Jump to content

Упорита зараза на системата

Matt_Ragan
 Share

Препоръчан пост

Matt_Ragan Новобранец

Matt_Ragan

Публикувано
Публикувано

Здравейте!От известно време компютърът ми се държи странно.Много бавно зарежда,мелодийката при влизане и излизане е със един такъв доста треперещ звук.След това всяко действие също става бавно,почна да блокирва накрая.Имах антивирусна avast.Отначало при сканиране ми откри заразени обекти.Изтрих ги.Последващите сканирания не показаха нищо,но симптомите си останаха.С Windows XP съм.Махнах avasta и сложих ЕСЕТ Nod32.Също откри зарази,но нещата се повториха както с avast.Malwarebytes Anti-Malware нищо не откриваше/а към този момент от Safe Mode with Networking не мога и да я стартирам...изписва ми съобщение "Run-time error '339'.Component 'ieframe.dll' or one of its dependencies not correctly registered:a file is missing or invalid"/,Вече много рядко влизам в нормален режим,а само в Safe Mode with Networking.Пробвах да се изчистя с не един и два инструмента,но оправия няма.Вече не мога да стартирам Internet Explorer,Mozzila много бавно се стартира и единствено Google Crome е добре долу горе.Днес кой знае защо при използване на комбинацията ctrl+shift взе че се появи и трета транскрипция/ако правилно се изразявам/.Може би имам руткит.При сканиране с GMER обаче не откривам оцветени в червено резултати,а за руткит последно ми показва  3 ключа от регистъра които се опитах да изтрия но безуспешно.Изписва ми "Error Opening Key.Cannot open System:Error while opening key" когато се опитвам да вляза в папката където са.Направих буутващ диск с Avira Antivir Rescue System,но след като почне да зарежда ми излиза ето това "BusyBox v1.18.5 (Ubuntu 1:1.18.5-1 ubuntu4.1) built-in shell (ash).Enter 'help' for a list of built-in commands.(initramfs) Unable to find a medium containing a live file system".Сега сканирам с Kaspersky Virus Removal Tool и ми излязоха досега две съобщения за някакви файлове защитени с парола,единият в папка "temp".Ето логовете от DDS:DDS (Ver_2012-11-20.01) - NTFS_x86 NETWORK

Internet Explorer: 8.0.6001.18702  BrowserJavaVersion: 11.0.0
Run by zdrave at 16:45:48 on 2013-08-14
Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.1919.1263 [GMT 3:00]
.
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
AV: ESET NOD32 Antivirus 6.0 *Enabled/Outdated* {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}
FW: avast! Antivirus *Enabled* 
.
============== Running Processes ================
.
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\WINDOWS.0\Explorer.EXE
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\uTorrent\uTorrent.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS.0\system32\wbem\wmiprvse.exe
C:\WINDOWS.0\system32\svchost.exe -k netsvcs
C:\WINDOWS.0\system32\svchost.exe -k NetworkService
C:\WINDOWS.0\system32\svchost.exe -k LocalService
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.bg/
mStart Page = hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
uProxyOverride = <local>
mSearchAssistant = about:blank
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
EB: &Изследване: {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - d:\office12\REFIEBAR.DLL
uRun: [ctfmon.exe] c:\windows.0\system32\ctfmon.exe
uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"  /MINIMIZED
uRun: [skype] "c:\program files\skype\phone\Skype.exe" /minimized /regrun
uRun: [KiesPreload] c:\program files\samsung\kies\Kies.exe /preload
uRun: [] c:\program files\samsung\kies\external\firmwareupdate\KiesPDLR.exe
uRun: [GoogleDriveSync] "c:\program files\google\drive\googledrivesync.exe" /autostart
uRun: [MCShield Monitor] c:\program files\mcshield\mcshieldrtm.exe
uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe
mRun: [Wireless Console 2] "c:\program files\wireless console 2\wcourier.exe"
mRun: [Power_Gear] "c:\program files\asus\power4 gear\BatteryLife.exe" 1
mRun: [VirtualCloneDrive] "c:\program files\elaborate bytes\virtualclonedrive\VCDDaemon.exe" /s
mRun: [RTHDCPL] "RTHDCPL.EXE"
mRun: [KernelFaultCheck] c:\windows.0\system32\dumprep 0 -k
mRun: [synTPEnh] "c:\program files\synaptics\syntp\SynTPEnh.exe"
mRun: [VolumeTray] c:\program files\volumetray\VolumeTray.exe
mRun: [OODefragTray] c:\program files\oo software\defrag\oodtray.exe
mRun: [KiesTrayAgent] "c:\program files\samsung\kies\KiesTrayAgent.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [DivXMediaServer] "c:\program files\divx\divx media server\DivXMediaServer.exe"
mRun: [egui] "c:\program files\eset\eset nod32 antivirus\egui.exe" /hide /waitservice
mRunOnce: [Malwarebytes Anti-Malware] c:\program files\malwarebytes' anti-malware\mbamgui.exe /install /silent
dRun: [CTFMON.EXE] c:\windows.0\system32\CTFMON.EXE
dRunOnce: [iE8] rundll32 advpack.dll,LaunchINFSection IE8.INF,FirstUserStart
dRunOnce: [showDeskFix] regsvr32 /s /n /i:u shell32
StartupFolder: c:\docume~1\zdrave~1.cha\startm~1\programs\startup\pandausbvaccine.lnk - c:\program files\panda usb vaccine\USBVaccine.exe
StartupFolder: c:\docume~1\zdrave~1.cha\startm~1\programs\startup\autorunsdisabled\2yourface_updater.lnk - c:\documents and settings\zdrave.changeme1\application data\2yourface\Updater.exe
StartupFolder: c:\docume~1\alluse~1.0\startm~1\programs\startup\o&o defrag tray.lnk - c:\windows.0\installer\{d66100d4-640b-4aac-82ba-0b6444fba064}\DefragIcon.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:32
mPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDriveTypeAutoRun = dword:145
IE: &Експортиране към Microsoft Excel - d:\office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - d:\office12\ONBttnIE.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - <orphaned>
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {17492023-C23A-453E-A040-C7C580BBF700} - hxxp://download.microsoft.com/download/E/5/6/E5611B10-0D6D-4117-8430-A67417AA88CD/LegitCheckControl.cab
DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} - hxxp://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1357364202656
DPF: {70B410C0-11D4-BADA-8308-0080C8D7ED4A} - hxxp://cached.gamedesire.com/g_bin/eng/bridge_2_0_0_28.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.8.0/jinstall-1_8_0-windows-i586.cab
DPF: {CAFEEFAC-0016-0000-0037-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_37-windows-i586.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{257E7B77-F6C0-4B80-8FAD-FB1AD02CF22D} : DHCPNameServer = 192.168.1.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - d:\office12\GrooveSystemServices.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: AtiExtEvent - Ati2evxx.dll
SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows.0\system32\WPDShServiceObj.dll
SEH: SABShellExecuteHook Class - {5AE067D3-9AFB-48E0-853A-EBB7F4A000DA} - c:\program files\superantispyware\SASSEH.DLL
LSA: Security Packages =  kerberos msv1_0 schannel wdigest l
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\28.0.1500.72\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\documents and settings\zdrave.changeme1\application data\mozilla\firefox\profiles\mvnvfmzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - component: c:\documents and settings\zdrave.changeme1\application data\mozilla\firefox\profiles\mvnvfmzf.default\extensions\{414b6d9d-4a95-4e8d-b5b1-149dd2d93bb3}\components\RadioWMPCoreGecko19.dll
FF - component: c:\documents and settings\zdrave.changeme1\application data\mozilla\firefox\profiles\mvnvfmzf.default\extensions\engine@conduit.com\components\RadioWMPCoreGecko19.dll
FF - component: c:\program files\avg\avg8\firefox\components\avgssff.dll
FF - plugin: c:\program files\adobe\reader 11.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\google\update\1.3.21.153\npGoogleUpdate3.dll
FF - plugin: c:\program files\microsoft silverlight\5.1.20513.0\npctrlui.dll
FF - plugin: c:\windows.0\system32\macromed\flash\NPSWF32_11_8_800_94.dll
FF - plugin: c:\windows.0\system32\npDeployJava1.dll
FF - plugin: c:\windows.0\system32\npptools.dll
FF - ExtSQL: 2013-06-26 20:40; ftd@ftd.com; c:\documents and settings\zdrave.changeme1\application data\mozilla\firefox\profiles\mvnvfmzf.default\extensions\ftd@ftd.com.xpi
FF - ExtSQL: 2013-08-02 08:12; plugin@getwebcake.com; c:\documents and settings\zdrave.changeme1\application data\mozilla\firefox\profiles\mvnvfmzf.default\extensions\plugin@getwebcake.com
.
---- FIREFOX POLICIES ----
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639&q=
FF - user.js: extensions.funmoods.id - 00FF09E3136146E0
FF - user.js: extensions.funmoods.instlDay - 15604
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2216:49:6
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - nv1
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - nv1
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extentions.y2layers.installId - 25d6df24-2b28-4838-991c-8a96bbecf796
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=480846e00000000000000015afae718f&q=
FF - user.js: extensions.BabylonToolbar.id - 480846e00000000000000015afae718f
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15627
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.78:45:24
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=116775&tt=101012_24_4112_2
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - 6e1cb162-63b3-43d9-9494-84a711b1219e
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extentions.webcake.installId - 0c90ef80-fc69-4b17-83d2-47e96b0ff380
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 480846e0000000000000000400008d08
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15919
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.08:15:05
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=4962
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
.
============= SERVICES / DRIVERS ===============
.
R0 aswKbd;aswKbd;c:\windows.0\system32\drivers\aswKbd.sys [2012-12-18 21576]
R1 epfwtdir;epfwtdir;c:\windows.0\system32\drivers\epfwtdir.sys [2012-10-8 104736]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCore.exe [2013-5-23 119056]
S0 10793436;10793436;c:\windows.0\system32\drivers\33345492.sys --> c:\windows.0\system32\drivers\33345492.sys [?]
S0 aswRvrt;aswRvrt;c:\windows.0\system32\drivers\aswRvrt.sys [2013-3-16 49376]
S0 aswVmm;aswVmm;c:\windows.0\system32\drivers\aswVmm.sys [2013-3-16 175176]
S0 hitmanpro37duringboot;hitmanpro37duringboot;c:\windows.0\system32\drivers\hitmanpro37.sys --> c:\windows.0\system32\drivers\hitmanpro37.sys [?]
S1 aswSnx;aswSnx;c:\windows.0\system32\drivers\aswSnx.sys [2012-12-2 770344]
S1 aswSP;aswSP;c:\windows.0\system32\drivers\aswSP.sys [2012-12-2 369584]
S1 ehdrv;ehdrv;c:\windows.0\system32\drivers\ehdrv.sys [2012-10-8 121216]
S1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2011-7-22 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2011-7-13 67664]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/05/27 00:27:15];c:\program files\cyberlink\powerdvd10\navfilter\000.fcl [2012-8-15 87536]
S2 aswFsBlk;aswFsBlk;c:\windows.0\system32\drivers\aswFsBlk.sys [2012-12-2 29816]
S2 aswMonFlt;aswMonFlt;c:\windows.0\system32\drivers\aswMonFlt.sys [2013-3-16 66336]
S2 avast! Antivirus;avast! Antivirus;"c:\program files\avast software\avast\avastsvc.exe" --> c:\program files\avast software\avast\AvastSvc.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows.0\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 ekrn;ESET Service;c:\program files\eset\eset nod32 antivirus\ekrn.exe [2012-11-26 1329304]
S2 HitmanProScheduler;HitmanPro Scheduler;c:\program files\hitmanpro\hmpsched.exe [2013-8-2 106280]
S2 LBeepKE;Logitech Beep Suppression Driver;c:\windows.0\system32\drivers\LBeepKE.sys [2012-12-6 12184]
S2 OODefragAgent;O&O Defrag;c:\program files\oo software\defrag\oodag.exe [2013-4-19 2034480]
S2 PanService;PandoraService;c:\program files\pandora.tv\panservice\PandoraService.exe [2013-2-4 625304]
S2 Skype C2C Service;Skype C2C Service;c:\documents and settings\all users.windows.0\application data\skype\toolbars\skype c2c service\c2c_service.exe [2013-5-14 3289208]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2013-6-3 162408]
S2 WebCakeUpdater;WebCakeUpdater;c:\program files\web cake\WebCakeDesktop.Updater.exe [2013-8-2 51992]
S3 Ambfilt;Ambfilt;c:\windows.0\system32\drivers\Ambfilt.sys [2011-4-6 1691480]
S3 BPNOFQ;BPNOFQ;c:\docume~1\zdrave~1.cha\locals~1\temp\bpnofq.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\BPNOFQ.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);c:\windows.0\system32\drivers\ssudbus.sys [2013-4-25 83864]
S3 dgderdrv;dgderdrv;c:\windows.0\system32\drivers\dgderdrv.sys [2013-3-10 20032]
S3 esgiguard;esgiguard;\??\c:\program files\enigma software group\spyhunter\esgiguard.sys --> c:\program files\enigma software group\spyhunter\esgiguard.sys [?]
S3 FUPYPF;FUPYPF;c:\docume~1\zdrave~1.cha\locals~1\temp\fupypf.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\FUPYPF.exe [?]
S3 GGV;GGV;c:\docume~1\zdrave~1.cha\locals~1\temp\ggv.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\GGV.exe [?]
S3 K;K;c:\docume~1\zdrave~1.cha\locals~1\temp\k.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\K.exe [?]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows.0\system32\drivers\mbamswissarmy.sys [2013-8-3 40776]
S3 RDZYD;RDZYD;c:\docume~1\zdrave~1.cha\locals~1\temp\rdzyd.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\RDZYD.exe [?]
S3 SbieDrv;SbieDrv;c:\program files\sandboxie\SbieDrv.sys [2013-6-17 159208]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);c:\windows.0\system32\drivers\ssudmdm.sys [2013-4-25 181912]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);c:\windows.0\system32\drivers\ssudserd.sys [2013-4-25 181912]
S3 SWDUMon;SWDUMon;c:\windows.0\system32\drivers\SWDUMon.sys [2011-4-3 12984]
S3 TOWYFF;TOWYFF;c:\docume~1\zdrave~1.cha\locals~1\temp\towyff.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\TOWYFF.exe [?]
S3 TrufosAlt;TrufosAlt;c:\windows.0\system32\drivers\TrufosAlt.sys [2013-8-3 356408]
S3 UNOQ;UNOQ;c:\docume~1\zdrave~1.cha\locals~1\temp\unoq.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\UNOQ.exe [?]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows.0\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2013-4-16 755880]
S3 XPXWAZJ;XPXWAZJ;c:\docume~1\zdrave~1.cha\locals~1\temp\xpxwazj.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\XPXWAZJ.exe [?]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;c:\program files\iobit\advanced systemcare 5\ascservice.exe --> c:\program files\iobit\advanced systemcare 5\ASCService.exe [?]
S4 avgtp;avgtp;c:\windows.0\system32\drivers\avgtpx86.sys [2012-8-13 26984]
S4 cpuz136;cpuz136;\??\c:\windows.0\temp\cpuz136\cpuz136_x32.sys --> c:\windows.0\temp\cpuz136\cpuz136_x32.sys [?]
S4 DKRtWrt;DKRtWrt;c:\windows.0\system32\drivers\DKRtWrt.sys [2012-7-16 38608]
S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"c:\program files\roxio\digital home 10\roxioupnprenderer10.exe" --> c:\program files\roxio\digital home 10\RoxioUPnPRenderer10.exe [?]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10;"c:\program files\roxio\digital home 10\roxioupnpservice10.exe" --> c:\program files\roxio\digital home 10\RoxioUpnpService10.exe [?]
S4 RoxLiveShare10;LiveShare P2P Server 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxLiveShare10.exe [2007-8-24 309744]
S4 RoxMediaDB10;RoxMediaDB10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxMediaDB10.exe [2007-8-24 1083888]
S4 RoxWatch10;Roxio Hard Drive Watcher 10;c:\program files\common files\roxio shared\10.0\sharedcom\RoxWatch10.exe [2007-8-24 166384]
S4 SessionLauncher;SessionLauncher;c:\docume~1\zdrave~1.cha\locals~1\temp\dx9\sessionlauncher.exe --> c:\docume~1\zdrave~1.cha\locals~1\temp\dx9\SessionLauncher.exe [?]
.
=============== Created Last 30 ================
.
2013-08-14 13:17:53 22856 ----a-w- c:\windows.0\system32\drivers\mbam.sys
2013-08-14 13:17:53 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2013-08-09 03:05:32 -------- d-----w- c:\documents and settings\all users.windows.0\application data\Panda Security
2013-08-09 03:05:21 -------- d-----w- c:\program files\Panda USB Vaccine
2013-08-08 08:04:20 381816 ----a-w- C:\PsExec.exe
2013-08-03 17:08:15 -------- d-----w- c:\documents and settings\all users.windows.0\application data\Comodo
2013-08-03 17:08:02 -------- d-----w- c:\documents and settings\all users.windows.0\application data\Comodo Downloader
2013-08-03 15:27:24 40776 ----a-w- c:\windows.0\system32\drivers\mbamswissarmy.sys
2013-08-03 14:25:08 356408 ----a-w- c:\windows.0\system32\drivers\TrufosAlt.sys
2013-08-02 05:32:44 -------- d-----w- c:\program files\HitmanPro
2013-08-02 05:31:34 -------- d-----w- c:\documents and settings\all users.windows.0\application data\HitmanPro
2013-08-02 05:12:12 -------- d-----w- c:\documents and settings\zdrave.changeme1\application data\Web Cake
2013-08-02 05:12:11 -------- d-----w- c:\program files\Web Cake
2013-08-02 05:12:06 -------- d-----w- c:\documents and settings\zdrave.changeme1\local settings\application data\Cool_Mirage
2013-08-01 05:31:25 -------- d-----w- C:\TDSSKiller_Quarantine
2013-07-27 17:51:09 -------- d-----w- c:\program files\Mozilla Maintenance Service
2013-07-21 20:30:48 -------- d-----w- c:\documents and settings\all users.windows.0\application data\MCShield
2013-07-21 20:30:47 -------- d-----w- c:\program files\MCShield
2013-07-21 18:54:35 127899222 ----a-w- C:\руткит-бакъп на регистрите-21.07.2013.reg
2013-07-20 19:49:22 -------- d-----w- c:\documents and settings\zdrave.changeme1\application data\Process Hacker 2
2013-07-20 19:44:15 -------- d-----w- c:\program files\Process Hacker 2
2013-07-20 05:56:46 -------- d-----w- c:\documents and settings\zdrave.changeme1\application data\SUPERAntiSpyware.com
2013-07-20 05:55:28 -------- d-----w- c:\program files\SUPERAntiSpyware
2013-07-20 05:55:28 -------- d-----w- c:\documents and settings\all users.windows.0\application data\SUPERAntiSpyware.com
2013-07-19 19:35:01 -------- d-----w- c:\documents and settings\zdrave.changeme1\local settings\application data\ESET
2013-07-19 05:50:20 -------- d-----w- c:\program files\ESET
2013-07-17 04:20:50 74136 ----a-w- c:\program files\mozilla firefox\breakpadinjector.dll
2013-07-17 04:20:50 6128760 ----a-w- c:\program files\mozilla firefox\browser\extensions\{82af8dca-6de9-405d-bd5e-43525bdad38a}\components\SkypeFfComponent.dll
2013-07-17 04:20:50 263576 ----a-w- c:\program files\mozilla firefox\browser\components\browsercomps.dll
2013-07-17 04:20:50 19352 ----a-w- c:\program files\mozilla firefox\AccessibleMarshal.dll
.
==================== Find3M  ====================
.
2013-07-27 17:41:17 692104 -c--a-w- c:\windows.0\system32\FlashPlayerApp.exe
2013-07-27 17:41:16 71048 -c--a-w- c:\windows.0\system32\FlashPlayerCPLApp.cpl
2013-07-13 19:31:07 770344 ----a-w- c:\windows.0\system32\drivers\aswSnx.sys
2013-07-13 19:31:07 175176 ----a-w- c:\windows.0\system32\drivers\aswVmm.sys
2013-07-06 16:56:27 256904 -c--a-w- c:\windows.0\system32\drivers\tmcomm.sys
2013-07-04 22:02:06 22064 ----a-w- c:\windows.0\DCEBoot.exe
2013-07-04 22:02:06 181808 ----a-w- c:\windows.0\RegBootClean.exe
2013-06-07 21:56:06 920064 ----a-w- c:\windows.0\system32\wininet.dll
2013-06-07 21:56:06 43520 ----a-w- c:\windows.0\system32\licmgr10.dll
2013-06-07 21:56:05 1469440 ----a-w- c:\windows.0\system32\inetcpl.cpl
2013-06-07 20:55:44 385024 ----a-w- c:\windows.0\system32\html.iec
2013-06-04 07:23:02 562688 ----a-w- c:\windows.0\system32\qedit.dll
2013-06-04 01:40:45 1876736 ----a-w- c:\windows.0\system32\win32k.sys
2010-06-02 03:22:02 537432 -c--a-w- c:\program files\DXSETUP.exe
.
============= FINISH: 16:49:27,10 ===============
.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows XP Professional
Boot Device: \Device\HarddiskVolume1
Install Date: 03.3.2010 г. 17:51:34
System Uptime: 14.8.2013 г. 08:11:24 (8 hours ago)
.
Motherboard: ASUSTeK Computer Inc. |  | X51RL     
Processor: Intel® Core2 Duo CPU     T5250  @ 1.50GHz | Socket 478 | 1496/167mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 195 GiB total, 3,968 GiB free.
D: is FIXED (NTFS) - 38 GiB total, 0,707 GiB free.
E: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: 
Description: Modem Device on High Definition Audio Bus
Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_104310C6&REV_1007\4&207EDAAF&0&0101
Manufacturer: 
Name: Modem Device on High Definition Audio Bus
PNP Device ID: HDAUDIO\FUNC_02&VEN_1057&DEV_3055&SUBSYS_104310C6&REV_1007\4&207EDAAF&0&0101
Service: 
.
Class GUID: {4D36E97B-E325-11CE-BFC1-08002BE10318}
Description: Virtual CloneDrive
Device ID: ROOT\SCSIADAPTER\0000
Manufacturer: Elaborate Bytes AG
Name: Virtual CloneDrive
PNP Device ID: ROOT\SCSIADAPTER\0000
Service: VClone
.
==== System Restore Points ===================
.
No restore point in system.
.
==== Installed Programs ======================
.
µTorrent
Adobe AIR
Adobe Flash Player 11 ActiveX
Adobe Flash Player 11 Plugin
Adobe Reader XI (11.0.03)
AMD Catalyst Install Manager
Ashampoo Burning Studio 8.02
ASUS MultiFrame
Atheros Client Installation Program
Atheros Driver Installation Program
ATI Catalyst Control Center
ATI Display Driver
ATI Parental Control & Encoder
ATK Hotkey
Auslogics Registry Defrag
Bridge Baron 20
Bridge Base Online
Bulgarian (Phonetic) by Iliya Dankov
Catalyst Control Center Core Implementation
Catalyst Control Center Graphics Full Existing
Catalyst Control Center Graphics Full New
Catalyst Control Center Graphics Light
Catalyst Control Center Localization Chinese Standard
Catalyst Control Center Localization Chinese Traditional
Catalyst Control Center Localization Czech
Catalyst Control Center Localization Danish
Catalyst Control Center Localization Dutch
Catalyst Control Center Localization Finnish
Catalyst Control Center Localization French
Catalyst Control Center Localization German
Catalyst Control Center Localization Greek
Catalyst Control Center Localization Hungarian
Catalyst Control Center Localization Italian
Catalyst Control Center Localization Japanese
Catalyst Control Center Localization Korean
Catalyst Control Center Localization Norwegian
Catalyst Control Center Localization Polish
Catalyst Control Center Localization Portuguese
Catalyst Control Center Localization Russian
Catalyst Control Center Localization Spanish
Catalyst Control Center Localization Swedish
Catalyst Control Center Localization Thai
Catalyst Control Center Localization Turkish
ccc-core-preinstall
ccc-core-static
ccc-utility
CCC Help Chinese Standard
CCC Help Chinese Traditional
CCC Help Czech
CCC Help Danish
CCC Help Dutch
CCC Help English
CCC Help Finnish
CCC Help French
CCC Help German
CCC Help Greek
CCC Help Hungarian
CCC Help Italian
CCC Help Japanese
CCC Help Korean
CCC Help Norwegian
CCC Help Polish
CCC Help Portuguese
CCC Help Russian
CCC Help Spanish
CCC Help Swedish
CCC Help Thai
CCC Help Turkish
CCE SP Trial Version
CCleaner
CyberLink PowerDVD 10
DirectXInstallService
DVD Decrypter (Remove Only)
DVD Shrink 3.2
eMule
eReg
ESET NOD32 Antivirus
FairUse Wizard
FairUse Wizard 3D
Google Chrome
Google Drive
Google Update Helper
HandBrake 0.9.8
HitmanPro 3.7
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
Hotfix for Microsoft .NET Framework 4 Client Profile (KB2461678)
Hotfix for Windows XP (KB2158563)
Hotfix for Windows XP (KB2443685)
Hotfix for Windows XP (KB2570791)
Hotfix for Windows XP (KB2633952)
Hotfix for Windows XP (KB2756822)
Hotfix for Windows XP (KB2779562)
Hotfix for Windows XP (KB942288-v3)
Hotfix for Windows XP (KB976002-v5)
Java Auto Updater
K-Lite Codec Pack 9.8.0 (Full)
LodeRunner2
Malwarebytes Anti-Malware, версия 1.75.0.1300
MCShield ::Anti-Malware Tool::
Microsoft .NET Framework 1.1
Microsoft .NET Framework 1.1 Security Update (KB2698023)
Microsoft .NET Framework 1.1 Security Update (KB2833941)
Microsoft .NET Framework 2.0 Service Pack 2
Microsoft .NET Framework 3.0 Service Pack 2
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Compression Client Pack 1.0 for Windows XP
Microsoft Kernel-Mode Driver Framework Feature Pack 1.9
Microsoft Office 2007 Service Pack 3 (SP3)
Microsoft Office Access MUI (Bulgarian) 2007
Microsoft Office Enterprise 2007
Microsoft Office Excel MUI (Bulgarian) 2007
Microsoft Office File Validation Add-In
Microsoft Office Groove MUI (Bulgarian) 2007
Microsoft Office InfoPath MUI (Bulgarian) 2007
Microsoft Office OneNote MUI (Bulgarian) 2007
Microsoft Office Outlook MUI (Bulgarian) 2007
Microsoft Office PowerPoint MUI (Bulgarian) 2007
Microsoft Office Proof (Bulgarian) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (German) 2007
Microsoft Office Proof (Russian) 2007
Microsoft Office Proofing (Bulgarian) 2007
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)
Microsoft Office Publisher MUI (Bulgarian) 2007
Microsoft Office Shared MUI (Bulgarian) 2007
Microsoft Office Word MUI (Bulgarian) 2007
Microsoft Silverlight
Microsoft Software Update for Web Folders  (Bulgarian) 12
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Mozilla Firefox 22.0 (x86 en-US)
Mozilla Maintenance Service
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
MSXML 4.0 SP3 Parser
MSXML 4.0 SP3 Parser (KB2721691)
MSXML 4.0 SP3 Parser (KB2758694)
MyFreeCodec
Need For Speed Hot Pursuit 2
O&O Defrag Professional
Panda USB Vaccine 1.0.1.4
Pandora Service
Power4 Gear
Process Hacker 2.30 (r5267)
Real Alternative 1.7.5
REALTEK GbE & FE Ethernet PCI-E NIC Driver
REALTEK GbE & FE Ethernet PCI NIC Driver
Realtek High Definition Audio Driver
Revo Uninstaller 1.95
RICOH Media Driver
Roxio Activation Module
Samsung Kies
Samsung Story Album Viewer
SAMSUNG USB Driver for Mobile Phones
Security Update for CAPICOM (KB931906)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2604111)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2657424)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2736416)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2840629)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2729449)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2737019)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2742595)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2789642)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2804576)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2832407)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2835393)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2840628)
Security Update for Microsoft Office 2007 suites (KB2596615) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596744) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596754) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2596785) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596792) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2596871) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2597969) 32-Bit Edition
Security Update for Microsoft Office 2007 suites (KB2687309) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687311) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687439) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687441) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2687499) 32-Bit Edition 
Security Update for Microsoft Office 2007 suites (KB2760416) 32-Bit Edition 
Security Update for Microsoft Office Excel 2007 (KB2687307) 32-Bit Edition 
Security Update for Microsoft Office InfoPath 2007 (KB2687440) 32-Bit Edition 
Security Update for Microsoft Office PowerPoint 2007 (KB2596764) 32-Bit Edition
Security Update for Microsoft Office PowerPoint 2007 (KB2596912) 32-Bit Edition
Security Update for Microsoft Office Publisher 2007 (KB2597971) 32-Bit Edition 
Security Update for Microsoft Office Word 2007 (KB2760421) 32-Bit Edition 
Security Update for Microsoft Windows (KB2564958)
Security Update for Windows Internet Explorer 8 (KB2183461)
Security Update for Windows Internet Explorer 8 (KB2360131)
Security Update for Windows Internet Explorer 8 (KB2416400)
Security Update for Windows Internet Explorer 8 (KB2482017)
Security Update for Windows Internet Explorer 8 (KB2497640)
Security Update for Windows Internet Explorer 8 (KB2510531)
Security Update for Windows Internet Explorer 8 (KB2530548)
Security Update for Windows Internet Explorer 8 (KB2544521)
Security Update for Windows Internet Explorer 8 (KB2559049)
Security Update for Windows Internet Explorer 8 (KB2586448)
Security Update for Windows Internet Explorer 8 (KB2618444)
Security Update for Windows Internet Explorer 8 (KB2647516)
Security Update for Windows Internet Explorer 8 (KB2675157)
Security Update for Windows Internet Explorer 8 (KB2699988)
Security Update for Windows Internet Explorer 8 (KB2722913)
Security Update for Windows Internet Explorer 8 (KB2744842)
Security Update for Windows Internet Explorer 8 (KB2761465)
Security Update for Windows Internet Explorer 8 (KB2792100)
Security Update for Windows Internet Explorer 8 (KB2797052)
Security Update for Windows Internet Explorer 8 (KB2799329)
Security Update for Windows Internet Explorer 8 (KB2809289)
Security Update for Windows Internet Explorer 8 (KB2817183)
Security Update for Windows Internet Explorer 8 (KB2829530)
Security Update for Windows Internet Explorer 8 (KB2838727)
Security Update for Windows Internet Explorer 8 (KB2846071)
Security Update for Windows Internet Explorer 8 (KB2847204)
Security Update for Windows Internet Explorer 8 (KB978207)
Security Update for Windows Internet Explorer 8 (KB981332)
Security Update for Windows Internet Explorer 8 (KB982381)
Security Update for Windows Media Player (KB2378111)
Security Update for Windows Media Player (KB2834904)
Security Update for Windows Media Player (KB975558)
Security Update for Windows Media Player (KB978695)
Security Update for Windows XP (KB2079403)
Security Update for Windows XP (KB2115168)
Security Update for Windows XP (KB2121546)
Security Update for Windows XP (KB2160329)
Security Update for Windows XP (KB2229593)
Security Update for Windows XP (KB2259922)
Security Update for Windows XP (KB2279986)
Security Update for Windows XP (KB2286198)
Security Update for Windows XP (KB2296011)
Security Update for Windows XP (KB2296199)
Security Update for Windows XP (KB2347290)
Security Update for Windows XP (KB2360937)
Security Update for Windows XP (KB2387149)
Security Update for Windows XP (KB2393802)
Security Update for Windows XP (KB2412687)
Security Update for Windows XP (KB2419632)
Security Update for Windows XP (KB2423089)
Security Update for Windows XP (KB2436673)
Security Update for Windows XP (KB2440591)
Security Update for Windows XP (KB2443105)
Security Update for Windows XP (KB2476490)
Security Update for Windows XP (KB2476687)
Security Update for Windows XP (KB2478960)
Security Update for Windows XP (KB2478971)
Security Update for Windows XP (KB2479628)
Security Update for Windows XP (KB2479943)
Security Update for Windows XP (KB2481109)
Security Update for Windows XP (KB2483185)
Security Update for Windows XP (KB2485376)
Security Update for Windows XP (KB2485663)
Security Update for Windows XP (KB2503658)
Security Update for Windows XP (KB2503665)
Security Update for Windows XP (KB2506212)
Security Update for Windows XP (KB2506223)
Security Update for Windows XP (KB2507618)
Security Update for Windows XP (KB2507938)
Security Update for Windows XP (KB2508272)
Security Update for Windows XP (KB2508429)
Security Update for Windows XP (KB2509553)
Security Update for Windows XP (KB2511455)
Security Update for Windows XP (KB2524375)
Security Update for Windows XP (KB2535512)
Security Update for Windows XP (KB2536276-v2)
Security Update for Windows XP (KB2536276)
Security Update for Windows XP (KB2544893-v2)
Security Update for Windows XP (KB2544893)
Security Update for Windows XP (KB2555917)
Security Update for Windows XP (KB2562937)
Security Update for Windows XP (KB2566454)
Security Update for Windows XP (KB2567053)
Security Update for Windows XP (KB2567680)
Security Update for Windows XP (KB2570222)
Security Update for Windows XP (KB2570947)
Security Update for Windows XP (KB2584146)
Security Update for Windows XP (KB2585542)
Security Update for Windows XP (KB2592799)
Security Update for Windows XP (KB2598479)
Security Update for Windows XP (KB2603381)
Security Update for Windows XP (KB2618451)
Security Update for Windows XP (KB2619339)
Security Update for Windows XP (KB2620712)
Security Update for Windows XP (KB2621440)
Security Update for Windows XP (KB2624667)
Security Update for Windows XP (KB2631813)
Security Update for Windows XP (KB2633171)
Security Update for Windows XP (KB2639417)
Security Update for Windows XP (KB2641653)
Security Update for Windows XP (KB2646524)
Security Update for Windows XP (KB2647518)
Security Update for Windows XP (KB2653956)
Security Update for Windows XP (KB2655992)
Security Update for Windows XP (KB2659262)
Security Update for Windows XP (KB2660465)
Security Update for Windows XP (KB2661637)
Security Update for Windows XP (KB2676562)
Security Update for Windows XP (KB2685939)
Security Update for Windows XP (KB2686509)
Security Update for Windows XP (KB2691442)
Security Update for Windows XP (KB2695962)
Security Update for Windows XP (KB2698365)
Security Update for Windows XP (KB2705219)
Security Update for Windows XP (KB2707511)
Security Update for Windows XP (KB2709162)
Security Update for Windows XP (KB2712808)
Security Update for Windows XP (KB2718523)
Security Update for Windows XP (KB2719985)
Security Update for Windows XP (KB2723135)
Security Update for Windows XP (KB2724197)
Security Update for Windows XP (KB2727528)
Security Update for Windows XP (KB2731847)
Security Update for Windows XP (KB2753842-v2)
Security Update for Windows XP (KB2753842)
Security Update for Windows XP (KB2757638)
Security Update for Windows XP (KB2758857)
Security Update for Windows XP (KB2761226)
Security Update for Windows XP (KB2770660)
Security Update for Windows XP (KB2778344)
Security Update for Windows XP (KB2779030)
Security Update for Windows XP (KB2780091)
Security Update for Windows XP (KB2799494)
Security Update for Windows XP (KB2802968)
Security Update for Windows XP (KB2807986)
Security Update for Windows XP (KB2808735)
Security Update for Windows XP (KB2813170)
Security Update for Windows XP (KB2813345)
Security Update for Windows XP (KB2820197)
Security Update for Windows XP (KB2820917)
Security Update for Windows XP (KB2829361)
Security Update for Windows XP (KB2834886)
Security Update for Windows XP (KB2839229)
Security Update for Windows XP (KB2845187)
Security Update for Windows XP (KB2850851)
Security Update for Windows XP (KB975562)
Security Update for Windows XP (KB979482)
Security Update for Windows XP (KB979559)
Security Update for Windows XP (KB979687)
Security Update for Windows XP (KB980195)
Security Update for Windows XP (KB980218)
Security Update for Windows XP (KB980436)
Security Update for Windows XP (KB981322)
Security Update for Windows XP (KB981852)
Security Update for Windows XP (KB981957)
Security Update for Windows XP (KB981997)
Security Update for Windows XP (KB982132)
Security Update for Windows XP (KB982214)
Security Update for Windows XP (KB982665)
Security Update for Windows XP (KB982802)
Sentinel HASP Run-time
Sereby's Updatepack - IE8 Addon Version 1.0.7
Skins
Skype Click to Call
Skype™ 6.5
SpywareBlaster 5.0
Subtitle Edit 3.3.3
Subtitle Workshop 2.51
SUPERAntiSpyware
Synaptics Pointing Device Driver
The KMPlayer (remove only)
Unlocker 1.9.0
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596802) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition
Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition
Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2817563) 32-Bit Edition
Update for Windows Internet Explorer 8 (KB976662)
Update for Windows Internet Explorer 8 (KB980182)
Update for Windows XP (KB2141007)
Update for Windows XP (KB2345886)
Update for Windows XP (KB2467659)
Update for Windows XP (KB2541763)
Update for Windows XP (KB2607712)
Update for Windows XP (KB2616676-v2)
Update for Windows XP (KB2641690)
Update for Windows XP (KB2661254-v2)
Update for Windows XP (KB2718704)
Update for Windows XP (KB2736233)
Update for Windows XP (KB2749655)
Update for Windows XP (KB971029)
VC80CRTRedist - 8.0.50727.6195
viDrop (remove only)
VirtualCloneDrive
VolumeTray (remove only)
WebFldrs XP
Windows Bulgarian Interface Pack
Windows Media Format 11 runtime
Windows Media Player 11
WinRAR 4.20 (32-bit)
Wireless Console 2
XviD MPEG4 Video Codec (remove only)
.
==== Event Viewer Messages From Past Week ========
.
14.8.2013 г. 16:13:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
14.8.2013 г. 08:17:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
14.8.2013 г. 08:17:12, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
14.8.2013 г. 08:17:12, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
14.8.2013 г. 08:17:12, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
14.8.2013 г. 08:16:59, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 21:52:25, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 21:33:55, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 21:17:05, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 21:15:11, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 21:04:45, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 21:01:59, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
13.8.2013 г. 21:01:59, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
13.8.2013 г. 21:01:59, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
13.8.2013 г. 21:01:52, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 20:51:09, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
13.8.2013 г. 20:51:08, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the PandoraService service to connect.
13.8.2013 г. 20:51:08, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the O&O Defrag service to connect.
13.8.2013 г. 20:51:08, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
13.8.2013 г. 20:51:08, error: Service Control Manager [7000]  - The PandoraService service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
13.8.2013 г. 20:51:08, error: Service Control Manager [7000]  - The O&O Defrag service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
13.8.2013 г. 20:51:08, error: Service Control Manager [7000]  - The avast! Antivirus service failed to start due to the following error:  The system cannot find the path specified.
13.8.2013 г. 20:51:08, error: Service Control Manager [7000]  - The Ati HotKey Poller service failed to start due to the following error:  The system cannot find the file specified.
13.8.2013 г. 20:49:58, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 20:47:45, error: ati2mtag [45062]  - CRT invalid display type
13.8.2013 г. 20:41:31, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 20:40:12, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 20:22:43, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 20:22:35, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 20:05:33, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 19:34:12, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 19:32:43, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 19:32:32, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 19:32:05, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 18:39:57, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 18:38:59, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
13.8.2013 г. 18:38:59, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
13.8.2013 г. 18:38:59, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
13.8.2013 г. 18:38:53, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 17:31:07, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 17:30:56, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
13.8.2013 г. 17:24:16, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
13.8.2013 г. 17:24:16, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
13.8.2013 г. 17:24:16, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
13.8.2013 г. 17:24:16, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
13.8.2013 г. 17:24:16, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
13.8.2013 г. 17:24:16, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
13.8.2013 г. 17:24:16, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
13.8.2013 г. 17:24:13, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
13.8.2013 г. 17:24:01, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 17:22:53, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 15:22:57, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 15:14:35, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 08:25:17, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 08:23:44, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 06:53:01, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
13.8.2013 г. 05:23:07, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
13.8.2013 г. 05:23:07, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
13.8.2013 г. 05:23:07, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
13.8.2013 г. 05:22:53, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
13.8.2013 г. 05:22:52, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 05:09:19, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
13.8.2013 г. 05:09:19, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
13.8.2013 г. 05:09:00, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 05:05:54, error: ati2mtag [45062]  - CRT invalid display type
13.8.2013 г. 04:45:31, error: SRService [104]  - The System Restore initialization process failed.
13.8.2013 г. 04:42:46, error: Dhcp [1002]  - The IP address lease 192.168.1.3 for the Network Card with network address 000400008D08 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
13.8.2013 г. 04:42:27, error: ati2mtag [45062]  - CRT invalid display type
12.8.2013 г. 23:24:56, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 23:22:50, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
12.8.2013 г. 22:25:02, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 22:24:04, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 22:18:53, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 20:39:00, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 20:38:47, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 20:38:37, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 20:38:31, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 20:38:14, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
12.8.2013 г. 09:08:32, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 09:06:28, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
12.8.2013 г. 09:06:28, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
12.8.2013 г. 09:06:28, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12.8.2013 г. 09:06:22, error: SRService [104]  - The System Restore initialization process failed.
12.8.2013 г. 09:03:17, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 09:02:35, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12.8.2013 г. 09:02:31, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 08:46:41, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
12.8.2013 г. 08:46:41, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
12.8.2013 г. 08:46:41, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:46:41, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:46:41, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:46:41, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:46:41, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12.8.2013 г. 08:45:38, error: SRService [104]  - The System Restore initialization process failed.
12.8.2013 г. 08:43:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 08:40:17, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12.8.2013 г. 08:40:04, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
12.8.2013 г. 08:39:59, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 08:39:42, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
12.8.2013 г. 08:39:42, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
12.8.2013 г. 08:39:42, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:39:42, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:39:42, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:39:42, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
12.8.2013 г. 08:39:42, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12.8.2013 г. 08:38:26, error: SRService [104]  - The System Restore initialization process failed.
12.8.2013 г. 08:35:53, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 07:28:39, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
12.8.2013 г. 07:27:26, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
12.8.2013 г. 07:27:26, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
12.8.2013 г. 07:27:26, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
12.8.2013 г. 07:27:19, error: SRService [104]  - The System Restore initialization process failed.
11.8.2013 г. 23:10:05, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11.8.2013 г. 20:47:06, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 20:44:15, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 20:37:46, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 20:37:00, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 20:35:26, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:52:19, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:51:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:41:13, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:40:00, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:38:44, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:38:40, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 19:37:50, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 16:57:11, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 16:57:04, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
11.8.2013 г. 09:38:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
11.8.2013 г. 09:32:26, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
11.8.2013 г. 09:32:26, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
11.8.2013 г. 09:32:26, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
11.8.2013 г. 09:32:20, error: SRService [104]  - The System Restore initialization process failed.
10.8.2013 г. 22:36:52, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10.8.2013 г. 15:01:00, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
10.8.2013 г. 14:56:55, error: Dhcp [1002]  - The IP address lease 192.168.1.3 for the Network Card with network address 000400008D08 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
10.8.2013 г. 14:56:49, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
10.8.2013 г. 14:56:49, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
10.8.2013 г. 14:56:49, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
10.8.2013 г. 14:56:43, error: SRService [104]  - The System Restore initialization process failed.
09.8.2013 г. 22:27:34, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 19:26:35, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 19:23:29, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
09.8.2013 г. 19:23:29, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
09.8.2013 г. 19:23:29, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09.8.2013 г. 19:23:23, error: SRService [104]  - The System Restore initialization process failed.
09.8.2013 г. 19:20:51, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 18:46:33, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 18:46:11, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 11:56:21, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:56:20, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:55:43, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:55:12, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:55:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:55:03, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:54:49, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:54:41, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 11:54:09, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:41:18, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:35:35, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:31:45, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:29:59, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:29:49, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:27:00, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:26:15, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:26:07, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:25:45, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:25:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:19:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:18:30, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:17:49, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:17:39, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:17:05, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:16:00, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:15:51, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:15:45, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:15:24, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:14:49, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:14:29, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:14:15, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:12:10, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:10:45, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:09:18, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:08:51, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:07:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:06:14, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:04:07, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:03:38, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:03:00, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:02:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:00:28, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:00:18, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 10:00:04, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:59:08, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:58:41, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:58:31, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:55:50, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:54:38, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:54:27, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:53:30, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:52:37, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:52:05, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:50:17, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:50:04, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:49:05, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:48:17, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:44:51, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:44:50, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:42:39, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:41:46, error: atapi [9]  - The device, \Device\Ide\IdePort0, did not respond within the timeout period.
09.8.2013 г. 09:39:02, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 09:11:23, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
09.8.2013 г. 08:57:46, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 08:56:51, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 08:55:59, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
09.8.2013 г. 08:50:45, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 08:46:27, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
09.8.2013 г. 08:46:27, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
09.8.2013 г. 08:46:27, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 08:46:27, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 08:46:27, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 08:46:27, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 08:46:27, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09.8.2013 г. 08:45:13, error: SRService [104]  - The System Restore initialization process failed.
09.8.2013 г. 08:19:09, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 120 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 07:19:08, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:49:08, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:36:28, error: Service Control Manager [7034]  - The Услуга Google Update (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
09.8.2013 г. 06:36:21, error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
09.8.2013 г. 06:36:21, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswSnx
09.8.2013 г. 06:36:02, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
09.8.2013 г. 06:36:02, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the O&O Defrag service to connect.
09.8.2013 г. 06:36:02, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the ESET Service service to connect.
09.8.2013 г. 06:36:02, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09.8.2013 г. 06:36:02, error: Service Control Manager [7000]  - The O&O Defrag service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
09.8.2013 г. 06:36:02, error: Service Control Manager [7000]  - The ESET Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
09.8.2013 г. 06:36:02, error: Service Control Manager [7000]  - The avast! Antivirus service failed to start due to the following error:  The system cannot find the path specified.
09.8.2013 г. 06:36:00, error: Service Control Manager [7000]  - The Ati HotKey Poller service failed to start due to the following error:  The system cannot find the file specified.
09.8.2013 г. 06:34:07, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:34:07, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:34:02, error: SRService [104]  - The System Restore initialization process failed.
09.8.2013 г. 06:29:24, error: ati2mtag [45062]  - CRT invalid display type
09.8.2013 г. 06:13:41, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:13:41, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
09.8.2013 г. 06:13:38, error: SRService [104]  - The System Restore initialization process failed.
09.8.2013 г. 06:11:15, error: ati2mtag [45062]  - CRT invalid display type
09.8.2013 г. 06:07:17, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 06:06:49, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 06:02:09, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 06:01:59, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
09.8.2013 г. 06:01:33, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 06:00:57, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 06:00:10, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 06:00:08, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
09.8.2013 г. 05:59:28, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
09.8.2013 г. 05:59:15, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
09.8.2013 г. 05:55:45, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
09.8.2013 г. 05:55:45, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
09.8.2013 г. 05:55:45, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 05:55:45, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 05:55:45, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 05:55:45, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
09.8.2013 г. 05:55:45, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
09.8.2013 г. 05:54:32, error: SRService [104]  - The System Restore initialization process failed.
08.8.2013 г. 23:38:17, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 60 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
08.8.2013 г. 23:08:17, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 30 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
08.8.2013 г. 22:55:38, error: Service Control Manager [7034]  - The Услуга Google Update (gupdate) service terminated unexpectedly.  It has done this 1 time(s).
08.8.2013 г. 22:55:37, error: Service Control Manager [7034]  - The MBAMService service terminated unexpectedly.  It has done this 1 time(s).
08.8.2013 г. 22:55:36, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswSnx
08.8.2013 г. 22:55:36, error: Service Control Manager [7022]  - The Automatic Updates service hung on starting.
08.8.2013 г. 22:55:35, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
08.8.2013 г. 22:55:35, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the Skype C2C Service service to connect.
08.8.2013 г. 22:55:35, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the O&O Defrag service to connect.
08.8.2013 г. 22:55:35, error: Service Control Manager [7009]  - Timeout (30000 milliseconds) waiting for the ESET Service service to connect.
08.8.2013 г. 22:55:35, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
08.8.2013 г. 22:55:35, error: Service Control Manager [7000]  - The O&O Defrag service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
08.8.2013 г. 22:55:35, error: Service Control Manager [7000]  - The ESET Service service failed to start due to the following error:  The service did not respond to the start or control request in a timely fashion.
08.8.2013 г. 22:55:35, error: Service Control Manager [7000]  - The avast! Antivirus service failed to start due to the following error:  The system cannot find the path specified.
08.8.2013 г. 22:55:34, error: Service Control Manager [7000]  - The Ati HotKey Poller service failed to start due to the following error:  The system cannot find the file specified.
08.8.2013 г. 22:52:24, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
08.8.2013 г. 22:52:24, error: W32Time [17]  - Time Provider NtpClient: An error occurred during DNS lookup of the manually configured peer 'time.windows.com,0x1'. NtpClient will try the DNS lookup again in 15 minutes. The error was: A socket operation was attempted to an unreachable host. (0x80072751)
08.8.2013 г. 22:52:21, error: SRService [104]  - The System Restore initialization process failed.
08.8.2013 г. 22:47:38, error: ati2mtag [45062]  - CRT invalid display type
08.8.2013 г. 22:43:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08.8.2013 г. 22:42:49, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
08.8.2013 г. 22:40:17, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 22:39:52, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service netman with arguments "" in order to run the server: {BA126AE5-2166-11D1-B1D0-00805FC1270E}
08.8.2013 г. 22:37:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08.8.2013 г. 22:34:49, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AFD AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO epfwtdir Fips intelppm IPSec MRxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL Tcpip
08.8.2013 г. 22:34:49, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
08.8.2013 г. 22:34:49, error: Service Control Manager [7001]  - The TCP/IP NetBIOS Helper service depends on the AFD service which failed to start because of the following error:  A device attached to the system is not functioning.
08.8.2013 г. 22:34:49, error: Service Control Manager [7001]  - The IPSEC Services service depends on the IPSEC driver service which failed to start because of the following error:  A device attached to the system is not functioning.
08.8.2013 г. 22:34:49, error: Service Control Manager [7001]  - The DNS Client service depends on the TCP/IP Protocol Driver service which failed to start because of the following error:  A device attached to the system is not functioning.
08.8.2013 г. 22:34:49, error: Service Control Manager [7001]  - The DHCP Client service depends on the NetBios over Tcpip service which failed to start because of the following error:  A device attached to the system is not functioning.
08.8.2013 г. 22:34:49, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
08.8.2013 г. 22:33:35, error: SRService [104]  - The System Restore initialization process failed.
08.8.2013 г. 11:43:13, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08.8.2013 г. 11:41:22, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:41:02, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:40:43, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:40:35, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:23:06, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:08:03, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:07:10, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:06:14, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:05:24, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:04:07, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:02:37, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 11:02:23, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 10:55:22, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 10:53:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
08.8.2013 г. 06:45:59, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
08.8.2013 г. 06:45:59, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
08.8.2013 г. 06:45:59, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
08.8.2013 г. 06:45:46, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
08.8.2013 г. 06:45:45, error: SRService [104]  - The System Restore initialization process failed.
07.8.2013 г. 12:41:14, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
07.8.2013 г. 11:25:36, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
07.8.2013 г. 11:24:42, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
07.8.2013 г. 11:23:32, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
07.8.2013 г. 11:04:21, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service StiSvc with arguments "" in order to run the server: {A1F4E726-8CF1-11D1-BF92-0060081ED811}
07.8.2013 г. 08:31:56, error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  AswRdr aswRvrt aswSnx aswSP aswTdi aswVmm eamon ehdrv ElbyCDIO Fips intelppm SASDIFSV SASKUTIL
07.8.2013 г. 08:31:56, error: Service Control Manager [7023]  - The System Restore Service service terminated with the following error:  The system cannot find the file specified.
07.8.2013 г. 08:31:56, error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
07.8.2013 г. 08:31:42, error: DCOM [10005]  - DCOM got error "%1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
07.8.2013 г. 08:31:41, error: SRService [104]  - The System Restore initialization process failed.
.
==== End Of File ===========================
 

 

 

Link to comment
Сподели другаде
  • Отговори 73
  • Създадена
  • Последен отговор

ТОП потребители в тази тема

Популярни дни

ТОП потребители в тази тема

Популярни дни

Публикувани изображения

B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Здравейте,

 

Дано не сте оплескали нещата при действията си на своя глава.

 

1. Изтеглете ComboFix от BleepingComputer и го запазете (бутон Save -> Save as) ComboFix на вашия десктоп:
http://i46.tinypic.com/2exprgh.jpg
След приключване на изтеглянето на ComboFix, иконката на програмата би трябвало да изглежда така:
http://i46.tinypic.com/29eqjuq.jpg


2. Затворете всички работещи приложения, отворени прозорци и програми работещи във фонов режим. Спрете временно защитата в реално време на антивирусната програма и на другите програми за сигурност, ако има такива.



3. Стартирайте с двоен клик Combofix.exe. Изберете YES, за да се съгласите с условията за използване на програмата. Важно: По време на работата на ComboFix не бива да се движи мишката и да се натискат клавиши от клавиатурата. Просто търпеливо оставете ComboFix да си свърши работата, без да използвате компютъра за други цели.



4. ComboFix ще провери дали Windows Recovery Console e инсталиранa.


*Ако Windows Recovery Console не е инсталирана, ще е необходимо да използвате YES за инсталация на Windows Recovery Console
*Ако Windows Recovery Console е инсталирана, ComboFix ще продължи работата си.
http://i46.tinypic.com/33wr6us.jpg


Забележка: Необходимо е да сте свързани към Интернет за да може Windows Recovery Console да се изтегли.


След инсталация на Windows Recovery Console потвърдете с YES, за да продължите напред. Снимка:
http://i45.tinypic.com/m9lvnk.jpg


5. ComboFix ще спре временно Интернет връзката, но след като приключи работата на програмата тази връзка ще бъде възстановена автоматично. ComboFix ще сканира за проблеми и за заразени файлове, като това може да отнеме известно време. Моля да бъдете търпеливи. Ако има проблем с Интернет връзката след приключване на работата на Combofix, моля да прочетете това: Manually restoring the Internet connection section.


6. След като работата на ComboFix приключи, компютъра ще се рестартира автоматично. След рестарта заредете отново в Safe Mode нарочно за да може Combofix да приключи своята работа. След това ще се появи текстов документ (log) в Notepad:
http://i49.tinypic.com/157m978.jpg

 

7. Копирайте лог файла в следващия си коментар.

Link to comment
Сподели другаде
Matt_Ragan Новобранец

Matt_Ragan

Публикувано
  • Author
Публикувано

Благодаря ви за бързото отзоваване!Сигнах до т.3 вкл. и ми излезе съобщение:Warning!!ComboFix has detected the following real time scanner(s) to be active:antivirus:avast!Antivirus;antivirus:ESET Nod 32.Antivirus and intrusion prevention programs are known to interfere with ComboFix's running.This may lead to unpredictable results or possible machine damage.Please disable these scanners before clicking 'OK'.За ЕСЕТ незнаех как се спира в режим Safe Mode затова я деинсталирах,но avast въобще нямам на компютъра.Бях го деинсталирал преди с Revo Uninstaller.Проверих и сега.Рестартирах,тъй като ЕСЕТ искаше това,за да се конфигурират промените след деинсталацията.След рестарта повторих стъпките от т.3,но пак ми излезе съобщението по горе,сега само за avast.Какво да правя?

Link to comment
Сподели другаде
Matt_Ragan Новобранец

Matt_Ragan

Публикувано
  • Author
Публикувано

дано не е станал някакъв гаф,но в т.6 изтървах времето за зареждане във safe mode и почна да ми се зарежда Windows.Спрях го и рестартирах във Safe Mod.Намерих лога в Notepad.Ето го:ComboFix 13-08-14.02 - zdrave 08.2013 г.  12:43:58.1.2 - x86 NETWORK

Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.1919.1276 [GMT 3:00]
Running from: C:\Documents and Settings\zdrave.CHANGEME1\Desktop\ComboFix.exe
AV: avast! Antivirus *Enabled/Updated* {7591DB91-41F0-48A3-B128-1A293FD8233D}
FW: avast! Antivirus *Enabled* {7591DB91-41F0-48A3-B128-1A293FD8233D}
 
 
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
 
 
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\page
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\page\page.ico
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\page\page.URL
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\{8C20787A-7402-4FA7-BF25-6E5750930FDC}\PostBuild.exe
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\PostBuild.exe
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}\Setup.exe
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\avgfinst.dat
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\avi7.avg
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\crt_x64.msi
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\files.dat
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\incavi.avm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_cz.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_da.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_fr.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_ge.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_hu.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_id.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_in.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_it.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_jp.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_ko.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_ms.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_nl.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_pb.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_pl.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_pt.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_ru.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_sc.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_sk.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_sp.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_tr.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_us.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_zh.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\license_zt.htm
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\microavi.avg
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\miniavi.avg
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setup.dat
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setup.exe
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setup.ini
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupcz.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupda.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupfr.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupge.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setuphu.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupid.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupin.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupit.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupjp.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupko.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupms.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupnl.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setuppb.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setuppl.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setuppt.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupru.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupsc.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupsk.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupsp.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setuptr.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupus.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupzh.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\setupzt.lns
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\vcredis1.cab
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\AVG\vcredist.msi
C:\Documents and Settings\All Users.WINDOWS.0\Application Data\TEMP\RAIDTest
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\2YourFace.crx
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\bho.dll
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\FF8Installer.exe
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome.manifest
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\content\ff-overlay.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\content\ff-overlay.xul
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\content\overlay.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\locale\en-US\overlay.dtd
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\locale\en-US\overlay.properties
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\chrome\skin\overlay.css
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\defaults\preferences\prefs.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\ffextension\install.rdf
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\uninst.exe
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\Updater.exe
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\version.exe
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome.manifest
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\bar.xul
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\buttons.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\constants.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\events.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\globals.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\hosts.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\init.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\injection_button.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\popups.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\printerExternalAccessFF.js
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_images.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_maps.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_news.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_videos.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\engine_web.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_amazon.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_ebay.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_facebook.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_games.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_msn.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_shopping.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_travel.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\icon_twitter.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\images\startnow_logo.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\installer.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\chevron_button.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_hover.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_button_normal.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_dropdown_button_normal.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_background.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_left.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\searchbox_input_middle.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\separator.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\splitter.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ff_hover_c.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_c.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_l.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_hover_r.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_c.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_l.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\skin\toolbarbutton_ie_normal_r.png
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\content\resources\toolbar.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\locale\en-US\{5911488E-9D1E-40ec-8CBB-06B231CC153F}.dtd
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\chrome\skin\overlay.css
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\{5911488E-9D1E-40ec-8CBB-06B231CC153F}\install.rdf
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\1.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\a.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\b.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\c.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\d.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\e.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\f.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\g.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\h.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\i.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\J.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\k.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\l.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\m.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\mru.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\n.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\o.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\p.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\q.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\r.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\s.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\t.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\u.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\v.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\w.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\x.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\y.xml
C:\Documents and Settings\zdrave.CHANGEME1\Application Data\PriceGong\Data\z.xml
C:\Documents and Settings\zdrave.CHANGEME1\WINDOWS
C:\Documents and Settings\zdrave\WINDOWS
C:\WINDOWS.0\system32\Cache
C:\WINDOWS.0\system32\Cache\0249532664c4b901.fb
C:\WINDOWS.0\system32\Cache\1a82451ff0bb88d0.fb
C:\WINDOWS.0\system32\Cache\272512937d9e61a4.fb
C:\WINDOWS.0\system32\Cache\287204568329e189.fb
C:\WINDOWS.0\system32\Cache\28bc8f716fd76a47.fb
C:\WINDOWS.0\system32\Cache\2c53092c95605355.fb
C:\WINDOWS.0\system32\Cache\31a0997e9a5b5eb3.fb
C:\WINDOWS.0\system32\Cache\31f8b5a9957f9677.fb
C:\WINDOWS.0\system32\Cache\32c84fe32bb74d60.fb
C:\WINDOWS.0\system32\Cache\3917078cb68ec657.fb
C:\WINDOWS.0\system32\Cache\590ba23ce359fd0c.fb
C:\WINDOWS.0\system32\Cache\610289e025a3ee9a.fb
C:\WINDOWS.0\system32\Cache\651c5d3cdbfb8bd1.fb
C:\WINDOWS.0\system32\Cache\6c59ac5e7e7a3ad0.fb
C:\WINDOWS.0\system32\Cache\6d03dad1035885d3.fb
C:\WINDOWS.0\system32\Cache\8296dd0a263312bb.fb
C:\WINDOWS.0\system32\Cache\a8556537add6dfc5.fb
C:\WINDOWS.0\system32\Cache\ad10a52aff5e038d.fb
C:\WINDOWS.0\system32\Cache\bf7dacc822afac26.fb
C:\WINDOWS.0\system32\Cache\c1fa887b03019701.fb
C:\WINDOWS.0\system32\Cache\c4d28dca2e7648be.fb
C:\WINDOWS.0\system32\Cache\d201ef9910cd39de.fb
C:\WINDOWS.0\system32\Cache\d2e94710a5708128.fb
C:\WINDOWS.0\system32\Cache\d4bdeb58e0ae7111.fb
C:\WINDOWS.0\system32\Cache\d79b9dfe81484ec4.fb
C:\WINDOWS.0\system32\Cache\e0de16f883bea794.fb
C:\WINDOWS.0\system32\Cache\f20ce3db0bb97036.fb
C:\WINDOWS.0\system32\Cache\f998975c9cc711ee.fb
C:\WINDOWS.0\system32\embedded
C:\WINDOWS.0\system32\embedded\regsvr.exe
C:\WINDOWS.0\XSxS
D:\AUTORUN.INF
 
 
(((((((((((((((((((((((((((((((((((((((   Drivers/Services   )))))))))))))))))))))))))))))))))))))))))))))))))
.
 
-------\Legacy_K
-------\Service_K
 
 
(((((((((((((((((((((((((   Files Created from 2013-07-15 to 2013-08-15  )))))))))))))))))))))))))))))))
 
 
2013-08-15 02:38:20 . 2013-08-15 02:38:33 -------- d-----w- C:\WINDOWS.0\LastGood.Tmp
2013-08-14 13:17:53 . 2013-08-14 13:18:09 -------- d-----w- C:\Program Files\Malwarebytes' Anti-Malware
2013-08-14 13:17:53 . 2013-04-04 11:50:32 22856 ----a-w- C:\WINDOWS.0\system32\drivers\mbam.sys
2013-08-09 03:05:32 . 2013-08-09 03:05:32 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Panda Security
2013-08-09 03:05:21 . 2013-08-09 03:05:22 -------- d-----w- C:\Program Files\Panda USB Vaccine
2013-08-08 08:35:34 . 2013-08-08 20:43:32 181064 ----a-w- C:\WINDOWS.0\PSEXESVC.EXE
2013-08-08 08:04:20 . 2010-04-27 08:04:06 381816 ----a-w- C:\PsExec.exe
2013-08-03 17:08:15 . 2013-08-03 17:08:15 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Comodo
2013-08-03 17:08:02 . 2013-08-03 17:08:02 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Comodo Downloader
2013-08-03 15:27:24 . 2013-08-14 18:24:07 40776 ----a-w- C:\WINDOWS.0\system32\drivers\mbamswissarmy.sys
2013-08-03 14:25:08 . 2013-08-03 14:25:09 356408 ----a-w- C:\WINDOWS.0\system32\drivers\TrufosAlt.sys
2013-08-02 05:32:44 . 2013-08-02 05:32:44 -------- d-----w- C:\Program Files\HitmanPro
2013-08-02 05:31:34 . 2013-08-02 07:09:41 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\HitmanPro
2013-08-02 05:12:12 . 2013-08-02 05:13:40 -------- d-----w- C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Web Cake
2013-08-02 05:12:11 . 2013-08-02 05:13:39 -------- d-----w- C:\Program Files\Web Cake
2013-08-02 05:12:06 . 2013-08-02 05:12:06 -------- d-----w- C:\Documents and Settings\zdrave.CHANGEME1\Local Settings\Application Data\Cool_Mirage
2013-08-01 05:31:25 . 2013-08-01 05:31:25 -------- d-----w- C:\TDSSKiller_Quarantine
2013-07-27 17:51:09 . 2013-07-27 17:51:31 -------- d-----w- C:\Program Files\Mozilla Maintenance Service
2013-07-21 20:30:48 . 2013-07-21 20:31:15 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\MCShield
2013-07-21 20:30:47 . 2013-07-21 20:30:57 -------- d-----w- C:\Program Files\MCShield
2013-07-21 18:54:35 . 2013-07-21 18:56:27 127899222 ----a-w- C:\руткит-бакъп на регистрите-21.07.2013.reg
2013-07-20 19:49:22 . 2013-07-20 19:49:22 -------- d-----w- C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Process Hacker 2
2013-07-20 19:44:15 . 2013-07-20 19:44:15 -------- d-----w- C:\Program Files\Process Hacker 2
2013-07-20 05:56:46 . 2013-07-20 05:56:46 -------- d-----w- C:\Documents and Settings\zdrave.CHANGEME1\Application Data\SUPERAntiSpyware.com
2013-07-20 05:55:28 . 2013-08-12 05:10:46 -------- d-----w- C:\Program Files\SUPERAntiSpyware
2013-07-20 05:55:28 . 2013-07-20 05:55:28 -------- d-----w- C:\Documents and Settings\All Users.WINDOWS.0\Application Data\SUPERAntiSpyware.com
2013-07-19 19:35:01 . 2013-07-19 19:35:01 -------- d-----w- C:\Documents and Settings\zdrave.CHANGEME1\Local Settings\Application Data\ESET
.
 
 
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
 
2013-07-27 17:41:17 . 2013-01-24 20:42:58 692104 -c--a-w- C:\WINDOWS.0\system32\FlashPlayerApp.exe
2013-07-27 17:41:16 . 2013-01-24 20:42:58 71048 -c--a-w- C:\WINDOWS.0\system32\FlashPlayerCPLApp.cpl
2013-07-13 19:31:07 . 2013-03-16 13:46:46 175176 ----a-w- C:\WINDOWS.0\system32\drivers\aswVmm.sys
2013-07-13 19:31:07 . 2012-12-02 13:24:08 369584 ----a-w- C:\WINDOWS.0\system32\drivers\aswSP.sys
2013-07-13 19:31:07 . 2012-12-02 13:24:01 770344 ----a-w- C:\WINDOWS.0\system32\drivers\aswSnx.sys
2013-07-06 16:56:27 . 2013-01-03 18:25:35 256904 -c--a-w- C:\WINDOWS.0\system32\drivers\tmcomm.sys
2013-07-04 22:02:06 . 2013-07-04 22:01:54 22064 ----a-w- C:\WINDOWS.0\DCEBoot.exe
2013-07-04 22:02:06 . 2013-07-04 22:01:54 181808 ----a-w- C:\WINDOWS.0\RegBootClean.exe
2013-06-07 21:56:06 . 2009-11-05 12:54:33 920064 ----a-w- C:\WINDOWS.0\system32\wininet.dll
2013-06-07 21:56:06 . 2009-11-05 12:53:55 43520 ----a-w- C:\WINDOWS.0\system32\licmgr10.dll
2013-06-07 21:56:05 . 2009-11-05 12:54:28 1469440 ----a-w- C:\WINDOWS.0\system32\inetcpl.cpl
2013-06-07 20:55:44 . 2009-11-05 12:53:51 385024 ----a-w- C:\WINDOWS.0\system32\html.iec
2013-06-04 07:23:02 . 2008-04-14 11:00:00 562688 ----a-w- C:\WINDOWS.0\system32\qedit.dll
2013-06-04 01:40:45 . 2009-11-10 16:54:13 1876736 ----a-w- C:\WINDOWS.0\system32\win32k.sys
2010-06-02 03:22:02 . 2010-06-02 03:22:02 537432 -c--a-w- C:\Program Files\DXSETUP.exe
 
 
------- Sigcheck -------
Note: Unsigned files aren't necessarily malware.
 
[-] 2009-11-05 13:35:09 . 600D58665D16BFBB776EFEFB0E80532D . 1614848 . . [5.1.2600.5512 (xpsp.080413-2111)] . . C:\WINDOWS.0\system32\sfcfiles.dll
 
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
 
 
*Note* empty entries & legit default entries are not shown 
REGEDIT4
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveBlacklistedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedEditOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSharedViewOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncedOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\GDriveSyncingOverlay]
@="{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}"
[HKEY_CLASSES_ROOT\CLSID\{81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41}]
2013-06-06 20:57:26 578512 ----a-w- C:\Program Files\Google\Drive\googledrivesync32.dll
 
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"uTorrent"="C:\Program Files\uTorrent\uTorrent.exe" [2013-05-02 04:12:34 802136]
"Skype"="C:\Program Files\Skype\Phone\Skype.exe" [2013-06-03 13:27:20 19603048]
"KiesPreload"="C:\Program Files\Samsung\Kies\Kies.exe" [2013-05-23 06:16:52 1561968]
"GoogleDriveSync"="C:\Program Files\Google\Drive\googledrivesync.exe" [2013-06-06 20:57:24 19676256]
"MCShield Monitor"="C:\Program Files\MCShield\mcshieldrtm.exe" [2013-07-15 20:07:06 607744]
"SUPERAntiSpyware"="C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2013-05-15 01:08:19 4760816]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Wireless Console 2"="C:\Program Files\Wireless Console 2\wcourier.exe" [2007-07-05 15:53:44 1040384]
"Power_Gear"="C:\Program Files\ASUS\Power4 Gear\BatteryLife.exe" [2006-07-26 17:01:06 90112]
"VirtualCloneDrive"="C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" [2009-06-17 11:44:11 85160]
"RTHDCPL"="RTHDCPL.EXE" [2011-10-14 15:58:12 20064872]
"SynTPEnh"="C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" [2011-03-31 16:30:48 2221352]
"VolumeTray"="C:\Program Files\VolumeTray\VolumeTray.exe" [2003-02-19 05:45:08 180224]
"OODefragTray"="C:\Program Files\OO Software\Defrag\oodtray.exe" [2013-04-19 15:09:16 5039408]
"KiesTrayAgent"="C:\Program Files\Samsung\Kies\KiesTrayAgent.exe" [2013-05-23 06:16:56 311152]
"Adobe ARM"="C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 21:06:36 958576]
"DivXMediaServer"="C:\Program Files\DivX\DivX Media Server\DivXMediaServer.exe" [2013-04-15 15:53:18 450560]
 
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Malwarebytes Anti-Malware"="C:\Program Files\Malwarebytes' Anti-Malware\mbamgui.exe" [2013-04-04 11:50:32 532040]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="C:\WINDOWS.0\system32\CTFMON.EXE" [2008-04-14 11:00:00 15360]
 
[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"ShowDeskFix"="shell32" [X]
"IE8"="advpack.dll" [2009-11-05 12:53:50 128512]
 
C:\Documents and Settings\zdrave.CHANGEME1\Start Menu\Programs\Startup\
PandaUSBVaccine.lnk - C:\Program Files\Panda USB Vaccine\USBVaccine.exe /resident /hidetray /autovaccinate /experimentalntfs  /agreelicense [2013-8-9 1287176]
 
C:\Documents and Settings\All Users.WINDOWS.0\Start Menu\Programs\Startup\
O&O Defrag Tray.lnk - C:\WINDOWS.0\Installer\{D66100D4-640B-4AAC-82BA-0B6444FBA064}\DefragIcon.exe [2013-5-22 292878]
 
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\explorer]
"NoResolveTrack"= 1 (0x1)
 
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "C:\Program Files\SUPERAntiSpyware\SASSEH.DLL" [2013-05-07 22:36:36 115440]
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\hitmanpro37.sys]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37Crusader]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HitmanPro37CrusaderBoot]
@=""
 
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]
@="Driver"
 
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DivXUpdate]
2013-02-13 02:37:16 1263952 ----a-w- C:\Program Files\DivX\DivX Update\DivXUpdate.exe
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
 
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"= 0 (0x0)
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"D:\\Office12\\OUTLOOK.EXE"=
"D:\\Office12\\GROOVE.EXE"=
"D:\\Office12\\ONENOTE.EXE"=
"C:\\Program Files\\Mozilla Firefox\\firefox.exe"=
"C:\\Program Files\\EA Games\\Need For Speed Hot Pursuit 2\\NfsHP2.ori"=
"C:\\Program Files\\uTorrent\\uTorrent.exe"=
"C:\\Program Files\\eMule\\emule.exe"=
"C:\\Program Files\\CyberLink\\PowerDVD10\\PowerDVD10.exe"=
"C:\\Program Files\\Skype\\Phone\\Skype.exe"=
"C:\\Program Files\\PANDORA.TV\\PanService\\PanProcess.exe"=
"C:\\Program Files\\PANDORA.TV\\PanService\\PandoraService.exe"=
 
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"1277:TCP"= 1277:TCP:messenger
 
R0 aswKbd;aswKbd;C:\WINDOWS.0\system32\drivers\aswKbd.sys [18.12.2012 г. 08:08:54 21576]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore.exe [23.5.2013 г. 23:11:42 119056]
S0 10793436;10793436;C:\WINDOWS.0\system32\drivers\33345492.sys --> C:\WINDOWS.0\system32\drivers\33345492.sys [?]
S0 aswRvrt;aswRvrt;C:\WINDOWS.0\system32\drivers\aswRvrt.sys [16.3.2013 г. 16:46:45 49376]
S0 aswVmm;aswVmm;C:\WINDOWS.0\system32\drivers\aswVmm.sys [16.3.2013 г. 16:46:46 175176]
S0 hitmanpro37duringboot;hitmanpro37duringboot;C:\WINDOWS.0\system32\drivers\hitmanpro37.sys --> C:\WINDOWS.0\system32\drivers\hitmanpro37.sys [?]
S1 aswSnx;aswSnx;C:\WINDOWS.0\system32\drivers\aswSnx.sys [02.12.2012 г. 16:24:01 770344]
S1 aswSP;aswSP;C:\WINDOWS.0\system32\drivers\aswSP.sys [02.12.2012 г. 16:24:08 369584]
S1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv.sys [22.7.2011 г. 19:27:02 12880]
S1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [13.7.2011 г. 00:55:22 67664]
S2 {1BA31E5A-C098-42d8-8F88-3C9F78A2FDDC};Power Control [2012/05/27 00:27:15];C:\Program Files\CyberLink\PowerDVD10\NavFilter\000.fcl [15.8.2012 г. 21:41:18 87536]
S2 aswFsBlk;aswFsBlk;C:\WINDOWS.0\system32\drivers\aswFsBlk.sys [02.12.2012 г. 16:24:08 29816]
S2 aswMonFlt;aswMonFlt;C:\WINDOWS.0\system32\drivers\aswMonFlt.sys [16.3.2013 г. 16:46:43 66336]
S2 gupdate;Услуга Google Update (gupdate);C:\Program Files\Google\Update\GoogleUpdate.exe [07.3.2010 г. 01:55:04 135664]
S2 HitmanProScheduler;HitmanPro Scheduler;C:\Program Files\HitmanPro\hmpsched.exe [02.8.2013 г. 08:32:44 106280]
S2 LBeepKE;Logitech Beep Suppression Driver;C:\WINDOWS.0\system32\drivers\LBeepKE.sys [06.12.2012 г. 10:37:06 12184]
S2 OODefragAgent;O&O Defrag;C:\Program Files\OO Software\Defrag\oodag.exe [19.4.2013 г. 18:09:10 2034480]
S2 PanService;PandoraService;C:\Program Files\PANDORA.TV\PanService\PandoraService.exe [04.2.2013 г. 23:48:02 625304]
S2 Skype C2C Service;Skype C2C Service;C:\Documents and Settings\All Users.WINDOWS.0\Application Data\Skype\Toolbars\Skype C2C Service\c2c_service.exe [14.5.2013 г. 13:26:12 3289208]
S2 SkypeUpdate;Skype Updater;C:\Program Files\Skype\Updater\Updater.exe [03.6.2013 г. 16:21:54 162408]
S2 WebCakeUpdater;WebCakeUpdater;C:\Program Files\Web Cake\WebCakeDesktop.Updater.exe [02.8.2013 г. 08:12:13 51992]
S3 Ambfilt;Ambfilt;C:\WINDOWS.0\system32\drivers\Ambfilt.sys [06.4.2011 г. 18:30:08 1691480]
S3 BPNOFQ;BPNOFQ;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\BPNOFQ.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\BPNOFQ.exe [?]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS.0\system32\drivers\ssudbus.sys [25.4.2013 г. 07:41:07 83864]
S3 dgderdrv;dgderdrv;C:\WINDOWS.0\system32\drivers\dgderdrv.sys [10.3.2013 г. 23:00:36 20032]
S3 esgiguard;esgiguard;\??\C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys --> C:\Program Files\Enigma Software Group\SpyHunter\esgiguard.sys [?]
S3 FUPYPF;FUPYPF;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\FUPYPF.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\FUPYPF.exe [?]
S3 GGV;GGV;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\GGV.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\GGV.exe [?]
S3 gupdatem;Услуга на Google Актуализация (gupdatem);C:\Program Files\Google\Update\GoogleUpdate.exe [07.3.2010 г. 01:55:04 135664]
S3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS.0\system32\drivers\mbamswissarmy.sys [03.8.2013 г. 18:27:24 40776]
S3 RDZYD;RDZYD;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\RDZYD.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\RDZYD.exe [?]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS.0\system32\drivers\ssudmdm.sys [25.4.2013 г. 07:41:11 181912]
S3 ssudserd;SAMSUNG Mobile USB Diagnostic Serial Port(DEVGURU Ver.);C:\WINDOWS.0\system32\drivers\ssudserd.sys [25.4.2013 г. 07:41:21 181912]
S3 SWDUMon;SWDUMon;C:\WINDOWS.0\system32\drivers\SWDUMon.sys [03.4.2011 г. 13:32:34 12984]
S3 TOWYFF;TOWYFF;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\TOWYFF.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\TOWYFF.exe [?]
S3 TrufosAlt;TrufosAlt;C:\WINDOWS.0\system32\drivers\TrufosAlt.sys [03.8.2013 г. 17:25:08 356408]
S3 UNOQ;UNOQ;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\UNOQ.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\UNOQ.exe [?]
S3 XPXWAZJ;XPXWAZJ;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\XPXWAZJ.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\XPXWAZJ.exe [?]
S4 AdvancedSystemCareService5;Advanced SystemCare Service 5;C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe --> C:\Program Files\IObit\Advanced SystemCare 5\ASCService.exe [?]
S4 avgtp;avgtp;C:\WINDOWS.0\system32\drivers\avgtpx86.sys [13.8.2012 г. 17:57:18 26984]
S4 cpuz136;cpuz136;\??\C:\WINDOWS.0\TEMP\cpuz136\cpuz136_x32.sys --> C:\WINDOWS.0\TEMP\cpuz136\cpuz136_x32.sys [?]
S4 DKRtWrt;DKRtWrt;C:\WINDOWS.0\system32\drivers\DKRtWrt.sys [16.7.2012 г. 13:06:48 38608]
S4 Roxio UPnP Renderer 10;Roxio UPnP Renderer 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe" --> C:\Program Files\Roxio\Digital Home 10\RoxioUPnPRenderer10.exe [?]
S4 Roxio Upnp Server 10;Roxio Upnp Server 10;"C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe" --> C:\Program Files\Roxio\Digital Home 10\RoxioUpnpService10.exe [?]
S4 RoxLiveShare10;LiveShare P2P Server 10;C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxLiveShare10.exe [24.8.2007 г. 15:52:48 309744]
S4 RoxMediaDB10;RoxMediaDB10;C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxMediaDB10.exe [24.8.2007 г. 15:52:38 1083888]
S4 RoxWatch10;Roxio Hard Drive Watcher 10;C:\Program Files\Common Files\Roxio Shared\10.0\SharedCOM\RoxWatch10.exe [24.8.2007 г. 15:52:46 166384]
S4 SessionLauncher;SessionLauncher;C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\DX9\SessionLauncher.exe --> C:\DOCUME~1\ZDRAVE~1.CHA\LOCALS~1\Temp\DX9\SessionLauncher.exe [?]
 
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-07-19 08:10:23 1173456 ----a-w- C:\Program Files\Google\Chrome\Application\28.0.1500.72\Installer\chrmstp.exe
 
Contents of the 'Scheduled Tasks' folder
 
2013-07-19 C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineCore.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 22:55:04 . 2010-03-06 22:54:56]
 
2013-07-19 C:\WINDOWS.0\Tasks\GoogleUpdateTaskMachineUA.job
- C:\Program Files\Google\Update\GoogleUpdate.exe [2010-03-06 22:55:04 . 2010-03-06 22:54:56]
 
 
------- Supplementary Scan -------
 
uStart Page = hxxp://www.google.bg/
mStart Page = hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
uInternet Settings,ProxyOverride = <local>
IE: &Експортиране към Microsoft Excel - D:\Office12\EXCEL.EXE/3000
DPF: {70B410C0-11D4-BADA-8308-0080C8D7ED4A} - hxxp://cached.gamedesire.com/g_bin/eng/bridge_2_0_0_28.cab
FF - ProfilePath - C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - ExtSQL: 2013-06-26 20:40; ftd@ftd.com; C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\ftd@ftd.com.xpi
FF - ExtSQL: 2013-08-02 08:12; plugin@getwebcake.com; C:\Documents and Settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\plugin@getwebcake.com
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639&q=
FF - user.js: extensions.funmoods.id - 00FF09E3136146E0
FF - user.js: extensions.funmoods.instlDay - 15604
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2216:49:6
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - nv1
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - nv1
FF - user.js: extensions.funmoods.dfltLng - 
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extentions.y2layers.installId - 25d6df24-2b28-4838-991c-8a96bbecf796
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=480846e00000000000000015afae718f&q=
FF - user.js: extensions.BabylonToolbar.id - 480846e00000000000000015afae718f
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15627
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.78:45:24
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=116775&tt=101012_24_4112_2
FF - user.js: extensions.BabylonToolbar_i.babExt - 
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - 6e1cb162-63b3-43d9-9494-84a711b1219e
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extentions.webcake.installId - 0c90ef80-fc69-4b17-83d2-47e96b0ff380
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl - 
FF - user.js: extensions.delta.id - 480846e0000000000000000400008d08
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15919
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.08:15:05
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=4962
FF - user.js: extensions.delta_i.babExt - 
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false
 
- - - - ORPHANS REMOVED - - - -
 
Toolbar-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
WebBrowser-{687578B9-7132-4A7A-80E4-30EE31099E03} - (no file)
ShellIconOverlayIdentifiers-{472083B0-C522-11CF-8763-00608CC02F24} - (no file)
C:\Documents and Settings\zdrave.CHANGEME1\Start Menu\Programs\Startup\AutorunsDisabled\2YourFace_Updater.lnk - C:\Documents and Settings\zdrave.CHANGEME1\Application Data\2YourFace\Updater.exe
SafeBoot-10793436.sys
SafeBoot-18651178.sys
SafeBoot-46610255.sys
SafeBoot-66397349.sys
SafeBoot-77081657.sys
SafeBoot-95594599.sys
AddRemove-01_Simmental - C:\Program Files\Samsung\USB Drivers\01_Simmental\Uninstall.exe
AddRemove-02_Siberian - C:\Program Files\Samsung\USB Drivers\02_Siberian\Uninstall.exe
AddRemove-03_Swallowtail - C:\Program Files\Samsung\USB Drivers\03_Swallowtail\Uninstall.exe
AddRemove-04_semseyite - C:\Program Files\Samsung\USB Drivers\04_semseyite\Uninstall.exe
AddRemove-07_Schorl - C:\Program Files\Samsung\USB Drivers\07_Schorl\Uninstall.exe
AddRemove-09_Hsp - C:\Program Files\Samsung\USB Drivers\09_Hsp\Uninstall.exe
AddRemove-11_HSP_Plus_Default - C:\Program Files\Samsung\USB Drivers\11_HSP_Plus_Default\Uninstall.exe
AddRemove-16_Shrewsbury - C:\Program Files\Samsung\USB Drivers\16_Shrewsbury\Uninstall.exe
AddRemove-20_NXP_Driver - C:\Program Files\Samsung\USB Drivers\20_NXP_Driver\Uninstall.exe
AddRemove-24_flashusbdriver - C:\Program Files\Samsung\USB Drivers\24_flashusbdriver\Uninstall.exe
AddRemove-25_escape - C:\Program Files\Samsung\USB Drivers\25_escape\Uninstall.exe
Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Отново не е целия...или не сте го копирали или не се е довършил заради рестартирането от ваша страна.

Затова направете нова проверка и публикувайте новия лог файл. В последната част на лога проста има важна информация, която не ми се иска да игнорирам.

 

Поздрави!

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Изтеглете този файл и го запазете на десктопа.

Отворете Notepad.exe и се уверете, че пред Format => няма отметка пред Word Wrap (ако има я махнете).

http://www.jegsworks.com/lessons/web-2/html/menu-format-font-notepad-win7.gif

С copy/paste въведете следната информация:

 

@echo Unpacking files ...
@echo (This window will close when it's done)
@echo off
MKdir C:\SP3
WindowsXP-KB936929-SP3-x86-ENU.exe -x: C:\SP3 /quiet
cd C:\SP3\i386
expand sfcfiles.dl_ C:\SP3\sfcfiles.dll

 

Запазете файла с името expand.bat и го стартирайте.
Ще се създаде папка на C:\ с името SP3.

 

 

След това отново отворете notepad и с copy/paste поставете следната информация:

 


Fcopy::
C:\SP3\sfcfiles.dll | c:\windows\system32\sfcfiles.dll
Driver::
10793436
WebCakeUpdater
BPNOFQ
FUPYPF
GGV
RDZYD
TOWYFF
UNOQ
XPXWAZJ
File::
c:\windows.0\system32\drivers\33345492.sys
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\BPNOFQ.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\FUPYPF.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\GGV.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\RDZYD.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\TOWYFF.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\UNOQ.exe
c:\docume~1\ZDRAVE~1.CHA\LOCALS~1\Temp\XPXWAZJ.exe
c:\documents and settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\plugin@getwebcake.com
c:\documents and settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\ftd@ftd.com.xpi
Folder::
c:\documents and settings\zdrave.CHANGEME1\Application Data\Web Cake
c:\program files\Web Cake
c:\documents and settings\zdrave.CHANGEME1\Local Settings\Application Data\Cool_Mirage
Registry::
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000000
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000000
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile]
"EnableFirewall"=dword:00000001
DDS::
mStart Page = hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
Firefox::
FF - ProfilePath - c:\documents and settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3072253&SearchSource=3&q={searchTerms}
FF - ExtSQL: 2013-06-26 20:40; ftd@ftd.com; c:\documents and settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\ftd@ftd.com.xpi
FF - ExtSQL: 2013-08-02 08:12; plugin@getwebcake.com; c:\documents and settings\zdrave.CHANGEME1\Application Data\Mozilla\Firefox\Profiles\mvnvfmzf.default\extensions\plugin@getwebcake.com
user_pref('extensions.autoDisableScopes', 0);user_pref('security.csp.enable', false);user_pref('security.OCSP.enabled', 0);
FF - user.js: extensions.funmoods.hmpg - true
FF - user.js: extensions.funmoods.hmpgUrl - hxxp://start.funmoods.com/?f=1&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.dfltSrch - true
FF - user.js: extensions.funmoods.srchPrvdr - Search
FF - user.js: extensions.funmoods.dnsErr - true
FF - user.js: extensions.funmoods_i.newTab - true
FF - user.js: extensions.funmoods.newTabUrl - hxxp://start.funmoods.com/?f=2&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639
FF - user.js: extensions.funmoods.tlbrSrchUrl - hxxp://start.funmoods.com/?f=3&a=nv1&chnl=nv1&cd=2XzuyEtN2Y1L1QzutDtD0F0FtDzy0EtAtCtAyCtCyEyC0EtDtN0D0Tzu0CtByCyDtN1L2XzutBtFtCtFtCtFtAtCtB&cr=218230639&q=
FF - user.js: extensions.funmoods.id - 00FF09E3136146E0
FF - user.js: extensions.funmoods.instlDay - 15604
FF - user.js: extensions.funmoods.vrsn - 1.5.23.22
FF - user.js: extensions.funmoods.vrsni - 1.5.23.22
FF - user.js: extensions.funmoods_i.vrsnTs - 1.5.23.2216:49:6
FF - user.js: extensions.funmoods.prtnrId - funmoods
FF - user.js: extensions.funmoods.prdct - funmoods
FF - user.js: extensions.funmoods.aflt - nv1
FF - user.js: extensions.funmoods_i.smplGrp - none
FF - user.js: extensions.funmoods.tlbrId - base
FF - user.js: extensions.funmoods.instlRef - nv1
FF - user.js: extensions.funmoods.dfltLng -
FF - user.js: extensions.funmoods.excTlbr - false
FF - user.js: extensions.funmoods.autoRvrt - false
FF - user.js: extensions.funmoods.envrmnt - production
FF - user.js: extensions.funmoods.isdcmntcmplt - true
FF - user.js: extensions.funmoods.mntrvrsn - 1.3.0
FF - user.js: extentions.y2layers.installId - 25d6df24-2b28-4838-991c-8a96bbecf796
FF - user.js: extentions.y2layers.defaultEnableAppsList - twittube,ezLooker,pagerage,buzzdock,toprelatedtopics,YontooNewOffers
FF - user.js: extensions.autoDisableScopes - 14
FF - user.js: extensions.BabylonToolbar.autoRvrt - false
FF - user.js: extensions.BabylonToolbar_i.newTab - false
FF - user.js: extensions.BabylonToolbar.tlbrSrchUrl - hxxp://search.babylon.com/?babsrc=TB_def&mntrId=480846e00000000000000015afae718f&q=
FF - user.js: extensions.BabylonToolbar.id - 480846e00000000000000015afae718f
FF - user.js: extensions.BabylonToolbar.appId - {BDB69379-802F-4eaf-B541-F8DE92DD98DB}
FF - user.js: extensions.BabylonToolbar.instlDay - 15627
FF - user.js: extensions.BabylonToolbar.vrsn - 1.8.0.7
FF - user.js: extensions.BabylonToolbar.vrsni - 1.8.0.7
FF - user.js: extensions.BabylonToolbar_i.vrsnTs - 1.8.0.78:45
FF - user.js: extensions.BabylonToolbar.prtnrId - babylon
FF - user.js: extensions.BabylonToolbar.prdct - BabylonToolbar
FF - user.js: extensions.BabylonToolbar.aflt - babsst
FF - user.js: extensions.BabylonToolbar_i.smplGrp - none
FF - user.js: extensions.BabylonToolbar.tlbrId - base
FF - user.js: extensions.BabylonToolbar.instlRef - sst
FF - user.js: extensions.BabylonToolbar.dfltLng - en
FF - user.js: extensions.BabylonToolbar.excTlbr - false
FF - user.js: extensions.BabylonToolbar.admin - false
FF - user.js: extensions.BabylonToolbar_i.babTrack - affID=116775&tt=101012_24_4112_2
FF - user.js: extensions.BabylonToolbar_i.babExt -
FF - user.js: extensions.BabylonToolbar_i.srcExt - ss
FF - user.js: network.http.pipelining.maxrequests - 8
FF - user.js: network.http.request.max-start-delay - 0
FF - user.js: network.http.max-connections - 48
FF - user.js: network.http.max-connections-per-server - 16
FF - user.js: network.http.max-persistent-connections-per-proxy - 16
FF - user.js: network.http.max-persistent-connections-per-server - 8
FF - user.js: browser.turbo.enabled - true
FF - user.js: browser.display.show_image_placeholders - true
FF - user.js: browser.chrome.favicons - false
FF - user.js: browser.urlbar.autocomplete.enabled - true
FF - user.js: browser.cache.memory.capacity - 65536
FF - user.js: content.notify.ontimer - true
FF - user.js: content.interrupt.parsing - true
FF - user.js: content.max.tokenizing.time - 2250000
FF - user.js: content.switch.threshold - 750000
FF - user.js: plugin.expose_full_path - true
FF - user.js: ui.submenuDelay - 0
FF - user.js: extentions.y2layers.installId - 6e1cb162-63b3-43d9-9494-84a711b1219e
FF - user.js: extentions.y2layers.defaultEnableAppsList - DropDownDeals,buzzdock,YontooNewOffers
FF - user.js: extentions.webcake.installId - 0c90ef80-fc69-4b17-83d2-47e96b0ff380
FF - user.js: extentions.webcake.defaultEnableAppsList - layers/banner,layers/inline,layers/search,layers/shopping,newOffers/wc
FF - user.js: extensions.delta.tlbrSrchUrl -
FF - user.js: extensions.delta.id - 480846e0000000000000000400008d08
FF - user.js: extensions.delta.appId - {C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
FF - user.js: extensions.delta.instlDay - 15919
FF - user.js: extensions.delta.vrsn - 1.8.22.0
FF - user.js: extensions.delta.vrsni - 1.8.22.0
FF - user.js: extensions.delta.vrsnTs - 1.8.22.08:15
FF - user.js: extensions.delta.prtnrId - delta
FF - user.js: extensions.delta.prdct - delta
FF - user.js: extensions.delta.aflt - babsst
FF - user.js: extensions.delta.smplGrp - none
FF - user.js: extensions.delta.tlbrId - base
FF - user.js: extensions.delta.instlRef - sst
FF - user.js: extensions.delta.dfltLng - en
FF - user.js: extensions.delta.excTlbr - false
FF - user.js: extensions.delta.ffxUnstlRst - true
FF - user.js: extensions.delta.admin - false
FF - user.js: extensions.delta_i.babTrack - affID=119776&tsp=4962
FF - user.js: extensions.delta_i.babExt -
FF - user.js: extensions.delta_i.srcExt - ss
FF - user.js: extensions.delta.autoRvrt - false
FF - user.js: extensions.delta.rvrt - false
FF - user.js: extensions.delta.newTab - false

 

 

Запазете файла с име CFScript и го провлачете и пуснете в Combofix (както на картинката отдолу):

http://i710.photobucket.com/albums/ww105/puckarti2/iconos%20gifs/CFScript.gif

Публикувайте лог файл в следващия си пост.

Link to comment
Сподели другаде
Matt_Ragan Новобранец

Matt_Ragan

Публикувано
  • Author
Публикувано

аз имам Notepad вграден в Windows-a ми.Windows ми е на български и Notepad ми е на български и в последният никъде не виждам отметки за каквото и да било...незнам дали поради тази причина или поради нещо друго и с copy/paste нещо не мога да се справя...



изтеглих един друг Notepad(Untitled-Notepad2),който замени старият,но не виждам "Format" в него

Link to comment
Сподели другаде
B-boy/StyLe/ Новобранец

B-boy/StyLe/

Публикувано
Публикувано

Не искам да използвате друг Notepad, освен този на Windows-a иначе нищо няма да се получи!

Това че е на бъгларски едва ли ще ви затрудни да откриете опцията...Колонката би трябвало да се намира до "Изглед" или както е там на български.

Link to comment
Сподели другаде
Matt_Ragan Новобранец

Matt_Ragan

Публикувано
  • Author
Публикувано

така,върна се...а как да копи пейстна това което сте поставили в карето



да...сетих се как...извинете ме че ви занимавам с такива елементарни неща,но за 5 години сам го правил най-много веднъж:)

Link to comment
Сподели другаде

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Гост
Отговори на тази тема

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   Не можете да качите директно снимка. Качете или добавете изображението от линк (URL)

Loading...
×
 Share
Иди на предишната тема
×
×
  • Създай ново...