Security Update for Windows XP (KB978338) Security Update for Windows XP (KB978542) Security Update for Windows XP (KB978601) Security Update for Windows XP (KB978706) Security Update for Windows XP (KB979309) Security Update for Windows XP (KB979482) Security Update for Windows XP (KB979559) Security Update for Windows XP (KB979683) Security Update for Windows XP (KB979687) Security Update for Windows XP (KB980195) Security Update for Windows XP (KB980218) Security Update for Windows XP (KB980232) Security Update for Windows XP (KB980436) Security Update for Windows XP (KB981322) Security Update for Windows XP (KB981349) Security Update for Windows XP (KB981852) Security Update for Windows XP (KB981957) Security Update for Windows XP (KB981997) Security Update for Windows XP (KB982132) Security Update for Windows XP (KB982214) Security Update for Windows XP (KB982665) Security Update for Windows XP (KB982802) SecurityKISS Tunnel v0.1.4 Segoe UI Skype Click to Call Skype™ 5.10 Source SDK Base 2007 SQL Server System CLR Types Steam Subtitle Workshop 2.51 SUPERAntiSpyware swMSM System Requirements Lab CYRI Team Fortress 2 The Witcher Enhanced Edition tools-freebsd tools-linux tools-netware tools-solaris tools-windows tools-winPre2k Total Video Converter 3.71 100812 TrackerPro 1.0 Trapcode Particular v2 TrueBug PHP Obfuscator & Encoder 1.2 TVUPlayer 2.5.0.1 Unity Web Player Unlocker 1.9.1 Update for 2007 Microsoft Office System (KB967642) Update for Microsoft .NET Framework 3.5 SP1 (KB963707) Update for Microsoft Office 2007 suites (KB2596651) 32-Bit Edition Update for Microsoft Office 2007 suites (KB2596789) 32-Bit Edition Update for Microsoft Office 2007 System (KB2539530) Update for Microsoft Office Excel 2007 (KB2596596) 32-Bit Edition Update for Microsoft Office OneNote 2007 (KB980729) Update for Microsoft Office Outlook 2007 (KB2583910) Update for Outlook 2007 Junk Email Filter (KB2596560) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows Internet Explorer 8 (KB976662) Update for Windows Internet Explorer 8 (KB980182) Update for Windows Internet Explorer 8 (KB980302) Update for Windows XP (KB2141007) Update for Windows XP (KB2345886) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2541763) Update for Windows XP (KB2607712) Update for Windows XP (KB2616676-v2) Update for Windows XP (KB2641690) Update for Windows XP (KB955759) Update for Windows XP (KB955839) Update for Windows XP (KB971029) Update for Windows XP (KB971737) Update for Windows XP (KB973687) Update for Windows XP (KB980182) uTorrentControl2 Toolbar V-Ray for 3dsmax 2010 for x86 V-Ray for 3dsmax R9 for x86 Vegas Pro 10.0 Ventrilo Client Vid-Saver Video Enhancer 1.9.6 VideoMach Vindictus EU VirtualDub Filter Pack 1.0 VisualBee for Microsoft PowerPoint VisualSubSync (remove only) VLC media player 2.0.2 vloader-bg 1.55 vloader 2.7 VMware Workstation VobSub v2.23 (Remove Only) web beanfun! Web Page Maker V3.21 WebFldrs XP Winamp WinAVI Video Converter WinDirStat 1.1.2 WinDjView 1.0.3 Windows 7 USB/DVD Download Tool Windows Driver Package - Sony PSP Type B (11/20/2005 20051120) Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Internet Explorer 8 Windows Live Call Windows Live Communications Platform Windows Live Essentials Windows Live Messenger Windows Live Sign-in Assistant Windows Live Upload Tool Windows Management Framework Core Windows Media Format 11 runtime Windows Media Player Firefox Plugin WinHTTrack Website Copier 3.44-1 World of Warcraft Wrye Bash XML Paper Specification Shared Components Pack 1.0 . ==== Event Viewer Messages From Past Week ======== . 06.8.2012 г. 11:21:18, error: Dhcp [1002] - The IP address lease 10.37.8.74 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.23.39.254 (The DHCP Server sent a DHCPNACK message). 06.8.2012 г. 11:14:36, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: amdide1 06.8.2012 г. 11:13:08, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 06.8.2012 г. 09:29:10, error: Microsoft Antimalware [2001] - Microsoft Antimalware has encountered an error trying to update signatures. New Signature Version: Previous Signature Version: 1.131.1411.0 Update Source: Microsoft Update Server Update Stage: Search Source Path: http://www.microsoft.com Signature Type: AntiVirus Update Type: Full User: NT AUTHORITY\SYSTEM Current Engine Version: Previous Engine Version: 1.1.8601.0 Error code: 0x8024402c Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support. 06.8.2012 г. 08:44:56, error: Dhcp [1002] - The IP address lease 10.95.16.121 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.37.15.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 23:19:33, error: Dhcp [1002] - The IP address lease 10.69.8.92 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.95.23.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 23:15:23, error: Service Control Manager [7031] - The Remote Procedure Call (RPC) service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Reboot the machine. 05.8.2012 г. 22:34:50, error: Dhcp [1002] - The IP address lease 10.73.56.92 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.69.15.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 21:49:40, error: Dhcp [1002] - The IP address lease 10.31.8.61 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.73.63.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 21:29:05, error: Dhcp [1002] - The IP address lease 10.69.16.4 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.31.15.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 18:25:30, error: Dhcp [1002] - The IP address lease 10.94.8.111 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.69.23.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 15:48:40, error: Dhcp [1002] - The IP address lease 10.2.24.70 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.94.15.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 15:46:30, error: Dhcp [1002] - The IP address lease 10.42.16.57 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.2.31.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 13:48:45, error: Dhcp [1002] - The IP address lease 10.36.40.36 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.42.23.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 13:45:25, error: Dhcp [1002] - The IP address lease 10.90.48.32 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.36.47.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 13:38:31, error: PSched [14107] - QoS [Adapter {01303991-7A1D-4911-84D5-68E77D5DD8CC}]: The Packet Scheduler could not initialize the virtual miniport with NDIS. 05.8.2012 г. 12:11:31, error: Dhcp [1002] - The IP address lease 10.48.8.5 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.90.55.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 11:48:14, error: Service Control Manager [7034] - The Hotspot Shield Routing Service service terminated unexpectedly. It has done this 1 time(s). 05.8.2012 г. 11:46:59, error: Dhcp [1002] - The IP address lease 10.23.48.77 for the Network Card with network address 00FF68C21D2C has been denied by the DHCP server 10.48.15.254 (The DHCP Server sent a DHCPNACK message). 05.8.2012 г. 09:39:56, error: Dhcp [1002] - The IP address lease 10.129.253.210 for the Network Card with network address 00FFC4A12518 has been denied by the DHCP server 10.129.140.165 (The DHCP Server sent a DHCPNACK message). 04.8.2012 г. 12:05:30, error: sr [1] - The System Restore filter encountered the unexpected error '0xC000011E' while processing the file 'h2-ui-peers.ini' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 04.8.2012 г. 09:00:34, error: Dhcp [1002] - The IP address lease 10.129.140.166 for the Network Card with network address 00FFC4A12518 has been denied by the DHCP server 10.129.253.209 (The DHCP Server sent a DHCPNACK message). 03.8.2012 г. 14:03:03, error: Dhcp [1002] - The IP address lease 10.129.100.70 for the Network Card with network address 00FFC4A12518 has been denied by the DHCP server 10.129.100.69 (The DHCP Server sent a DHCPNACK message). 03.8.2012 г. 10:55:53, error: Dhcp [1002] - The IP address lease 10.129.140.166 for the Network Card with network address 00FFC4A12518 has been denied by the DHCP server 10.129.253.209 (The DHCP Server sent a DHCPNACK message). 03.8.2012 г. 09:31:06, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 00196658B5C0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 02.8.2012 г. 20:54:51, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 00196658B5C0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). 02.8.2012 г. 14:26:15, error: Service Control Manager [7032] - The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Management Instrumentation service, but this action failed with the following error: An instance of the service is already running. 01.8.2012 г. 16:57:01, error: Dhcp [1002] - The IP address lease 192.168.0.100 for the Network Card with network address 00196658B5C0 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message). . ==== End Of File ===========================
      DDS: DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_22 Run by User at 11:25:15 on 2012-08-06 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1023.190 [GMT 3:00] . AV: Microsoft Security Essentials *Enabled/Updated* {EDB4FA23-53B8-4AFA-8C5D-99752CCA7095} AV: Microsoft Security Essentials *Disabled/Updated* {BCF43643-A118-4432-AEDE-D861FCBCFCDF} . ============== Running Processes ================ . D:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe C:\Program Files\Microsoft Security Client\Antimalware\MsMpEng.exe C:\Program Files\Sandboxie\SbieSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\IObit\Game Booster 3\gbtray.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\Program Files\Hotspot Shield\bin\openvpnas.exe C:\Program Files\LogMeIn Hamachi\hamachi-2-ui.exe C:\Program Files\Hotspot Shield\HssWPR\hsssrv.exe C:\Program Files\Hotspot Shield\bin\hsswd.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe C:\WINDOWS\RTHDCPL.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\Program Files\Microsoft Security Client\msseces.exe C:\Program Files\Unlocker\UnlockerAssistant.exe C:\WINDOWS\system32\RunDLL32.exe C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\DAEMON Tools Lite\DTLite.exe C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe C:\WINDOWS\system32\NLSSRV32.EXE C:\Program Files\Sandboxie\SbieCtrl.exe C:\WINDOWS\system32\nvsvc32.exe C:\Documents and Settings\User\Local Settings\Application Data\Akamai\netsession_win.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe D:\Program Files\Raxco\PerfectDisk\PDAgent.exe D:\Program Files\DeskPins\DeskPins.exe C:\Documents and Settings\All Users\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe C:\WINDOWS\system32\vmnat.exe C:\WINDOWS\system32\vmnetdhcp.exe C:\WINDOWS\system32\wbem\wmiprvse.exe C:\Program Files\Common Files\Raxco\Shared\PDEngine.exe C:\WINDOWS\System32\alg.exe C:\Program Files\Hotspot Shield\bin\openvpntray.exe C:\Program Files\Notepad++\notepad++.exe D:\Program Files\IObit\Advanced SystemCare 5\DelayLoad.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Hotspot Shield\bin\openvpn.exe C:\Program Files\Mozilla Firefox\plugin-container.exe C:\Program Files\Hotspot Shield\bin\fbw.exe C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe C:\WINDOWS\system32\wuauclt.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\system32\svchost.exe -k LocalService C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\System32\svchost.exe -k Akamai C:\WINDOWS\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = about:blank uInternet Connection Wizard,ShellNext = iexplore uProxyOverride = 127.0.0.1:9421;<local>;*.local uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll mWinlogon: Userinit = userinit.exe, BHO: Octh Class: {000123B4-9B42-4900-B3F7-F4B073EFC214} - c:\program files\orbitdownloader\orbitcth.dll BHO: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Babylon toolbar helper: {2EECD738-5844-4a99-B4B6-146BF802613B} - c:\program files\babylontoolbar\babylontoolbar\1.5.29.1\bh\BabylonToolbar.dll BHO: {5C255C8A-E604-49b4-9D64-90988571CECB} - <orphaned> BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Windows Live Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll BHO: Google Toolbar Notifier BHO: {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - c:\program files\google\googletoolbarnotifier\5.7.7227.1100\swg.dll BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll BHO: Hotspot Shield Class: {F9E4A054-E9B1-4BC3-83A3-76A1AE736170} - c:\program files\hotspot shield\hssie\HssIE.dll TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: QuickStores-Toolbar: {10EDB994-47F8-43F7-AE96-F2EA63E9F90F} - TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\google toolbar\GoogleToolbar_32.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: Babylon Toolbar: {98889811-442D-49dd-99D7-DC866BE87DBC} - c:\program files\babylontoolbar\babylontoolbar\1.5.29.1\BabylonToolbarTlbr.dll uRun: [CTFMON.EXE] c:\windows\system32\ctfmon.exe uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\DTLite.exe" -autorun uRun: [Akamai NetSession Interface] "c:\documents and settings\user\local settings\application data\akamai\netsession_win.exe" uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe" uRun: [Advanced SystemCare 5] "d:\program files\iobit\advanced systemcare 5\ASCTray.exe" /Manual uRun: [SandboxieControl] "c:\program files\sandboxie\SbieCtrl.exe" mRun: [RTHDCPL] RTHDCPL.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [SwitchBoard] c:\program files\common files\adobe\switchboard\SwitchBoard.exe mRun: [AdobeCS5ServiceManager] "c:\program files\common files\adobe\cs5servicemanager\CS5ServiceManager.exe" -launchedbylogin mRun: [GrooveMonitor] "c:\program files\microsoft office\office12\GrooveMonitor.exe" mRun: [SunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [MSC] "c:\program files\microsoft security client\msseces.exe" -hide -runkey mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k mRun: [UnlockerAssistant] "c:\program files\unlocker\UnlockerAssistant.exe" mRun: [LogMeIn Hamachi Ui] "c:\program files\logmein hamachi\hamachi-2-ui.exe" --auto-start mRun: [APSDaemon] "c:\program files\common files\apple\apple application support\APSDaemon.exe" mRun: [QuickTime Task] "d:\program files\quicktime alternative\qttask.exe" -atboottime mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE dRun: [DWQueuedReporting] "c:\progra~1\common~1\micros~1\dw\dwtrig20.exe" -t dRunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N StartupFolder: c:\docume~1\user\startm~1\programs\startup\deskpins.lnk - d:\program files\deskpins\DeskPins.exe mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: ForceClassicControlPanel = dword:1 IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201 IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204 IE: &Search - <no file> IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203 IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202 IE: E&xport to Microsoft Excel - c:\progra~1\micros~3\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {36ECAF82-3300-8F84-092E-AFF36D6C7040} - {86529161-034E-4F8A-88D2-3C625E612E04} - c:\program files\winhttrack\WinHTTrackIEBar.dll IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe LSP: %SystemRoot%\system32\PrxerDrv.dll LSP: d:\new folder\vsocklib.dll . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {166B1BCA-3F9C-11CF-8075-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/director/sw.cab DPF: {3352B5B9-82E8-4FFD-9EB1-1A3E60056904} - hxxp://www.chilkatsoft.com/download/ChilkatCrypt2.cab DPF: {708BFDA5-5B56-435B-8227-726021E197E9} - hxxp://us.beanfun.com/beanfun_block/embeds/BFServiceAdapter.cab DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_22-windows-i586.cab DPF: {E6F480FC-BD44-4CBA-B74A-89AF7842937D} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_cyri_4.4.21.0.cab TCP: NameServer = 79.100.192.3 79.100.192.1 TCP: Interfaces\{01303991-7A1D-4911-84D5-68E77D5DD8CC} : DHCPNameServer = 79.100.192.3 79.100.192.1 TCP: Interfaces\{68C21D2C-984A-47F1-9A0B-92FF1B5F6109} : DHCPNameServer = 10.23.32.1 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.DLL SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\uvqjemag.default\ FF - prefs.js: browser.startup.homepage - about:home FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=2&q= FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\uvqjemag.default\extensions\ffxtlbr@facemoods.com\components\FFHst.dll FF - component: c:\program files\orbitdownloader\addons\oneclickyoutubedownloader\components\GrabXpcom.dll FF - plugin: c:\documents and settings\all users\application data\nexoneu\ngm\npNxGameeu.dll FF - plugin: c:\documents and settings\user\application data\mozilla\firefox\profiles\uvqjemag.default\extensions\{687578b9-7132-4a7a-80e4-30ee31099e03}\plugins\np-mswmp.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\byond\bin\npbyond.dll FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll FF - plugin: c:\program files\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll FF - plugin: c:\program files\microsoft silverlight\4.1.10329.0\npctrlui.dll FF - plugin: c:\program files\mozilla firefox\plugins\npbyond.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll FF - plugin: c:\program files\unity\webplayer\loader\npUnity3D32.dll FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_11_2_202_235.dll FF - plugin: d:\program files\quicktime alternative\plugins\npqtplugin.dll FF - plugin: d:\program files\quicktime alternative\plugins\npqtplugin2.dll FF - plugin: d:\program files\quicktime alternative\plugins\npqtplugin3.dll FF - plugin: d:\program files\quicktime alternative\plugins\npqtplugin4.dll FF - plugin: d:\program files\quicktime alternative\plugins\npqtplugin5.dll . ---- FIREFOX POLICIES ---- FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=113597 FF - user.js: extensions.BabylonToolbar_i.babExt - FF - user.js: extensions.BabylonToolbar_i.srcExt - ss FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://www.google.com/search?babsrc=TB_ggl&q= FF - user.js: extensions.BabylonToolbar.id - 1cd4190b00000000000000ffc4a12518 FF - user.js: extensions.BabylonToolbar.instlDay - 15555 FF - user.js: extensions.BabylonToolbar.vrsn - 1.5.29.1 FF - user.js: extensions.BabylonToolbar.vrsni - 1.5.29.1 FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.5.29.114:13:41 FF - user.js: extensions.BabylonToolbar.prtnrId - babylon FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar FF - user.js: extensions.BabylonToolbar.aflt - babsst FF - user.js: extensions.BabylonToolbar_i.smplGrp - none FF - user.js: extensions.BabylonToolbar.tlbrId - base FF - user.js: extensions.BabylonToolbar.instlRef - sst FF - user.js: extensions.BabylonToolbar.dfltLng - en FF - user.js: extensions.BabylonToolbar.excTlbr - false FF - user.js: extensions.BabylonToolbar.admin - false . ============= SERVICES / DRIVERS =============== . R1 MpFilter;Microsoft Malware Protection Driver;c:\windows\system32\drivers\MpFilter.sys [2009-6-18 165648] R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872] R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67656] R1 VBoxDrv;VirtualBox Service;c:\windows\system32\drivers\VBoxDrv.sys [2012-8-5 158552] R1 VBoxUSBMon;VirtualBox USB Monitor Driver;c:\windows\system32\drivers\VBoxUSBMon.sys [2012-8-5 91992] R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;d:\program files\iobit\advanced systemcare 5\ASCService.exe [2012-1-15 497496] R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2008-4-14 14336] R2 cpuz135;cpuz135;c:\windows\system32\drivers\cpuz135_x32.sys [2012-3-4 21992] R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;c:\program files\logmein hamachi\hamachi-2.exe [2012-2-28 1373576] R2 hshld;Hotspot Shield Service;c:\program files\hotspot shield\bin\openvpnas.exe [2012-8-3 476016] R2 HssWd;Hotspot Shield Monitoring Service;c:\program files\hotspot shield\bin\hsswd.exe [2012-8-3 387440] R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2010-11-27 655944] R2 nlsX86cc;NLS Service;c:\windows\system32\NLSSRV32.EXE [2011-3-21 68928] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-6-27 1262400] R2 PDFSFilter;PDFsFilter;c:\windows\system32\drivers\PDFsFilter.sys [2011-9-7 66832] R2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users\application data\skype\toolbars\skype c2c service\c2c_service.exe [2012-7-5 3048136] R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2010-11-11 70768] R3 ManyCam;ManyCam Virtual Webcam, WDM Video Capture Driver;c:\windows\system32\drivers\ManyCam.sys [2008-1-14 21632] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2010-11-27 22344] R3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2012-2-8 133392] R3 VBoxNetAdp;VirtualBox Host-Only Ethernet Adapter;c:\windows\system32\drivers\VBoxNetAdp.sys [2012-6-5 104792] R3 VBoxNetFlt;VirtualBox Bridged Networking Service;c:\windows\system32\drivers\VBoxNetFlt.sys [2012-6-5 116056] S0 amdide1;amdide1;c:\windows\system32\drivers\amdide1.sys [2009-10-26 9096] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 gupdate;Услуга Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-5-16 136176] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-6-7 160944] S3 1394hub;1394 Enabled Hub;c:\windows\system32\svchost.exe -k netsvcs [2008-4-14 14336] S3 CGVPNCliSrvc;CyberGhost VPN Client;c:\program files\cyberghost vpn\CGVPNCliService.exe [2012-8-2 2438696] S3 EagleXNt;EagleXNt;\??\c:\windows\system32\drivers\eaglexnt.sys --> c:\windows\system32\drivers\EagleXNt.sys [?] S3 epmntdrv;epmntdrv;c:\windows\system32\epmntdrv.sys [2012-2-9 13192] S3 EuGdiDrv;EuGdiDrv;c:\windows\system32\EuGdiDrv.sys [2012-2-9 8456] S3 GGSAFERDriver;GGSAFER Driver;\??\d:\garena\garena plus\room\safedrv.sys --> d:\garena\garena plus\room\safedrv.sys [?] S3 gupdatem;Услуга на Google Актуализация (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2010-5-16 136176] S3 libusb0;LibUsb-Win32 - Kernel Driver 11/20/2005, 20051120;c:\windows\system32\drivers\libusb0.sys [2011-6-21 29184] S3 mcaudrv_simple;ManyCam Virtual Microphone;c:\windows\system32\drivers\mcaudrv.sys [2012-2-22 22400] S3 tapoas;TAP-Win32 Adapter OAS;c:\windows\system32\drivers\tapoas.sys [2011-8-19 26112] S3 WinRM;Windows Remote Management (WS-Management);c:\windows\system32\svchost.exe -k WINRM [2008-4-14 14336] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] S3 XDva385;XDva385;\??\c:\windows\system32\xdva385.sys --> c:\windows\system32\XDva385.sys [?] S3 XDva387;XDva387;\??\c:\windows\system32\xdva387.sys --> c:\windows\system32\XDva387.sys [?] S3 XDva389;XDva389;\??\c:\windows\system32\xdva389.sys --> c:\windows\system32\XDva389.sys [?] S3 XDva390;XDva390;\??\c:\windows\system32\xdva390.sys --> c:\windows\system32\XDva390.sys [?] S3 XDva391;XDva391;\??\c:\windows\system32\xdva391.sys --> c:\windows\system32\XDva391.sys [?] S4 SwitchBoard;SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096] S4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2010-11-11 539248] . =============== File Associations =============== . ShellExec: Foxit Reader.exe: print="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/p "%1" ShellExec: Foxit Reader.exe: printto="c:\program files\foxit software\foxit reader\Foxit Reader.exe"/t "%1" "%2" "%3" "%4" ShellExec: FOXITR~1.EXE: print="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/p "%1" ShellExec: FOXITR~1.EXE: printto="c:\progra~1\foxits~1\foxitr~1\FOXITR~1.EXE"/t "%1" "%2" "%3" "%4" . =============== Created Last 30 ================ . 2012-08-06 08:18:00 56200 ----a-w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0b827f07-8021-4efe-b800-aa760d76c8f2}\offreg.dll 2012-08-06 08:12:17 -------- d-----w- c:\windows\system32\Hotspot Shield 2012-08-05 11:44:13 -------- d-----w- c:\documents and settings\user\.VirtualBox 2012-08-05 10:38:08 158552 ----a-w- c:\windows\system32\drivers\VBoxDrv.sys 2012-08-05 10:38:04 91992 ----a-w- c:\windows\system32\drivers\VBoxUSBMon.sys 2012-08-05 07:28:07 561992 ----a-w- c:\program files\mozilla firefox\extensions\afurladvisor@anchorfree.com\components\afurladvisor10.dll 2012-08-05 07:27:23 -------- d-----w- c:\documents and settings\all users\application data\Hotspot Shield 2012-08-05 07:26:56 -------- d-----w- c:\program files\Hotspot Shield 2012-08-04 19:33:34 6891424 ------w- c:\documents and settings\all users\application data\microsoft\microsoft antimalware\definition updates\{0b827f07-8021-4efe-b800-aa760d76c8f2}\mpengine.dll 2012-08-04 12:35:42 98304 ----a-r- c:\documents and settings\user\application data\microsoft\installer\{789c9644-9f82-44d3-b4ca-ac31f46f5882}\python_icon.exe 2012-08-03 20:22:02 270304 ----a-w- c:\program files\mozilla firefox\updater.exe 2012-08-03 20:22:02 19424 ----a-w- c:\program files\mozilla firefox\xpcom.dll 2012-08-03 20:22:02 15621088 ----a-w- c:\program files\mozilla firefox\xul.dll 2012-08-03 20:20:58 2106216 ----a-w- c:\program files\mozilla firefox\D3DCompiler_43.dll 2012-08-03 20:20:58 1998168 ----a-w- c:\program files\mozilla firefox\d3dx9_43.dll 2012-08-03 20:20:58 118240 ----a-w- c:\program files\mozilla firefox\crashreporter.exe 2012-08-03 20:20:57 266720 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll 2012-08-03 20:20:55 73696 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll 2012-08-03 20:20:55 18912 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll 2012-08-03 12:35:04 -------- d-----w- c:\program files\RAR Password Cracker 2012-08-03 11:15:51 -------- d-----w- c:\documents and settings\user\local settings\application data\VisualBeeExe 2012-08-03 11:14:27 -------- d-----w- c:\documents and settings\user\application data\BabylonToolbar 2012-08-03 11:13:53 -------- d-----w- c:\program files\BabylonToolbar 2012-08-03 11:13:03 -------- d-----w- c:\documents and settings\user\local settings\application data\Vid-Saver 2012-08-03 11:12:58 -------- d-----w- c:\program files\Vid-Saver 2012-08-03 11:12:54 -------- d-----w- c:\documents and settings\all users\VisualBee 2012-08-03 11:12:49 -------- d-----w- c:\documents and settings\user\local settings\application data\Babylon 2012-08-03 11:12:49 -------- d-----w- c:\documents and settings\all users\application data\Babylon 2012-08-03 11:12:48 -------- d-----w- c:\documents and settings\user\application data\Babylon 2012-08-02 11:31:07 -------- d-----w- c:\program files\CyberGhost VPN 2012-08-01 14:15:48 -------- d-----w- c:\documents and settings\user\local settings\application data\ManyCam 2012-08-01 14:15:45 -------- d-----w- c:\documents and settings\user\application data\ManyCam 2012-08-01 07:06:01 -------- d-----w- c:\documents and settings\all users\application data\Ask 2012-07-25 06:28:15 -------- d-----w- c:\documents and settings\user\local settings\application data\MessengerDiscovery 2012-07-25 06:27:19 -------- d-----w- c:\documents and settings\all users\application data\MessengerDiscovery 2012-07-24 20:11:54 39656 ----a-w- c:\windows\system32\drivers\HssDrv.sys 2012-07-24 20:11:50 33512 ----a-w- c:\windows\system32\drivers\taphss.sys 2012-07-24 19:25:20 -------- d-----w- c:\documents and settings\user\Tracing 2012-07-24 19:22:00 -------- d-----w- c:\program files\Microsoft 2012-07-24 19:21:40 -------- d-----w- c:\program files\Windows Live SkyDrive 2012-07-24 19:16:13 -------- d-----w- c:\program files\common files\Windows Live 2012-07-19 18:38:07 -------- d-----w- c:\documents and settings\user\application data\DVDVideoSoft . ==================== Find3M ==================== . 2012-07-03 10:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys 2012-06-27 11:53:14 1075248 ----a-w- c:\windows\system32\nvdrsdb0.bin 2012-06-27 11:53:14 1 ----a-w- c:\windows\system32\nvdrssel.bin 2012-06-27 11:53:08 1075248 ----a-w- c:\windows\system32\nvdrsdb1.bin 2012-06-25 05:25:17 279712 ----a-w- c:\windows\system32\drivers\atksgt.sys 2012-06-25 05:25:16 25888 ----a-w- c:\windows\system32\drivers\lirsgt.sys 2012-06-05 13:33:00 116056 ----a-w- c:\windows\system32\drivers\VBoxNetFlt.sys 2012-06-05 13:33:00 104792 ----a-w- c:\windows\system32\drivers\VBoxNetAdp.sys 2012-06-05 13:32:58 135512 ----a-w- c:\windows\system32\VBoxNetFltNobj.dll 2012-05-26 09:43:52 70304 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl 2012-05-26 09:43:52 419488 ----a-w- c:\windows\system32\FlashPlayerApp.exe 2012-05-15 10:18:00 883008 ----a-w- c:\windows\system32\nvgenco32.dll 2012-05-15 10:18:00 65536 ----a-w- c:\windows\system32\OpenCL.dll 2012-05-15 10:18:00 6012928 ----a-w- c:\windows\system32\nvcuda.dll 2012-05-15 10:18:00 4373248 ----a-w- c:\windows\system32\nv4_disp.dll 2012-05-15 10:18:00 2530624 ----a-w- c:\windows\system32\nvcuvid.dll 2012-05-15 10:18:00 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll 2012-05-15 10:18:00 2359808 ----a-w- c:\windows\system32\nvapi.dll 2012-05-15 10:18:00 18771968 ----a-w- c:\windows\system32\nvoglnt.dll 2012-05-15 10:18:00 17543168 ----a-w- c:\windows\system32\nvcompiler.dll 2012-05-15 10:18:00 14014656 ----a-w- c:\windows\system32\drivers\nv4_mini.sys 2012-05-15 10:18:00 1000768 ----a-w- c:\windows\system32\nvdispco32.dll 2012-05-15 09:40:26 54272 ----a-w- c:\windows\system32\nvwddi.dll 2012-05-15 09:40:02 15504192 ----a-w- c:\windows\system32\nvcpl.dll 2012-05-15 09:40:02 143680 ----a-w- c:\windows\system32\nvcolor.exe 2012-05-15 09:40:01 164160 ----a-w- c:\windows\system32\nvsvc32.exe 2012-05-15 09:40:01 108352 ----a-w- c:\windows\system32\nvmctray.dll . ============= FINISH: 11:28:26,57 ===============
    • от korica
      Здравейте. Пуснал съм тема относно моят проблем, но ме опътиха към една от вашите теми понеже има съмнение за вирус който явно "яде" от дисковото ми пространство. От няколко дена доло в дясно до часовника ми алармира "disk cleanup" че нямам място в локален диск "c://" Трия, правя, струвам както и с CCleaner така и мн трудно се освобождава дисково пространсво коетоми е важно на мен. Локалният диск ми е 9гб когато му дам - свойство на диск "c://" пише, че целия диск е пълен, а когато отворя диска и хвана всички папки в локания диск и им дам свойства показва, че са заети само - 6,60гб, интересно ми е къде се губят др. 2гб. Онзи ден освободих повече от Гигабайт дисково пространство в локален диск "c://" и вчера пак почна да алармира ,че е пълен без да съм инсталирал и правил нищо. Съфорумниците предположиха, че може да е вирус и ме опътиха към ваша тема с правилата за пускане на теми тук. Аз сканирам редовно със - Hitman pro 3.6.1, EmergencyKitScanner, Advanced SystemCare най-новата весия която е със вградена антивирусна но никоя програма не намира зловреден софтуер. За това ще следвам вашите инструкции и се надявам да ми кажете със сиг. дали имам зловреден софтуер на компютъра ми. Операционната ми Система е Уиндоус ЕксПи. Ето и логовете от DDS която изтеглих от тук: DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_31 Run by User at 10:31:13 on 2012-07-19 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1023.397 [GMT 3:00] . AV: Advanced SystemCare with Antivirus *Enabled/Outdated* {1C304DC4-1D72-5DB9-B33A-43B638ECFD30} AV: Spy Emergency *Disabled/Updated* {82117492-906E-4b02-A33A-84D42A2DD907} SP: Spy Emergency *Enabled/Updated* {82117492-906E-4b02-A33A-84D42A2DD907} . ============== Running Processes ================ . E:\Programs\install\Advanced SystemCare with Antivirus 2013\ascsvc.exe E:\Programs\install\Advanced SystemCare with Antivirus 2013\ascavsvc.exe C:\Program Files\HitmanPro\hmpsched.exe C:\WINXP\Explorer.EXE C:\WINXP\system32\spoolsv.exe C:\WINXP\SOUNDMAN.EXE C:\Program Files\Common Files\Java\Java Update\jusched.exe C:\WINXP\system32\RunDLL32.exe C:\WINXP\system32\ctfmon.exe E:\Programs\install\Advanced SystemCare with Antivirus 2013\ASCTray.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Update\1.3.21.115\GoogleCrashHandler.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\WINXP\system32\nvsvc32.exe C:\Program Files\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe C:\WINXP\system32\wscntfy.exe C:\WINXP\System32\alg.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\User\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINXP\system32\wbem\wmiprvse.exe C:\WINXP\System32\svchost.exe -k netsvcs C:\WINXP\system32\svchost.exe -k NetworkService C:\WINXP\system32\svchost.exe -k LocalService C:\WINXP\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uStart Page = hxxp://www.mystart.com/?pr=vmn&id=toolbarcleaner&v=1_0 uInternet Connection Wizard,ShellNext = iexplore BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll uRun: [CTFMON.EXE] c:\winxp\system32\ctfmon.exe uRun: [Google Update] "c:\documents and settings\user\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Advanced SystemCare 5] "e:\programs\install\advanced systemcare with antivirus 2013\ASCTray.exe" /AutoStart mRun: [soundMan] SOUNDMAN.EXE mRun: [sunJavaUpdateSched] "c:\program files\common files\java\java update\jusched.exe" mRun: [NvCplDaemon] RUNDLL32.EXE c:\winxp\system32\NvCpl.dll,NvStartup mRun: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit -login mRun: [nwiz] c:\program files\nvidia corporation\nview\nwiz.exe /installquiet dRun: [CTFMON.EXE] c:\winxp\system32\CTFMON.EXE uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: Add to Google Photos Screensa&ver - c:\winxp\system32\GPhotos.scr/200 IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office12\EXCEL.EXE/3000 IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\office12\ONBttnIE.dll IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab TCP: Interfaces\{7752504E-6AF9-4364-801A-538D62C930A2} : NameServer = 87.120.0.1 87.120.0.10 Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - c:\program files\microsoft office\office12\GrooveSystemServices.dll Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winxp\system32\wpdshserviceobj.dll SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - c:\program files\microsoft office\office12\GrooveShellExtensions.dll . ================= FIREFOX =================== . FF - ProfilePath - c:\documents and settings\user\application data\mozilla\firefox\profiles\n0no40zi.default\ FF - plugin: c:\documents and settings\user\local settings\application data\google\update\1.3.21.115\npGoogleUpdate3.dll FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll FF - plugin: c:\program files\google\picasa3\npPicasa3.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll FF - plugin: c:\program files\mozilla firefox\plugins\npdeployJava1.dll FF - plugin: c:\winxp\system32\macromed\flash\NPSWF32_11_3_300_265.dll . ============= SERVICES / DRIVERS =============== . R2 AdvancedSystemCareService5;Advanced SystemCare Service 5;e:\programs\install\advanced systemcare with antivirus 2013\ASCSvc.exe [2012-7-18 513920] R2 ASCAntivirusSrv;AdvancedSystemCareAntivirus;e:\programs\install\advanced systemcare with antivirus 2013\ASCAvSvc.exe [2012-7-18 896896] R2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2012-6-27 105832] R2 nvUpdatusService;NVIDIA Update Service Daemon;c:\program files\nvidia corporation\nvidia update core\daemonu.exe [2012-4-13 2348352] R2 V2WCDRV;Video2Webcam;c:\winxp\system32\drivers\V2WCDRV.sys [2012-6-26 1053056] S0 mqqmi;mqqmi;c:\winxp\system32\drivers\jlmxchn.sys --> c:\winxp\system32\drivers\jlmxchn.sys [?] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service;c:\winxp\system32\macromed\flash\FlashPlayerUpdateService.exe [2012-4-13 250056] S3 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-5-17 113120] . =============== Created Last 30 ================ . 2012-07-19 07:02:25 34736 ----a-w- c:\winxp\system32\drivers\RKHit.sys 2012-07-18 20:24:11 -------- d-----w- c:\program files\CCleaner 2012-07-18 12:12:26 340624 ----a-w- c:\winxp\system32\drivers\trufos.sys 2012-07-18 12:12:24 353096 ----a-w- c:\winxp\system32\drivers\bdfsfltr.sys 2012-07-17 23:05:40 -------- d-----w- c:\program files\Xenocode 2012-07-17 22:19:47 -------- d-----w- c:\documents and settings\user\application data\Pointstone 2012-07-17 22:19:29 -------- d-----w- c:\program files\Pointstone 2012-07-17 06:30:31 -------- d-----w- c:\documents and settings\user\local settings\application data\Downloaded Installations 2012-07-14 16:14:00 1172480 ----a-w- c:\winxp\system32\SET829.tmp 2012-07-14 16:13:49 153088 ------w- c:\winxp\system32\SET826.tmp 2012-07-14 16:13:35 8463872 ------w- c:\winxp\system32\SET823.tmp 2012-07-11 07:54:03 -------- d-----w- c:\program files\IObit 2012-07-04 09:23:42 -------- d-----w- c:\documents and settings\all users\application data\{D76294E6-03B8-4971-AF2E-3F846161A690} 2012-07-04 09:23:42 -------- d-----w- c:\documents and settings\all users\application data\{6F2F3866-38AD-4f48-852C-2FF5DE7A7588} 2012-07-01 18:11:32 -------- d-----w- c:\documents and settings\user\application data\QuuSoft 2012-06-30 19:32:34 -------- d-----w- c:\program files\KoralSoft 2012-06-28 13:11:03 -------- d--h--w- c:\documents and settings\all users\application data\Common Files 2012-06-28 13:10:20 -------- d-----w- c:\documents and settings\all users\application data\MFAData 2012-06-27 23:12:48 32768 ----a-w- c:\winxp\system32\drivers\sp_rsdrv2.sys 2012-06-27 10:26:10 -------- d-----w- c:\program files\HitmanPro 2012-06-27 10:25:40 -------- d-----w- c:\documents and settings\all users\application data\HitmanPro 2012-06-27 09:41:18 -------- d-----w- c:\documents and settings\user\local settings\application data\Identities 2012-06-27 08:45:40 1054 ---ha-w- C:\aaw7boot.cmd 2012-06-26 10:23:17 -------- d-----w- c:\winxp\system32\wbem\repository\FS 2012-06-26 10:23:17 -------- d-----w- c:\winxp\system32\wbem\Repository 2012-06-26 09:40:14 -------- d-----w- c:\documents and settings\user\local settings\application data\CRE 2012-06-26 07:06:20 258352 ----a-w- c:\winxp\system32\Unicows.dll 2012-06-26 07:06:20 224016 ----a-w- c:\winxp\system32\TABCTL32.OCX 2012-06-26 07:06:20 140288 ----a-w- c:\winxp\system32\COMDLG32.OCX 2012-06-25 13:46:42 -------- d--h--w- c:\winxp\PIF . ==================== Find3M ==================== . 2012-07-12 16:05:20 426184 ----a-w- c:\winxp\system32\FlashPlayerApp.exe 2012-07-12 16:05:19 70344 ----a-w- c:\winxp\system32\FlashPlayerCPLApp.cpl 2012-06-17 07:52:26 293992 ----a-w- c:\winxp\system32\nvdrsdb1.bin 2012-06-17 07:52:26 1 ----a-w- c:\winxp\system32\nvdrssel.bin 2012-06-13 13:29:09 1875072 ----a-w- c:\winxp\system32\win32k.sys 2012-06-08 13:16:32 60416 ----a-w- c:\winxp\ALCFDRTM.VER 2012-06-05 15:48:30 1447936 ----a-w- c:\winxp\system32\msxml6.dll 2012-06-05 14:48:08 356352 ----a-w- c:\winxp\eSellerateEngine.dll 2012-05-31 13:22:09 599040 ----a-w- c:\winxp\system32\crypt32.dll 2012-05-24 07:48:10 21376 ----a-w- c:\winxp\system32\RegistryDefragBootTime.exe 2012-05-16 15:06:45 920064 ------w- c:\winxp\system32\SET105.tmp 2012-05-15 13:27:44 1872128 ------w- c:\winxp\system32\_000013_.tmp.dll 2012-05-11 14:41:34 630272 ------w- c:\winxp\system32\SET10D.tmp 2012-05-11 14:41:34 6009344 ------w- c:\winxp\system32\SET10B.tmp 2012-05-11 14:41:34 55296 ------w- c:\winxp\system32\SET10C.tmp 2012-05-11 14:41:34 43520 ----a-w- c:\winxp\system32\licmgr10.dll 2012-05-11 14:41:34 2001408 ------w- c:\winxp\system32\SET111.tmp 2012-05-11 14:41:34 1469440 ----a-w- c:\winxp\system32\inetcpl.cpl 2012-05-11 14:41:34 1214464 ------w- c:\winxp\system32\SET106.tmp 2012-05-11 14:41:34 11112960 ------w- c:\winxp\system32\SET113.tmp 2012-05-11 14:41:34 105984 ------w- c:\winxp\system32\SET107.tmp 2012-05-11 12:12:55 385024 ----a-w- c:\winxp\system32\html.iec 2012-05-04 13:20:50 2192640 ----a-w- c:\winxp\system32\ntoskrnl.exe 2012-05-04 12:41:08 2069120 ----a-w- c:\winxp\system32\ntkrnlpa.exe 2012-05-02 13:46:36 139656 ----a-w- c:\winxp\system32\drivers\rdpwd.sys . ============= FINISH: 10:31:28,45 =============== . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 07.5.2005 г. 18:24:05 System Uptime: 19.7.2012 г. 10:05:12 (0 hours ago) . Motherboard: ASUSTeK Computer INC. | | A8N-SLI Processor: AMD Athlon™ 64 Processor 3200+ | Socket 939 | 2015/200mhz . ==== Disk Partitions ========================= . C: is FIXED (NTFS) - 10 GiB total, 0,327 GiB free. D: is FIXED (NTFS) - 39 GiB total, 0,248 GiB free. E: is FIXED (NTFS) - 39 GiB total, 1,447 GiB free. F: is FIXED (NTFS) - 39 GiB total, 1,365 GiB free. G: is FIXED (NTFS) - 20 GiB total, 0,585 GiB free. H: is FIXED (NTFS) - 7 GiB total, 0,795 GiB free. I: is CDROM () . ==== Disabled Device Manager Items ============= . ==== System Restore Points =================== . RP148: 15.7.2012 г. 20:29:33 - Контролна точка на системата RP149: 17.7.2012 г. 09:30:56 - Installed O&O Defrag Professional. RP150: 17.7.2012 г. 09:53:34 - Removed O&O Defrag Professional. RP151: 18.7.2012 г. 10:35:02 - Контролна точка на системата RP152: 18.7.2012 г. 23:15:43 - IObit Uninstaller restore point . ==== Installed Programs ====================== . µTorrent 7-Zip 9.20 Adobe Flash Player 11 ActiveX Adobe Flash Player 11 Plugin Adobe Reader X (10.1.3) Advanced SystemCare with Antivirus 2013 AsusUpdate AVS Update Manager 1.0 AVS4YOU Software Navigator 1.4 CCleaner Cool & Quiet Counter-Strike 1.6 Version 29, Exe build: 3647 Counter-Strike Non-Steam Cumulative Patch 24 Dictionary .NET 5.0.4545 ffdshow [rev 2975] [2009-05-28] Google Chrome HitmanPro 3.6 Hotfix for Windows XP (KB2633952) Hotfix for Windows XP (KB976002-v5) Java Auto Updater Java™ 6 Update 31 KoralSoft - EuroDictXP Microsoft Base Smart Card Cryptographic Service Provider Package Microsoft Office Access MUI (Bulgarian) 2007 Microsoft Office Access MUI (English) 2007 Microsoft Office Access Setup Metadata MUI (English) 2007 Microsoft Office Enterprise 2007 Microsoft Office Excel MUI (Bulgarian) 2007 Microsoft Office Excel MUI (English) 2007 Microsoft Office Groove MUI (Bulgarian) 2007 Microsoft Office Groove MUI (English) 2007 Microsoft Office Groove Setup Metadata MUI (English) 2007 Microsoft Office InfoPath MUI (Bulgarian) 2007 Microsoft Office InfoPath MUI (English) 2007 Microsoft Office Language Pack 2007 - Bulgarian/български Microsoft Office O MUI (Bulgarian) 2007 Microsoft Office OneNote MUI (Bulgarian) 2007 Microsoft Office OneNote MUI (English) 2007 Microsoft Office Outlook MUI (Bulgarian) 2007 Microsoft Office Outlook MUI (English) 2007 Microsoft Office PowerPoint MUI (Bulgarian) 2007 Microsoft Office PowerPoint MUI (English) 2007 Microsoft Office Proof (Bulgarian) 2007 Microsoft Office Proof (English) 2007 Microsoft Office Proof (French) 2007 Microsoft Office Proof (German) 2007 Microsoft Office Proof (Russian) 2007 Microsoft Office Proof (Spanish) 2007 Microsoft Office Proofing (Bulgarian) 2007 Microsoft Office Proofing (English) 2007 Microsoft Office Publisher MUI (Bulgarian) 2007 Microsoft Office Publisher MUI (English) 2007 Microsoft Office Shared MUI (Bulgarian) 2007 Microsoft Office Shared MUI (English) 2007 Microsoft Office Shared Setup Metadata MUI (English) 2007 Microsoft Office Word MUI (Bulgarian) 2007 Microsoft Office Word MUI (English) 2007 Microsoft Office X MUI (Bulgarian) 2007 Microsoft Software Update for Web Folders (Bulgarian) 12 Microsoft Software Update for Web Folders (English) 12 Microsoft Visual C++ 2005 Redistributable Mozilla Firefox 13.0.1 (x86 bg) Mozilla Maintenance Service NVIDIA Control Panel 296.10 NVIDIA Drivers NVIDIA Graphics Driver 296.10 NVIDIA Install Application NVIDIA nView 136.18 NVIDIA Update 1.7.11 NVIDIA Update Components Picasa 3 QuickTime Alternative 2.8.0 Real Alternative 1.9.0 Realtek AC'97 Audio sala's Terminal Server Patch 2.1 Security Update for Microsoft Windows (KB2564958) Security Update for Windows Internet Explorer 8 (KB2510531) Security Update for Windows Internet Explorer 8 (KB2544521) Security Update for Windows Internet Explorer 8 (KB2675157) Security Update for Windows Internet Explorer 8 (KB2699988) Security Update for Windows Media Player (KB975558) Security Update for Windows XP (KB2393802) Security Update for Windows XP (KB2412687) Security Update for Windows XP (KB2419632) Security Update for Windows XP (KB2476490) Security Update for Windows XP (KB2478960) Security Update for Windows XP (KB2478971) Security Update for Windows XP (KB2479943) Security Update for Windows XP (KB2483185) Security Update for Windows XP (KB2485663) Security Update for Windows XP (KB2506212) Security Update for Windows XP (KB2507618) Security Update for Windows XP (KB2507938) Security Update for Windows XP (KB2508429) Security Update for Windows XP (KB2509553) Security Update for Windows XP (KB2535512) Security Update for Windows XP (KB2536276-v2) Security Update for Windows XP (KB2544893-v2) Security Update for Windows XP (KB2566454) Security Update for Windows XP (KB2570947) Security Update for Windows XP (KB2584146) Security Update for Windows XP (KB2585542) Security Update for Windows XP (KB2592799) Security Update for Windows XP (KB2598479) Security Update for Windows XP (KB2603381) Security Update for Windows XP (KB2618451) Security Update for Windows XP (KB2619339) Security Update for Windows XP (KB2620712) Security Update for Windows XP (KB2621440) Security Update for Windows XP (KB2624667) Security Update for Windows XP (KB2631813) Security Update for Windows XP (KB2633171) Security Update for Windows XP (KB2641653) Security Update for Windows XP (KB2646524) Security Update for Windows XP (KB2647518) Security Update for Windows XP (KB2653956) Security Update for Windows XP (KB2655992) Security Update for Windows XP (KB2659262) Security Update for Windows XP (KB2661637) Security Update for Windows XP (KB2676562) Security Update for Windows XP (KB2685939) Security Update for Windows XP (KB2686509) Security Update for Windows XP (KB2691442) Security Update for Windows XP (KB2695962) Security Update for Windows XP (KB2698365) Security Update for Windows XP (KB2707511) Security Update for Windows XP (KB2709162) Security Update for Windows XP (KB2718523) Security Update for Windows XP (KB2719985) Security Update for Windows XP (KB923789) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB980195) SkypeCap Skype™ 3.8 System Cleaner 6 The KMPlayer (remove only) Update for Microsoft Windows (KB971513) Update for Windows Internet Explorer 8 (KB2598845) Update for Windows Internet Explorer 8 (KB2632503) Update for Windows XP (KB2467659) Update for Windows XP (KB2492386) Update for Windows XP (KB2641690) Update for Windows XP (KB2718704) Update for Windows XP (KB898461) Update for Windows XP (KB971029) Video2Webcam Visual C++ 2008 x86 Runtime - (v9.0.30729) Visual C++ 2008 x86 Runtime - v9.0.30729.01 WebFldrs XP Winamp Windows Bulgarian Interface Pack Windows Feature Pack for Storage (32-bit) - IMAPI update for Blu-Ray Windows Genuine Advantage Validation Tool (KB892130) WinRAR 4.10 (32-битова версия) . ==== Event Viewer Messages From Past Week ======== . 15.7.2012 г. 00:00:59, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 15.7.2012 г. 00:00:58, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 14.7.2012 г. 23:57:16, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 14.7.2012 г. 23:57:16, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 14.7.2012 г. 19:07:59, error: Service Control Manager [7034] - The AdvancedSystemCareAntivirus service terminated unexpectedly. It has done this 1 time(s). 14.7.2012 г. 19:07:38, error: Service Control Manager [7006] - The ScRegSetValueExW call failed for Start with the following error: Access is denied. 14.7.2012 г. 12:11:17, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 14.7.2012 г. 12:10:17, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 14.7.2012 г. 12:10:17, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) . ==== End Of File =========================== Благодаря. Edit: Тук в логовете сега като ги прегледах видях, че уиндолса прави някакви ъпдейти а уж ъпдейтите съм ги изключил.
    • от Just Human..
      Здравейте колеги, днес инсталирах Аваст (бях без антивирусна около 1 месец). Инсталирах я защото почнаха да се показват сини еркани (температурите са ми в норма), както и това, че не мога да спирам някой процеси от мениджъра на задачите (с Край на задачата даже). Такива проблеми ми правят BIttorrent както и днес mbam. Eто и логовете от DDS:
      DDS (Ver_2011-09-30.01) - NTFS_x86
      Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.5.0_17
      Run by sControl at 21:14:32 on 2012-07-16
      Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1023.344 [GMT 3:00]
      .
      AV: avast! Antivirus *Disabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
      .
      ============== Running Processes ================
      .
      C:\Program Files\AVAST Software\Avast\AvastSvc.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
      C:\WINDOWS\system32\RUNDLL32.EXE
      C:\Program Files\AVAST Software\Avast\avastUI.exe
      C:\Program Files\Skype\Phone\Skype.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Application Updater\ApplicationUpdater.exe
      C:\Program Files\Malwarebytes' Anti-Malware\mbamservice.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\Program Files\VentSrv\ventrilo_svc.exe
      C:\Program Files\VentSrv\ventrilo_srv.exe
      C:\WINDOWS\System32\alg.exe
      C:\Program Files\Skype\Plugin Manager\skypePM.exe
      C:\Program Files\Mozilla Firefox\firefox.exe
      C:\Program Files\Mozilla Firefox\plugin-container.exe
      C:\Program Files\DAEMON Tools Lite\DTLite.exe
      C:\WINDOWS\system32\wbem\wmiprvse.exe
      C:\WINDOWS\System32\svchost.exe -k netsvcs
      C:\WINDOWS\system32\svchost.exe -k WudfServiceGroup
      C:\WINDOWS\system32\svchost.exe -k NetworkService
      C:\WINDOWS\system32\svchost.exe -k LocalService
      C:\WINDOWS\System32\svchost.exe -k netsvcs
      C:\WINDOWS\system32\svchost.exe -k LocalService
      C:\WINDOWS\system32\svchost.exe -k imgsvc
      .
      ============== Pseudo HJT Report ===============
      .
      uStart Page = hxxp://search.conduit.com?SearchSource=10&ctid=CT2790392
      uURLSearchHooks: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\6.0\youtubedownloaderToolbarIE.dll
      uURLSearchHooks: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBitT.dll
      BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
      BHO: Java™ Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre6\bin\ssv.dll
      BHO: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBitT.dll
      BHO: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
      BHO: KMP Media Toolbar: {daf5b34c-1aa3-4c33-ae24-766a370635d2} -
      BHO: Java™ Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - c:\program files\java\jre6\bin\jp2ssv.dll
      BHO: JQSIEStartDetectorImpl Class: {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
      BHO: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\6.0\youtubedownloaderToolbarIE.dll
      TB: KMP Media Toolbar: {daf5b34c-1aa3-4c33-ae24-766a370635d2} -
      TB: YouTube Downloader Toolbar: {F3FEE66E-E034-436a-86E4-9690573BEE8A} - c:\program files\youtube downloader toolbar\ie\6.0\youtubedownloaderToolbarIE.dll
      TB: BitTorrentBar Toolbar: {88c7f2aa-f93f-432c-8f0e-b7d85967a527} - c:\program files\bittorrentbar\prxtbBitT.dll
      TB: avast! WebRep: {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - c:\program files\avast software\avast\aswWebRepIE.dll
      uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized
      uRun: [Anders Kjersem: TransBar] d:\sniper control\programs\themes\transbar\TransBar.exe /NoConfig
      uRun: [speedConnectStartUp] <no file>
      mRun: [soundMan] SOUNDMAN.EXE
      mRun: [RivaTunerStartupDaemon] "d:\sniper control\programs\overclock\rivatuner v2.24 msi master overclocking arena 2009 edition\RivaTuner.exe" /S
      mRun: [searchSettings] "c:\program files\common files\spigot\search settings\SearchSettings.exe"
      mRun: [NvCplDaemon] RUNDLL32.EXE c:\windows\system32\NvCpl.dll,NvStartup
      mRun: [NvMediaCenter] RUNDLL32.EXE c:\windows\system32\NvMcTray.dll,NvTaskbarInit
      mRun: [Malwarebytes' Anti-Malware] "c:\program files\malwarebytes' anti-malware\mbamgui.exe" /starttray
      mRun: [KernelFaultCheck] c:\windows\system32\dumprep 0 -k
      mRun: [avast] "c:\program files\avast software\avast\avastUI.exe" /nogui
      dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE
      uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
      mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
      IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
      IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
      LSP: d:\sniper control\programs\we fi\vmware\vsocklib.dll
      DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      DPF: {CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.5.0/jinstall-1_5_0_17-windows-i586.cab
      DPF: {CAFEEFAC-0016-0000-0031-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_31-windows-i586.cab
      TCP: Interfaces\{2B6DBC23-3083-4CC0-939A-35E8873DFCCF} : NameServer = 192.168.15.12,195.24.48.5
      TCP: Interfaces\{31014428-4498-43C5-88BE-764AF0B4A0CC} : NameServer = 192.168.15.12,195.24.48.5
      Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
      SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\wpdshserviceobj.dll
      .
      ================= FIREFOX ===================
      .
      FF - ProfilePath - c:\documents and settings\scontrol\application data\mozilla\firefox\profiles\8zg5gh6y.default\
      FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=3&q={searchTerms}
      FF - prefs.js: browser.search.selectedEngine - Google
      FF - prefs.js: browser.startup.homepage - about:home
      FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2790392&SearchSource=2&q=
      FF - prefs.js: network.proxy.type - 0
      FF - plugin: c:\documents and settings\scontrol\application data\mozilla\firefox\profiles\8zg5gh6y.default\extensions\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}\plugins\np-mswmp.dll
      FF - plugin: c:\program files\adobe\reader 10.0\reader\air\nppdf32.dll
      FF - plugin: c:\program files\goalbitsolutions\goalbit\npgoalbit.dll
      FF - plugin: c:\program files\google\update\1.3.21.111\npGoogleUpdate3.dll
      FF - plugin: c:\program files\java\jre6\bin\plugin2\npdeployJava1.dll
      FF - plugin: c:\program files\java\jre6\bin\plugin2\npjp2.dll
      FF - plugin: c:\program files\pando networks\media booster\npPandoWebPlugin.dll
      .
      ============= SERVICES / DRIVERS ===============
      .
      R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2012-7-16 721000]
      R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2012-7-16 353688]
      R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;c:\windows\system32\drivers\dtsoftbus01.sys [2012-3-8 242240]
      R1 SysTool;SysTool Overclocking Utility;c:\windows\system32\drivers\SysTool.sys [2006-11-10 24064]
      R2 Application Updater;Application Updater;c:\program files\application updater\ApplicationUpdater.exe [2012-6-27 791488]
      R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2012-7-16 21256]
      R2 avast! Antivirus;avast! Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2012-7-16 44808]
      R2 MBAMService;MBAMService;c:\program files\malwarebytes' anti-malware\mbamservice.exe [2012-3-28 655944]
      R2 vmci;VMware vmci;c:\windows\system32\drivers\vmci.sys [2011-3-25 70768]
      R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2012-3-28 22344]
      R3 ULI5261XP;ULi M526X Ethernet NT Driver;c:\windows\system32\drivers\ULILAN51.SYS [2012-4-22 28672]
      S0 NVStrap;NVStrap;c:\windows\system32\drivers\NVStrap.sys [2012-3-8 4224]
      S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
      S3 AR9271;Wireless Network Adapter Service;c:\windows\system32\drivers\athuw.sys [2012-5-12 1763584]
      S3 AsrOcDrv;AsrOcDrv;\??\c:\windows\system32\drivers\asrocdrv.sys --> c:\windows\system32\drivers\AsrOcDrv.sys [?]
      S3 GGSAFERDriver;GGSAFER Driver;\??\c:\program files\garena plus\room\safedrv.sys --> c:\program files\garena plus\room\safedrv.sys [?]
      S3 GPU-Z;GPU-Z;\??\c:\docume~1\scontrol\locals~1\temp\gpu-z.sys --> c:\docume~1\scontrol\locals~1\temp\GPU-Z.sys [?]
      S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2012-7-16 40776]
      S3 NPF;Netgroup Packet Filter;c:\windows\system32\drivers\npf.sys [2012-5-30 32512]
      S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
      S4 AODService;AODService;c:\program files\amd\overdrive\AODAssist.exe [2009-10-22 136544]
      S4 gupdate;Google Update Service (gupdate);c:\program files\google\update\GoogleUpdate.exe [2012-3-8 136176]
      S4 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2012-3-8 136176]
      S4 MozillaMaintenance;Mozilla Maintenance Service;c:\program files\mozilla maintenance service\maintenanceservice.exe [2012-4-25 113120]
      S4 SwitchBoard;Adobe SwitchBoard;c:\program files\common files\adobe\switchboard\SwitchBoard.exe [2010-2-19 517096]
      S4 VMUSBArbService;VMware USB Arbitration Service;c:\program files\common files\vmware\usb\vmware-usbarbitrator.exe [2011-3-25 539248]
      .
      =============== Created Last 30 ================
      .
      2012-07-16 15:15:31 558133 ----a-w- c:\windows\system32\sqlite3.dll
      2012-07-16 12:26:56 721000 ----a-w- c:\windows\system32\drivers\aswSnx.sys
      2012-07-16 12:26:06 41224 ----a-w- c:\windows\avastSS.scr
      2012-07-16 12:25:45 40776 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
      2012-07-16 12:16:00 -------- d-----w- c:\program files\ESET
      2012-07-16 10:26:55 0 ----a-w- c:\program files\GUT96B.tmp
      2012-07-16 10:26:55 -------- d-----w- c:\program files\GUM96A.tmp
      2012-07-14 19:48:04 -------- d-----w- c:\documents and settings\scontrol\local settings\application data\CRE
      2012-07-14 19:47:54 -------- d-----w- c:\program files\Conduit
      2012-07-14 19:47:53 -------- d-----w- c:\documents and settings\scontrol\local settings\application data\BitTorrentBar
      2012-07-14 19:47:52 -------- d-----w- c:\documents and settings\scontrol\local settings\application data\Conduit
      2012-07-14 19:47:51 -------- d-----w- c:\program files\BitTorrentBar
      2012-07-14 19:47:32 -------- d-----w- c:\program files\BitTorrent
      2012-07-14 19:47:14 -------- d-----w- c:\documents and settings\scontrol\application data\BitTorrent
      2012-07-13 08:02:03 -------- d-----w- c:\program files\The KMPlayer
      2012-07-13 08:01:54 -------- d-----w- c:\documents and settings\all users\application data\Ask
      2012-07-10 16:30:27 -------- d-----w- c:\documents and settings\scontrol\application data\NVIDIA
      2012-07-10 16:19:42 -------- d-----w- C:\NVIDIA
      2012-07-06 06:07:13 -------- d-----w- c:\documents and settings\scontrol\local settings\application data\Identities
      2012-07-03 06:46:15 -------- d-----w- c:\program files\VentSrv
      2012-07-02 15:38:39 -------- d-sh--w- C:\$RECYCLE.BIN
      2012-07-02 13:31:43 2106216 ----a-w- c:\windows\system32\D3DCompiler_43.dll
      2012-07-02 13:31:42 470880 ----a-w- c:\windows\system32\d3dx10_43.dll
      2012-07-02 13:31:34 1998168 ----a-w- c:\windows\system32\D3DX9_43.dll
      2012-07-01 15:14:27 -------- d-----w- c:\documents and settings\scontrol\application data\wtxpcom
      2012-07-01 14:24:17 -------- d-----w- c:\documents and settings\scontrol\application data\YouTube Downloader
      2012-07-01 14:23:39 -------- d-----w- c:\documents and settings\scontrol\application data\Search Settings
      2012-07-01 14:23:30 -------- d-----w- c:\program files\Application Updater
      2012-07-01 14:23:29 -------- d-----w- c:\program files\common files\Spigot
      2012-07-01 14:23:28 -------- d-----w- c:\program files\YouTube Downloader Toolbar
      2012-06-30 09:13:17 -------- d-----w- c:\program files\GPU-Z
      2012-06-29 11:25:05 -------- d-----w- c:\windows\RegisteredPackages
      2012-06-29 11:23:03 -------- d-----w- c:\windows\system32\AGEIA
      2012-06-25 10:56:49 -------- d-----w- c:\documents and settings\all users\application data\Panda Security
      2012-06-23 07:03:30 -------- d-sh--w- C:\found.001
      2012-06-17 18:15:32 770384 ----a-w- c:\program files\mozilla firefox\msvcr100.dll
      2012-06-17 18:15:32 421200 ----a-w- c:\program files\mozilla firefox\msvcp100.dll
      .
      ==================== Find3M ====================
      .
      2012-07-15 13:15:38 1075248 ----a-w- c:\windows\system32\nvdrsdb1.bin
      2012-07-15 13:15:38 1 ----a-w- c:\windows\system32\nvdrssel.bin
      2012-07-15 13:15:35 1075248 ----a-w- c:\windows\system32\nvdrsdb0.bin
      2012-07-03 10:46:44 22344 ----a-w- c:\windows\system32\drivers\mbam.sys
      2012-06-12 19:36:57 60416 ----a-w- c:\windows\ALCFDRTM.VER
      2012-05-29 11:49:05 224016 --s---r- c:\windows\system32\TABCTL32.OCX
      2012-05-29 11:49:05 1010720 --s---r- c:\windows\system32\MSCHRT20.OCX
      2012-05-29 11:49:04 152848 --s---r- c:\windows\system32\COMDLG32.OCX
      2012-05-29 11:48:50 1081616 --s---r- c:\windows\system32\MSCOMCTL.OCX
      2012-05-28 12:01:55 2076 ----a-w- c:\windows\system32\ealregsnapshot1.reg
      2012-05-15 10:18:00 883008 ----a-w- c:\windows\system32\nvgenco32.dll
      2012-05-15 10:18:00 65536 ----a-w- c:\windows\system32\OpenCL.dll
      2012-05-15 10:18:00 6012928 ----a-w- c:\windows\system32\nvcuda.dll
      2012-05-15 10:18:00 4373248 ----a-w- c:\windows\system32\nv4_disp.dll
      2012-05-15 10:18:00 2530624 ----a-w- c:\windows\system32\nvcuvid.dll
      2012-05-15 10:18:00 2445120 ----a-w- c:\windows\system32\nvcuvenc.dll
      2012-05-15 10:18:00 2359808 ----a-w- c:\windows\system32\nvapi.dll
      2012-05-15 10:18:00 18771968 ----a-w- c:\windows\system32\nvoglnt.dll
      2012-05-15 10:18:00 17543168 ----a-w- c:\windows\system32\nvcompiler.dll
      2012-05-15 10:18:00 14014656 ----a-w- c:\windows\system32\drivers\nv4_mini.sys
      2012-05-15 10:18:00 1000768 ----a-w- c:\windows\system32\nvdispco32.dll
      2012-05-15 09:40:26 54272 ----a-w- c:\windows\system32\nvwddi.dll
      2012-05-15 09:40:02 15504192 ----a-w- c:\windows\system32\nvcpl.dll
      2012-05-15 09:40:02 143680 ----a-w- c:\windows\system32\nvcolor.exe
      2012-05-15 09:40:01 164160 ----a-w- c:\windows\system32\nvsvc32.exe
      2012-05-15 09:40:01 108352 ----a-w- c:\windows\system32\nvmctray.dll
      2012-04-22 10:51:40 592896 ----a-w- c:\windows\system32\drivers\umdf\PCCSWpdDriver.dll
      2012-04-22 10:51:40 1837296 ----a-w- c:\windows\system32\WUDFUpdate_01009.dll
      2012-04-22 10:51:38 18816 ----a-w- c:\windows\system32\drivers\pccsmcfd.sys
      .
      ============= FINISH: 21:15:17.60 ===============

      .
      UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
      IF REQUESTED, ZIP IT UP & ATTACH IT
      .
      DDS (Ver_2011-09-30.01)
      .
      Microsoft Windows XP Professional
      Boot Device: \Device\HarddiskVolume1
      Install Date: 3/8/2012 17:20:43
      System Uptime: 7/16/2012 18:35:35 (3 hours ago)
      .
      Motherboard: | | 939Dual-SATA2
      Processor: AMD Athlon™ 64 Processor 3700+ | CPUSocket | 2420/200mhz
      .
      ==== Disk Partitions =========================
      .
      A: is Removable
      C: is FIXED (NTFS) - 100 GiB total, 58.075 GiB free.
      D: is FIXED (NTFS) - 198 GiB total, 138.553 GiB free.
      E: is CDROM ()
      .
      ==== Disabled Device Manager Items =============
      .
      Class GUID: {4D36E972-E325-11CE-BFC1-08002BE10318}
      Description: Realtek RTL8139 Family PCI Fast Ethernet NIC
      Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&3B8BE48B&0&3030
      Manufacturer: Realtek
      Name: Realtek RTL8139 Family PCI Fast Ethernet NIC
      PNP Device ID: PCI\VEN_10EC&DEV_8139&SUBSYS_813910EC&REV_10\4&3B8BE48B&0&3030
      Service: rtl8139
      .
      ==== System Restore Points ===================
      .
      RP33: 4/18/2012 23:50:58 - Installed DirectX
      RP34: 4/19/2012 15:32:37 - Installed HP USB Disk Storage Format Tool
      RP35: 4/19/2012 23:36:58 - avast! Pro Antivirus Setup
      RP36: 4/19/2012 23:39:07 - Installed Kaspersky Anti-Virus 2012.
      RP37: 4/19/2012 23:43:22 - Installed Kaspersky Anti-Virus 2012.
      RP38: 4/22/2012 18:44:50 - Контролна точка на системата
      RP39: 4/25/2012 21:24:51 - Контролна точка на системата
      RP40: 4/27/2012 21:54:00 - Контролна точка на системата
      RP41: 4/30/2012 10:58:52 - Installed Microsoft Virtual PC 2007
      RP42: 4/30/2012 11:42:09 - Installed Oracle VM VirtualBox 4.1.2
      RP43: 4/30/2012 12:10:13 - Removed Microsoft Virtual PC 2007
      RP44: 4/30/2012 12:10:47 - Removed Oracle VM VirtualBox 4.1.2
      RP45: 4/30/2012 12:12:02 - Removed HDD Regenerator
      RP46: 4/30/2012 21:22:00 - Installed NVIDIA Performance
      RP47: 4/30/2012 21:23:00 - Installed NVIDIA System Monitor
      RP48: 4/30/2012 22:05:37 - Операция за възстановяване
      RP49: 4/30/2012 22:27:22 - Removed Kaspersky Anti-Virus 2012.
      RP50: 4/30/2012 23:06:33 - Installed NVIDIA nTune
      RP51: 4/30/2012 23:21:49 - Installed AMD OverDrive.
      RP52: 5/1/2012 09:53:38 - Software Distribution Service 3.0
      RP53: 5/2/2012 13:05:16 - Контролна точка на системата
      RP54: 5/2/2012 20:09:53 - Removed League of Legends
      RP55: 5/2/2012 21:20:57 - Операция за възстановяване
      RP56: 5/2/2012 21:30:21 - Software Distribution Service 3.0
      RP57: 5/3/2012 22:31:00 - Software Distribution Service 3.0
      RP58: 5/4/2012 14:27:34 - Installed Iron Man.
      RP59: 5/5/2012 10:25:18 - Software Distribution Service 3.0
      RP60: 5/6/2012 01:53:29 - Software Distribution Service 3.0
      RP61: 5/6/2012 13:26:31 - Installed DirectX
      RP62: 5/7/2012 07:50:07 - Software Distribution Service 3.0
      RP63: 5/8/2012 10:02:10 - Software Distribution Service 3.0
      RP64: 5/9/2012 14:57:54 - Software Distribution Service 3.0
      RP65: 5/10/2012 16:35:29 - Контролна точка на системата
      RP66: 5/10/2012 21:08:12 - Software Distribution Service 3.0
      RP67: 5/12/2012 10:16:55 - Software Distribution Service 3.0
      RP68: 5/12/2012 10:28:47 - Installed Windows KB954550-v5.
      RP69: 5/12/2012 10:28:55 - Printer Driver Microsoft XPS Document Writer Installed
      RP70: 5/12/2012 10:29:02 - Printer Driver Microsoft XPS Document Writer Installed
      RP71: 5/12/2012 10:31:28 - Installed inSSIDer
      RP72: 5/12/2012 13:14:08 - Installed TP-LINK Wireless Configuration Utility and Driver
      RP73: 5/12/2012 13:15:47 - Инсталиране на неподписан драйвер
      RP74: 5/13/2012 02:07:12 - Software Distribution Service 3.0
      RP75: 5/14/2012 12:15:45 - Контролна точка на системата
      RP76: 5/15/2012 22:41:09 - Контролна точка на системата
      RP77: 5/17/2012 12:16:36 - Installed Spider-Man 3™
      RP78: 5/19/2012 20:35:06 - Installed Windows XP Wdf01009.
      RP79: 5/19/2012 20:36:26 - Installed Windows XP Wudf01009.
      RP80: 5/20/2012 21:46:25 - Инсталиране на неподписан драйвер
      RP81: 5/22/2012 07:37:02 - Контролна точка на системата
      RP82: 5/23/2012 12:15:38 - Контролна точка на системата
      RP83: 5/23/2012 17:39:00 - Removed Enemy Territory - QUAKE Wars™
      RP84: 5/24/2012 18:41:54 - Контролна точка на системата
      RP85: 5/26/2012 10:00:23 - Контролна точка на системата
      RP86: 5/27/2012 13:28:16 - Контролна точка на системата
      RP87: 5/27/2012 15:36:06 - Configured EA Download Manager
      RP88: 5/27/2012 15:36:50 - Configured EA Download Manager
      RP89: 5/28/2012 14:40:02 - Removed Burnout™ Paradise The Ultimate Box
      RP90: 5/28/2012 14:54:01 - Installed Burnout™ Paradise The Ultimate Box
      RP91: 5/28/2012 15:01:55 - Configured EA Download Manager
      RP92: 5/30/2012 15:00:35 - Installed Pro Evolution Soccer 2012.
      RP93: 5/31/2012 19:17:50 - Контролна точка на системата
      RP94: 6/2/2012 18:57:15 - Контролна точка на системата
      RP95: 6/4/2012 22:34:45 - Контролна точка на системата
      RP96: 6/6/2012 11:52:13 - Контролна точка на системата
      RP97: 6/6/2012 22:22:18 - Installed OSCAR Editor
      RP98: 6/8/2012 14:01:34 - Контролна точка на системата
      RP99: 6/10/2012 14:06:33 - Контролна точка на системата
      RP100: 6/17/2012 15:49:28 - Контролна точка на системата
      RP101: 6/21/2012 15:40:13 - Контролна точка на системата
      RP102: 6/24/2012 20:33:33 - Контролна точка на системата
      RP103: 6/27/2012 12:01:33 - Removed Ventrilo Client
      RP104: 6/27/2012 12:01:47 - Removed Ventrilo Client
      RP105: 6/27/2012 12:02:37 - Installed Ventrilo Client
      RP106: 6/27/2012 12:08:43 - Installed Ventrilo Server
      RP107: 6/29/2012 11:17:36 - Контролна точка на системата
      RP108: 6/29/2012 14:16:12 - Installed Tom Clancy's Ghost Recon Advanced Warfighter® 2
      RP109: 6/29/2012 14:23:00 - Installed AGEIA PhysX v7.05.17
      RP110: 6/29/2012 14:24:43 - Installed DirectX
      RP111: 7/1/2012 00:16:21 - Removed Ventrilo Client
      RP112: 7/1/2012 22:16:27 - Removed HP USB Disk Storage Format Tool
      RP113: 7/1/2012 22:16:57 - Removed inSSIDer
      RP114: 7/1/2012 22:21:33 - Removed Iron Man.
      RP115: 7/1/2012 22:31:45 - Removed Nokia Connectivity Cable Driver
      RP116: 7/1/2012 22:33:35 - Removed Spider-Man 3™
      RP117: 7/2/2012 16:31:33 - Installed DirectX
      RP118: 7/3/2012 09:45:41 - Removed Ventrilo Server
      RP119: 7/3/2012 09:46:15 - Installed Ventrilo Server
      RP120: 7/10/2012 19:16:05 - Configured NVIDIA nTune
      RP121: 7/14/2012 15:39:51 - Контролна точка на системата
      RP122: 7/15/2012 16:55:41 - Removed FIFA 10
      RP123: 7/15/2012 16:56:44 - Installed FIFA 10
      RP124: 7/16/2012 15:25:35 - avast! Free Antivirus Setup
      .
      ==== Installed Programs ======================
      .
      A-Mac Address Change 5.0
      Adobe AIR
      Adobe Community Help
      Adobe Flash Player 11 ActiveX
      Adobe Flash Player 11 Plugin
      Adobe Photoshop CS5.1
      Adobe Reader X (10.1.3)
      AGEIA PhysX v7.05.17
      AMD OverDrive
      AMD Processor Driver
      Anders Kjersem: TransBar
      avast! Free Antivirus
      BitTorrent
      BitTorrentBar Toolbar
      BS.Player PRO
      Burnout™ Paradise The Ultimate Box
      Counter-Strike
      Cracked Steam
      DAEMON Tools Lite
      DFX for Winamp
      Easy WiFi Radar 1.0.3
      ESET Online Scanner v3
      FIFA 10
      Garena Plus
      Goalbit web plugins
      GOM Player
      Google Chrome
      Google Update Helper
      HD Tune 2.52
      HDD Regenerator
      Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
      Hotfix for Windows Media Format 11 SDK (KB929399)
      Hotfix for Windows Media Player 11 (KB939683)
      Hotfix for Windows XP (KB2443685)
      Hotfix for Windows XP (KB954550-v5)
      Hotfix for Windows XP (KB970653-v3)
      J2SE Runtime Environment 5.0 Update 17
      Java Auto Updater
      Java™ 6 Update 31
      K-Lite Codec Pack 8.4.0 (Basic)
      League of Legends
      Malwarebytes Anti-Malware, версия 1.62.0.1300
      Microsoft .NET Framework 2.0 Service Pack 2
      Microsoft .NET Framework 3.0 Service Pack 2
      Microsoft .NET Framework 3.5 SP1
      Microsoft .NET Framework 4 Client Profile
      Microsoft .NET Framework 4 Extended
      Microsoft Application Error Reporting
      Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
      Microsoft User-Mode Driver Framework Feature Pack 1.9
      Microsoft Visual C++ 2005 Redistributable
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
      Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
      Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319
      Microsoft_VC100_CRT_SP1_x86
      Microsoft_VC80_ATL_x86
      Microsoft_VC80_CRT_x86
      Microsoft_VC80_MFC_x86
      Microsoft_VC80_MFCLOC_x86
      Microsoft_VC90_ATL_x86
      Microsoft_VC90_CRT_x86
      Microsoft_VC90_MFC_x86
      Microsoft_VC90_MFCLOC_x86
      Mozilla Firefox 13.0.1 (x86 bg)
      Mozilla Maintenance Service
      MSVC80_x86_v2
      MSVC90_x86
      NVIDIA Control Panel 301.42
      NVIDIA Graphics Driver 301.42
      NVIDIA Install Application
      Opera 12.00
      Origin
      OSCAR Editor
      Pando Media Booster
      PC Connectivity Solution
      PDF Settings CS5
      Pro Evolution Soccer 2012
      qBittorrent 2.9.5
      Realtek AC'97 Audio
      SeaTools for Windows
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2633870)
      Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
      Security Update for Microsoft .NET Framework 4 Extended (KB2487367)
      Security Update for Microsoft .NET Framework 4 Extended (KB2656351)
      Security Update for Windows Internet Explorer 8 (KB2675157)
      Security Update for Windows Media Player 11 (KB954154)
      Security Update for Windows XP (KB2121546)
      Security Update for Windows XP (KB2296199)
      Security Update for Windows XP (KB2524375)
      Security Update for Windows XP (KB2621440)
      Security Update for Windows XP (KB2641653)
      Security Update for Windows XP (KB2647518)
      Security Update for Windows XP (KB2653956)
      Security Update for Windows XP (KB923789)
      Security Update for Windows XP (KB938464)
      Security Update for Windows XP (KB941569)
      Security Update for Windows XP (KB971468)
      Security Update for Windows XP (KB973346)
      Security Update for Windows XP (KB978037)
      Security Update for Windows XP (KB979683)
      Security Update for Windows XP (KB980195)
      Security Update for Windows XP (KB980232)
      Skype™ 3.8
      SpeedConnect XP Internet Accelerator 6.5
      System Requirements Lab
      System Requirements Lab CYRI
      SysTool Overclocking Utility
      TeamSpeak 3 Client
      TeamViewer 7
      Technitium MAC Address Changer v6.0.3
      TechPowerUp GPU-Z
      The KMPlayer (remove only)
      TL-WN721N/TL-WN722N Driver
      Tom Clancy's Ghost Recon Advanced Warfighter® 2
      tools-freebsd
      tools-linux
      tools-netware
      tools-solaris
      tools-windows
      tools-winPre2k
      ULi LAN Driver
      ULi SATA Driver
      Update for Windows XP (KB2607712)
      Ventrilo Server
      VLC media player 1.1.10
      VMware Workstation
      WebFldrs XP
      Winamp (remove only)
      Windows Driver Package - Nokia pccsmcfd (08/22/2008 7.0.0.0)
      Windows Internet Explorer 8
      WinRAR archiver
      YouTube Downloader Toolbar v6.0
      .
      ==== Event Viewer Messages From Past Week ========
      .
      7/9/2012 23:05:30, error: Service Control Manager [7034] - The Application Updater service terminated unexpectedly. It has done this 1 time(s).
      7/16/2012 15:19:54, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s).
      7/16/2012 14:03:23, error: System Error [1003] - Error code 1000000a, parameter1 00000000, parameter2 00000002, parameter3 00000001, parameter4 8051ee8e.
      7/16/2012 14:03:23, error: System Error [1003] - Error code 1000000a, parameter1 00000000, parameter2 00000002, parameter3 00000000, parameter4 805345ba.
      7/16/2012 14:03:22, error: System Error [1003] - Error code 100000d1, parameter1 00000000, parameter2 00000002, parameter3 00000001, parameter4 f53fd10d.
      7/16/2012 14:03:21, error: System Error [1003] - Error code 100000d1, parameter1 e36fcdad, parameter2 00000002, parameter3 00000008, parameter4 e36fcdad.
      7/16/2012 14:03:21, error: System Error [1003] - Error code 000000f4, parameter1 00000003, parameter2 8708c020, parameter3 8708c194, parameter4 805c8c7c.
      7/16/2012 14:03:20, error: System Error [1003] - Error code 100000d1, parameter1 ff3769c1, parameter2 00000002, parameter3 00000000, parameter4 f58bb7bc.
      7/16/2012 14:03:19, error: System Error [1003] - Error code 1000000a, parameter1 46f57fdc, parameter2 00000002, parameter3 00000001, parameter4 80500d1c.
      7/16/2012 14:03:17, error: System Error [1003] - Error code 100000d0, parameter1 068030f8, parameter2 00000002, parameter3 00000001, parameter4 80542de7.
      7/16/2012 14:03:15, error: System Error [1003] - Error code 100000d1, parameter1 fef83f92, parameter2 00000002, parameter3 00000000, parameter4 f5264220.
      7/16/2012 14:03:13, error: System Error [1003] - Error code 1000000a, parameter1 2eb8974d, parameter2 00000002, parameter3 00000001, parameter4 805009c8.
      7/16/2012 14:03:08, error: System Error [1003] - Error code 1000007f, parameter1 00000008, parameter2 80042000, parameter3 00000000, parameter4 00000000.
      7/14/2012 23:36:22, error: nv [14] - Unknown error on L0 -> L0
      7/13/2012 18:38:04, error: atapi [9] - The device, \Device\Ide\IdePort1, did not respond within the timeout period.
      7/13/2012 10:33:39, error: Service Control Manager [7034] - The NVIDIA Update Service Daemon service terminated unexpectedly. It has done this 1 time(s).
      7/12/2012 23:04:23, error: Service Control Manager [7034] - The Ventrilo service terminated unexpectedly. It has done this 1 time(s).
      7/12/2012 21:25:00, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service gupdate with arguments "/comsvc" in order to run the server: {4EB61BAC-A3B6-4760-9581-655041EF4D69}
      7/12/2012 19:54:06, error: Service Control Manager [7000] - The Vstor2 WS60 Virtual Storage Driver service failed to start due to the following error: The system cannot find the path specified.
      7/10/2012 19:15:12, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}
      .
      ==== End Of File ===========================

      След като инсталирах Аваст започна да пищи докато съм в Мозилата или операта и показва ето това:

    • от epiX
      Нямам представа от къде се появи този проблем, преинсталирах машината и той продължава да съществува. Пускам PC-то и на пускане, след като зареди Login Screen-а, пиша Password, влизам и всичко е забило. Мога да бутам Task Manager и отделни прозорци, но Desktop + Menu (TaskBar) са забили (freeze/бъгнали - не мога да ги натисна) и като сложа мишката върху TaskBar-а, излиза Cursor с зареждаща стрелка, а не нормалната. Clean-вах registry, чистих навсякъде, преинсталирах както казах и тн. Моля помогнете Не съм единствения с този проблем на скоро.

      Attach.txt -

      . UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG. IF REQUESTED, ZIP IT UP & ATTACH IT . DDS (Ver_2011-09-30.01) . Microsoft Windows XP Professional Boot Device: \Device\HarddiskVolume1 Install Date: 7/12/2012 7:13:03 PM System Uptime: 7/12/2012 8:59:09 PM (2 hours ago) . Motherboard: EPoX COMPUTER CO.,LTD | | i925XE DDR2: 5LWAJ Processor: Intel(R) Pentium(R) 4 CPU 3.06GHz | Socket 775 | 3073/133mhz . ==== Disk Partitions ========================= . A: is Removable C: is FIXED (NTFS) - 15 GiB total, 2.801 GiB free. D: is FIXED (NTFS) - 41 GiB total, 22.213 GiB free. E: is FIXED (NTFS) - 41 GiB total, 19.668 GiB free. F: is FIXED (NTFS) - 46 GiB total, 33.343 GiB free. G: is CDROM (CDFS) . ==== Disabled Device Manager Items ============= . Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318} Description: Video Controller (VGA Compatible) Device ID: PCI\VEN_10DE&DEV_0393&SUBSYS_04121462&REV_A1\4&FD38F8A&0&0008 Manufacturer: Name: Video Controller (VGA Compatible) PNP Device ID: PCI\VEN_10DE&DEV_0393&SUBSYS_04121462&REV_A1\4&FD38F8A&0&0008 Service: . ==== System Restore Points =================== . RP1: 7/12/2012 7:15:52 PM - System Checkpoint RP2: 7/12/2012 7:18:42 PM - Installed Realtek High Definition Audio Driver RP3: 7/12/2012 8:10:54 PM - Installed MorphVOX Pro RP4: 7/12/2012 8:20:17 PM - Installed DirectX RP5: 7/12/2012 8:21:45 PM - Removed Skype™ 3.8 RP6: 7/12/2012 8:35:36 PM - Removed MorphVOX Pro RP7: 7/12/2012 8:37:41 PM - Installed MorphVOX Pro . ==== Installed Programs ====================== . Adobe Color EU Extra Settings Adobe Color JA Extra Settings Adobe Color NA Recommended Settings Adobe Photoshop CS3 Adobe Setup Adobe Stock Photos CS3 Adobe WinSoft Linguistics Plugin CCleaner FlexType 2K GOM Player Google Chrome Malwarebytes Anti-Malware version 1.62.0.1300 Microsoft .NET Framework 2.0 Microsoft .NET Framework 4 Client Profile Microsoft .NET Framework 4 Extended Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4048 MorphVOX Pro Notepad++ Realtek High Definition Audio Driver Registry Clean Expert Security Update for Windows XP (KB923789) Security Update for Windows XP (KB950760) Security Update for Windows XP (KB980195) Skype™ 5.10 Update for Microsoft Windows (KB971513) Update for Windows XP (KB2467659) Update for Windows XP (KB898461) uTorrentControl2 Toolbar WebFldrs XP Winamp Winamp Detector Plug-in WinRAR 4.20 (32-±ётѕІ° Іµрсёя) Wise Registry Cleaner 7.36 µTorrent . ==== Event Viewer Messages From Past Week ======== . 7/12/2012 9:56:28 PM, information: Windows File Protection [64017] - Windows File Protection file scan completed successfully. 7/12/2012 9:50:28 PM, information: Windows File Protection [64021] - The system file c:\winxp\system32\ieencode.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability. 7/12/2012 9:43:31 PM, information: Windows File Protection [64021] - The system file c:\program files\common files\microsoft shared\web server extensions\40\isapi\_vti_adm\admin.dll could not be copied into the DLL cache. The specific error code is 0x000004c7 [The operation was canceled by the user. ]. This file is necessary to maintain system stability. 7/12/2012 9:43:21 PM, information: Windows File Protection [64016] - Windows File Protection file scan was started. 7/12/2012 9:04:13 PM, error: Service Control Manager [7034] - The MBAMService service terminated unexpectedly. It has done this 1 time(s). 7/12/2012 9:04:11 PM, error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: PCIIde 7/12/2012 9:01:42 PM, error: sr [1] - The System Restore filter encountered the unexpected error '0xC0000001' while processing the file '' on the volume 'HarddiskVolume1'. It has stopped monitoring the volume. 7/12/2012 7:44:26 PM, error: Ntfs [55] - The file system structure on the disk is corrupt and unusable. Please run the chkdsk utility on the volume D:. 7/12/2012 7:21:55 PM, error: Dhcp [1002] - The IP address lease 192.168.1.103 for the Network Card with network address 000461ABDCD9 has been denied by the DHCP server 192.168.95.1 (The DHCP Server sent a DHCPNACK message). 7/12/2012 7:18:40 PM, error: W32Time [17] - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751) 7/12/2012 7:13:15 PM, error: Setup [60055] - Windows Setup encountered non-fatal errors during installation. Please check the setuperr.log found in your Windows directory for more information. . ==== End Of File =========================== DDS.txt -


      DDS (Ver_2011-09-30.01) - NTFS_x86 Internet Explorer: 8.0.6001.18702 Run by l337 at 22:24:42 on 2012-07-12 Microsoft Windows XP Professional 5.1.2600.3.1251.1.1033.18.2047.1036 [GMT 3:00] . . ============== Running Processes ================ . C:\WINXP\system32\spoolsv.exe C:\WINXP\SOUNDMAN.EXE C:\WINXP\ALCWZRD.EXE C:\WINXP\explorer.exe F:\MorphVOX Pro\MorphVOXPro.exe C:\WINXP\System32\alg.exe C:\WINXP\system32\wscntfy.exe E:\uTorrent\uTorrent.exe E:\FlexType 2K\FType2K.exe C:\Program Files\Skype\Phone\Skype.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe E:\Registry Clean Expert\RCHelper.exe E:\Wise Registry Cleaner\WiseRegCleaner.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\Documents and Settings\l337\Local Settings\Application Data\Google\Chrome\Application\chrome.exe C:\WINXP\system32\wbem\wmiprvse.exe C:\WINXP\System32\svchost.exe -k netsvcs C:\WINXP\system32\svchost.exe -k NetworkService C:\WINXP\system32\svchost.exe -k LocalService C:\WINXP\system32\svchost.exe -k LocalService C:\WINXP\system32\svchost.exe -k imgsvc . ============== Pseudo HJT Report =============== . uURLSearchHooks: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll BHO: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: uTorrentControl2 Toolbar: {687578B9-7132-4A7A-80E4-30EE31099E03} - c:\program files\utorrentcontrol2\prxtbuTor.dll TB: uTorrentControl2 Toolbar: {687578b9-7132-4a7a-80e4-30ee31099e03} - c:\program files\utorrentcontrol2\prxtbuTor.dll uRun: [CTFMON.EXE] c:\winxp\system32\ctfmon.exe uRun: [uTorrent] "e:\utorrent\uTorrent.exe" /MINIMIZED uRun: [Google Update] "c:\documents and settings\l337\local settings\application data\google\update\GoogleUpdate.exe" /c uRun: [Skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun uRun: [RegClean Expert Scheduler] "e:\registry clean expert\RCHelper.exe" /startup mRun: [exflashservice] "c:\program files\epox\efs\EZ_FLASH_SERVICE.exe" "5000" mRun: [SoundMan] SOUNDMAN.EXE mRun: [AlcWzrd] ALCWZRD.EXE mRun: [Alcmtr] ALCMTR.EXE mRun: [Malwarebytes' Anti-Malware] "e:\malwarebytes' anti-malware\mbamgui.exe" /starttray mRun: [WinampAgent] e:\winamp\winampa.exe dRun: [CTFMON.EXE] c:\winxp\system32\CTFMON.EXE StartupFolder: c:\docume~1\alluse~1.win\startm~1\programs\startup\flexty~1.lnk - e:\flextype 2k\FType2K.exe uPolicies-Explorer: NoDriveTypeAutoRun = dword:255 mPolicies-Explorer: NoDriveTypeAutoRun = dword:145 IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe TCP: NameServer = 89.215.246.22 89.215.246.3 TCP: Interfaces\{5AB39541-54E7-42C6-9FF5-E9387D2BD5AA} : NameServer = 89.215.246.40 89.215.246.3 TCP: Interfaces\{E2623B4D-9F35-4791-8680-1B407FC73676} : NameServer = 89.215.246.22,89.215.246.3 TCP: Interfaces\{E2623B4D-9F35-4791-8680-1B407FC73676} : DHCPNameServer = 89.215.246.22 89.215.246.3 Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\winxp\system32\wpdshserviceobj.dll . ============= SERVICES / DRIVERS =============== . R3 MBAMProtector;MBAMProtector;c:\winxp\system32\drivers\mbam.sys [2012-7-12 22344] R3 SCREAMINGBDRIVER;Screaming Bee Audio;c:\winxp\system32\drivers\ScreamingBAudio.sys [2010-7-1 34896] S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\winxp\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384] S2 MBAMService;MBAMService;e:\malwarebytes' anti-malware\mbamservice.exe [2012-4-27 655944] S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2012-7-3 160944] S3 EPEZFLASH;EPEZFLASH;c:\program files\epox\efs\EZ_FLASH.sys [2011-3-12 3984] S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\winxp\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504] . =============== Created Last 30 ================ . 2012-07-12 19:01:02 3072 -c--a-w- c:\winxp\system32\dllcache\audstub.sys 2012-07-12 19:01:02 3072 ----a-w- c:\winxp\system32\drivers\audstub.sys 2012-07-12 19:00:41 21504 -c--a-w- c:\winxp\system32\dllcache\hidserv.dll 2012-07-12 19:00:41 21504 ----a-w- c:\winxp\system32\hidserv.dll 2012-07-12 19:00:14 57600 -c--a-w- c:\winxp\system32\dllcache\redbook.sys 2012-07-12 19:00:14 57600 ----a-w- c:\winxp\system32\drivers\redbook.sys 2012-07-12 19:00:02 10624 -c--a-w- c:\winxp\system32\dllcache\gameenum.sys 2012-07-12 19:00:02 10624 ----a-w- c:\winxp\system32\drivers\gameenum.sys 2012-07-12 18:59:27 74240 -c--a-w- c:\winxp\system32\dllcache\usbui.dll 2012-07-12 18:59:27 74240 ----a-w- c:\winxp\system32\usbui.dll 2012-07-12 18:59:16 5504 -c--a-w- c:\winxp\system32\dllcache\intelide.sys 2012-07-12 18:59:16 5504 ----a-w- c:\winxp\system32\drivers\intelide.sys 2012-07-12 18:58:23 -------- d-----w- c:\documents and settings\l337\application data\Wise Registry Cleaner 2012-07-12 18:55:48 12063 -c--a-w- c:\winxp\system32\dllcache\wsiintxx.sys 2012-07-12 18:54:59 26112 -c--a-w- c:\winxp\system32\dllcache\usbser.sys 2012-07-12 18:53:59 8704 -c--a-w- c:\winxp\system32\dllcache\OLDAB5.tmp 2012-07-12 18:52:59 130942 -c--a-w- c:\winxp\system32\dllcache\ptserlv.sys 2012-07-12 18:51:57 65278 -c--a-w- c:\winxp\system32\dllcache\netflx3.sys 2012-07-12 18:50:59 34688 -c--a-w- c:\winxp\system32\dllcache\lbrtfdc.sys 2012-07-12 18:49:32 372824 -c--a-w- c:\winxp\system32\dllcache\iconf32.dll 2012-07-12 18:48:59 93696 -c--a-w- c:\winxp\system32\dllcache\hpgt42.dll 2012-07-12 18:47:59 153631 -c--a-w- c:\winxp\system32\dllcache\el90xnd5.sys 2012-07-12 18:46:59 57399 -c--a-w- c:\winxp\system32\dllcache\OLD4D2.tmp 2012-07-12 18:45:59 39552 -c--a-w- c:\winxp\system32\dllcache\brparwdm.sys 2012-07-12 18:44:51 7168 -c--a-w- c:\winxp\system32\dllcache\OLD226.tmp 2012-07-12 17:46:23 6416 ----a-w- c:\winxp\system32\kbdinori.Dll 2012-07-12 17:46:12 6416 ----a-w- c:\winxp\system32\kbdinasa.Dll 2012-07-12 17:46:11 6928 ----a-w- c:\winxp\system32\kbdhebx.Dll 2012-07-12 17:46:10 8992 ----a-w- c:\winxp\system32\kbdbphz.dLL 2012-07-12 17:46:10 8992 ----a-w- c:\winxp\system32\KBDBPH.dLL 2012-07-12 17:46:10 7440 ----a-w- c:\winxp\system32\Kbddll.dll 2012-07-12 17:46:10 6416 ----a-w- c:\winxp\system32\kbdbp.Dll 2012-07-12 17:46:10 6416 ----a-w- c:\winxp\system32\kbdbds.Dll 2012-07-12 17:45:10 45056 ----a-w- c:\winxp\system32\newdll.dll 2012-07-12 17:31:32 -------- d-----w- c:\documents and settings\l337\application data\Screaming Bee 2012-07-12 17:20:29 1892184 ----a-w- c:\winxp\system32\D3DX9_42.dll 2012-07-12 17:20:22 2414360 ----a-w- c:\winxp\system32\d3dx9_31.dll 2012-07-12 17:12:04 7552 -c--a-w- c:\winxp\system32\dllcache\mskssrv.sys 2012-07-12 17:12:04 7552 ----a-w- c:\winxp\system32\drivers\MSKSSRV.sys 2012-07-12 17:12:03 4992 -c--a-w- c:\winxp\system32\dllcache\mspqm.sys 2012-07-12 17:12:03 4992 ----a-w- c:\winxp\system32\drivers\MSPQM.sys 2012-07-12 17:12:01 5376 -c--a-w- c:\winxp\system32\dllcache\mspclock.sys 2012-07-12 17:12:01 5376 ----a-w- c:\winxp\system32\drivers\MSPCLOCK.sys 2012-07-12 17:10:56 -------- d-----w- c:\documents and settings\all users.winxp\application data\Screaming Bee 2012-07-12 17:01:41 558133 ----a-w- c:\winxp\system32\sqlite3.dll 2012-07-12 16:58:46 26368 -c--a-w- c:\winxp\system32\dllcache\usbstor.sys 2012-07-12 16:28:18 22344 ----a-w- c:\winxp\system32\drivers\mbam.sys 2012-07-12 16:27:39 -------- d-----w- c:\documents and settings\l337\application data\Malwarebytes 2012-07-12 16:27:39 -------- d-----w- c:\documents and settings\all users.winxp\application data\Malwarebytes 2012-07-12 16:25:27 -------- d-----w- c:\documents and settings\l337\local settings\application data\Google 2012-07-12 16:25:27 -------- d-----w- c:\documents and settings\l337\local settings\application data\CRE 2012-07-12 16:25:23 -------- d-----w- c:\documents and settings\l337\local settings\application data\uTorrentControl2 2012-07-12 16:25:22 -------- d-----w- c:\documents and settings\l337\local settings\application data\Temp 2012-07-12 16:25:22 -------- d-----w- c:\documents and settings\l337\local settings\application data\Conduit 2012-07-12 16:25:21 -------- d-----w- c:\program files\uTorrentControl2 2012-07-12 16:24:47 -------- d-----w- c:\documents and settings\l337\application data\uTorrent 2012-07-12 16:20:55 40960 ------r- c:\winxp\system32\ChCfg.exe 2012-07-12 16:20:55 135168 ------r- c:\winxp\system32\RtlCPAPI.dll 2012-07-12 16:20:51 -------- d-sh--w- c:\documents and settings\l337\PrivacIE 2012-07-12 16:20:21 4096 -c--a-w- c:\winxp\system32\dllcache\ksuser.dll 2012-07-12 16:20:21 4096 ----a-w- c:\winxp\system32\ksuser.dll 2012-07-12 16:20:21 146048 -c--a-w- c:\winxp\system32\dllcache\portcls.sys 2012-07-12 16:20:21 146048 ----a-w- c:\winxp\system32\drivers\portcls.sys 2012-07-12 16:20:21 129536 ----a-w- c:\winxp\system32\ksproxy.ax 2012-07-12 16:20:20 60160 -c--a-w- c:\winxp\system32\dllcache\drmk.sys 2012-07-12 16:20:20 60160 ----a-w- c:\winxp\system32\drivers\drmk.sys 2012-07-12 16:18:36 487424 ------r- c:\winxp\RtlExUpd.dll 2012-07-12 16:18:15 229888 ----a-r- c:\winxp\system32\drivers\yk51x86.sys 2012-07-12 16:17:38 798720 ------w- c:\winxp\system32\autorun.exe 2012-07-12 16:12:45 31232 -c--a-w- c:\winxp\system32\dllcache\weitekp9.sys 2012-07-12 16:11:59 70656 -c--a-w- c:\winxp\system32\dllcache\korwbrkr.dll 2012-07-12 16:10:59 68608 -c--a-w- c:\winxp\system32\dllcache\isatq.dll 2012-07-12 16:08:53 -------- d-sh--w- c:\documents and settings\all users.winxp\DRM 2012-07-12 16:06:59 81920 -c--a-w- c:\winxp\system32\dllcache\ils.dll 2012-07-12 16:05:35 83968 ----a-w- c:\program files\messenger\msgsc.dll 2012-07-12 16:04:59 884712 ----a-w- c:\program files\msn\msncorefiles\install\msn9components\Digcore.exe 2012-07-11 11:26:34 -------- d-----w- c:\winxp\setup.pss 2012-07-11 11:26:20 -------- d-----w- c:\winxp\setupupd 2012-07-10 11:36:14 -------- d-----w- c:\program files\Vstplugins 2012-07-06 09:02:04 -------- d-----w- c:\program files\CCleaner 2012-06-25 12:01:05 -------- d-----w- c:\program files\1ClickDownload 2012-06-19 16:53:24 -------- d-----w- c:\program files\SecurityKISS Tunnel 2012-06-19 16:49:39 -------- d-----w- c:\program files\WinGate 2012-06-19 14:35:14 4967624 ----a-w- c:\program files\mozilla firefox\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll 2012-06-19 11:29:52 -------- d-----w- c:\program files\Oracle . ==================== Find3M ==================== . 2012-05-27 16:06:01 236504 ----a-w- c:\program files\AMVapp-uninst.exe 2012-01-24 11:50:20 442846 ----a-w- c:\program files\common files\WireHelpSvc.exe . ============= FINISH: 22:25:29.25 ===============
    • от ManUnited
      има ли някакви съмнения или всичко е ок ?не разбирам нищо Благодаря!
      hijack.rtf
  • Дарение

×

Информация

Поставихме бисквитки на устройството ви за най-добро потребителско изживяване. Можете да промените настройките си за бисквитки, или в противен случай приемаме, че сте съгласни с нашите условия за ползване.