My Internet de viteză este bine pe sistemul meu laptop, dar ei real lent pe desktop PC.

**Mohi212** · #1 30 decembrie 2008, 15:11

fratele meu deconectat de la conectat la laptop. după aceea, când şi-a legat-o la PC original ..... mea de birou, viteza este de fapt a început să sugă ....... i dont know. de descărcare, care de obicei, s-a întâmplat la aroun 14 KB acum se întâmplă la max.4kb. ca de exemplu, Facebook, care se deschide înainte de bine, acum este destul de închis pentru o lungă perioadă de timp în deschiderea ceva.

Sunt postarea mea hijack log doar în cazul în care. Vă rugăm să ajute.

heres meu test am 128 de viteză ........ dont know dacă său în mega sau kilogram ....... dar cred că cel mai probabil, acesta din urmă.
http://www.speedtest.net/result/381473298.png

Logfile de Trend Micro HijackThis v2.0.2
Scan salvat de la 2:58:15, pe 12.31.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Rularea procese:
D: \ Windows \ system32 \ smss.exe
D: \ Windows \ system32 \ csrss.exe
D: \ Windows \ system32 \ winlogon.exe
D: \ Windows \ system32 \ services.exe
D: \ Windows \ system32 \ lsass.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ Spoolsv.exe
D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
D: \ Windows \ system32 \ slserv.exe
D: \ Windows \ system32 \ wdfmgr.exe
D: \ Windows \ system32 \ wscntfy.exe
D: \ Windows \ system32 \ taskmgr.exe
D: \ Program Files \ Ares \ Ares.exe
D: \ WINDOWS \ explorer.exe
E: \ TOATE software \ HiJackThis.exe
D: \ Windows \ system32 \ wbem \ wmiprvse.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = despre: necompletat
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: System.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program Files \ DAP \ DAPBHO.dll
O2 - BHO: IDM Helper - (0055C089-8582-441B-A0BF-17B458C2A3A8) - D: \ Program Files \ Internet Download Manager \ IDMIECC.dll
O2 - BHO: AskBar BHO - (201f27d4-3704-41d6-89c1-aa35e39143ed) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O2 - BHO: Skype add-on (cap) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - d: \ Program Files \ Google \ googletoolbar2.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - d: \ Program Files \ Google \ googletoolbar2.dll
O3 - Toolbar: (no name) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no file)
O3 - Toolbar: Pune Toolbar - (3041d03e-fd4b-44e0-b742-2d9b88305f98) - D: \ Program Files \ AskBarDis \ bar \ bin \ askBar.dll
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] D: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program Files \ DNA \ btdna.exe"
O8 - Extra context menu item: & Download cu & DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie2.htm
O8 - Extra context menu item: Descarcă toate link-urile cu IDM - D: \ Program Files \ Internet Download Manager \ IEGetAll.htm
O8 - Extra context menu item: Download flv conţinut video cu IDM - D: \ Program Files \ Internet Download Manager \ IEGetVL.htm
O8 - Extra context menu item: Download cu IDM - D: \ Program Files \ Internet Download Manager \ IEExt.htm
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / D: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: (no name) - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra 'Tools' MENUITEM: Uninstall BitDefender Online Scanner V8 - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) (OnlineScanner Control) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Dezvoltare Group - D: \ Program Files \ Ares \ chatServer.exe
O23 - Service: Distribuită - Unknown owner - D: \ Program Files \ Common Files \ Microsoft Shared \ MSINFO \ ServerNet.exe (fişierul lipseşte)
O23 - Service: Google Updater Service (gusvc) - Google - D: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Cercetare Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Legătură inteligentă - D: \ Windows \ system32 \ slserv.exe

--
Sfârşit de fişier - 6000 bytes

**evilfantasy** · #2 30 decembrie 2008, 16:32

Descărca Malwarebytes' Anti-Malware (MBAM)

Faceţi dublu-clic pe mbam-setup.exe şi urmăriţi solicitările pentru a instala programul.
La sfârşitul, asiguraţi-vă că un checkmark este plasat lângă următoarele:
- Update Malwarebytes' Anti-Malware
- Lansarea Malwarebytes' Anti-Malware
Apoi, faceţi clic pe Terminare.
Dacă o actualizare este găsit, va descărca şi instala ultima versiune.
După ce programul a încărcat, selectaţi Efectuaţi rapid de scanare, Apoi faceţi clic pe Scanare.
Când scanarea este completă, faceţi clic pe OK, Apoi Afişare rezultate pentru a vedea rezultatele.
Asiguraţi-vă că totul este verificată, şi faceţi clic pe Eliminaţi selectate.
Când este completat de dezinfecţie, un jurnal se va deschide în Notepad şi aţi putea să vi se ceară să Repornire. (A se vedea Nota Extra)
De jurnal este salvat automat de MBAM şi pot fi vizualizate, făcând clic pe tab-ul Rapoarte în MBAM.
Copiaţi şi inseraţi întregul raport în următoarea replică.

Extra Notă: Dacă MBAM întâlneşte un fişier care este dificil de a elimina, va fi prezentat cu 1 din 2 solicită, faceţi clic pe OK să fie şi să MBAM continua cu procesul de dezinfecţie, dacă este solicitat pentru a reporni computerul, vă rugăm să faceţi acest lucru imediat.

----------

Descărca aleator al sistemului de informaţii instrument (RSIT) prin sondaj / aleatoare de la şi salvaţi-l pe Desktop.

Faceţi dublu clic pe RSIT.exe pentru a rula.
Faceţi clic pe Continuare Avertisment de la ecran.
După ce a terminat, două jurnale va deschide.
log.txt <va fi maxim şi info.txt <va fi minimizate
Vă rugăm să posta conţinutul amândoi jurnalele în următorul răspuns.

**Mohi212** · #3 O 1 2009, 11:09

Logfile de aleator al sistemului de informaţii instrument 1,05 (scris de aleatoare / random)
Fugi de Burhan la 2009-01-01 23:01:39
Microsoft Windows XP Professional Service Pack 2
Sistemul de drive-ul D: are 1 GB (16%) liber de 10 GB
Total RAM: 126 MB (17% gratuit)

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 11:01:43, pe 1/1/2009
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Normal

Rularea procese:
D: \ Windows \ system32 \ smss.exe
D: \ Windows \ system32 \ csrss.exe
D: \ Windows \ system32 \ winlogon.exe
D: \ Windows \ system32 \ services.exe
D: \ Windows \ system32 \ lsass.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ svchost.exe
D: \ Windows \ system32 \ Spoolsv.exe
D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
D: \ Windows \ system32 \ Ctfmon.exe
D: \ Windows \ system32 \ wdfmgr.exe
D: \ Windows \ system32 \ alg.exe
D: \ Windows \ system32 \ wscntfy.exe
D: \ Windows \ system32 \ taskmgr.exe
D: \ Windows \ system32 \ wbem \ wmiprvse.exe
D: \ WINDOWS \ explorer.exe
D: \ Documents and Settings \ Burhan \ Desktop \ RSIT.exe
E: \ TOATE software \ Burhan.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = despre: necompletat
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/yco.../www.yahoo.com
F2 - REG: System.ini: Shell = explorer.exe
O2 - BHO: DAPHelper Class - (0000CC75-ACF3-4cac-A0A9-DD3868E06852) - D: \ Program Files \ DAP \ DAPBHO.dll
O2 - BHO: Skype add-on (cap) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O3 - Toolbar: (no name) - (DE9C389F-3316-41A7-809B-AA305ED9D922) - (no file)
O4 - HKLM \ .. \ Run: [QuickTime Task] "D: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [googletalk] D: \ Program Files \ Google \ Google Talk \ googletalk.exe / autostart
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] D: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [BitTorrent DNA] "D: \ Program Files \ DNA \ btdna.exe"
O8 - Extra context menu item: & Download cu & DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie.htm
O8 - Extra context menu item: Download & all with DAP - D: \ PROGRA ~ 1 \ DAP \ dapextie2.htm
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / D: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: (no name) - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra 'Tools' MENUITEM: Uninstall BitDefender Online Scanner V8 - (85d1f590-48f4-11d9-9669-0800200c9a66) - D: \ WINDOWS \ bdoscandel.exe
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - D: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (56762DEC-6B0D-4AB4-A8AD-989993B5D08B) -- http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) (BDSCANONLINE Control) -- http://download.bitdefender.com/reso...an8/oscan8.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1222679603245
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - D: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - Winlogon Notify:! SASWinLogon - D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Dezvoltare Group - D: \ Program Files \ Ares \ chatServer.exe
O23 - Service: Distribuită - Unknown owner - D: \ Program Files \ Common Files \ Microsoft Shared \ MSINFO \ ServerNet.exe (fişierul lipseşte)
O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Cercetare Pty Ltd - D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe
O23 - Service: ServiceLayer - Nokia. - D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe
O23 - Service: SmartLinkService (SLService) - Legătură inteligentă - D: \ Windows \ system32 \ slserv.exe

--
Sfârşit de fişier - 4970 bytes

====== Registri dump ======

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0000CC75-ACF3-4cac-A0A9-DD3868E06852)]
DAPHelper Clasa - D: \ Program Files \ DAP \ DAPBHO.dll [2007-11-27 98304]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (22BF413B-C6D2-4d91-82A9-A0F997BA588C)]
Skype add-on (cap) - D: \ Program Files \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll [2008-05-30 1410344]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll [2008-06-10 509328]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar]
(DE9C389F-3316-41A7-809B-AA305ED9D922)

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"QuickTime Task" = D: \ Program Files \ QuickTime \ qttask.exe [2006-09-01 282624]
"googletalk" = D: \ Program Files \ Google \ Google Talk \ googletalk.exe [2007-01-02 3739648]
"SunJavaUpdateSched" = D: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe [2008-06-10 144784]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = D: \ Windows \ system32 \ Ctfmon.exe [2004-08-03 15360]
"BitTorrent a ADN-ului" = D: \ Program Files \ DNA \ btdna.exe [2008-12-30 342848]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Ctfmon.exe]
D: \ Windows \ system32 \ Ctfmon.exe [2004-08-03 15360]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ PCSuiteTrayApplication]
[]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ PCTAVApp]
D: \ Program Files \ PC Tools AntiVirus \ PCTAV.exe [2008-09-25 1370000]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon]
D: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [2008-07-23 352256]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = D: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ Minimal \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ retea \ PCTAVSvc]

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ SafeBoot \ retea \ SBCSSvc]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDrives" = 0
"NoDriveAutoRun" = FFFFFFFF
"NoDriveTypeAutoRun" = 36

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" =
"NoDrives" =
"NoDriveAutoRun" =

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ standard de profil \ authorizedapplications \ lista]
"% WINDIR% \ system32 \ sessmgr.exe" = "% WINDIR% \ system32 \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"D: \ Program Files \ Ares \ Ares.exe" = "D: \ Program Files \ Ares \ Ares.exe: *: Enabled: Ares P2P pentru Windows"
"D: \ Program Files \ NetMeeting \ conf.exe" = "D: \ Program Files \ NetMeeting \ conf.exe: *: Enabled: Windows ® NetMeeting ®"
"D: \ Program Files \ Opera \ Opera.exe" = "D: \ Program Files \ Opera \ Opera.exe: *: Enabled: Opera browser de Internet"
"D: \ Program Files \ Google \ Google Talk \ googletalk.exe" = "D: \ Program Files \ Google \ Google Talk \ googletalk.exe: *: Enabled: Google Talk"
"D: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe" = "D: \ Pro gram Files \ Yahoo! \ Messenger \ YahooMessenger.exe: *: Activaţi d: Yahoo! Messenger"
"D: \ Program Files \ Yahoo! \ Messenger \ YServer.exe" = "D: \ Program Files \ Yahoo! \ Messenger \ YServer.exe: *: Enabled: Yahoo! FT Server"
"D: \ Program Files \ AIM6 \ aim6.exe" = "D: \ Program Files \ AIM6 \ aim6.exe: *: Enabled: AIM"
"D: \ Program Files \ Skype \ Phone \ Skype.exe" = "D: \ Program Files \ Skype \ Phone \ Skype.exe: *: Enabled: Skype"
"D: \ Program Files \ Trillian \ trillian.exe" = "D: \ Program Files \ Trillian \ trillian.exe: *: Enabled: Trillian"
"D: \ Program Files \ Miranda IM \ miranda32.exe" = "D: \ Program Files \ Miranda IM \ miranda32.exe: *: Enabled: Miranda IM"
"D: \ Program Files \ LimeWire \ LimeWire.exe" = "D: \ Program Files \ LimeWire \ LimeWire.exe: *: Enabled: LimeWire"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefon)"
"D: \ Program Files \ DNA \ btdna.exe" = "D: \ Program Files \ DNA \ btdna.exe: *: Enabled: ADN-ului"
"D: \ Program Files \ BitTorrent \ bittorrent.exe" = "D: \ Program Files \ BitTorrent \ bittorrent.exe: *: Enabled: BitTorre NT"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ lista]
"% WINDIR% \ system32 \ sessmgr.exe" = "% WINDIR% \ system32 \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"D: \ Program Files \ MSN Messenger \ msncall.exe" = "D: \ Program Files \ MSN Messenger \ msncall.exe: *: Enabled: Windows Live Messenger 8.0 (Telefon)"
"D: \ Program Files \ MSN Messenger \ msnmsgr.exe" = "D: \ Program Files \ MSN Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger 8.1"
"D: \ Program Files \ MSN Messenger \ livecall.exe" = "D: \ Program Files \ MSN Messenger \ livecall.exe: *: Enabled: Windows Live Messenger 8.1 (Telefon)"

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (dafa2220-8123-11dd-aa9c-00065b298742)]
shell \ AutoRun \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe
shell \ open \ command - G: \ CONFIG \ S-1-5-21-1482476501-1644491937-682003330-1013 \ Cfg.exe

====== Lista de fişiere / foldere create din ultimele 1 luna ======

2009-01-01 20:51:34 ---- SHD ---- D: \ FOUND.174
2008-12-31 19:12:10 ---- SHD ---- D: \ FOUND.173
2008-12-30 23:08:48 ---- SHD ---- D: \ FOUND.172
2008-12-30 18:53:42 ---- SHD ---- D: \ FOUND.171
2008-12-30 16:16:01 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Program Files \ DNA
2008-12-30 16:15:44 ---- D ---- D: \ Program Files \ BitTorrent
2008-12-30 16:15:44 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ a ADN-ului
2008-12-30 14:46:46 ---- SHD ---- D: \ FOUND.170
2008-12-29 23:24:22 ---- SHD ---- D: \ FOUND.169
2008-12-29 15:06:17 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ IDM
2008-12-29 13:39:04 ---- SHD ---- D: \ FOUND.168
2008-12-28 05:25:52 ---- D ---- D: \ Program Files \ IrfanView
2008-12-26 22:39:46 ---- SHD ---- D: \ FOUND.167
2008-12-26 15:36:18 ---- SHD ---- D: \ FOUND.166
2008-12-26 12:37:24 ---- SHD ---- D: \ FOUND.165
2008-12-25 21:19:38 ---- SHD ---- D: \ FOUND.164
2008-12-20 14:47:41 ---- D ---- D: \ Program Files \ HyCam2
2008-12-20 12:02:48 ---- D ---- D: \ Program Files \ Frets pe foc
2008-12-20 09:54:02 ---- SHD ---- D: \ FOUND.163
2008-12-17 11:38:48 ---- SHD ---- D: \ FOUND.162
2008-12-15 23:31:13 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ LimeWire
2008-12-15 23:03:16 ---- SHD ---- D: \ FOUND.161
2008-12-15 16:52:14 ---- SHD ---- D: \ FOUND.160
2008-12-13 13:47:12 ---- SHD ---- D: \ FOUND.159
2008-12-10 21:05:58 ---- SHD ---- D: \ FOUND.158
2008-12-09 23:27:12 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ J River
2008-12-09 13:10:10 ---- D ---- D: \ Program Files \ Common Files \ NSV
2008-12-06 05:52:44 ---- SHD ---- D: \ FOUND.157
2008-12-06 01:43:41 ---- N ---- D: \ Windows \ system32 \ vxblock.dll
2008-12-06 01:43:41 ---- N ---- D: \ Windows \ system32 \ pxwave.dll
2008-12-06 01:43:41 ---- N ---- D: \ Windows \ system32 \ pxmas.dll
2008-12-06 01:43:41 ---- N ---- D: \ Windows \ system32 \ pxhpinst.exe
2008-12-06 01:43:41 ---- N ---- D: \ Windows \ system32 \ pxdrv.dll
2008-12-06 01:43:40 ---- N ---- D: \ Windows \ system32 \ px.dll
2008-12-06 01:43:14 ---- D ---- D: \ Program Files \ Winamp
2008-12-06 01:43:14 ---- O ---- D: \ WINDOWS \ winamp.ini
2008-12-05 14:40:22 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ Netscape
2008-12-05 14:39:56 ---- D ---- D: \ Program Files \ Netscape
2008-12-04 17:34:26 ---- SHD ---- D: \ FOUND.156
2008-12-04 08:55:46 ---- SHD ---- D: \ FOUND.155
2008-12-02 22:24:47 ---- D ---- D: \ Documents and Settings \ Burhan \ Application Data \ InstallShield

====== Lista de fişiere / foldere modificate din ultimele 1 luna ======

2008-12-31 05:00:54 ---- N ---- D: \ WINDOWS \ SchedLgU.Txt
2008-12-24 22:49:44 ---- O ---- D: \ WINDOWS \ ModemLog_Smart Link 56K Voice Modem.txt

====== Lista de drivere (R = Rularea, S = oprit, 0 = Boot, 1 = System, 2 = Auto, 3 = cerere, 4 = Disabled )======

R1 P3; PentiumIII Procesor Intel Driver; D: \ WINDOWS \ system32 \ drivers \ p3.sys [2004-08-03 42496]
R1 SASDIFSV; SASDIFSV; \?? \ D: \ Program Files \ SUPERAntiSpyware \ SASDIFSV.SYS []
R1 SASKUTIL; SASKUTIL; \?? \ D: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.sys []
R1 WS2IFSL; Windows Socket 2.0 Non-IFS furnizor de servicii de suport de Mediu; D: \ Windows \ system32 \ drivers \ ws2ifsl.sys [2001-08-23 12032]
R2 AVFilter; AVFilter; D: \ Windows \ system32 \ drivers \ AVFilter.sys [2008-02-12 21904]
R2 dmsmbios; dmsmbios; \?? \ D: \ Windows \ system32 \ dmsmbios.sys []
R3 ac97intc; Intel (r) 82801 Audio Driver Instalare Service (WDM); D: \ Windows \ system32 \ drivers \ ac97intc.sys [2001-08-17 96256]
R3 AVHook; AVHook; D: \ Windows \ system32 \ drivers \ AVHook.sys [2007-12-06 28568]
R3 AVRec; AVRec; D: \ Windows \ system32 \ drivers \ AVRec.sys [2007-12-06 21912]
R3 EL90XBC; 3COM EtherLink XL 90XB / C Adapter Driver; D: \ WINDOWS \ system32 \ drivers \ el90xbc5.sys [2001-08-17 66591]
R3 i81x; i81x; D: \ WINDOWS \ system32 \ drivers \ i81xnt5.sys [2004-08-03 161020]
R3 MODEMCSA; Unimodem Streaming Filtru Device; D: \ Windows \ system32 \ drivers \ MODEMCSA.sys [2001-08-17 16128]
R3 Mtlmnt5; Mtlmnt5; D: \ WINDOWS \ system32 \ drivers \ Mtlmnt5.sys [2004-08-03 126686]
R3 Slntamr; Legătură inteligentă 56K Modem Driver; D: \ WINDOWS \ system32 \ drivers \ slntamr.sys [2004-08-03 404990]
R3 SlWdmSup; SlWdmSup; D: \ WINDOWS \ system32 \ drivers \ SlWdmSup.sys [2004-08-03 13240]
R3 usbhub; USB2 Enabled Hub; D: \ WINDOWS \ system32 \ drivers \ Usbhub.sys [2004-08-03 57600]
R3 usbuhci; Microsoft USB Universal Host Controller Driver miniport; D: \ WINDOWS \ system32 \ drivers \ Usbuhci.sys [2004-08-03 20480]
S1 b88b9e8e; b88b9e8e; D: \ Windows \ system32 \ drivers \ b88b9e8e.sys [2008-08-05 109150]
S3 AvFlt; Antivirus driverul de filtrare; D: \ Windows \ system32 \ drivers \ av5flt.sys []
S3 CCDECODE; Closed Caption Decoder; D: \ WINDOWS \ system32 \ drivers \ CCDECODE.sys [2004-08-03 17024]
S3 iAimFP0; iAimFP0; D: \ WINDOWS \ system32 \ drivers \ wADV01nt.sys [2004-08-03 12415]
S3 iAimFP1; iAimFP1; D: \ WINDOWS \ system32 \ drivers \ wADV02NT.sys [2004-08-03 12127]
S3 iAimFP2; iAimFP2; D: \ WINDOWS \ system32 \ drivers \ wADV05NT.sys [2004-08-03 11775]
S3 iAimFP3; iAimFP3; D: \ WINDOWS \ system32 \ drivers \ wSiINTxx.sys [2004-08-03 12063]
S3 iAimFP4; iAimFP4; D: \ WINDOWS \ system32 \ drivers \ wVchNTxx.sys [2004-08-03 19455]
S3 iAimFP5; iAimFP5; D: \ WINDOWS \ system32 \ drivers \ wADV07nt.sys [2004-08-03 11807]
S3 iAimFP6; iAimFP6; D: \ WINDOWS \ system32 \ drivers \ wADV08nt.sys [2004-08-03 11295]
S3 iAimFP7; iAimFP7; D: \ WINDOWS \ system32 \ drivers \ wADV09nt.sys [2004-08-03 11871]
S3 iAimTV0; iAimTV0; D: \ WINDOWS \ system32 \ drivers \ wATV01nt.sys [2004-08-03 29311]
S3 iAimTV1; iAimTV1; D: \ WINDOWS \ system32 \ drivers \ wATV02NT.sys [2004-08-03 19551]
S3 iAimTV3; iAimTV3; D: \ WINDOWS \ system32 \ drivers \ wATV04nt.sys [2004-08-03 33599]
S3 iAimTV4; iAimTV4; D: \ WINDOWS \ system32 \ drivers \ wCh7xxNT.sys [2004-08-03 23615]
S3 iAimTV5; iAimTV5; D: \ WINDOWS \ system32 \ drivers \ wATV10nt.sys [2004-08-03 25471]
S3 iAimTV6; iAimTV6; D: \ WINDOWS \ system32 \ drivers \ wATV06nt.sys [2004-08-03 22271]
S3 MBAMSwissArmy; MBAMSwissArmy; \?? \ D: \ Windows \ system32 \ drivers \ mbamswissarmy.sys []
S3 MSTEE; Microsoft Streaming tee / Chiuveta-la-Chiuveta Converter; D: \ Windows \ system32 \ drivers \ MSTEE.sys [2004-08-03 5504]
S3 Mtlstrm; Mtlstrm; D: \ WINDOWS \ system32 \ drivers \ Mtlstrm.sys [2004-08-03 1309184]
S3 NABTSFEC; NABTS / FEC VBI Codec; D: \ WINDOWS \ system32 \ drivers \ NABTSFEC.sys [2004-08-03 85376]
S3 NdisIP; Microsoft TV / video Connection; D: \ WINDOWS \ system32 \ drivers \ NdisIP.sys [2004-08-03 10880]
S3 nmwcd; USB Nokia Telefon Parent; D: \ Windows \ system32 \ drivers \ nmwcd.sys [2007-02-22 137216]
S3 nmwcdc; Nokia USB Generic; D: \ Windows \ system32 \ drivers \ nmwcdc.sys [2007-02-22 8320]
S3 nmwcdcj; Nokia Portul USB; D: \ Windows \ system32 \ drivers \ nmwcdcj.sys [2007-02-22 12288]
S3 nmwcdcm; Nokia USB Modem; D: \ Windows \ system32 \ drivers \ nmwcdcm.sys [2007-02-22 12288]
S3 NtMtlFax; NtMtlFax; D: \ WINDOWS \ system32 \ drivers \ NtMtlFax.sys [2004-08-03 180360]
S3 SASENUM; SASENUM; \?? \ D: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS []
S3 SBRE; SBRE; \?? \ D: \ Windows \ system32 \ drivers \ SBREdrv.sys []
S3 Slip; BDA Slip De-Framer; D: \ WINDOWS \ system32 \ drivers \ SLIP.sys [2004-08-03 11136]
S3 SlNtHal; SlNtHal; D: \ WINDOWS \ system32 \ drivers \ Slnthal.sys [2004-08-03 95424]
S3 streamip; BDA IPSink; D: \ WINDOWS \ system32 \ drivers \ StreamIP.sys [2004-08-03 15360]
S3 usbprint; Microsoft USB PRINTER clasa; D: \ WINDOWS \ system32 \ drivers \ usbprint.sys [2004-08-03 25856]
S3 USBSTOR; USB Mass Storage Driver; D: \ WINDOWS \ system32 \ drivers \ USBSTOR.SYS [2004-08-03 26496]
S3 WpdUsb; WpdUsb; D: \ Windows \ system32 \ Drivers \ wpdusb.sys [2004-08-11 18944]
S3 WSTCODEC; lume Standard Teletext Codec; D: \ WINDOWS \ system32 \ drivers \ WSTCODEC.SYS [2004-08-03 19328]
S3 XIRLINK; IBM PC Camera; D: \ WINDOWS \ system32 \ drivers \ C-itnt.sys [1999-10-19 435655]

====== Lista de servicii (R = Running, S = oprit, 0 = Boot, 1 = System, 2 = Auto, 3 = cerere, 4 = Disabled )======

R2 MDM; Machine Debug Manager; D: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE [2003-06-19 322120]
R2 UMWdf; Windows User Mode Driver-cadru; D: \ Windows \ system32 \ wdfmgr.exe [2004-08-11 38912]
S2 distribuite; distribuite; D: \ Program Files \ Common Files \ Microsoft Shared \ MSINFO \ ServerNet.exe []
S2 PCTAVSvc; PC Tools AntiVirus Motor; D: \ Program Files \ PC Tools AntiVirus \ PCTAVSvc.exe [2008-09-23 995520]
S2 SLService; SmartLinkService; D: \ Windows \ system32 \ slserv.exe [2004-08-04 73796]
S3 AresChatServer; Ares Chatroom server; D: \ Program Files \ Ares \ chatServer.exe [2007-03-20 263168]
S3 aspnet_state; ASP.NET membru Service; D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ aspn et_state.exe [2005-09-23 29896]
S3 clr_optimization_v2.0.50727_32;. NET Runtime Optimization Service v2.0.50727_X86; D: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ msco rsvw.exe [2005-09-23 66240]
S3 OSE; Office Sursa Motor; D: \ Program Files \ Common Files \ Microsoft Shared \ Sursa Motor \ OSE.EXE [2003-07-28 89136]
S3 ServiceLayer; ServiceLayer; D: \ Program Files \ PC Connectivity Solution \ ServiceLayer.exe [2007-06-15 300544]
S3 usnjsvc; Messenger Sharing Folders USN Oficial Reader serviciu; D: \ Program Files \ MSN Messenger \ usnsvc.exe [2007-01-19 97136]
S3 WLSetupSvc; Windows Live Setup Service; D: \ Program Files \ Windows Live \ Installer \ WLSetupSvc.exe [2007-10-25 266240]

----------------- EOF -----------------

**Mohi212** · #4 O 1 2009, 11:11

info.txt LogFile de aleator al sistemului de informaţii instrument 1,02 2008-09-26 23:02:40

====== Dezinstalaţi lista ======

-> D: \ WINDOWS \ IsUninst.exe-f "D: \ Program Files \ IbmPcCamera \ Uninst.isu"
-> rundll32.exe setupapi.dll, InstallHinfSection DefaultUninstall 132 D: \ Windows \ Inf \ PCHealth.inf
ACDSee -> D: \ PROGRA ~ 1 \ ACDSYS ~ 1 \ ACDSee \ UNWISE.EXE D: \ PROGRA ~ 1 \ ACDSYS ~ 1 \ ACDSee \ INSTALL.LOG
Adobe Flash Player ActiveX -> D: \ Windows \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Flash Player Plugin -> D: \ Windows \ system32 \ Macromed \ Flash \ uninstall_plug in.exe
AIM 6 -> D: \ Program Files \ AIM6 \ uninst.exe
Ares 2.0.9 -> "D: \ Program Files \ Ares \ uninstall.exe"
Astro123-v1.40 -> "D: \ Program Files \ Astro123 \ unins000.exe"
Axialis AX-Icons 4.5 -> D: \ Program Files \ Axialis \ AX-icoane \ UnInstall.exe "AX-Icons 4.5" "AXIcons.exe"
CCleaner (elimina numai )-->" D: \ Program Files \ CCleaner \ uninst.exe "
CDisplay 1.8 -> "D: \ Program Files \ CDisplay \ unins000.exe"
Download Accelerator Plus -> D: \ PROGRA ~ 1 \ DAP \ UNWISE.EXE D: \ PROGRA ~ 1 \ DAP \ INSTALL.LOG
ESET Online Scanner -> D: \ Windows \ system32 \ OnlineScannerUninstaller.ex e
ffdshow [rev 2019] [2008-06-22 ]-->" D: \ Program Files \ ffdshow \ unins000.exe "
Flash Studio PRO Proces -> "D: \ Program Files \ Flash Studio PRO Trial \ unins000.exe"
Flv Player 2.0, construi 24 -> C: \ Program Files \ flv Player \ uninst.exe
Foxit Reader -> C: \ Program Files \ Foxit Software \ Foxit Reader \ Uninstall.exe
Glary Registry Repair 2.9 -> "D: \ Program Files \ Glary Registry Repair \ unins000.exe"
Google Earth -> Msiexec.exe / I (1D14373E-7970-4F2F-A467-ACA4F0EA21E3)
Google Talk (doar elimina )-->" D: \ Program Files \ Google \ Google Talk \ uninstall.exe "
Bara de instrumente Google pentru Internet Explorer -> Msiexec.exe / I (DBEA1034-5882-4A88-8033-81C4EF0CFA29)
Bara de instrumente Google pentru Internet Explorer -> regsvr32 / u / s "d: \ Program Files \ Google \ googletoolbar2.dll"
HijackThis 2.0.2 -> "D: \ Documents and Settings \ Burhan \ My Documents \ TOATE software \ HijackThis.exe" / dezinstala
Remedierea rapidă pentru Windows XP (KB915865 )-->" D: \ WINDOWS \ $ NtUninstallKB915865 $ \ Spuninst \ spunin st.exe "
Internet Download Manager -> D: \ Program Files \ Internet Download Manager \ Uninstall.exe
Malwarebytes' Anti-Malware -> "D: \ Program Files \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft suport pentru limbile naţionale Downlevel API-uri -> "D: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Excel Viewer 2003 -> Msiexec.exe / I (90840409-6000-11D3-8CFE-0150048383C9)
Microsoft Office XP Professional cu FrontPage -> Msiexec.exe / I (90280409-6000-11D3-8CFE-0050048383C9)
Microsoft Visual Basic 6.0 Enterprise Edition -> "D: \ Program Files \ Microsoft Visual Studio \ VB98 \ Setup \ 1033 \ setup.exe"
Web Microsoft Editura Expert 1.53 -> rundll32 ADVPACK.DLL, LaunchINFSection D: \ Windows \ Inf \ wpie3x86.inf, WebPostUninstall
Mobysaurus Thesaurus -> "D: \ Windows \ system32 \ SpoonUninstall.exe" <uninstall> D: \ Windows \ system32 \ SpoonUninstall-Mobysaurus Thesaurus.dat
Nokia Connectivity Cable Driver -> Msiexec.exe / X (11964613-805F-432D-A12B-169554B793E7)
Nokia Multimedia Player -> D: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ INSTAL ~ 1 \ Driver \ 7 \ INTEL3 ~ 1 \ I Driver.exe / M (4D6183C0-005C-4B1F-8261-4B0F71F1C4A5)
Nokia PC Suite -> D: \ Documents and Settings \ All Users \ Application Data \ Instalaţii \ (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72) \ Nokia_PC_Suite_6_84_10_3_EA.exe
Nokia PC Suite -> Msiexec.exe / I (A982E6CC-9F0D-4948-9B18-BDFD55DE4A72)
Opera 9.51 -> Msiexec.exe / X (179624B1-2683-45ED-965A-B72189EB5820)
PC Connectivity Solution -> Msiexec.exe / I (99A40651-0BC2-4095-8F9A-A40FAB224FEF)
PowerDVD -> rundll32 D: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ INSTAL ~ 1 \ motor \ 6 \ INTEL3 ~ 1 \ CT or.dll, LaunchSetup "D: \ Program Files \ InstallShield Installation Information \ (6811CAA0-BF12 - 11D4-9EA1-0050BAE317E1) \ Setup.exe "-dezinstala
QuickTime -> Msiexec.exe / I (F07B861C-72B9-40A4-8B1A-AAED4C06A7E8)
RichFX Player -> rundll32 D: \ PROGRA ~ 1 \ COMUNĂ ~ 1 \ RichFX \ npvpg004.dll, Uninstall _Player
Skype ™ 3.8 -> Msiexec.exe / X (5C82DAE5-6EB0-4374-9254-BE3319BA4E82)
TIMES Educatie - un nivel de Fizica -> D: \ WINDOWS \ uninst.exe-f "D: \ Program Files \ TIMES Educaţie \ un nivel \ Fizica \ DeIsL2.isu"-CD: \ PROGRA ~ 1 \ TIMESE ~ 1 \ ALEVEL ~ 1 \ Fizica \ _ISREG32.DL L
TZ Connection Booster 2.6 -> "D: \ Program Files \ TZ Connection Booster \ unins000.exe"
USB Drive Antivirus 2.3 -> "D: \ Program Files \ USBAntiVirus \ unins000.exe"
Punct de vedere Media Player -> D: \ Program Files \ punct de vedere \ punct de vedere Media Player \ mtsAxInstaller.exe / u
Windows Driver Package - Nokia (WUDFRd) WPD (06/01/2007 6.84.33.0) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ Windows \ system32 \ DRVSTORE \ pccswpddri_044C8712DB 44F83D9DE6C376991EE9254E0A69E4 \ pccswpddriver.inf
Windows Driver Package - Nokia Modem (02.15.2007 3.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ Windows \ system32 \ DRVSTORE \ pccs_bluet_8B37DC7291 8CCD58A6EC20373AF6242B037A293B \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (02.15.2007 3.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ Windows \ system32 \ DRVSTORE \ pccs_bluet_F12A08B6F7 76984A95553486F64C541356F86E38 \ pccs_bluetooth.inf
Windows Driver Package - Nokia Modem (05/24/2007 6.84.0.1) -> D: \ PROGRA ~ 1 \ DIFX \ 270581355A767BF1 \ dpinst.exe / u D: \ Windows \ system32 \ DRVSTORE \ nokbtmdm_5E1541AFF1E1 EA3554CE566743CCAD323ED1C108 \ nokbtmdm.inf
Windows Installer 3.1 (KB893803 )-->" D: \ WINDOWS \ $ MSI31Uninstall_KB893803v2 $ \ spuninst \ spuninst.exe "
Windows Live instalare -> Msiexec.exe / X (A7E4ECCA-4A8E-4258-8EC8-2DCCF5B11320)
Windows Live Messenger -> Msiexec.exe / I (571700F0-DB9D-4B3A-B03D-35A14BB5939F)
Windows Media Format Runtime -> "D: \ Program Files \ Windows Media Player \ wmsetsdk.exe" / UninstallAll
Windows Media Player 10 -> "D: \ Program Files \ Windows Media Player \ Setup_wm.exe" / Dezinstalare
WinRAR archiver -> D: \ Program Files \ WinRAR \ uninstall.exe
Yahoo! Messenger -> D: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ UNWISE.EXE / UD: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ INSTALL.LOG

====== Variabile de Mediu ======

"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% systemroot% \ system32;% systemroot%;% systemr oot% \ system32 \ wbem; D: \ Program Files \ PC Connectivity Solution; D: \ Program Files \ QuickTime \ QTSYSTEM
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NU
"Sistem de operare" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = x86 Familiei 6 Model 8 păşit 10, GenuineIntel
"PROCESSOR_REVISION" = 080a
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. Exe;. BAT;. CMD;. VBS;. Vbe;. JS;. JSE;. WSF;. WSH
"TEMP" =% SystemRoot% \ temp
"Tmp" =% SystemRoot% \ temp
"CLASSPATH" =.; D: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = D: \ Program Files \ QuickTime \ QTSystem \ QTJava.zip

----------------- EOF -----------------

**Mohi212** · #5 O 1 2009, 11:14

Malwarebytes' Anti-Malware 1.28
Baza de date versiune: 1234
Windows 5.1.2600 Service Pack 2

12.31.2008 6:04:35
mbam-log-2008-12-31 (06.04.35). txt

Scan type: Full Scan (D: \ |)
Obiecte scanate: 107121
Timpul scurs: 24 minute (s), 0 secunde (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Chei de Registry Infected: 2
Registry Values Infected: 0
Registrul de date Elemente Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(Nici un rău elemente detectat)

Memory Modules Infected:
(Nici un rău elemente detectat)

Chei de Registry Infected:
HKEY_CLASSES_ROOT \ AppID \ (bdbebf18-7615-4971-9ac3-bd6ffb7ad6c1) (Adware.WebDir) -> carantină şi a fost şters cu succes.
HKEY_CLASSES_ROOT \ AppID \ DLP.DLL (Trojan.BHO) -> carantină şi a fost şters cu succes.

Registry Values Infected:
(Nici un rău elemente detectat)

Registrul de date Elemente Infected:
(Nici un rău elemente detectat)

Folders Infected:
(Nici un rău elemente detectat)

Files Infected:
(Nici un rău elemente detectat)

**evilfantasy** · #6 O 1 2009, 12:55

Deschide HijackThis şi selectaţi Fă-un sistem de scanare numai.

Se pune un semn de selectare lângă următoarele menţiuni: (dacă există)

F2 - REG: System.ini: Shell = explorer.exe

Important: Închideţi toate ferestrele deschise cu excepţia HijackThis apoi faceţi clic pe Fix verificate.

Odată finalizat, ieşire HijackThis.

----------

Descarca ComboFix © de sUBs de la unul din link-urile de mai jos. Asiguraţi-vă că aţi început să-l salvaţi în Spaţiul de lucru.

Link # 1
Link # 2

** Notă: Este important că este salvat direct pe Desktop

NU rulaţi-l încă!

Notă: instrucţiunile de mai jos au fost create special pentru acest utilizator. Dacă nu sunteţi acest utilizator, NU urmaţi aceste direcţii în care acestea ar putea deteriora funcţionarea sistemului dvs.

Ştergeţi aceste fişiere / foldere, după cum urmează:

1. Du-te la Porni > Fugi > Tip Notepad.exe şi faceţi clic pe OK pentru a deschide Notepad.
El / ea trebui fi Notepad, nu Wordpad.
2. Copia textul în caseta de mai jos codul de evidenţă tot textul şi apăsând Ctrl + C

Cod:

Killall:: File:: D: \ FOUND.174 D: \ FOUND.173 D: \ FOUND.172 D: \ FOUND.171 D: \ FOUND.170 D: \ FOUND.169 D: \ FOUND.168 D: \ FOUND.167 D: \ FOUND.166 D: \ FOUND.165 D: \ FOUND.164 D: \ FOUND.163 D: \ FOUND.162 D: \ FOUND.161 D: \ FOUND.160 D: \ GĂSIT .159 D: \ FOUND.158 D: \ FOUND.157 D: \ FOUND.156 D: \ FOUND.155 registri:: [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ Browser Helper Objects \ (-7E853D72 626A-48EC-A868-BA8D5E23E045)] [-HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar] (DE9C389F-3316-41A7-809B-AA305ED9D922) [-HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Explorer \ mountpoints2 \ ( dafa2220-8123-11dd-aa9c-00065b298742)]

3. Du-te la fereastră şi faceţi clic pe Notepad Editare > Lipire
4. Apoi, faceţi clic pe Dosar > Economisi
5. Nume de fişier CFScript.txt - Salvaţi fişierul pe spaţiul de lucru
6. Apoi, glisaţi CFScript (ţineţi butonul stânga al mouse-ului în timp ce fişierul de lungă durată) şi fixaţi-l (de eliberare din stânga mouse-ul) în ComboFix.exe după cum puteţi vedea în imaginea de mai jos. Important: Efectua această instrucţiune cu atenţie!

ComboFix vor începe să execute, urmaţi solicitările.
După repornirea sistemului (în cazul în care le cere să reporniţi), aceasta va produce un jurnal pentru tine.
Post că jurnal (Combofix.txt) în următoarea replică.

Notă: Nu mouseclick ComboFix de fereastră în timp ce se execută. Care pot determina sistemul dvs. pentru a se congela