Jump to content

Blowy

Потребител
  • Брой теми

    19
  • Регистрация

  • Последно посещение

Информация

  • Пол
    Мъж

Blowy's Achievements

Новобранец

Новобранец (1/14)

0

Репутация в общността

  1. Здравейте, на кратко не искам предложения за записване на програмки или такива като Hijack This... та да ми търсите проблем ЗАЩО? НЕ зарежда ОС-то. Искам просто да си заредя стария Win!!! Всичко започна така --- Реших да reinstall Windows, компа беше бавен и тнт Windows xp home edition... по време на "Copying installation files" ДЕМЕК СТЪПКА 2 ... по точно СЛЕД "Setup is starting Windows" се появява синият екран с грешка... RESTART-a не помага НАЙ-ВАЖНОТО е че и след като махна диска от устройството, предишният Windows НЕ стартира.. а след като натисна F1 да продължи пак излиза надписа "Indicating hardware's configuration" i ... "Setup... за windows", след което пак тая грешка... ИСКАМ да помогнете- кажете как да не се показва тоя екран и да стартира нормално Windows-a, че дори и стария... Фактически сега компа не ми стартира Windows, пробвах с F8 i menu-тата - AGAIN -> Blue screen с нов Windows CD - ПАК Blue screen BIOS - там къде мога да бръкна, та да се оправи... BIOS Phoenix ми е Да видя сега кой разбира ->>
  2. Здравейте, Проблема го оправих много просто. Дадох System restore и не се оплаквам. Нямаше и какво да губя. Просто исках да дам моето решение на проблема, ако някой има подобен след време Cya around
  3. Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:05:56, on 19.2.2009 г. Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Super Anti Spyware\SUPERAntiSpyware.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe D:\Program Files\HijackThis\RENAMED.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Reader\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [TalkAndWrite] C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program Files\Super Anti Spyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\Super Anti Spyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7581 bytes
  4. аз тоя линк никога не съм го посещавал btw НОД не е ли съвременна виж този линк може да ти помогне http://www.prevx.com/filenames/12355452152...UTOOL2EEXE.html Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:55:30, on 19.2.2009 г. Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe D:\Program Files\Super Anti Spyware\SUPERAntiSpyware.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Skype\Plugin Manager\skypePM.exe D:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Reader\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [TalkAndWrite] C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [sUPERAntiSpyware] D:\Program Files\Super Anti Spyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{DB03ADA2-E3CB-4199-AACA-9952289D7CEE}: NameServer = 80.253.54.10 80.253.48.5 O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: !SASWinLogon - D:\Program Files\Super Anti Spyware\SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7703 bytes
  5. right, ами това 19.2.2009 г. 11:26:13 IMON file - http://m00000.tripod.com/test.gif probably a variant of Win32/Statik application ANDY\And1 а държанието на компа си еее същото, само дет по-рядко се намесва новата връзка и повече се задържам онлине, но това е защото и давам опция да чака 10 мин преди следващ опит
  6. Ами появи се в папката, където са другите два още един фаил sdfgsfea.exe(не прави проблеми), който гледам е от Nero значи тоя регистър може да е бил негов. Иначе новата връзка си стой и продължава нахално да се опитва да се свърже + лепнах още 1 непознат файл и 1 вирусче, пратено в карантина
  7. >> ако обичате след като го изтеглите да го изтриетеSysInspector_ANDY_090218_2225.zip
  8. GMER 1.0.14.14536 - http://www.gmer.net Rootkit scan 2009-02-18 13:03:54 Windows 5.1.2600 Service Pack 2 ---- System - GMER 1.0.14 ---- SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwEnumerateKey [0xF75A85DC] SSDT a347bus.sys (Plug and Play BIOS Extension/ ) ZwEnumerateValueKey [0xF75B4120] ---- Devices - GMER 1.0.14 ---- Device \FileSystem\Ntfs \Ntfs 83B1A880 AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset ) ---- Modules - GMER 1.0.14 ---- Module _________ F750A000-F7522000 (98304 bytes) ---- EOF - GMER 1.0.14 ---- до вечерта
  9. е, проблемът си стой btw от вчера е
  10. и двете са c Updated virus definitions! Другото иска purchase :] SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/18/2009 at 12:18 PM Application Version : 4.25.1012 Core Rules Database Version : 3764 Trace Rules Database Version: 1725 Scan type : Complete Scan Total Scan Time : 00:30:45 Memory items scanned : 423 Memory threats detected : 0 Registry items scanned : 5248 Registry threats detected : 0 File items scanned : 19394 File threats detected : 1 Adware.Tracking Cookie C:\Documents and Settings\And1\Cookies\and1@counter.search[1].txt ------------------------ Malwarebytes' Anti-Malware 1.34 Database version: 1773 Windows 5.1.2600 Service Pack 2 18.2.2009 г. 12:12:11 mbam-log-2009-02-18 (12-12-11).txt Scan type: Quick Scan Objects scanned: 75896 Time elapsed: 9 minute(s), 21 second(s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 1 Registry Values Infected: 1 Registry Data Items Infected: 2 Folders Infected: 0 Files Infected: 10 Memory Processes Infected: (No malicious items detected) Memory Modules Infected: (No malicious items detected) Registry Keys Infected: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Software Notifier (Rogue.Multiple) -> Quarantined and deleted successfully. Registry Values Infected: HKEY_CURRENT_USER\Control Panel\Desktop\scrnsave.exe (Hijack.Wallpaper) -> Quarantined and deleted successfully. Registry Data Items Infected: HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispBackgroundPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System\NoDispScrSavPage (Hijack.DisplayProperties) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully. Folders Infected: (No malicious items detected) Files Infected: C:\Documents and Settings\And1\Local Settings\Temp\.tt1.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt2.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt3.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt4.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt5.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt7.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.tt9.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.ttB.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.ttD.tmp (Trojan.Downloader) -> Quarantined and deleted successfully. C:\Documents and Settings\And1\Local Settings\Temp\.ttF.tmp (Trojan.Downloader) -> Quarantined and deleted successfully.
  11. + показа порн сайтовете, но тях ги изтрих SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 02/18/2009 at 11:06 AM Application Version : 4.25.1012 Core Rules Database Version : 3716 Trace Rules Database Version: 1690 Scan type : Complete Scan Total Scan Time : 00:26:25 Memory items scanned : 416 Memory threats detected : 0 Registry items scanned : 5235 Registry threats detected : 0 File items scanned : 19378 File threats detected : 291 Adware.Tracking Cookie C:\Documents and Settings\And1\Cookies\and1@sitestats.ets[1].txt C:\Documents and Settings\And1\Cookies\and1@tacoda[3].txt C:\Documents and Settings\And1\Cookies\and1@clicktorrent[2].txt C:\Documents and Settings\And1\Cookies\and1@revsci[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.techguy[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.standartnews[1].txt C:\Documents and Settings\And1\Cookies\and1@www.teenchat[3].txt C:\Documents and Settings\And1\Cookies\and1@adultadworld[1].txt C:\Documents and Settings\And1\Cookies\and1@CAZEFNVM.txt C:\Documents and Settings\And1\Cookies\and1@adbrite[3].txt C:\Documents and Settings\And1\Cookies\and1@media6degrees[3].txt C:\Documents and Settings\And1\Cookies\and1@media.adrevolver[1].txt C:\Documents and Settings\And1\Cookies\and1@gjacket.adbureau[3].txt C:\Documents and Settings\And1\Cookies\and1@ad.adocean[1].txt C:\Documents and Settings\And1\Cookies\and1@nl.sitestat[10].txt C:\Documents and Settings\And1\Cookies\and1@ads.mediageeks[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.ibox[2].txt C:\Documents and Settings\And1\Cookies\and1@nl.sitestat[8].txt C:\Documents and Settings\And1\Cookies\and1@koleda.themes.medianet[1].txt C:\Documents and Settings\And1\Cookies\and1@collective-media[3].txt C:\Documents and Settings\And1\Cookies\and1@media.brandreachsys[2].txt C:\Documents and Settings\And1\Cookies\and1@server.cpmstar[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.madisonavenue[3].txt C:\Documents and Settings\And1\Cookies\and1@ads.city[1].txt C:\Documents and Settings\And1\Cookies\and1@ice.112.2o7[1].txt C:\Documents and Settings\And1\Cookies\and1@ad.orbitel[3].txt C:\Documents and Settings\And1\Cookies\and1@adrevolver[2].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[4].txt C:\Documents and Settings\And1\Cookies\and1@ehg-advertisementbv.hitbox[2].txt C:\Documents and Settings\And1\Cookies\and1@trafficmp[2].txt C:\Documents and Settings\And1\Cookies\and1@msnportal.112.2o7[1].txt C:\Documents and Settings\And1\Cookies\and1@realmedia[1].txt C:\Documents and Settings\And1\Cookies\and1@nl.sitestat[9].txt C:\Documents and Settings\And1\Cookies\and1@zedo[2].txt C:\Documents and Settings\And1\Cookies\and1@ad.yieldmanager[2].txt C:\Documents and Settings\And1\Cookies\and1@apmebf[2].txt C:\Documents and Settings\And1\Cookies\and1@ad.flux[3].txt C:\Documents and Settings\And1\Cookies\and1@rambler[1].txt C:\Documents and Settings\And1\Cookies\and1@counter.search[2].txt C:\Documents and Settings\And1\Cookies\and1@adv.helikon[2].txt C:\Documents and Settings\And1\Cookies\and1@burstnet[2].txt C:\Documents and Settings\And1\Cookies\and1@web-stat[2].txt C:\Documents and Settings\And1\Cookies\and1@www.essex.enquiries.uk[1].txt C:\Documents and Settings\And1\Cookies\and1@ad2.doublepimp[2].txt C:\Documents and Settings\And1\Cookies\and1@nl.sitestat[11].txt C:\Documents and Settings\And1\Cookies\and1@uk.sitestat[3].txt C:\Documents and Settings\And1\Cookies\and1@casalemedia[2].txt C:\Documents and Settings\And1\Cookies\and1@wmmediacorp[1].txt C:\Documents and Settings\And1\Cookies\and1@yadro[2].txt C:\Documents and Settings\And1\Cookies\and1@rem.rezonmedia[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.pop[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.cartoonnetwork[2].txt C:\Documents and Settings\And1\Cookies\and1@rotator.adjuggler[1].txt C:\Documents and Settings\And1\Cookies\and1@gamesbannernet[1].txt C:\Documents and Settings\And1\Cookies\and1@advertising[1].txt C:\Documents and Settings\And1\Cookies\and1@ehg-eset.hitbox[2].txt C:\Documents and Settings\And1\Cookies\and1@CA8PAPZX.txt C:\Documents and Settings\And1\Cookies\and1@ads.blizzard[1].txt C:\Documents and Settings\And1\Cookies\and1@atdmt[2].txt C:\Documents and Settings\And1\Cookies\and1@xiti[1].txt C:\Documents and Settings\And1\Cookies\and1@doubleclick[2].txt C:\Documents and Settings\And1\Cookies\and1@gametracker[3].txt C:\Documents and Settings\And1\Cookies\and1@www.trafficholder[2].txt C:\Documents and Settings\And1\Cookies\and1@www.emailfinderpro[1].txt C:\Documents and Settings\And1\Cookies\and1@adopt.specificclick[2].txt C:\Documents and Settings\And1\Cookies\and1@hotlog[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.mucunki[1].txt C:\Documents and Settings\And1\Cookies\and1@statcounter[1].txt C:\Documents and Settings\And1\Cookies\and1@interclick[2].txt C:\Documents and Settings\And1\Cookies\and1@grantfinder[2].txt C:\Documents and Settings\And1\Cookies\and1@at.atwola[2].txt C:\Documents and Settings\And1\Cookies\and1@questionmarket[1].txt C:\Documents and Settings\And1\Cookies\and1@game-advertising-online[1].txt C:\Documents and Settings\And1\Cookies\and1@rm.yieldmanager[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.bridgetrack[2].txt C:\Documents and Settings\And1\Cookies\and1@imrworldwide[2].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[6].txt C:\Documents and Settings\And1\Cookies\and1@serving-sys[2].txt C:\Documents and Settings\And1\Cookies\and1@advert.technews[2].txt C:\Documents and Settings\And1\Cookies\and1@CA7JZDEL.txt C:\Documents and Settings\And1\Cookies\and1@bluestreak[2].txt C:\Documents and Settings\And1\Cookies\and1@content.yieldmanager.edgesuite[2].txt C:\Documents and Settings\And1\Cookies\and1@fulltraffic[1].txt C:\Documents and Settings\And1\Cookies\and1@fastclick[1].txt C:\Documents and Settings\And1\Cookies\and1@metacafe.122.2o7[1].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[7].txt C:\Documents and Settings\And1\Cookies\and1@ads.pointroll[2].txt C:\Documents and Settings\And1\Cookies\and1@1.sharkadnetwork[2].txt C:\Documents and Settings\And1\Cookies\and1@mediaplex[1].txt C:\Documents and Settings\And1\Cookies\and1@uk.sitestat[2].txt C:\Documents and Settings\And1\Cookies\and1@list[1].txt C:\Documents and Settings\And1\Cookies\and1@tripod[2].txt C:\Documents and Settings\And1\Cookies\and1@ad.httpool[1].txt C:\Documents and Settings\And1\Cookies\and1@ehg-foxsports.hitbox[1].txt C:\Documents and Settings\And1\Cookies\and1@clickaider[2].txt C:\Documents and Settings\And1\Cookies\and1@bs.serving-sys[1].txt C:\Documents and Settings\And1\Cookies\and1@specificmedia[2].txt C:\Documents and Settings\And1\Cookies\and1@adserver.filefront[2].txt C:\Documents and Settings\And1\Cookies\and1@googleadservices[1].txt C:\Documents and Settings\And1\Cookies\and1@nielsen.112.2o7[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.adap[1].txt C:\Documents and Settings\And1\Cookies\and1@server.iad.liveperson[1].txt C:\Documents and Settings\And1\Cookies\and1@cgm.adbureau[3].txt C:\Documents and Settings\And1\Cookies\and1@adbureau[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.gamesbannernet[2].txt C:\Documents and Settings\And1\Cookies\and1@adtech[1].txt C:\Documents and Settings\And1\Cookies\and1@hitbox[1].txt C:\Documents and Settings\And1\Cookies\and1@www.clickmanage[2].txt C:\Documents and Settings\And1\Cookies\and1@imagevenue.advertserve[2].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[8].txt C:\Documents and Settings\And1\Cookies\and1@content.yieldmanager[2].txt C:\Documents and Settings\And1\Cookies\and1@content.yieldmanager[3].txt C:\Documents and Settings\And1\Cookies\and1@emailfinderpro[2].txt C:\Documents and Settings\And1\Cookies\and1@CATEC0JQ.txt C:\Documents and Settings\And1\Cookies\and1@media.exchange[3].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[5].txt C:\Documents and Settings\And1\Cookies\and1@stat.onestat[2].txt C:\Documents and Settings\And1\Cookies\and1@CAVVGNLW.txt C:\Documents and Settings\And1\Cookies\and1@web4.realtracker[1].txt C:\Documents and Settings\And1\Cookies\and1@revenue[2].txt C:\Documents and Settings\And1\Cookies\and1@www.addfreestats[1].txt C:\Documents and Settings\And1\Cookies\and1@tribalfusion[1].txt C:\Documents and Settings\And1\Cookies\and1@teenchat[2].txt C:\Documents and Settings\And1\Cookies\and1@statse.webtrendslive[1].txt C:\Documents and Settings\And1\Cookies\and1@windowsmedia[2].txt C:\Documents and Settings\And1\Cookies\and1@ehg-legonewyorkinc.hitbox[2].txt C:\Documents and Settings\And1\Cookies\and1@2o7[1].txt C:\Documents and Settings\And1\Cookies\and1@specificclick[2].txt C:\Documents and Settings\And1\Cookies\and1@adserver.adtechus[1].txt C:\Documents and Settings\And1\Cookies\and1@server.cpmstar[1].txt C:\Documents and Settings\And1\Cookies\and1@collective-media[2].txt C:\Documents and Settings\And1\Cookies\and1@adopt.euroclick[2].txt C:\Documents and Settings\And1\Cookies\and1@incentaclick[2].txt C:\Documents and Settings\And1\Cookies\and1@www.incentaclick[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.kaldata[2].txt C:\Documents and Settings\And1\Cookies\and1@clickaider[1].txt C:\Documents and Settings\And1\Cookies\and1@gjacket.adbureau[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.realtechnetwork[2].txt C:\Documents and Settings\And1\Cookies\and1@italianfriendfinder[2].txt C:\Documents and Settings\And1\Cookies\and1@adv.gamerzhut[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.fresh[1].txt C:\Documents and Settings\And1\Cookies\and1@adserver.filefront[1].txt C:\Documents and Settings\And1\Cookies\and1@friendfinder[1].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[3].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[1].txt C:\Documents and Settings\And1\Cookies\and1@www.googleadservices[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.mobygames[1].txt C:\Documents and Settings\And1\Cookies\and1@media.exchange[2].txt C:\Documents and Settings\And1\Cookies\and1@chokertraffic[2].txt C:\Documents and Settings\And1\Cookies\and1@adserver2.spele[2].txt C:\Documents and Settings\And1\Cookies\and1@insightexpressai[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.cartoonnetwork[1].txt C:\Documents and Settings\And1\Cookies\and1@www.fpctraffic2[2].txt C:\Documents and Settings\And1\Cookies\and1@media6degrees[1].txt C:\Documents and Settings\And1\Cookies\and1@teenproblem[2].txt C:\Documents and Settings\And1\Cookies\and1@www.teenchat[1].txt C:\Documents and Settings\And1\Cookies\and1@ad.mp-gamer[2].txt C:\Documents and Settings\And1\Cookies\and1@www.teenproblem[1].txt C:\Documents and Settings\And1\Cookies\and1@trafficshop[2].txt C:\Documents and Settings\And1\Cookies\and1@ads.clicksor[2].txt C:\Documents and Settings\And1\Cookies\and1@gametracker[2].txt C:\Documents and Settings\And1\Cookies\and1@adultadworld[2].txt C:\Documents and Settings\And1\Cookies\and1@toplist[3].txt C:\Documents and Settings\And1\Cookies\and1@toplist[1].txt C:\Documents and Settings\And1\Cookies\and1@adultfriendfinder[2].txt C:\Documents and Settings\And1\Cookies\and1@ad.yieldmanager[1].txt C:\Documents and Settings\And1\Cookies\and1@ad.orbitel[1].txt C:\Documents and Settings\And1\Cookies\and1@zanox[2].txt C:\Documents and Settings\And1\Cookies\and1@ad.biscom[1].txt C:\Documents and Settings\And1\Cookies\and1@account.live[1].txt C:\Documents and Settings\And1\Cookies\and1@track.webtrekk[1].txt C:\Documents and Settings\And1\Cookies\and1@ad.flux[1].txt C:\Documents and Settings\And1\Cookies\and1@ad2.bbmedia[2].txt C:\Documents and Settings\And1\Cookies\and1@ad2.doublepimp[1].txt C:\Documents and Settings\And1\Cookies\and1@adbrite[1].txt C:\Documents and Settings\And1\Cookies\and1@adfarm1.adition[1].txt C:\Documents and Settings\And1\Cookies\and1@adinterax[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.madisonavenue[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.ibox[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.icepique[1].txt C:\Documents and Settings\And1\Cookies\and1@ads.revsci[1].txt C:\Documents and Settings\And1\Cookies\and1@cgm.adbureau[1].txt C:\Documents and Settings\And1\Cookies\and1@counter.search[1].txt C:\Documents and Settings\And1\Cookies\and1@myroitracking[1].txt C:\Documents and Settings\And1\Cookies\and1@prospect.adbureau[2].txt C:\Documents and Settings\And1\Cookies\and1@revsci[1].txt C:\Documents and Settings\And1\Cookies\and1@sitestats.ets[2].txt C:\Documents and Settings\And1\Cookies\and1@stats.adbrite[1].txt C:\Documents and Settings\And1\Cookies\and1@tacoda[2].txt C:\Documents and Settings\And1\Cookies\and1@viacom.adbureau[2].txt C:\Documents and Settings\And1\Cookies\and1@www.trafficholder[1].txt C:\Documents and Settings\And1\Cookies\and1@www.trafficshops[2].txt C:\Documents and Settings\gaby\Cookies\gaby@yadro[2].txt
  12. Вече сложих лог файла, трие се, но се създава самичка автоматично под името "i-connection" трия и двата фаила в директорията, но след време се появяват пак
  13. Windows XP Media Center Edition + SP 2 English version Category view mi e Control Panel Ако искаш да търсиш дали тия вирусчета са в лога, май ги няма като процеси loga e ---------- Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:00:48, on 17.2.2009 г. Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\csrss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Eset\nod32krn.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\ehome\ehtray.exe C:\Program Files\Eset\nod32kui.exe C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\vsnpstd3.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\System32\alg.exe C:\WINDOWS\eHome\ehmsas.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLLoginProxy.exe C:\Program Files\Internet Explorer\iexplore.exe D:\Program Files\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://runonce.msn.com/?v=msgrv75 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Reader\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file) O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.0.926.3450\swg.dll O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe" O4 - HKLM\..\Run: [TalkAndWrite] C:\Documents and Settings\All Users\Application Data\Skype\Plugins\Plugins\1163D2B46CC742E5A3CC9E4157887751\TalkAndWrite.exe /run O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [lphcceqj0ejfr] C:\WINDOWS\system32\lphcceqj0ejfr.exe O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM\..\Run: [synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe" O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe" -quiet O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - http://www.nvidia.com/content/DriverDownlo.../sysreqlab2.cab O16 - DPF: {74DBCB52-F298-4110-951D-AD2FF67BC8AB} (NVIDIA Smart Scan) - http://www.nvidia.com/content/DriverDownlo...iaSmartScan.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/pub/shock...ash/swflash.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe -- End of file - 7533 bytes
  14. Здрасти , помогнете по следния проблем: kshd.exe vdshd.exe ми създават нова интернет връзка и когато се свържа към нет-а, след няколко секунди ме дисконектва и новата връзка се опитва да се свърже, но не може. Това постоянно ме дисконектва и трябва да се свързвам много често. До колкото разбрах т'ва не са вируси ? Имам Security Task Manager, която ги открива, трие, но без да рестартирам компа пак се появяват следните файлове в папка C:\Documents and Settings\User\*.exe Сега като пиша, не ми спира връзката, но може би защото се бъгна и ми дава само грешки. Сигурен съм, че от следващото пускане на компа пак ще ме изключва от нет-а. ----------------------- Забелязах, че тва се появи, след като ползвах моята флашка/мп3/. Като я изкарах от USB се бъгна, да не е вирус?
  15. То компа си е добър, преди всичко си вървеше .. Ами първо, имам старите драйвъри, които ги дават с компа, но сиг. са прекалено стари преди месеци бях изтеглил следния драйвър: 93.71_forceware_winxp2k_english_whql.exe и скоро този, който изглежда е най-новия... Product NVIDIA GeForce FX 5500 Current Installed Driver 169.21 Recommended Driver Your PC currently has the latest driver installed for your GPU. No driver update is necessary at this time. името му е 169.21_forceware_winxp_32bit_english_whql.exe
×
×
  • Създай ново...