silviq2

Ами понеже няма кой да ми помогне, преинсталирах компютъа. Проблемът със самоизключващият се външен диск е решен. Проблемът със вторият диск остава същият. Все пак ако някой може да ме посъветва относно него, ще ви бъда много благодарна.

Здравейте От няколко дни имам поблем с външен твърд диск Seagate FreeAgent Drive 500 gb. С операционна система Windows 7 Ultimate съм. Проблемът се появи отскоро. Дискът го имам от 4 години. Стартирам уиндовса и всичко е наред, а след няколко минути външният диск се самоизключва. Първо си помислих че се е скапал, но го изпробвах на лаптопа и си работеше в продължение на часове, без никакъв проблем. Включвайки го отново на моят компютър, проблемът си беше същият. Просто изведнъж изчезва от разделът 'Моят компютър'. Пробвах да сменя USB-то, но пак същото. Може би тук е мястото да спомена, че имам проблем и с вторият ми външен диск-същият модел, но 1 терабайт. Той пък ми създава проблеми при стартирането на компютъра. По-точно, когато е включен в USB-то, компютърът изобщо не се стартира, а замръзва още с първоначалния екран, преди стартиращият екран. Вече от една година, за да си включа компютъра, вадя втория външен диск от USB-то и когато компютърът ми е стартиран го включвам. Ето че и при двата външни диска имам проблеми, макар и различни по естество. Стигам до извода, че проблема е в компютъра ми. Интересното е, че включвайки 2 диска на много по-старият ми и немощен компютър, дисковете си работят едновременно и двата нормално. А при настоящият ми-нито един. Много ви моля, помонете ми! Ако желаете други данни, пишете какво е нужно да пиша още, тъй като не съм много наясно. Благодаря ви предварително!

Здравейте отново. В крайна сметка разреших проблема.Оказа се, че Digital Audio (S/PDIF) не е бил подходящият драйвър. Изтеглих SoundMax Integrated HD Audio и го зададох като основен, а по-първият го деактивирах.Сега няма проблем, всичко е на ред със звука.Реших да ви пиша, ако на някой му се случи.

Опитах да го заменя,както съм писала по-горе, но нямаше никаква промяна.Може би нещо не правя както трябва?

Здравейте! Вчера преинсталирах компютъра си, който беше с OS Windows XP ,а сега го смених с Windows 7 Ultimate.Проблемът ми обаче е следният: не възпроизвежда звук.Единственият плейър, който добавих е Winamp,има си и вграденият Windows Media Player.Когато пускам видеофайл, се възпроизвежда само картината.Когато пусна песен,единствено виждам че песента си върви, все едно е всичко нормално.Пробвах и други аудиоформати-пак същото.В опцията "Устройство за възпроизвеждане" в трея(долу в дясно) ми изписва Digital Audio (S/PDIF).При многократните ми опити за "отстраняване на проблеми със звука", ми изписва че всички устройства работят правилно.Изтеглих дори "AMDCoolnQuiet Utility V21801 XPVistaWin7" и пробвах да заменя с него, но нищо не се получава,след рестартирането пак си остава името само на предишното звуково устройство.Уиндоусът ми не е самоделка.Инталирахме го и на лаптоп преди месец и все още си е перфектен.Къде да търся проблемът? Много ви моля, помогнете! Вече се отчаях напълно! Благодаря ви предварително!

В крайна сметка реших проблема си.Инсталирах flash player 10 active x и всичко проработи нормално.Благодаря Night Raven.

Установих че не ми вървят клипчетата в YouTube,пише да инсталирам Flash Player.Ами аз съм го инсталирала.Какво става,какво да правя?

Здравейте! Обръщам се към вас за помощ тъй като незнам какво да правя.Проблемът ми е следният: От 1 година използвам програмата "Sothink Web Video Downloader" без проблем.От 4 дни насам не ми работи и тъй като се стартираше с Уиндоус,още при стартирането ми вади надпис че имам стара версия на Flash Player ActiveX Control Реших че нещо се е повредила,затова я деинсталирах,изтеглих по-нова версия на Sothink и пак я инсталирах,но няма промяна.Преинсталирах и Flash Player,свалих последната му версия.Незнам какво друго да правя,моля помогнете ми! П.П. Скоро инсталирах TuneUp Utilities 2009,да не би с него нещо да съм блокирала?

A впрочем забравих да сложа резултатите от последния доклад на ComboFix.Пращам ги като прикачен файл,тъй като списъкът е доста дълъг. Ако се налага да правя още нещо кажете ми и прощавайте за некопетентността ми! Относно Autorun функцията за флаш устройствата,не нямам представа как се спира,кажете ми моля. Log2.txt

Готово,направих всичко необходимо.Флашки нямам,ако не броим Интернета ми който е Мобилен и е с флашка.Веднъж един познат си сваля файлове от компютъра ми с флашка,така че е възможно да е от там,незная.Благодаря изключително много за помощтта,за съветите на Night Raven и се надявам цялата тази тема да бъде полезна и на други потребители с подобен или същия проблем.Пожелавам обаче: на никого дано не се налага! Успех на всички!

Да,разбира се,изчаквам.Доколкото виждам основният проблем е премахнат най-после!

Eто резултатите: ComboFix 09-05-11.01 - Elenh 05/12/2009 10:59.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1251.359.1033.18.1023.560 [GMT 3:00] Running from: c:\documents and settings\Elenh\desktop\combofix.exe Command switches used :: /killall AV: avast! antivirus 4.8.1335 [VPS 090511-0] *On-access scanning disabled* (Updated) AV: Bitdefender Antivirus *On-access scanning enabled* (Updated) FW: Bitdefender Firewall *enabled* WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !! . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr0.dat c:\documents and settings\All Users\Application Data\Microsoft\Network\Downloader\qmgr1.dat c:\documents and settings\Elenh\Application Data\.# c:\documents and settings\Elenh\Application Data\Adobe\crc.dat c:\documents and settings\Elenh\Application Data\inst.exe c:\documents and settings\Elenh\x.exe c:\windows\system32\drivers\80a0add6.sys c:\windows\system32\hwqsalkf.ini c:\windows\system32\vGgPVvut.ini c:\windows\system32\vGgPVvut.ini2 c:\windows\system32\vvutCcfe.ini c:\windows\system32\vvutCcfe.ini2 c:\windows\system32\xvid-uninstall.exe c:\windows\system32\yuduumog.ini ----- BITS: Possible infected sites ----- hxxp://updateserver.info . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_ICF -------\Legacy_TDSSSERV -------\Service_80a0add6 -------\Service_seneka -------\Service_TDSSserv ((((((((((((((((((((((((( Files Created from 2009-04-12 to 2009-05-12 ))))))))))))))))))))))))))))))) . 2009-05-11 22:58 . 2009-05-11 22:58 -------- d-----w c:\program files\4shared Desktop 2009-05-11 22:40 . 2009-05-11 22:40 -------- d-----w c:\documents and settings\Elenh\Application Data\InfraRecorder 2009-05-11 22:40 . 2009-05-11 22:40 -------- d-----w c:\program files\Firegraphic 10 2009-05-11 15:01 . 2009-05-11 15:01 -------- d-----w c:\program files\SUPERAntiSpyware 2009-05-11 15:01 . 2009-05-11 15:01 -------- d-----w c:\program files\Common Files\Wise Installation Wizard 2009-05-11 13:35 . 2009-05-11 13:35 -------- d-----w c:\documents and settings\multiskype\Local Settings\Application Data\isoHunt 2009-05-11 13:35 . 2009-05-11 13:35 -------- d-----w c:\documents and settings\multiskype\Local Settings\Application Data\bananabg 2009-05-11 13:34 . 2009-05-11 13:34 -------- d-----w c:\documents and settings\multiskype\Application Data\HiYo 2009-05-11 13:34 . 2009-05-11 13:34 -------- d-----w c:\documents and settings\multiskype\Application Data\AltrixSoft 2009-05-10 20:46 . 2009-05-10 20:47 -------- d-----w c:\program files\YADA 2009-05-09 23:01 . 2009-05-09 23:43 -------- d-----w c:\documents and settings\Elenh\Application Data\DC++ 2009-05-09 23:01 . 2009-05-09 23:01 -------- d-----w c:\documents and settings\Elenh\Local Settings\Application Data\DC++ 2009-05-09 23:00 . 2009-05-09 23:00 -------- d-----w c:\program files\DC++ 2009-05-09 21:41 . 2009-05-09 22:29 -------- d-----w c:\program files\ProxyChecker 2009-05-08 19:30 . 2009-05-08 19:30 -------- d-----w c:\documents and settings\All Users\Application Data\EPS 2009-05-08 19:30 . 2009-05-08 19:30 -------- d-----w c:\program files\My-Proxy 2009-05-08 19:28 . 2009-05-08 19:28 82898 ----a-w c:\windows\uninstall.exe 2009-05-08 16:51 . 2009-05-08 16:51 -------- d-----w c:\program files\Common Files\GeoVid 2009-05-08 16:51 . 2009-05-08 16:51 -------- d-----w c:\documents and settings\All Users\Application Data\GeoVid 2009-05-08 16:51 . 2005-06-07 12:11 60416 ----a-w c:\windows\system32\dsetup.dll 2009-05-08 16:51 . 2009-05-08 16:51 -------- d-----w c:\program files\GeoVid 2009-05-06 22:56 . 2009-05-06 22:56 -------- d-----w c:\documents and settings\Elenh\Application Data\Sofrayt 2009-05-06 22:56 . 2009-05-06 22:56 -------- d-----w c:\program files\GetSmile 2009-05-06 13:15 . 2009-05-06 21:53 -------- d-----w c:\documents and settings\Elenh\Application Data\Fun Desktop Wallpaper Changer 2009-05-05 16:50 . 2009-05-05 16:50 12991 ----a-w c:\windows\unins006.dat 2009-05-05 16:50 . 2009-05-05 16:50 685913 ----a-w c:\windows\unins006.exe 2009-05-05 16:50 . 2009-05-05 16:50 26905 ----a-w c:\windows\unins005.dat 2009-05-05 16:50 . 2009-05-05 16:50 685913 ----a-w c:\windows\unins005.exe 2009-05-05 16:49 . 2009-05-05 16:49 685913 ----a-w c:\windows\unins004.exe 2009-05-05 16:49 . 2009-05-05 16:49 13273 ----a-w c:\windows\unins004.dat 2009-05-05 16:49 . 2009-05-05 16:49 16961 ----a-w c:\windows\unins003.dat 2009-05-05 16:49 . 2009-05-05 16:49 685913 ----a-w c:\windows\unins003.exe 2009-05-05 16:49 . 2009-05-05 16:48 685913 ----a-w c:\windows\unins001.exe 2009-05-05 16:49 . 2009-05-05 16:49 17853 ----a-w c:\windows\unins001.dat 2009-05-05 16:22 . 2009-05-07 18:32 -------- d-----w c:\documents and settings\All Users\Application Data\LightScribe 2009-05-05 16:22 . 2009-05-05 16:22 -------- d-----w c:\documents and settings\Elenh\Application Data\Droppix 2009-05-05 16:20 . 2005-11-09 06:00 462848 ----a-w c:\windows\system32\HHActiveX.dll 2009-05-05 16:19 . 2009-05-05 16:19 -------- d-----w c:\program files\Common Files\LightScribe 2009-05-05 16:19 . 2009-05-05 16:20 -------- d-----w c:\program files\Common Files\Droppix 2009-05-05 16:19 . 2009-05-05 16:19 -------- d-----w c:\program files\Droppix 2009-05-05 16:18 . 2009-05-05 16:22 -------- d-----w c:\documents and settings\All Users\Application Data\Droppix 2009-05-04 20:15 . 2009-05-04 20:15 -------- d-----w c:\documents and settings\Elenh\Application Data\Flock 2009-05-04 20:15 . 2009-05-04 20:15 -------- d-----w c:\documents and settings\Elenh\Local Settings\Application Data\Flock 2009-05-04 20:14 . 2009-05-10 20:05 -------- d-----w c:\program files\Flock 2009-05-04 00:42 . 2009-05-04 00:56 -------- d-----w c:\documents and settings\Elenh\Application Data\Hide IP NG 2009-05-03 13:39 . 2009-05-03 13:39 -------- d-----w c:\documents and settings\Elenh\Application Data\Ashampoo 2009-05-03 11:03 . 2009-05-03 11:03 -------- d-----w c:\documents and settings\Elenh\Application Data\oovootb 2009-05-02 19:34 . 2009-05-02 19:34 -------- d-----w c:\documents and settings\All Users\Application Data\Blueberry 2009-05-02 19:31 . 2009-05-04 20:13 -------- d-----w c:\documents and settings\Elenh\Application Data\Blueberry 2009-05-02 19:27 . 2009-05-02 19:27 30720 ----a-w c:\windows\system32\bbcap.dll 2009-05-02 19:27 . 2009-05-02 19:27 4608 ----a-w c:\windows\system32\bbchlp.dll 2009-05-02 19:27 . 2009-05-02 19:27 4096 ----a-w c:\windows\system32\drivers\bbcap.sys 2009-05-02 19:27 . 2009-05-02 19:30 -------- d-----w c:\documents and settings\Elenh\Application Data\LogSys 2009-05-02 19:27 . 2009-05-02 19:27 -------- d-----w c:\documents and settings\All Users\Application Data\LogSys 2009-05-02 19:27 . 2009-05-02 19:27 -------- d-----w c:\windows\system32\ShellDD 2009-05-02 19:27 . 2009-05-05 20:15 -------- d-----w c:\program files\Blueberry Software 2009-05-02 19:06 . 2009-05-02 19:06 -------- d-----w c:\program files\MAGIX 2009-05-02 15:29 . 2009-05-02 15:29 286720 ------w c:\windows\Setup1.exe 2009-05-02 15:29 . 2009-05-02 15:29 73216 ----a-w c:\windows\ST6UNST.EXE 2009-05-02 14:06 . 2009-05-02 14:06 -------- d-----w c:\program files\TitleBarClock Pro 2009-05-02 13:56 . 2009-05-02 13:56 -------- d-----w c:\program files\cbl electronics inc 2009-05-02 12:57 . 2009-05-02 12:58 -------- d-----w c:\program files\AutoGK 2009-05-01 18:50 . 2009-05-01 18:58 -------- d-----w c:\documents and settings\Elenh\Application Data\ooVoo Details 2009-05-01 18:48 . 2009-05-01 18:48 -------- d-----w c:\documents and settings\All Users\Application Data\EmailNotifier 2009-04-30 10:57 . 2009-04-30 10:57 -------- d-----w c:\documents and settings\Elenh\vw 2009-04-30 10:57 . 2009-04-30 10:57 -------- d-----w c:\documents and settings\Elenh\VisualRoute 2009-04-30 09:09 . 2009-04-30 09:09 -------- d-----w c:\program files\SamsonSoft 2009-04-29 19:20 . 2009-04-29 19:20 -------- d-----w c:\program files\Photoshine 2009-04-29 18:21 . 2009-04-29 18:24 -------- d-----w c:\program files\Gaberoff Koral 2009-04-29 18:19 . 2009-04-29 18:19 1223956 ---ha-w c:\windows\system32\mlfcache.dat 2009-04-29 17:36 . 2009-04-29 17:37 -------- d-----w c:\documents and settings\Elenh\Application Data\Zoner 2009-04-29 17:34 . 2009-04-29 17:34 -------- d-----w c:\program files\Zoner 2009-04-29 17:25 . 2009-05-06 21:55 -------- d-----w C:\PREVEW 2009-04-29 16:49 . 2009-04-29 16:49 -------- d-----w c:\program files\%ramdrv%Image_Grabber_II 2009-04-24 12:09 . 2009-05-02 14:52 -------- d-----w c:\documents and settings\Elenh\Application Data\Free Audio Editor 2009-04-24 09:34 . 2009-05-05 16:23 2098392 ----a-w c:\windows\system32\GDIPFONTCACHEV1.DAT 2009-04-22 19:59 . 2009-04-22 19:59 -------- d-----w c:\documents and settings\All Users\Application Data\Office Genuine Advantage 2009-04-22 16:35 . 2009-04-24 11:08 -------- d-----w c:\program files\PostSmile 2009-04-22 14:10 . 2009-04-22 14:10 -------- d-----w c:\documents and settings\All Users\Application Data\IM 2009-04-22 14:08 . 2009-04-24 01:22 -------- d-----w c:\documents and settings\Elenh\Local Settings\Application Data\IM 2009-04-22 14:08 . 2009-04-23 21:28 -------- d-----w c:\documents and settings\All Users\Application Data\IncrediMail 2009-04-21 23:44 . 2009-05-10 20:01 -------- d-----w c:\program files\FreeRapid-0.82 2009-04-21 21:55 . 2009-05-03 10:33 -------- d-----w c:\program files\vSoft 2009-04-21 20:58 . 2009-04-22 16:29 -------- d-----w c:\program files\Fight for Fun 2009-04-21 15:03 . 2009-01-20 00:05 10372096 ----a-w c:\windows\system32\Koi Fish 3D Screensaver.exe 2009-04-21 15:03 . 2009-01-20 00:05 908288 ----a-w c:\windows\system32\Koi_Fish_3D_Screensaver.scr 2009-04-21 15:03 . 2009-04-21 15:03 -------- d-----w c:\program files\Koi Fish 3D Screensaver 2009-04-21 14:45 . 2009-04-21 14:45 -------- d-----w c:\program files\SweetIM 2009-04-21 14:38 . 2009-04-21 14:38 -------- d-----w c:\documents and settings\Elenh\Local Settings\Application Data\RapidShareDownloader 2009-04-21 12:21 . 2009-04-21 12:21 -------- d-----w c:\documents and settings\Elenh\Application Data\HiYo 2009-04-21 12:21 . 2009-04-21 12:21 -------- d-----w c:\program files\HiYo 2009-04-21 12:21 . 2009-04-21 12:21 -------- d-----w c:\documents and settings\All Users\Application Data\HiYo 2009-04-21 07:08 . 2009-04-21 07:08 1496576 ---ha-w c:\windows\system32\wodfamop.dll 2009-04-21 07:07 . 2009-04-21 07:07 -------- d-----w c:\program files\Abrosoft 2009-04-20 13:21 . 2009-04-20 13:21 -------- d-----w c:\program files\iColorFolder 2009-04-19 17:00 . 2009-05-06 15:49 -------- d-----w c:\documents and settings\Elenh\Application Data\elefundesktops 2009-04-19 17:00 . 2009-04-19 17:00 -------- d-----w c:\program files\EleFun Wallpapers 2009-04-18 17:46 . 2009-04-18 18:04 -------- d-----w c:\documents and settings\Elenh\Zaxwerks 2009-04-18 17:45 . 2009-04-18 17:45 -------- d-----w c:\program files\ProModeler 4.5.1 PC 2009-04-18 17:42 . 2009-04-18 17:42 -------- d-----w c:\documents and settings\All Users\Application Data\Public System Files 2009-04-18 16:32 . 2009-04-18 16:32 -------- d-----w c:\documents and settings\Elenh\Application Data\Ambient Design 2009-04-18 16:25 . 2009-04-18 16:25 -------- d-----w c:\program files\Ambient Design 2009-04-18 14:53 . 2009-04-21 13:53 -------- d-----w c:\documents and settings\Elenh\Application Data\UseNeXT 2009-04-18 14:48 . 2009-04-18 16:38 -------- d-----w c:\program files\Insofta 3D Text Commander 2009-04-18 14:41 . 2009-04-18 14:44 -------- d-----w c:\program files\Insofta Cover Commander 2009-04-16 15:34 . 2009-04-16 15:34 243428 ----a-w c:\windows\uninstall 16Aquari.exe 2009-04-16 14:56 . 2009-04-16 14:56 -------- d-----w c:\program files\AAALOGO2008 2009-04-16 07:53 . 2009-04-16 07:53 -------- d-----w c:\documents and settings\Elenh\Application Data\Windows Live Writer 2009-04-16 07:53 . 2009-04-16 07:54 -------- d-----w c:\documents and settings\Elenh\Local Settings\Application Data\Windows Live Writer 2009-04-15 12:57 . 2009-04-15 12:57 -------- d-----w c:\documents and settings\Elenh\Application Data\AMPSoft 2009-04-15 12:21 . 2008-11-18 20:28 -------- d-----w C:\CYRILIC 2009-04-15 12:21 . 2009-05-10 20:01 -------- d-----w C:\TYGRA 3000 2009-04-15 12:21 . 2009-04-15 12:21 -------- d-----w c:\program files\FontViewer Portable 2009-04-15 12:21 . 2009-04-15 12:21 -------- d-----w c:\program files\AMP Font Viewer 2009-04-15 12:19 . 2009-04-15 12:20 -------- d-----w c:\documents and settings\Elenh\Application Data\PhotoFiltre Studio X 2009-04-15 12:19 . 2009-04-15 20:56 -------- d-----w c:\program files\PhotoFiltre Studio X 2009-04-15 07:39 . 2008-05-03 11:55 2560 ----a-w c:\windows\system32\xpsp4res.dll 2009-04-15 06:22 . 2009-04-15 06:22 -------- d-----w C:\Sandbox 2009-04-15 06:22 . 2009-04-15 06:22 -------- d-----w c:\program files\Sandboxie 2009-04-15 02:13 . 2009-05-12 08:06 -------- d-----w c:\documents and settings\Elenh\Tracing 2009-04-15 02:11 . 2009-02-06 15:08 55152 ----a-w c:\windows\system32\drivers\fssfltr_tdi.sys 2009-04-15 02:10 . 2009-04-15 02:10 -------- d-----w c:\program files\Microsoft Sync Framework 2009-04-15 02:09 . 2009-04-15 02:09 -------- d-----w c:\program files\Microsoft SQL Server Compact Edition 2009-04-15 02:08 . 2009-04-15 02:08 -------- d-----w c:\program files\Windows Live SkyDrive 2009-04-14 08:55 . 2009-04-14 08:55 -------- d-----w c:\program files\KaraokeDX . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2009-05-12 08:05 . 2008-09-09 23:46 -------- d-----w c:\program files\DNA 2009-05-12 08:05 . 2009-03-02 17:53 5112 ----a-w c:\windows\GPCIDrv.sys 2009-05-12 08:05 . 2008-09-05 12:54 -------- d-----w c:\program files\lg_fwupdate 2009-05-12 08:05 . 2008-09-05 14:05 19039 -c--a-w c:\windows\system32\drivers\GVTDrv.sys 2009-05-11 22:58 . 2008-12-17 18:17 -------- d-----w c:\program files\4shared Uploader 2009-05-11 15:01 . 2008-12-11 09:09 -------- d-----w c:\documents and settings\Elenh\Application Data\SUPERAntiSpyware.com 2009-05-11 14:11 . 2008-11-02 18:40 2098392 ----a-w c:\documents and settings\multiskype\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-05-11 14:04 . 2009-03-26 13:13 -------- d-----w c:\program files\AlienGUIse 2009-05-11 12:39 . 2008-12-16 06:20 -------- d-----w c:\program files\Registry Clean Expert 2009-05-10 20:01 . 2008-09-18 23:27 -------- d-----w c:\program files\DivX 2009-05-10 20:01 . 2008-09-05 10:38 -------- d-----w c:\program files\Windows Media Connect 2 2009-05-10 20:01 . 2009-02-02 14:33 -------- d-----w c:\program files\Internet Download Manager 2009-05-10 14:01 . 2008-09-05 12:15 96384 ----a-w c:\windows\system32\drivers\sptd5997.sys 2009-05-09 13:42 . 2008-10-23 22:11 -------- d-----w c:\program files\Ashampoo 2009-05-09 13:42 . 2008-09-05 10:32 -------- d--h--w c:\program files\InstallShield Installation Information 2009-05-09 13:32 . 2008-09-05 19:51 -------- d-----w c:\program files\FrostWire 2009-05-09 13:30 . 2009-03-31 11:41 -------- d-----w c:\program files\VS Revo Group 2009-05-04 11:41 . 2009-01-16 08:11 -------- d-----w c:\program files\PhotoScape 2009-05-03 18:34 . 2008-12-09 15:05 -------- d-----w c:\program files\Screensaver Factory 4 Enterprise 2009-05-03 18:26 . 2009-04-01 18:30 -------- d-----w c:\program files\IconLover 2009-05-03 17:27 . 2008-09-05 14:28 -------- d-----w c:\program files\Acoustica Audio Converter Pro 2009-05-02 12:58 . 2008-09-14 21:21 -------- d-----w c:\program files\AviSynth 2.5 2009-04-24 09:33 . 2008-09-05 00:44 8224 ----a-w c:\documents and settings\Elenh\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2009-04-21 19:12 . 2009-04-02 13:19 -------- d-----w c:\program files\Changes 2009-04-16 15:55 . 2008-11-19 09:43 -------- d-----w c:\program files\EZPhotoCalendarCreatorPlus 2009-04-15 02:08 . 2009-02-12 23:05 -------- d-----w c:\program files\Microsoft 2009-04-14 09:05 . 2009-02-16 06:18 -------- d-----w c:\program files\Icon Converter Plus 2009-04-14 09:05 . 2009-01-16 10:25 -------- d-----w c:\program files\IE BrightSpot 2009-04-14 09:05 . 2009-01-16 08:31 -------- d-----w c:\program files\Dream Aquarium 2009-04-14 09:05 . 2009-01-11 17:06 -------- d-----w c:\program files\Wallpaper Desktop 2009-04-14 09:05 . 2008-12-14 15:31 -------- d-----w c:\program files\Atlantis 3D Screensaver 2009-04-14 09:05 . 2008-12-02 15:00 -------- d-----w c:\program files\Setup 2009-04-14 09:05 . 2008-09-07 13:27 -------- d-----w c:\program files\YouTube Downloader 2009-04-14 09:05 . 2009-04-08 20:27 -------- d-----w c:\program files\Acala DVD 3gp Ripper 2009-04-14 09:05 . 2009-03-15 13:16 -------- d-----w c:\program files\Banner Maker Pro 7 2009-04-14 09:05 . 2008-09-09 13:12 -------- d-----w c:\program files\MorEmoticons 2009-04-14 09:05 . 2008-09-05 14:31 -------- d-----w c:\program files\SlimBrowser 2009-04-12 16:14 . 2008-09-07 04:55 -------- d-----w c:\program files\EA GAMES 2009-04-12 13:56 . 2008-12-10 17:57 -------- d-----w c:\program files\Video Thumbnails Maker 2009-04-10 08:47 . 2008-09-05 19:56 -------- d-----w c:\program files\Java 2009-04-08 20:45 . 2008-09-07 16:31 -------- d-----w c:\program files\MediaInfo 2009-04-08 20:44 . 2008-09-05 15:51 -------- d-----w c:\program files\Common Files\Adobe 2009-04-07 19:45 . 2009-04-07 19:44 -------- d-----w c:\program files\QuickTime 2009-04-07 12:10 . 2009-04-07 11:56 -------- d-----w c:\program files\3Planesoft Screensaver Manager 2009-04-07 12:10 . 2009-04-07 12:10 -------- d-----w c:\program files\Coral Clock 3D Screensaver 2009-04-07 11:56 . 2009-04-07 11:56 -------- d-----w c:\program files\Water Clock 3D Screensaver 2009-04-07 05:54 . 2008-09-13 14:08 1148 -c--a-w c:\windows\system32\ezdigsgn.dat 2009-04-04 17:46 . 2009-04-04 17:46 -------- d-----w c:\program files\Common Files\Xuisoft 2009-04-04 13:52 . 2009-04-04 13:52 -------- d-----w c:\program files\Reallusion 2009-04-04 12:46 . 2008-09-06 10:56 -------- d-----w c:\program files\Xilisoft 2009-04-04 12:32 . 2009-02-25 11:49 -------- d-----w c:\program files\No1 Video Converter 2009-04-02 20:13 . 2008-10-20 14:28 -------- d-----w c:\program files\iPod 2009-04-02 13:39 . 2009-04-02 13:39 -------- d-----w c:\program files\soft Xpansion 2009-04-02 13:20 . 2009-04-02 13:20 4608 ----a-w c:\windows\system32\w95inf32.dll 2009-04-02 13:20 . 2009-04-02 13:20 2272 ----a-w c:\windows\system32\w95inf16.dll 2009-04-01 20:33 . 2008-09-05 15:59 -------- d-----w c:\program files\Winamp 2009-04-01 19:59 . 2008-09-05 14:02 -------- d-----w c:\program files\Yahoo! 2009-04-01 19:38 . 2009-04-01 19:38 -------- d-----w c:\program files\Image-Line 2009-04-01 19:38 . 2009-04-01 19:38 -------- d-----w c:\program files\VstPlugins 2009-04-01 18:49 . 2009-04-01 18:38 -------- d-----w c:\program files\The KMPlayer 2009-04-01 18:37 . 2009-04-01 18:37 -------- d-----w c:\program files\BACL 2009-04-01 18:23 . 2009-04-01 18:23 -------- d-----w c:\program files\Streamripper 2009-04-01 09:42 . 2009-03-17 15:38 -------- d-----w c:\program files\easyMule 2009-04-01 09:01 . 2009-01-16 08:22 -------- d-----w c:\program files\Dealio 2009-04-01 08:40 . 2008-09-05 00:55 -------- d-----w c:\program files\Spybot - Search & Destroy 2009-03-31 18:17 . 2008-11-13 20:32 -------- d-----w c:\program files\SpeedFan 2009-03-31 17:19 . 2008-09-07 06:31 -------- d-----w c:\program files\Xfire 2009-03-31 17:19 . 2009-03-28 19:27 -------- d-----w c:\program files\Video to GIF Converter 2009-03-31 17:18 . 2009-01-16 09:16 -------- d-----w c:\program files\Frame Maker Pro 2009-03-31 17:18 . 2008-09-07 08:46 -------- d-----w c:\program files\DANCE!ONLINE 2009-03-31 17:18 . 2008-09-14 22:01 -------- d-----w c:\program files\Common Files\BitDefender 2009-03-31 17:18 . 2009-02-18 19:11 -------- d-----w c:\program files\Collage Maker3 2009-03-31 17:18 . 2009-03-25 22:15 -------- d-----w c:\program files\CDex_150 2009-03-31 17:17 . 2008-09-22 00:17 -------- d-----w c:\program files\'Full Speed' Internet Booster + Performance Tests 2009-03-31 17:16 . 2008-09-21 15:30 -------- d-----w c:\program files\StreamingStar 2009-03-31 15:57 . 2009-03-31 15:57 -------- d-----w c:\program files\Hard Drive Inspector 2009-03-31 15:09 . 2009-03-31 15:09 -------- d-----w c:\program files\Cryptload 2009-03-30 16:52 . 2009-01-27 21:31 -------- d-----w c:\program files\K-Lite Codec Pack 2009-03-30 14:03 . 2009-03-30 14:03 -------- d-----w c:\program files\Pixarra 2009-03-30 11:38 . 2009-03-30 11:38 -------- d-----w c:\program files\Kirillka.ru Snow 2009-03-29 20:15 . 2008-10-29 09:39 -------- d-----w c:\program files\Last.fm 2009-03-28 22:26 . 2008-09-20 00:12 -------- d-----w c:\program files\uTorrent 2009-03-28 19:15 . 2009-03-28 19:14 -------- d-----w c:\program files\Watermark Factory 2 2009-03-28 19:03 . 2009-03-28 19:03 -------- d-----w c:\program files\Image Trends Inc 2009-03-26 15:35 . 2009-01-22 14:39 210352 ----a-w c:\windows\system32\idmmbc.dll 2009-03-26 13:13 . 2009-03-26 13:13 -------- d-----w c:\program files\Common Files\Stardock 2009-03-22 11:42 . 2008-09-18 07:08 -------- d-----w c:\program files\The_Pirate_Bay 2009-03-19 09:34 . 2009-03-19 09:34 -------- d-----w c:\program files\FirmTools 2009-03-15 12:59 . 2009-03-15 12:59 -------- d-----w c:\program files\KC Softwares 2009-03-14 10:06 . 2009-01-16 05:22 -------- d-----w c:\program files\Xara 2009-03-12 00:36 . 2009-03-12 00:36 409280 ----a-w c:\windows\system32\HDDSvc.exe 2009-03-10 19:18 . 2008-12-09 12:03 934792 ----a-w c:\windows\system32\WgaTray.dve.exe 2009-03-09 02:19 . 2009-01-10 13:13 410984 -c--a-w c:\windows\system32\deploytk.dll 2009-03-06 14:22 . 2008-01-26 05:57 284160 ----a-w c:\windows\system32\pdh.dll 2009-03-03 00:18 . 2008-01-26 05:57 826368 ----a-w c:\windows\system32\wininet.dll 2009-02-20 18:09 . 2008-01-26 05:57 78336 ------w c:\windows\system32\ieencode.dll 2009-02-19 19:46 . 2008-01-26 05:57 14336 ----a-w c:\windows\system32\svchost.exe 2009-02-16 06:18 . 2009-02-16 06:18 279489 ----a-w c:\windows\Icon Converter Plus Uninstaller.exe 2009-02-12 05:58 . 2008-09-09 07:36 45056 -c--a-w c:\windows\system32\WNASPI32.DLL 2009-02-12 05:58 . 2008-09-09 07:36 16512 -c--a-w c:\windows\system32\drivers\ASPI32.SYS . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks] "{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe1.dll" [2009-04-21 1883672] "{684a09ee-5c31-4b12-924e-49292340f9a4}"= "c:\program files\bananabg\tbbana.dll" [2009-02-19 2081304] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files\isoHunt\tbisoH.dll" [2009-02-19 2081304] "{EEE6C35D-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll" [2008-10-08 173368] [HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}] [HKEY_CLASSES_ROOT\clsid\{684a09ee-5c31-4b12-924e-49292340f9a4}] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_CLASSES_ROOT\clsid\{eee6c35d-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SweetIM_URLSearchHook.ToolbarURLSearchHook.1] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35F-6118-11DC-9C72-001320C79847}] [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{684a09ee-5c31-4b12-924e-49292340f9a4}] 2009-02-19 14:58 2081304 ----a-w c:\program files\bananabg\tbbana.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a33fa729-d155-4b23-842b-2c665ecabdb6}] 2009-04-21 22:08 1883672 ----a-w c:\program files\The_Pirate_Bay\tbThe1.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] 2009-02-19 14:58 2081304 ----a-w c:\program files\isoHunt\tbisoH.dll [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{EEE6C35C-6118-11DC-9C72-001320C79847}] 2008-10-08 09:22 1172792 ----a-w c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{a33fa729-d155-4b23-842b-2c665ecabdb6}"= "c:\program files\The_Pirate_Bay\tbThe1.dll" [2009-04-21 1883672] "{684a09ee-5c31-4b12-924e-49292340f9a4}"= "c:\program files\bananabg\tbbana.dll" [2009-02-19 2081304] "{a6e4a4eb-d169-4e99-8988-250fcbafe767}"= "c:\program files\isoHunt\tbisoH.dll" [2009-02-19 2081304] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] [HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}] [HKEY_CLASSES_ROOT\clsid\{684a09ee-5c31-4b12-924e-49292340f9a4}] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser] "{EEE6C35B-6118-11DC-9C72-001320C79847}"= "c:\program files\SweetIM\Toolbars\Internet Explorer\mgToolbarIE.dll" [2008-10-08 1172792] "{A33FA729-D155-4B23-842B-2C665ECABDB6}"= "c:\program files\The_Pirate_Bay\tbThe1.dll" [2009-04-21 1883672] "{684A09EE-5C31-4B12-924E-49292340F9A4}"= "c:\program files\bananabg\tbbana.dll" [2009-02-19 2081304] "{A6E4A4EB-D169-4E99-8988-250FCBAFE767}"= "c:\program files\isoHunt\tbisoH.dll" [2009-02-19 2081304] [HKEY_CLASSES_ROOT\clsid\{eee6c35b-6118-11dc-9c72-001320c79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE.3] [HKEY_CLASSES_ROOT\TypeLib\{EEE6C35E-6118-11DC-9C72-001320C79847}] [HKEY_CLASSES_ROOT\SWEETIE.SWEETIE] [HKEY_CLASSES_ROOT\clsid\{a33fa729-d155-4b23-842b-2c665ecabdb6}] [HKEY_CLASSES_ROOT\clsid\{684a09ee-5c31-4b12-924e-49292340f9a4}] [HKEY_CLASSES_ROOT\clsid\{a6e4a4eb-d169-4e99-8988-250fcbafe767}] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Skype"="c:\program files\Skype\Phone\Skype.exe" [2008-09-23 21755688] "swg"="c:\program files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe" [2008-09-05 171448] "MorEmoticons"="c:\program files\MorEmoticons\MorEmoticons.exe" [2007-11-12 64000] "BitTorrent DNA"="c:\program files\DNA\btdna.exe" [2009-01-16 342848] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2009-02-14 270128] "Web Video Downloader"="c:\program files\SourceTec\Sothink Web Video Downloader Stand-alone\VideoDownloader.exe" [2007-12-13 2949120] "Advanced SystemCare 3"="c:\program files\IObit\Advanced SystemCare 3\AWC.exe" [2008-11-15 2235920] "AliceConnect"="c:\program files\COSMOTE\Internet On the Go\Wilog.exe" [2008-03-07 3623464] "RegClean Expert Scheduler"="c:\program files\Registry Clean Expert\RCHelper.exe" [2008-11-03 603384] "Software Informer"="c:\program files\Software Informer\softinfo.exe" [2009-01-01 1654853] "c:\program files\NetMeter\NetMeter.exe"="c:\program files\NetMeter\NetMeter.exe" [2007-08-11 331264] "IDMan"="c:\program files\Internet Download Manager\IDMan.exe" [2009-04-29 2799024] "WinSnap"="c:\program files\WinSnap\WinSnap.exe" [2008-10-29 414616] "NBJ"="c:\program files\Ahead\Nero BackItUp\NBJ.exe" [2005-06-02 1957888] "ctfmon.exe"="c:\windows\system32\ctfmon.exe" [2008-01-26 15360] "SandboxieControl"="c:\program files\Sandboxie\SbieCtrl.exe" [2009-04-13 365568] "TBC Pro"="c:\program files\TitleBarClock Pro\Tbcpro.exe" [2006-07-23 67072] "GetSmile"="c:\program files\GetSmile\getsmile.exe" [2007-06-01 2031616] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2009-04-28 1830128] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "SoundMAXPnP"="c:\program files\Analog Devices\Core\smax4pnp.exe" [2005-05-18 925696] "DAEMON Tools"="c:\program files\DAEMON Tools\daemon.exe" [2005-12-10 133016] "LGODDFU"="c:\program files\lg_fwupdate\fwupdate.exe" [2005-04-12 229376] "NeroFilterCheck"="c:\windows\system32\NeroCheck.exe" [2001-07-09 155648] "RemoteControl"="c:\program files\CyberLink\PowerDVD\PDVDServ.exe" [2004-11-03 32768] "VGAUtil"="c:\program files\GigaByte\VGA Utility Manager\G-VGA.exe" [2006-07-25 544768] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 8.0\Reader\Reader_sl.exe" [2008-01-12 39792] "AppleSyncNotifier"="c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe" [2008-10-01 111936] "SearchSettings"="c:\program files\Search Settings\SearchSettings.exe" [2008-06-12 991584] "StartCCC"="c:\program files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" [2008-08-29 61440] "tsnpstd3"="c:\windows\tsnpstd3.exe" [2005-12-20 94208] "snpstd3"="c:\windows\vsnpstd3.exe" [2005-09-05 339968] "avast!"="c:\program files\Alwil Software\Avast4\ashDisp.exe" [2009-02-05 81000] "PicPick Start"="c:\program files\PicPick\picpick.exe" [2009-02-11 889856] "Malwarebytes' Anti-Malware"="c:\program files\Malwarebytes' Anti-Malware\mbamgui.exe" [2009-01-14 399504] "basicsmssmenu"="c:\program files\Seagate\Basics\Basics Status\MaxMenuMgrBasics.exe" [2007-10-09 169328] "HDInspector.exe"="c:\program files\Hard Drive Inspector\HDInspector.exe" [2009-03-15 1031168] "Make A Voozie"="c:\documents and settings\All Users\Application Data\Make A Voozie\VoozieMaker.exe" [2008-02-20 64000] "QuickTime Task"="c:\program files\QuickTime\qttask.exe" [2007-10-19 286720] "SunJavaUpdateSched"="c:\program files\Java\jre6\bin\jusched.exe" [2009-03-09 148888] "Hiyo"="c:\program files\HiYo\bin\HiYo.exe" [2009-03-19 197936] "SweetIM"="c:\program files\SweetIM\Messenger\SweetIM.exe" [2009-03-05 111928] "BluetoothAuthenticationAgent"="bthprops.cpl" - c:\windows\system32\bthprops.cpl [2008-01-26 110592] "Resume copy"="copyfstq.exe" - c:\windows\copyfstq.exe [2003-06-10 57344] [HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run] "RoboForm"="c:\program files\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe" [2008-09-05 160592] c:\documents and settings\Elenh\Start Menu\Programs\Startup\ Configure Bulgarian Speech.lnk - c:\documents and settings\Elenh\Application Data\Microsoft\Installer\{319A3CA9-DA63-4D65-8B25-403CF9CBF087}\_5af141bb.exe [2009-4-1 1078] Random Wallpaper Changer.lnk - c:\changepaper\changepaper.exe [2008-9-6 399360] c:\documents and settings\All Users\Start Menu\Programs\Startup\ Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360] [HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer] "NoResolveTrack"= 1 (0x1) "NoFileAssociate"= 0 (0x0) [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!saswinlogon] 2008-12-22 09:05 356352 ----a-w c:\program files\SUPERAntiSpyware\SASWINLO.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WB] 2001-12-20 21:34 24576 ----a-w c:\program files\AlienGUIse\fastload.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\WBSrv] 2007-11-02 09:47 120056 ----a-w c:\program files\Stardock\Object Desktop\WindowBlinds\WbSrv.dll [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\efcDVOhH] [bU] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\jkkHWPfc] [bU] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=c:\windows\system32\wbsys.dll [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService] @="" HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile] "EnableFirewall"= 0 (0x0) [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "c:\\Program Files\\DNA\\btdna.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "c:\\Program Files\\Magentic\\bin\\Magentic.exe"= "c:\\Program Files\\Magentic\\bin\\MgApp.exe"= "c:\\Program Files\\DC++\\DCPlusPlus.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\Skype\\Phone\\Skype.exe"= [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List] "43230:TCP"= 43230:TCP:Elenh-comp "43230:UDP"= 43230:UDP:elenh-computer "3389:TCP"= 3389:TCP:*:Disabled:@xpsp2res.dll,-22009 "12909:TCP"= 12909:TCP:BitComet 12909 TCP "12909:UDP"= 12909:UDP:BitComet 12909 UDP "22819:TCP"= 22819:TCP:BitComet 22819 TCP "22819:UDP"= 22819:UDP:BitComet 22819 UDP "18871:TCP"= 18871:TCP:BitComet 18871 TCP "18871:UDP"= 18871:UDP:BitComet 18871 UDP "32371:TCP"= 32371:TCP:Azureus "50360:UDP"= 50360:UDP:µTorrent 50360 UDP "50360:TCP"= 50360:TCP:µTorrent 50360 TCP "443:TCP"= 443:TCP:*:Disabled:ooVoo TCP порт 443 "443:UDP"= 443:UDP:*:Disabled:ooVoo UDP порт 443 "37674:TCP"= 37674:TCP:*:Disabled:ooVoo TCP порт 37674 "37674:UDP"= 37674:UDP:*:Disabled:ooVoo UDP порт 37674 "37675:UDP"= 37675:UDP:*:Disabled:ooVoo UDP порт 37675 "8356:TCP"= 8356:TCP:BitComet 8356 TCP "8356:UDP"= 8356:UDP:BitComet 8356 UDP [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\IcmpSettings] "AllowInboundEchoRequest"= 1 (0x1) R1 aswSP;avast! Self Protection;c:\windows\system32\drivers\aswSP.sys [1/1/2002 9:28 PM 114768] R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [4/28/2009 11:33 AM 9968] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [4/28/2009 11:33 AM 72944] R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [1/1/2002 9:28 PM 20560] R2 fssfltr;FssFltr;c:\windows\system32\drivers\fssfltr_tdi.sys [4/15/2009 5:11 AM 55152] R2 LogWatch;Event Log Watch;c:\program files\CA\SharedComponents\CA_LIC\LogWatNT.exe [9/20/2002 7:29 PM 53248] R2 MBAMService;MBAMService;c:\program files\Malwarebytes' Anti-Malware\mbamservice.exe [2/13/2009 7:26 PM 170640] R2 mdvrmng;Mobile IP Route Manager;c:\windows\system32\drivers\mdvrmng.sys [9/5/2008 2:31 PM 10240] R2 SeaPort;SeaPort;c:\program files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe [1/14/2009 5:53 PM 226656] R3 bbcap;bbcap;c:\windows\system32\drivers\bbcap.sys [5/2/2009 10:27 PM 4096] R3 dfmirage;dfmirage;c:\windows\system32\drivers\dfmirage.sys [11/25/2005 5:43 PM 31896] R3 GPCIDrv;GPCIDrv;c:\windows\GPCIDrv.sys [3/2/2009 8:53 PM 5112] R3 GVTDrv;GVTDrv;c:\windows\system32\drivers\GVTDrv.sys [9/5/2008 5:05 PM 19039] R3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys [2/13/2009 7:26 PM 15504] R3 SASENUM;SASENUM;c:\program files\SUPERAntiSpyware\SASENUM.SYS [4/28/2009 11:33 AM 7408] R3 SbieDrv;SbieDrv;c:\program files\Sandboxie\SbieDrv.sys [4/13/2009 7:51 PM 107520] R4 atidgllk;atidgllk;c:\program files\GigaByte\VGA Utility Manager\atidgllk.sys [9/5/2008 5:04 PM 5376] S3 CA_LIC_CLNT;CA License Client;c:\program files\CA\SharedComponents\CA_LIC\lic98rmt.exe [9/20/2002 7:27 PM 77824] S3 CA_LIC_SRVR;CA License Server;c:\program files\CA\SharedComponents\CA_LIC\lic98rmtd.exe [9/20/2002 7:41 PM 77824] S3 Droppix Service;Droppix Service;c:\program files\Common Files\Droppix\DxService.exe [5/5/2009 7:19 PM 221184] S3 esihdrv;esihdrv;\??\c:\docume~1\Elenh\LOCALS~1\Temp\esihdrv.sys --> c:\docume~1\Elenh\LOCALS~1\Temp\esihdrv.sys [?] S3 fsssvc;Семейна безопасност на Windows Live;c:\program files\Windows Live\Family Safety\fsssvc.exe [2/6/2009 6:08 PM 533360] S3 NPF;NetGroup Packet Filter Driver;c:\windows\system32\drivers\npf.sys [1/25/2007 8:31 PM 42000] S3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;"c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe" --> c:\program files\Roxio Creator 2009\Digital Home 11\RoxioUPnPRenderer11.exe [?] [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\H] \Shell\AutoRun\command - H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{5e9864d2-7b3d-11dd-b86b-001a92319fca}] \Shell\AutoRun\command - H:\AutoRun.exe [HKEY_CURRENT_USER\software\microsoft\windows\currentversion\explorer\mountpoints2\{97171f77-1786-11de-9650-001a92319fca}] \Shell\AutoRun\command - H:\LaunchU3.exe -a [HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}] "c:\program files\Common Files\LightScribe\LSRunOnce.exe" . Contents of the 'Scheduled Tasks' folder 2009-05-11 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2008-07-30 19:34] 2009-05-11 c:\windows\Tasks\Malwarebytes' Scheduled Scan for Elenh.job - c:\program files\Malwarebytes' Anti-Malware\mbam.exe [2009-02-13 14:11] . - - - - ORPHANS REMOVED - - - - URLSearchHooks-{0579B4B6-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) BHO-{0579B4B1-0293-4d73-B02D-5EBB0BA0F0A2} - (no file) BHO-{0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - (no file) BHO-{1f17c7af-6123-48cb-980d-6001d8435631} - (no file) BHO-{6D4C991F-0868-4D32-AB5A-A5E79A765C2C} - (no file) BHO-{71B1937A-A997-40CF-85EA-D09AC19E2067} - (no file) BHO-{7D1D31A0-1F78-499E-9236-A5D44495DACE} - (no file) BHO-{859098F8-F713-490D-92B3-31304377E653} - (no file) BHO-{D9C28639-7740-4006-BAE9-2D3923BC07B6} - (no file) HKCU-Run-DiskChk help - c:\documents and settings\All Users\proto.dll HKCU-Run-msnmsgr - ~c:\program files\Windows Live\Messenger\MsnMsgr.Exe HKU-Default-Run-Picasa Media Detector - c:\program files\Picasa2\PicasaMediaDetector.exe . ------- Supplementary Scan ------- . uStart Page = hxxp://mystart.incredimail.com/ uDefault_Search_URL = hxxp://www.google.com/ie mStart Page = hxxp://www.yahoo.com/ mSearch Bar = hxxp://us.rd.yahoo.com/customize/ie/defaults/sb/msgr9/*http://www.yahoo.com/ext/search/search.html uInternet Settings,ProxyOverride = *.local uSearchURL,(Default) = hxxp://us.rd.yahoo.com/customize/ie/defaults/su/msgr9/*http://www.yahoo.com IE: download all links with idm - c:\program files\Internet Download Manager\IEGetAll.htm IE: download flv video content with idm - c:\program files\Internet Download Manager\IEGetVL.htm IE: download flv videos with idm from 10 last requested - c:\program files\Internet Download Manager\IEGetVL2.htm IE: download with idm - c:\program files\Internet Download Manager\IEExt.htm IE: {{60237576-b24c-4ba9-9740-c9f3ec9db557} - {EAADF17C-B6EA-4511-8549-A67CFD406EAF} - c:\progra~1\SkyCode\WEBTRA~1\wt2ie.dll LSP: c:\windows\system32\idmmbc.dll FF - ProfilePath - c:\documents and settings\Elenh\Application Data\Mozilla\Firefox\Profiles\jul5nnzn.default\ FF - prefs.js: browser.search.defaulturl - hxxp://search.live.com/results.aspx?FORM=IEFM1&q= FF - prefs.js: browser.search.selectedEngine - Google FF - prefs.js: browser.startup.homepage - hxxp://apps.yahoo.com/-hD4ACE4e/YahooFullView/index.php?yap_src=http://my.yahoo.com/p/1.html FF - prefs.js: keyword.URL - hxxp://mystart.incredimail.com/?loc=ff_address_bar&search= FF - component: c:\documents and settings\Elenh\Application Data\IDM\idmmzcc3\components\idmmzcc.dll FF - component: c:\documents and settings\Elenh\Application Data\Mozilla\Firefox\Profiles\jul5nnzn.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll FF - component: c:\documents and settings\Elenh\Application Data\Mozilla\Firefox\Profiles\jul5nnzn.default\extensions\{bc4be15d-6a34-4356-9e97-79e43da32b1d}\components\FFAlert.dll FF - component: c:\documents and settings\Elenh\Application Data\Mozilla\Firefox\Profiles\jul5nnzn.default\extensions\piclens@cooliris.com\components\coolirisstub.dll FF - plugin: c:\documents and settings\Elenh\Application Data\Mozilla\plugins\npPxPlay.dll FF - plugin: c:\program files\Google\Picasa3\npPicasa3.dll FF - plugin: c:\program files\Opera\program\plugins\npdivx32.dll FF - plugin: c:\program files\Windows Live\Photo Gallery\NPWLPG.dll ---- FIREFOX POLICIES ---- FF - user.js: browser.blink_allowed - true FF - user.js: network.prefetch-next - true FF - user.js: layout.spellcheckDefault - 1 FF - user.js: browser.search.openintab - false FF - user.js: browser.tabs.closeButtons - 1 FF - user.js: browser.tabs.opentabfor.middleclick - true FF - user.js: browser.tabs.tabMinWidth - 100 . ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2009-05-12 11:09 Windows 5.1.2600 Service Pack 3, v.5755 NTFS scanning hidden processes ... scanning hidden autostart entries ... HKCU\Software\Microsoft\Windows\CurrentVersion\Run msnmsgr = ~"c:\program files\Windows Live\Messenger\MsnMsgr.Exe" /background? scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** . --------------------- LOCKED REGISTRY KEYS --------------------- [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{47629D4B-2AD3-4e50-B716-A66C15C63153}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "cd042efbbd7f7af1647644e76e06692b"=hex:e2,63,26,f1,3f,c8,ff,68,3a,da,0e,bd,11, 37,3b,8c,2e,e8,e1,00,eb,16,2b,de,a5,c2,16,c9,6a,38,e3,82,e2,63,26,f1,3f,c8,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{604BB98A-A94F-4a5c-A67C-D8D3582C741C}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "bca643cdc5c2726b20d2ecedcc62c59b"=hex:6a,9c,d6,61,af,45,84,18,72,28,7c,dc,8a, 5b,84,92,46,47,15,b0,92,4b,c7,ef,b2,96,ce,bd,0d,7e,d7,00,6a,9c,d6,61,af,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{684373FB-9CD8-4e47-B990-5A4466C16034}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2c81e34222e8052573023a60d06dd016"=hex:25,da,ec,7e,55,20,c9,26,13,7d,e0,ae,ff, 8b,5e,c0,7a,45,05,fd,91,e8,6f,31,03,55,19,0b,bc,2c,ed,46,ff,7c,85,e0,43,d4,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{74554CCD-F60F-4708-AD98-D0152D08C8B9}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "2582ae41fb52324423be06337561aa48"=hex:86,8c,21,01,be,91,eb,e7,6f,de,c8,da,bf, 1f,ec,4f,6b,65,49,6a,7e,99,74,f7,a4,26,05,94,f3,3d,c3,e2,86,8c,21,01,be,91,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7B8E9164-324D-4A2E-A46D-0165FB2000EC}] @Denied: (Full) (Everyone) "scansk"=hex(0):c9,b6,e4,16,9f,ea,75,65,b1,0e,38,88,53,8e,c1,77,d3,4a,d5,93,83, 03,42,8b,0a,8e,b2,9b,55,4f,71,90,a8,98,36,d3,22,65,18,a4,00,00,00,00,00,00,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{7EB537F9-A916-4339-B91B-DED8E83632C0}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "caaeda5fd7a9ed7697d9686d4b818472"=hex:cd,44,cd,b9,a6,33,6c,cd,e4,ee,d3,5e,c8, 4b,b7,8d,e9,02,6c,fa,fb,1d,47,57,9b,85,b4,e6,8f,b6,ff,1c,f5,1d,4d,73,a8,13,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{948395E8-7A56-4fb1-843B-3E52D94DB145}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "a4a1bcf2cc2b8bc3716b74b2b4522f5d"=hex:df,20,58,62,78,6b,cf,c8,81,b4,e4,fc,2b, 3a,19,78,50,93,e5,ab,ec,6a,4e,ab,42,d1,8d,a5,1c,ad,ec,88,df,20,58,62,78,6b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{AC3ED30B-6F1A-4bfc-A4F6-2EBDCCD34C19}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "4d370831d2c43cd13623e232fed27b7b"=hex:fb,a7,78,e6,12,2f,9a,ea,02,b1,66,a4,87, 5f,e1,91,97,20,4e,9a,c7,f1,35,ee,49,fc,7b,14,e4,40,77,89,fb,a7,78,e6,12,2f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{DE5654CA-EB84-4df9-915B-37E957082D6D}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1d68fe701cdea33e477eb204b76f993d"=hex:01,3a,48,fc,e8,04,4a,f1,db,de,35,37,d4, 49,39,df,aa,52,c6,00,84,3c,26,64,df,ff,33,65,79,a6,12,3e,01,3a,48,fc,e8,04,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{E39C35E8-7488-4926-92B2-2F94619AC1A5}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "1fac81b91d8e3c5aa4b0a51804d844a3"=hex:51,fa,6e,91,28,9e,14,cc,71,20,e2,d4,fb, 6b,db,c0,b2,46,9a,e2,1b,fe,1b,94,96,50,b0,07,57,fe,0a,77,f6,0f,4e,58,98,5b,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{EACAFCE5-B0E2-4288-8073-C02FF9619B6F}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "f5f62a6129303efb32fbe080bb27835b"=hex:3d,ce,ea,26,2d,45,aa,78,53,2c,cf,d6,62, 26,1b,36,37,a4,aa,c3,a6,15,56,0a,ee,fd,34,60,84,5f,36,ad,3d,ce,ea,26,2d,45,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{f5377d4e-db21-4fe2-a2ec-25ae4e4c5e48}] @Denied: (Full) (Everyone) "Model"=dword:00000024 "Therad"=dword:00000018 "MData"=hex(0):73,d5,cf,b8,a4,07,89,80,31,e4,35,6b,2a,ca,fe,43,98,07,ff,fc,5d, df,1c,2f,3b,8a,0a,32,11,89,01,b5,79,63,b2,f3,b6,a6,7f,0e,d7,b9,c1,83,e2,e6,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{F8F02ADD-7366-4186-9488-C21CB8B3DCEC}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "fd4e2e1a3940b94dceb5a6a021f2e3c6"=hex:2a,b7,cc,b5,b9,7f,41,e7,75,39,3b,74,18, 24,33,81,f8,31,0f,a9,5f,a0,ec,fb,aa,17,8d,6d,c6,45,ab,df,2a,b7,cc,b5,b9,7f,\ [HKEY_LOCAL_MACHINE\software\Classes\CLSID\{FEE45DE2-A467-4bf9-BF2D-1411304BCD84}\InprocServer32*] "ThreadingModel"="Apartment" @="c:\\WINDOWS\\system32\\OLE32.DLL" "8a8aec57dd6508a385616fbc86791ec2"=hex:fa,ea,66,7f,d4,3b,6b,70,89,7b,3b,a2,7b, 34,35,cf,05,73,21,dd,54,d8,4a,c5,2f,b2,9a,e1,86,06,92,8a,6c,43,2d,1e,aa,22,\ . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(928) c:\program files\SUPERAntiSpyware\SASWINLO.dll c:\windows\system32\Ati2evxx.dll c:\program files\AlienGUIse\fastload.dll c:\program files\Stardock\Object Desktop\WindowBlinds\wbsrv.dll - - - - - - - > 'explorer.exe'(2604) c:\program files\GetSmile\getsmile.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgHelper.dll c:\program files\SweetIM\Toolbars\Internet Explorer\mgcommon.dll c:\windows\system32\WPDShServiceObj.dll c:\windows\system32\PortableDeviceTypes.dll c:\windows\system32\PortableDeviceApi.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\ati2evxx.exe c:\windows\system32\ati2evxx.exe c:\program files\Alwil Software\Avast4\aswUpdSv.exe c:\program files\Alwil Software\Avast4\ashServ.exe c:\program files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe c:\program files\Seagate\Basics\Service\SyncServicesBasics.exe c:\program files\Bonjour\mDNSResponder.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Common Files\LightScribe\LSSrvc.exe c:\program files\Sandboxie\SbieSvc.exe c:\program files\Photodex\ProShowGold\scsiaccess.exe c:\windows\system32\rundll32.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\MOM.exe c:\program files\ATI Technologies\ATI.ACE\Core-Static\CCC.exe c:\program files\COSMOTE\Internet On the Go\AutoUpdateSrv.exe c:\program files\Skype\Plugin Manager\skypePM.exe . ************************************************************************** . Completion time: 2009-05-12 11:14 - machine was rebooted ComboFix-quarantined-files.txt 2009-05-12 08:13 Pre-Run: 98,809,274,368 bytes free Post-Run: 98,803,490,816 bytes free Current=6 Default=6 Failed=5 LastKnownGood=7 Sets=1,2,3,4,5,6,7 632 --- E O F --- 2009-04-30 08:09

Благодаря ти отново plamen 74.72! Да,ще изчакам мнението на Night Raven,защото той ме предупреди да откажа сканирането с GMER,така че незнам дали GMER може да го премахне(и дали трябва).

Благодаря за помощтта на Night Raven и за пояснението на plamen 74.72 Oтносно Safe Mode,знам (по-точно съм виждала),че се влиза с F8,да,и при мен е от този клавиш.Просто като вляза незнам какво да натисна,къде да вляза и т.н.Мен ме притеснява обаче този проблем,който откриват всички антивирусни.Той така и не се изтри.Незнам дали трябва дори да бъде изтрит,незнам какво е.Аваст,когато го откри ме попита дали съм сигурна че искам да бъде изтрит този файл,тъй като се намира в папката на Уиндоус.Реших да рискувам и натиснах "Да".Предложи ми предстартова проверка.И нея направих.Пак не се изтри.В горепосочените доклади от SUPERAntiSpyware,Anti-Malware и GMER също се вижда че е засечен C:\WINDOWS\System32\drivers\80a0add6.sys Притеснява ме,незнам доколко е опасно,какво е? Трябва ли да бъде изтрито или не? ще ми навреди ли ако остане така?Объркана съм,посъветвайте ме моля.

Ето резултатите: 1-от GMER GMER 1.0.15.14972 - http://www.gmer.net Rootkit scan 2009-05-11 17:59:07 Windows 5.1.2600 Service Pack 3, v.5755 ---- System - GMER 1.0.15 ---- SSDT sptd.sys ZwEnumerateKey [0xB9FBCC7E] SSDT sptd.sys ZwEnumerateValueKey [0xB9FBCFF6] ---- Devices - GMER 1.0.15 ---- Device \FileSystem\Ntfs \Ntfs 80a0add6.sys Device \FileSystem\Ntfs \Ntfs 873D1A40 AttachedDevice \FileSystem\Ntfs \Ntfs aswMon2.SYS (avast! File System Filter Driver for Windows XP/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip mdvrmng.sys AttachedDevice \Driver\Tcpip \Device\Ip aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Ip 80a0add6.sys AttachedDevice \Driver\Tcpip \Device\Tcp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Tcp 80a0add6.sys AttachedDevice \Driver\Tcpip \Device\Tcp mdvrmng.sys AttachedDevice \Driver\Tcpip \Device\Udp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\Udp 80a0add6.sys AttachedDevice \Driver\Tcpip \Device\Udp mdvrmng.sys AttachedDevice \Driver\Tcpip \Device\RawIp aswTdi.SYS (avast! TDI Filter Driver/ALWIL Software) AttachedDevice \Driver\Tcpip \Device\RawIp 80a0add6.sys AttachedDevice \Driver\Tcpip \Device\RawIp mdvrmng.sys ---- Services - GMER 1.0.15 ---- Service C:\WINDOWS\System32\drivers\80a0add6.sys (*** hidden *** ) [sYSTEM] 80a0add6 <-- ROOTKIT !!! Service system32\drivers\TDSSserv.sys (*** hidden *** ) [sYSTEM] TDSSserv <-- ROOTKIT !!! ---- EOF - GMER 1.0.15 ---- 2-от SuperAntiSpyware SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 05/11/2009 at 07:01 PM Application Version : 4.26.1002 Core Rules Database Version : 3885 Trace Rules Database Version: 1833 Scan type : Complete Scan Total Scan Time : 00:48:56 Memory items scanned : 734 Memory threats detected : 1 Registry items scanned : 7703 Registry threats detected : 13 File items scanned : 26640 File threats detected : 6 Trojan.Agent/Gen-Proto C:\DOCUMENTS AND SETTINGS\ALL USERS\PROTO.DLL C:\DOCUMENTS AND SETTINGS\ALL USERS\PROTO.DLL Adware.Vundo Variant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{98672103-AFBE-4434-92D2-692A124CD60F} HKU\.default\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98672103-AFBE-4434-92D2-692A124CD60F} HKU\s-1-5-21-220523388-1343024091-1801674531-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98672103-AFBE-4434-92D2-692A124CD60F} HKU\s-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98672103-AFBE-4434-92D2-692A124CD60F} Adware.Tracking Cookie C:\Documents and Settings\Elenh\Cookies\elenh@counter.search[1].txt C:\Documents and Settings\Elenh\Cookies\elenh@ads.mucunki[2].txt .doubleclick.net [ C:\Documents and Settings\Elenh\Application Data\MozillaControl\profiles\MozillaControl\wddg6wz8.slt\cookies.txt ] .doubleclick.net [ C:\Documents and Settings\Elenh\Application Data\MozillaControl\profiles\MozillaControl\wddg6wz8.slt\cookies.txt ] Adware.MyWebSearch/FunWebProducts HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE#NextInstance HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000 HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Service HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Legacy HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ConfigFlags HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#Class HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#ClassGUID HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_MYWEBSEARCHSERVICE\0000#DeviceDesc Trojan.Unclassified/Loader-Suspicious C:\PROGRAM FILES\ICONLOVER\LOADER.EXE 3-от Malwarebytes' Anti-Malware Malwarebytes' Anti-Malware 1.33 Версия на базата от данни: 1654 Windows 5.1.2600 Service Pack 3, v.5755 5/11/2009 7:52:10 PM mbam-log-2009-05-11 (19-52-10).txt Тип сканиране: Бързо сканиране Сканирани обекти: 66504 Изминало време: 6 minute(s), 24 second(s) Заразени процеси в паметта: 0 Заразени модули в паметта: 0 Заразени ключове в регистратурата: 0 Заразени стойности в регистратурата: 0 Заразени информационни обекти в регистратурата: 0 Заразени папки: 0 Заразени файлове: 0 Заразени процеси в паметта: (Нямаше открити заплахи) Заразени модули в паметта: (Нямаше открити заплахи) Заразени ключове в регистратурата: (Нямаше открити заплахи) Заразени стойности в регистратурата: (Нямаше открити заплахи) Заразени информационни обекти в регистратурата: (Нямаше открити заплахи) Заразени папки: (Нямаше открити заплахи) Заразени файлове: (Нямаше открити заплахи) Този доклад последният(със Malwarebytes' Anti-Malware) е след изчистването със SUPERAntiSpyware,но вчерашният доклад ми отчете доста проблеми.За всеки случай ше го приложа като прикачен файл.Хубавата новина е,че след почистването със SUPERAntiSpyware и съответно рестартирането което се наложи,браузерите проработиха.Всичките!!! Рдостта ми не трая дълго,защото отново се появи някакъв изскачащ прозорец с предупреждение за грешка,а след това и предупреждението на Аваст.Снимах скрийншоти и на двете,които също са в прикачен файл. А относно това,да пробвам от Safe Mode,естествено не ми се наложи,а и не зная как. v4era_mbam_log_2009_05_10__22_54_21_.txt