HEUR Trojan Generic

**kathymer** · #1 21 noiembrie 2008, 07:18

Salut Baieti,

I-am scris, pentru că de câteva zile în prezent, sunt probleme cu acest apel atât de troieni.

Am info de hijack Acest rezultate, poate să mă ajute cineva va rog??

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 10:16:57, pe 21/11/2008
Platforma: Windows XP SP3 (WINNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ WLTRYSVC.EXE
C: \ Windows \ system32 \ bcmwltry.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Archivos de programa \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
C: \ Windows \ system32 \ WLTRAY.exe
C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe
C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe
C: \ Windows \ system32 \ SearchIndexer.exe
C: \ Windows \ system32 \ hkcmd.exe
C: \ Windows \ system32 \ igfxpers.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ rundll32.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Javasoft \ JRE \ 1.3.1 \ bin \ javaw.ex e
C: \ Windows \ system32 \ wscntfy.exe
C: \ Windows \ system32 \ wbem \ wmiapsrv.exe
C: \ Archivos de programa \ Uniblue \ RegistryBooster \ RegistryBooster.e XE
C: \ Archivos de programa \ Windows Live \ Messenger \ msnmsgr.exe
C: \ WINDOWS \ explorer.exe
C: \ Archivos de programa \ Windows Live \ Messenger \ usnsvc.exe
C: \ Archivos de programa \ Mozilla Firefox \ firefox.exe
C: \ Archivos de programa \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Windows \ system32 \ HPBPRO.EXE

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Vínculos
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / "Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp]% ProgramFiles% \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
O4 - HKLM \ .. \ Run: [Broadcom Wireless Manager UI] C: \ Windows \ system32 \ WLTRAY.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Archivos de programa \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Archivos de programa \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [StatusClient] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe / auto
O4 - HKLM \ .. \ Run: [TomcatStartup] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ hpbpsttp.exe
O4 - HKLM \ .. \ Run: [HPLJ Config] C: \ Archivos de programa \ Hewlett-Packard \ HP LaserJet 1150_1300 \ SetConfig.exe-C Direct-p DOT4_001-pn "HP LaserJet 1150 PCL 5e" n-0 -- l-1033 SL 120000
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [igfxtray] C: \ Windows \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [AVP] "C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe"
O4 - HKLM \ .. \ Run: [f411a9e3] rundll32.exe "C: \ Windows \ system32 \ knqyluad.dll", b
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio LOCAL")
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio de culoare roşie")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: Recorte de pantalla Acasa rápido e de OneNote 2007.lnk = C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Global Startup: Căutare en el escritorio de Windows.lnk = C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
O8 - Extra context menu item: E & xportar o Microsoft Excel - res: / / C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra 'Tools' MENUITEM: Consola de Sun Java - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra button: Web trafic de protecţie statistici - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ SCIEPlgn.dll
O9 - Extra buton: Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: & Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra buton: HP Clipbook - (58ECB495-38F0-49cb-A538-10282ABF65E7) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra buton: HP Smart Selectaţi - (700259D7-1666-479a-93B1-3250410481E8) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ Archivos de programa \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (0BB9B244-504D-4515-AD0C-7D3102F43CEE): nume = 202.96.128.86 202.96.134.133
O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CS2 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ Archív ~ 1 \ Archív ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd.dll, C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
O23 - Service: Canon Camera de acces Biblioteca 8 (CCALib8) - Canon Inc - C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe
O23 - Service: Java rapida pentru începători (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc - C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C: \ Windows \ system32 \ WLTRYSVC.EXE

--
Sfârşit de fişier - 9813 bytes

Se aşteaptă de răspuns prompt,

Kathy

**evilfantasy** · #2 21 noiembrie 2008, 12:56

Bine ati venit la CJ.

Deschide HijackThis şi selectaţi Fă-un sistem de scanare numai.

Se pune un semn de selectare lângă următoarele menţiuni: (dacă există)

O4 - HKLM \ .. \ Run: [f411a9e3] rundll32.exe "C: \ Windows \ system32 \ knqyluad.dll", b

Important: Închideţi toate ferestrele deschise cu excepţia HijackThis apoi faceţi clic pe Fix verificate.

Odată finalizat, ieşire HijackThis.

----------

Notă: instrucţiunile de mai jos au fost create special pentru acest utilizator. Dacă nu sunteţi acest utilizator, NU urmaţi aceste direcţii în care acestea ar putea deteriora funcţionarea sistemului dvs.

Du-te la Start> Run şi de tip notepad.exe apoi faceţi clic pe OK

Copiaţi şi inseraţi mai jos în Notepad şi salvaţi ca fixme.reg pentru dvs. Spaţiul de lucru

Cod:

REGEDIT4 [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] "f411a9e3" =-

Localizaţi fixme.reg de pe desktop şi faceţi dublu-clic pe ea. Răspuns Da atunci când vi se cere să fuzioneze cu registri.

Asiguraţi-vă că spuneţi-mi dacă primiţi un mesaj de succes despre adăugarea de mai sus pentru a registry. Dacă nu primesc un mesaj de succes, aceasta nu funcţionează.

Ştergeţi fixme.reg de la Desktop.

----------

Vă rugăm să imprima aceste instrucţiuni deoarece acestea vor fi necesare mai târziu, când de acces la Internet nu este disponibilă.

Descărca SDFix de AndyManchesta şi salvaţi-l pe desktop.

Când se utilizează acest instrument, trebuie să utilizaţi Administrator de cont al sau cu un cont Drepturi administrative

Faceţi dublu clic SDFix.exe şi se va extrage fişierele% systemdrive%
(aceasta este unitatea care conţine directorul Windows, de obicei, C: \ SDFix).
Dacă nu îl folosiţi doar încă.

Reporniţi computerul în Safe Mode utilizând F8 metodă. Pentru a face acest lucru, reporniţi computerul şi după ascultarea computer sonor de o dată în timpul pornirii (dar înainte de Windows apare pictograma) apăsaţi tasta F8 în mod repetat. Va apărea un meniu cu mai multe opţiuni. Utilizaţi tastele săgeată pentru a naviga şi selectaţi opţiunea de a rula Windows in "Safe Mode".

Deschideţi SDFix dosar şi dublu clic RunThis.bat pentru a porni script-ul.

Tip Y pentru a începe procesul de curăţare.
Se va elimina orice Trojan Servicii sau intrările de registry găsit apoi vă solicită să apăsaţi orice tastă pentru a reporni.
Apăsaţi orice tastă şi se va reporni PC-ul.
În cazul în care PC-ul reporneşte, de Fixtool va rula din nou şi a termina procesul de eliminare apoi de afişare Terminate, Apăsaţi orice tastă pentru a termina script sarcină şi spaţiul de lucru pictograme.
Odată ce desktop icoane incarca SDFix raport se va deschide pe ecran şi, de asemenea, cu excepţia în SDFix ca dosarul Report.txt.
Copiaţi şi inseraţi conţinutul de rezultatele fişier Report.txt în următoarea replică, împreună cu un nou HijackThis jurnal (de la modul normal de boot).

**kathymer** · #3 24 noiembrie 2008, 06:18

Bună ziua Evil,

Ne pare rău pentru că nu au scris mai înainte, am avut de a merge la Hong Kong pentru afaceri. De aceea nu am avut timp să urmaţi instrucţiunile care zi, iar azi am aflat că a hijackthis log are deja schimbare.

Dacă aţi putea să aruncaţi o privire şi să-mi spui ce ar trebui să am acum, mi se va aprecia mai mult, o dată şi ne cerem scuze pentru întârziere.

Iat-o:

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 09:17:07, pe 24/11/2008
Platforma: Windows XP SP3 (WINNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ WLTRYSVC.EXE
C: \ Windows \ system32 \ bcmwltry.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ WINDOWS \ Explorer.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Archivos de programa \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
C: \ Windows \ system32 \ WLTRAY.exe
C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe
C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe
C: \ Windows \ system32 \ SearchIndexer.exe
C: \ Windows \ system32 \ hkcmd.exe
C: \ Windows \ system32 \ igfxpers.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Javasoft \ JRE \ 1.3.1 \ bin \ javaw.ex e
C: \ Windows \ system32 \ wscntfy.exe
C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe
C: \ Windows \ system32 \ wbem \ wmiapsrv.exe
C: \ Archivos de programa \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Windows \ system32 \ SearchProtocolHost.exe
C: \ Archivos de programa \ Mozilla Firefox \ firefox.exe
C: \ Archivos de programa \ Trend Micro \ HijackThis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Vínculos
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / "Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp]% ProgramFiles% \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
O4 - HKLM \ .. \ Run: [Broadcom Wireless Manager UI] C: \ Windows \ system32 \ WLTRAY.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Archivos de programa \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Archivos de programa \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [StatusClient] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe / auto
O4 - HKLM \ .. \ Run: [TomcatStartup] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ hpbpsttp.exe
O4 - HKLM \ .. \ Run: [HPLJ Config] C: \ Archivos de programa \ Hewlett-Packard \ HP LaserJet 1150_1300 \ SetConfig.exe-C Direct-p DOT4_001-pn "HP LaserJet 1150 PCL 5e" n-0 -- l-1033 SL 120000
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [igfxtray] C: \ Windows \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [AVP] "C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio LOCAL")
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio de culoare roşie")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: Recorte de pantalla Acasa rápido e de OneNote 2007.lnk = C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Global Startup: Căutare en el escritorio de Windows.lnk = C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
O8 - Extra context menu item: E & xportar o Microsoft Excel - res: / / C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra 'Tools' MENUITEM: Consola de Sun Java - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra button: Web trafic de protecţie statistici - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ SCIEPlgn.dll
O9 - Extra buton: Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: & Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra buton: HP Clipbook - (58ECB495-38F0-49cb-A538-10282ABF65E7) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra buton: HP Smart Selectaţi - (700259D7-1666-479a-93B1-3250410481E8) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ Archivos de programa \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (0BB9B244-504D-4515-AD0C-7D3102F43CEE): nume = 202.96.128.86 202.96.134.133
O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CS2 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ Archív ~ 1 \ Archív ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd.dll, C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
O23 - Service: Canon Camera de acces Biblioteca 8 (CCALib8) - Canon Inc - C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe
O23 - Service: Java rapida pentru începători (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc - C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C: \ Windows \ system32 \ WLTRYSVC.EXE

--
Sfârşit de fişier - 9627 bytes

Mulţumesc încă o dată şi pentru a aştepta răspunsul dvs.,

Kathy

**evilfantasy** · #4 24 noiembrie 2008, 10:24

Ne mai trebuie să facă SDFix de scanare.

Vă rugăm să imprima aceste instrucţiuni deoarece acestea vor fi necesare mai târziu, când de acces la Internet nu este disponibilă.

Descărca SDFix de AndyManchesta şi salvaţi-l pe desktop.

Când se utilizează acest instrument, trebuie să utilizaţi Administrator de cont al sau cu un cont Drepturi administrative

Faceţi dublu clic SDFix.exe şi se va extrage fişierele% systemdrive%
(aceasta este unitatea care conţine directorul Windows, de obicei, C: \ SDFix).
Dacă nu îl folosiţi doar încă.

Reporniţi computerul în Safe Mode utilizând F8 metodă. Pentru a face acest lucru, reporniţi computerul şi după ascultarea computer sonor de o dată în timpul pornirii (dar înainte de Windows apare pictograma) apăsaţi tasta F8 în mod repetat. Va apărea un meniu cu mai multe opţiuni. Utilizaţi tastele săgeată pentru a naviga şi selectaţi opţiunea de a rula Windows in "Safe Mode".

Deschideţi SDFix dosar şi dublu clic RunThis.bat pentru a porni script-ul.

Tip Y pentru a începe procesul de curăţare.
Se va elimina orice Trojan Servicii sau intrările de registry găsit apoi vă solicită să apăsaţi orice tastă pentru a reporni.
Apăsaţi orice tastă şi se va reporni PC-ul.
În cazul în care PC-ul reporneşte, de Fixtool va rula din nou şi a termina procesul de eliminare apoi de afişare Terminate, Apăsaţi orice tastă pentru a termina script sarcină şi spaţiul de lucru pictograme.
Odată ce desktop icoane incarca SDFix raport se va deschide pe ecran şi, de asemenea, cu excepţia în SDFix ca dosarul Report.txt.
Copiaţi şi inseraţi conţinutul de rezultatele fişier Report.txt în următoarea replică.

**kathymer** · #5 25 noiembrie 2008, 05:14

Bună ziua Evil, aici sunt rezultatele. Până în prezent, în care computerul este mare lucru. Multumesc mult. Lasă-mă să ştiu dacă are nevoie de nimic altceva de făcut.

SDFix: Version 1.240
Fugi de administrador pe 25/11/2008 de la 19:47

Microsoft Windows XP [Versiunea ¢ n 5.1.2600]
Rularea la: C: \ SDFix

Verificarea Servicii :

Restaurarea implicit de securitate Valori
Restaurarea Implicit fişierul Hosts

Repornirea

Verificarea Fişiere :

Trojan fişierele găsite:

C: \ Windows \ system32 \ ssqPihiH.dll - eliminat
C: \ Documents and Settings \ All Users \ Men £ Home \ Programas \ Acasa \. Protejate - eliminat
C: \ Documents and Settings \ TrackerVsrGroup \ Men £ Home \ Programas \ Acasa \. Protejate - eliminat
C: \ Archivos de programa \ iSecurity \ antivirusxp.bmp - eliminat
C: \ Archivos de programa \ iSecurity \ antivirusxp.ico - eliminat
C: \ Archivos de programa \ iSecurity \ antivirusxpi.bmp - eliminat
C: \ Archivos de programa \ iSecurity \ iSecurity.dat - eliminat
C: \ Archivos de programa \ iSecurity \ iSecurity.html - eliminat
C: \ Archivos de programa \ iSecurity \ systemdefender.bmp - eliminat
C: \ Archivos de programa \ iSecurity \ systemdefender.ico - eliminat
C: \ Archivos de programa \ iSecurity \ systemdefenderi.bmp - eliminat

Folder C: \ Archivos de programa \ IE Extensii - Înlăturat
Folder C: \ Archivos de programa \ iSecurity - Înlăturat
Folder C: \ Archivos de programa \ RichVideoCodec - Înlăturat
Folder C: \ Windows \ system32 \ 734914 - Înlăturat
Folder C: \ Windows \ system32 \ 931928 - Înlăturat

Ştergerea Temp Files

ADS Check :

Verificare finală :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit / stealth malware detector de Gmer, http://www.gmer.net
Rootkit scan 2008-11-25 20:01:58
Windows 5.1.2600 Service Pack 3 NTFS

scanare ascuns procese ...

scanare ascuns servicii & sistem de stup ...

scanare ascuns intrările registry ...

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows Search \ Aduna \ Windows \ SystemIndex]
"LogName" = "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Microsoft \ Search \ Data \ Applications \ Window s \ Proiecte \ SystemIndex \ SystemIndex.Ntfy10.gthr"
"SecondaryLogName" = "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Microsoft \ Search \ Data \ Applications \ Window s \ Proiecte \ SystemIndex \ SystemIndex.Ntfy11.gthr"

scanare fişiere ascunse ...

scanare sa finalizat cu succes
ascuns procesele: 0
ascuns servicii: 0
fişiere ascunse: 0

Rămas Servicii :

Autorizat de aplicaţii cheie Export:

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ standard de profil \ authorizedapplications \ lista]
"C: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe" = "C: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe: *: Disabled: @ xpsp2res.dll, -22019"
"C: \ \ Archivos de programa \ \ Ares \ \ Ares.exe" = "C: \ \ Archivos de programa \ \ Ares \ \ Ares.exe: *: Disabled: Ares P2P pentru Windows"
"C: \ \ WINDOWS \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" = "C: \ \ WINDOWS \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe: *: Disabled: @ xpsp3res.dll, -20000"
"C: \ \ Archivos de programa \ \ Hewlett-Packard \ \ Toolbox2.0 \ \ Javasoft \ \ JRE \ \ 1.3.1 \ \ bin \ \ ja vaw.exe" = "C: \ \ Archivos de programa \ \ Hewlett-Packard \ \ Toolbox2.0 \ \ Javasoft \ \ JRE \ \ 1.3.1 \ \ bin \ \ ja vaw.exe: *: Disabled: javaw "
"C: \ \ WINDOWS \ \ system32 \ \ mmc.exe" = "C: \ \ WINDOWS \ \ sys tem32 \ \ mmc.exe: *: Disabled: Microsoft Management Console"
"C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ GROOVE.EXE" = "C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ GROOVE.EXE: *: Disabled: Microsoft Office Groove "
"C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ ONENOTE.EXE" = "C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ ONENOTE.EXE: *: Disabled: Microsoft Office OneNote "
"C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ OUTLOOK.EXE" = "C: \ \ Archivos de programa \ \ Microsoft Office \ Office12 \ \ OUTLOOK.EXE: *: Disabled: Microsoft Office Outlook "
"C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe" = "C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe: *: Disabled: Windows Live Messenger "
"C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ livecall.exe" = "C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ livecall.exe: *: Disabled: Windows Live Messenger (Telefon) "
"C: \ \ Archivos de programa \ \ Messenger \ \ msmsgs.exe" = "C: \ \ Archivos de programa \ \ Messenger \ \ msmsgs.exe: *: Disabled: Windows Messenger"
"C: \ \ Documents and Settings \ \ Users.WINDOWS Toate \ \ datos de programa \ \ Kaspersky Lab Setup Files \ \ Kaspersky Internet Security 2009 \ \ engleză \ \ setup.exe" = "C: \ \ Documents and Settings \ \ Toate Users.WINDOWS \ \ datos de programa \ \ Kaspersky Lab Setup Files \ \ Kaspersky Internet Security 2009 \ \ engleză \ \ setup.exe: *: Disabled: Kaspersky Internet Security 2009 Setup "
"C: \ \ Archivos de programa \ \ Skype \ \ Phone \ \ Skype.exe" = "C: \ \ Archivos de programa \ \ Skype \ \ Phone \ \ Skype.exe: *: Disabled: Skype"
"C: \ \ Archivos de programa \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe" = "C: \ \ Archivos de programa \ \ Yahoo! \ \ Messenger \ \ YahooMessenger.exe: *: Disabled: Yahoo! Messenger "
"C: \ \ Archivos de programa \ \ AVG \ \ AVG8 \ \ avgupd.exe" = "C: \ \ Archivos de programa \ \ AVG \ \ AVG8 \ \ avgupd.exe: *: Enabled: avgupd.e XE"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ lista]
"% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" = "% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"% WINDIR% \ \ system32 \ \ sessmgr.exe" = "% WINDIR% \ \ syste m32 \ \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe" = "C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe: *: Enabled: Windows Live Messenger "
"C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ livecall.exe" = "C: \ \ Archivos de programa \ \ Windows Live \ \ Messenger \ \ livecall.exe: *: Enabled: Windows Live Messenger (Telefon) "

Rămas Fişiere :

File backups: - C: \ SDFix \ backups \ backups.zip

Fişiere cu Ascuns Atribute :

Duminica 12 martie 2006 10311680 .. SH. --- "C: \ Archivos de programa \ AVIConverter \ mencoder.exe"
Luni 14 aprilie 2008 60.416 A.SH. --- "C: \ Archivos de programa \ Outlook Express \ msimn.exe"
Sâmbătă 11 noiembrie 2006 4348 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ DRMv1.bak"
Marţi 13 noiembrie 2007 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp"
Marţi 13 februarie 2007 3.096.576 A.. H. --- "C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ U3 \ temp \ Launchpad Removal.exe"
Vineri 21 noiembrie 2008 18.922 H. ... --- "C: \ Documents and Settings \ Mauricio \ Mis documentos \ Erika \ Private \ Carti \ ~ WRL3517.tmp"

Finished!

Mulţumesc,

Kathy

**evilfantasy** · #6 25 noiembrie 2008, 11:56

Descărca Malwarebytes' Anti-Malware (MBAM)

Faceţi dublu-clic pe mbam-setup.exe şi urmăriţi solicitările pentru a instala programul.
La sfârşitul, asiguraţi-vă că un checkmark este plasat lângă următoarele:
- Update Malwarebytes' Anti-Malware
- Lansarea Malwarebytes' Anti-Malware
Apoi, faceţi clic pe Terminare.
Dacă o actualizare este găsit, va descărca şi instala ultima versiune.
După ce programul a încărcat, selectaţi Efectuaţi rapid de scanare, Apoi faceţi clic pe Scanare.
Când scanarea este completă, faceţi clic pe OK, Apoi Afişare rezultate pentru a vedea rezultatele.
Asiguraţi-vă că totul este verificată, şi faceţi clic pe Eliminaţi selectate.
Când este completat de dezinfecţie, un jurnal se va deschide în Notepad şi aţi putea să vi se ceară să Repornire. (A se vedea Nota Extra)
De jurnal este salvat automat de MBAM şi pot fi vizualizate, făcând clic pe tab-ul Rapoarte în MBAM.
Copiaţi şi inseraţi întregul raport în următoarea replică.

Extra Notă: Dacă MBAM întâlneşte un fişier care este dificil de a elimina, va fi prezentat cu 1 din 2 solicită, faceţi clic pe OK să fie şi să MBAM continua cu procesul de dezinfecţie, dacă este solicitat pentru a reporni computerul, vă rugăm să faceţi acest lucru imediat.

----------

Descărca aleator al sistemului de informaţii instrument (RSIT) prin sondaj / aleatoare de la şi salvaţi-l pe Desktop.

Faceţi dublu clic pe RSIT.exe pentru a rula.
Faceţi clic pe Continuare Avertisment de la ecran.
După ce a terminat, două jurnale va deschide.
log.txt <va fi maxim şi info.txt <va fi minimizate
Vă rugăm să posta conţinutul amândoi jurnalele în următorul răspuns.

----------

Înainte posta, vă rugăm să adăugaţi:
MBAM jurnal
RSIT log & info jurnalele

Notă: Este posibil să dureze două posturi pentru a obţine tot de la jurnalele de post.

**kathymer** · #7 29 noiembrie 2008, 08:10

Bună ziua Evil,

aici sunt de busteni:
Logfile de aleator al sistemului de informaţii instrument 1,04 (scris de aleatoare / random)
Fugi de Mauricio la 2008-11-29 23:03:34
Microsoft Windows XP Professional Service Pack 3
Sistemul de drive-ul C: are 50 GB (68%) liber de 73 GB
Total RAM: 1015 MB (53% gratuit)

Logfile de Trend Micro HijackThis v2.0.2
Scan salvate la 11:03:42, pe 29/11/2008
Platforma: Windows XP SP3 (WINNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ WLTRYSVC.EXE
C: \ Windows \ system32 \ bcmwltry.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ WINDOWS \ Explorer.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
C: \ Windows \ system32 \ SearchIndexer.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Archivos de programa \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
C: \ Windows \ system32 \ WLTRAY.exe
C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ Archivos de programa \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe
C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe
C: \ Windows \ system32 \ hkcmd.exe
C: \ Windows \ system32 \ igfxpers.exe
C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
C: \ Windows \ system32 \ wscntfy.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Javasoft \ JRE \ 1.3.1 \ bin \ javaw.ex e
C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe
C: \ Windows \ system32 \ wbem \ wmiapsrv.exe
C: \ Windows \ system32 \ rundll32.exe
C: \ Windows \ system32 \ SearchProtocolHost.exe
C: \ Archivos de programa \ Yahoo! \ Messenger \ ymsgr_tray.exe
C: \ Archivos de programa \ Mozilla Firefox \ firefox.exe
C: \ Documents and Settings \ Mauricio \ escritorio \ RSIT.exe
C: \ Archivos de programa \ Trend Micro \ HijackThis \ Mauricio.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Vínculos
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O2 - BHO: Yahoo! Bara de instrumente Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O2 - BHO: HP Print Enhancer - (0347C33E-8762-4905-BF09-768834316C61) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_printenhancer.dll
O2 - BHO: HP Print Clipuri - (053F9267-DC04-4294-A72C-58F732D338C0) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_framework.dll
O2 - BHO: Adobe PDF Link Helper - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Archivos de programa \ Archivos comunes \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Skype add-on (cap) - (22BF413B-C6D2-4d91-82A9-A0F997BA588C) - C: \ Archivos de programa \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O2 - BHO: AVG Safe Search - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - (no file)
O2 - BHO: IEVkbdBHO - (59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C) - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ ievkbd.dll
O2 - BHO: Groove SFG Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Archivos de programa \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live aplicacion auxiliar de Acasa Out - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Archivos de programa \ Archivos comunes \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: (no name) - (C08DF07A-3E49-4E25-9AB0-D3882835F153) - (no file)
O2 - BHO: Java (tm) Plug-in 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Archivos de programa \ Java \ jre6 \ lib \ implica \ jqs \ ie \ jqs_plugin.dl l
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / "Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [SigmatelSysTrayApp]% ProgramFiles% \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe
O4 - HKLM \ .. \ Run: [Broadcom Wireless Manager UI] C: \ Windows \ system32 \ WLTRAY.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Archivos de programa \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Archivos de programa \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [StatusClient] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe / auto
O4 - HKLM \ .. \ Run: [TomcatStartup] C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ hpbpsttp.exe
O4 - HKLM \ .. \ Run: [HPLJ Config] C: \ Archivos de programa \ Hewlett-Packard \ HP LaserJet 1150_1300 \ SetConfig.exe-C Direct-p DOT4_001-pn "HP LaserJet 1150 PCL 5e" n-0 -- l-1033 SL 120000
O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [igfxtray] C: \ Windows \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ Windows \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ Windows \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [AVP] "C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [Messenger (Yahoo!)] "C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe"-quiet
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio LOCAL")
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User "Servicio de culoare roşie")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Startup: Recorte de pantalla Acasa rápido e de OneNote 2007.lnk = C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Global Startup: Căutare en el escritorio de Windows.lnk = C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe
O8 - Extra context menu item: E & xportar o Microsoft Excel - res: / / C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra 'Tools' MENUITEM: Consola de Sun Java - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2iexp.dll
O9 - Extra button: Web trafic de protecţie statistici - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ SCIEPlgn.dll
O9 - Extra buton: Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' MENUITEM: & Enviar un OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ ONBttnIE.dll
O9 - Extra buton: HP Clipbook - (58ECB495-38F0-49cb-A538-10282ABF65E7) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra buton: HP Smart Selectaţi - (700259D7-1666-479a-93B1-3250410481E8) - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_extensions.dll
O9 - Extra button: Skype - (77BF5300-1474-4EC7-9980-D32B190E9B07) - C: \ Archivos de programa \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ Archív ~ 1 \ milionimi ~ 3 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Archivos de programa \ Messenger \ msmsgs.exe
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CCS \ Services \ Tcpip \ .. \ (0BB9B244-504D-4515-AD0C-7D3102F43CEE): nume = 202.96.128.86 202.96.134.133
O17 - HKLM \ SYSTEM \ CS1 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O17 - HKLM \ SYSTEM \ CS2 \ Services \ Tcpip \ .. \ (07376171-B8C5-429A-AEAD-0D95181A8685): nume = 210.132.31.2,221.5.88.88
O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveSystemServices.dll
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ Archív ~ 1 \ Archív ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
O20 - AppInit_DLLs: C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd.dll, C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd3.dll
O23 - Service: Kaspersky Anti-Virus (AVP) - Kaspersky Lab - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe
O23 - Service: Canon Camera de acces Biblioteca 8 (CCALib8) - Canon Inc - C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe
O23 - Service: Java rapida pentru începători (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc - C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C: \ Windows \ system32 \ WLTRYSVC.EXE

--
Sfârşit de fişier - 11628 bytes

====== Activităţi programate dosar ======

C: \ WINDOWS \ sarcini \ AppleSoftwareUpdate.job
C: \ WINDOWS \ sarcini \ enlgfqlf.job

====== Registri dump ======

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (02478D38-C3F9-4EFB-9B51-7695ECA05670)]
Yahoo! Bara de instrumente Helper - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0347C33E-8762-4905-BF09-768834316C61)]
HP Print Enhancer - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_printenhancer.dll [2007-03-03 1298024]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (053F9267-DC04-4294-A72C-58F732D338C0)]
HP Print Clipuri - C: \ Archivos de programa \ HP \ Smart Web Printing \ hpswp_framework.dll [2007-03-03 177768]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (18DF081C-E8AD-4283-A596-FA578C2EBDC3)]
Adobe PDF Link Helper - C: \ Archivos de programa \ Archivos comunes \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll [2008-06-12 75128]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (22BF413B-C6D2-4d91-82A9-A0F997BA588C)]
Skype add-on (cap) - C: \ Archivos de programa \ Skype \ Toolbars \ Internet Explorer \ SkypeIEPlugin.dll [2008-06-04 1404928]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0)]
AVG Căutare sigură

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C)]
IEVkbdBHO Clasa - C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ ievkbd.dll [2008-07-29 62728]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (72853161-30C5-4D22-B7F9-0BBC1D38A37E)]
Groove SFG Browser Helper - C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll [2007-08-24 2212224]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (761497BB-D6F0-462C-B6EB-D4DAF1D92D43)]
SSVHelper Class - C: \ Archivos de programa \ Java \ jre6 \ bin \ ssv.dll [2008-10-28 320920]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (7E853D72-626A-48EC-A868-BA8D5E23E045)]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9030D464-4C02-4ABF-8ECC-5164760863C6)]
Windows Live aplicacion auxiliar de Acasa Out - C: \ Archivos de programa \ Archivos comunes \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll [2007-09-20 328752]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (C08DF07A-3E49-4E25-9AB0-D3882835F153)]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (DBC80044-A445-435b-BC74-9C25C1C588A9)]
Java (tm) Plug-in 2 SSV Helper - C: \ Archivos de programa \ Java \ jre6 \ bin \ jp2ssv.dll [2008-10-28 34816]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (E7E6F031-17CE-4C07-BC86-EABFE594F69C)]
JQSIEStartDetectorImpl Clasa - C: \ Archivos de programa \ Java \ jre6 \ lib \ implica \ jqs \ ie \ jqs_plugin.dl l [2008-10-28 73728]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Toolbar]
(EF99BD32-C1FB-11D2-892F-0090271D4F88) - Yahoo! Bara de instrumente - C: \ Archivos de programa \ Yahoo! \ Companion \ Instalează \ cpn \ yt.dll [2006-10-26 440384]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run]
"IMJPMIG8.1" = C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EX E [2008-04-14 208952]
"PHIME2002ASync" = C: \ Windows \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE [2008-04-14 455168]
"PHIME2002A" = C: \ Windows \ system32 \ IME \ TINTLGNT \ Nuanţare SETP.EXE [2008-04-14 455168]
"GrooveMonitor" = C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveMonitor.exe [2007-08-24 33648]
"SigmatelSysTrayApp" = C: \ Archivos de programa \ SigmaTel \ C-Major Audio \ WDM \ stsystra.exe [2007-05-10 405504]
"Broadcom Wireless Manager UI" = C: \ Windows \ system32 \ WLTRAY.exe [2006-11-01 1392640]
"HP Software Update" = C: \ Archivos de programa \ HP \ HP Software Update \ HPWuSchd2.exe [2006-12-11 49152]
"Adobe Reader Speed Launcher" = C: \ Archivos de programa \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe [2008-06-12 34672]
"QuickTime Task" = C: \ Archivos de programa \ QuickTime \ QTTask.exe [2008-05-27 413696]
"StatusClient" = C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Apache Tomcat 4.0 \ webapps \ Unelte \ StatusClient \ StatusClient.exe [2002-12-17 36864]
"TomcatStartup" = C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ hpbpsttp.exe [2003-04-01 155648]
"HPLJ Config" = C: \ Archivos de programa \ Hewlett-Packard \ HP LaserJet 1150_1300 \ SetConfig.exe-C Direct-p DOT4_001-pn HP LaserJet 1150 PCL 5e n-0-l 1033-sl 120000 []
"SynTPEnh" = C: \ Archivos de programa \ Synaptics \ SynTP \ SynTPEnh.exe [2007-12-07 1024000]
"SunJavaUpdateSched" = C: \ Archivos de programa \ Java \ jre6 \ bin \ jusched.exe [2008-10-28 136600]
"igfxtray" = C: \ Windows \ system32 \ igfxtray.exe [2006-09-15 94208]
"igfxhkcmd" = C: \ Windows \ system32 \ hkcmd.exe [2006-09-15 77824]
"igfxpers" = C: \ Windows \ system32 \ igfxpers.exe [2006-09-15 118784]
"AVP" = C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe [2008-07-29 206088]

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = C: \ Windows \ system32 \ Ctfmon.exe [2008-04-14 15360]
"Messenger (Yahoo!)" = C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe [2008-11-05 4347120]

C: \ Documents and Settings \ Toate Users.WINDOWS \ Meniu Acasa \ Programas \ Acasa
Căutare en el escritorio de Windows.lnk - C: \ Archivos de programa \ Windows Desktop Search \ WindowsSearch.exe

C: \ Documents and Settings \ Mauricio \ Meniu Acasa \ Programas \ Acasa
Recorte de pantalla Acasa rápido e de OneNote 2007.lnk - C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTEM.EXE

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = "C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd.dll, C: \ Archív ~ 1 \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ mzvkbd3.dll"

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ igfxcui]
C: \ Windows \ system32 \ igfxdev.dll [2006-09-15 139264]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \ klogon]
C: \ Windows \ system32 \ klogon.dll [2008-07-29 218376]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ ShellServiceObjectDelayLoad]
UPnPMonitor - (e57ce738-33e8-4c51-8354-bb4de9d215d1) - C: \ Windows \ system32 \ upnpui.dll [2008-04-14 240128]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks]
"(B5A7F190-DDA6-4420-B3BA-52453494E6CD)" = C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll [2007-08-24 2212224]
"(56F9679E-7826-4C84-81F3-532071A8BCC5)" = C: \ Archivos de programa \ Windows Desktop Search \ MSNLNamespaceMgr.dll [2007-02-06 294400]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Policies \ System]
"dontdisplaylastusername" = 0
"legalnoticecaption" =
"legalnoticetext" =
"shutdownwithoutlogon" = 1
"undockwithoutlogon" = 1

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Policies \ Explorer]
"NoDriveTypeAutoRun" = 145

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ standard de profil \ authorizedapplications \ lista]
"C: \ Windows \ system32 \ sessmgr.exe" = "C: \ WINDOWS \ Syst em32 \ sessmgr.exe: *: Disabled: @ xpsp2res.dll, -22019"
"C: \ Archivos de programa \ Ares \ Ares.exe" = "C: \ Archivos de programa \ Ares \ Ares.exe: *: Disabled: Ares P2P pentru Windows"
"C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe" = "C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe: *: Disabled: @ xpsp3res.dll, -20000"
"C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Javasoft \ JRE \ 1.3.1 \ bin \ javaw.ex e" = "C: \ Archivos de programa \ Hewlett-Packard \ Toolbox2.0 \ Javasoft \ JRE \ 1.3.1 \ bin \ javaw.ex e: *: Disabled: javaw "
"C: \ Windows \ system32 \ mmc.exe" = "C: \ Windows \ system32 \ mmc.exe: *: Disabled: Microsoft Management Console"
"C: \ Archivos de programa \ Microsoft Office \ Office12 \ GROOVE.EXE" = "C: \ Archivos de programa \ Microsoft Office \ Office12 \ GROOVE.EXE: *: Disabled: Microsoft Office Groove"
"C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTE.EXE" = "C: \ Archivos de programa \ Microsoft Office \ Office12 \ ONENOTE.EXE: *: Disabled: Microsoft Office OneNote"
"C: \ Archivos de programa \ Microsoft Office \ Office12 \ OUTLOOK.EXE" = "C: \ Archivos de programa \ Microsoft Office \ Office12 \ OUTLOOK.EXE: *: Disabled: Microsoft Office Outlook"
"C: \ Archivos de programa \ Windows Live \ Messenger \ msnmsgr.exe" = "C: \ Archivos de programa \ Windows Live \ Messenger \ msnmsgr.exe: *: Disabled: Windows Live Messenger"
"C: \ Archivos de programa \ Windows Live \ Messenger \ livecall.exe" = "C: \ Archivos de programa \ Windows Live \ Messenger \ livecall.exe: *: Disabled: Windows Live Messenger (Telefon)"
"C: \ Archivos de programa \ Messenger \ msmsgs.exe" = "C: \ Archivos de programa \ Messenger \ msmsgs.exe: *: Disabled: Windows Messenger"
"C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Kaspersky Lab Setup Files \ Kaspersky Internet Security 2009 \ engleză \ setup.exe" = "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Kaspersky Lab Setup Files \ Kaspersky Internet Security 2009 \ engleză \ setup.exe: *: Disabled: Kaspersky Internet Security 2009 Setup "
"C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe" = "C: \ Archivos de programa \ Yahoo! \ Messenger \ YahooMessenger.exe: *: Dis abled: Yahoo! Messenger"
"C: \ Archivos de programa \ AVG \ AVG8 \ avgupd.exe" = "C: \ Archivos de programa \ AVG \ AVG8 \ avgupd.exe: *: Enabled: avgupd.exe"
"C: \ Archivos de programa \ Skype \ Phone \ Skype.exe" = "C: \ Archivos de programa \ Skype \ Phone \ Skype.exe: *: Enabled: Skype"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ lista]
"% WINDIR% \ Reţeaua de diagnostic \ xpnetdiag.exe" = "% WINDIR% \ Reţeaua de diagnostic \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"% WINDIR% \ system32 \ sessmgr.exe" = "% WINDIR% \ system32 \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"C: \ Archivos de programa \ Windows Live \ Messenger \ msnmsgr.exe" = "C: \ Archivos de programa \ Windows Live \ Messenger \ msnmsgr.exe: *: Enabled: Windows Live Messenger"
"C: \ Archivos de programa \ Windows Live \ Messenger \ livecall.exe" = "C: \ Archivos de programa \ Windows Live \ Messenger \ livecall.exe: *: Enabled: Windows Live Messenger (Telefon)"

====== Lista de fişiere / foldere create din ultimele 1 luna ======

2008-11-29 23:03:33 ---- D ---- C: \ rsit
2008-11-29 22:41:40 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ Malwarebytes
2008-11-29 22:41:23 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Malwarebytes
2008-11-29 22:41:23 ---- D ---- C: \ Archivos de programa \ Malwarebytes' Anti-Malware
2008-11-29 09:19:41 ---- SH ---- C: \ Windows \ system32 \ dhtngaxu.ini
2008-11-27 22:05:52 ---- SH ---- C: \ Windows \ system32 \ pugslxae.ini
2008-11-26 22:03:57 ---- SH ---- C: \ Windows \ system32 \ eukkiphh.ini
2008-11-25 19:41:04 ---- D ---- C: \ WINDOWS \ ERUNT
2008-11-25 11:01:26 ---- SH ---- C: \ Windows \ system32 \ lulxsfxo.ini
2008-11-24 21:19:15 ---- D ---- C: \ SDFix
2008-11-24 07:58:30 ---- SH ---- C: \ Windows \ system32 \ xgvvibbj.ini
2008-11-22 08:27:10 ---- SH ---- C: \ Windows \ system32 \ pqukverl.ini
2008-11-21 21:52:02 ---- D ---- C: \ Archivos de programa \ Trend Micro
2008-11-21 08:24:21 ---- SH ---- C: \ Windows \ system32 \ daulyqnk.ini
2008-11-21 07:57:32 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ Desktopicon
2008-11-21 07:57:23 ---- D ---- C: \ Archivos de programa \ Unlocker
2008-11-20 08:08:07 ---- O ---- C: \ WINDOWS \ ntbtlog.txt
2008-11-19 23:33:53 ---- SH ---- C: \ Windows \ system32 \ hhgdaqoj.ini
2008-11-19 20:40:38 ---- D ---- C: \ Windows \ system32 \ NtmsData
2008-11-19 00:35:14 ---- D ---- C: \ WINDOWS \ RegisteredPackages
2008-11-19 00:18:12 ---- N ---- C: \ Windows \ system32 \ pxcpya64.exe
2008-11-19 00:17:54 ---- N ---- C: \ Windows \ system32 \ pxinsa64.exe
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ vxblock.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxwave.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxsfs.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxmas.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxhpinst.exe
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxdrv.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ pxafs.dll
2008-11-19 00:17:50 ---- N ---- C: \ Windows \ system32 \ px.dll
2008-11-19 00:16:06 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ Winamp
2008-11-19 00:16:06 ---- D ---- C: \ Archivos de programa \ Winamp
2008-11-18 23:18:58 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Kaspersky Lab
2008-11-18 23:18:58 ---- D ---- C: \ Archivos de programa \ Kaspersky Lab
2008-11-18 22:53:33 ---- SH ---- C: \ Windows \ system32 \ gpifbath.ini
2008-11-18 22:53:08 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Yahoo! Companion
2008-11-18 22:52:54 ---- O ---- C: \ Windows \ system32 \ ff326d9d-.txt
2008-11-18 22:49:38 ---- Ash ---- C: \ Windows \ system32 \ OrBIOqss.ini
2008-11-18 21:50:39 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Kaspersky Lab Setup Files
2008-11-18 21:50:11 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Avg8
2008-11-18 21:01:02 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ Yahoo!
2008-11-18 21:00:55 ---- D ---- C: \ Archivos de programa \ Yahoo!
2008-11-16 18:22:11 ---- O ---- C: \ Windows \ system32 \ igfxres.dll
2008-11-16 18:14:28 ---- O ---- C: \ Windows \ system32 \ iAlmCoIn_v4693.dll
2008-11-16 18:14:04 ---- D ---- C: \ Archivos de programa \ Lenovo
2008-11-16 18:13:02 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ InstallShield
2008-11-16 17:07:04 ---- D ---- C: \ Archivos de programa \ Ares
2008-11-16 07:56:56 ---- hdc ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (51019853-129c-4EDE-9030-D5FD7BBD9AD0)
2008-11-16 07:50:56 ---- N ---- C: \ Windows \ system32 \ spmsg2.dll
2008-11-16 07:50:46 ---- hdc ---- C: \ WINDOWS \ $ $ NtUninstallXPSEPSCLP
2008-11-16 07:45:41 ---- D ---- C: \ Windows \ system32 \ XPSViewer
2008-11-16 07:45:33 ---- D ---- C: \ Windows \ system32 \ en-US
2008-11-16 07:45:22 ---- D ---- C: \ Archivos de programa \ Referinţă adunări
2008-11-16 07:43:37 ---- N ---- C: \ Windows \ system32 \ prntvpt.dll
2008-11-16 07:43:36 ---- N ---- C: \ Windows \ system32 \ xpssvcs.dll
2008-11-16 07:43:36 ---- N ---- C: \ Windows \ system32 \ xpsshhdr.dll
2008-11-16 07:43:35 ---- D ---- C: \ 5f1fa5494e63fddfbdfa29aa67bcdc5a
2008-11-16 07:32:05 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ DriverScanner
2008-11-16 07:30:14 ---- hdc ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (D5ABFFAD-D592-4F98-B02B-587125B4801F)
2008-11-16 07:27:18 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ Uniblue
2008-11-16 07:26:25 ---- D ---- C: \ Archivos de programa \ Uniblue
2008-11-16 07:25:46 ---- hdc ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (B46E1EF5-0B37-4DB4-A4E2-9F2B41036185)
2008-10-31 20:38:38 ---- O ---- C: \ Windows \ system32 \ vfwwdm32.dll
2008-10-30 19:39:53 ---- D ---- C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ QuickTime
2008-10-30 19:39:05 ---- D ---- C: \ Archivos de programa \ Archivos comunes \ Ulead Systems
2008-10-30 19:38:30 ---- D ---- C: \ Archivos de programa \ InterVideo Serviciul de Informaţii
2008-10-30 19:38:30 ---- D ---- C: \ Archivos de programa \ Archivos comunes \ Ulead
2008-10-30 19:37:27 ---- D ---- C: \ Archivos de programa \ Archivos comunes \ InterVideo
2008-10-30 19:37:22 ---- D ---- C: \ Archivos de programa \ InterVideo
2008-10-30 19:37:22 ---- O ---- C: \ WINDOWS \ mws.exe
2008-10-30 19:37:13 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ InterVideo
2008-10-30 19:36:31 ---- D ---- C: \ Archivos de programa \ Digital Camera

====== Lista de fişiere / foldere modificate din ultimele 1 luna ======

2008-11-29 23:02:55 ---- D ---- C: \ WINDOWS \ Temp
2008-11-29 23:01:22 ---- D ---- C: \ Archivos de programa \ Mozilla Firefox
2008-11-29 22:59:43 ---- D ---- C: \ WINDOWS
2008-11-29 22:58:13 ---- D ---- C: \ Windows \ system32 \ drivers
2008-11-29 22:58:13 ---- D ---- C: \ Windows \ system32
2008-11-29 22:57:31 ---- O ---- C: \ WINDOWS \ SchedLgU.Txt
2008-11-29 22:41:23 RD ---- ---- C: \ Archivos de programa
2008-11-29 09:39:51 ---- D ---- C: \ Archivos de programa \ Mozilla Thunderbird
2008-11-28 20:28:20 ---- D ---- C: \ Windows \ system32 \ Catroot2
2008-11-26 00:42:28 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ Skype
2008-11-25 22:39:44 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ skypePM
2008-11-21 09:46:32 ---- O ---- C: \ Windows \ system32 \ PerfStringBackup.INI
2008-11-21 08:20:19 ---- O ---- C: \ WINDOWS \ OEWABLog.txt
2008-11-21 01:29:03 ---- SHD ---- C: \ System Volume Information
2008-11-21 01:29:03 ---- D ---- C: \ Windows \ system32 \ Restore
2008-11-21 00:01:59 ---- D ---- C: \ Program Files
2008-11-20 12:39:56 ---- D ---- C: \ WINDOWS \ prefetch
2008-11-20 08:14:06 ---- SHD ---- C: \ RECYCLER
2008-11-20 08:09:06 ---- D ---- C: \ Documents and Settings
2008-11-19 20:08:01 ---- D ---- C: \ WINDOWS \ Ajutor
2008-11-19 20:00:27 ---- D ---- C: \ Windows \ system32 \ config
2008-11-19 07:15:53 ---- D ---- C: \ WINDOWS \ securitate
2008-11-19 00:45:38 ---- D ---- C: \ WINDOWS \ Debug
2008-11-19 00:45:24 ---- HD ---- C: \ Windows \ Inf
2008-11-19 00:42:49 ---- RSHDC ---- C: \ Windows \ system32 \ dllcache
2008-11-18 23:26:21 ---- SHD ---- C: \ Windows \ Installer
2008-11-18 23:26:18 ---- HD ---- C: \ Config.Msi
2008-11-18 22:54:46 ---- D ---- C: \ WINDOWS \ reţea de diagnostic
2008-11-18 22:39:38 ---- SD ---- C: \ WINDOWS \ Tasks
2008-11-18 22:05:01 ---- RSD ---- C: \ WINDOWS \ Fonts
2008-11-18 20:27:00 ---- erupţie ---- C: \ boot.ini
2008-11-16 21:31:33 ---- D ---- C: \ WINDOWS \ Microsoft.NET
2008-11-16 21:31:31 ---- RSD ---- C: \ WINDOWS \ asamblare
2008-11-16 19:29:33 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ ZoomBrowser EX
2008-11-16 19:12:02 ---- D ---- C: \ Documents and Settings \ Mauricio \ datos de programa \ CameraWindowDC
2008-11-16 18:19:17 DC ---- ---- C: \ Windows \ system32 \ DRVSTORE
2008-11-16 18:18:59 ---- D ---- C: \ Archivos de programa \ Broadcom
2008-11-16 18:15:38 ---- D ---- C: \ Windows \ system32 \ ReinstallBackups
2008-11-16 18:14:04 ---- HD ---- C: \ Archivos de programa \ InstallShield Installation Information
2008-11-16 18:12:53 ---- D ---- C: \ drivers
2008-11-16 18:00:33 ---- D ---- C: \ Archivos de programa \ VideoLAN
2008-11-16 17:49:54 ---- D ---- C: \ i386
2008-11-16 07:51:08 ---- O ---- C: \ WINDOWS \ imsins.BAK
2008-11-16 07:50:04 ---- D ---- C: \ Windows \ system32 \ es-ES
2008-11-16 07:45:35 ---- D ---- C: \ Archivos de programa \ MSBuild
2008-11-16 07:41:29 ---- D ---- C: \ WINDOWS \ WinSxS
2008-10-30 19:40:39 ---- D ---- C: \ Archivos de programa \ Google
2008-10-30 19:39:05 ---- D ---- C: \ Archivos de programa \ Archivos comunes
2008-10-30 19:36:32 ---- D ---- C: \ windows \ system

====== Lista de drivere (R = Rularea, S = oprit, 0 = Boot, 1 = System, 2 = Auto, 3 = cerere, 4 = Disabled )======

R1 intelppm; Controlador de procesador Intel; C: \ WINDOWS \ system32 \ drivers \ intelppm.sys [2008-04-14 40576]
R1 KLIF; Kaspersky Lab Driver; C: \ WINDOWS \ system32 \ drivers \ klif.sys [2008-11-18 213008]
R3 BCM43XX; Controlador de la Tarjeta de roşu inalámbrica WLAN de Dell; C: \ WINDOWS \ system32 \ drivers \ bcmwl5.sys [2006-10-12 604928]
R3 bcm4sbxp; Broadcom 440x 10/100 integrat Controller Driver XP; C: \ WINDOWS \ system32 \ drivers \ bcm4sbxp.sys [2006-11-21 45568]
R3 CmBatt; Controlador de batería de método de control ACPI de Microsoft; C: \ WINDOWS \ system32 \ drivers \ CmBatt.sys [2008-04-14 13952]
R3 HDAudBus; Controlador de autobuz de la Microsoft UAA para audio de înaltă definiţie; C: \ WINDOWS \ system32 \ drivers \ HDAudBus.sys [2008-04-14 144384]
R3 ialm; ialm; C: \ WINDOWS \ system32 \ drivers \ ialmnt5.sys [2006-09-15 1173468]
R3 Iviaspi; IVI ASPI Shell; C: \ Windows \ system32 \ drivers \ iviaspi.sys [2006-11-22 16024]
R3 klim5; Kaspersky Anti-Virus NDIS Filter; C: \ WINDOWS \ system32 \ drivers \ klim5.sys [2008-04-30 24592]
R3 NWADI; NWADI Bus enumeratorul; C: \ WINDOWS \ system32 \ drivers \ NWADIenum.sys [2006-03-27 74752]
R3 STHDA; SigmaTel High Definition Audio CODEC; C: \ Windows \ system32 \ drivers \ sthda.sys [2007-05-10 1222840]
R3 SynTP; Synaptics TouchPad Driver; C: \ WINDOWS \ system32 \ drivers \ SynTP.sys [2007-12-07 220032]
R3 usbehci; Controlador minipuerto DE LA controladora mejorada USB 2.0 de la Microsoft; C: \ WINDOWS \ system32 \ drivers \ Usbehci.sys [2008-04-14 30208]
R3 usbhub; Concentrador habilitado USB2; C: \ WINDOWS \ system32 \ drivers \ Usbhub.sys [2008-04-14 59520]
R3 usbuhci; Controlador minipuerto DE LA controladora de gazdă universal USB de la Microsoft; C: \ WINDOWS \ system32 \ drivers \ Usbuhci.sys [2008-04-14 20608]
S3 catchme; catchme; \?? \ C: \ DOCUME ~ 1 \ Mauricio \ CONFIG ~ 1 \ temp \ catchme.sys []
S3 CCDECODE; Descodificador de título Cerrado; C: \ WINDOWS \ system32 \ drivers \ CCDECODE.sys [2008-04-14 17024]
S3 DOT4; Controlador IEEE MS-1284,4; C: \ WINDOWS \ system32 \ drivers \ Dot4.sys [2008-04-14 206976]
S3 Dot4Print; Controlador de clase de impresión para IEEE-1284,4; C: \ WINDOWS \ system32 \ drivers \ Dot4Prt.sys [2001-08-18 12928]
S3 dot4usb; MS Dot4USB Filtru Dot4USB Filter; C: \ WINDOWS \ system32 \ drivers \ dot4usb.sys [2001-08-23 24064]
S3 hidusb; Controlador de clases HID de Microsoft; C: \ WINDOWS \ system32 \ drivers \ hidusb.sys [2008-04-14 10368]
S3 HPZid412; IEEE-1284,4 Driver HPZid412; C: \ WINDOWS \ system32 \ drivers \ HPZid412.sys [2006-12-03 49920]
S3 HPZipr12; Print Driver pentru clasa IEEE-1284,4 HPZipr12; C: \ WINDOWS \ system32 \ drivers \ HPZipr12.sys [2006-12-03 16496]
S3 HPZius12; USB la IEEE-1284,4 Traduceri Driver HPZius12; C: \ WINDOWS \ system32 \ drivers \ HPZius12.sys [2006-12-03 21568]
S3 mouhid; Controlador HID de mouse; C: \ WINDOWS \ system32 \ drivers \ mouhid.sys [2001-08-24 12416]
S3 MSTEE; Convertidor tee / Chiuveta-la-Chiuveta de transferencia de Microsoft; C: \ Windows \ system32 \ drivers \ MSTEE.sys [2008-04-14 5504]
S3 NABTSFEC; Codec NABTS / FEC VBI; C: \ WINDOWS \ system32 \ drivers \ NABTSFEC.sys [2008-04-14 85248]
S3 NdisIP; Conexión de TV / video de la Microsoft; C: \ WINDOWS \ system32 \ drivers \ NdisIP.sys [2008-04-14 10880]
S3 PCASp50; PCASp50 Driver NDIS protocol; C: \ Windows \ system32 \ Drivers \ PCASp50.sys [2006-04-10 18560]
S3 Slip; BDA Slip De-Framer; C: \ WINDOWS \ system32 \ drivers \ SLIP.sys [2008-04-14 11136]
S3 streamip; Receptor BDA IP; C: \ WINDOWS \ system32 \ drivers \ StreamIP.sys [2008-04-14 15232]
S3 usbccgp; Controlador primario genérico USB de la Microsoft; C: \ WINDOWS \ system32 \ drivers \ usbccgp.sys [2008-04-14 32128]
S3 usbprint; Clase de impresora USB de la Microsoft; C: \ WINDOWS \ system32 \ drivers \ usbprint.sys [2008-04-14 25856]
S3 usbscan; Controlador de escáner USB; C: \ WINDOWS \ system32 \ drivers \ usbscan.sys [2008-04-14 15104]
S3 USBSTOR; Dispositivo de almacenamiento masivo de date USB; C: \ WINDOWS \ system32 \ drivers \ USBSTOR.SYS [2008-04-14 26368]
S3 usbvideo; Dispositivo de Vídeo USB (WDM); C: \ Windows \ system32 \ Drivers \ usbvideo.sys [2008-04-14 121984]
S3 WSTCODEC; Codec de teletexto estándar mundial; C: \ WINDOWS \ system32 \ drivers \ WSTCODEC.SYS [2008-04-14 19200]
S4 WS2IFSL; Entorno de compatibilidad con Proveedores de Servicios nu IFS de Windows Socket 2.0; C: \ Windows \ system32 \ drivers \ ws2ifsl.sys [2001-08-24 12032]

====== Lista de servicii (R = Running, S = oprit, 0 = Boot, 1 = System, 2 = Auto, 3 = cerere, 4 = Disabled )======

R2 avp; Kaspersky Anti-Virus; C: \ Archivos de programa \ Kaspersky Lab \ Kaspersky Anti-Virus 2009 \ avp.exe [2008-07-29 206088]
R2 CCALib8; Canon Camera de acces Biblioteca 8; C: \ Archivos de programa \ Canon \ CAL \ CALMAIN.exe [2007-01-31 96370]
R2 hpqddsvc; Servicio HP CUE DeviceDiscovery; C: \ Windows \ system32 \ svchost.exe [2008-04-14 14336]
R2 JavaQuickStarterService; Java rapida pentru începători; C: \ Archivos de programa \ Java \ jre6 \ bin \ jqs.exe [2008-10-28 152984]
R2 Net Driver HPZ12; Net Driver HPZ12; C: \ Windows \ system32 \ svchost.exe [2008-04-14 14336]
R2 Pml Driver HPZ12; Pml Driver HPZ12; C: \ Windows \ system32 \ svchost.exe [2008-04-14 14336]
R2 UleadBurningHelper; Ulead Burning Helper; C: \ Archivos de programa \ Archivos comunes \ Ulead Systems \ DVD \ ULCDRSvr.exe [2004-12-13 49152]
R2 UMWdf; Windows User Mode Driver-cadru; C: \ Windows \ system32 \ wdfmgr.exe [2005-01-28 38912]
R2 wltrysvc; Dell Wireless WLAN Tray Service; C: \ Windows \ system32 \ WLTRYSVC.EXE [2006-11-01 20480]
R2 WSearch; Căutare de Windows; C: \ Windows \ system32 \ SearchIndexer.exe [2007-02-06 300032]
R3 hpqcxs08; hpqcxs08; C: \ Windows \ system32 \ svchost.exe [2008-04-14 14336]
S3 aspnet_state; ASP.NET membru Service; C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ aspn et_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;. NET Runtime Optimization Service v2.0.50727_X86; C: \ WINDOWS \ Microsoft.NET \ Framework \ v2.0.50727 \ msco rsvw.exe [2008-07-25 69632]
S3 FontCache3.0.0.0; Windows Presentation Foundation Font Cache 3.0.0.0; C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ WPF \ prezentarea tationFontCache.exe [2008-07-29 46104]
S3 idsvc; Windows CardSpace; C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe [2008-07-29 881664]
S3 Microsoft Office Groove serviciu de audit; Microsoft Office Groove serviciu de audit; C: \ Archivos de programa \ Microsoft Office \ Office12 \ GrooveAuditService.exe [2007-08-24 68464]
S3 odserv; Microsoft Office Diagnostice Service; C: \ Archivos de programa \ Archivos comunes \ Microsoft Shared \ OFFICE12 \ ODSERV.EXE [2007-08-24 443776]
S3 OSE; Office Sursa Motor; C: \ Archivos de programa \ Archivos comunes \ Microsoft Shared \ Sursa Motor \ OSE.EXE [2006-10-26 145184]
S3 usnjsvc; Servicio Lector del Diario USN de Carpetas para compartir de Messenger; C: \ Archivos de programa \ Windows Live \ Messenger \ usnsvc.exe [2007-10-19 98328]
S3 WLSetupSvc; Windows Live Setup Service; C: \ Archivos de programa \ Windows Live \ Installer \ WLSetupSvc.exe [2007-10-26 266240]
S4 NetTcpPortSharing; Net.Tcp Port Sharing Serviciu; C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ SMSvcHost.exe [2008-07-29 132096]
S4 Zumie Search Service; Zumie Search Service; C: \ Archivos de programa \ Zumie \ zumie.exe C: \ Archivos de programa \ Zumie \ zumie.dll Service []

----------------- EOF -----------------

**kathymer** · #8 29 noiembrie 2008, 08:11

info.txt LogFile de aleator al sistemului de informaţii instrument 1,04 2008-11-29 23:03:46

====== Dezinstalaţi lista ======

-> "C: \ Archivos de programa \ InstallShield Installation Information \ (F37167DD-4436-4641-90B6-329D60632DDA) \ Setup.exe" REMOVEALL - U: (F37167DD-4436-4641-90B6-329D60632DDA)
-> Rundll32 C: \ Archív ~ 1 \ Archív ~ 1 \ INSTAL ~ 1 \ profesională ~ 1 \ Runtime \ 070 1 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Archivos de programa \ InstallShield Installation Information \ (FA7621DC - 7144-4A24-973C-B9BC0E945628) \ setup.exe "-l0x9
-> rundll32.exe setupapi.dll, InstallHinfSection DefaultUninstall 132 C: \ Windows \ Inf \ PCHealth.inf
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-0015-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-0016-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-0018-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-0019-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001A-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001B-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001F-0403-0000-0000000FF1CE) / dezinstala (A5B6B786-2D6F-4B75-940F-42B32D01D146)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001F-0409-0000-0000000FF1CE) / dezinstala (3EC77D26-799B-4CD8-914F-C1565E796173)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001F-040C-0000-0000000FF1CE) / dezinstala (430971B1-C31E-45DA-81E0-72C095BAB72C)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001F-0416-0000-0000000FF1CE) / dezinstala (669EB263-0AFE-4FCB-A068-DB082CA6273C)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-001F-0C0A-0000-0000000FF1CE) / dezinstala (F7A31780-33C4-4E39-951A-5EC9B91D7BF1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (BEE75E01-DD3F-4D5F-B96C-609E6538D419)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-006E-0C0A-0000-0000000FF1CE) / dezinstala (35B14BD6-6042-4A55-B326-58309DC8C72A)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-00A1-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
Microsoft Office 2007 Suite Service Pack 1 (SP1) -> msiexec / pachet (90120000-00BA-0C0A-0000-0000000FF1CE) / dezinstala (2CC8520D-6A74-4CCA-9539-8E774E2B50D1)
32 Bit HP CIO Componente Installer -> Msiexec.exe / I (F1E63043-54FC-429B-AB2C-31AF9FBA4BC7)
Acrobat.com--> C: \ Archivos de programa \ Archivos comunes \ Adobe AIR \ Versiuni \ 1.0 \ Adobe AIR Application Installer.exe-uninstall com.adobe.mauby 4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
Acrobat.com--> Msiexec.exe / I (77DCDCE3-2DED-62F3-8154-05E745472D07)
Actualización de Seguridad para Windows XP (KB923789) -> C: \ Windows \ system32 \ MacroMed \ Flash \ genuinst.exe C: \ Windows \ system32 \ MacroMed \ Flash \ KB923789.inf
Actualización de Seguridad para Windows XP (KB950759 )-->" C: \ WINDOWS \ $ NtUninstallKB950759 $ \ Spuninst \ spunin st.exe "
Actualización de Seguridad para Windows XP (KB950760 )-->" C: \ WINDOWS \ $ NtUninstallKB950760 $ \ Spuninst \ spunin st.exe "
Actualización de Seguridad para Windows XP (KB950762 )-->" C: \ WINDOWS \ $ NtUninstallKB950762 $ \ Spuninst \ spunin st.exe "
Actualización de Seguridad para Windows XP (KB951376-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951376-v2 $ \ spuninst \ spuninst.exe "
Actualización de Seguridad para Windows XP (KB951698 )-->" C: \ WINDOWS \ $ NtUninstallKB951698 $ \ Spuninst \ spunin st.exe "
Actualización de Seguridad para Windows XP (KB951748 )-->" C: \ WINDOWS \ $ NtUninstallKB951748 $ \ Spuninst \ spunin st.exe "
Actualización para Windows XP (KB898461 )-->" C: \ WINDOWS \ $ NtUninstallKB898461 $ \ Spuninst \ spunin st.exe "
Actualización para Windows XP (KB942763 )-->" C: \ WINDOWS \ $ NtUninstallKB942763 $ \ Spuninst \ spunin st.exe "
Actualización para Windows XP (KB951072-v2 )-->" C: \ WINDOWS \ $ NtUninstallKB951072-v2 $ \ spuninst \ spuninst.exe "
Actualización para Windows XP (KB951978 )-->" C: \ WINDOWS \ $ NtUninstallKB951978 $ \ Spuninst \ spunin st.exe "
Adobe AIR -> Msiexec.exe / I (197A3012-8C85-4FD3-AB66-9EC7E13DB92E)
Adobe Flash Player 10 ActiveX -> C: \ Windows \ system32 \ Macromed \ Flash \ uninstall_acti veX.exe
Adobe Flash Player Plugin -> C: \ Windows \ system32 \ Macromed \ Flash \ uninstall_plug in.exe
Adobe Reader 9 -> Msiexec.exe / I (AC76BA86-7AD7-1033-7B44-A90000000001)
Apple Software Update -> Msiexec.exe / I (02DFF6B1-1654-411C-8D7B-FD6052EF016F)
Ares 2.0.9 -> "C: \ Archivos de programa \ Ares \ uninstall.exe"
AVIConverter 3.0 -> C: \ Archivos de programa \ AVIConverter \ uninst.exe
Barra Yahoo! con bloqueador de ventanas emergentes -> C: \ Archív ~ 1 \ Yahoo! \ Common \ unyt.exe
Broadcom 440x 10/100 integrat Controller -> Msiexec.exe / X (612B9183-67A9-4B44-9877-2F059E35B86A)
Broadcom WLAN -> C: \ Archivos de programa \ InstallShield Installation Information \ (13191B3F-D711-4906-81B3-5C47E031B235) \ setup.exe-runfromtemp-l0x000a-removeonly
Căutare en el escritorio de Windows 3.01 -> "C: \ WINDOWS \ $ NtUninstallKB917013 $ \ Spuninst \ spunin st.exe"
Aparat foto Canon Biblioteca Access -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CAL \ Uninst.ini"
Canon Aparat foto Suport Core Biblioteca -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CSCLIB \ Uninst.ini"
Canon G.726 WMP-Decoder -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ G726Decoder \ G726DecUnInstall.ini"
Canon MovieEdit Task pentru ZoomBrowser EX -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ ZoomBrowser EX \ Program \ MVWUninst.ini "
Canon RAW Image Task pentru ZoomBrowser EX -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ RAW Image Task \ Uninst.ini "
Canon Utilităţi CameraWindow DC_DV 5 pentru ZoomBrowser EX -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ CameraWindowDVC \ Uninst. ini "
Canon Utilităţi CameraWindow DC_DV 6 pentru ZoomBrowser EX -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ CameraWindowDVC6 \ t Unins . ini "
Canon Utilităţi CameraWindow DC -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ CameraWindowDC \ Uninst. INI"
Canon CameraWindow Utilities -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ CameraWindowLauncher \ U ninst.ini"
Canon EOS Utility Utilities -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ EOS Utility \ Uninst.ini"
Canon Utilităţi MyCamera DC -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ MyCameraDC \ Uninst.ini"
Canon MyCamera Utilities -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ MyCamera \ Uninst.ini"
Canon PhotoStitch Utilities -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ PhotoStitch \ Uninst.ini"
Canon Utilităţi RemoteCapture Task pentru ZoomBrowser EX -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ CameraWindow \ RemoteCaptureTask DC \ Uninst. ini "
Canon ZoomBrowser EX Utilities -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ ZoomBrowser EX \ Program \ Uninst.ini"
Canon ZoomBrowser EX Memory Card Utility -> "C: \ Archivos de programa \ Archivos comunes \ Canon \ UIW \ 1.4.0.0 \ Uninst.exe" "C: \ Archivos de programa \ Canon \ ZoomBrowser EX MCU \ Uninst.ini"
Chineză simplificată Fonturi Suport pentru Adobe Reader 9 -> Msiexec.exe / I (AC76BA86-7AD7-2447-0000-900000000003)
Dell Mobile Broadband Card Utility -> Msiexec.exe / X (DF62D775-BB7C-4AFA-9CA4-DDA1C4855F28)
Dell Wireless WLAN Card -> "C: \ Archivos de programa \ Dell \ Dell Wireless WLAN Card \ bcmwlu00.exe" verbose / rootkey = "Software \ Broadcom \ 802.11 \ UninstallInfo" / rootdir = "C: \ Archivos de programa \ Dell \ Dell Wireless WLAN Card "
Diccionario Cambridge Klett Compact -> C: \ WINDOWS \ IsUn040a.exe-f "C: \ Archivos de programa \ Cambridge \ ENS001CP \ Uninst.isu"
Digital Camera Driver -> C: \ Archív ~ 1 \ DIGITA ~ 2 \ UNWISE.EXE C: \ Archív ~ 1 \ DIGITA ~ 2 \ INSTALL.LOG
HijackThis 2.0.2 -> "C: \ Archivos de programa \ Trend Micro \ HijackThis \ HijackThis.exe" / dezinstala
Remediere rapidă pentru Microsoft. NET Framework 3.5 SP1 (KB953595) -> C: \ Windows \ system32 \ Msiexec.exe / pachet CE2CDD62 (-0124-36CA-84D3-9F4DCF5C5BD9) / dezinstalare / QB + REBOOTPROMPT = ""
HP LaserJet 1150 / 1300 -> Msiexec.exe / x (1485B7CD-4CBD-4039-8EAE-5A22993D7F54)
HP Officejet J3500 Series -> C: \ Archivos de programa \ HP \ Digital Imaging \ (B1D1B548-BD7D-40f9-80A4-A247E44BFCF4) \ Setup \ hpzscr01.exe-datfile hpwscr15.dat
HP Smart Web Printing -> Msiexec.exe / X (415CDA53-9100-476F-A7B2-476691E117C7)
HP Update -> Msiexec.exe / X (8C6027FD-53DC-446D-BB75-CACD7028A134)
Intel (R) Graphics Media Accelerator Driver pentru Mobile -> RUNDLL32.EXE C: \ Windows \ system32 \ ialmrem.dll, UninstallW2KIGfx2I D PCI \ VEN_8086 & DEV_2792 PCI \ VEN_8086 & DEV_2592
InterVideo MediaOne Gallery -> rundll32 C: \ Archív ~ 1 \ Archív ~ 1 \ INSTAL ~ 1 \ motor \ 6 \ INTEL3 ~ 1 \ ct or.dll, LaunchSetup "C: \ Archivos de programa \ InstallShield Installation Information \ (34F0D55F -C386-4195-9A5B-961D3F6ACD46) \ setup.exe "REMOVEALL
Java (TM) 6 Update 10 -> Msiexec.exe / X (26A24AE4-039D-4CA4-87B4-2F83216010FF)
Java (TM) 6 Update 7 -> Msiexec.exe / I (3248F0A8-6813-11D6-A77B-00B0D0160070)
Kaspersky Anti-Virus 2009 -> Msiexec.exe / I (6580C5A3-2336-4EC5-85F1-3448C5F6208A)
Kaspersky Anti-Virus 2009 -> Msiexec.exe / I (6580C5A3-2336-4EC5-85F1-3448C5F6208A)
Malwarebytes' Anti-Malware -> "C: \ Archivos de programa \ Malwarebytes' Anti-Malware \ unins000.exe"
Microsoft. NET Framework 2.0 Service Pack 2 Language Pack - ESN -> Msiexec.exe / I (85AC0FFA-643D-3103-9310-7086ECB0C36C)
Microsoft. NET Framework 2.0 Service Pack 2 -> Msiexec.exe / I (C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F)
Microsoft. NET Framework 3.0 Service Pack 2 Language Pack - ESN -> Msiexec.exe / I (BDEDB104-4067-3D5E-81F0-DBEBFE856B45)
Microsoft. NET Framework 3.0 Service Pack 2 -> Msiexec.exe / I (A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7)
Microsoft. NET Framework 3.5 Limba Pack SP1 - ESN -> Msiexec.exe / I (92E4A65F-7007-3357-A69A-167F71A337BD)
Microsoft. NET Framework 3.5 SP1 -> C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.5 \ Microso ft. NET Framework 3.5 SP1 \ setup.exe
Microsoft. NET Framework 3.5 SP1 -> Msiexec.exe / I (CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9)
Microsoft internaţional Domain Names atenuare API-uri -> "C: \ WINDOWS \ $ NtServicePackUninstallIDNMitigationA PIs $ \ spuninst \ spuninst.exe"
Microsoft suport pentru limbile naţionale Downlevel API-uri -> "C: \ WINDOWS \ $ NtServicePackUninstallNLSDownlevelMa pping $ \ spuninst \ spuninst.exe"
Microsoft Office Access MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-0015-0C0A-0000-0000000FF1CE)
Microsoft Office Enterprise 2007 -> "C: \ Archivos de programa \ Archivos comunes \ Microsoft Shared \ OFFICE12 \ programul de instalare Office Controller \ setup.exe" / dezinstala INTREPRINDEREA / dll OSETUP.DLL
Microsoft Office Enterprise 2007 -> Msiexec.exe / X (90120000-0030-0000-0000-0000000FF1CE)
Microsoft Office Excel MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-0016-0C0A-0000-0000000FF1CE)
Microsoft Office Groove MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-00BA-0C0A-0000-0000000FF1CE)
Microsoft Office InfoPath MUI (spaniolă) 2007 (Beta) -> Msiexec.exe / X (30120000-0044-0C0A-0000-0000000FF1CE)
Microsoft Office OneNote MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-00A1-0C0A-0000-0000000FF1CE)
Microsoft Office Outlook MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-001A-0C0A-0000-0000000FF1CE)
Microsoft Office PowerPoint MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-0018-0C0A-0000-0000000FF1CE)
Microsoft Office Dovada (bască) 2007 -> Msiexec.exe / X (90120000-001F-042D-0000-0000000FF1CE)
Microsoft Office Dovada (catalană) 2007 -> Msiexec.exe / X (90120000-001F-0403-0000-0000000FF1CE)
Dovada Microsoft Office (în limba engleză) 2007 -> Msiexec.exe / X (90120000-001F-0409-0000-0000000FF1CE)
Microsoft Office Dovada (franceză) 2007 -> Msiexec.exe / X (90120000-001F-040C-0000-0000000FF1CE)
Microsoft Office Dovada (galiciană) 2007 -> Msiexec.exe / X (90120000-001F-0456-0000-0000000FF1CE)
Microsoft Office Dovada (Portuguese (Brazil)) 2007 -> Msiexec.exe / X (90120000-001F-0416-0000-0000000FF1CE)
Microsoft Office Dovada (spaniolă) 2007 -> Msiexec.exe / X (90120000-001F-0C0A-0000-0000000FF1CE)
Microsoft Office Proofing (spaniolă) 2007 -> Msiexec.exe / X (90120000-002C-0C0A-0000-0000000FF1CE)
Microsoft Office Publisher MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-0019-0C0A-0000-0000000FF1CE)
Microsoft Office Shared MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-006E-0C0A-0000-0000000FF1CE)
Microsoft Office Word MUI (spaniolă) 2007 -> Msiexec.exe / X (90120000-001B-0C0A-0000-0000000FF1CE)
Microsoft Visual C + + 2005 redistribuibil -> Msiexec.exe / X (7299052b-02a4-4627-81f2-1818da5d550d)
Mozilla Firefox (2.0.0.18) -> C: \ Archivos de programa \ Mozilla Firefox \ uninstall \ helper.exe
Mozilla Thunderbird (2.0.0.18) -> C: \ Archivos de programa \ Mozilla Thunderbird \ uninstall \ helper.exe
MSN -> C: \ Archivos de programa \ MSN \ MsnInstaller \ msninst.exe / acţiune: ARP
MSXML 4.0 SP2 (KB936181) -> Msiexec.exe / I (C04E32E0-0416-434D-AFB9-6969D703A9EF)
OpenOffice.org 3.0 -> Msiexec.exe / I (F44DA61E-720D-4E79-871F-F6E628B33242)
Paquete de Idioma de Microsoft. NET Framework 3.5 SP1 - ESN -> C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.5 \ Microso ft. NET Framework 3.5 Limba Pack SP1 - ESN \ setup.exe
QuickTime -> Msiexec.exe / I (08CA9554-B5FE-4313-938F-D4A417B81175)
Revizie para Windows XP (KB952287 )-->" C: \ WINDOWS \ $ NtUninstallKB952287 $ \ Spuninst \ spunin st.exe "
Actualizare de securitate pentru Excel 2007 (KB946974) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (85E83E2E-AF9B-439B-B4F9-EB9B7EF6A00E)
Actualizare de securitate pentru Microsoft Office Publisher 2007 (KB950114) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (F9C3CDBA-1F00-4D4D-959D-75C9D3ACDD85)
Actualizare de securitate pentru sistemul Microsoft Office 2007 (KB951808) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (8F375E11-4FD6-4B89-9E2B-A76D48B51E00)
Actualizare de securitate pentru Microsoft Office Word 2007 (KB950113) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (AD72BABE-C733-4FCF-9674-4314466191B9)
Actualizare de securitate pentru Office 2007 (KB947801) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (02B5A17B-01BE-4BA6-95F1-1CBB46EBC76E)
SigmaTel Audio -> rundll32 C: \ Archív ~ 1 \ Archív ~ 1 \ INSTAL ~ 1 \ profesională ~ 1 \ Runtime \ 10 \ 01 \ Intel32 \ Ctor.dll, LaunchSetup "C: \ Archivos de programa \ InstallShield Installation Information \ (A462213D-EED4-42C2-9A60-7BDD4D4B0B17) \ setup.exe "-l0xa-remove-removeonly
Skype ™ 3.8 -> Msiexec.exe / X (5C82DAE5-6EB0-4374-9254-BE3319BA4E82)
Synaptics dispozitiv de indicare Driver -> rundll32.exe "C: \ Archivos de programa \ Synaptics \ SynTP \ SynISDLL.dll", standAloneU ninstall
Uniblue DriverScanner 2009 -> "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (D5ABFFAD-D592-4F98-B02B-587125B4801F) \ DriverScanner_Setup.exe" Remove = TRUE MODIFICARE = FALSE
Uniblue DriverScanner 2009 -> C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (D5ABFFAD-D592-4F98-B02B-587125B4801F) \ DriverScanner_Setup.exe
Uniblue RegistryBooster 2009 -> "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (B46E1EF5-0B37-4DB4-A4E2-9F2B41036185) \ Uniblue RegistryBooster.exe" Remove = TRUE MODIFICARE = FALSE
Uniblue RegistryBooster 2009 -> C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (B46E1EF5-0B37-4DB4-A4E2-9F2B41036185) \ Uniblue RegistryBooster.exe
Uniblue SpeedUpMyPC 2009 -> "C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (51019853-129c-4EDE-9030-D5FD7BBD9AD0) \ SpeedUpMyPC.exe" Remove = TRUE MODIFICARE = FALSE
Uniblue SpeedUpMyPC 2009 -> C: \ Documents and Settings \ Toate Users.WINDOWS \ datos de programa \ (51019853-129c-4EDE-9030-D5FD7BBD9AD0) \ SpeedUpMyPC.exe
Unlocker 1.8.7 -> C: \ Archivos de programa \ Unlocker \ uninst.exe
Actualizare pentru Microsoft Office Outlook 2007 (KB952142) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (4AD3A076-427C-491F-A5B7-7D1DE788A756)
Actualizare pentru Office 2007 (KB946691) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (A420F522-7395-4872-9882-C591B4B92278)
Actualizare pentru Outlook 2007 Rahat Email Filter (kb953463) -> msiexec / pachet (90120000-0030-0000-0000-0000000FF1CE) / dezinstala (1B78D541-9FF1-4330-ADD8-CED14F0C1E8E)
Winamp -> "C: \ Archivos de programa \ Winamp \ UninstWA.exe"
Windows Live Asistente para el Home Out -> Msiexec.exe / I (AFA4E5FD-ED70-4D92-99D0-162FD56DC986)
Windows Live instalare -> Msiexec.exe / X (9E1DDBE7-BF44-4AC8-87CA-3D25FC63C6E1)
Windows Live Messenger -> Msiexec.exe / X (FC411B47-30BF-428C-9C1E-F6C54A94EA7E)
Windows Media Format Runtime -> "C: \ Archivos de programa \ Windows Media Player \ wmsetsdk.exe" / UninstallAll
WinRAR archiver -> C: \ Archivos de programa \ WinRAR \ uninstall.exe
XML Paper Specification componentele partajate Limba Pack 1.0 -> "C: \ WINDOWS \ $ NtUninstallXPSEPSCLP $ \ Spuninst \ spuni nst.exe"
Yahoo! Messenger -> C: \ Archív ~ 1 \ Yahoo! \ Messenger \ UNWISE.EXE / UC: \ Archív ~ 1 \ Yahoo! \ Messenger \ INSTALL.LOG

===== HijackThis backups =====

O23 - Service: Zumie Search Service - Unknown owner - C: \ Archivos de programa \ Zumie \ zumie.exe (fişierul lipseşte)

====== Fişierul Hosts ======

127.0.0.1 localhost

====== Security Center informaţii ======

AV: Kaspersky Anti-Virus (învechit)

====== Variabile de Mediu ======

"ComSpec" =% SystemRoot% \ system32 \ cmd.exe
"Path" =% SystemRoot% \ system32;% SystemRoot%;% SystemR oot% \ System32 \ wbem; C: \ Archivos de programa \ QuickTime \ QTSystem \
"windir" =% SystemRoot%
"FP_NO_HOST_CHECK" = NU
"Sistem de operare" = Windows_NT
"PROCESSOR_ARCHITECTURE" = x86
"PROCESSOR_LEVEL" = 6
"PROCESSOR_IDENTIFIER" = x86 Familiei 6 Model 13 intensificarea 8, GenuineIntel
"PROCESSOR_REVISION" = 0d08
"NUMBER_OF_PROCESSORS" = 1
"PATHEXT" =. COM;. Exe;. BAT;. CMD;. VBS;. Vbe;. JS;. JSE;. WSF;. WSH
"TEMP" =% SystemRoot% \ temp
"Tmp" =% SystemRoot% \ temp
"CLASSPATH" =.; C: \ Archivos de programa \ QuickTime \ QTSystem \ QTJava.zip
"QTJAVA" = C: \ Archivos de programa \ QuickTime \ QTSystem \ QTJava.zip

----------------- EOF -----------------

**kathymer** · #9 29 noiembrie 2008, 08:12

Malwarebytes' Anti-Malware 1.30
Baza de date versiune: 1433
Windows 5.1.2600 Service Pack 3

29/11/2008 10:55:13 PM
mbam-log-2008-11-29 (22-55-13). txt

Scan type: Quick Scan
Obiecte scanate: 68095
Timpul scurs: 10 minute (s), 45 secunde (s)

Memory Processes Infected: 0
Memory Modules Infected: 1
Chei de Registry Infected: 11
Registry Values Infected: 0
Registrul de date Elemente Infected: 2
Foldere infectate: 11
Fişiere infectate: 28

Memory Processes Infected:
(Nici un rău elemente detectat)

Memory Modules Infected:
C: \ Windows \ system32 \ ljJyVnom.dll (Trojan.Vundo.H) -> Delete pe reboot.

Chei de Registry Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (459f140e-41de-1635-8061-8de0ab740e28) (Trojan.Vundo.H) -> Delete pe reboot.
HKEY_CLASSES_ROOT \ CLSID \ (459f140e-41de-1635-8061-8de0ab740e28) (Trojan.Vundo.H) -> Delete pe reboot.
HKEY_CLASSES_ROOT \ Interface \ (48e92754-2daf-4de4-8385-34f631580e9b) (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
HKEY_CLASSES_ROOT \ Interface \ (a1c23ba2-4c01-8f20-b663-7ff2b3421194) (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
HKEY_CLASSES_ROOT \ CLSID \ (d37d6c1a-7ba4-47f4-9bf2-75031e257df6) (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
HKEY_CLASSES_ROOT \ Typelib \ (84562fca-ee8b-4585-a1d1-eae97b23370e) (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ Stats \ (098716a9-0310-4cbe-bd64-b790a9761158) (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ contim (Trojan.Vundo) -> carantină şi a fost şters cu succes.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ rdfa (Trojan.Vundo) -> carantină şi a fost şters cu succes.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> carantină şi a fost şters cu succes.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> carantină şi a fost şters cu succes.

Registry Values Infected:
(Nici un rău elemente detectat)

Registrul de date Elemente Infected:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ LSA \ Notificarea pachete (Trojan.Vundo.H) -> Data: c: \ windows \ system32 \ ljjyvnom -> carantină şi a fost şters cu succes.
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Contro l \ LSA \ Pachete de autentificare (Trojan.Vundo.H) -> Data: c: \ windows \ system32 \ ljjyvnom -> Ştergere pe reboot.

Folders Infected:
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Carantina (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ HKCU (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ HKCU \ RunO NCE (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ HKLM (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ HKLM \ RunO NCE (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ StartMenu AllUsers (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Quarantine \ Autorun \ StartMenu CurrentUser (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Carantină \ BrowserObjects (Rogue.Multiple) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ rhcvllj0e32r \ Carantină \ Packages (Rogue.Multiple) -> carantină şi a fost şters cu succes.

Files Infected:
C: \ Windows \ system32 \ ljJyVnom.dll (Trojan.Vundo.H) -> Delete pe reboot.
C: \ Windows \ system32 \ monVyJjl.ini (Trojan.Vundo.H) -> Delete pe reboot.
C: \ Windows \ system32 \ monVyJjl.ini2 (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ egurvpxu.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ uxpvruge.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ ioodgsis.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ sisgdooi.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ olcxvcls.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ slcvxclo.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ qxxiopls.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ slpoixxq.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ tlpvqfqf.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ fqfqvplt.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ yqbfrwpg.dll (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ gpwrfbqy.ini (Trojan.Vundo.H) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ geBqRhEv.dll (Trojan.Vundo) -> carantină şi a fost şters cu succes.
C: \ Windows \ system32 \ jkkKbxWp.dll (Trojan.Vundo) -> carantină şi a fost şters cu succes.
C: \ RECYCLER \ S-1-5-21-230849927-757894242-3647583486-1006 \ Dc339.exe (Adware.Seekmo) -> carantină şi a fost şters cu succes.
C: \ RECYCLER \ S-1-5-21-230849927-757894242-3647583486-1006 \ Dc340.exe (Adware.Seekmo) -> carantină şi a fost şters cu succes.
C: \ RECYCLER \ S-1-5-21-230849927-757894242-3647583486-1006 \ Dc343.exe (Adware.Seekmo) -> carantină şi a fost şters cu succes.
C: \ Archivos de programa \ Mozilla Firefox \ regxpcom.exe (Trojan.FBrowsingAdvisor) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ Configuración locale \ temp \ nsp116.tmp \ blowfish.dll (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ escritorio \ Antivirus XP 2008.lnk (Rogue.Antivirus) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ All Users \ escritorio \ Antivirus XP 2008.lnk (Rogue.Antivirus) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ Microsoft \ Internet Explorer \ Quick Launch \ Antivirus XP 2008.lnk (Rogue.Antivirus2008) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ datos de programa \ Microsoft \ Internet Explorer \ Quick Launch \ Antivirus-2008pro.lnk (Rogue.Antivirus2008) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ Mauricio \ Configuración locale \ temp \ lwpwer.exe (Trojan.FakeAlert) -> carantină şi a fost şters cu succes.
C: \ Documents and Settings \ TrackerVsrGroup \ escritorio \ SystemDefender. Lnk (Rogue.SystemDefender) -> carantină şi a fost şters cu succes.

**kathymer** · #10 29 noiembrie 2008, 08:14

Ei bine, sunt de 3 jurnalele pe care aţi solicitat ca, lasă-mă să ştiu dacă are nevoie de nimic altceva de făcut.
Şi mulţumesc foarte mult, pentru ajutor şi de timp.

Apreciez asta.

Kathy.

Similar Threads
Fir	Thread Starter	Forum	Răspunsurile	Ultimul mesaj
Problema cu Calul troian Downloader Generic 9	ÖGB	Nume, Spyware & Securitate	7	21 noiembrie 2009 13:06
Infectate cu MultiPacked.Multi.Generic Malware!	ruffryder2k7	Nume, Spyware & Securitate	12	26 iunie 2009 19:26
Trojan.vundo.h, trojan.agent, adware.mirar + mai mult! : (	sillyarfer	Nume, Spyware & Securitate	1	14 decembrie 2008 09:59
Infectate cu Heur.trojan.generic Vă rugăm să Ajutor	ruffryder2k7	Nume, Spyware & Securitate	17	6 noiembrie 2008 10:39
Sunteţi în măsură să o sincronizare generic mp3 player [nu un iPod] cu iTunes?	reyrey_angulo	Sunet, Difuzoare & MP3 Playere	1	18 martie 2007 15:39