[SPL]

Nici SuperAntiSpyware sau Malwarebites sunt pickinng asta. Funcţie de informaţiile pe care le-am văzut de la Google, acest program este destul de rău. Exista vreo modalitate de a avea grijă de acest lucru, fără a avea de a reformat sistemul?

Rapoarte:

Cod:

SUPERAntiSpyware Scan Log
http://www.superantispyware.com
Generated 03.04.2009 la 01:37 Application Version: 4.25.1014 Core Reguli Baza de date Version: 3784 Trace Reguli Baza de date a versiunilor: 1741 Tip scanare: scanare rapidă Total Scan Ora: 00:20:20 elemente de memorie scanate: 388 Memorie ameninţări detectate: 0 Registry produse scanate: 397 ameninţări Registru detectate: 0 imagini produse scanate: 14817 ameninţări File detectate: 4 Adware.Tracking Cookie C: \ Documents and Settings \ Administrator \ Cookies \ administrator @ atdmt [2]. txt C: \ Documents and Settings \ Administrator \ Cookies \ administrator @ tribalfusion [2]. txt C: \ Documents and Settings \ Administrator \ Cookies \ administrator @ DoubleClick [1]. txt C: \ Documents and Settings \ Administrator \ Cookies \ administrator@ad.yieldmanager [2]. txt

-------------

Cod:

Malwarebytes 'Anti-Malware 1.34 Baza de date versiune: 1817 Windows 5.1.2600 Service Pack 3 3/4/2009 2:12:49 mbam PM-log-2009-03-04 (14-12-49). De tip txt Scan: Quick Objects scanned: 58816 Time elapsed: 5 minute (s), 34 second (s) Memory Processes Infected: 0 Memory Modules Infected: 0 Registry Keys Infected: 0 Registry Values Infected: 0 Registry Data Items Infected: 0 Folders Infected: 0 imagini Infected: 0 Memory Processes Infected: (No items malware detectat) Module de memorie Infected: (No items malware detectat) Chei de Registry Infected: (No items malware detectat) Registry Values Infected: (No items malware detectat) Registry Data Items Infected: (No elemente de virusare detectat) Foldere infectate: (No items malware detectat) Files Infected: (No items malware detectat)

-----

Cod:

Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 2:14:26, pe 3.4.2009 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16791) Mod de boot: procese normală de funcţionare: C: \ WINDOWS \ system32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ Explorer.EXE C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ hkcmd.exe C: \ WINDOWS \ greutate \ updater \ wcmdmgr.exe C: \ Program Files \ Java \ jre6 \ bin \ jusched. exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNotifier.exe C: \ Program Files \ Common Files \ Ahead \ Lib \ NMBgMonitor.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware. exe C: \ Program Files \ Airlink101 \ AWLL3028 \ RtWLan.exe C: \ Program Files \ WinZip \ WZQKPICK.EXE C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexStoreSvr.exe C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe C: \ Program Files \ Trend Micro \ HijackThis \ HIJACKTHIS.EXE R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = www.google.com
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
 http://www.update.microsoft.com/wind...?1186278166578
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 -- Service: Java rapida Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ O23 jqs.exe - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Ahead \ lib \ NMIndexingService.exe - End of file - 5139 bytes

Am dezactivat BgMonitor folosind ccleaners Start Up funcţie (nu este sigur dacă acest lucru va face smecheria)
Screenshot:

[Hybr! D]

Nu e al malware-ului. Este o parte din Nero Scout, dezinstalaţi.