Kaкво означава RUNDLL

[m1m3nc370]

След като ви писах изобщо не можеше да се включи и го занесох на ремонт , смениха ми процесора и сега вече е наред

[Night_Raven]

Нещо гнило има в Дания...

Колко плати за "ремонта" и какво точно ти казаха, че са правили? Питам, защото това си беше типичен проблем на дънната платка, а не на процесора.

[iliabg]

Помощ колеги... проблема почва с стартиране на пс-то ми...... показва това http://img412.imageshack.us/img412/7098/gre6ka.jpg

с Виста съм, оригинална не знам да ли има значение....

Втория пробле ме че лаптопа се рестартира, всеки пут когато затворя някои от прозорците на експлорарра ... няма заначение кой и бам бърз рестарт.. ъа 5 до 10 сек............

 

моля помогнете :(

[Night_Raven]

Сканирай с Malwarebytes' Anti-Malware и SUPERAntiSpyware Free. Ако вече имаш програмите, провери дали имаш последните версии и ако нямаш, премахни твоите и инсталирай най-новите. Ако тепърва инсталираш програмите, след инсталацията те ще предложат да се обновят автоматично, съгласи се. В противен случай обнови дефинициите им ръчно.

 

За Malwarebytes' Anti-Malware:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканирай);

- като приключи сканирането кликни бутон OK и после Show results (Покажи резултатите);

- кликни бутон Remove Selected (Премахни избраните);

- ще се появи текстов файл (лог), копирай съдържанието му тук.

 

За SUPERAntiSpyware:

- стартирай програмата;

- кликни бутон Scan your Computer (Сканиране на компютъра);

- вляво избери само дял C:, а вдясно избери Perform Complete Scan (Извърши пълно сканиране);

- кликни Next и изчакай програмата да сканира;

- ако има засечени заплахи, кликни OK на съобщението;

- кликни Next, за да се премахнат гадинките, OK на потвърждението и накрая Finish;

- кликни бутон Preferences... (Настройки) и иди на подпрозорец Statistics/Logs (Дневници), маркирай последния лог по дата и кликни бутон View Log... (Покажи дневника);

- копирай съдържанието му тук.

 

Ако е нужен рестарт при някое от сканиранията, се съгласи и рестартирай веднага.

[iliabg]

ето ....

 

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

 

Generated 04/15/2010 at 01:06 AM

 

Application Version : 4.35.1002

 

Core Rules Database Version : 4806

Trace Rules Database Version: 2618

 

Scan type : Quick Scan

Total Scan Time : 01:05:39

 

Memory items scanned : 791

Memory threats detected : 0

Registry items scanned : 668

Registry threats detected : 66

File items scanned : 35616

File threats detected : 16

 

Adware.MyWebSearch

HKU\S-1-5-21-2041219762-969640660-1125076392-1000\Software\Microsoft\Internet Explorer\URLSearchHooks#{00A6FAF6-072E-44cf-8957-5838F569A31D}

 

Adware.Tracking Cookie

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@tacoda[2].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@advertising[2].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@2o7[1].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@atwola[1].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@ar.atwola[2].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@cdn.at.atwola[2].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@atdmt[1].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@at.atwola[1].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@doubleclick[1].txt

C:\Users\bg\AppData\Roaming\Microsoft\Windows\Cookies\bg@tradedoubler[1].txt

 

Adware.MyWebSearch/FunWebProducts

HKLM\SOFTWARE\Fun Web Products

HKLM\SOFTWARE\Fun Web Products\Settings

HKLM\SOFTWARE\Fun Web Products\Settings\Promos

HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.numActive

HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextNone.0

HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyFreqNone

HKLM\SOFTWARE\Fun Web Products\Settings\Promos#BuddyTextUninstalled.numActive

HKLM\SOFTWARE\MyWebSearch

HKLM\SOFTWARE\MyWebSearch\bar

HKLM\SOFTWARE\MyWebSearch\bar#Maximized

HKLM\SOFTWARE\MyWebSearch\bar#Visible

HKLM\SOFTWARE\MyWebSearch\bar#pid

HKLM\SOFTWARE\MyWebSearch\bar#fwp

HKLM\SOFTWARE\MyWebSearch\bar#un

HKLM\SOFTWARE\MyWebSearch\bar#tiec

HKLM\SOFTWARE\MyWebSearch\bar#Dir

HKLM\SOFTWARE\MyWebSearch\bar#UninstallString

HKLM\SOFTWARE\MyWebSearch\bar#RegHookPath

HKLM\SOFTWARE\MyWebSearch\bar#Id

HKLM\SOFTWARE\MyWebSearch\bar#SettingsDir

HKLM\SOFTWARE\MyWebSearch\bar#sr

HKLM\SOFTWARE\MyWebSearch\bar#pl

HKLM\SOFTWARE\MyWebSearch\MWSOEMON

HKLM\SOFTWARE\MyWebSearch\MWSOEPLG

HKLM\SOFTWARE\MyWebSearch\OEHosts

HKLM\SOFTWARE\MyWebSearch\SearchAssistant

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#pid

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#fwp

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#esh

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#lsp

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#LastRequest

HKLM\SOFTWARE\MyWebSearch\SearchAssistant#NextRequest

HKCR\CLSID\{147A976F-EEE1-4377-8EA7-4716E4CDD239}

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\0\win32

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\FLAGS

HKCR\TypeLib\{D518921A-4A03-425E-9873-B9A71756821E}\1.0\HELPDIR

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\ProxyStubClsid32

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib

HKCR\Interface\{CF54BE1C-9359-4395-8533-1657CF209CFE}\TypeLib#Version

HKLM\Software\FocusInteractive

HKLM\Software\FocusInteractive\bar

HKLM\Software\FocusInteractive\bar\Switches

HKLM\Software\FocusInteractive\bar\Switches#incmail.exe

HKLM\Software\FocusInteractive\bar\Switches#msimn.exe

HKLM\Software\FocusInteractive\bar\Switches#msn.exe

HKLM\Software\FocusInteractive\bar\Switches#outlook.exe

HKLM\Software\FocusInteractive\bar\Switches#waol.exe

HKLM\Software\FocusInteractive\bar\Switches#aim.exe

HKLM\Software\FocusInteractive\bar\Switches#icq.exe

HKLM\Software\FocusInteractive\bar\Switches#icqlite.exe

HKLM\Software\FocusInteractive\bar\Switches#msmsgs.exe

HKLM\Software\FocusInteractive\bar\Switches#msnmsgr.exe

HKLM\Software\FocusInteractive\bar\Switches#ypager.exe

HKLM\Software\FocusInteractive\bar\Switches#au

HKLM\Software\FocusInteractive\bar\Switches#mwsSrcAs.dll

HKLM\Software\FocusInteractive\Email-IM

HKLM\Software\FocusInteractive\Email-IM\0

HKLM\Software\FocusInteractive\Email-IM\0#Toolbar

HKLM\Software\FocusInteractive\Email-IM\0#AppName

C:\Program Files\MyWebSearch\bar\1.bin

[m0rgan]

Да хвърлите един поглед и на моите логчета 10x предварително

1.txt

 

AutoRuns.txt

[Night_Raven]

Логовете са чисти.

Препоръчително е обаче да преминеш на avast! 5 и на Internet Explorer 8.

[fewon]

Здравейте имам пробрем и то доста голям при стартиране на "PC"-то ми изписва RUNDLL -.- рестартира ми се "PC"-то след 5 мин проверям го редовно с SUPERAntiSpyware и "Malwarebytes' Anti-Malware" ама пак нищо пак се рестартира ужасно е немога нищо да направя . А не ми се плаща 50 60 лева :( . Знам , че тук ще ми помогнете

 

Ето точно какво ми пише ! :

Error loadingC:\DOCUME~1\User\LOCALS~1\Temp\7701187.dll

The specified module could not be found

[Night_Raven]

Изтегли GMER. Разархивирай, ако е в архив. Стартирай я. Тя ще направи начално сканиране за секунди. След като то приключи НЕ кликай бутон Scan, а кликни бутон Copy и после пейстни съдържанието тук (Ctrl+V). Ако програмата предложи да направи пълно сканиране, откажи.

 

Изтегли DDS и:

1) я стартирай;

2) изчакай да събере информацията си;

3) ще се появят 2 текстови файла, запази ги на удобно място (на работния плот например), архивирай ги и прикачи архива към коментара си.

 

Важно: ако имаш инсталирана антивирусна програма, е желателно да спреш временно резидентната й защита, за да не попречи евентуално на нормалната работа на DDS.

[fewon]

GMER 1.0.15.15281 - http://www.gmer.net

Rootkit quick scan 2010-04-25 00:37:26

Windows 5.1.2600 Service Pack 2

Running: gmer.exe; Driver: C:\DOCUME~1\User\LOCALS~1\Temp\pfrcqaod.sys

 

 

---- System - GMER 1.0.15 ----

 

SSDT spcc.sys ZwEnumerateKey [0xF7381DA4]

SSDT spcc.sys ZwEnumerateValueKey [0xF7382132]

 

---- Devices - GMER 1.0.15 ----

 

Device \FileSystem\Ntfs \Ntfs 831DA1F8

 

AttachedDevice \FileSystem\Ntfs \Ntfs amon.sys (Amon monitor/Eset )

 

Device \FileSystem\Fastfat \Fat 82CDE500

 

AttachedDevice \FileSystem\Fastfat \Fat amon.sys (Amon monitor/Eset )

 

---- EOF - GMER 1.0.15 ----

ето и от 2 програма :

 

DDS (Ver_10-03-17.01) - NTFSx86

Run by User at 0:27:23,21 on 25.04.2010 Ј.

Internet Explorer: 8.0.6001.18702 BrowserJavaVersion: 1.6.0_17

Microsoft Windows XP Professional 5.1.2600.2.1251.359.1033.18.767.216 [GMT 3:00]

 

AV: ESET NOD32 antivirus system 2.70 *On-access scanning enabled* (Updated) {E5E70D32-0101-4F12-8FB0-D96ACA4F34C0}

 

============== Running Processes ===============

 

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost -k DcomLaunch

svchost.exe

C:\WINDOWS\System32\svchost.exe -k netsvcs

svchost.exe

svchost.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\LEXBCES.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\LEXPPS.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

C:\WINDOWS\Datecs\Flex2K.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

svchost.exe

C:\WINDOWS\System32\svchost.exe -k Akamai

C:\Program Files\GameTracker\GSInGameService.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\AC Web Ultimate Repack\Server\mysql\bin\mysqld-nt.exe

C:\Program Files\Eset\nod32krn.exe

C:\WINDOWS\system32\svchost.exe -k imgsvc

C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exe

C:\WINDOWS\System32\TUProgSt.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\TeamViewer\Version5\TeamViewer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\User\Desktop\gmer.exe

d:\My Documents\Downloads\dds.scr

 

============== Pseudo HJT Report ===============

 

uStart Page = hxxp://www.garena.com/

uSearch Page = hxxp://www.google.com

uSearch Bar = hxxp://www.google.com/ie

uInternet Settings,ProxyOverride = 127.0.0.1

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mSearchAssistant = hxxp://www.google.com/ie

uURLSearchHooks: H - No File

uURLSearchHooks: H - No File

BHO: btorbit.com: {000123b4-9b42-4900-b3f7-f4b073efc214} - Octh Class

BHO: BitComet ClickCapture: {39f7e362-828a-4b5a-bcaf-5b79bfdfea60} - BitComet Helper

BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.5.4723.1820\swg.dll

BHO: Ask Toolbar BHO: {d4027c7f-154a-4066-a1ad-4243d8127440} - Ask Toolbar

BHO: Java Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll

BHO: JQSIEStartDetectorImpl Class: {e7e6f031-17ce-4c07-bc86-eabfe594f69c} - c:\program files\java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

TB: DAEMON Tools Toolbar: {32099aac-c132-4136-9e9a-4e364a424e17} -

TB: Ask Toolbar: {d4027c7f-154a-4066-a1ad-4243d8127440} -

TB: Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar_32.dll

TB: {09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - No File

uRun: [Configuring] rundll32.exe c:\docume~1\user\locals~1\temp\7701187.dll,W

uRun: [DAEMON Tools Lite] "c:\program files\daemon tools lite\daemon.exe" -autorun

uRun: [DAEMON Tools Pro Agent] "c:\program files\daemon tools pro\DTProAgent.exe" -autorun

uRun: [skype] "c:\program files\skype\phone\Skype.exe" /nosplash /minimized

uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"

uRun: [uTorrent] "c:\program files\utorrent\uTorrent.exe"

uRun: [sUPERAntiSpyware] c:\program files\superantispyware\SUPERAntiSpyware.exe

mRun: [Alcmtr] ALCMTR.EXE

mRun: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

mRun: [NeroFilterCheck] c:\windows\system32\NeroCheck.exe

mRun: [nod32kui] "c:\program files\eset\nod32kui.exe" /WAITSERVICE

mRun: [RTHDCPL] RTHDCPL.EXE

mRun: [sunJavaUpdateSched] "c:\program files\java\jre6\bin\jusched.exe"

dRun: [CTFMON.EXE] c:\windows\system32\CTFMON.EXE

StartupFolder: c:\docume~1\user\startm~1\programs\startup\adobeg~1.lnk - c:\program files\common files\adobe\calibration\Adobe Gamma Loader.exe

StartupFolder: c:\documents and settings\user\start menu\programs\startup\CurseClientStartup.ccip

StartupFolder: c:\docume~1\alluse~1\startm~1\programs\startup\flexty~1.lnk - c:\windows\datecs\Flex2K.exe

IE: &D&ownload &with BitComet - d:\programs\bitcomet\BitComet.exe/AddLink.htm

IE: &D&ownload all video with BitComet - d:\programs\bitcomet\BitComet.exe/AddVideo.htm

IE: &D&ownload all with BitComet - d:\programs\bitcomet\BitComet.exe/AddAllLink.htm

IE: &Download All using 4shared Desktop - c:\program files\4shared desktop\down_all.htm

IE: &Download by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/201

IE: &Download using 4shared Desktop - c:\program files\4shared desktop\down_link.htm

IE: &Grab video by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/204

IE: + Offline &Explorer: Download the link - file://c:\program files\offline explorer pro\Add_UrlO.htm

IE: + Offline E&xplorer: Download the current page - file://c:\program files\offline explorer pro\Add_AllO.htm

IE: Do&wnload selected by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/203

IE: Down&load all by Orbit - c:\program files\orbitdownloader\orbitmxt.dll/202

IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000

IE: Google Sidewiki... - c:\program files\google\google toolbar\component\GoogleToolbarDynamic_mui_en_96D6FF0C6D236BF8.dll/cmsidewiki.html

IE: {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - {E7A829CC-671F-4C3D-B590-8C0AEA72E6B2}

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~2\office11\REFIEBAR.DLL

LSP: c:\windows\system32\imon.dll

DPF: Microsoft XML Parser for Java - file://c:\windows\java\classes\xmldso.cab

DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_17-windows-i586.cab

DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab

Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\progra~1\common~1\skype\SKYPE4~1.DLL

Notify: !SASWinLogon - c:\program files\superantispyware\SASWINLO.dll

Notify: AtiExtEvent - Ati2evxx.dll

SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - c:\windows\system32\WPDShServiceObj.dll

SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL

mASetup: {9A0AD865-8CFA-9D24-021C-EDB3707BC5F9} - c:\windows\system32\fdgm.exe

Hosts: 94.23.73.61 L2authd.lineage2.com

Hosts: 94.23.73.61 L2testauthd.lineage2.com

Hosts: 216.107.250.194 protect.lineage2.com

Hosts: 216.107.250.194 nProtect.lineage2.com

Hosts: 216.107.250.194 update.nProtect.com

 

Note: multiple HOSTS entries found. Please refer to Attach.txt

 

================= FIREFOX ===================

 

FF - ProfilePath - c:\docume~1\user\applic~1\mozilla\firefox\profiles\t0lgqit9.default\

FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&SearchSource=3&q={searchTerms}

FF - prefs.js: browser.search.selectedEngine - Google

FF - prefs.js: browser.startup.homepage - hxxp://zamunda.net/

FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2233703&q=

FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\t0lgqit9.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\FFExternalAlert.dll

FF - component: c:\documents and settings\user\application data\mozilla\firefox\profiles\t0lgqit9.default\extensions\{09ec805c-cb2e-4d53-b0d3-a75a428b81c7}\components\RadioWMPCore.dll

FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nppl3260.dll

FF - plugin: c:\program files\k-lite codec pack\real\browser\plugins\nprpjplug.dll

FF - HiddenExtension: Microsoft .NET Framework Assistant: {20a82645-c095-46ed-80e3-08825760534b} - c:\windows\microsoft.net\framework\v3.5\windows presentation foundation\dotnetassistantextension\

FF - HiddenExtension: Java Console: No Registry Reference - c:\program files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

 

---- FIREFOX POLICIES ----

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_colors", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.use_native_popup_windows", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.enable_click_image_resizing", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("accessibility.browsewithcaret_shortcut.enabled", true);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.high_water_mark", 32);

c:\program files\mozilla firefox\greprefs\all.js - pref("javascript.options.mem.gc_frequency", 1600);

c:\program files\mozilla firefox\greprefs\all.js - pref("network.auth.force-generic-ntlm", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("svg.smil.enabled", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("ui.trackpoint_hack.enabled", -1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.debug", false);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.agedWeight", 2);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.bucketSize", 1);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.maxTimeGroupings", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.timeGroupingSize", 604800);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.boundaryWeight", 25);

c:\program files\mozilla firefox\greprefs\all.js - pref("browser.formfill.prefixWeight", 5);

c:\program files\mozilla firefox\greprefs\all.js - pref("html5.enable", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.allow_unrestricted_renego_everywhere__temporarily_available_pref", true);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.renego_unrestricted_hosts", "");

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.treat_unsafe_negotiation_as_broken", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl.require_safe_negotiation", false);

c:\program files\mozilla firefox\greprefs\security-prefs.js - pref("security.ssl3.rsa_seed_sha", true);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.download.backgroundInterval", 600);

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("app.update.url.manual", "http://www.firefox.com");

c:\program files\mozilla firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-ja", "mozff");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.name", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("extensions.{972ce4c6-7e08-4474-a285-3208198ce6fd}.description", "chrome://browser/locale/browser.properties");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add", "addons.mozilla.org");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("xpinstall.whitelist.add.36", "getpersonas.com");

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("lightweightThemes.update.enabled", true);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.allTabs.previews", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.hide_infobar_for_outdated_plugin", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("plugins.update.notifyUser", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("toolbar.customization.usesheet", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.enable", false);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.max", 20);

c:\program files\mozilla firefox\defaults\pref\firefox.js - pref("browser.taskbar.previews.cachetime", 20);

 

============= SERVICES / DRIVERS ===============

 

R1 nod32drv;nod32drv;c:\windows\system32\drivers\nod32drv.sys [2009-4-22 15424]

R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\sasdifsv.sys [2010-2-17 12872]

R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-2-17 66632]

R2 Akamai;Akamai NetSession Interface;c:\windows\system32\svchost.exe -k Akamai [2004-8-4 14336]

R2 GS In-Game Service;GS In-Game Service;c:\program files\gametracker\GSInGameService.exe [2010-3-17 1643872]

R2 NOD32krn;NOD32 Kernel Service;c:\program files\eset\nod32krn.exe [2009-4-22 549256]

R2 TeamViewer5;TeamViewer 5;c:\program files\teamviewer\version5\TeamViewer_Service.exe [2010-1-12 185640]

R3 SASENUM;SASENUM;c:\program files\superantispyware\SASENUM.SYS [2010-2-17 12872]

R3 teamviewervpn;TeamViewer VPN Adapter;c:\windows\system32\drivers\teamviewervpn.sys [2009-11-9 25088]

S2 Apache2.2;Apache2.2;c:\ac web ultimate repack\server\apache\bin\apache.exe [2009-11-24 17408]

S2 gupdate;Ус»уі° Google Update (gupdate);c:\program files\google\update\GoogleUpdate.exe [2010-3-12 135664]

S3 FXDrv32;FXDrv32;\??\e:\fxdrv32.sys --> e:\FXDrv32.sys [?]

S3 GarenaPEngine;GarenaPEngine;c:\docume~1\user\locals~1\temp\PDV631.tmp [2010-4-22 25616]

S3 npggsvc;nProtect GameGuard Service;c:\windows\system32\gamemon.des -service --> c:\windows\system32\GameMon.des -service [?]

S3 XDva309;XDva309;\??\c:\windows\system32\xdva309.sys --> c:\windows\system32\XDva309.sys [?]

 

=============== Created Last 30 ================

 

2010-04-24 17:21:10 0 d-----w- c:\docume~1\alluse~1\applic~1\SUPERAntiSpyware.com

2010-04-24 17:21:00 0 d-----w- c:\program files\SUPERAntiSpyware

2010-04-24 17:21:00 0 d-----w- c:\docume~1\user\applic~1\SUPERAntiSpyware.com

2010-04-24 17:20:52 0 d-----w- c:\program files\common files\Wise Installation Wizard

2010-04-24 13:54:53 0 d-----w- c:\docume~1\alluse~1\applic~1\SpeedyPC

2010-04-24 10:21:09 221184 ----a-w- c:\windows\system32\wmpns.dll

2010-04-24 08:14:42 0 d-sh--w- c:\documents and settings\user\PrivacIE

2010-04-24 08:13:47 0 d-sh--w- c:\documents and settings\user\IETldCache

2010-04-24 08:01:11 0 dc-h--w- c:\windows\ie8

2010-04-24 08:01:11 0 d-----w- c:\windows\system32\bg-BG

2010-04-23 16:26:01 0 d-----w- c:\docume~1\user\applic~1\Malwarebytes

2010-04-23 16:25:56 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys

2010-04-23 16:25:54 20824 ----a-w- c:\windows\system32\drivers\mbam.sys

2010-04-23 16:25:54 0 d-----w- c:\program files\Malwarebytes' Anti-Malware

2010-04-23 16:25:54 0 d-----w- c:\docume~1\alluse~1\applic~1\Malwarebytes

2010-04-17 09:42:50 0 d-----w- c:\program files\Custom-Strike

2010-04-13 19:32:17 986112 ----a-w- c:\windows\system32\kabaker.dll

2010-04-03 16:25:52 515416 ----a-w- c:\windows\system32\XAudio2_5.dll

2010-04-03 16:25:51 1974616 ----a-w- c:\windows\system32\D3DCompiler_42.dll

2010-04-03 16:25:50 1892184 ----a-w- c:\windows\system32\D3DX9_42.dll

2010-04-02 10:49:14 0 d-----w- c:\program files\Total Video Converter

2010-04-02 09:35:55 0 d-----w- c:\program files\Garena

2010-04-01 21:07:43 218624 ----a-w- c:\windows\system32\uxtheme.backup

2010-04-01 21:04:22 0 d-----w- c:\windows\VistaMizer

2010-03-28 19:12:39 0 d-----w- c:\program files\common files\Akamai

2010-03-28 14:14:04 32 ----a-w- c:\docume~1\alluse~1\applic~1\ezsid.dat

2010-03-26 20:53:36 0 d-----w- c:\program files\common files\Adobe Systems Shared

2010-03-25 22:20:02 0 d-----w- c:\program files\Silkroad

 

==================== Find3M ====================

 

2010-04-04 12:20:38 240575 ----a-w- c:\windows\War3Unin.dat

2010-04-01 21:07:43 218624 ----a-w- c:\windows\system32\uxtheme.dll

2010-02-26 15:08:55 30374 ----a-w- c:\windows\DIIUnin.dat

2010-02-26 15:07:31 21840 ----atw- c:\windows\system32\SIntfNT.dll

2010-02-26 15:07:31 17212 ----atw- c:\windows\system32\SIntf32.dll

2010-02-26 15:07:31 12067 ----atw- c:\windows\system32\SIntf16.dll

2010-02-26 14:56:25 94208 ----a-w- c:\windows\DIIUnin.exe

2010-02-26 14:56:25 2829 ----a-w- c:\windows\DIIUnin.pif

2010-02-26 11:35:08 691696 ----a-w- c:\windows\system32\drivers\sptd.sys

2010-02-26 06:12:17 81920 ------w- c:\windows\system32\ieencode.dll

2010-02-25 06:24:37 916480 ----a-w- c:\windows\system32\wininet.dll

2010-02-24 12:31:30 454016 ----a-w- c:\windows\system32\drivers\mrxsmb.sys

2010-02-16 13:19:55 2181376 ----a-w- c:\windows\system32\ntoskrnl.exe

2010-02-16 12:39:04 2058368 ----a-w- c:\windows\system32\ntkrnlpa.exe

2010-02-12 10:03:03 293376 ------w- c:\windows\system32\browserchoice.exe

2010-02-12 04:47:05 100864 ----a-w- c:\windows\system32\6to4svc.dll

2010-02-07 18:51:54 1094111 ----a-w- c:\program files\SetupFT2K.exe

2010-01-27 13:16:48 2829 ----a-w- c:\windows\War3Unin.pif

2010-01-27 13:16:48 139264 ----a-w- c:\windows\War3Unin.exe

2009-06-11 13:02:03 963 ----a-w- c:\program files\Lexmark X1100 Series All-In-One Center.lnk

 

============= FINISH: 0:27:43,53 ===============

2 е

 

UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.

IF REQUESTED, ZIP IT UP & ATTACH IT

 

DDS (Ver_10-03-17.01)

 

Microsoft Windows XP Professional

Boot Device: \Device\HarddiskVolume1

Install Date: 22.4.2009 г. 15:24:52

System Uptime: 25.4.2010 г. 00:23:34 (0 hours ago)

 

Motherboard: FOXCONN | | A7VMX-S/A7VMX-K/A7GMX-S/A7GMX-K

Processor: AMD Athlon 64 Processor 3500+ | Socket 940 | 2200/200mhz

 

==== Disk Partitions =========================

 

A: is Removable

C: is FIXED (NTFS) - 50 GiB total, 28,84 GiB free.

D: is FIXED (NTFS) - 248 GiB total, 201,229 GiB free.

E: is CDROM ()

F: is CDROM ()

 

==== Disabled Device Manager Items =============

 

Class GUID:

Description: PC Camera

Device ID: USB\VID_0AC8&PID_303B\5&1C910D68&0&3

Manufacturer:

Name: PC Camera

PNP Device ID: USB\VID_0AC8&PID_303B\5&1C910D68&0&3

Service:

 

Class GUID: {4D36E96F-E325-11CE-BFC1-08002BE10318}

Description: PS/2 Compatible Mouse

Device ID: ACPI\PNP0F13\4&338ACB6F&0

Manufacturer: Microsoft

Name: PS/2 Compatible Mouse

PNP Device ID: ACPI\PNP0F13\4&338ACB6F&0

Service: i8042prt

 

Class GUID: {4D36E97E-E325-11CE-BFC1-08002BE10318}

Description: Multimedia Controller

Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_F31F1461&REV_D0\4&2966AB86&0&28A4

Manufacturer:

Name: Multimedia Controller

PNP Device ID: PCI\VEN_1131&DEV_7133&SUBSYS_F31F1461&REV_D0\4&2966AB86&0&28A4

Service:

 

==== System Restore Points ===================

 

No restore point in system.

 

==== Hosts File Hijack ======================

 

Hosts: 94.23.73.61 L2authd.lineage2.com

Hosts: 94.23.73.61 L2testauthd.lineage2.com

Hosts: 216.107.250.194 protect.lineage2.com

Hosts: 216.107.250.194 nProtect.lineage2.com

Hosts: 216.107.250.194 update.nProtect.com

Hosts: 216.107.250.194 update.nProtect.net

Hosts: 67.227.175.25 worldofwarcraft.com

Hosts: 67.227.175.25 us.logon.worldofwarcraft.com

Hosts: 67.227.175.25 eu.logon.worldofwarcraft.com

Hosts: 67.227.175.25 eu.version.worldofwarcraft.com

Hosts: 67.227.175.25 us.version.worldofwarcraft.com

Hosts: 67.227.175.25 amdwow.com

Hosts: 67.227.175.25 amdwow.no-ip.org

Hosts: 67.227.175.25 eternion-wow.com

Hosts: 67.227.175.25 undamed-wow.com

Hosts: 67.227.175.25 wowcooc.com

Hosts: 67.227.175.25 mond-wow.com

Hosts: 67.227.175.25 frostmourne-wow.eu

Hosts: 67.227.175.25 wow-pwnage.com

Hosts: 67.227.175.25 wowoptimus.com

Hosts: 67.227.175.25 wowbeez.com

Hosts: 67.227.175.25 worldofthegods.com

Hosts: 67.227.175.25 worldofwarcraft.com

Hosts: 67.227.175.25 us.logon.worldofwarcraft.com

Hosts: 67.227.175.25 eu.logon.worldofwarcraft.com

Hosts: 67.227.175.25 eu.version.worldofwarcraft.com

Hosts: 67.227.175.25 us.version.worldofwarcraft.com

Hosts: 67.227.175.25 amdwow.com

Hosts: 67.227.175.25 amdwow.no-ip.org

Hosts: 67.227.175.25 eternion-wow.com

Hosts: 67.227.175.25 undamed-wow.com

Hosts: 67.227.175.25 wowcooc.com

Hosts: 67.227.175.25 mond-wow.com

Hosts: 67.227.175.25 frostmourne-wow.eu

Hosts: 67.227.175.25 wow-pwnage.com

Hosts: 67.227.175.25 wowoptimus.com

Hosts: 67.227.175.25 wowbeez.com

Hosts: 67.227.175.25 worldofthegods.com

 

==== Installed Programs ======================

 

П°єµт ·° µ·ёєѕІ ёЅтµрфµ№с Ѕ° Windows

ABBYY FineReader 5.0 Sprint

Adobe Bridge 1.0

Adobe Common File Installer

Adobe Flash Player 10 ActiveX

Adobe Flash Player 10 Plugin

Adobe Help Center 1.0

Adobe Photoshop CS2

Adobe Stock Photos 1.0

Akamai NetSession Interface

Ask Toolbar

Asoftech Speeder

ATI Catalyst Control Center

ATI Display Driver

Banner Maker Pro Version 6

BSPlayer

Cabal Project Client

Camtasia Studio 6

Catalyst Control Center Core Implementation

Catalyst Control Center Graphics Full Existing

Catalyst Control Center Graphics Full New

Catalyst Control Center Graphics Light

Catalyst Control Center Graphics Previews Common

ccc-core-preinstall

ccc-core-static

ccc-utility

CCC Help English

Counter-Strike 1.6

Critical Update for Windows Media Player 11 (KB959772)

Cs 1.6 Background Maker v3.0

Curse Client

Decal Converter

Diablo II

DivX Web Player

FIFA 09

FIFA 10

FileZilla Client 3.3.2

FlexType 2K

Garena 2010

GIMP 2.6.8

Google Chrome

Google Toolbar for Internet Explorer

Google Update Helper

Hamachi 1.0.2.2

Harry Potter and the Half-Blood Prince™

High Definition Audio Driver Package - KB888111

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)

Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)

Hotfix for Windows Media Format 11 SDK (KB929399)

Hotfix for Windows Media Player 11 (KB939683)

Hotfix for Windows XP (KB926239)

Hotfix for Windows XP (KB935448)

Hotfix for Windows XP (KB952287)

Hotfix for Windows XP (KB954550-v5)

Hotfix for Windows XP (KB961118)

Hotfix for Windows XP (KB976002-v5)

Hotfix for Windows XP (KB979306)

Java 6 Update 17

K-Lite Mega Codec Pack 4.3.4

Lexmark X1100 Series

Lineage II

Lineage II Amerika

Malwarebytes' Anti-Malware

Microsoft .NET Framework 2.0 Service Pack 2

Microsoft .NET Framework 3.0 Service Pack 2

Microsoft .NET Framework 3.5 SP1

Microsoft Compression Client Pack 1.0 for Windows XP

Microsoft Office 2003 Bulgarian User Interface Pack

Microsoft Office Professional Edition 2003

Microsoft User-Mode Driver Framework Feature Pack 1.0

Microsoft Visual C++ 2005 Redistributable

Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

Mozilla Firefox (3.6.3)

MSXML 6 Service Pack 2 (KB973686)

Nero 6 Ultra Edition

NOD32 antivirus system

NOD32 FiX v2.1

REALTEK GbE & FE Ethernet PCI NIC Driver

Realtek High Definition Audio Driver

Security Update for Windows Media Player (KB911564)

Security Update for Windows Media Player (KB952069)

Security Update for Windows Media Player (KB954155)

Security Update for Windows Media Player (KB968816)

Security Update for Windows Media Player (KB973540)

Security Update for Windows Media Player 11 (KB936782)

Security Update for Windows Media Player 11 (KB954154)

Security Update for Windows Media Player 6.4 (KB925398)

Security Update for Windows XP (KB890046)

Security Update for Windows XP (KB893756)

Security Update for Windows XP (KB896358)

Security Update for Windows XP (KB896423)

Security Update for Windows XP (KB899591)

Security Update for Windows XP (KB900725)

Security Update for Windows XP (KB901017)

Security Update for Windows XP (KB901214)

Security Update for Windows XP (KB902400)

Security Update for Windows XP (KB905414)

Security Update for Windows XP (KB905749)

Security Update for Windows XP (KB911562)

Security Update for Windows XP (KB911927)

Security Update for Windows XP (KB913580)

Security Update for Windows XP (KB914388)

Security Update for Windows XP (KB914389)

Security Update for Windows XP (KB918118)

Security Update for Windows XP (KB918439)

Security Update for Windows XP (KB920213)

Security Update for Windows XP (KB920670)

Security Update for Windows XP (KB920683)

Security Update for Windows XP (KB923191)

Security Update for Windows XP (KB923561)

Security Update for Windows XP (KB923980)

Security Update for Windows XP (KB924667)

Security Update for Windows XP (KB925902)

Security Update for Windows XP (KB926255)

Security Update for Windows XP (KB926436)

Security Update for Windows XP (KB927779)

Security Update for Windows XP (KB927802)

Security Update for Windows XP (KB928255)

Security Update for Windows XP (KB929123)

Security Update for Windows XP (KB930178)

Security Update for Windows XP (KB931261)

Security Update for Windows XP (KB932168)

Security Update for Windows XP (KB938464-v2)

Security Update for Windows XP (KB941569)

Security Update for Windows XP (KB943055)

Security Update for Windows XP (KB944338-v2)

Security Update for Windows XP (KB944653)

Security Update for Windows XP (KB945553)

Security Update for Windows XP (KB946026)

Security Update for Windows XP (KB946648)

Security Update for Windows XP (KB950749)

Security Update for Windows XP (KB950762)

Security Update for Windows XP (KB950974)

Security Update for Windows XP (KB951066)

Security Update for Windows XP (KB951376-v2)

Security Update for Windows XP (KB951748)

Security Update for Windows XP (KB952004)

Security Update for Windows XP (KB952954)

Security Update for Windows XP (KB954600)

Security Update for Windows XP (KB955069)

Security Update for Windows XP (KB956572)

Security Update for Windows XP (KB956802)

Security Update for Windows XP (KB956803)

Security Update for Windows XP (KB956844)

Security Update for Windows XP (KB957097)

Security Update for Windows XP (KB958470)

Security Update for Windows XP (KB958644)

Security Update for Windows XP (KB958687)

Security Update for Windows XP (KB958869)

Security Update for Windows XP (KB959426)

Security Update for Windows XP (KB960225)

Security Update for Windows XP (KB960803)

Security Update for Windows XP (KB960859)

Security Update for Windows XP (KB961371)

Security Update for Windows XP (KB961501)

Security Update for Windows XP (KB968537)

Security Update for Windows XP (KB969059)

Security Update for Windows XP (KB969947)

Security Update for Windows XP (KB970238)

Security Update for Windows XP (KB971032)

Security Update for Windows XP (KB971468)

Security Update for Windows XP (KB971557)

Security Update for Windows XP (KB971633)

Security Update for Windows XP (KB971657)

Security Update for Windows XP (KB971961)

Security Update for Windows XP (KB972260)

Security Update for Windows XP (KB972270)

Security Update for Windows XP (KB973346)

Security Update for Windows XP (KB973354)

Security Update for Windows XP (KB973507)

Security Update for Windows XP (KB973869)

Security Update for Windows XP (KB973904)

Security Update for Windows XP (KB974112)

Security Update for Windows XP (KB974318)

Security Update for Windows XP (KB974392)

Security Update for Windows XP (KB974571)

Security Update for Windows XP (KB975025)

Security Update for Windows XP (KB975467)

Security Update for Windows XP (KB975560)

Security Update for Windows XP (KB975561)

Security Update for Windows XP (KB975713)

Security Update for Windows XP (KB977816)

Security Update for Windows XP (KB977914)

Security Update for Windows XP (KB978037)

Security Update for Windows XP (KB978262)

Security Update for Windows XP (KB978338)

Security Update for Windows XP (KB978601)

Security Update for Windows XP (KB978706)

Security Update for Windows XP (KB979309)

Security Update for Windows XP (KB979683)

Security Update for Windows XP (KB980232)

Security Update for Windows XP (KB981350)

Silkroad

Skins

Skype™ 4.2

Sonic & SEGA All-Stars Racing

SpeedyPC

StarCraft II Beta

SUPERAntiSpyware Free Edition

TeamViewer 5

Total Video Converter 3.02

TuneUp Utilities 2009

Unlimited Cabal

Update for Microsoft .NET Framework 3.5 SP1 (KB963707)

Update for Windows Internet Explorer 8 (KB980182)

Update for Windows Internet Explorer 8 (KB980302)

Update for Windows XP (KB894391)

Update for Windows XP (KB898461)

Update for Windows XP (KB900485)

Update for Windows XP (KB908531)

Update for Windows XP (KB910437)

Update for Windows XP (KB911280)

Update for Windows XP (KB916595)

Update for Windows XP (KB920872)

Update for Windows XP (KB922582)

Update for Windows XP (KB925720)

Update for Windows XP (KB927891)

Update for Windows XP (KB930916)

Update for Windows XP (KB938828)

Update for Windows XP (KB955759)

Update for Windows XP (KB955839)

Update for Windows XP (KB967715)

Update for Windows XP (KB968389)

Update for Windows XP (KB973687)

Update for Windows XP (KB973815)

Update for Windows XP (KB980182)

Valve Hammer Editor

VC80CRTRedist - 8.0.50727.762

VistaMizer 3.6.0.0

Warcraft III: All Products

WebFldrs XP

Winamp (remove only)

Windows Imaging Component

Windows Installer 3.1 (KB893803)

Windows Internet Explorer 8

Windows Media Format 11 runtime

Windows Media Player 11

Windows XP Hotfix - KB873339

Windows XP Hotfix - KB885835

Windows XP Hotfix - KB886185

Windows XP Hotfix - KB888302

Windows XP Hotfix - KB890859

World of Warcraft

WoW Colors

съ»і°рсєё ёЅтµрфµ№с ·° Nero Burning Rom v6.6.1.4

ррхёІ°тѕр WinRAR

µTorrent

 

==== Event Viewer Messages From Past Week ========

 

24.4.2010 і. 23:10:51, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 22:59:15, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 21:17:38, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 20:55:44, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 16:26:24, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 16:25:57, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 001FE25BAA43 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

24.4.2010 і. 15:42:44, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 15:27:59, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 15:27:34, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 001FE25BAA43 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

24.4.2010 і. 15:10:03, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 14:56:31, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 14:10:03, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 13:40:24, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 13:24:59, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 13:23:00, error: Windows Update Agent [20] - Installation Failure: Windows failed to install the following update with error 0x8007f0f1: Security Update for Windows XP (KB885836).

24.4.2010 і. 12:29:00, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 11:47:02, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 11:14:18, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

24.4.2010 і. 10:42:24, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 21:24:41, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 20:46:38, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 17:59:07, error: DCOM [10005] - DCOM got error "%1058" attempting to start the service wuauserv with arguments "" in order to run the server: {E60687F7-01A1-40AA-86AC-DB1CBF673334}

23.4.2010 і. 16:49:50, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 16:49:22, error: Dhcp [1002] - The IP address lease 192.168.1.102 for the Network Card with network address 001FE25BAA43 has been denied by the DHCP server 0.0.0.0 (The DHCP Server sent a DHCPNACK message).

23.4.2010 і. 16:20:17, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 16:16:06, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 15:52:47, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

23.4.2010 і. 14:42:00, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

22.4.2010 і. 13:17:32, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

21.4.2010 і. 18:19:47, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

19.4.2010 і. 19:14:27, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

19.4.2010 і. 14:44:35, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

18.4.2010 і. 22:56:21, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

18.4.2010 і. 20:55:29, error: Service Control Manager [7024] - The Apache2.2 service terminated with service-specific error 1 (0x1).

 

==== End Of File ===========================

[Night_Raven]

Моля, качи следните файлове за сканиране във VirusTotal:

c:\windows\system32\fdgm.exe

c:\windows\system32\kabaker.dll

 

Как се работи със сайта: зареждаш страницата, кликаш бутон Choose..., посочваш дадения файл, след което кликаш бутон Send File. Изчакваш файлът да се качи. Ако файлът е бил вече сканиран, кликни долу бутон Show last report. В противен случай изчакай да приключи сканирането. Когато е готово, статутът срещу "Current status" ще се смени на "finished". Накрая копирай линка от адресната лента на браузъра и го пейстни тук.

Повтори операцията с всички споменати по-горе файлове.

 

Изтегли HijackThis 2.0.4, която съм преименувал нарочно, и:

1) стартирай програмата;

2) кликни Do a system scan only;

3) в прозореца намери реда с [Configuring] rundll32.exe c:\docume~1\user\locals~1\temp\7701187.dll,W и му постави отметка;

4) кликни бутон Fix checked и потвърди с Yes на всякакви евентуални въпроси;

5) затвори програмата.

 

Допълнителни съвети за сигруност:

- горещо препоръчително е да инсталираш Service Pack 3, който е важен ъпдейт, съдържащ голяма колекция от кръпки за сигурността;

- обнови версията на Java Runtime Environment, която имаш: деинсталирай всички версии на Java от аплета за деинсталиране на приложения, след което изтегли актуалната версия от тук и я инсталирай.

 

Допълнителни съвети от общо естество:

- FlexType 2K е като цяло много калпава и ненужна програма. Препоръчително е да я разкараш и да ползваш стандартната кирилица на операционната система. Можеш да деинсталираш и почистиш FlexType 2K с помощта на моя инструмент. Ако имаш нужда от фонетична подредба, можеш да ползваш тази, която съм включил в същия инструмент или да си инсталираш друга, по твое желание.

- имай предвид, че програми от рода на TuneUp Utilities, SpeedyPC и всякакви други оптимизиращи и почистващи програми са с много съмнитела ефективност (да не кажа, че са напълно безполезни);

- избягвай да ползваш по-дълбоки трансормиращи пакети за интерфейса на Windows от рода на VistaMizer (каквато имаш в случая), Vista Transformation Pack и т.н.

Повече полезна информация можеш да намериш в тази тема.

[fewon]

Моля, качи следните файлове за сканиране във VirusTotal:

c:\windows\system32\fdgm.exe

c:\windows\system32\kabaker.dll

 

тази тема.

ами този фаил го нямам -.- този 1 аз имам само 2

https://www.virustotal.com/analisis/7cd8d903974985f74e7843204168c8ea720322be84edb2ba4ed508ee353cc174-1272020529

стана но пак се рестартира "PC"-то помощ :'( иначe не се изписва RUNDLL

[Night_Raven]

Нищо не разбрах. Моля, пиши на български.

Иначе виждам, че си качил само един файл и то такъв, който няма нищо общо с тези, които ти казах да качиш. Моля, качи точно тези два, които споменах.

[Jus7m3]

Здравейте! имам същия проблем като повечето от колегите в темата "error loading C:\PROGRA~1\MYWEB~1\bar\1.bin\M3PLUGIN.DLL"

направих проверка с "HijackThis"

Logfile of HijackThis v1.99.1

Scan saved at 17:16:45, on 25.4.2010 г.

Platform: Windows XP SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

 

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe

C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\DAEMON Tools Lite\daemon.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe

C:\Program Files\Electronic Arts\EADM\Core.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe

C:\Program Files\Datecs\FlexType 2K\FType2K.exe

C:\Program Files\Hamachi\hamachi.exe

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\PnkBstrA.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\NOTEPAD.EXE

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\user\My Documents\Downloads\alabala.exe

 

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://zamunda.net/

R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://www.daemon-search.com/startpage

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll

O4 - HKLM\..\Run: [HDAudDeck] C:\Program Files\VIA\VIAudioi\HDADeck\HDeck.exe 1

O4 - HKLM\..\Run: [Ai Nap] "C:\Program Files\ASUS\AI Suite\AiNap\AiNap.exe"

O4 - HKLM\..\Run: [QFan Help] "C:\Program Files\ASUS\AI Suite\QFan3\QFanHelp.exe"

O4 - HKLM\..\Run: [Cpu Level Up help] "C:\Program Files\ASUS\AI Suite\CpuLevelUpHelp.exe"

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent

O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice

O4 - HKLM\..\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF

O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon.exe" -autorun

O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe"

O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU\..\Run: [skype] "C:\Program Files\Skype\\Phone\Skype.exe" /nosplash /minimized

O4 - Startup: hamachi.lnk = C:\Program Files\Hamachi\hamachi.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: BlueSoleil.lnk = ?

O4 - Global Startup: FlexType 2K.lnk = C:\Program Files\Datecs\FlexType 2K\FType2K.exe

O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: PokerStars - {3AD14F0C-ED16-4e43-B6D8-661B03F6A1EF} - C:\Program Files\PokerStars\PokerStarsUpdate.exe

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: ESET HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

[Night_Raven]

Моля, изчакай си реда. Досадно и объркващо е да се работи по няколко проблема в една и съща тема.