![]() |
Chirurgia endoscopică a hipofizei
"Standardul de aur" în chirurgia hipofizară îl reprezintă endoscopia transnazală transsfenoidală. Echipa NeuroHope este antrenată în unul din cele mai mari centre de chirurgie a hipofizei din Europa, Spitalul Foch din Paris, centrul în care a fost introdus pentru prima dată endoscopul în chirurgia transnazală a hipofizei, de către neurochirurgul francez Guiot. Pe lângă tumorile cu origine hipofizară, prin tehnicile endoscopice transnazale pot fi abordate numeroase alte patologii neurochirurgicale. www.neurohope.ro |
hijack this - silvius_tec07
Last Updated: Jul 06 2010 21:09, Started by
silvius_tec07
, Apr 03 2010 16:49
·
0
![](https://forum.softpedia.com//public/style_images/classic/icon_users.png)
#19
Posted 05 April 2010 - 16:15
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
#20
Posted 05 April 2010 - 16:24
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
#21
Posted 27 May 2010 - 20:58
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Quote Logfile of Trend Micro HiJackThis v2.0.4 Scan saved at 9:51:01 PM, on 5/27/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\RTHDCPL.EXE C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\iTunes\iTunesHelper.exe C:\WINDOWS\vsnpstd3.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Documents and Settings\All Users\Application Data\BrowserZinc\browserzinc139.exe C:\WINDOWS\system32\inetsrv\inetinfo.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\BrowserZinc\browserzinc.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\ATI Technologies\ATI.ACE\cli.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\Program Files\Avira\AntiVir Desktop\avshadow.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\dllhost.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Yahoo!\Messenger\ymsgr_tray.exe C:\Kituri\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.softpedia.com R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.daemon-search.com/startpage R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft....k/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft....k/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft....k/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....k/?LinkId=69157 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://www.softpedia.com/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Softpedia R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local O2 - BHO: &Yahoo! Toolbar Helper - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: Count Access Advancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Count Access Advancer\5.6.0.7190\CAAIEAddOn.dll (file missing) O2 - BHO: Advanced Access Controller - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Advanced Access Controller\4.6.0.2670\AACIEAddOn.dll (file missing) O2 - BHO: Customized Web Management - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Customized Web Management\1.6.0.3840\CWMIE.dll O2 - BHO: WhenUSearch Helper - {BA2325ED-F9EB-4830-8FCE-0BC35B16969B} - C:\Program Files\WhenUSearch\search.dll (file missing) O2 - BHO: Internet Content Assistant - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Internet Content Assistant\1.6.0.3960\ICAIE.dll O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O2 - BHO: GamezJoint Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvb0.dll (file missing) O2 - BHO: Automated Result Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Automated Result Operator\4.6.0.2810\AROIEAddOn.dll O2 - BHO: SingleInstance Class - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn\YTSingleInstance.dll O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: GamezJoint Toolbar - {D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} - C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvb0.dll (file missing) O3 - Toolbar: Daemon Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [BDSwitchAgent] C:\PROGRA~1\Softwin\BITDEF~1\bdswitch.exe O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime -Delay O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe" O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe" O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe O4 - HKLM\..\Run: [Internet Connection Wizard Task] "C:\Program Files\Internet Connection Wizard\1.6.0.2350\InternetToday.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background O4 - HKCU\..\Run: [Messenger (Yahoo!)] "C:\PROGRA~1\Yahoo!\MESSEN~1\YahooMessenger.exe" -quiet O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [nod32] C:\DOCUME~1\Silvius\LOCALS~1\Temp\nodqq.exe O4 - HKCU\..\Run: [VideoBarApp] C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent O4 - HKCU\..\Run: [dso32] C:\DOCUME~1\Silvius\LOCALS~1\Temp\dsoqq.exe O8 - Extra context menu item: &Funband Serach - res://C:\Program Files\GamezJoint Toolbar\2.6.1.11950\mvb0.dll/MENUSEARCH.HTM O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: BrowserZinc Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\BrowserZinc\browserzinc139.exe O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Yahoo! Updater (YahooAUService) - Yahoo! Inc. - C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe Acestea sunt rezultatele ce provin dintr-o scaanare cu hijack this. Eu am o problema numita IE Error Scrit (Internet Explorer nu vrea sa mi se deschida si, nici windows media player). Am incercat toate lucrurile posibile l-am dezinstalat de multe ori si i-am facut atat updateuri manuale cat si automate. Eu am folosit o versiune veche de antivirus (BITDEFENDER 9) asa ca l-am dezinstalat si am instalat avira. Problema e ca mi se blocheaza cand il pun sa scaneze, dar imi apar jos fisiere care sunt infectate. Deci, va rog mult ajutati-ma si daca se poate, fara sa trebuiasca sa reinstalez windowsul! -- End of file - 8470 bytes |
#22
Posted 27 May 2010 - 22:02
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Descarca: ComboFix si salveaza-l pe Desktop.
Creeaza un fisier nou de tip .txt cu Notepad si scrie in el ce e mai jos in citat: Quote File:: C:\DOCUME~1\Silvius\LOCALS~1\Temp\dsoqq.exe C:\DOCUME~1\Silvius\LOCALS~1\Temp\nodqq.exe Denumeste fisierul CFScript.txt apoi trage-l peste ComboFix.exe asa cum e aratat in poza de mai jos. [ http://users.telenet.be/bluepatchy/miekiemoes/images/CFScript.gif - Pentru incarcare in pagina (embed) Click aici ] Apoi asigura-te ca ai inchis toate programele care ruleaza (Yahoo Messenger, MozilaFirefox, etc) si ruleaza ComboFix. Te va intreba daca sa inceapa sa curete sistemul. Confirma cu Yes de fiecare data. Nu-l opri in timp ce scaneaza si dezinfecteaza sistemul. E posibil ca in timpul rularii lui desktop-ul sa dispara, dar nu te ingrijora. La sfarsit va afisa rezultatele scanarii. Salveaza acel fisier si posteaza continutul AICI. |
#23
Posted 28 May 2010 - 11:09
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Quote ComboFix 10-05-27.02 - Silvius 05/28/2010 11:49:51.1.1 - x86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.1023.660 [GMT 3:00] Running from: c:\documents and settings\Silvius\Desktop\ComboFix.exe Command switches used :: c:\documents and settings\Silvius\Desktop\CFScript.txt.txt AV: AntiVir Desktop *On-access scanning enabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} FILE :: "c:\docume~1\Silvius\LOCALS~1\Temp\dsoqq.exe" "c:\docume~1\Silvius\LOCALS~1\Temp\nodqq.exe" . ((((((((((((((((((((((((((((((((((((((( Other Deletions ))))))))))))))))))))))))))))))))))))))))))))))))) . C:\autorun.inf c:\docume~1\Silvius\LOCALS~1\Temp\dsoqq.exe c:\docume~1\Silvius\LOCALS~1\Temp\nodqq.exe c:\documents and settings\All Users\Application Data\BrowserZinc c:\documents and settings\All Users\Application Data\BrowserZinc\browserzinc139.exe c:\documents and settings\Silvius\Local Settings\Temporary Internet Files\mvb06759.tmp C:\hc3hvi0.exe c:\program files\Automated Result Operator\4.6.0.2810\AROIeaddon.dll c:\program files\BrowserZinc c:\program files\BrowserZinc\browserzinc.dll c:\program files\BrowserZinc\browserzinc.exe c:\program files\BrowserZinc\uninstall.exe c:\program files\Customized Web Management\1.6.0.3840\CWMIe.dll c:\program files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe c:\program files\Internet Content Assistant\1.6.0.3960\ICAIe.dll c:\program files\WhenUSearch c:\program files\WhenUSearch\Content\css\dialog.css c:\program files\WhenUSearch\Content\css\menu.css c:\program files\WhenUSearch\Content\css\module_weather.css c:\program files\WhenUSearch\Content\css\module_weather_dialog.css c:\program files\WhenUSearch\Content\css\quick.css c:\program files\WhenUSearch\Content\customize.html c:\program files\WhenUSearch\Content\daemon.ico c:\program files\WhenUSearch\Content\dialog.css c:\program files\WhenUSearch\Content\global.js c:\program files\WhenUSearch\Content\images\add_image.gif c:\program files\WhenUSearch\Content\images\add_image_down.gif c:\program files\WhenUSearch\Content\images\add_image_on.gif c:\program files\WhenUSearch\Content\images\arrow_down.gif c:\program files\WhenUSearch\Content\images\arrow_down_on.gif c:\program files\WhenUSearch\Content\images\arrow_right.gif c:\program files\WhenUSearch\Content\images\arrow_right_on.gif c:\program files\WhenUSearch\Content\images\button_go.gif c:\program files\WhenUSearch\Content\images\button_go_down.gif c:\program files\WhenUSearch\Content\images\button_go_on.gif c:\program files\WhenUSearch\Content\images\button_search_down.gif c:\program files\WhenUSearch\Content\images\button_search_off.gif c:\program files\WhenUSearch\Content\images\button_search_on.gif c:\program files\WhenUSearch\Content\images\button_search_sm_down.gif c:\program files\WhenUSearch\Content\images\button_search_sm_off.gif c:\program files\WhenUSearch\Content\images\button_search_sm_on.gif c:\program files\WhenUSearch\Content\images\button_specials_on.gif c:\program files\WhenUSearch\Content\images\corner_bottom_left.gif c:\program files\WhenUSearch\Content\images\corner_top_left.gif c:\program files\WhenUSearch\Content\images\delete_button.gif c:\program files\WhenUSearch\Content\images\delete_button_down.gif c:\program files\WhenUSearch\Content\images\delete_button_on.gif c:\program files\WhenUSearch\Content\images\divider.gif c:\program files\WhenUSearch\Content\images\dot_orange.gif c:\program files\WhenUSearch\Content\images\dt_min_logo.gif c:\program files\WhenUSearch\Content\images\gear.gif c:\program files\WhenUSearch\Content\images\gear_down.gif c:\program files\WhenUSearch\Content\images\gear_grey.gif c:\program files\WhenUSearch\Content\images\gear_on.gif c:\program files\WhenUSearch\Content\images\instructions_border_corner.gif c:\program files\WhenUSearch\Content\images\instructions_border_right.gif c:\program files\WhenUSearch\Content\images\instructions_border_top.gif c:\program files\WhenUSearch\Content\images\link.gif c:\program files\WhenUSearch\Content\images\lock.gif c:\program files\WhenUSearch\Content\images\lock_down.gif c:\program files\WhenUSearch\Content\images\lock_grey.gif c:\program files\WhenUSearch\Content\images\lock_on.gif c:\program files\WhenUSearch\Content\images\logo_searchbar_down.gif c:\program files\WhenUSearch\Content\images\logo_searchbar_off.gif c:\program files\WhenUSearch\Content\images\logo_searchbar_on.gif c:\program files\WhenUSearch\Content\images\main_bg.gif c:\program files\WhenUSearch\Content\images\manage.gif c:\program files\WhenUSearch\Content\images\manage_down.gif c:\program files\WhenUSearch\Content\images\manage_grey.gif c:\program files\WhenUSearch\Content\images\manage_on.gif c:\program files\WhenUSearch\Content\images\menu_aim_bw.gif c:\program files\WhenUSearch\Content\images\menu_arrow_right.gif c:\program files\WhenUSearch\Content\images\menu_bg.gif c:\program files\WhenUSearch\Content\images\menu_left_bg.gif c:\program files\WhenUSearch\Content\images\menu_main_bw.gif c:\program files\WhenUSearch\Content\images\menu_pbandit_bw.gif c:\program files\WhenUSearch\Content\images\menu_right_bg.gif c:\program files\WhenUSearch\Content\images\menu_ucontrol_bw.gif c:\program files\WhenUSearch\Content\images\menu_ucontrol_filler_bw.gif c:\program files\WhenUSearch\Content\images\menu_whenu_bw.gif c:\program files\WhenUSearch\Content\images\message_alert.gif c:\program files\WhenUSearch\Content\images\min_new_res_menu.gif c:\program files\WhenUSearch\Content\images\min_new_res_menu_down.gif c:\program files\WhenUSearch\Content\images\min_new_res_menu_on.gif c:\program files\WhenUSearch\Content\images\min_new_results_new.gif c:\program files\WhenUSearch\Content\images\min_new_results_new_down.gif c:\program files\WhenUSearch\Content\images\min_new_results_new_on.gif c:\program files\WhenUSearch\Content\images\min_new_results_new_text.gif c:\program files\WhenUSearch\Content\images\min_new_results_new_text_on.gif c:\program files\WhenUSearch\Content\images\module_weather_left_bg_top.gif c:\program files\WhenUSearch\Content\images\more_bg.gif c:\program files\WhenUSearch\Content\images\more_bottom_bg.gif c:\program files\WhenUSearch\Content\images\more_bottom_main.gif c:\program files\WhenUSearch\Content\images\more_bottom_main_bg.gif c:\program files\WhenUSearch\Content\images\more_left_bg.gif c:\program files\WhenUSearch\Content\images\more_right_bg.gif c:\program files\WhenUSearch\Content\images\more_top_bg.gif c:\program files\WhenUSearch\Content\images\more_top_left.gif c:\program files\WhenUSearch\Content\images\more_top_left_bw.gif c:\program files\WhenUSearch\Content\images\more_top_right.gif c:\program files\WhenUSearch\Content\images\more_top_right_bw.gif c:\program files\WhenUSearch\Content\images\more_top_x.gif c:\program files\WhenUSearch\Content\images\more_top_x_bw.gif c:\program files\WhenUSearch\Content\images\more_top_x_down.gif c:\program files\WhenUSearch\Content\images\more_top_x_on.gif c:\program files\WhenUSearch\Content\images\mount.gif c:\program files\WhenUSearch\Content\images\mount_down.gif c:\program files\WhenUSearch\Content\images\mount_grey.gif c:\program files\WhenUSearch\Content\images\mount_on.gif c:\program files\WhenUSearch\Content\images\nav_button_bg.gif c:\program files\WhenUSearch\Content\images\nav_button_bg_down.gif c:\program files\WhenUSearch\Content\images\nav_button_bg_on.gif c:\program files\WhenUSearch\Content\images\notyet.gif c:\program files\WhenUSearch\Content\images\notyet_bw.gif c:\program files\WhenUSearch\Content\images\open_bg.gif c:\program files\WhenUSearch\Content\images\open_bottom_bg.gif c:\program files\WhenUSearch\Content\images\open_bottom_left.gif c:\program files\WhenUSearch\Content\images\open_bottom_left_bw.gif c:\program files\WhenUSearch\Content\images\open_bottom_right.gif c:\program files\WhenUSearch\Content\images\open_bottom_right_bw.gif c:\program files\WhenUSearch\Content\images\open_cancel.gif c:\program files\WhenUSearch\Content\images\open_cancel_down.gif c:\program files\WhenUSearch\Content\images\open_cancel_on.gif c:\program files\WhenUSearch\Content\images\open_defaults.gif c:\program files\WhenUSearch\Content\images\open_defaults_down.gif c:\program files\WhenUSearch\Content\images\open_defaults_on.gif c:\program files\WhenUSearch\Content\images\open_open.gif c:\program files\WhenUSearch\Content\images\open_open_down.gif c:\program files\WhenUSearch\Content\images\open_open_on.gif c:\program files\WhenUSearch\Content\images\open_save.gif c:\program files\WhenUSearch\Content\images\open_save_down.gif c:\program files\WhenUSearch\Content\images\open_save_on.gif c:\program files\WhenUSearch\Content\images\open_search.gif c:\program files\WhenUSearch\Content\images\open_search_down.gif c:\program files\WhenUSearch\Content\images\open_search_on.gif c:\program files\WhenUSearch\Content\images\right_bg.gif c:\program files\WhenUSearch\Content\images\right_bg_grey.gif c:\program files\WhenUSearch\Content\images\right_instructions.gif c:\program files\WhenUSearch\Content\images\right_instructions_on.gif c:\program files\WhenUSearch\Content\images\right_instructions_red.gif c:\program files\WhenUSearch\Content\images\right_left.gif c:\program files\WhenUSearch\Content\images\right_left_grey.gif c:\program files\WhenUSearch\Content\images\right_main_bg.gif c:\program files\WhenUSearch\Content\images\right_more_left.gif c:\program files\WhenUSearch\Content\images\right_more_off.gif c:\program files\WhenUSearch\Content\images\right_more_on.gif c:\program files\WhenUSearch\Content\images\right_more_up.gif c:\program files\WhenUSearch\Content\images\spacer.gif c:\program files\WhenUSearch\Content\images\tab_left_bg.gif c:\program files\WhenUSearch\Content\images\tab_left_bw.gif c:\program files\WhenUSearch\Content\images\tab_left_down.gif c:\program files\WhenUSearch\Content\images\tab_left_off.gif c:\program files\WhenUSearch\Content\images\tab_left_on.gif c:\program files\WhenUSearch\Content\images\tab_right_down.gif c:\program files\WhenUSearch\Content\images\tab_right_off.gif c:\program files\WhenUSearch\Content\images\tab_right_on.gif c:\program files\WhenUSearch\Content\images\unmount.gif c:\program files\WhenUSearch\Content\images\unmount_down.gif c:\program files\WhenUSearch\Content\images\unmount_grey.gif c:\program files\WhenUSearch\Content\images\unmount_on.gif c:\program files\WhenUSearch\Content\index.htm c:\program files\WhenUSearch\Content\instructions.html c:\program files\WhenUSearch\Content\loading.html c:\program files\WhenUSearch\Content\main_menu_sub.html c:\program files\WhenUSearch\Content\menu.css c:\program files\WhenUSearch\Content\menu_emu.html c:\program files\WhenUSearch\Content\menu_main.html c:\program files\WhenUSearch\Content\menu_manage.html c:\program files\WhenUSearch\Content\menu_opt.html c:\program files\WhenUSearch\Content\menu_ucontrol.html c:\program files\WhenUSearch\Content\menu_whenu.html c:\program files\WhenUSearch\Content\message.html c:\program files\WhenUSearch\Content\min.html c:\program files\WhenUSearch\Content\module_weather.css c:\program files\WhenUSearch\Content\module_weather_dialog.css c:\program files\WhenUSearch\Content\more.html c:\program files\WhenUSearch\Content\movement.js c:\program files\WhenUSearch\Content\newresults.html c:\program files\WhenUSearch\Content\notyet.html c:\program files\WhenUSearch\Content\open_browser.html c:\program files\WhenUSearch\Content\open_search.html c:\program files\WhenUSearch\Content\quick.css c:\program files\WhenUSearch\Content\quick_coupon.html c:\program files\WhenUSearch\Content\quick_instructions.html c:\program files\WhenUSearch\Content\quick_search.html c:\program files\WhenUSearch\Content\quick_tutorial.html c:\program files\WhenUSearch\Content\right.html c:\program files\WhenUSearch\Content\search.html c:\program files\WhenUSearch\Content\splash.html c:\program files\WhenUSearch\Content\tooltip_emu.html c:\program files\WhenUSearch\Content\tooltip_go.html c:\program files\WhenUSearch\Content\tooltip_logo.html c:\program files\WhenUSearch\Content\tooltip_manage.html c:\program files\WhenUSearch\Content\tooltip_more.html c:\program files\WhenUSearch\Content\tooltip_opt.html c:\program files\WhenUSearch\Content\tooltip_search.html c:\program files\WhenUSearch\Content\tooltip_slider.html c:\program files\WhenUSearch\Content\tooltip_whenu.html c:\program files\WhenUSearch\Content\tooltip_whenu2.html c:\program files\WhenUSearch\Content\ui.cfg c:\program files\WhenUSearch\Content\uninst.ico c:\program files\WhenUSearch\search.db c:\program files\WhenUSearch\search.htm c:\program files\WhenUSearch\Uninst.exe C:\r3fhr.exe c:\windows\system32\_004541_.tmp.dll c:\windows\system32\_004542_.tmp.dll c:\windows\system32\_004543_.tmp.dll c:\windows\system32\_004544_.tmp.dll c:\windows\system32\_004551_.tmp.dll c:\windows\system32\_004552_.tmp.dll c:\windows\system32\_004553_.tmp.dll c:\windows\system32\_004554_.tmp.dll c:\windows\system32\_004556_.tmp.dll c:\windows\system32\_004557_.tmp.dll c:\windows\system32\_004560_.tmp.dll c:\windows\system32\_004561_.tmp.dll c:\windows\system32\_004563_.tmp.dll c:\windows\system32\_004564_.tmp.dll c:\windows\system32\_004565_.tmp.dll c:\windows\system32\_004567_.tmp.dll c:\windows\system32\_004570_.tmp.dll c:\windows\system32\_004571_.tmp.dll c:\windows\system32\_004575_.tmp.dll c:\windows\system32\_004576_.tmp.dll c:\windows\system32\_004578_.tmp.dll c:\windows\system32\_004581_.tmp.dll c:\windows\system32\_004584_.tmp.dll c:\windows\system32\_004585_.tmp.dll c:\windows\system32\_004586_.tmp.dll c:\windows\system32\_004587_.tmp.dll c:\windows\system32\_004588_.tmp.dll c:\windows\system32\_004591_.tmp.dll c:\windows\system32\_004592_.tmp.dll c:\windows\system32\_004593_.tmp.dll c:\windows\system32\_004594_.tmp.dll c:\windows\system32\_004595_.tmp.dll c:\windows\system32\_004600_.tmp.dll c:\windows\system32\_004602_.tmp.dll c:\windows\system32\_004603_.tmp.dll c:\windows\system32\Cache D:\Autorun.inf D:\hc3hvi0.exe D:\r3fhr.exe . ((((((((((((((((((((((((((((((((((((((( Drivers/Services ))))))))))))))))))))))))))))))))))))))))))))))))) . -------\Legacy_BROWSERZINC_SERVICE -------\Service_BrowserZinc Service ((((((((((((((((((((((((( Files Created from 2010-04-28 to 2010-05-28 ))))))))))))))))))))))))))))))) . 2010-05-27 16:52 . 2010-05-27 16:52 -------- d-----w- c:\documents and settings\Silvius\Application Data\Avira 2010-05-27 16:41 . 2010-03-01 07:05 124784 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-05-27 16:41 . 2010-02-16 11:24 60936 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-05-27 16:41 . 2009-05-11 09:49 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-05-27 16:41 . 2009-05-11 09:49 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-05-27 16:41 . 2010-05-27 16:41 -------- d-----w- c:\program files\Avira 2010-05-27 16:41 . 2010-05-27 16:41 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-05-27 16:38 . 2010-05-27 16:44 38784 ----a-w- c:\documents and settings\Silvius\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-27 16:37 . 2010-05-27 16:44 38784 ----a-w- c:\documents and settings\Default User\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\airappinstaller\airappinstaller.exe 2010-05-27 16:37 . 2010-05-27 16:45 -------- d-----w- c:\program files\Common Files\Adobe AIR 2010-05-27 16:37 . 2010-05-27 16:36 115712 --sh--r- C:\bu8.exe 2010-05-27 16:18 . 2010-05-27 18:36 -------- d-----w- c:\documents and settings\Silvius\Application Data\TeamViewer 2010-05-27 16:17 . 2010-05-27 16:17 -------- d-----w- c:\program files\TeamViewer 2010-05-27 08:07 . 2010-05-27 16:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Electronic Arts 2010-05-27 08:07 . 2010-05-27 08:07 -------- d-----w- C:\ProgramData 2010-05-27 08:07 . 2010-05-27 08:07 -------- d-----w- c:\program files\Electronic Arts 2010-05-27 08:04 . 2010-05-27 08:04 10134 ----a-r- c:\documents and settings\Silvius\Application Data\Microsoft\Installer\{E3E71D07-CD27-46CB-8448-16D4FB29AA13}\ARPPRODUCTICON.exe 2010-05-27 08:04 . 2008-09-04 18:17 447752 ----a-r- c:\windows\system32\vp6vfw.dll 2010-05-27 08:04 . 2010-05-27 08:04 -------- d-----w- c:\program files\Microsoft WSE 2010-05-27 08:03 . 2006-09-28 13:05 2414360 ----a-w- c:\windows\system32\d3dx9_31.dll 2010-05-27 08:03 . 2010-05-27 08:03 -------- d-----w- c:\windows\Logs 2010-05-26 17:42 . 2010-05-27 13:53 -------- d-----w- c:\program files\DAEMON Tools Toolbar 2010-05-26 17:42 . 2010-05-26 17:49 -------- d-----w- c:\documents and settings\Silvius\Application Data\DAEMON Tools Lite 2010-05-26 17:42 . 2010-05-26 17:42 -------- d-----w- c:\documents and settings\All Users\Application Data\DAEMON Tools Lite 2010-05-14 12:48 . 2010-05-14 12:48 -------- d-----w- c:\program files\Internet Content Assistant 2010-05-14 12:48 . 2010-05-14 12:48 906477 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\icasetup.exe 2010-05-14 12:48 . 2010-05-14 12:48 -------- d-----w- c:\program files\Customized Web Management 2010-05-14 12:48 . 2010-05-14 12:48 1310013 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\cwmsetup.exe 2010-05-14 12:46 . 2010-05-10 04:09 3038911 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\Setup.exe 2010-05-12 16:29 . 2008-04-14 00:12 53760 -c--a-w- c:\windows\system32\dllcache\vfwwdm32.dll 2010-05-12 16:29 . 2008-04-14 00:12 53760 ----a-w- c:\windows\system32\vfwwdm32.dll 2010-05-07 20:35 . 2010-05-07 20:35 58644 ---ha-w- c:\windows\system32\mlfcache.dat 2010-05-07 20:18 . 2010-05-07 20:18 -------- d-----w- c:\program files\iPod 2010-05-07 20:18 . 2010-05-07 20:19 -------- d-----w- c:\program files\iTunes 2010-05-07 20:13 . 2010-05-07 20:13 -------- d-----w- c:\program files\Bonjour 2010-05-07 20:11 . 2010-05-07 20:11 73000 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\iTunes 9.1.1.12\SetupAdmin.exe 2010-05-07 20:09 . 2010-05-07 20:10 -------- d-----w- c:\program files\Safari 2010-05-07 20:08 . 2010-05-07 20:08 79144 ----a-w- c:\documents and settings\All Users\Application Data\Apple Computer\Installer Cache\Safari 5.31.22.7\SetupAdmin.exe 2010-05-03 19:55 . 2010-05-07 15:32 -------- d-----w- c:\documents and settings\Silvius\Application Data\dvdcss 2010-05-02 14:11 . 2010-05-18 13:57 -------- d-----w- c:\documents and settings\Silvius\Application Data\vlc 2010-05-02 14:08 . 2010-05-02 14:08 -------- d-----w- c:\program files\VideoLAN 2010-05-01 20:11 . 2010-05-01 20:11 -------- d-----w- c:\program files\Pocket Tanks Deluxe 2010-05-01 17:56 . 2010-05-01 18:35 -------- d-----w- c:\program files\Paint.NET 2010-05-01 17:56 . 2010-05-01 18:44 -------- d-----w- c:\documents and settings\Silvius\Local Settings\Application Data\Paint.NET 2010-05-01 17:54 . 2010-05-01 17:54 -------- d-----w- c:\windows\system32\XPSViewer 2010-05-01 17:54 . 2010-05-01 17:54 -------- d-----w- c:\program files\Reference Assemblies 2010-05-01 17:53 . 2008-07-06 12:06 89088 ----a-w- c:\windows\system32\Spool\prtprocs\w32x86\filterpipelineprintproc.dll 2010-05-01 17:52 . 2008-07-06 12:06 89088 -c----w- c:\windows\system32\dllcache\filterpipelineprintproc.dll 2010-05-01 17:52 . 2008-07-06 12:06 575488 -c----w- c:\windows\system32\dllcache\xpsshhdr.dll 2010-05-01 17:52 . 2008-07-06 12:06 575488 ------w- c:\windows\system32\xpsshhdr.dll 2010-05-01 17:52 . 2008-07-06 12:06 1676288 -c----w- c:\windows\system32\dllcache\xpssvcs.dll 2010-05-01 17:52 . 2008-07-06 12:06 1676288 ------w- c:\windows\system32\xpssvcs.dll 2010-05-01 17:52 . 2008-07-06 12:06 117760 ------w- c:\windows\system32\prntvpt.dll 2010-05-01 17:52 . 2008-07-06 10:50 597504 -c----w- c:\windows\system32\dllcache\printfilterpipelinesvc.exe 2010-05-01 17:52 . 2008-07-06 10:50 597504 ------w- c:\windows\system32\Spool\prtprocs\w32x86\printfilterpipelinesvc.exe 2010-05-01 17:42 . 2010-05-01 17:42 -------- d-----r- C:\AHCache 2010-05-01 17:34 . 2010-05-01 17:34 213504 ----a-w- c:\windows\system32\SpoonUninstall.exe 2010-05-01 17:34 . 2010-05-01 17:34 1061 ----a-w- c:\windows\system32\SpoonUninstall-Saint Paint Studio.dat 2010-05-01 17:34 . 2010-05-01 17:34 -------- d-----w- c:\program files\Saint Paint 2010-05-01 05:11 . 2010-05-01 05:11 -------- d-----w- c:\documents and settings\Default User\Local Settings\Application Data\Microsoft Help 2010-04-29 20:20 . 2010-04-29 20:20 -------- d-sh--w- c:\windows\system32\config\systemprofile\IETldCache 2010-04-29 19:04 . 2010-04-29 19:04 -------- d-----w- c:\documents and settings\Silvius\Application Data\ImgBurn 2010-04-29 18:51 . 2010-04-29 18:52 -------- dc-h--w- c:\windows\ie8 2010-04-29 18:09 . 2010-04-29 18:11 -------- d-----w- c:\documents and settings\All Users\Application Data\Norton 2010-04-29 18:09 . 2010-04-29 18:09 -------- d-----w- c:\documents and settings\All Users\Application Data\NortonInstaller 2010-04-29 16:01 . 2010-04-29 16:01 -------- d-----w- c:\documents and settings\Silvius\Local Settings\Application Data\Yahoo! 2010-04-29 16:00 . 2010-04-29 16:01 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! Companion 2010-04-29 16:00 . 2010-04-29 16:04 -------- d-----w- c:\documents and settings\Silvius\Application Data\Yahoo! 2010-04-29 16:00 . 2009-12-14 14:52 607472 ----a-w- c:\documents and settings\All Users\Application Data\Yahoo!\YUpdater\yupdater.exe 2010-04-29 15:59 . 2010-04-29 18:32 -------- d-----w- c:\windows\SxsCaPendDel 2010-04-29 15:08 . 2010-04-29 15:08 -------- d-----w- c:\windows\system32\Adobe 2010-04-28 17:59 . 2010-04-28 17:59 -------- d--h--w- c:\windows\msdownld.tmp 2010-04-28 13:55 . 2010-04-28 13:55 -------- d-----w- c:\documents and settings\Silvius\Application Data\WhenU 2010-04-28 13:54 . 2010-04-28 13:54 -------- d-----w- c:\program files\Common Files\WhenU 2010-04-28 13:51 . 2010-05-26 17:42 691696 ----a-w- c:\windows\system32\drivers\sptd.sys 2010-04-28 13:36 . 2009-08-06 16:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-04-28 13:36 . 2009-08-06 16:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-04-28 10:26 . 2010-04-28 10:30 -------- d-----w- c:\documents and settings\Silvius\Local Settings\Application Data\Adobe 2010-04-28 09:06 . 2010-04-29 19:30 -------- d-----w- c:\windows\system32\scripting 2010-04-28 09:06 . 2010-04-29 19:30 -------- d-----w- c:\windows\l2schemas 2010-04-28 09:06 . 2010-04-29 19:30 -------- d-----w- c:\windows\system32\en 2010-04-28 09:06 . 2010-04-29 19:30 -------- d-----w- c:\windows\system32\bits . (((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-28 08:58 . 2010-04-26 14:44 -------- d-----w- c:\documents and settings\Silvius\Application Data\uTorrent 2010-05-27 07:58 . 2010-04-25 10:29 -------- d--h--w- c:\program files\InstallShield Installation Information 2010-05-16 06:05 . 2010-04-26 14:45 -------- d-----w- c:\program files\uTorrent 2010-05-14 12:47 . 2010-05-14 12:47 -------- d-----w- c:\program files\Internet Connection Wizard 2010-05-14 12:47 . 2010-05-14 12:47 1522654 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\icwsetup.exe 2010-05-14 12:47 . 2010-05-14 12:47 -------- d-----w- c:\program files\Advanced Access Controller 2010-05-14 12:47 . 2010-05-14 12:47 864919 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\aacsetup.exe 2010-05-14 12:47 . 2010-05-14 12:47 -------- d-----w- c:\program files\Common Files\Count Access Advancer 2010-05-14 12:47 . 2010-05-14 12:47 -------- d-----w- c:\program files\Count Access Advancer 2010-05-14 12:47 . 2010-05-14 12:47 1105217 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\caasetup.exe 2010-05-14 12:47 . 2010-05-14 12:47 -------- d-----w- c:\program files\Automated Result Operator 2010-05-14 12:47 . 2010-05-14 12:46 829466 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\arosetup.exe 2010-05-14 12:46 . 2010-05-14 12:46 -------- dc-h--w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7} 2010-05-14 12:46 . 2010-05-14 12:46 -------- d-----w- c:\program files\GamezJoint Toolbar 2010-05-12 19:51 . 2010-04-25 11:02 -------- d-----w- c:\documents and settings\All Users\Application Data\Microsoft Help 2010-05-10 04:09 . 2010-05-14 12:46 356352 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbsh.dll 2010-05-10 04:09 . 2010-05-14 12:46 307200 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.dll 2010-05-10 04:09 . 2010-05-14 12:46 307200 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\48C8FBD2\B94081D6\ProductInfo.dll 2010-05-10 04:09 . 2010-05-14 12:46 586099 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbterm.exe 2010-05-10 04:09 . 2010-05-14 12:46 678582 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\3A0AAFF0\B94081D6\mvbsvc.exe 2010-05-10 04:09 . 2010-05-14 12:46 498358 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbpx.exe 2010-05-10 04:09 . 2010-05-14 12:46 539318 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\53CCABA1\B94081D6\mvbdl.exe 2010-05-10 04:09 . 2010-05-14 12:46 506550 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\93CE9E2B\B94081D6\mvbasst.exe 2010-05-10 04:09 . 2010-05-14 12:46 572086 -c--a-w- c:\documents and settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\75918810\B94081D6\mvbapp.exe 2010-05-07 20:34 . 2010-04-25 15:42 -------- d-----w- c:\documents and settings\Silvius\Application Data\Apple Computer 2010-05-07 20:18 . 2010-04-25 15:38 -------- d-----w- c:\program files\Common Files\Apple 2010-05-01 17:55 . 2010-04-25 09:46 73928 ----a-w- c:\documents and settings\Silvius\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-01 17:54 . 2010-04-25 11:05 -------- d-----w- c:\program files\MSBuild 2010-05-01 11:14 . 2010-04-25 14:29 -------- d-----w- c:\program files\Opera 2010-04-29 19:32 . 2010-04-25 09:36 86327 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-04-29 18:38 . 2010-04-25 11:05 -------- d-----w- c:\program files\Microsoft Works 2010-04-29 18:09 . 2010-04-25 10:18 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2010-04-29 16:01 . 2010-04-25 13:46 -------- d-----w- c:\documents and settings\All Users\Application Data\Yahoo! 2010-04-29 16:01 . 2010-04-25 11:25 -------- d-----w- c:\program files\Yahoo! 2010-04-28 10:25 . 2010-04-25 09:58 -------- d-----w- c:\program files\Common Files\Adobe 2010-04-26 14:45 . 2010-04-26 14:45 -------- d-----w- c:\program files\Ask.com 2010-04-26 12:12 . 2010-04-26 12:12 -------- d-----w- c:\documents and settings\Silvius\Application Data\Media Player Classic 2010-04-25 15:42 . 2010-04-25 15:41 -------- d-----w- c:\documents and settings\All Users\Application Data\{429CAD59-35B1-4DBC-BB6D-1DB246563521} 2010-04-25 15:41 . 2010-04-25 15:40 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple Computer 2010-04-25 15:40 . 2010-04-25 15:40 -------- d-----w- c:\program files\QuickTime 2010-04-25 15:39 . 2010-04-25 15:39 -------- d-----w- c:\program files\Apple Software Update 2010-04-25 15:38 . 2010-04-25 15:38 -------- d-----w- c:\documents and settings\All Users\Application Data\Apple 2010-04-25 14:53 . 2010-04-25 14:53 -------- d-----w- c:\program files\Combined Community Codec Pack 2010-04-25 14:49 . 2010-04-25 14:48 -------- d-----w- c:\program files\Joost 2010-04-25 14:46 . 2010-04-25 14:46 -------- d-----w- c:\documents and settings\Silvius\Application Data\Joost 2010-04-25 14:41 . 2010-04-25 14:41 -------- d-----w- c:\documents and settings\Silvius\Application Data\JLC's Software 2010-04-25 14:41 . 2010-04-25 14:41 -------- d-----w- c:\program files\JLC's Software 2010-04-25 14:33 . 2010-04-25 14:33 4286 ----a-r- c:\documents and settings\Silvius\Application Data\Microsoft\Installer\{37F9008D-20E7-4A0D-BF57-57AA9D5DA6D8}\_F836E56A9D4FC6B7322F4C.exe 2010-04-25 14:33 . 2010-04-25 14:33 4286 ----a-r- c:\documents and settings\Silvius\Application Data\Microsoft\Installer\{37F9008D-20E7-4A0D-BF57-57AA9D5DA6D8}\_050722CC25DEB57EC86707.exe 2010-04-25 14:33 . 2010-04-25 14:33 10134 ----a-r- c:\documents and settings\Silvius\Application Data\Microsoft\Installer\{37F9008D-20E7-4A0D-BF57-57AA9D5DA6D8}\_83BB12F3AD532243F12A07.exe 2010-04-25 13:53 . 2010-04-25 13:53 323624 ----a-w- c:\windows\system32\wiaaut.dll 2010-04-25 13:30 . 2010-04-25 11:09 -------- d-----w- c:\program files\Realtek 2010-04-25 13:30 . 2010-04-25 13:30 -------- d-----w- c:\documents and settings\Silvius\Application Data\InstallShield 2010-04-25 12:34 . 2010-04-25 12:34 -------- d-----w- c:\program files\FOX ONE 2010-04-25 12:24 . 2010-04-25 12:22 -------- d-----w- c:\program files\Intel 2010-04-25 12:24 . 2010-04-25 12:24 -------- d-----w- c:\program files\Marvell 2010-04-25 12:16 . 2010-04-25 12:16 -------- d-----w- c:\documents and settings\Silvius\Application Data\ATI 2010-04-25 12:16 . 2010-04-25 12:16 130 ----a-w- c:\documents and settings\Silvius\Local Settings\Application Data\fusioncache.dat 2010-04-25 12:10 . 2010-04-25 12:08 -------- d-----w- c:\program files\ATI Technologies 2010-04-25 12:09 . 2010-04-25 10:29 -------- d-----w- c:\program files\Common Files\InstallShield 2010-04-25 12:06 . 2010-04-25 12:06 -------- d-----w- c:\program files\LiveUpdate 2010-04-25 11:43 . 2010-04-25 11:43 -------- d-----w- c:\program files\Common Files\muvee Technologies 2010-04-25 11:43 . 2010-04-25 11:43 -------- d-----w- c:\program files\muvee Technologies 2010-04-25 11:43 . 2010-04-25 11:43 -------- d-----w- c:\documents and settings\All Users\Application Data\muvee Technologies 2010-04-25 11:40 . 2010-04-25 09:58 -------- d-----w- c:\program files\Gigabyte 2010-04-25 11:15 . 2010-04-25 11:15 5279 ----a-w- C:\huadio.tmp 2010-04-25 11:08 . 2010-04-25 11:08 -------- d-----w- c:\program files\PBX Telecom 2010-04-25 11:07 . 2010-04-25 11:07 -------- d-----w- c:\program files\Xradio 2010-04-25 11:07 . 2010-04-25 11:07 -------- d-----w- c:\documents and settings\Silvius\Application Data\xradio 2010-04-25 10:39 . 2010-04-25 10:38 -------- d-----w- c:\program files\Common Files\Softwin 2010-04-25 10:29 . 2010-04-25 10:29 -------- d-----w- c:\program files\Realtek Sound Manager 2010-04-25 10:29 . 2010-04-25 10:29 -------- d-----w- c:\program files\AvRack 2010-04-25 10:26 . 2010-04-25 10:26 -------- d-----w- c:\program files\Common Files\Nero 2010-04-25 10:26 . 2010-04-25 10:26 -------- d-----w- c:\documents and settings\Silvius\Application Data\Nero 2010-04-25 10:26 . 2010-04-25 10:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2010-04-25 10:26 . 2010-04-25 10:25 -------- d-----w- c:\program files\Nero 2010-04-25 10:19 . 2010-04-25 10:19 -------- d-----w- c:\documents and settings\Silvius\Application Data\Symantec 2010-04-25 09:37 . 2010-04-25 09:37 -------- d-----w- c:\program files\microsoft frontpage 2010-04-25 09:33 . 2010-04-25 09:33 21640 ----a-w- c:\windows\system32\emptyregdb.dat 2010-04-08 10:20 . 2010-04-08 10:20 91424 ----a-w- c:\windows\system32\dnssd.dll 2010-04-08 10:20 . 2010-04-08 10:20 107808 ----a-w- c:\windows\system32\dns-sd.exe 2010-03-10 06:15 . 2006-02-28 12:00 420352 ----a-w- c:\windows\system32\vbscript.dll . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* empty entries & legit default entries are not shown REGEDIT4 [HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}] 2010-02-04 13:50 1197448 ----a-w- c:\program files\Ask.com\GenericAskToolbar.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar] "{D4027C7F-154A-4066-A1AD-4243D8127440}"= "c:\program files\Ask.com\GenericAskToolbar.dll" [2010-02-04 1197448] [HKEY_CLASSES_ROOT\clsid\{d4027c7f-154a-4066-a1ad-4243d8127440}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd.1] [HKEY_CLASSES_ROOT\TypeLib\{2996F0E7-292B-4CAE-893F-47B8B1C05B56}] [HKEY_CLASSES_ROOT\GenericAskToolbar.ToolbarWnd] [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "Messenger (Yahoo!)"="c:\progra~1\Yahoo!\MESSEN~1\YahooMessenger.exe" [2010-03-19 5248312] "uTorrent"="c:\program files\uTorrent\uTorrent.exe" [2010-05-15 322352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "RTHDCPL"="RTHDCPL.EXE" [2006-04-03 16120832] "ATICCC"="c:\program files\ATI Technologies\ATI.ACE\cli.exe" [2006-01-02 45056] "QuickTime Task"="c:\program files\QuickTime\QTTask.exe" [2010-03-17 421888] "Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2010-04-04 36272] "Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2010-03-24 952768] "iTunesHelper"="c:\program files\iTunes\iTunesHelper.exe" [2010-04-28 142120] "snpstd3"="c:\windows\vsnpstd3.exe" [2006-09-19 827392] "Internet Connection Wizard Task"="c:\program files\Internet Connection Wizard\1.6.0.2350\InternetToday.exe" [2010-05-10 404150] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2010-03-02 282792] [HKEY_LOCAL_MACHINE\software\microsoft\security center] "AntiVirusOverride"=dword:00000001 [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\Microsoft Office\\Office12\\OUTLOOK.EXE"= "c:\\Program Files\\Yahoo!\\Messenger\\YahooMessenger.exe"= "c:\\Program Files\\PBX Telecom\\PBX TV\\pbxtv.exe"= "c:\\Program Files\\Opera\\opera.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Bonjour\\mDNSResponder.exe"= "c:\\Program Files\\iTunes\\iTunes.exe"= "c:\\Program Files\\TeamViewer\\Version5\\TeamViewer.exe"= R0 sptd;sptd;c:\windows\system32\drivers\sptd.sys [4/28/2010 4:51 PM 691696] R2 AntiVirSchedulerService;Avira AntiVir Scheduler;c:\program files\Avira\AntiVir Desktop\sched.exe [5/27/2010 7:41 PM 135336] R2 ETDrv;ETDrv;c:\windows\system32\drivers\ETDrv.sys [4/25/2010 2:18 PM 170128] R3 NtApm;NT Apm/Legacy Interface Driver;c:\windows\system32\drivers\NtApm.sys [4/25/2010 3:25 PM 9344] S3 huadio;huadio;C:\huadio.tmp [4/25/2010 2:15 PM 5279] S3 WMIBIOS;%WMIBIOS.ServiceName%;c:\windows\system32\drivers\wmibios.sys [4/25/2010 2:15 PM 18272] S3 WMIINFO;WMIINFO Driver;c:\windows\system32\drivers\wmiinfo.sys [4/25/2010 2:15 PM 21184] . Contents of the 'Scheduled Tasks' folder 2010-05-15 c:\windows\Tasks\AppleSoftwareUpdate.job - c:\program files\Apple Software Update\SoftwareUpdate.exe [2009-10-22 08:50] 2010-05-28 c:\windows\Tasks\Scheduled Update for Ask Toolbar.job - c:\program files\Ask.com\UpdateTask.exe [2010-02-04 13:50] . . ------- Supplementary Scan ------- . uStart Page = hxxp://www.daemon-search.com/startpage uInternet Settings,ProxyOverride = *.local IE: &Funband Serach - c:\program files\GamezJoint Toolbar\2.6.1.11950\mvb0.dll/MENUSEARCH.HTM IE: E&xport to Microsoft Excel - c:\progra~1\MICROS~2\Office12\EXCEL.EXE/3000 . - - - - ORPHANS REMOVED - - - - HKCU-Run-VideoBarApp - c:\program files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe HKCU-Run-EA Core - c:\program files\Electronic Arts\EADM\Core.exe HKLM-Run-BDSwitchAgent - c:\progra~1\Softwin\BITDEF~1\bdswitch.exe AddRemove-BrowserZinc - c:\program files\BrowserZinc\uninstall.exe AddRemove-WhenUSearch - c:\program files\WhenUSearch\Uninst.exe ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-28 11:57 Windows 5.1.2600 Service Pack 3 NTFS scanning hidden processes ... scanning hidden autostart entries ... scanning hidden files ... scan completed successfully hidden files: 0 ************************************************************************** Stealth MBR rootkit/Mebroot/Sinowal detector 0.3.7 by Gmer, http://www.gmer.net device: opened successfully user: MBR read successfully called modules: ntkrnlpa.exe CLASSPNP.SYS disk.sys atapi.sys splz.sys hal.dll >>UNKNOWN [0x87189938]<< kernel: MBR read successfully detected MBR rootkit hooks: \Driver\Disk -> CLASSPNP.SYS @ 0xf75d1f28 \Driver\atapi -> atapi.sys @ 0xf731cb40 IoDeviceObjectType -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014 ParseProcedure -> ntkrnlpa.exe @ 0x80577c76 \Device\Harddisk0\DR0 -> DeleteProcedure -> ntkrnlpa.exe @ 0x80579014 ParseProcedure -> ntkrnlpa.exe @ 0x80577c76 NDIS: Realtek RTL8169/8110 Family Gigabit Ethernet NIC -> SendCompleteHandler -> NDIS.sys @ 0xf7237bb0 PacketIndicateHandler -> NDIS.sys @ 0xf7226a0d SendHandler -> NDIS.sys @ 0xf723ab40 user & kernel MBR OK ************************************************************************** [HKEY_LOCAL_MACHINE\System\ControlSet003\Services\huadio] "ImagePath"="\??\c:\huadio.tmp" . --------------------- DLLs Loaded Under Running Processes --------------------- - - - - - - - > 'winlogon.exe'(700) c:\windows\system32\Ati2evxx.dll - - - - - - - > 'explorer.exe'(460) c:\windows\system32\WININET.dll c:\windows\system32\ieframe.dll c:\windows\system32\webcheck.dll . ------------------------ Other Running Processes ------------------------ . c:\windows\system32\Ati2evxx.exe c:\windows\system32\Ati2evxx.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\program files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe c:\program files\Bonjour\mDNSResponder.exe c:\windows\system32\inetsrv\inetinfo.exe c:\windows\system32\wdfmgr.exe c:\program files\Yahoo!\SoftwareUpdate\YahooAUService.exe c:\program files\Avira\AntiVir Desktop\avshadow.exe c:\windows\RTHDCPL.EXE c:\program files\iPod\bin\iPodService.exe c:\progra~1\Yahoo!\MESSEN~1\ymsgr_tray.exe . ************************************************************************** . Completion time: 2010-05-28 12:00:48 - machine was rebooted ComboFix-quarantined-files.txt 2010-05-28 09:00 Pre-Run: 175,614,201,856 bytes free Post-Run: 175,942,266,880 bytes free WindowsXP-KB310994-SP2-Pro-BootDisk-ENU.exe [boot loader] timeout=2 default=multi(0)disk(0)rdisk(0)partition(1)\WINDOWS [operating systems] c:\cmdcons\BOOTSECT.DAT="Microsoft Windows Recovery Console" /cmdcons multi(0)disk(0)rdisk(0)partition(1)\WINDOWS="Microsoft Windows XP Professional" /noexecute=optin /fastdetect Current=3 Default=3 Failed=2 LastKnownGood=4 Sets=1,2,3,4 - - End Of File - - 8063B0D271EC4222047CC0C6FF7ECD3C Uite rezultatele! Mai departe ce fac? |
#24
Posted 28 May 2010 - 11:53
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
silvius_tec07, on 28th May 2010, 12:09, said: Uite rezultatele! Mai departe ce fac? Am uitat sa spun: acuma merge IE si Windows Media Player si, chiar Avira, asa ca i-am dat o scanare! Uite rezultatele: Quote Avira AntiVir Personal Report file date: Friday, May 28, 2010 12:24 Scanning for 2167395 virus strains and unwanted programs. The program is running as an unrestricted full version. Online services are available: Licensee : Avira AntiVir Personal - FREE Antivirus Serial number : 0000149996-ADJIE-0000001 Platform : Windows XP Windows version : (Service Pack 3) [5.1.2600] Boot mode : Normally booted Username : SYSTEM Computer name : SILVIUS-063F023 Version information: BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00 AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/1/2010 10:37:38 AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/1/2010 10:57:04 LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 16:33:04 LUKERES.DLL : 10.0.0.1 12648 Bytes 2/10/2010 21:40:49 VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 07:05:36 VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 17:27:49 VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 15:37:42 VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 14:37:42 VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 09:29:03 VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 17:48:42 VBASE006.VDF : 7.10.6.83 2048 Bytes 4/15/2010 17:48:42 VBASE007.VDF : 7.10.6.84 2048 Bytes 4/15/2010 17:48:42 VBASE008.VDF : 7.10.6.85 2048 Bytes 4/15/2010 17:48:42 VBASE009.VDF : 7.10.6.86 2048 Bytes 4/15/2010 17:48:42 VBASE010.VDF : 7.10.6.87 2048 Bytes 4/15/2010 17:48:42 VBASE011.VDF : 7.10.6.88 2048 Bytes 4/15/2010 17:48:42 VBASE012.VDF : 7.10.6.89 2048 Bytes 4/15/2010 17:48:42 VBASE013.VDF : 7.10.6.90 2048 Bytes 4/15/2010 17:48:42 VBASE014.VDF : 7.10.6.123 126464 Bytes 4/19/2010 17:48:43 VBASE015.VDF : 7.10.6.152 123392 Bytes 4/21/2010 17:48:43 VBASE016.VDF : 7.10.6.178 122880 Bytes 4/22/2010 17:48:43 VBASE017.VDF : 7.10.6.206 120320 Bytes 4/26/2010 17:48:43 VBASE018.VDF : 7.10.6.232 99328 Bytes 4/28/2010 17:48:43 VBASE019.VDF : 7.10.7.2 155648 Bytes 4/30/2010 17:48:43 VBASE020.VDF : 7.10.7.26 119808 Bytes 5/4/2010 17:48:43 VBASE021.VDF : 7.10.7.51 118272 Bytes 5/6/2010 17:48:43 VBASE022.VDF : 7.10.7.75 404992 Bytes 5/10/2010 17:48:43 VBASE023.VDF : 7.10.7.100 125440 Bytes 5/13/2010 17:48:43 VBASE024.VDF : 7.10.7.119 177664 Bytes 5/17/2010 17:48:44 VBASE025.VDF : 7.10.7.139 129024 Bytes 5/19/2010 17:48:44 VBASE026.VDF : 7.10.7.157 145920 Bytes 5/21/2010 17:48:44 VBASE027.VDF : 7.10.7.173 147456 Bytes 5/25/2010 17:48:44 VBASE028.VDF : 7.10.7.174 2048 Bytes 5/25/2010 17:48:44 VBASE029.VDF : 7.10.7.175 2048 Bytes 5/25/2010 17:48:44 VBASE030.VDF : 7.10.7.176 2048 Bytes 5/25/2010 17:48:44 VBASE031.VDF : 7.10.7.187 129024 Bytes 5/27/2010 17:48:44 Engineversion : 8.2.1.242 AEVDF.DLL : 8.1.2.0 106868 Bytes 5/27/2010 17:48:45 AESCRIPT.DLL : 8.1.3.29 1343866 Bytes 5/27/2010 17:48:45 AESCN.DLL : 8.1.6.1 127347 Bytes 5/27/2010 17:48:45 AESBX.DLL : 8.1.3.1 254324 Bytes 5/27/2010 17:48:45 AERDL.DLL : 8.1.4.6 541043 Bytes 5/27/2010 17:48:45 AEPACK.DLL : 8.2.1.1 426358 Bytes 3/19/2010 10:34:51 AEOFFICE.DLL : 8.1.1.0 201081 Bytes 5/27/2010 17:48:44 AEHEUR.DLL : 8.1.1.27 2670967 Bytes 5/27/2010 17:48:44 AEHELP.DLL : 8.1.11.3 242039 Bytes 4/1/2010 14:05:25 AEGEN.DLL : 8.1.3.9 377203 Bytes 5/27/2010 17:48:44 AEEMU.DLL : 8.1.2.0 393588 Bytes 5/27/2010 17:48:44 AECORE.DLL : 8.1.15.3 192886 Bytes 5/27/2010 17:48:44 AEBB.DLL : 8.1.1.0 53618 Bytes 5/27/2010 17:48:44 AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 10:03:38 AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 10:03:35 AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 14:47:40 AVREG.DLL : 10.0.3.0 53096 Bytes 4/1/2010 10:35:46 AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/1/2010 10:39:51 AVARKT.DLL : 10.0.0.14 227176 Bytes 4/1/2010 10:22:13 AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 07:53:30 SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 10:57:58 AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 13:38:56 NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 12:41:00 RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 11:10:20 RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/9/2010 12:14:29 Configuration settings for the scan: Jobname.............................: Complete system scan Configuration file..................: c:\program files\avira\antivir desktop\sysscan.avp Logging.............................: low Primary action......................: interactive Secondary action....................: ignore Scan master boot sector.............: on Scan boot sector....................: on Boot sectors........................: C:, D:, Process scan........................: on Extended process scan...............: on Scan registry.......................: on Search for rootkits.................: on Integrity checking of system files..: off Scan all files......................: All files Scan archives.......................: on Recursion depth.....................: 20 Smart extensions....................: on Macro heuristic.....................: on File heuristic......................: medium Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+PFS,+SPR, Start of the scan: Friday, May 28, 2010 12:24 Starting search for hidden objects. HKEY_USERS\S-1-5-21-1078081533-1606980848-839522115-1003\Software\Microsoft\MediaPlayer\Preferences\autometadatacurrentdownloadcount [NOTE] The registry entry is invisible. HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\BITS\stateindex [NOTE] The registry entry is invisible. c:\windows\explorer.exe c:\WINDOWS\explorer.exe [NOTE] The process is not visible. The scan of running processes will be started Scan process 'rsmsink.exe' - '28' Module(s) have been scanned Scan process 'msdtc.exe' - '40' Module(s) have been scanned Scan process 'dllhost.exe' - '61' Module(s) have been scanned Scan process 'dllhost.exe' - '45' Module(s) have been scanned Scan process 'vssvc.exe' - '48' Module(s) have been scanned Scan process 'avscan.exe' - '70' Module(s) have been scanned Scan process 'avcenter.exe' - '62' Module(s) have been scanned Scan process 'opera.exe' - '72' Module(s) have been scanned Scan process 'wmplayer.exe' - '111' Module(s) have been scanned Scan process 'ctfmon.exe' - '25' Module(s) have been scanned Scan process 'explorer.exe' - '117' Module(s) have been scanned Scan process 'ymsgr_tray.exe' - '29' Module(s) have been scanned Scan process 'iPodService.exe' - '29' Module(s) have been scanned Scan process 'uTorrent.exe' - '57' Module(s) have been scanned Scan process 'avgnt.exe' - '50' Module(s) have been scanned Scan process 'vsnpstd3.exe' - '18' Module(s) have been scanned Scan process 'iTunesHelper.exe' - '67' Module(s) have been scanned Scan process 'RTHDCPL.EXE' - '36' Module(s) have been scanned Scan process 'avshadow.exe' - '26' Module(s) have been scanned Scan process 'YahooAUService.exe' - '43' Module(s) have been scanned Scan process 'wdfmgr.exe' - '15' Module(s) have been scanned Scan process 'svchost.exe' - '42' Module(s) have been scanned Scan process 'inetinfo.exe' - '70' Module(s) have been scanned Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned Scan process 'AppleMobileDeviceService.exe' - '29' Module(s) have been scanned Scan process 'avguard.exe' - '55' Module(s) have been scanned Scan process 'svchost.exe' - '34' Module(s) have been scanned Scan process 'sched.exe' - '43' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '20' Module(s) have been scanned Scan process 'spoolsv.exe' - '54' Module(s) have been scanned Scan process 'svchost.exe' - '38' Module(s) have been scanned Scan process 'svchost.exe' - '32' Module(s) have been scanned Scan process 'svchost.exe' - '165' Module(s) have been scanned Scan process 'svchost.exe' - '39' Module(s) have been scanned Scan process 'svchost.exe' - '53' Module(s) have been scanned Scan process 'Ati2evxx.exe' - '15' Module(s) have been scanned Scan process 'lsass.exe' - '59' Module(s) have been scanned Scan process 'services.exe' - '27' Module(s) have been scanned Scan process 'winlogon.exe' - '73' Module(s) have been scanned Scan process 'csrss.exe' - '14' Module(s) have been scanned Scan process 'smss.exe' - '2' Module(s) have been scanned Starting master boot sector scan: Master boot sector HD0 [INFO] No virus was found! Master boot sector HD1 [INFO] No virus was found! Master boot sector HD2 [INFO] No virus was found! Start scanning boot sectors: Boot sector 'C:\' [INFO] No virus was found! Boot sector 'D:\' [INFO] No virus was found! Starting to scan executable files (registry). The registry was scanned ( '1018' files ). Starting the file scan: Begin scan in 'C:\' C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\3A0AAFF0\B94081D6\mvbsvc.exe [DETECTION] Is the TR/Buzus.ebcx Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\48C8FBD2\B94081D6\ProductInfo.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\53CCABA1\B94081D6\mvbdl.exe [DETECTION] Is the TR/Buzus.ebdd Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\75918810\B94081D6\mvbapp.exe [DETECTION] Is the TR/Buzus.ebcu Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\93CE9E2B\B94081D6\mvbasst.exe [DETECTION] Is the TR/Buzus.ebcv Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\caasetup.exe [DETECTION] Is the TR/Meredrop.A.9804 Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbpx.exe [DETECTION] Is the TR/Buzus.ebcy Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbsh.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbterm.exe [DETECTION] Is the TR/Dropper.Gen Trojan C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Documents and Settings\Silvius\Local Settings\Application Data\GamezJoint Toolbar\2.6.1.11950\bin\mvbup.exe [DETECTION] Is the TR/Buzus.ebcz Trojan C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\mvbup.exe [DETECTION] Is the TR/Buzus.ebcz Trojan C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe [DETECTION] Is the TR/Buzus.ebct Trojan --> OFFLINE/75918810/B94081D6/mvbapp.exe [DETECTION] Is the TR/Buzus.ebcu Trojan --> OFFLINE/93CE9E2B/B94081D6/mvbasst.exe [DETECTION] Is the TR/Buzus.ebcv Trojan --> OFFLINE/53CCABA1/B94081D6/mvbdl.exe [DETECTION] Is the TR/Buzus.ebdd Trojan --> OFFLINE/mFileBagIDE.dll/bag/mvbpx.exe [DETECTION] Is the TR/Buzus.ebcy Trojan --> OFFLINE/3A0AAFF0/B94081D6/mvbsvc.exe [DETECTION] Is the TR/Buzus.ebcx Trojan --> OFFLINE/mFileBagIDE.dll/bag/mvbterm.exe [DETECTION] Is the TR/Dropper.Gen Trojan --> OFFLINE/mFileBagIDE.dll/bag/mvbsh.dll [1] Archive type: OVL --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan --> OFFLINE/48C8FBD2/B94081D6/ProductInfo.dll [1] Archive type: OVL --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan --> OFFLINE/mFileBagIDE.dll/bag/ProductInfo.dll [1] Archive type: OVL --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Advanced Access Controller\4.6.0.2670\FF\components\AACFFAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Automated Result Operator\4.6.0.2810\FF\components\AROFFAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Count Access Advancer\5.6.0.7190\chromesh.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Count Access Advancer\5.6.0.7190\Chrome\CAAChromeAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Count Access Advancer\5.6.0.7190\FF\components\CAAFFAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Customized Web Management\1.6.0.3840\FF\components\CWMFFAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\GamezJoint Toolbar\2.6.1.11950\ProductInfo.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Internet Connection Wizard\1.6.0.2350\ITConfigMgr.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Program Files\Internet Content Assistant\1.6.0.3960\icapx.exe [DETECTION] Is the TR/Buzus.ecau Trojan C:\Program Files\Internet Content Assistant\1.6.0.3960\FF\components\ICAFFAddOn.dll [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Qoobox\Quarantine\C\hc3hvi0.exe.vir [DETECTION] Is the TR/Agent.128512.D Trojan C:\Qoobox\Quarantine\C\r3fhr.exe.vir [DETECTION] Is the TR/Viking.B Trojan C:\Qoobox\Quarantine\C\Program Files\Automated Result Operator\4.6.0.2810\AROIEAddOn.dll.vir [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Qoobox\Quarantine\C\Program Files\Customized Web Management\1.6.0.3840\CWMIE.dll.vir [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Qoobox\Quarantine\C\Program Files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe.vir [DETECTION] Is the TR/Buzus.ebcu Trojan C:\Qoobox\Quarantine\C\Program Files\Internet Content Assistant\1.6.0.3960\ICAIE.dll.vir [0] Archive type: OVL [DETECTION] Is the TR/Buzus.M.96 Trojan --> Object [DETECTION] Is the TR/Buzus.M.96 Trojan C:\Qoobox\Quarantine\C\Program Files\WhenUSearch\search.htm.vir [DETECTION] Contains recognition pattern of the ADSPY/WhenUSearch.G adware or spyware C:\Qoobox\Quarantine\C\Program Files\WhenUSearch\Uninst.exe.vir [DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware Begin scan in 'D:\' Beginning disinfection: C:\Qoobox\Quarantine\C\Program Files\WhenUSearch\Uninst.exe.vir [DETECTION] Contains recognition pattern of the ADSPY/AdSpy.Gen adware or spyware [NOTE] The file was moved to the quarantine directory under the name '4f723c6b.qua'. C:\Qoobox\Quarantine\C\Program Files\WhenUSearch\search.htm.vir [DETECTION] Contains recognition pattern of the ADSPY/WhenUSearch.G adware or spyware [NOTE] The file was moved to the quarantine directory under the name '57ed13c3.qua'. C:\Qoobox\Quarantine\C\Program Files\Internet Content Assistant\1.6.0.3960\ICAIE.dll.vir [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '05924909.qua'. C:\Qoobox\Quarantine\C\Program Files\GamezJoint Toolbar\2.6.1.11950\mvbapp.exe.vir [DETECTION] Is the TR/Buzus.ebcu Trojan [NOTE] The file was moved to the quarantine directory under the name '6384071e.qua'. C:\Qoobox\Quarantine\C\Program Files\Customized Web Management\1.6.0.3840\CWMIE.dll.vir [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '262d2bc1.qua'. C:\Qoobox\Quarantine\C\Program Files\Automated Result Operator\4.6.0.2810\AROIEAddOn.dll.vir [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '593419a5.qua'. C:\Qoobox\Quarantine\C\r3fhr.exe.vir [DETECTION] Is the TR/Viking.B Trojan [NOTE] The file was moved to the quarantine directory under the name '15a735ce.qua'. C:\Qoobox\Quarantine\C\hc3hvi0.exe.vir [DETECTION] Is the TR/Agent.128512.D Trojan [NOTE] The file was moved to the quarantine directory under the name '69e875ae.qua'. C:\Program Files\Internet Content Assistant\1.6.0.3960\FF\components\ICAFFAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '44c05ac3.qua'. C:\Program Files\Internet Content Assistant\1.6.0.3960\icapx.exe [DETECTION] Is the TR/Buzus.ecau Trojan [NOTE] The file was moved to the quarantine directory under the name '5d886179.qua'. C:\Program Files\Internet Connection Wizard\1.6.0.2350\ITConfigMgr.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '31f64d5a.qua'. C:\Program Files\GamezJoint Toolbar\2.6.1.11950\ProductInfo.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '4063752d.qua'. C:\Program Files\Customized Web Management\1.6.0.3840\FF\components\CWMFFAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '4e5b440c.qua'. C:\Program Files\Count Access Advancer\5.6.0.7190\FF\components\CAAFFAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '0b7e3d78.qua'. C:\Program Files\Count Access Advancer\5.6.0.7190\Chrome\CAAChromeAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '027539d2.qua'. C:\Program Files\Count Access Advancer\5.6.0.7190\chromesh.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '5a052092.qua'. C:\Program Files\Automated Result Operator\4.6.0.2810\FF\components\AROFFAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '76ce5944.qua'. C:\Program Files\Advanced Access Controller\4.6.0.2670\FF\components\AACFFAddOn.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '483c39ad.qua'. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Setup.exe [DETECTION] Is the TR/Buzus.ebct Trojan [NOTE] The file was moved to the quarantine directory under the name '2b0312fa.qua'. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\productinfo.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '0dd65317.qua'. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\mvbup.exe [DETECTION] Is the TR/Buzus.ebcz Trojan [NOTE] The file was moved to the quarantine directory under the name '3f4d28be.qua'. C:\Documents and Settings\Silvius\Local Settings\Application Data\GamezJoint Toolbar\2.6.1.11950\bin\mvbup.exe [DETECTION] Is the TR/Buzus.ebcz Trojan [NOTE] The file was moved to the quarantine directory under the name '350803c0.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\ProductInfo.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '0a546789.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbterm.exe [DETECTION] Is the TR/Dropper.Gen Trojan [NOTE] The file was moved to the quarantine directory under the name '74776ba2.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbsh.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '210f6f6a.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\mvbpx.exe [DETECTION] Is the TR/Buzus.ebcy Trojan [NOTE] The file was moved to the quarantine directory under the name '2c991e42.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\mFileBagIDE.dll\bag\caasetup.exe [DETECTION] Is the TR/Meredrop.A.9804 Trojan [NOTE] The file was moved to the quarantine directory under the name '30c50bb4.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\93CE9E2B\B94081D6\mvbasst.exe [DETECTION] Is the TR/Buzus.ebcv Trojan [NOTE] The file was moved to the quarantine directory under the name '01174785.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\75918810\B94081D6\mvbapp.exe [DETECTION] Is the TR/Buzus.ebcu Trojan [NOTE] The file was moved to the quarantine directory under the name '6d4153b3.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\53CCABA1\B94081D6\mvbdl.exe [DETECTION] Is the TR/Buzus.ebdd Trojan [NOTE] The file was moved to the quarantine directory under the name '24db76b5.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\48C8FBD2\B94081D6\ProductInfo.dll [DETECTION] Is the TR/Buzus.M.96 Trojan [NOTE] The file was moved to the quarantine directory under the name '7f417e68.qua'. C:\Documents and Settings\All Users\Application Data\{CDD79DF9-3373-4A1D-9DB1-AA56711672D7}\OFFLINE\3A0AAFF0\B94081D6\mvbsvc.exe [DETECTION] Is the TR/Buzus.ebcx Trojan [NOTE] The file was moved to the quarantine directory under the name '19fc728d.qua'. End of the scan: Friday, May 28, 2010 13:19 Used time: 53:38 Minute(s) The scan has been done completely. 8558 Scanned directories 160091 Files were scanned 41 Viruses and/or unwanted programs were found 0 Files were classified as suspicious 0 files were deleted 0 Viruses and unwanted programs were repaired 32 Files were moved to quarantine 0 Files were renamed 160050 Files not concerned 1726 Archives were scanned 0 Warnings 32 Notes 357826 Objects were scanned with rootkit scan 3 Hidden objects were found Edited by silvius_tec07, 28 May 2010 - 12:21. |
#25
Posted 28 May 2010 - 12:45
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Pune urmatorul folder intr-o arhiva cu parola infected si trimite-mi un PM cu ea sau urc-o pe un server (de exemplu: http://www.rapidshare.com ) si trimite-mi PM cu link-ul de download sa trimit la analiza.
Quote C:\Qoobox NU ATASA ARHIVA SI NU POSTA LINK-UL DE DOWNLOAD PE FORUM ! Descarca Malwarebytes Anti-Malware 1.46 si salveaza-l pe Desktop. Instaleaza-l si la sfarsit asigura-te ca ai bifat urmatoarele: Update Malwarebytes' Anti-Malware si Launch Malwarebytes' Anti-Malware. Apoi apasa Finish. ![]() Dupa lansarea programului, click pe tab-ul Update si apasa butonul Check for Updates pentru a verifica daca definitiile descarcate sunt ultimele. Database version: 4XXX ![]() Click pe tab-ul Scanner, selecteaza Perform full scan si apoi apasa pe Scan. ![]() La terminarea scanarii apasa OK si apoi Show Results. ![]() ![]() Asigura-te ca e totul bifat si apoi apasa Remove Selected. ![]() ![]() La final se va deschide un fisier in Notepad cu rezultatele scanarii. Posteaza continutul lui aici. ![]() Daca ai dat restart pentru indepartare malware din PC, log-ul il gasesti in fereastra principala in cadrul tab-ului Logs. Verifica sa fie ultimul(dupa data din numele fisierului .txt.) ![]() |
#26
Posted 28 May 2010 - 12:54
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
crysty2k5, on 28th May 2010, 13:45, said: Pune urmatorul folder intr-o arhiva cu parola infected si trimite-mi un PM cu ea sau urc-o pe un server (de exemplu: http://www.rapidshare.com ) si trimite-mi PM cu link-ul de download sa trimit la analiza. NU ATASA ARHIVA SI NU POSTA LINK-UL DE DOWNLOAD PE FORUM ! Cum parolez arhiva? Daca ii dau file<password nu-mi apare parola! Ti-am trimis PM dar n-am reusit sa parolez arhiva! Edited by silvius_tec07, 28 May 2010 - 13:17. |
#27
Posted 28 May 2010 - 14:12
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Quote Malwarebytes' Anti-Malware 1.46 www.malwarebytes.org Versiunea bazei de date: 4151 Windows 5.1.2600 Service Pack 3 Internet Explorer 8.0.6001.18702 5/28/2010 3:11:24 PM mbam-log-2010-05-28 (15-11-24).txt Modul de scanare: Scanare completa (A:\|C:\|D:\|E:\|) Obiecte scanate: 175679 Timp trecut: 59 minute, 38 secunde Procese din Memorie Infectate: 0 Module de Memorie Infectate: 0 Chei de Registru Infectate: 13 Valori de Registru Infectate: 3 Date din Registru Infectate: 0 Foldere Infectate: 7 Fisiere Infectate: 55 Procese din Memorie Infectate: (Nu au fost detectate obiecte malicioase) Module de Memorie Infectate: (Nu au fost detectate obiecte malicioase) Chei de Registru Infectate: HKEY_CLASSES_ROOT\Interface\{480098c6-f6ad-4c61-9b5c-2bae228a34d1} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Interface\{6160f76a-1992-4b17-a32d-0c706d159105} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{3de88beb-f271-484a-ba71-01d30f439f0c} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{50ad41d2-b1f0-47cc-9ea7-395355eaeebd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{8ceb185e-81a5-46d3-bc20-c555d605afbd} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{a72522ba-9ff3-4c83-abc6-9b476728a396} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{c5762628-ae15-4ca6-96c4-b00dd17f3419} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\CLSID\{d062e03e-65ca-49e4-9b15-31938ba98922} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CLASSES_ROOT\Typelib\{883dfc00-8a21-411d-956c-73a4e4b7d16f} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{cac89ff9-34a9-4431-8cfe-292a47f843bc} (Adware.Agent) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\SOFTWARE\Microsoft\Explorer\Bars\{b72681c0-a222-4b21-a0e2-53a5a5ca3d411} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_CURRENT_USER\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\BrowserZinc (Adware.BrowserZinc) -> Quarantined and deleted successfully. Valori de Registru Infectate: HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{8141440e-08f0-4339-9959-5c31c6a69f23} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e63605fc-d583-4c81-867f-9457bdb3ea1b} (Adware.DoubleD) -> Quarantined and deleted successfully. HKEY_LOCAL_MACHINE\SOFTWARE\Mozilla\Firefox\Extensions\{e889f097-b0be-471b-89ad-b86b6f04b506} (Adware.DoubleD) -> Quarantined and deleted successfully. Date din Registru Infectate: (Nu au fost detectate obiecte malicioase) Foldere Infectate: C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2} (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Cache (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins (Adware.DoubleD) -> Quarantined and deleted successfully. Fisiere Infectate: C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\bg.jpg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\CurrentVersion.xml (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\ExtractZipFile.zip (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\icon.ico (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.dat (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\tdf.zip (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Cache\default1.dat (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Cache\loading.dat (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Cache\loading.gif (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Logo.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Option.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_RSS.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Search.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_Smiley_Config.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_01.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_02.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_03.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_04.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_05.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\Module_WebDropdown_06.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\pixel.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ProductInfo.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\profile.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\SearchEngineList.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\tbcore.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\ToolbarLayout.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentre.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Data\UpdateCentreBk.mx (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\About.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Component_ComboBox.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Logo.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Option_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_RSS_Menu.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_Search.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_01.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_02.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_03.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_04.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_05.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.mg (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Icons\Module_WebDropdown_06.png (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin1.skf (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin2.skf (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin3.skf (Adware.DoubleD) -> Quarantined and deleted successfully. C:\Documents and Settings\Silvius\Local Settings\Temporary Internet Files\{D45817B8-3EAD-4d1d-8FCA-EC63A8E35DE2}\TDF\Skins\myskin4.skf (Adware.DoubleD) -> Quarantined and deleted successfully. |
#29
Posted 28 May 2010 - 14:54
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
crysty2k5, on 28th May 2010, 15:20, said: Merci pentru arhiva. Mai sunt probleme ? Ar mai fi ceva, dar nu stiu daca e din cauza virusilor:[ http://img40.imageshack.us/img40/9025/oproblemamica.jpg - Pentru incarcare in pagina (embed) Click aici ] Daemon Toolsul imi da de asemenea invalid device (versiunile vechi), iar la versiunea LITE cand creez imagini virtuale imi spune ca licenta nu e buna! Edited by silvius_tec07, 28 May 2010 - 15:07. |
#30
Posted 28 May 2010 - 16:53
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
http://www.superanti...TTODAY.EXE.html
Descarca SUPERAntiSpyware 4.38.1004 si salveaza-l pe Desktop. Instaleaza-l, apoi deschide fereasta principala si apasa Check for Updates... Definition Database Version Core: 4XXX ![]() Dupa update, apasa Scan your Computer... Asigura-te ca e bifat Perform Complete Scan si apasa Next. ![]() Dupa scanare si afisarea rezultatelor, apasa Next. ![]() Apoi Yes. ![]() Posteaza apoi aici rezultatele scanarii. Edited by crysty2k5, 28 May 2010 - 16:55. |
#31
Posted 28 May 2010 - 18:50
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
AntySpaware-ul tau mi se blocheaza. Da de un fisier din C numit bu8 si pur si simplu nu mai vrea sa meraga. Plus ca se pare ca imi ingreuneaza si traficul pe internet. L-am updatat cum ai zis, dar nimic!
Edited by crysty2k5, 28 May 2010 - 19:20.
|
#33
Posted 29 May 2010 - 10:01
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
|
#35
Posted 29 May 2010 - 15:39
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
#36
Posted 29 May 2010 - 15:50
![](https://forum.softpedia.com//public/style_images/classic/post_offline.png)
Daca ala nu merge, incercam cu altceva...
Descarca a-squared Free si salveaza-l pe Desktop. Instaleaza-l, ruleaza-l, apasa Online Update sa aduci definitiile la zi. Apoi in stanga apasa pe Scan PC si alegi apoi in dreapta Deep Scan. La sfarsitul scanarii bifeaza tot, click pe Delete selected objects si click Save Report. Posteaza reportul AICI. |
Anunturi
▶ 0 user(s) are reading this topic
0 members, 0 guests, 0 anonymous users