Премахват ли се вирусите при преинсталиране на компютъра?

yordanp · Септември 11, 2008

Здравейте, компа ми работи суупер бавно, интернета също, някой от функциите му не работят, ясно е че имам вируси. Тъй-като имам касперски и го пуснах да сканира откри ми някви троянци и други подобни- изтрих ги, но въпреки това няма промени, даже май е по-зле. Та и въпроса ми е дали, ако се преинсталира компа ще се изчистят всички гадини, или ще трябва да търся някаква друга алтернатива?

Night_Raven · Септември 11, 2008

Ако преинсталираш Windows с форматиране на системния дял, заплахите трябва да изчезнат. И все пак това обикновено е крайната мярка, когато нищо друго не помага.

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

Изтегли Autoruns, след това стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft Entries;

2) кликни File -> Refresh;

3) кликни File -> Export...;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

yordanp · Септември 11, 2008

file-hijackthis.log

Logfile of HijackThis v1.99.1

Scan saved at 13:20:16, on 11.9.2008 г.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\WINDOWS\system32\oodag.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\Program Files\Crypto\AccessRunner ADSL\CnxDslTb.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Kana Launcher\Launcher.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\Jordan\Desktop\alabala\alabala.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - C:\Program Files\Mail.Ru\Agent\Mra\dll\newmrasearch.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: D - {2560EC68-2FF4-39DF-8AA6-D1654D543DB2} - C:\WINDOWS\system32\mmx98863.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll

O2 - BHO: (no name) - {5AF9D01A-4D94-46BA-9B08-472018CA8CCC} - C:\WINDOWS\system32\yaywtTjK.dll

O2 - BHO: (no name) - {F22B7E8D-83B6-4369-A6B6-35312541D85F} - C:\WINDOWS\system32\mlJbccbc.dll

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"

O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Crypto\AccessRunner ADSL\CnxDslTb.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [\YUR78.exe] C:\Windows\system32\YUR78.exe

O4 - HKLM\..\Run: [\YUR7D.exe] C:\Windows\system32\YUR7D.exe

O4 - HKLM\..\Run: [\YUR7E.exe] C:\Windows\system32\YUR7E.exe

O4 - HKLM\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe

O4 - HKLM\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe

O4 - HKLM\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe

O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto

O4 - HKLM\..\Run: [1c5ccb79] rundll32.exe "C:\WINDOWS\system32\yjbpsuut.dll",b

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Kana Launcher] C:\Program Files\Kana Launcher\Launcher.exe

O4 - HKCU\..\Run: [\YUR78.exe] C:\Windows\system32\YUR78.exe

O4 - HKCU\..\Run: [\YUR7D.exe] C:\Windows\system32\YUR7D.exe

O4 - HKCU\..\Run: [\YUR7E.exe] C:\Windows\system32\YUR7E.exe

O4 - HKCU\..\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe

O4 - HKCU\..\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe

O4 - HKCU\..\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present

O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm

O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm

O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Web Anti-Virus statistics - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O11 - Options group: [iNTERNATIONAL] International*

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windowsupd...b?1211125045855

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} -

O17 - HKLM\System\CCS\Services\Tcpip\..\{E01BE598-CFF2-4A8E-ADB3-CFE940B64CF4}: NameServer = 193.92.150.3 194.219.227.2

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing)

O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll

O20 - Winlogon Notify: mlJbccbc - C:\WINDOWS\SYSTEM32\mlJbccbc.dll

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll

O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Unknown owner - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe" -r (file missing)

O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: wampapache - Unknown owner - c:\wamp\bin\apache\apache2.2.6\bin\httpd.exe" -k runservice (file missing)

O23 - Service: wampmysqld - Unknown owner - c:\wamp\bin\mysql\mysql5.0.45\bin\mysqld-nt.exe

Night_Raven · Септември 11, 2008

Моля, пусни LOG от Autoruns както съм инструктирал - скрий обектите на Microsoft.

yordanp · Септември 11, 2008

Моля, пусни LOG от Autoruns както съм инструктирал - скрий обектите на Microsoft.

File-AutoRuns.txt

HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run

+ 1c5ccb79 c:\windows\system32\yjbpsuut.dll

+ \YUR1.exe File not found: C:\Windows\system32\YUR1.exe

+ \YUR2.exe File not found: C:\Windows\system32\YUR2.exe

+ \YUR3.exe File not found: C:\Windows\system32\YUR3.exe

+ \YUR78.exe File not found: C:\Windows\system32\YUR78.exe

+ \YUR7D.exe File not found: C:\Windows\system32\YUR7D.exe

+ \YUR7E.exe File not found: C:\Windows\system32\YUR7E.exe

+ AVP Kaspersky Anti-Virus Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe

+ CnxDslTaskBar TaskBar Application Conexant Systems Inc. c:\program files\crypto\accessrunner adsl\cnxdsltb.exe

+ SoundMan Realtek Sound Manager Realtek Semiconductor Corp. c:\windows\soundman.exe

HKCU\Software\Microsoft\Windows\CurrentVersion\Run

+ \YUR1.exe File not found: C:\Windows\system32\YUR1.exe

+ \YUR2.exe File not found: C:\Windows\system32\YUR2.exe

+ \YUR3.exe File not found: C:\Windows\system32\YUR3.exe

+ \YUR78.exe File not found: C:\Windows\system32\YUR78.exe

+ \YUR7D.exe File not found: C:\Windows\system32\YUR7D.exe

+ \YUR7E.exe File not found: C:\Windows\system32\YUR7E.exe

+ Kana Launcher Program launcher Kana Solution c:\program files\kana launcher\launcher.exe

HKLM\SOFTWARE\Classes\Protocols\Handler

+ skype4com Skype for COM API Skype Technologies c:\program files\common files\skype\skype4com.dll

HKCU\SOFTWARE\Microsoft\Internet Explorer\Desktop\Components

+ 0 File not found: About:Home

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks

+ mljbccbc.dll c:\windows\system32\mljbccbc.dll

HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers

+ ALZip ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

+ Kaspersky Anti-Virus Windows Shell Extension Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\shellex.dll

+ MagicISO MagicISO Shell Extension Module MagicISO, Inc. c:\program files\magiciso\misosh.dll

+ MRACMenu c:\program files\mail.ru\agent\mra\dll\mramenu.dll

HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers

+ ALZip ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

+ MagicISO MagicISO Shell Extension Module MagicISO, Inc. c:\program files\magiciso\misosh.dll

HKLM\Software\Classes\Directory\Shellex\DragDropHandlers

+ ALZip ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

HKLM\Software\Classes\Folder\Shellex\ColumnHandlers

+ PDF Shell Extension PDF Shell Extension Adobe Systems, Inc. c:\program files\adobe\acrobat 7.0\activex\pdfshell.dll

HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers

+ ALZip ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

+ ImageResizer ImageResizer Shell Extension VSO Software c:\program files\vso\image resizer\rszshell.dll

+ Kaspersky Anti-Virus Windows Shell Extension Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\shellex.dll

+ MagicISO MagicISO Shell Extension Module MagicISO, Inc. c:\program files\magiciso\misosh.dll

HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers

+ ACE ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

+ ALZip ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved

+ ALZip 4.0 Context Menu Shell Extension ALZip ContextMenu Module ESTsoft c:\program files\estsoft\alzip\azctm.dll

+ Catalyst Context Menu extension ACE Context Menu c:\program files\ati technologies\ati.ace\atiacmxx.dll

+ Display Panning CPL Extension File not found: deskpan.dll

+ HyperTerminal Icon Ext HyperTerminal Applet Library Hilgraeve, Inc. c:\windows\system32\hticons.dll

+ Shell Extensions for RealOne Player RealPlayer Shell Extensions RealNetworks, Inc. c:\program files\k-lite codec pack\real\rpshell.dll

+ UnlockerShellExtension c:\program files\unlocker\unlockercom.dll

+ Web Anti-Virus statistics Script Monitor Internet Explorer plugin Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\scieplgn.dll

HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects

+ Adobe PDF Reader Link Helper Adobe Acrobat IE Helper Version 7.0 for ActiveX Adobe Systems Incorporated c:\program files\adobe\acrobat 7.0\activex\acroiehelper.dll

+ BitComet Helper BitCometBHO BitComet c:\program files\bitcomet\tools\bitcometbho_1.1.3.28.dll

+ {5AF9D01A-4D94-46BA-9B08-472018CA8CCC} c:\windows\system32\yaywttjk.dll

+ {F22B7E8D-83B6-4369-A6B6-35312541D85F} c:\windows\system32\mljbccbc.dll

HKCU\Software\Microsoft\Internet Explorer\UrlSearchHooks

+ newmrasearch.dll File not found: C:\Program Files\Mail.Ru\Agent\Mra\dll\newmrasearch.dll

HKLM\System\CurrentControlSet\Services

+ Ati HotKey Poller ATI External Event Utility EXE Module ATI Technologies Inc. c:\windows\system32\ati2evxx.exe

+ ATI Smart ATI Smart c:\windows\system32\ati2sgag.exe

+ AVP Provides protection against computer viruses and another dangerous software. Kaspersky Lab c:\program files\kaspersky lab\kaspersky anti-virus 7.0\avp.exe

+ O&O Defrag O&O Defragmentation Service O&O Software GmbH c:\windows\system32\oodag.exe

HKLM\System\CurrentControlSet\Services

+ ALCXWDM Realtek AC'97 Audio Driver (WDM) Realtek Semiconductor Corp. c:\windows\system32\drivers\alcxwdm.sys

+ AmdPPM AMD Processor Driver Advanced Micro Devices c:\windows\system32\drivers\amdppm.sys

+ ati2mtag ATI Radeon WindowsNT Miniport Driver ATI Technologies Inc. c:\windows\system32\drivers\ati2mtag.sys

+ Changer File not found: C:\WINDOWS\System32\Drivers\Changer.sys

+ CnxEtP Conexant USB WDM Conexant c:\windows\system32\drivers\cnxetp.sys

+ CnxEtU Conexant USB WDM Conexant c:\windows\system32\drivers\cnxetu.sys

+ CnxTgN NDIS 5.0 WAN driver for PCI ADSL adapter Conexant Systems Inc. c:\windows\system32\drivers\cnxtgn.sys

+ ctsfm2k SoundFont® Manager (WDM) Creative Technology Ltd c:\windows\system32\drivers\ctsfm2k.sys

+ EL90X File not found: system32\DRIVERS\el90xnd5.sys

+ FileDisk FileDisk Virtual Disk Driver iolo technologies, LLC (based on original work by Bo Branten) c:\windows\system32\drivers\filedisk.sys

+ i2omgmt File not found: C:\WINDOWS\System32\Drivers\i2omgmt.sys

+ kl1 Kl1 Kaspersky Lab c:\windows\system32\drivers\kl1.sys

+ klif Klif Kaspersky Lab c:\windows\system32\drivers\klif.sys

+ klim5 Kaspersky Lab Intermediate Network Driver Kaspersky Lab c:\windows\system32\drivers\klim5.sys

+ lbrtfdc File not found: C:\WINDOWS\System32\Drivers\lbrtfdc.sys

+ MTsensor ATK0110 ACPI Utility c:\windows\system32\drivers\asacpi.sys

+ NVENETFD NVIDIA Networking Function Driver. NVIDIA Corporation c:\windows\system32\drivers\nvenetfd.sys

+ nvnetbus NVIDIA Networking Bus Driver. NVIDIA Corporation c:\windows\system32\drivers\nvnetbus.sys

+ ossrv Creative OS Services Driver (WDM) Creative Technology Ltd. c:\windows\system32\drivers\ctoss2k.sys

+ P17 File not found: system32\drivers\P17.sys

+ PCIDump File not found: C:\WINDOWS\System32\Drivers\PCIDump.sys

+ PDCOMP File not found: C:\WINDOWS\System32\Drivers\PDCOMP.sys

+ PDFRAME File not found: C:\WINDOWS\System32\Drivers\PDFRAME.sys

+ PDRELI File not found: C:\WINDOWS\System32\Drivers\PDRELI.sys

+ PDRFRAME File not found: C:\WINDOWS\System32\Drivers\PDRFRAME.sys

+ pfc Padus® ASPI Shell Padus, Inc. c:\windows\system32\drivers\pfc.sys

+ Ptilink Direct Parallel Link Driver Parallel Technologies, Inc. c:\windows\system32\drivers\ptilink.sys

+ PxHelp20 Px Engine Device Driver for Windows 2000/XP Sonic Solutions c:\windows\system32\drivers\pxhelp20.sys

+ Secdrv SafeDisc driver Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. c:\windows\system32\drivers\secdrv.sys

+ ssm_bus Samsung Mobile USB Device II 1.0 Driver MCCI c:\windows\system32\drivers\ssm_bus.sys

+ ssm_mdm Samsung Mobile USB Port II 1.0 Drivers MCCI c:\windows\system32\drivers\ssm_mdm.sys

+ WDICA File not found: C:\WINDOWS\System32\Drivers\WDICA.sys

HKLM\System\CurrentControlSet\Control\Session Manager\BootExecute

+ OODBS O&O BootTimeDefrag O&O Software GmbH c:\windows\system32\oodbs.exe

HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify

+ AtiExtEvent ATI External Event Utility DLL Module ATI Technologies Inc. c:\windows\system32\ati2evxx.dll

+ klogon Logon Visualizer Kaspersky Lab c:\windows\system32\klogon.dll

+ mlJbccbc c:\windows\system32\mljbccbc.dll

HKLM\SYSTEM\CurrentControlSet\Control\Lsa\Authentication Packages

+ C:\WINDOWS\system32\yaywtTjK c:\windows\system32\yaywttjk.dll

Night_Raven · Септември 11, 2008

Лошо! Има доооста проблемни обекти.

Изтегли SUPERAntiSpyware Free и Malwarebytes' Anti-Malware, обнови ги преди да сканираш и след това сканирай. Ето как:

- в SUPERAntiSpyware кликни Scan your Computer, вляво избери дял C:, вдясно кликни Perform Complete Scan и накрая кликни Next, за да започне сканирането. Премахни всички обекти, които програмата открие.

- в Malwarebytes' Anti-Malware избери Perform quick scan и кликни бутон Scan. Също премахни всички открити обекти.

След това рестартирай и направи това:

Изтегли HijackThis 1.99.1 (213KB), която съм преименувал нарочно, стартирай я и кликни Do a system scan and save a logfile. Това ще създаде текстов файл в същата папка. Копирай съдържанието му тук или прикачи файла към темата, както ти е по-удобно.

Изтегли Autoruns, след това стартирай програмата и направи следното:

1) избери Options -> Hide Microsoft and Windows Entries;

2) кликни File -> Refresh;

3) кликни File -> Export...;

4) запази файла някъде и след това го прикачи към темата или му копирай съдържанието.

yordanp · Септември 11, 2008

hijackthis.log

Logfile of HijackThis v1.99.1

Scan saved at 15:32:35, on 11.9.2008 г.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\WINDOWS\system32\oodag.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe

C:\Program Files\Crypto\AccessRunner ADSL\CnxDslTb.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Kana Launcher\Launcher.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\system32\wscntfy.exe

C:\WINDOWS\System32\svchost.exe

C:\Documents and Settings\Jordan\Desktop\alabala\alabala.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.bg/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R3 - URLSearchHook: (no name) - {83821C2B-32A8-4DD7-B6D4-44309A78E668} - C:\Program Files\Mail.Ru\Agent\Mra\dll\newmrasearch.dll (file missing)

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll

O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe"

O4 - HKLM\..\Run: [CnxDslTaskBar] "C:\Program Files\Crypto\AccessRunner ADSL\CnxDslTb.exe"

O4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [Kana Launcher] C:\Program Files\Kana Launcher\Launcher.exe

O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe