Антивирусните програми - дискусии, мнения и съвети

finalista · Август 3, 2009

Здравей,

01. Деинсталирах програмите, които намерих по списъка ...

02. Компютърът не е за мен, а за дъщеря ми и внука ми - затова има два твърди диска - по един за двамата

- внукът ми да играе игри от C:\

- дъщеря ми да гледа филми от D:\, освен това да използва речниците и MS Ofiice, защото е студентка

03. Изпратих за анализ файла в www.virustotal.com и резултатът е:

http://www.virustotal.com/reanalisis.html?73a2408b76114f77208a3e610ac6a65770e99652f9a96fca1440dcdf93f00385-1249281193


File has already been analysed:
MD5: 	ce931021e18f385f519e945a8a10548e
First received: 	2009.02.16 11:20:10 UTC
Date: 	2009.07.31 21:36:56 UTC [>2D]
Results: 	0/41
Permalink: 	analisis/73a2408b76114f77208a3e610ac6a65770e99652f9a96fca1440dcdf93f00385-1249076216

04. Провлачих с ляв бутон на мишката и пуснах върху ComboFix.exe създаденият файл CFScript:

ComboFix 09-08-01.09 - IRINA 03.08.2009  9:58.5.2 - NTFSx86
Microsoft Windows XP Professional  5.1.2600.3.1251.359.1033.18.3327.2889 [GMT 3:00]
Running from: c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Desktop\CFScript

WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!

FILE ::
"c:\docume~1\IRINA~1.GA-\LOCALS~1\Temp\XRJJYQ.exe"
"c:\windows\sued.dat"
"c:\windows\system32\6.tmp"
"c:\windows\system32\SAVRKBootTasks.sys"
.

(((((((((((((((((((((((((   Files Created from 2009-07-03 to 2009-08-03  )))))))))))))))))))))))))))))))
.

2009-08-02 17:23 . 2009-08-02 17:23	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\SUPERAntiSpyware.com
2009-08-02 17:21 . 2009-08-02 22:53	--------	d-----w-	c:\program files\SUPERAntiSpyware
2009-08-02 17:21 . 2009-08-02 17:21	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\SUPERAntiSpyware.com
2009-08-02 09:27 . 2009-08-02 09:31	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Cyberlink
2009-08-02 09:27 . 2009-08-02 09:27	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\CyberLink
2009-08-01 21:25 . 2009-08-01 21:25	--------	d-----w-	c:\program files\MSXML 4.0
2009-07-31 21:35 . 2009-07-31 21:35	--------	d-sh--w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\IECompatCache
2009-07-31 21:05 . 2009-07-31 21:24	--------	d-----w-	c:\windows\SxsCaPendDel
2009-07-31 20:25 . 2009-07-31 20:25	--------	d-----w-	c:\program files\MSSOAP
2009-07-31 20:25 . 2009-07-31 20:25	164	----a-w-	c:\windows\install.dat
2009-07-31 18:54 . 2009-07-31 18:54	--------	d-sh--w-	c:\documents and settings\LocalService.NT AUTHORITY.002\PrivacIE
2009-07-31 18:54 . 2009-07-31 18:54	--------	d-----w-	c:\documents and settings\LocalService.NT AUTHORITY.002\Local Settings\Application Data\BS_Player
2009-07-31 18:54 . 2009-07-31 18:54	--------	d-----w-	c:\documents and settings\LocalService.NT AUTHORITY.002\Local Settings\Application Data\Conduit
2009-07-31 14:52 . 2009-07-31 14:52	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\K-Meleon
2009-07-31 14:52 . 2009-07-31 14:52	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\K-Meleon
2009-07-31 14:51 . 2009-07-31 14:52	--------	d-----w-	c:\program files\K-Meleon
2009-07-31 13:32 . 2009-07-31 13:32	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\Media Player Classic
2009-07-31 13:14 . 2009-07-31 13:14	--------	d-----w-	c:\program files\xmplay34
2009-07-31 12:32 . 2009-07-31 12:32	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\GRETECH
2009-07-31 12:31 . 2009-07-31 12:31	--------	d-----w-	c:\program files\GRETECH
2009-07-31 09:33 . 2009-07-31 09:33	--------	d-----w-	c:\program files\Conduit
2009-07-31 09:33 . 2009-07-31 09:33	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Conduit
2009-07-31 09:33 . 2009-07-31 09:33	--------	d-----w-	c:\program files\Webteh
2009-07-31 09:20 . 2009-07-31 09:23	--------	d-----w-	c:\program files\The KMPlayer
2009-07-31 08:43 . 2009-07-31 08:43	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\CoreCodec
2009-07-31 08:39 . 2009-07-31 08:39	--------	d-----w-	c:\program files\CoreCodec
2009-07-31 08:29 . 2009-07-31 08:38	--------	d-----w-	c:\program files\nvideo-tech
2009-07-31 08:29 . 2009-07-31 08:29	720896	----a-w-	c:\windows\iun6002.exe
2009-07-31 08:22 . 2009-07-31 08:22	--------	d-----w-	c:\program files\Common Files\xing shared
2009-07-31 08:22 . 2009-07-31 08:22	--------	d-----w-	c:\program files\Common Files\Real
2009-07-31 08:22 . 2009-07-31 08:22	--------	d-----w-	c:\program files\Real
2009-07-31 08:12 . 2009-07-31 08:12	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\fontconfig
2009-07-31 08:11 . 2009-07-31 08:13	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\.smplayer
2009-07-31 08:09 . 2009-07-31 08:10	--------	d-----w-	c:\program files\SMPlayer
2009-07-30 21:23 . 2009-07-30 21:23	--------	d-----w-	c:\program files\viplay4b1
2009-07-30 21:19 . 2009-07-30 21:19	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\URUWorks
2009-07-30 21:03 . 2009-07-30 21:03	--------	d-----w-	c:\program files\Micro DVD Player
2009-07-30 20:39 . 2009-07-30 20:42	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\Crystal Player
2009-07-30 20:39 . 2009-07-30 20:39	--------	d-----w-	c:\program files\Crystal Player
2009-07-30 20:24 . 2009-07-30 20:24	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\DivX
2009-07-30 20:23 . 2009-08-01 14:45	--------	d-----w-	c:\program files\Mv2Player
2009-07-30 20:03 . 2009-07-30 20:03	--------	d-sh--w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\PrivacIE
2009-07-30 20:03 . 2009-07-30 20:09	--------	d-----w-	c:\program files\Wise Registry Cleaner
2009-07-29 21:53 . 2009-07-29 21:53	--------	d-----w-	c:\program files\OpenSource DTSAC3DD+ Source Filter
2009-07-29 21:53 . 2009-07-29 21:53	--------	d-----w-	c:\program files\MONOGRAM AMR SplitterDecoder
2009-07-29 21:53 . 2009-07-29 21:53	--------	d-----w-	c:\program files\CD Audio Reader Filter
2009-07-29 21:53 . 2009-07-29 21:53	--------	d-----w-	c:\program files\DScaler5
2009-07-29 21:53 . 2009-07-29 21:53	--------	d-----w-	c:\program files\OpenSource Flash Video Splitter
2009-07-29 21:52 . 2009-07-29 21:52	--------	d-----w-	c:\program files\RealMedia
2009-07-29 21:52 . 2009-07-29 21:52	--------	d-----w-	c:\program files\SHOUTcast Source
2009-07-29 21:52 . 2009-07-29 21:52	--------	d-----w-	c:\program files\Haali
2009-07-29 21:52 . 2009-07-29 21:52	--------	d-----w-	c:\program files\DSP-worx
2009-07-29 21:52 . 2008-12-11 10:26	60273	----a-w-	c:\windows\system32\pthreadGC2.dll
2009-07-29 21:52 . 2009-07-29 21:52	--------	d-----w-	c:\program files\DirectVobSub
2009-07-29 21:50 . 2009-07-29 21:57	--------	d-----w-	c:\program files\Zoom Player
2009-07-29 21:00 . 2009-07-29 21:00	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\RadLight Company
2009-07-29 21:00 . 2009-07-29 21:00	--------	d-----w-	c:\program files\RadLight Company
2009-07-29 13:38 . 2009-07-29 13:38	--------	d-----w-	c:\program files\Microsoft ActiveSync
2009-07-29 13:34 . 2009-07-29 16:50	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Adobe
2009-07-29 09:25 . 2009-07-29 09:25	--------	d-sh--w-	c:\documents and settings\LocalService.NT AUTHORITY.002\IETldCache
2009-07-29 05:44 . 2009-07-03 17:09	594432	-c----w-	c:\windows\system32\dllcache\msfeeds.dll
2009-07-29 05:44 . 2009-07-03 17:09	55296	-c----w-	c:\windows\system32\dllcache\msfeedsbs.dll
2009-07-28 13:44 . 2009-07-28 13:44	--------	d-----w-	c:\documents and settings\NetworkService.NT AUTHORITY.002\Local Settings\Application Data\Google
2009-07-28 13:39 . 2009-07-28 13:49	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Temp
2009-07-28 13:39 . 2009-07-31 13:44	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Google
2009-07-28 13:39 . 2009-07-31 18:54	--------	d-----w-	c:\documents and settings\LocalService.NT AUTHORITY.002\Local Settings\Application Data\Google
2009-07-28 13:39 . 2009-07-28 13:39	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Temp
2009-07-28 11:37 . 2009-07-28 11:37	--------	d-----w-	c:\program files\ImageShack Corp
2009-07-28 10:55 . 2009-07-28 11:00	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\FileZilla
2009-07-28 10:55 . 2009-07-28 10:55	--------	d-----w-	c:\program files\FileZilla FTP Client
2009-07-28 09:46 . 2009-07-28 09:46	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\Media Player Classic
2009-07-28 07:46 . 2009-07-28 07:46	143	----a-w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\fusioncache.dat
2009-07-28 07:46 . 2009-07-28 07:47	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\ApplicationHistory
2009-07-26 21:31 . 2009-07-26 21:31	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Criterion Games
2009-07-26 20:55 . 2009-07-26 20:55	--------	d-----w-	C:\TEXCACHE
2009-07-26 20:55 . 2009-07-26 20:55	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\TYPHOON
2009-07-26 10:50 . 2009-07-26 10:50	--------	d-----w-	c:\windows\system32\URTTEMP
2009-07-26 09:48 . 2009-07-26 09:48	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\CometNetwork
2009-07-26 09:48 . 2009-07-26 09:48	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\CometNetwork
2009-07-26 08:49 . 2009-07-26 08:49	--------	d-----w-	c:\program files\SA Dictionary 2008 Beta 4
2009-07-26 08:49 . 2009-07-26 08:49	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Downloaded Installations
2009-07-26 08:47 . 2009-07-26 08:48	--------	d-----w-	c:\program files\AEDiction
2009-07-26 08:40 . 2009-07-26 08:40	--------	d-sh--w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\IETldCache
2009-07-26 08:27 . 2009-07-26 08:28	--------	d-----w-	c:\program files\Koral English Dictionary
2009-07-26 06:48 . 2009-07-26 06:48	--------	d-sh--w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\IETldCache
2009-07-26 06:40 . 2009-07-01 07:08	101376	-c----w-	c:\windows\system32\dllcache\iecompat.dll
2009-07-26 06:40 . 2009-07-03 17:09	12800	-c----w-	c:\windows\system32\dllcache\xpshims.dll
2009-07-26 06:40 . 2009-07-03 17:09	1985536	-c----w-	c:\windows\system32\dllcache\iertutil.dll
2009-07-26 06:40 . 2009-07-03 17:09	246272	-c----w-	c:\windows\system32\dllcache\ieproxy.dll
2009-07-26 06:40 . 2009-07-19 15:48	11067392	-c----w-	c:\windows\system32\dllcache\ieframe.dll
2009-07-25 21:12 . 2009-07-31 11:01	18968	----a-w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
2009-07-25 21:12 . 2009-07-25 21:17	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Local Settings\Application Data\Cyberlink
2009-07-25 21:05 . 2009-07-25 21:05	--------	d-----w-	c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\CyberLink
2009-07-25 21:04 . 2009-07-25 21:12	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\CyberLink
2009-07-25 21:04 . 2009-07-25 21:04	--------	d-----w-	c:\program files\Common Files\CyberLink
2009-07-25 21:03 . 2009-07-25 21:04	--------	d-----w-	c:\program files\CyberLink
2009-07-25 21:03 . 2009-07-25 21:03	29480	----a-w-	c:\windows\system32\msxml3a.dll
2009-07-25 21:03 . 2009-07-31 19:01	--------	d---a-w-	c:\documents and settings\All Users.WINDOWS\Application Data\Temp
2009-07-25 08:03 . 2009-07-25 08:03	--------	d-----w-	d:\documents and settings\Default User\Local Settings\Application Data\Microsoft
2009-07-24 10:04 . 2009-07-24 10:04	--------	d-----w-	c:\program files\Windows Media Connect 2
2009-07-24 08:30 . 2009-07-24 08:30	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\BC
2009-07-24 08:30 . 2009-07-24 08:30	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\BC
2009-07-24 08:27 . 2009-07-24 08:27	418480	----a-w-	c:\windows\system32\wrap_oal.dll
2009-07-24 08:27 . 2009-07-24 08:27	115432	----a-w-	c:\windows\system32\OpenAL32.dll
2009-07-24 08:27 . 2009-07-24 08:27	--------	d-----w-	c:\program files\OpenAL
2009-07-24 07:00 . 2009-08-02 19:01	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Halite
2009-07-24 07:00 . 2009-07-24 07:00	--------	d-----w-	c:\program files\Halite
2009-07-24 06:36 . 2009-07-24 06:36	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Targem
2009-07-24 06:16 . 2009-07-24 06:16	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\CometNetwork
2009-07-24 06:16 . 2009-07-24 06:16	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\CometNetwork
2009-07-24 06:15 . 2009-07-24 06:15	--------	d-----w-	C:\Downloads
2009-07-24 05:18 . 2008-06-13 11:05	272128	-c----w-	c:\windows\system32\dllcache\bthport.sys
2009-07-24 05:18 . 2008-06-13 11:05	272128	------w-	c:\windows\system32\drivers\bthport.sys
2009-07-24 05:17 . 2009-02-06 11:08	2189056	-c----w-	c:\windows\system32\dllcache\ntoskrnl.exe
2009-07-24 05:17 . 2009-02-06 11:06	2145280	-c----w-	c:\windows\system32\dllcache\ntkrnlmp.exe
2009-07-24 05:17 . 2009-02-06 10:32	2023936	-c----w-	c:\windows\system32\dllcache\ntkrpamp.exe
2009-07-24 05:17 . 2008-10-24 11:21	455296	-c----w-	c:\windows\system32\dllcache\mrxsmb.sys
2009-07-24 05:16 . 2008-05-03 11:55	2560	------w-	c:\windows\system32\xpsp4res.dll
2009-07-23 19:01 . 2009-07-23 19:01	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\WinPatrol
2009-07-23 19:01 . 2009-07-23 19:01	--------	d-----w-	c:\program files\BillP Studios
2009-07-23 16:21 . 2009-07-23 16:22	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\Spybot - Search & Destroy
2009-07-23 16:13 . 2009-07-23 16:13	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Application Data\Malwarebytes
2009-07-23 16:13 . 2009-07-23 16:13	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\Malwarebytes
2009-07-23 15:45 . 2009-07-28 13:51	--------	d-----w-	c:\documents and settings\BORE.GA-M52L-S3P-AMD\Local Settings\Application Data\Google
2009-07-23 15:02 . 2009-07-23 21:14	--------	d-----w-	c:\documents and settings\All Users.WINDOWS\Application Data\Test Drive Unlimited

.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-07-31 21:42 . 2009-07-31 21:42	115202	----a-w-	c:\windows\pchealth\helpctr\Config\Cache\Professional_32_1033.dat
2009-07-31 21:42 . 2009-07-22 14:10	86627	----a-w-	c:\windows\pchealth\helpctr\OfflineCache\index.dat
2009-07-31 08:22 . 2003-03-18 17:14	499712	----a-w-	c:\windows\system32\msvcp71.dll
2009-07-22 14:28 . 2009-07-22 14:28	--------	d-----w-	c:\program files\Vtune
2009-07-22 14:22 . 2009-07-22 14:22	--------	d-----w-	c:\program files\AMD
2009-07-03 17:09 . 2008-04-14 02:42	915456	----a-w-	c:\windows\system32\wininet.dll
2009-06-16 14:36 . 2008-04-14 02:42	119808	----a-w-	c:\windows\system32\t2embed.dll
2009-06-16 14:36 . 2008-04-14 02:41	81920	----a-w-	c:\windows\system32\fontsub.dll
2009-06-03 19:09 . 2008-04-14 02:42	1291264	----a-w-	c:\windows\system32\quartz.dll
2009-05-22 23:08 . 2009-05-22 23:08	29696	----a-w-	c:\windows\system32\drivers\VClone.sys
2009-05-07 15:32 . 2008-04-14 02:41	345600	----a-w-	c:\windows\system32\localspl.dll
2009-07-15 20:30 . 2009-07-22 15:21	137208	----a-w-	c:\program files\mozilla firefox\components\brwsrcmp.dll
.

((((((((((((((((((((((((((((((((((((((((((((   Look   )))))))))))))))))))))))))))))))))))))))))))))))))))))))))
.
---- Directory of c:\program files\nvideo-tech ----

2009-07-31 08:30 . 2009-07-31 08:35	40	----a-w-	c:\program files\nvideo-tech\NPlayer.INI


(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown 
REGEDIT4

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\ctfmon.exe" [2008-04-14 15360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2008-12-03 13672448]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2008-12-03 86016]
"RemoteControl9"="c:\program files\CyberLink\PowerDVD9\PDVD9Serv.exe" [2009-04-27 87336]
"PDVD9LanguageShortcut"="c:\program files\CyberLink\PowerDVD9\Language\Language.exe" [2009-04-27 50472]
"BDRegion"="c:\program files\Cyberlink\Shared Files\brs.exe" [2009-05-07 75048]
"TkBellExe"="c:\program files\Common Files\Real\Update_OB\realsched.exe" [2009-07-31 198160]
"RTHDCPL"="RTHDCPL.EXE" - c:\windows\RTHDCPL.EXE [2008-12-09 18063872]
"nwiz"="nwiz.exe" - c:\windows\system32\nwiz.exe [2008-12-03 1630208]

[HKEY_USERS\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run]
"CTFMON.EXE"="c:\windows\system32\CTFMON.EXE" [2008-04-14 15360]

c:\documents and settings\BORE.GA-M52L-S3P-AMD\Start Menu\Programs\Startup\
MagicDisc.lnk - c:\program files\MagicDisc\MagicDisc.exe [2009-7-23 576000]

c:\documents and settings\All Users.WINDOWS\Start Menu\Programs\Startup\
Microsoft Office.lnk - c:\program files\Microsoft Office\Office10\OSA.EXE [2001-2-13 83360]

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List]
"%windir%\\Network Diagnostic\\xpnetdiag.exe"=
"%windir%\\system32\\sessmgr.exe"=
"c:\\GAMES\\ACTIVISION\\CALL.of.DUTY.5.WORLD.at.WAR\\CoDWaW.exe"=
"c:\\GAMES\\BLIZZARD\\WARCRAFT III\\Warcraft III.exe"=
"c:\\GAMES\\CODEMASTERS\\DAMNATION\\Binaries\\DamnGame.exe"=
"c:\\GAMES\\UBISOFT\\GEARBOX SOFTWARE\\BROTHERS.IN.ARMS.HELL's.HIGHWAY\\Binaries\\biahh.exe"=
"c:\\GAMES\\CAPCOM\\STREETFIGHTERIV\\StreetFighterIV.exe"=
"c:\\GAMES\\_SETUP_\\[PC] Test Drive Unlimited [PROPER] [RIP] [dopeman]\\TDU\\TestDriveUnlimited.exe"=
"c:\\Program Files\\BitComet\\BitComet.exe"=
"c:\\Program Files\\Halite\\Halite.exe"=
"c:\\Program Files\\RadLight Company\\RadLight 4.0\\rlkernel.exe"=
"c:\\Program Files\\Skype\\Phone\\Skype.exe"=

[HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\GloballyOpenPorts\List]
"9638:TCP"= 9638:TCP:BitComet 9638 TCP
"9638:UDP"= 9638:UDP:BitComet 9638 UDP

R2 {B154377D-700F-42cc-9474-23858FBDF4BD};Power Control [2009/07/26 00:04];c:\program files\CyberLink\PowerDVD9\000.fcl [07.05.2009 21:05 87536]
S2 gupdate;Google Update Service (gupdate);c:\program files\Google\Update\GoogleUpdate.exe [28.07.2009 16:39 133104]

[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\>{60B49E34-C7CC-11D0-8953-00A0C90347FF}]
"c:\windows\system32\rundll32.exe" "c:\windows\system32\iedkcs32.dll",BrandIEActiveSetup SIGNUP
.
Contents of the 'Scheduled Tasks' folder

2009-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-28 13:38]

2009-08-03 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-07-28 13:38]
.
.
------- Supplementary Scan -------
.
IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~3\Office10\EXCEL.EXE/3000
FF - ProfilePath - c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\Mozilla\Firefox\Profiles\bs7w2vim.default\
FF - component: c:\documents and settings\IRINA.GA-M52L-S3P-AMD\Application Data\Mozilla\Firefox\Profiles\bs7w2vim.default\extensions\{fed66dc5-1b74-4a04-8f5c-15c5ace2b9a5}\components\FFAlert.dll
FF - component: c:\program files\Real\RealPlayer\browserrecord\components\nprpbrowserrecordplugin.dll
FF - plugin: c:\program files\Google\Google Earth Plugin\npgeplugin.dll
FF - plugin: c:\program files\Google\Update\1.2.183.7\npGoogleOneClick8.dll

---- FIREFOX POLICIES ----
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.enforce_same_site_origin", false);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.cache_size", 51200);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.ogg.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.wave.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("media.autoplay.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("browser.urlbar.autocomplete.enabled", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("capability.policy.mailnews.*.wholeText", "noAccess");
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.storage.default_quota",	  5120);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("content.sink.event_probe_rate", 3);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.http.prompt-temp-redirect", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.dpi", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("layout.css.devPixelsPerPx", -1);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("gestures.enable_single_finger_input", true);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("dom.max_chrome_script_run_time", 0);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("network.tcp.sendbuffer", 131072);
c:\program files\Mozilla Firefox\greprefs\all.js - pref("geo.enabled", true);
c:\program files\Mozilla Firefox\greprefs\security-prefs.js - pref("security.remember_cert_checkbox_default_setting", true);
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox-branding.js - pref("browser.search.param.yahoo-fr-cjkt", "moz35");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("extensions.blocklist.level", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.restrict.typed", "~");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.urlbar.default.behavior", 0);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.history",	 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.formdata",	true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.passwords",   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.downloads",   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cookies",	 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.cache",	   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.sessions",	true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.offlineApps", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.clearOnShutdown.siteSettings", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.history",				 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.formdata",				true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.passwords",			   false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.downloads",			   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cookies",				 true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.cache",				   true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.sessions",				true);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.offlineApps",			 false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.cpd.siteSettings",			false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("privacy.sanitize.migrateFx3Prefs",	false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.ssl_override_behavior", 2);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("security.alternate_certificate_error_page", "certerror");
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.autostart", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("browser.privatebrowsing.dont_prompt_on_enter", false);
c:\program files\Mozilla Firefox\defaults\pref\firefox.js - pref("geo.wifi.uri", "https://www.google.com/loc/json");
.

**************************************************************************

catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-08-03 10:02
Windows 5.1.2600 Service Pack 3 NTFS

scanning hidden processes ...  

scanning hidden autostart entries ... 

scanning hidden files ...  

scan completed successfully
hidden files: 0

**************************************************************************

[HKEY_LOCAL_MACHINE\System\ControlSet001\Services\{B154377D-700F-42cc-9474-23858FBDF4BD}]
"ImagePath"="\??\c:\program files\CyberLink\PowerDVD9\000.fcl"
.
--------------------- DLLs Loaded Under Running Processes ---------------------

- - - - - - - > 'explorer.exe'(3900)
c:\windows\system32\WININET.dll
c:\windows\system32\ieframe.dll
c:\windows\system32\webcheck.dll
c:\windows\system32\WPDShServiceObj.dll
c:\windows\system32\PortableDeviceTypes.dll
c:\windows\system32\PortableDeviceApi.dll
.
------------------------ Other Running Processes ------------------------
.
c:\windows\system32\rundll32.exe
c:\windows\system32\nvsvc32.exe
c:\windows\system32\PnkBstrA.exe
c:\program files\CyberLink\Shared files\RichVideo.exe
c:\windows\system32\wscntfy.exe
.
**************************************************************************
.
Completion time: 2009-08-03 10:04 - machine was rebooted
ComboFix-quarantined-files.txt  2009-08-03 07:04
ComboFix2.txt  2009-08-03 06:49
ComboFix3.txt  2009-08-03 06:34
ComboFix4.txt  2009-08-02 23:17

Pre-Run: 515 926 228 992 bytes free
Post-Run: 515 891 355 648 bytes free

303	--- E O F ---	2009-08-01 21:25

Благодаря !!!

П.П.Обнових дефинициите, сега пускам пълно сканиране на системата с Авира - 2 часа работа на антивирусната ...

finalista · Август 3, 2009

Avira AntiVir Personal

Report file date: 03 Август 2009 г. 10:16

Scanning for 1586251 virus strains and unwanted programs.

Licensee : Avira AntiVir Personal - FREE Antivirus

Serial number : 0000149996-ADJIE-0000001

Platform : Windows XP

Windows version : (Service Pack 3) [5.1.2600]

Boot mode : Normally booted

Username : SYSTEM

Computer name : GA-M52L-S3P-AMD

Version information:

BUILD.DAT : 9.0.0.403 17961 Bytes 03.6.2009 г. 17:05:00

AVSCAN.EXE : 9.0.3.6 466689 Bytes 11.5.2009 г. 07:14:47

AVSCAN.DLL : 9.0.3.0 40705 Bytes 27.2.2009 г. 08:58:24

LUKE.DLL : 9.0.3.2 209665 Bytes 20.2.2009 г. 09:35:49

LUKERES.DLL : 9.0.2.0 12033 Bytes 27.2.2009 г. 08:58:52

ANTIVIR0.VDF : 7.1.0.0 15603712 Bytes 27.10.2008 г. 10:30:36

ANTIVIR1.VDF : 7.1.4.132 5707264 Bytes 24.6.2009 г. 07:10:06

ANTIVIR2.VDF : 7.1.4.253 1779200 Bytes 19.7.2009 г. 07:10:08

ANTIVIR3.VDF : 7.1.5.59 466944 Bytes 03.8.2009 г. 07:10:09

Engineversion : 8.2.0.238

AEVDF.DLL : 8.1.1.1 106868 Bytes 30.4.2009 г. 09:52:04

AESCRIPT.DLL : 8.1.2.22 450938 Bytes 03.8.2009 г. 07:10:12

AESCN.DLL : 8.1.2.4 127348 Bytes 03.8.2009 г. 07:10:11

AERDL.DLL : 8.1.2.4 430452 Bytes 03.8.2009 г. 07:10:11

AEPACK.DLL : 8.1.3.18 401783 Bytes 27.5.2009 г. 14:07:20

AEOFFICE.DLL : 8.1.0.38 196987 Bytes 03.8.2009 г. 07:10:11

AEHEUR.DLL : 8.1.0.147 1884536 Bytes 03.8.2009 г. 07:10:11

AEHELP.DLL : 8.1.5.3 233846 Bytes 03.8.2009 г. 07:10:10

AEGEN.DLL : 8.1.1.53 356724 Bytes 03.8.2009 г. 07:10:09

AEEMU.DLL : 8.1.0.9 393588 Bytes 09.10.2008 г. 12:32:40

AECORE.DLL : 8.1.7.6 184694 Bytes 03.8.2009 г. 07:10:09

AEBB.DLL : 8.1.0.3 53618 Bytes 09.10.2008 г. 12:32:40

AVWINLL.DLL : 9.0.0.3 18177 Bytes 12.12.2008 г. 06:47:59

AVPREF.DLL : 9.0.0.1 43777 Bytes 05.12.2008 г. 08:32:15

AVREP.DLL : 8.0.0.3 155905 Bytes 20.1.2009 г. 12:34:28

AVREG.DLL : 9.0.0.0 36609 Bytes 05.12.2008 г. 08:32:09

AVARKT.DLL : 9.0.0.3 292609 Bytes 24.3.2009 г. 13:05:41

AVEVTLOG.DLL : 9.0.0.7 167169 Bytes 30.1.2009 г. 08:37:08

SQLITE3.DLL : 3.6.1.0 326401 Bytes 28.1.2009 г. 13:03:49

SMTPLIB.DLL : 9.2.0.25 28417 Bytes 02.2.2009 г. 06:21:33

NETNT.DLL : 9.0.0.0 11521 Bytes 05.12.2008 г. 08:32:10

RCIMAGE.DLL : 9.0.0.25 2438913 Bytes 15.5.2009 г. 13:39:58

RCTEXT.DLL : 9.0.37.0 86785 Bytes 17.4.2009 г. 08:19:48

Configuration settings for the scan:

Jobname.............................: Complete system scan

Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp

Logging.............................: low

Primary action......................: interactive

Secondary action....................: ignore

Scan master boot sector.............: on

Scan boot sector....................: on

Boot sectors........................: C:, D:,

Process scan........................: on

Scan registry.......................: on

Search for rootkits.................: on

Integrity checking of system files..: off

Scan all files......................: All files

Scan archives.......................: on

Recursion depth.....................: 20

Smart extensions....................: on

Macro heuristic.....................: on

File heuristic......................: medium

Start of the scan: 03 Август 2009 г. 10:16

Starting search for hidden objects.

'29887' objects were checked, '0' hidden objects were found.

The scan of running processes will be started

Scan process 'avscan.exe' - '1' Module(s) have been scanned

Scan process 'avcenter.exe' - '1' Module(s) have been scanned

Scan process 'wuauclt.exe' - '1' Module(s) have been scanned

Scan process 'AWC.exe' - '1' Module(s) have been scanned

Scan process 'alg.exe' - '1' Module(s) have been scanned

Scan process 'RichVideo.exe' - '1' Module(s) have been scanned

Scan process 'PnkBstrA.exe' - '1' Module(s) have been scanned

Scan process 'nvsvc32.exe' - '1' Module(s) have been scanned

Scan process 'ctfmon.exe' - '1' Module(s) have been scanned

Scan process 'avgnt.exe' - '1' Module(s) have been scanned

Scan process 'realsched.exe' - '1' Module(s) have been scanned

Scan process 'brs.exe' - '1' Module(s) have been scanned

Scan process 'PDVD9Serv.exe' - '1' Module(s) have been scanned

Scan process 'rundll32.exe' - '1' Module(s) have been scanned

Scan process 'RTHDCPL.EXE' - '1' Module(s) have been scanned

Scan process 'explorer.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'avguard.exe' - '1' Module(s) have been scanned

Scan process 'sched.exe' - '1' Module(s) have been scanned

Scan process 'spoolsv.exe' - '1' Module(s) have been scanned

Scan process 'svchost.exe' - '1' Module(s) have been scanned

Scan process 'lsass.exe' - '1' Module(s) have been scanned

Scan process 'services.exe' - '1' Module(s) have been scanned

Scan process 'winlogon.exe' - '1' Module(s) have been scanned

Scan process 'csrss.exe' - '1' Module(s) have been scanned

Scan process 'smss.exe' - '1' Module(s) have been scanned

30 processes with 30 modules were scanned

Starting master boot sector scan:

Master boot sector HD0

[iNFO] No virus was found!

Master boot sector HD1

[iNFO] No virus was found!

Start scanning boot sectors:

Boot sector 'C:\'

[iNFO] No virus was found!

Boot sector 'D:\'

[iNFO] No virus was found!

Starting to scan executable files (registry).

The registry was scanned ( '58' files ).

Starting the file scan:

Begin scan in 'C:\' <BORE 1 TB>

C:\pagefile.sys

[WARNING] The file could not be opened!

[NOTE] This file is a Windows system file.

[NOTE] This file cannot be opened for scanning.

Begin scan in 'D:\' <IRINA 1 TB>

End of the scan: 03 Август 2009 г. 12:38

Used time: 2:21:57 Hour(s)

The scan has been done completely.

14459 Scanned directories

794184 Files were scanned

0 Viruses and/or unwanted programs were found

0 Files were classified as suspicious

0 files were deleted

0 Viruses and unwanted programs were repaired

0 Files were moved to quarantine

0 Files were renamed

1 Files cannot be scanned

794183 Files not concerned

4178 Archives were scanned

1 Warnings

1 Notes

29887 Objects were scanned with rootkit scan

0 Hidden objects were found

B-boy/StyLe/ · Август 3, 2009

Добра работа. Деинсталирай Combofix с командата:

Start => Run => напиши

combofix /u

и натисни Enter.

http://www.techsupportforum.com/sectools/tetonbob/combofix%20u.JPG

Има празно място между x и /

Скоро се очаква нова версия на MBAM => 1.40 и се надявам в нея да бъдат решени повечето Run-time грешки.

finalista · Август 3, 2009

O.k.

Инсталирах Secunia PSI и ще обновявам софтуера си ...

Деинсталирах ComboFix ...

Сега съм само с две резидентни защитни програми:

AVIRA Antivir Personal Free Antivirua 9.0

Advanced Syastem Care Free 3.3.4

Може би се нуждая да инсталирам Firewall ( Sunbelt Personal Firewall Free - в мълчалив режим - той взема решение кое да спре и кое да пусне .... ) ? Обаче като че ли той ми блокира upload на Torrent Client и мога само да свалям, а бе гадна работа ...

Може би се нуждая и от добра AntiSpy резидентна защита ?

B-boy/StyLe/ благодаря много за неоценимата помощ !!!!

tanganika · Август 3, 2009

Прави ми впечатление че добрия стар плеър Аваст вече се обновява по 2 пъти на ден.

Mihnev,кога ще пуснат бета версията на Аваст 5 ?

mihnev_sz · Август 3, 2009

Прави ми впечатление че добрия стар плеър Аваст вече се обновява по 2 пъти на ден.
Mihnev,кога ще пуснат бета версията на Аваст 5 ?

Скоро!

Аз бях един от щастливците,на който предоставиха възможност да тества Avast!5 alfa , предназначена е само за преглед и оценка на интерфейса, много от нещата все още лисваха.

За да си в час : http://avast.softvisia.com/forum/index.php/board,5.0.html

B-boy/StyLe/ · Август 3, 2009

@finalista, Всъщност AWC (Advanced WindowsCare няма резидентна защита, само прави имунизация => пасивна защита основана на превенцията...освен ако не си инсталирал онова недорозумение Iobit 360).

Такава имунизация имаш и от модула SDHelper на Spybot S & D 1.62, която имаш инсталирана на машината.

Аз не съм фен на anti-spyware програми със защита в реално време. То не се сещам и за читава и безплатна такава. (освен вградената Windows Defender, коята става все по-добра и върши работа, макар версиите за Windows XP да пазят добре главно Internet Explorer).

Spyware Terminator-a не беше от най-ефективните и затова ти препоръчах да я махнеш. Просто пускай от време на време периодични проверки с тези които имаш -

SUPERAntispyware, Malwarebytes' Anti-Malware, Spybot Search & Destroy.

Отчасти AVIRA AntiVir 9 има вече и AD/SPY модул, който също донякъде решава проблема.

За стената...това е по-скоро проблем в настройките на стената и можеш да се допиташ до някой, който я използва. Аз не съм запознат с отрочето на Sunbelt, но за момента за мен най-добрите безплатни защитни стени са:

*PrivateFirewall

*Outpost Firewall Free x86

*COMODO INTERNET SECURITY x86

*Online Armor Free

*PC Tools Firewall Plus

Лично аз не ползвам стени (дълга история...нямам нужда от тях на x64 Windows 7) и затова не мога да те хелпна в настройките им. Тук трябва да се допиташ до колегите.Повечето обаче едва ли ще са подходящи за компютър на който работи дете. Може би някой автоматичен HIPS като ThreatFire...

Радвам се, ако съм бил полезен. Поздрави и лек ден.

mihnev_sz · Август 3, 2009

Тук трябва да се допиташ до колегите.Повечето обаче едва ли ще са подходящи за компютър на който работи дете.

PC Tools Firewall Plus като че ли е по-подходяща.

finalista · Август 3, 2009

@B-boy/StyLe/ беше супер-полезен за мен !!!!

Благодаря още веднъж за прекрасната помощ, линковете снимките и лесните за разбиране и изпълнение указания от твоя страна ...

( Колкото са по-лесни за разбиране и изпълнение указанията, толкова повече труд е хвърлен за написването им ) !

tanganika · Август 6, 2009

Нормално ли е това нещо ?

Logfile of HijackThis v1.99.1

Scan saved at 08:26:52, on 06.08.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

mihnev_sz · Август 6, 2009

Нормално ли е това нещо ?

Logfile of HijackThis v1.99.1
Scan saved at 08:26:52, on 06.08.2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

Използвай,актуална версия: HijackThis 2.0.0.2

http://www.trendsecure.com/portal/en-US/to...ckthis/download

http://share.pacomlan.com/images/5MH47353.jpg

Night_Raven · Август 6, 2009

Да, считам го за нормално. Файлове на Kaspersky също се отчитат като липсващи.

mihnev_sz · Август 6, 2009

Да, считам го за нормално. Файлове на Kaspersky също се отчитат като липсващи.

Под Windows XP SP3 ,нито на Avast,нито на Кaspersky се отчитат като липсващи.

tanganika · Август 6, 2009

Използвай,актуална версия: HijackThis 2.0.0.2
http://www.trendsecure.com/portal/en-US/to...ckthis/download

http://share.pacomlan.com/images/5MH47353.jpg

Мдаа странна работа сега не липсват появиха се,но защо има значение версията на HijackThis ?

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:39:33, on 06.08.2009

Platform: Windows XP SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

Mihnev,благодаря за помоща

Night_Raven · Август 6, 2009

Под Windows XP SP3 ,нито на Avast,нито на Кaspersky се отчитат като липсващи.

Отчитат се от версия 1.99.1.

Мдаа странна работа сега не липсват появиха се,но защо има значение версията на HijackThis ?

Възможно е това да е бил някой от бъговете, които Merijn е планирал да оправи в следващата версия на HijackThis, но тази задача е останала за TrendMicro, след като им е продал кода на програмата.

Антивирусните програми - дискусии, мнения и съвети

Препоръчан пост

Link to comment

Сподели другаде

ТОП потребители в тази тема

Популярни дни

ТОП потребители в тази тема

Популярни дни

Публикувани изображения

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Link to comment

Сподели другаде

Join the conversation