|
| |||||||
| Registruotis | Svetainės spy | Narių sąrašas | Donate | Ieškoti | Šiandien Žinutės | Pažymėti forumus kaip skaitytus | Forumo taisyklės |
 |
 |
| | Temos įrankiai |
|
#1
Rugsėjis 27, 2008, 18:16
| |||
| |||
| Iexplore.exe klausimas iexplore.exe išlaiko Popping mano Task Manager, nepaisant to, kad aš ne naudoti IE. Tai padaryti "My Computer" lėtai, jūs jau pop up, kartais nėra jokių pop-up, tik balsas sako: "Sveikiname, jūs laimėjo ____" (so Freaky), arba Panašiai skambanti klaidos langas, esantis ar kažką paspaudę kai aš nieko nedaryti ir nieko pasirodo ekrane (iš tiesų tai daro mano kompiuterio garso Haunted! Haha anyway) Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 9:12:42 dėl 9/27/2008 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ "Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ system32 \ Lexbces.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ LEXPPS.EXE C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ system32 \ dlcxcoms.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ Program Files \ dell \ Sodinukai \ NICCONFIGSVC.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ system32 \ rpcnet.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ spysweeper.exe C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ dell \ Sodinukai \ quickset.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Požiūris \ Požiūris Manager \ ViewMgr.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ WINDOWS \ system32 \ SJv56bM4.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C: \ Program Files \ Common Files \ AOL \ 1155864818 \ EE \ aolsoftware.exe C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AcroRd32.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: Sprendimas klasė - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ system32 \ 58VayB0u.dll O2 - BHO: Požiūris Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Požiūris \ Požiūris Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: ICQ Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Požiūris Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Požiūris \ Toolbar Trukmė \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell Sodinukai] C: \ Program Files \ dell \ Sodinukai \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Pradžia] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-B O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. Default User Startup: Clean Prieiga Agent.lnk = C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Clean Prieiga Agent.lnk = C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel dabar O8 - Extra kontekstinio meniu punktą: & ICQ Toolbar Search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ EXCEL.EXE/3000 O8 - Extra kontekstinio meniu punktą: Prenumeruoti RSS numatytasis - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: ICQ Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasė) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 O16 - DPF: (5e2a3510-4371-11D6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klasė) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed monitorius (AOL TopSpeedMonitor) - "America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Lexbce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ Lexbces.exe O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ dell \ Sodinukai \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Požiūris vadybininkas Paslaugos - Požiūris Corporation - C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent tarnybos (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper programa (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO tarnybos (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10.609 baitų |
|
#2
Rugsėjis 27, 2008, 19:15
| |||
| |||
| Iexplore.exe klausimas Sveiki atvykę į CJ. Prašome atspausdinti šių nurodymų, nes jie bus reikalingi vėliau, kai interneto ryšys nėra. Atsisiųsti SDFix iki AndyManchesta ir išsaugokite jį savo kompiuteryje. Naudojant šį įrankį, turite naudoti Administratoriaus paskyros ar sąskaitą Administracinės teisės
Atidaryti SDFix katalogą ir dukart paspauskite RunThis.bat paleisti scenarijų.
__________________  |
|
#3
Rugsėjis 27, 2008, 20:24
| |||
| |||
| Iexplore.exe klausimas SDFix: Versija 1,229 Pradėti Administrator on Tue 09/27/2008 at 10:50 Microsoft Windows XP [Version 5.1.2600] Running From: C: \ SDFix Tikrinimas Paslaugos : Atkurti numatytąjį apsaugos vertybės Atkūrimas Numatytasis Hosts File Paleista Tikrinimas Failai : Nr Trojos failus iš katalogo Šalinama Temp failai ADS keista : Galutinis patikrinimas : catchme 0.3.1361.2 W2K/XP/Vista - rootkit / Stealth kenkėjiškų detektorius pagal Gmer, http://www.gmer.net Rootkit scan 2008-09-27 23:14:36 Windows 5.1.2600 Service Pack 2 NTFS skenavimo paslėptus procesus ... skenavimo paslaugų paslėptas ir sistemos avilio ... skenavimo paslėptas registro įrašus ... skenavimo paslėptus failus ... skenavimas baigtas sėkmingai paslėptus procesus: 0 paslėptas paslaugos: 0 paslėptus failus: 0 Kitų paslaugų : Įgaliotas rakto taikymu eksportui: [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ standartas profilis \ authorizedapplications \ list] "% windir% \ \ System32 \ \ sessmgr.exe" = "% windir% \ \ syste M32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22.019" "C: \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ Program Files \ \ RssBandit \ \ RSSBandit.exe: *: Enabled: RSS Bandit" "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb.exe" "C: \ Program Files \ Common Files \ \ AOL \ \ krautuvas \ \ aolload.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ krautuvas \ \ aolload.exe: *: Enabled : AOL taikymas Loader " "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Enabled : AOL " "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Enabled : AOL " "C: \ Program Files \ \" America Online 9.0 \ \ waol.exe "=" C: \ Program Files \ \ "America Online 9.0 \ \ waol.exe: *: Enabled: AOL" "C: \ Program Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ Prog ram Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe: *: Enabled: AOLTsMon " "C: \ Program Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ Prog ram Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe: *: Enabled: AOLTopSpeed " "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . Exe: *: El nabled: AOL " "C: \ Program Files \ Common Files \ \ AOL \ \ Sistemos informacija \ \ sinf.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ Sistemos informacija \ \ sinf.exe: * : Enabled: AOL " "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ AOLSP Scheduler.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ AOLSP Tvarkaraštis . Exe: *: Enabled: AOL " "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ asp.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ asp.exe : *: Enabled: AOL " "C: \ Program Files \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV.exe" = "C: \ Program Files \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV . Exe: *: Ena Bled: AOL " "C: \ Program Files \ \ FTP Commander Pro \ \ cftp.exe" = "C: \ Program Files \ \ FTP Commander Pro \ \ cftp.exe: *: Enabled: cftp" "C: \ Program Files \ FTP Commander \ \ ftpcomm.exe" = "C: \ Program Files \ FTP Commander \ \ ftpcomm.exe: *: Enabled: ftpcomm" "C: \ Program Files \ Real \ \" RealPlayer \ \ realplay.exe "=" C: \ progra m Files \ Real \ \ "RealPlayer \ \ realplay.exe: *: Enabled: Re alPlayer" "C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: El nabled: LimeWire swarmed Montuotojas" "C: \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire" "C: \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe: *: Enabled: SmartFTP Client 2.0" "C: \ Program Files \ BitTorrent \ \ btdownloadgui.exe" = "C: \ Program Files \ BitTorrent \ \ btdownloadgui.exe: *: Enabled: btd ownloadgui" "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . Exe: *: Enab LED: AOL paslaugos " "C: \ Program Files \ Mozilla Firefox \ \ firefox.exe" = "C: \ Program Files \ Mozilla Firefox \ \ firefox.exe: *: Enabled: Firefox" "C: \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe" = "C: \ Program Files \ \ Get-Torrent \ \ Get-Torrent.exe: *: Enabled: Torrent P2P programa" "C: \ Program Files \ Restoranas Imperija \ \ re.exe" = "C: \ Program Files \ Restoranas Imperija \ \ re.exe: *: Enabled: Re" "C: \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ Program Files \ \ BitZip \ \ bitzip.exe: *: Enabled: bitzip" "C: \ Program Files \ uTorrent \ \ uTorrent.exe" = "C: \ Program Files \ uTorrent \ \ uTorrent.exe: *: Enabled: æTorrent" "C: \ Program Files \ iTunes \ \ iTunes.exe" = "C: \ Program Files \ iTunes \ \ iTunes.exe: *: Enabled: iTunes" "% windir% \ \ network diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ network diagnostic \ \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20.000" "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe" = "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe: *: Enabled: Dell 926 Server" [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ SharedAccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ list] "% windir% \ \ System32 \ \ sessmgr.exe" = "% windir% \ \ syste M32 \ \ sessmgr.exe: *: Enabled: @ Xpsp2res.dll, -22.019" "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb Computrace Diegimo / Management Application" "% windir% \ \ network diagnostic \ \ xpnetdiag.exe" = "% windir% \ \ network diagnostic \ \ xpnetdiag.exe: *: Enabled: @ Xpsp3res.dll, -20.000" Likęs Failai : Failai su Hidden atributus : Tue 12 liepa 2005 54.872 A.. H. --- "C: \ Program Files \ America Online 9.0 \ AOLphx.exe" Tue 12 liepa 2005 31.832 A.. H. --- "C: \ Program Files \ America Online 9.0 \ rbm.exe" Tr spalis 13, 2004 1.694.208 A.. H. --- "C: \ Program Files \ Messenger \ msmsgs.exe" Tr 17 rugsėjis 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ $ RL3917.tmp" Pn lapkritis 23, 2007 4.840.960 ... H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ WRL3917.tmp" Sk 1 balandis 2007 247 A.. H. --- "C: \ Program Files \ InterActual \ InterActual Player \ itiC9F.tmp" Sk liepa 1, 2007 0 A.SH. --- "C: \ Documents and Settings \ All Users \ DRM \ Cache \ Indiv01.tmp" Pr 14 sausis 2008 3.459 ... HR --- "C: \ Documents and Settings \ Administrator \ Application Data \ SecuROM \ UserData \ securom_v7_01.bak" Št rugsėjis 27, 2008 4.750 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-45AE-94C0-81FF065FB64C.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0B798094-B44A-427A-B9DC-654E158521EB.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp" Št 27 rugsėjis 2008 12.540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp" Št rugsėjis 27, 2008 5.616 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-5AA4-4A75-B35E-1DE367BE8DF8.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp" Št 27 rugsėjis 2008 40.408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-4BC0-10D0-B385-C28929E5600F.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48C5-A517-8F08AFB8035A.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-3F89-4FC5-B941-1463F3BD2234.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp" Št 27 rugsėjis 2008 27.677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp" Št rugsėjis 27, 2008 3.393 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-41A4-4EBA-B217-FF3A496AA590.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp" Št rugsėjis 27, 2008 101.080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472c-AA53-447B881C2428.tmp" Št rugsėjis 27, 2008 6.247.755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp" Št rugsėjis 27, 2008 198.358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439F-987F-028637985DF0.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp" Št rugsėjis 27, 2008 3.195.852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS713A2772-B7C7-4A87-BAEB-E92C67ED4580.tmp" Št rugsėjis 27, 2008 143.110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp" Št rugsėjis 27, 2008 1.909.332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7366E027-AE32-4BC8-9360-699C2C95BEB0.tmp" Št rugsėjis 27, 2008 270.314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-4E33-A509-9F16-118AA8AC2918.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7C1354E8-D74C-4AC8-BE8F-7167A5076F4A.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp" Št 27 rugsėjis 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp" Št 27 rugsėjis 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp" Št rugsėjis 27, 2008 4.532 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99BA-4D9E-9C2A-B17FB19F5132.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp" Št 27 rugsėjis 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9CF76AA8-C8DD-426D-8974-7952EA0782D3.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp" Št rugsėjis 27, 2008 1.190.410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp" Št rugsėjis 27, 2008 2.736 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp" Št 27 rugsėjis 2008 75.790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-B085-438D-7DB36F72F77D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCD6D72-A069-40FF-9AF2-916180E0A88E.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436E-B3EE-A1DEAC925872.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4B06-A604-EAAD26CE6255.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp" Št rugsėjis 27, 2008 134.148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464E-B192-D31296C412A8.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp" Št 27 rugsėjis 2008 20.968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456D-9A48-B332BFDD4DA3.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp" Št rugsėjis 27, 2008 2.168.120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953F-40714AC7B32D.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp" Št 27 rugsėjis 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-50B6-42E2-B361-B1279BCFE655.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-42D7-838C-4A46B1619D44.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96F2-4922-8549-E4F727B9B3A5.tmp" Št rugsėjis 27, 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475A-BBD8-590D8EED1563.tmp" Št rugsėjis 27, 2008 1.609.542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp" Št 27 rugsėjis 2008 29.084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp" Št 27 rugsėjis 2008 16.965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp" Pavyko! Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 11:22:30, on 9/27/2008 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe C: \ Program Files \ "Intel \ Wireless \ Bin \ S24EvMon.exe C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe C: \ WINDOWS \ system32 \ Lexbces.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ LEXPPS.EXE C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ Program Files \ PrevxCSI \ prevxcsi.exe C: \ WINDOWS \ system32 \ dlcxcoms.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ Program Files \ dell \ Sodinukai \ NICCONFIGSVC.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe C: \ WINDOWS \ system32 \ rpcnet.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ spysweeper.exe C: \ WINDOWS \ explorer.exe C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ commagent.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Požiūris \ Požiūris Manager \ ViewMgr.exe C: \ WINDOWS \ system32 \ notepad.exe C: \ Program Files \ dell \ Sodinukai \ quickset.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ErrorSmart \ ErrorSmart.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ America Online 9.0 \ waol.exe C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ America Online 9.0 \ shellmon.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/ O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: Požiūris Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Požiūris \ Požiūris Toolbar \ 3.8.0 \ ViewBarBHO.dll O3 - Toolbar: ICQ Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O3 - Toolbar: Požiūris Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Požiūris \ Toolbar Trukmė \ 3.8.0 \ IEViewBar.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [Dell Sodinukai] C: \ Program Files \ dell \ Sodinukai \ quickset.exe O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE NvMCTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb0 3.exe O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [AOL Fast Pradžia] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-B O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user') O4 -. Default User Startup: Clean Prieiga Agent.lnk = C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe (User 'Default user') O4 - Startup: Clean Prieiga Agent.lnk = C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel dabar O8 - Extra kontekstinio meniu punktą: & ICQ Toolbar Search - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ EXCEL.EXE/3000 O8 - Extra kontekstinio meniu punktą: Prenumeruoti RSS numatytasis - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: ICQ Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ REFIEBAR.DLL O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: *. bridgew.edu O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi klasė) -- http://support.dell.com/systemprofiler/SysPro.CAB O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409 O16 - DPF: (5e2a3510-4371-11D6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klasė) -- http://update.microsoft.com/windowsu...?1121111428606 O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://update.microsoft.com/microsof...?1121873156643 O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe O23 - Service: AOL TopSpeed monitorius (AOL TopSpeedMonitor) - "America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ EvtEng.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Lexbce Server (LexBceS) - Lexmark International, Inc - C: \ WINDOWS \ system32 \ Lexbces.exe O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ dell \ Sodinukai \ NICCONFIGSVC.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ RegSrvc.exe O23 - Service: Remote Procedure Call (RPC) Net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ S24EvMon.exe O23 - Service: Požiūris vadybininkas Paslaugos - Požiūris Corporation - C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe O23 - Service: Webroot CommAgent tarnybos (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ commagent.exe O23 - Service: Webroot Spy Sweeper programa (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ spysweeper.exe O23 - Service: Intel (R) PROSet / Wireless SSO tarnybos (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ Bin \ WLKeeper.exe -- End of file - 10.298 baitų |
|
#4
Rugsėjis 27, 2008, 20:37
| |||
| |||
| Iexplore.exe klausimas Išjungti spysweeper Jūs galite iš naujo įjungti po to, kai būsite švarūs. Išjungti spysweeper: Atidaryti Spysweeper Spustelėkite> Funkcijos nei į kairę, tada> Programa parinktys > Nuimkite "apkrovos" Windows startup " Over to paspauskite kairį "skydo" ir Nuimkite visi ten. Nuimkite "Pradžia skydas" Nuimkite "automatiškai Restore default nepranešus" Po to visi pataisymai yra pilnas labai svarbu, kad Jūs realiu laiku Apsauga kartą. ---------- Išjungti Windows Defender " Mums reikia išjungti "Windows Defender Real-time apsaugos, nes ji gali trukdyti nustato, kad turime padaryti.
---------- Mums reikia pašalinti ErrorSmart. Tai laikoma Rouge programą, nes ji yra nepatikima ir dažnai karto įdiegiama be vartotojo sutikimo. Go Add or Remove Programs ir pašalinkite ErrorSmart (jei jis yra) ---------- Atidaryti HijackThis ir pasirinkite Ar sistema nuskaito tik. Vieta varnelė prie šių įrašų: (jei yra)
Išeitis HijackThis. ---------- Pastaba Toliau instrukcijos buvo sukurtas specialiai šiam vartotojui. Jei nėra šio vartotojo NĖRA laikytis šių nurodymų, nes jie gali sugadinti jūsų sistemos veikimą Pereiti į Start> Run ir tipas notepad.exe tada Gerai Nukopijuokite ir įklijuokite šį kodą į Notepad ir išsaugokite fixme.reg Jūsų Desktop Kodas REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =- Įsitikinkite, kad galite pasakyti, jei gausite pranešimą apie sėkmingą pridedant pirmiau registrą. Jei nenorite gauti prane ¹ im ± sėkmė, it didn't work. Ištrinti iš darbastalio fixme.reg. ---------- Atsisiųsti CCleaner Slim ir išsaugokite jį darbalaukyje. Jei failas buvo išsaugotas, eikite į savo darbastalio ir dukart paspauskite ccsetupxxx_slim.exe Vykdykite nurodymus, kad įdiegti šią programą. Užbaigti diegimo tada:
---------- Atsisiųsti Malwarebytes 'Anti-Malware (MBAM)
__________________ |
|
#5
Rugsėjis 27, 2008, 21:50
| |||
| |||
| Iexplore.exe klausimas I didn't get sėkmė žinutė iš registro. Malwarebytes 'Anti-Malware 1,28 Duomenų bazės versija: 1216 Windows 5.1.2600 Service Pack 2 9/28/2008 12:45:51 mbam-log-2008-09-28 (00-45-51). Txt Scan Type: Quick Scan Objektai nuskaitomi: 59.369 Praėjęs laikas: 10 minučių (-ai), 46 second (s) Atminties procesai Infected: 0 Atminties moduliai Infected: 0 Registro raktus Infected: 0 Vertybių registrą Infected: 0 Registro duomenų elementų Infected: 0 Katalogai Infected: 0 Infected files: 1 Atminties procesai Infected: (Nr. kenksminga daiktų aptikti) Atminties moduliai Infected: (Nr. kenksminga daiktų aptikti) Registro raktus Infected: (Nr. kenksminga daiktų aptikti) Vertybių registrą Infected: (Nr. kenksminga daiktų aptikti) Registro duomenų elementų Infected: (Nr. kenksminga daiktų aptikti) Katalogai Infected: (Nr. kenksminga daiktų aptikti) Failai Infected: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> Karantinas ir sėkmingai ištrintas. |
|
#6
Rugsėjis 27, 2008, 21:55
| |||
| |||
| Iexplore.exe klausimas Bet kokie pakeitimai?
__________________ |
|
#7
Rugsėjis 27, 2008, 22:49
| |||
| |||
| Iexplore.exe klausimas Ne, vis dar ten |
|
#8
Rugsėjis 27, 2008, 22:56
| |||
| |||
| Iexplore.exe klausimas Nesijaudinkite, mes jį rasti. Parsisiųsti ComboFix iki einantys iš vienos iš žemiau nuorodų. Būtinai įrašykite jį į viršų Desktop. Link # 1 Link # 2 ** Pastaba: Svarbu, kad ji yra saugomi tiesiai darbalaukyje Uždarykite visus atidarytus interneto naršyklių. (Firefox, Internet Explorer, ir tt) prieš pradedant ComboFix. Laikinai daryti nepajėgų tavo AntivirusIr bet Antispyware realaus laiko apsauga prieš atlikti nuskaitymo. Spauskite šį saitą matyti saugumo programų sąrašą, kuris turėtų būti išjungtas ir kaip juos išjungti. Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas. Baigę ComboFix gamins žurnalas Jums. Skelbti ComboFix Prisijungti Jūsų kitą atsakymą. Svarbu: Don't mouseclick ComboFix lango kol jis veikia. Tai gali sukelti ją gardas. Atminkite, kad vėl įjungti antivirusinės ir apsaugos nuo šnipinėjimo programų, kai ComboFix baigtas.
__________________ |
|
#9
Rugsėjis 28, 2008, 08:56
| |||
| |||
| Iexplore.exe klausimas ComboFix 08-09-27.05 - administratorius 2008-09-28 11:44:34.1 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00] Veikia nuo: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe * Sukurtas naujas atkūrimo taškas ĮSPĖJIMAS-ši mašina neturi atkūrimo konsolę Installed!! . ((((((((((((((((((((((((((((((((((((((( Kiti deletions ))))))))) )))))))))))))))))))))))))))))))))))))))) . C: \ Documents and Settings \ NetworkService \ Cookies \ system @ trafficmp [1]. Txt C: \ WINDOWS \ system32 \ drivers \ fad.sys . ((((((((((((((((((((((((( Failus, sukurtus nuo 2008/08/28 iki 2008/09/28 ))))))))))) )))))))))))))))))))) . 2008-09-28 01:46. 2008-09-28 01:46 0 - ------ C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a 2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT 2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix 2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Program Files \ Trend Micro 2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM 2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes 2008-09-27 19:38. 2008-09-10 00:04 38.528 - ------ C: \ WINDOWS \ system32 \ drivers \ mbamswissarmy.sys 2008-09-27 19:38. 2008-09-10 00:03 17.200 - ------ C: \ WINDOWS \ system32 \ drivers \ mbam.sys 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ SUPERAntiSpyware.com 2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Program Files \ CCleaner 2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Program Files \ PrevxCSI 2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI 2008-09-27 12:35. 2008-09-27 12:35 17.408 - ------ C: \ WINDOWS \ system32 \ drivers \ pxark.sys 2008-09-27 00:48. 2008-09-27 00:47 102.664 - ------ C: \ WINDOWS \ system32 \ drivers \ tmcomm.sys 2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \. Housecall6.6 2008-09-26 23:23. 2008-09-26 23:22 30.272 - ------ C: \ WINDOWS \ system32 \0vx55IOc.exe 2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ WINDOWS \ system32 \ CatRoot_bak 2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Program Files \ Windows Defender " 2008-09-12 13:32. 2004-03-29 16:23 90.112 - ------ C: \ WINDOWS \ unvise32.exe 2008-09-11 12:41. 2008-09-28 11:36 54.156 - Ah ----- C: \ WINDOWS \ QTFont.qfn 2008-09-11 12:41. 2008-09-11 12:41 1.409 - ------ C: \ WINDOWS \ QTFont.for 2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2 2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Program Files \ Atari 2008-09-03 23:06. 2008-06-10 02:32 73.728 - ------ C: \ WINDOWS \ system32 \ javacpl.cpl 2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Eyeblaster 2008-08-28 23:11. 2004-08-04 00:56 159.232 - ------ C: \ WINDOWS \ system32 \ Ptpusd.dll 2008-08-28 23:11. 2001-08-17 22:36 5.632 - ------ C: \ WINDOWS \ system32 \ ptpusb.dll . (((((((((((((((((((((((((((((((((((((((( Find3M Pranešimas )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-09-28 15:35 31.232 ---- AW C: \ WINDOWS \ system32 \ rpcnet.dll 2008-09-28 15:35 17.408 ---- AW C: \ WINDOWS \ system32 \ Rpcnetp.exe 2008-09-28 03:10 17.408 ---- AW C: \ WINDOWS \ system32 \ rpcnetp.dll 2008-09-28 00:20 --------- d ----- w C: \ Program Files \ RealArcade 2008-09-25 21:30 --------- d ----- w C: \ Program Files \ FTP Commander 2008-09-21 04:33 --------- d ----- w C: \ Program Files \ Common Files \ Adobe 2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ uTorrent 2008-09-05 18:19 98.304 ---- AW C: \ WINDOWS \ system32 \ CmdLineExt.dll 2008-09-04 17:39 --------- D - h - w C: \ Program Files \ InstallShield įrengimas Informacija 2008-09-04 03:06 --------- d ----- w C: \ Program Files \ Java 2008-08-30 00:32 --------- d ----- w C: \ Program Files \ dl_Cats 2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Move Networks 2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Gamelab 2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames 2008-07-19 02:10 94.920 ---- AW C: \ WINDOWS \ system32 \ cdm.dll 2008-07-19 02:10 53.448 ---- AW C: \ WINDOWS \ system32 \ wuauclt.exe 2008-07-19 02:10 45.768 ---- AW C: \ WINDOWS \ system32 \ wups2.dll 2008-07-19 02:10 36.552 ---- AW C: \ WINDOWS \ system32 \ wups.dll 2008-07-19 02:09 563.912 ---- AW C: \ WINDOWS \ system32 \ wuapi.dll 2008-07-19 02:09 325.832 ---- AW C: \ WINDOWS \ system32 \ wucltui.dll 2008-07-19 02:09 205.000 ---- AW C: \ WINDOWS \ system32 \ wuweb.dll 2008-07-19 02:09 1.811.656 ---- AW C: \ WINDOWS \ system32 \ wuaueng.dll 2008-07-19 02:07 270.880 ---- AW C: \ WINDOWS \ system32 \ mucltui.dll 2008-07-19 02:07 210.976 ---- AW C: \ WINDOWS \ system32 \ muweb.dll 2008-07-07 20:32 253.952 ---- AW C: \ WINDOWS \ system32 \ es.dll 2007-10-02 01:01 60.968 ---- AW C: \ Documents and Settings \ Administrator \ GoToAssistDownloadHelper.ex e 2007-01-13 12:49 774.144 ---- AW C: \ Program Files \ RngInterstitial.dll 2007-08-10 19:03 6.275.816 ---- AW C: \ Program Files \ Mozilla Firefox \ Plugins \ ScorchPDFWrapper.dll . ((((((((((((((((((((((((((((((((((((( Reg Kraunasi Taškai )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Pastaba: * tuščių įrašų ir teisėtu default įrašai nerodoma REGEDIT4 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-04 15360] "AOL Fast Start" = "C: \ Program Files \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "NvCplDaemon" = "C: \ WINDOWS \ system32 \ NvCpl.dll" [2007-04-28 8429568] "Dell" Sodinukai "=" C: \ Program Files \ dell \ Sodinukai \ quickset.exe "[2007-07-20 1228800] "HPDJ Taskbar Utility" = "C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-01-10 385024] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-01-15 267048] "DLCXCATS" = "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784] "NvMediaCenter" = "NvMCTray.dll" [2007/04/28 C: \ WINDOWS \ system32 \ nvmctray.dll] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce] "RunNarrator" = "Narrator.exe" [2004/08/04 C: \ WINDOWS \ system32 \ narrator.exe] C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \ Švarus Prieiga Agent.lnk - C: \ Program Files \ "Cisco Systems \ Švarus Prieiga Agent \ CCAAgent.exe [2007-06-28 2056266] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Policies \ Explorer] "NoSMBalloonTip" = 1 (0x1) "NoAutoTrayNotify" = 1 (0x1) [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ dab rentversion \ Policies \ Explorer] "NoActiveDesktopChanges" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks] (5AE067D3-9AFB-48E0-853A-EBB7F4A000DA) "=" C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL "[2008-05-13 77824] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon] 2008-07-23 16:28 352256 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKLM \ ~ \ startupfolder \ C: Documents and Settings ^ ^ Administratorius ^ Start Menu Programs ^ ^ ^ Startup Adobe Gamma.lnk] PATH = C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \ Adobe Gamma.lnk Backup = C: \ WINDOWS \ PSS \ Adobe Gamma.lnkStartup [HKLM \ ~ \ startupfolder \ C: Documents and Settings ^ ^ ^ All Users Start Menu Programs ^ ^ ^ Startup "Adobe Reader Speed Launch.lnk] PATH = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ "Adobe Reader Speed Launch.lnk Backup = C: \ WINDOWS \ PSS \ "Adobe Reader Speed Launch.lnkCommon Paleidimas [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ AOLDialer] -RA ------ 2006-10-23 08:50 71216 C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Apoint] - ------ 2003-08-20 20:24 151552 C: \ Program Files \ Apoint \ Apoint.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ Ctfmon.exe] - ------ 2004-08-04 00:56 15360 C: \ WINDOWS \ system32 \ Ctfmon.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ HostManager] - ------ 2006-09-25 20:52 50736 C: \ Program Files \ Common Files \ AOL \ 1155864818 \ EE \ aolsoftware.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxhkcmd] - ------ 2006-07-14 18:04 77824 C: \ WINDOWS \ system32 \ hkcmd.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxpers] - ------ 2006-07-14 18:08 118784 C: \ WINDOWS \ system32 \ igfxpers.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igfxtray] - ------ 2006-07-14 18:07 94208 C: \ WINDOWS \ system32 \ igfxtray.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelWireless] - ------ 2006-08-02 01:32 696320 C: \ Program Files \ Intel \ Wireless \ Bin \ iFrmewrk.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ IntelZeroConfig] - ------ 2006-08-02 01:38 802816 C: \ Program Files \ Intel \ Wireless \ Bin \ ZCfgSvc.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ iTunesHelper] - ------ 2008-01-15 04:22 267048 C: \ Program Files \ iTunes \ iTunesHelper.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ MSMSGS] - Ah ----- 2004-10-13 12:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvCplDaemon] - ------ 2007-04-28 19:05 8429568 C: \ WINDOWS \ system32 \ nvcpl.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NvMediaCenter] - ------ 2007-04-28 19:05 81920 C: \ WINDOWS \ system32 \ nvmctray.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] - ------ 2008-01-10 16:27 385024 C: \ Program Files \ QuickTime \ QTTask.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ RealTray] - ------ 2006-08-17 21:34 26112 C: \ Program Files \ Real \ "RealPlayer \ realplay.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SunJavaUpdateSched] - ------ 2006-12-15 04:23 75520 C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ jusched.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ WMPNSCFG] --------- 2006-10-18 20:05 204288 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ NVHotkey] - ------ 2007-04-28 19:05 67584 C: \ WINDOWS \ system32 \ nvhotkey.dll [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ nwiz] - ------ 2007-04-28 19:05 1626112 C: \ WINDOWS \ system32 \ nwiz.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SigmatelSysTrayApp] - A - C --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List] "% windir% \ \ System32 \ \ sessmgr.exe" = "C: \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ krautuvas \ \ aolload.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ Program Files \ \" America Online 9.0 \ \ waol.exe "= "C: \ Program Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ Sistemos informacija \ \ sinf.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ AOLSP Scheduler.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ AOL apsauga nuo šnipinėjimo programų \ \ asp.exe" = "C: \ Program Files \ Common Files \ \ AolCoach \ \ en_en \ \ Player \ \ AOLNySEV.exe" = "C: \ Program Files \ FTP Commander \ \ ftpcomm.exe" = "C: \ Program Files \ Real \ \" RealPlayer \ \ realplay.exe "= "C: \ \ StubInstaller.exe" = "C: \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ Program Files \ BitTorrent \ \ btdownloadgui.exe" = "C: \ Program Files \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ Program Files \ Mozilla Firefox \ \ firefox.exe" = "C: \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ Program Files \ uTorrent \ \ uTorrent.exe" = "C: \ Program Files \ iTunes \ \ iTunes.exe" = "% windir% \ \ network diagnostic \ \ xpnetdiag.exe" = "C: \ \ WINDOWS \ \ System32 \ \ dlcxcoms.exe" = [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List] "50.001 TCP" = 50.001: TCP: webroots "50.002 TCP" = 50.002: TCP: webroots2 "3.389 TCP" = 3389: TCP: @ Xpsp2res.dll, -22.009 [HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings] "AllowInboundEchoRequest" = 1 (0x1) R0 a320raid; a320raid, C: \ WINDOWS \ system32 \ drivers \ A320 raid.sys [2006-04-04 251578] R0 pxark; pxark, C: \ WINDOWS \ system32 \ drivers \ pxark.sys [2008-09-27 17408] R1 SAVOnAccess kontrolės; SAVOnAccess kontrolė, C: \ WINDOWS \ system32 \ drivers \ savonaccesscon trol.sys [2006-04-14 80128] R1 SAVOnAccess filtras; SAVOnAccess filtras; C: \ WINDOWS \ system32 \ drivers \ savonaccessfilt er.sys [2006-04-14 24064] R2 CSIScanner; CSIScanner, C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040] R2 dlcx_device; dlcx_device, C: \ WINDOWS \ system32 \ dlcxco ms.exe [2006-11-03 537480] R2 Požiūris Manager paslaugos; Požiūris Vadybininkas Paslaugos, C: \ Program Files \ Požiūris \ Common \ ViewpointService.exe [2007-01-04 24652] S2 ousbehci; NEC PCI Enhanced USB Host Controller, C: \ WINDOWS \ system32 \ drivers \ ousbehci.sy S [2003-08-01 41600] S3 GTIPCI21; GTIPCI21, C: \ WINDOWS \ system32 \ drivers \ gtip ci21.sys [2004-05-03 80384] S3 NWADI; NWADI Autobusų spisowy, C: \ WINDOWS \ system32 \ drivers \ NWADIenum.s YS [2005-12-09 67840] S3 ousb2hub; OrangeWare Root Hub USB 2.0 palaikymo, C: \ WINDOWS \ system32 \ drivers \ ousb2hub.sys [2003-08-01 55552] S3 whfltr2k; WheelMouse USB-Žemutinė filtro tvarkyklė, C: \ WINDOWS \ system32 \ drivers \ whfltr2k.sys [2007-01-25 6784] S3 whmice2k; Išplėstinė Wheel Mouse Viršutinis filtro tvarkyklė, C: \ WINDOWS \ system32 \ drivers \ whmice2k.sys [2004-04-25 6885] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ D] \ Shell \ Autorun \ command - D: \ autorun.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (64d8acf2-11db-5f84-b756-00038a000015)] \ Shell \ Autorun \ command - E: \ Installer.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)] \ Shell \ Autorun \ command - E: \ wd_windows_tools \ setup.exe [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)] \ Shell \ Autorun \ command - D: \ Programs \ nu2menu \ nu2menu.exe * Naujai sukurta tarnyba * - PROCEXP90 . Turinys "Scheduled Tasks" katalogą . - - - - Orphans nuimti - - - -- MSConfigStartUp-! AVG Anti-Spyware - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe MSConfigStartUp-DVDLauncher - C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe MSConfigStartUp-SpySweeperEnterprise - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ \ spysweeperui.exe MSConfigStartUp-SpysweeperUI - C: \ Program Files \ Webroot \ Įmonių \ Spy Sweeper \ spysweeperui.exe MSConfigStartUp-UpdateManager - C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe . ------- Papildomos Scan ------- . Firefox -: Profilis - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ Firefox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/ FF -: plugin - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ext ensions \ npmozax@real.com \ Plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ browser \ nppdf32.dll FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ npagent.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ npmozax.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ npmusicn.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ npracplug.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ nptgeqplugin.dll FF -: plugin - C: \ Program Files \ Mozilla Firefox \ Plugins \ npunagi2.dll FF -: plugin - C: \ Program Files \ Real \ RealArcade \ Plugins \ Mozilla \ npracplug.dl L FF -: plugin - C: \ Program Files \ Požiūris \ Požiūris Patirtis technologijų \ npViewpoint.dll . ************************************************** ************************ catchme 0.3.1361 W2K/XP/Vista - rootkit / Stealth kenkėjiškų detektorius pagal Gmer, http://www.gmer.net Rootkit scan 2008-09-28 11:48:43 Windows 5.1.2600 Service Pack 2 NTFS skenavimo paslėptus procesus ... skenavimo paslėptas autostart entries ... HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ DLCXtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? skenavimo paslėptus failus ... skenavimas baigtas sėkmingai paslėptus failus: 0 ************************************************** ************************ . --------------------- DLL Loaded Pagal aktyvūs procesai --------------------- Procesą: C: \ WINDOWS \ system32 \ winlogon.exe -> C: \ WINDOWS \ system32 \ Ati2evxx.dll . Atlikimo laikas: 2008-09-28 11:50:56 ComboFix-karantine-files.txt 2008-09-28 15:50:52 Pre-Rida: 25918537728 bytes nemokamai Post-Rida: 25986658304 bytes nemokamai 255 --- EOF --- 2008-09-26 12:22:29 |
|
#10
Rugsėjis 28, 2008, 10:25
| |||
| |||
| Iexplore.exe klausimas Pastaba Toliau instrukcijos buvo sukurtas specialiai šiam vartotojui. Jei nėra šio vartotojo NĖRA laikytis šių nurodymų, nes jie gali sugadinti jūsų sistemos veikimą Ištrinti šiuos failus / aplankus, taip: 1. Pereiti į Pradžia > Bėgti > Pagal tipą Notepad.exe ir paspauskite Gerai atidarykite "Notepad". Tai privalėti būti Notepad, WordPad nėra. 2. Kopijuoti tekstą žemiau kodą langelyje, pabrėžiant visą tekstą ir paspausdami Ctrl + C Kodas Killall:: File: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ system32 \ 0vx55IOc.exe katalogą: C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart 4. Tada spustelėkite Failas > Saugoti 5. Bylos pavadinimas CFScript.txt - Išsaugokite šį failą savo darbalaukyje 6. Vilkite CFScript (paspauskite ir laikykite kairįjį pelės klavišą, vilkite failą) ir palikite jį (spaudai kairįjį pelės mygtuką) į ComboFix.exe kaip matote ekrano apačioje. Svarbu: Atlikti šį nurodymą atidžiai!  ComboFix bus pradėti vykdyti, tiesiog vykdykite ekrane pateikiamas instrukcijas. Po perkrovimo (jei ji prašo paleisti), tai duos žurnalas Jums. Rašyti, kad žurnalas (Combofix.txt) į jūsų kitą atsakymą. Pastaba Don't mouseclick ComboFix lango kol jis veikia. Tai gali sukelti jūsų sistema įšaldyti
__________________ |
|
| |
| Bookmarks |
Panašios Temos | ||||
| Siūlas | Thread Starter | Forumas | Atsakymai | Last Post |
| Iexplore.exe | electra369 | Virus, Spyware & Security | 1 | 12 sausis 2009 00:16 |
| Winzix Adware iexplore.exe klausimą. Please help! | winzix idiotas | Virus, Spyware & Security | 35 | 18 gruodis 2008 16:47 |
| Iexplore.exe # 3 | jman8700 | Virus, Spyware & Security | 8 | Gegužė 29, 2008 10:39 |
| Kitas Iexplore>. < | jausmas | Virus, Spyware & Security | 20 | 18 sausis 2008 08:15 |
| Iexplore.exe | rsteenoven | Virus, Spyware & Security | 19 | 16 sausis 2008 14:02 |
| Temos įrankiai | |
| |
