Iexplore.exe problemă

caroleella · #1 27 septembrie 2008, 18:16

iexplore.exe menţine popping sus pe managerul meu Task, în ciuda faptului că eu nu folosesc IE. It's a face meu calculator lent, acolo 'pop ups, uneori nu exista nici o pop sus, doar o voce spunând "Felicitări, aţi câştigat ____" (aşa ciudati), sau sună ca o fereastră de eroare care apare sau făcând clic pe ceva când sunt nu face nimic şi nimic nu apare pe ecran (de fapt, aceasta este a face calculatorul meu sunet bântuit! Haha, oricum)

Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 9:12:42, pe 9.27.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Intel \ Wireless \ bin \ EvtEng.exe
C: \ Program Files \ Intel \ Wireless \ bin \ S24EvMon.exe
C: \ Program Files \ Intel \ Wireless \ bin \ WLKeeper.exe
C: \ Windows \ system32 \ LEXBCES.EXE
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Windows \ system32 \ LEXPPS.EXE
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe
C: \ Windows \ system32 \ nvsvc32.exe
C: \ Program Files \ Intel \ Wireless \ bin \ RegSrvc.exe
C: \ Windows \ system32 \ rpcnet.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ spysweeper.exe
C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ commagent.exe
C: \ WINDOWS \ Explorer.exe
C: \ Windows \ system32 \ wscntfy.exe
C: \ Program Files \ Dell \ QuickSet \ quickset.exe
C: \ Windows \ system32 \ RunDLL32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ punct de vedere \ punct de vedere Manager \ ViewMgr.exe
C: \ Windows \ system32 \ wuauclt.exe
C: \ WINDOWS \ system32 \ SJv56bM4.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
C: \ Program Files \ Common Files \ AOL \ 1155864818 \ ee \ aolsoftware.exe
C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AcroRd32.exe
C: \ Program Files \ America Online 9.0 \ shellmon.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Clasa soluţie - (99C6D1BB-7555-474C-91DA-D8FB62A9CC75) - C: \ WINDOWS \ system32 \ 58VayB0u.dll
O2 - BHO: Puncte de vedere Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Puncte de vedere \ Puncte de vedere Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: Puncte de vedere Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Puncte de vedere \ Bara de instrumente Compresia \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Program Files \ Dell \ QuickSet \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.EXE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ Spool \ DRIVERS \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. Implicit al utilizatorului de pornire: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User '? ")
O4 - Startup: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel prezent
O8 - Extra context menu item: & AOL Toolbar căutare - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Aboneaza-te în mod implicit RSS reader - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra buton: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ Windows \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ Windows \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ S24EvMon.exe
O23 - Service: punct de vedere Manager Service - punct de vedere Corporation - C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Spy Dulciuri Motor (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ WLKeeper.exe

--
Sfârşit de fişier - 10609 bytes

**evilfantasy** · #2 27 septembrie 2008, 19:15

Bine ati venit la CJ.

Vă rugăm să imprima aceste instrucţiuni deoarece acestea vor fi necesare mai târziu, când de acces la Internet nu este disponibilă.

Descărca SDFix de AndyManchesta şi salvaţi-l pe desktop.

Când se utilizează acest instrument, trebuie să utilizaţi Administrator de cont al sau cu un cont Drepturi administrative

Faceţi dublu clic SDFix.exe şi se va extrage fişierele% systemdrive%
(aceasta este unitatea care conţine directorul Windows, de obicei, C: \ SDFix).
Dacă nu îl folosiţi doar încă.

Reporniţi computerul în Safe Mode utilizând F8 metodă. Pentru a face acest lucru, reporniţi computerul şi după ascultarea computer sonor de o dată în timpul pornirii (dar înainte de Windows apare pictograma) apăsaţi tasta F8 în mod repetat. Va apărea un meniu cu mai multe opţiuni. Utilizaţi tastele săgeată pentru a naviga şi selectaţi opţiunea de a rula Windows in "Safe Mode".

Deschideţi SDFix dosar şi dublu clic RunThis.bat pentru a porni script-ul.

Tip Y pentru a începe procesul de curăţare.
Se va elimina orice Trojan Servicii sau intrările de registry găsit apoi vă solicită să apăsaţi orice tastă pentru a reporni.
Apăsaţi orice tastă şi se va reporni PC-ul.
În cazul în care PC-ul reporneşte, de Fixtool va rula din nou şi a termina procesul de eliminare apoi de afişare Terminate, Apăsaţi orice tastă pentru a termina script sarcină şi spaţiul de lucru pictograme.
Odată ce desktop icoane incarca SDFix raport se va deschide pe ecran şi, de asemenea, cu excepţia în SDFix ca dosarul Report.txt.
Copiaţi şi inseraţi conţinutul de rezultatele fişier Report.txt în următoarea replică, împreună cu un nou HijackThis log.

caroleella · #3 27 septembrie 2008, 20:24

SDFix: Versiunea 1.229
Desfăşurată de Administrator pe Sam 09.27.2008 la 10:50

Microsoft Windows XP [Version 5.1.2600]
Rularea la: C: \ SDFix

Verificarea Servicii :

Restaurarea implicit de securitate Valori
Restaurarea Implicit fişierul Hosts

Repornirea

Verificarea Fişiere :

Nu Trojan fişierele găsite

Ştergerea Temp Files

ADS Check :

Verificare finală :

catchme 0.3.1361.2 W2K/XP/Vista - rootkit / stealth malware detector de Gmer, http://www.gmer.net
Rootkit scan 2008-09-27 23:14:36
Windows 5.1.2600 Service Pack 2 NTFS

scanare ascuns procese ...

scanare ascuns servicii & sistem de stup ...

scanare ascuns intrările registry ...

scanare fişiere ascunse ...

scanare sa finalizat cu succes
ascuns procesele: 0
ascuns servicii: 0
fişiere ascunse: 0

Rămas Servicii :

Autorizat de aplicaţii cheie Export:

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ standard de profil \ authorizedapplications \ lista]
"% WINDIR% \ \ system32 \ \ sessmgr.exe" = "% WINDIR% \ \ syste m32 \ \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" = "C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe: *: Enabled: RSS Bandit"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: ctmweb.exe"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe: *: Enabled : AOL Application Loader "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe: *: Enabled : AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe: *: Enabled : AOL "
"C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" = "C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe: *: Enabled: AOL"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe: *: Enabled: AOLTsMon "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" = "C: \ \ Prog ram Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe: *: Enabled: AOLTopSpeed "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost . exe: *: E nabled: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe: * : Enabled: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ AOLSP Scheduler.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ AOLSP Scheduler . exe: *: Enabled: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ asp.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ asp.exe : *: Enabled: AOL "
"C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" = "C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV . exe: *: Ena Bled: AOL "
"C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe" = "C: \ \ Program Files \ \ FTP Commander Pro \ \ cftp.exe: *: Enabled: cftp"
"C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" = "C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe: *: Enabled: ftpcomm"
"C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" = "C: \ \ Progra m Files \ \ Real \ \ RealPlayer \ \ realplay.exe: *: Enabled: Re alPlayer"
"C: \ \ StubInstaller.exe" = "C: \ \ StubInstaller.exe: *: E nabled: LimeWire swarmed de instalare"
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" = "C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe: *: Enabled: LimeWire"
"C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" = "C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe: *: Enabled: SmartFTP Client 2.0"
"C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" = "C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe: *: Enabled: ownloadgui BTD"
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware . exe: *: Enab condus: Servicii AOL "
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" = "C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe: *: Enabled: Firefox"
"C: \ \ Program Files \ \ Ia-Torrent \ \ Ia-Torrent.exe" = "C: \ \ Program Files \ \ Ia-Torrent \ \ Ia-Torrent.exe: *: Enabled: Torrent P2P cerere"
"C: \ \ Program Files \ \ Restaurant Imperiul \ \ Longhorn" = "C: \ \ Program Files \ \ Restaurant Imperiul \ \ Longhorn: *: Enabled: Re"
"C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" = "C: \ \ Program Files \ \ BitZip \ \ bitzip.exe: *: Enabled: BitZip"
"C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" = "C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe: *: Enabled: æTorrent"
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe: *: Enabled: iTunes"
"% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" = "% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"
"C: \ \ \ WINDOWS \ system32 \ \ dlcxcoms.exe" = "C: \ \ \ WINDOWS \ system32 \ \ dlcxcoms.exe: *: Enabled: Dell 926 Server"

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ servic es \ sharedaccess \ Parameters \ firewallpolicy \ domainpr ofile \ authorizedapplications \ lista]
"% WINDIR% \ \ system32 \ \ sessmgr.exe" = "% WINDIR% \ \ syste m32 \ \ sessmgr.exe: *: activată: @ xpsp2res.dll, -22019"
"E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe" = "E: \ \ CtmWeb27155-48482 \ \ ctmweb.exe: *: Enabled: Instalare ctmweb Computrace / Management Application"
"% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" = "% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe: *: Enabled: @ xpsp3res.dll, -20000"

Rămas Fişiere :

Fişiere cu Ascuns Atribute :

Marti 12 iulie 2005 54872 A.. H. --- "C: \ Program Files \ America Online 9.0 \ AOLphx.exe"
Marti 12 iulie 2005 31832 A.. H. --- "C: \ Program Files \ America Online 9.0 \ rbm.exe"
Miercuri 13 octombrie 2004 1694208 A.. H. --- "C: \ Program Files \ Messenger \ msmsgs.exe"
Miercuri 17 septembrie 2008 162 A.. H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ $ RL3917.tmp"
Vineri 23 noiembrie 2007 4840960 ... H. --- "C: \ Documents and Settings \ Administrator \ My Documents \ ~ WRL3917.tmp"
Dum 1 Apr 2007 247 A.. H. --- "C: \ Program Files \ InterActual \ Player InterActual \ itiC9F.tmp"
Dum 1 Jul 2007 0 A.Sh. --- "C: \ Documents and Settings \ All Users \ DRM \ cache \ Indiv01.tmp"
Luni 14 ianuarie 2008 3459 ... HR --- "C: \ Documents and Settings \ Administrator \ Application Data \ SecuROM \ UserData \ securom_v7_01.bak"
Sambata 27 septembrie 2008 A. 4750. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS00643642-9444-46D7-A0F8-98BCEC733FED.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS02319C6A-A321-4C8D-9995-820B7395AC0C.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS025EABA1-CC11-4560-8E12-630DDF3DA7B2.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS045F4367-E293-4856-99B6-A55965765747.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS068F3C9C-D92F-41E5-AF3C-3917DFD07FFB.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0ABE791D-AAB6-45AE-94C0-81FF065FB64C.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0B798094-B44A-427A-B9DC-654E158521EB.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0C1801B8-619C-45EF-A0A9-6FDF58378626.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0DC230DD-648D-4C7A-A46F-125E3BBCACF0.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS0FD1D4A0-7A3B-4426-BF06-CBE8A10161D9.tmp"
Sambata 27 septembrie 2008 12540 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS12E3E01D-D993-4077-84CD-270FC7998D10.tmp"
Sambata 27 septembrie 2008 A. 5616. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1558A464-A8A5-4699-8AD4-1FD636BA73F0.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS16C4CA8E-B45E-4C74-A16A-C6547AC6862A.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS171F971D-9918-4BF8-934E-9F971CE3A62E.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS18482343-5AA4-4A75-B35E-1DE367BE8DF8.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS1F408231-9AD4-4F3A-8F71-E4D1A885E2D9.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS22C553D7-9E17-42E7-9BAC-FD08E49F2DA7.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS29899F67-1A0A-49C1-BF8C-969C56BFE72D.tmp"
Sambata 27 septembrie 2008 40408 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2CE2DD8D-1B89-4236-8CEB-8AE2092F011D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS2DE8E664-10D0-B385-4BC0-C28929E5600F.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS35CD56A6-869F-4E8D-9744-F5243F94B4B1.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3A52BAF2-C6D8-48C5-A517-8F08AFB8035A.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EC9B69D-3F89-4FC5-B941-1463F3BD2234.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EADD09D-E99C-4EDA-87E8-14DD31C5A1CA.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3EDF6917-B0B7-4164-BAA8-7013E06D5FCA.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS3FF4AFC6-0025-4047-AEFB-7C34313D972F.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4031D191-1F75-49F0-8272-A12ACD39C269.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS416C7484-2AC6-4BFE-8364-B3DC9640EB90.tmp"
Sambata 27 septembrie 2008 27677 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS42B72C22-0C5B-4053-87A4-D8EB671C2029.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4C83367A-C322-4725-A861-182E13107846.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4DB48154-31C5-424F-B7EB-6337D7279415.tmp"
Sambata 27 septembrie 2008 A. 3393. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4EAE423C-33F9-4D19-AD00-4127948E7F39.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS4FE7BDE5-631A-4BEE-BA59-2A86CECDA9DA.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS50B44EC6-2F2E-4D16-AC0C-376383467A7C.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS56CA220B-41A4-4EBA-B217-FF3A496AA590.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5AF7C2DD-39F4-4B22-8F5A-11FC428681E1.tmp"
Sambata 27 septembrie 2008 101080 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5DCC2C2E-7275-4CC4-9192-B113F353FB5F.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS5D528DF5-B79E-4EE1-9D6C-1EC565BBBC62.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6011FD6D-D50D-43A0-AE81-A050DD789327.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS62CC7F66-91D7-40E6-9C86-9E1A90363BBD.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6548601C-9BB6-472c-AA53-447B881C2428.tmp"
Sambata 27 septembrie 2008 6247755 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6946DC39-11B6-4B93-A005-7F3C9D123F87.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS69A2BD78-4F53-4EBE-A0E3-D640854156D9.tmp"
Sambata 27 septembrie 2008 198358 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6927849A-B300-4980-AAEB-7DBA1C6E4164.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6945CE07-04BF-439F-987F-028637985DF0.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS6FE21A12-C11B-4E43-99E2-FA8F960870E1.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS700D83FE-2571-4AE3-89BC-6DD584F68699.tmp"
Sambata 27 septembrie 2008 3195852 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS713A2772-B7C7-4A87-BAEB-E92C67ED4580.tmp"
Sambata 27 septembrie 2008 143110 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS71EC4FAD-E45A-4E20-AE13-D864D8CA24A1.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS716E87B1-65B4-4487-B09B-19A89B9F5C97.tmp"
Sambata 27 septembrie 2008 1909332 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7366E027-AE32-4BC8-9360-699C2C95BEB0.tmp"
Sambata 27 septembrie 2008 270314 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS75371617-A509-4E33-9F16-118AA8AC2918.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS767A458F-F431-46EB-A2DA-88FB1A7E3E7D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7A70C6B2-5850-4473-9585-E0C43F090F27.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7B30F8F2-8A4F-42B9-B9F8-625709173611.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7C1354E8-D74C-4AC8-BE8F-7167A5076F4A.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7CBB22C6-4E66-4720-995F-1C2ADC632A9B.tmp"
Sambata 27 septembrie 2008 642 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7E1AA5E0-2F18-4CF4-B64E-8EB8F378DF31.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS7FEECAB9-C6A6-4302-9AA6-F69FA542ED3D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS840E4E3A-C733-4DC5-A8F3-B248CC83075B.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8716D8FB-A364-4288-8B00-55605E1EF6C0.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS89FE094B-45FA-4923-87F1-139238C4F97B.tmp"
Sambata 27 septembrie 2008 610 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8A4D2B50-2BB9-4DC6-9E5E-3CB11929C3D2.tmp"
Sambata 27 septembrie 2008 A. 4532. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8E7D97AA-E673-4952-AA06-A468A9C52A7C.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS8FB3E905-99BA-4D9E-9C2A-B17FB19F5132.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS92FF4DE9-51A7-4FEA-9F94-4984E35FDB14.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS94946861-C52C-4360-B5D7-0BAA075D88BB.tmp"
Sambata 27 septembrie 2008 674 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9766DA24-0126-49B8-821D-0BBD42716F70.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9CF76AA8-C8DD-426D-8974-7952EA0782D3.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9DE19017-8F84-45F0-8707-3157A64B6CEA.tmp"
Sambata 27 septembrie 2008 1190410 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCS9F48133A-1109-42EB-93AA-A3CB3CACBCBF.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSABDB0578-02AF-4BA8-A501-9A8992ED7BDB.tmp"
Sambata 27 septembrie 2008 A. 2736. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSAD28D6FF-3940-4F08-A657-2E61F69B5449.tmp"
Sambata 27 septembrie 2008 75790 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB18333D4-60E0-438D-B085-7DB36F72F77D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB74C069F-C392-4F81-8670-212FC280E95D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB76C1894-7B69-4834-97D3-B402FE20935A.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB73D6FFC-0E8C-41B9-84D3-8810EC6D9228.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSB9036DEB-8242-4521-A54E-139AF6A9A190.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBAE9F5F5-FA44-4E05-9A1D-A462CE8AF520.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCD6D72-A069-40FF-9AF2-916180E0A88E.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBBCBA3E5-E607-436E-B3EE-A1DEAC925872.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSBEC0CEEC-C42B-4B06-A604-EAAD26CE6255.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC5D01365-2009-400C-A9A3-5F990CF4A80D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSC9E0B767-5A0A-47B9-A439-227E2B94F887.tmp"
Sambata 27 septembrie 2008 134148 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD2617AFF-BC61-4BFE-B8E6-6CC988A0F275.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD21BE94F-9EE4-475B-B0A2-24C81FFF173F.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD4AA62E4-9D9E-4B7B-9CD0-686A2C05AEF7.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD729F3FB-EE09-459B-A678-BD9132629FDF.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD8157780-DB4C-464E-B192-D31296C412A8.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSD97D795A-5F39-4FDD-A7EF-691DEBB65005.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA1F438F-BCAF-4452-A79A-167408950654.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDA218F7C-D867-4690-96E2-789F80A7D3E0.tmp"
Sambata 27 septembrie 2008 20968 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDBBDCE8F-1CB9-456D-9A48-B332BFDD4DA3.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4DE87E-7FB7-4AAF-9341-074C383E5277.tmp"
Sambata 27 septembrie 2008 2168120 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC4805C4-09F4-44DF-953F-40714AC7B32D.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSDC54187B-23EE-4C63-A3C1-F95DD71DC749.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE542CE01-559A-4B52-B46E-3ABA034CB806.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE76031B3-69B7-40CD-98AA-1FBADCFD80F9.tmp"
Sambata 27 septembrie 2008 538 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE89A2A1E-7243-491E-8713-779584114914.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSE9F327DF-50B6-42E2-B361-B1279BCFE655.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEAF8FCDA-0414-40ED-8AC7-F6E8BA990710.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSEC43267D-076B-42D7-838C-4A46B1619D44.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSED7CFB5E-591C-4B3A-BB59-99AC6B355CE9.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF03658AA-EBC4-437C-8F4E-338B053BBCC5.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF1EE7C84-96F2-4922-8549-E4F727B9B3A5.tmp"
Sambata 27 septembrie 2008 0 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF5708FAD-F162-475A-BBD8-590D8EED1563.tmp"
Sambata 27 septembrie 2008 1609542 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF60C8606-1E32-4C46-9DD9-9591141A47D3.tmp"
Sambata 27 septembrie 2008 29084 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSF7DCFFB4-3037-49B4-8FAF-FB62C2892816.tmp"
Sambata 27 septembrie 2008 16965 A.. H. --- "C: \ Documents and Settings \ LocalService \ Application Data \ Webroot \ Spy Sweeper \ Temp \ SSCSFABFD6CE-CC5D-4B27-9BE0-5CE94D2BE9C9.tmp"

Finished!

Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 11:22:30, la 9.27.2008
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Windows Defender \ MsMpEng.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Intel \ Wireless \ bin \ EvtEng.exe
C: \ Program Files \ Intel \ Wireless \ bin \ S24EvMon.exe
C: \ Program Files \ Intel \ Wireless \ bin \ WLKeeper.exe
C: \ Windows \ system32 \ LEXBCES.EXE
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Windows \ system32 \ LEXPPS.EXE
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ system32 \ dlcxcoms.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe
C: \ Windows \ system32 \ nvsvc32.exe
C: \ Program Files \ Intel \ Wireless \ bin \ RegSrvc.exe
C: \ Windows \ system32 \ rpcnet.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ spysweeper.exe
C: \ WINDOWS \ Explorer.exe
C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ commagent.exe
C: \ Windows \ system32 \ wscntfy.exe
C: \ Program Files \ punct de vedere \ punct de vedere Manager \ ViewMgr.exe
C: \ Windows \ system32 \ notepad.exe
C: \ Program Files \ Dell \ QuickSet \ quickset.exe
C: \ Windows \ system32 \ RunDLL32.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Windows Defender \ MSASCui.exe
C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Program Files \ America Online 9.0 \ waol.exe
C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
C: \ Windows \ system32 \ wuauclt.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ America Online 9.0 \ shellmon.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.bridgew.edu/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.bridgew.edu/
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: Puncte de vedere Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Puncte de vedere \ Puncte de vedere Toolbar \ 3.8.0 \ ViewBarBHO.dll
O3 - Toolbar: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O3 - Toolbar: Puncte de vedere Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Puncte de vedere \ Bara de instrumente Compresia \ 3.8.0 \ IEViewBar.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [Dell QuickSet] C: \ Program Files \ Dell \ QuickSet \ quickset.exe
O4 - HKLM \ .. \ Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ hpztsb0 3.EXE
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [DLCXCATS] rundll32 C: \ WINDOWS \ System32 \ Spool \ DRIVERS \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide
O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [AOL Fast Start] "C: \ Program Files \ America Online 9.0 \ AOL.EXE"-b
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O4 -. Implicit al utilizatorului de pornire: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe (User '? ")
O4 - Startup: Clean Access Agent.lnk = C: \ Program Files \ Cisco Systems \ Clean Access Agent \ CCAAgent.exe
O6 - HKCU \ Software \ Policies \ Microsoft \ Internet Explorer \ Control Panel prezent
O8 - Extra context menu item: & AOL Toolbar căutare - res: / / C: \ Program Files \ AOL Toolbar \ toolbar.dll / SEARCH.HTML
O8 - Extra context menu item: E & xportaţi la Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Aboneaza-te în mod implicit RSS reader - C: \ Documents and Settings \ Administrator \ Application Data \ RssBandit \ iecontext_subscribefeed.htm
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra buton: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra 'Tools' MENUITEM: AOL Toolbar - (4982D40A-C53B-4615-B15B-B5B5E98D167C) - C: \ Program Files \ AOL Toolbar \ toolbar.dll
O9 - Extra button: Cercetare - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ milionimi ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ Windows \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: PokerStars.net - (FA9B9510-9FCB-4ca0-818C-5D0987B47C4D) - C: \ Program Files \ PokerStars.NET \ PokerStarsUpdate.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø15 - Trusted Zone: *. bridgew.edu
O16 - DPF: (01A88BB1-1174-41EC-ACCB-963509EAE56B) (SysProWmi Class) -- http://support.dell.com/systemprofiler/SysPro.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage Validation Tool) -- http://go.microsoft.com/fwlink/?link...67&clcid=0x409
O16 - DPF: (5e2a3510-4371-11d6-b64c-00c04faedb18) (Oracle JInitiator 1.1.8.18) -- http://frmserv.bridgew.edu/jinitiator/jinit.exe
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1121111428606
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://update.microsoft.com/microsof...?1121873156643
O16 - DPF: (BAE1D8DF-0B35-47E3-A1E7-EEB3FF2ECD19) (CPlayFirstddfotgControl Object) -- http://aolsvc.aol.com/onlinegames/fr...g.1.0.0.33.cab
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: AOL Connectivity Service (AOL ACS) - AOL LLC - C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
O23 - Service: AOL TopSpeed Monitor (AOL TopSpeedMonitor) - America Online, Inc - C: \ Program Files \ Common Files \ AOL \ TopSpeed \ 2.0 \ aoltsmon.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C: \ Windows \ system32 \ Ati2evxx.exe
O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe
O23 - Service: dlcx_device - - C: \ WINDOWS \ system32 \ dlcxcoms.exe
O23 - Service: Intel (R) PROSet / Wireless Event Log (EvtEng) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc - C: \ Windows \ system32 \ LEXBCES.EXE
O23 - Service: NICCONFIGSVC - Dell Inc - C: \ Program Files \ Dell \ QuickSet \ NICCONFIGSVC.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ Windows \ system32 \ nvsvc32.exe
O23 - Service: Intel (R) PROSet / Wireless Registry Service (RegSrvc) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ RegSrvc.exe
O23 - Service: Remote Procedure Call (RPC) net (Rpcnet) - Unknown owner - C: \ WINDOWS \ system32 \ rpcnet.exe
O23 - Service: Intel (R) PROSet / Wireless Service (S24EventMonitor) - Intel Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ S24EvMon.exe
O23 - Service: punct de vedere Manager Service - punct de vedere Corporation - C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe
O23 - Service: Webroot CommAgent Service (WebrootCommAgentService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ commagent.exe
O23 - Service: Webroot Spy Dulciuri Motor (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ spysweeper.exe
O23 - Service: Intel (R) PROSet / Wireless SSO Service (WLANKEEPER) - Intel (R) Corporation - C: \ Program Files \ Intel \ Wireless \ bin \ WLKeeper.exe

--
Sfârşit de fişier - 10298 bytes

**evilfantasy** · #4 27 septembrie 2008, 20:37

Dezactivaţi SpySweeper

Puteţi să o reactivaţi după esti curat.

Pentru a dezactiva SpySweeper:

Deschide Spysweeper faceţi clic pe> Opţiuni peste la stânga apoi> Programul Opţiuni > Debifaţi "sarcina la pornirea Windows"

Mai mult de la stânga faceţi clic pe "scuturi" şi Debifaţi toţi acolo.

Debifaţi "Pagina de scut"

Debifaţi "restabili automat, implicit, fără notificare"

După toate remedierile sunt complete, este foarte important pe care îl permite în timp real de protecţie din nou.

----------

Dezactivare Windows Defender

Avem nevoie de dumneavoastră pentru a dezactiva Windows Defender în timp real de protecţie, deoarece poate interfera cu remedierile de care avem nevoie pentru a face.

Deschide Windows Defender
Faceţi clic pe Instrumente, Setări generale
Derulaţi în jos şi debifaţi Porniţi în timp real de protecţie (recomandat)
După ce debifaţi aceasta, faceţi clic pe Economisi buton şi a închide Windows Defender.

După toate remedierile sunt complete, este foarte important pe care îl permite în timp real de protecţie din nou.

----------

Avem nevoie pentru a elimina ErrorSmart. Aceasta este considerată un program Rouge, pentru că este puţin fiabile şi, adesea, ori instalat fără acordul utilizatorilor.

Du-te la Adăugare sau eliminare programe şi dezinstalarea ErrorSmart (dacă este acolo)

----------

Deschide HijackThis şi selectaţi Fă-un sistem de scanare numai.

Se pune un semn de selectare lângă următoarele menţiuni: (dacă există)

O4 - HKLM \ .. \ Run: [ErrorSmart] C: \ Program Files \ ErrorSmart \ ErrorSmart.exe

Important: Închideţi toate ferestrele cu excepţia HijackThis apoi faceţi clic pe Fix verificate.

Exit HijackThis.

----------

Notă: instrucţiunile de mai jos au fost create special pentru acest utilizator. Dacă nu sunteţi acest utilizator, NU urmaţi aceste direcţii în care acestea ar putea deteriora funcţionarea sistemului dvs.

Du-te la Start> Run şi de tip notepad.exe apoi faceţi clic pe OK

Copiaţi şi inseraţi mai jos în Notepad şi salvaţi ca fixme.reg pentru dvs. Spaţiul de lucru

Cod:

REGEDIT4 [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] "ErrorSmart" =-

Localizaţi fixme.reg de pe desktop şi faceţi dublu-clic pe ea. Răspuns Da atunci când vi se cere să fuzioneze cu registri.

Asiguraţi-vă că-mi spuneţi dacă primiţi un mesaj de succes despre adăugarea de mai sus
la registru. Dacă nu primiţi un mesaj de succes, acesta nu a mers.

Ştergeţi fixme.reg de la Desktop.

----------

Descărca CCleaner Slim şi salvaţi-l pe Desktop.
Când dosarul a fost salvat, du-te la desktop şi faceţi dublu-clic pe ccsetupxxx_slim.exe
Urmaţi solicitările pentru a instala programul.
Finalizarea procesului de instalare, atunci:

Faceţi dublu-clic pe CCleaner comandă rapidă pe desktop pentru a începe programul.
Click pe Opţiuni bloc de pe partea stângă, apoi alegeţi Cookies.
- Sub Cookie-uri pentru a Ştergere, Evidenţiaţi orice cookie-urile pe care doriţi să-şi menţină permanent
- Faceţi clic pe săgeată dreapta > pentru a le muta la Cookie-uri pentru a se ţine fereastra.
Du-te în Opţiuni > Advanced unverifica Numai ştergeţi fişiere în Windows Temp dosare mai vechi de 48 de ore
Faceţi clic pe Cleaner pe partea stângă, apoi Run Cleaner cu privire la dreptul de a rula programul.
Important: Asiguraţi-vă că TOATE browser-ul Windows sunt închise înainte de selectarea Run Cleaner
Atentie: Nu este recomandat să utilizaţi în continuare "Registrul" facilitate, cu excepţia cazului în care nu sunteţi foarte familiarizat cu registry.
Exit CCleaner după ce a finalizat procesul.

Reporniţi computerul şi rulaţi mbam apoi post jurnalul.

----------

Descărca Malwarebytes' Anti-Malware (MBAM)

Faceţi dublu-clic pe mbam-setup.exe şi urmăriţi solicitările pentru a instala programul.
La sfârşitul, asiguraţi-vă că un checkmark este plasat lângă următoarele:
- Update Malwarebytes' Anti-Malware
- Lansarea Malwarebytes' Anti-Malware
Apoi, faceţi clic pe Terminare.
Dacă o actualizare este găsit, va descărca şi instala ultima versiune.
După ce programul a încărcat, selectaţi Efectuaţi rapid de scanare, Apoi faceţi clic pe Scanare.
Când scanarea este completă, faceţi clic pe OK, Apoi Afişare rezultate pentru a vedea rezultatele.
Asiguraţi-vă că totul este verificată, şi faceţi clic pe Eliminaţi selectate.
Când este completat de dezinfecţie, un jurnal se va deschide în Notepad şi aţi putea să vi se ceară să Repornire. (A se vedea Nota Extra)
De jurnal este salvat automat de MBAM şi pot fi vizualizate, făcând clic pe tab-ul Rapoarte în MBAM.
Copiaţi şi inseraţi întregul raport în următoarea replică.

Extra Notă: Dacă MBAM întâlneşte un fişier care este dificil de a elimina, va fi prezentat cu 1 din 2 solicită, faceţi clic pe OK să fie şi să MBAM continua cu procesul de dezinfecţie, dacă este solicitat pentru a reporni computerul, vă rugăm să faceţi acest lucru imediat.

caroleella · #5 27 septembrie 2008, 21:50

Eu am primit un mesaj de succes de la Registru.

Malwarebytes' Anti-Malware 1.28
Baza de date versiune: 1216
Windows 5.1.2600 Service Pack 2

9.28.2008 12:45:51
mbam-log-2008-09-28 (00-45-51). txt

Scan type: Quick Scan
Obiecte scanate: 59369
Timpul scurs: 10 minute (s), 46 secunde (s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Chei de Registry Infected: 0
Registry Values Infected: 0
Registrul de date Elemente Infected: 0
Folders Infected: 0
Files Infected: 1

Memory Processes Infected:
(Nici un rău elemente detectat)

Memory Modules Infected:
(Nici un rău elemente detectat)

Chei de Registry Infected:
(Nici un rău elemente detectat)

Registry Values Infected:
(Nici un rău elemente detectat)

Registrul de date Elemente Infected:
(Nici un rău elemente detectat)

Folders Infected:
(Nici un rău elemente detectat)

Files Infected:
C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a (Trojan.Agent) -> Quarantined and deleted successfully.

**evilfantasy** · #6 27 septembrie 2008, 21:55

Orice schimbare?

caroleella · #7 27 septembrie 2008, 22:49

Nu, încă nu există

**evilfantasy** · #8 27 septembrie 2008, 22:56

Nu vă faceţi griji, vom găsi.

Descarca ComboFix de sUBs de la unul din link-urile de mai jos. Asiguraţi-vă că aţi început să-l salvaţi în Spaţiul de lucru.

Link # 1
Link # 2

** Notă: Este important că este salvat direct pe Desktop

Închideţi orice deschide browsere. (Firefox, Internet Explorer, etc), înainte de a începe ComboFix.

Temporar dezactiva al tău antivirus, Precum şi orice antispyware de protecţie în timp real înainte care efectuează o scanare. Faceţi clic pe acest link pentru a vedea o listă de programe de securitate care ar trebui să fie cu handicap şi modul de dezactivare a lor.

Faceţi dublu clic combofix.exe & urmăriţi solicitările.
Când aţi terminat ComboFix va produce un jurnal pentru tine.
Post de ComboFix jurnal în următoarea replică.

Important: Nu mouseclick ComboFix de fereastră în timp ce se execută. Care pot determina să-l băga în grajd.

Amintiţi-vă să vă reactiva de protecţie antivirus şi antispyware, atunci când ComboFix este completă.

caroleella · #9 28 septembrie 2008, 08:56

ComboFix 08-09-27.05 - Administrator 2008-09-28 11:44:34.1 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.615 [GMT -4:00]
Rularea de la: C: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe
* Creat un nou punct de restabilire

AVERTISMENT-această maşină nu are instalat Consola de recuperare!!
.

Alte ((((((((((((((((((((((((((((((((((((((( ştergerile ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ Documents and Settings \ NetworkService \ Cookies \ SYSTEM @ trafficmp [1]. Txt
C: \ Windows \ system32 \ drivers \ fad.sys

.
((((((((((((((((((((((((( Fişierele create de 2008-08-28 la 2008-09-28 ))))))))))) ))))))))))))))))))))
.

2008-09-28 01:46. 2008-09-28 01:46 0 - o ------ C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a
2008-09-27 22:45. 2008-09-27 22:45 <DIR> d -------- C: \ WINDOWS \ ERUNT
2008-09-27 22:20. 2008-09-27 23:19 <DIR> d -------- C: \ SDFix
2008-09-27 21:03. 2008-09-27 21:03 <DIR> d -------- C: \ Program Files \ Trend Micro
2008-09-27 20:48. 2008-09-27 20:48 <DIR> d -------- C: \ Documents and Settings \ NetworkService \ Application Data \ AdobeUM
2008-09-27 20:36. 2008-09-27 20:40 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Program Files \ Malwarebytes' Anti-Malware
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-27 19:38 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008-09-27 19:38. 2008-09-10 00:04 38,528 - a ------ C: \ Windows \ system32 \ drivers \ mbamswissarmy.sys
2008-09-27 19:38. 2008-09-10 00:03 17,200 - a ------ C: \ Windows \ system32 \ drivers \ mbam.sys
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:20. 2008-09-27 15:20 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ SUPERAntiSpyware.com
2008-09-27 15:13. 2008-09-27 15:13 <DIR> d -------- C: \ Program Files \ CCleaner
2008-09-27 12:35. 2008-09-27 12:35 <DIR> d -------- C: \ Program Files \ PrevxCSI
2008-09-27 12:35. 2008-09-28 11:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI
2008-09-27 12:35. 2008-09-27 12:35 17,408 - a ------ C: \ Windows \ system32 \ drivers \ pxark.sys
2008-09-27 00:48. 2008-09-27 00:47 102,664 - a ------ C: \ Windows \ system32 \ drivers \ tmcomm.sys
2008-09-27 00:47. 2008-09-27 00:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \. Housecall6.6
2008-09-26 23:23. 2008-09-26 23:22 30.272 - a ------ C: \ WINDOWS \ system32 \0vx55IOc.exe
2008-09-23 19:04. 2008-09-23 22:56 <DIR> d -------- C: \ Windows \ system32 \ CatRoot_bak
2008-09-21 00:19. 2008-09-21 00:19 <DIR> d -------- C: \ Program Files \ Windows Defender
2008-09-12 13:32. 2004-03-29 16:23 90,112 - a ------ C: \ WINDOWS \ unvise32.exe
2008-09-11 12:41. 2008-09-28 11:36 54.156 - Ah ----- C: \ WINDOWS \ QTFont.qfn
2008-09-11 12:41. 2008-09-11 12:41 1.409 - o ------ C: \ WINDOWS \ QTFont.for
2008-09-09 15:33. 2008-09-09 15:56 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ FarmFrenzy2
2008-09-04 13:39. 2008-09-04 13:39 <DIR> d -------- C: \ Program Files \ Atari
2008-09-03 23:06. 2008-06-10 02:32 73,728 - a ------ C: \ Windows \ system32 \ javacpl.cpl
2008-09-01 20:34. 2008-09-01 20:34 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Eyeblaster
2008-08-28 23:11. 2004-08-04 00:56 159,232 - a ------ C: \ Windows \ system32 \ ptpusd.dll
2008-08-28 23:11. 2001-08-17 22:36 5.632 - a ------ C: \ Windows \ system32 \ ptpusb.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Raport )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-28 15:35 31.232 ---- aw C: \ WINDOWS \ system32 \ rpcnet.dll
2008-09-28 15:35 17.408 ---- aw C: \ WINDOWS \ system32 \ Rpcnetp.exe
2008-09-28 03:10 17.408 ---- Aw C: \ Windows \ system32 \ rpcnetp.dll
2008-09-28 00:20 --------- d ----- w C: \ Program Files \ RealArcade
2008-09-25 21:30 --------- d ----- w C: \ Program Files \ FTP Commander
2008-09-21 04:33 --------- d ----- w C: \ Program Files \ Common Files \ Adobe
2008-09-11 16:36 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ uTorrent
2008-09-05 18:19 98.304 ---- Aw C: \ Windows \ system32 \ CmdLineExt.dll
2008-09-04 17:39 --------- d - h - w C: \ Program Files \ InstallShield Installation Information
2008-09-04 03:06 --------- d ----- w C: \ Program Files \ Java
2008-08-30 00:32 --------- d ----- w C: \ Program Files \ dl_Cats
2008-08-24 21:28 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Move Networks
2008-08-24 21:07 --------- d ----- w C: \ Documents and Settings \ Administrator \ Application Data \ Gamelab
2008-07-30 01:59 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FreshGames
2008-07-19 02:10 94.920 ---- Aw C: \ Windows \ system32 \ cdm.dll
2008-07-19 02:10 53.448 ---- Aw C: \ Windows \ system32 \ wuauclt.exe
2008-07-19 02:10 45.768 ---- Aw C: \ Windows \ system32 \ wups2.dll
2008-07-19 02:10 36.552 ---- Aw C: \ Windows \ system32 \ wups.dll
2008-07-19 02:09 563.912 ---- Aw C: \ Windows \ system32 \ wuapi.dll
2008-07-19 02:09 325.832 ---- Aw C: \ Windows \ system32 \ wucltui.dll
2008-07-19 02:09 205.000 ---- Aw C: \ Windows \ system32 \ wuweb.dll
2008-07-19 02:09 1.811.656 ---- Aw C: \ Windows \ system32 \ Wuaueng.dll
2008-07-19 02:07 270.880 ---- Aw C: \ Windows \ system32 \ mucltui.dll
2008-07-19 02:07 210.976 ---- Aw C: \ Windows \ system32 \ muweb.dll
2008-07-07 20:32 253.952 ---- Aw C: \ Windows \ system32 \ es.dll
2007-10-02 01:01 60.968 ---- Aw C: \ Documents and Settings \ Administrator \ GoToAssistDownloadHelper.ex e
2007-01-13 12:49 774.144 ---- Aw C: \ Program Files \ RngInterstitial.dll
2007-08-10 19:03 6.275.816 ---- Aw C: \ Program Files \ Mozilla Firefox \ plugin-uri \ ScorchPDFWrapper.dll
.

((((((((((((((((((((((((((((((((((((( Reg Se incarca Puncte )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Nota * gol intrări & legit default intrări nu sunt afişate
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"Ctfmon.exe" = "C: \ Windows \ system32 \ Ctfmon.exe" [2004-08-04 15360]
"AOL Fast Start" = "C: \ Program Files \ America Online 9.0 \ AOL.EXE" [2005-07-12 50776]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"NvCplDaemon" = "C: \ Windows \ system32 \ NvCpl.dll" [2007-04-28 8429568]
"Dell QuickSet" = "C: \ Program Files \ Dell \ QuickSet \ quickset.exe" [2007-07-20 1228800]
"HPDJ Taskbar Utility" = "C: \ Windows \ system32 \ bobina \ drivers \ w32x86 \ 3 \ hpztsb03.exe" [2001-06-12 200704]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008-01-10 385024]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-01-15 267048]
"DLCXCATS" = "C: \ Windows \ system32 \ bobina \ DRIVERS \ W32X 86 \ 3 \ DLCXtime.dll" [2006-10-16 106496]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
"NvMediaCenter" = "NvMCTray.dll" [2007-04-28 C: \ Windows \ system32 \ nvmctray.dll]

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce]
"RunNarrator" = "Narrator.exe" [2004-08-04 C: \ Windows \ system32 \ narrator.exe]

C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \
Curăţenie de acces Agent.lnk - C: \ Program Files \ Cisco Systems \ Curăţenie de acces Agent \ CCAAgent.exe [2007-06-28 2056266]

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Policies \ Explorer]
"NoSMBalloonTip" = 1 (0x1)
"NoAutoTrayNotify" = 1 (0x1)

[HKEY_USERS \. Implicit \ SOFTWARE \ Microsoft \ Windows \ actuală rentversion \ Policies \ Explorer]
"NoActiveDesktopChanges" = 0 (0x0)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ windows \ curr entversion \ Explorer \ ShellExecuteHooks]
"(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = "C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL" [2008-05-13 77824]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ notifice \! SASWinLogon]
2008-07-23 16:28 352256 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ ^ Administrator Start Menu ^ Programs ^ Startup ^ Adobe Gamma.lnk]
path = C: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \ Adobe Gamma.lnk
backup = C: \ WINDOWS \ pss \ Adobe Gamma.lnkStartup

[HKLM \ ~ \ startupfolder \ C: ^ Documents and Settings ^ ^ Toate Utilizatorii Start Menu ^ Programs ^ Startup ^ Adobe Reader Speed Launch.lnk]
path = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Adobe Reader Speed Launch.lnk
backup = C: \ WINDOWS \ pss \ Adobe Reader Speed Launch.lnkCommon de pornire

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ AOLDialer]
-ra ------ 2006-10-23 08:50 71216 C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Apoint]
- a ------ 2003-08-20 20:24 151552 C: \ Program Files \ Apoint \ Apoint.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ Ctfmon.exe]
- a ------ 2004-08-04 00:56 15360 C: \ Windows \ system32 \ Ctfmon.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ HostManager]
- a ------ 2006-09-25 20:52 50736 C: \ Program Files \ Common Files \ AOL \ 1155864818 \ EE \ aolsoftware.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxhkcmd]
- a ------ 2006-07-14 18:04 77824 C: \ Windows \ system32 \ hkcmd.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxpers]
- a ------ 2006-07-14 18:08 118784 C: \ Windows \ system32 \ igfxpers.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ igfxtray]
- a ------ 2006-07-14 18:07 94208 C: \ Windows \ system32 \ igfxtray.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ IntelWireless]
- a ------ 2006-08-02 01:32 696320 C: \ Program Files \ Intel \ Wireless \ bin \ iFrmewrk.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ IntelZeroConfig]
- a ------ 2006-08-02 01:38 802816 C: \ Program Files \ Intel \ Wireless \ bin \ ZCfgSvc.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ iTunesHelper]
- a ------ 2008-01-15 04:22 267048 C: \ Program Files \ iTunes \ iTunesHelper.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ MSMSGS]
- Ah ----- 2004-10-13 12:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvCplDaemon]
- a ------ 2007-04-28 19:05 8429568 C: \ Windows \ system32 \ nvcpl.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NvMediaCenter]
- a ------ 2007-04-28 19:05 81920 C: \ Windows \ system32 \ nvmctray.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ QuickTime Task]
- a ------ 2008-01-10 16:27 385024 C: \ Program Files \ QuickTime \ QTTask.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ RealTray]
- a ------ 2006-08-17 21:34 26112 C: \ Program Files \ Real \ RealPlayer \ realplay.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SunJavaUpdateSched]
- a ------ 2006-12-15 04:23 75520 C: \ Program Files \ Java \ jre1.5.0_11 \ bin \ jusched.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ WMPNSCFG]
--------- 2006-10-18 20:05 204288 C: \ Program Files \ Windows Media Player \ wmpnscfg.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ NVHotkey]
- a ------ 2007-04-28 19:05 67584 C: \ Windows \ system32 \ nvhotkey.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ nwiz]
- a ------ 2007-04-28 19:05 1626112 C: \ Windows \ system32 \ nwiz.exe

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ shared tools \ msconfig \ startupreg \ SigmatelSysTrayApp]
- a - c --- 2005-11-16 15:35 397312 C: \ WINDOWS \ stsystra.exe

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ Lista]
"% WINDIR% \ \ system32 \ \ sessmgr.exe" =
"C: \ \ Program Files \ \ RssBandit \ \ RSSBandit.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"C: \ \ Program Files \ \ America Online 9.0 \ \ waol.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltsmon.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ TopSpeed \ \ 2.0 \ \ aoltpspd.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ AOLServiceHost.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ AOLSP Scheduler.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ AOL Spyware Protecţia \ \ asp.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ player \ \ AOLNySEV.exe" =
"C: \ \ Program Files \ \ FTP Commander \ \ ftpcomm.exe" =
"C: \ \ Program Files \ \ Real \ \ RealPlayer \ \ realplay.exe" =
"C: \ \ StubInstaller.exe" =
"C: \ \ Program Files \ \ SmartFTP Client 2.0 \ \ SmartFTP.exe" =
"C: \ \ Program Files \ \ BitTornado \ \ btdownloadgui.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1155864818 \ \ EE \ \ aolsoftware.exe" =
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"C: \ \ Program Files \ \ BitZip \ \ bitzip.exe" =
"C: \ \ Program Files \ \ uTorrent \ \ uTorrent.exe" =
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"% WINDIR% \ \ Reţeaua de diagnostic \ \ xpnetdiag.exe" =
"C: \ \ WINDOWS \ \ system32 \ \ dlcxcoms.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ Lista]
"50001: TCP" = 50001: TCP: webroots
"50002: TCP" = 50002: TCP: webroots2
"3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings]
"AllowInboundEchoRequest" = 1 (0x1)

R0 a320raid; a320raid; C: \ WINDOWS \ system32 \ drivers \ A320 raid.sys [2006-04-04 251578]
R0 pxark; pxark; C: \ Windows \ system32 \ drivers \ pxark.sys [2008-09-27 17408]
R1 SAVOnAccess de control; SAVOnAccess control; C: \ WINDOWS \ system32 \ drivers \ savonaccesscon trol.sys [2006-04-14 80128]
R1 SAVOnAccess Filter; SAVOnAccess Filter; C: \ WINDOWS \ system32 \ drivers \ savonaccessfilt er.sys [2006-04-14 24064]
R2 CSIScanner; CSIScanner; C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-27 618040]
R2 dlcx_device; dlcx_device; C: \ Windows \ system32 \ dlcxco ms.exe [2006-11-03 537480]
R2 punct de vedere Manager Service; punct de vedere Manager Service; C: \ Program Files \ punct de vedere \ Common \ ViewpointService.exe [2007-01-04 24652]
S2 ousbehci; NEC PCI la USB Enhanced Host Controller; C: \ WINDOWS \ system32 \ drivers \ ousbehci.sy s [2003-08-01 41600]
S3 GTIPCI21; GTIPCI21; C: \ WINDOWS \ system32 \ drivers \ gtip ci21.sys [2004-05-03 80384]
S3 NWADI; NWADI Bus enumeratorul; C: \ WINDOWS \ system32 \ drivers \ NWADIenum.s ys [2005-12-09 67840]
S3 ousb2hub; OrangeWare USB 2.0 hub rădăcină de suport; C: \ WINDOWS \ system32 \ drivers \ ousb2hub.sys [2003-08-01 55552]
S3 whfltr2k; WheelMouse USB Jos driverul de filtrare; C: \ WINDOWS \ system32 \ drivers \ whfltr2k.sys [2007-01-25 6784]
S3 whmice2k; avansată pneuri Mouse Upper driverul de filtrare; C: \ WINDOWS \ system32 \ drivers \ whmice2k.sys [2004-04-25 6885]

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ D]
\ Shell \ AutoRun \ command - D: \ autorun.exe

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (64d8acf2-5f84-11db-b756-00038a000015)]
\ Shell \ AutoRun \ command - E: \ Installer.exe

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (7aebf132-2e3f-11db-b6e0-0015c547091a)]
\ Shell \ AutoRun \ command - E: \ wd_windows_tools \ setup.exe

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ curre ntversion \ Explorer \ mountpoints2 \ (c4f3f4e1-2c11-11d9-8305-806d6172696f)]
\ Shell \ AutoRun \ command - D: \ Programs \ nu2menu \ nu2menu.exe

* Newly Created Service * - PROCEXP90
.
Cuprins de la "Activităţi programate" dosar
.
- - - - ORFANI ELIMINAT - - - --

MSConfigStartUp-! AVG Anti-Spyware - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
MSConfigStartUp-DVDLauncher - C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe
MSConfigStartUp-SpySweeperEnterprise - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ \ SpySweeperUI.exe
MSConfigStartUp-SpysweeperUI - C: \ Program Files \ Webroot \ de vizitare \ Spy Sweeper \ SpySweeperUI.exe
MSConfigStartUp-UpdateManager - C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe

.
------- Suplimentare Scan -------
.
Firefox -: Profil - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \
Firefox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.broadway.com/
FF -: plugin - C: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ dlc1hobz.default \ ensions int \ npmozax@real.com \ plugin-uri \ npmozax.dll
FF -: plugin - C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ browser-ul \ nppdf32.dll
FF -: plugin - C: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ npagent.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ npmozax.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ npmusicn.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ npracplug.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ nptgeqplugin.dll
FF -: plugin - C: \ Program Files \ Mozilla Firefox \ plugin-uri \ npunagi2.dll
FF -: plugin - C: \ Program Files \ Real \ RealArcade \ Plugins \ Mozilla \ l npracplug.dl
FF -: plugin - C: \ Program Files \ Puncte de vedere \ Puncte de vedere Experienţa Tehnologie \ npViewpoint.dll
.

************************************************** ************************

catchme 0.3.1361 W2K/XP/Vista - rootkit / stealth malware detector de Gmer, http://www.gmer.net
Rootkit scan 2008-09-28 11:48:43
Windows 5.1.2600 Service Pack 2 NTFS

scanare ascuns procese ...

scanare ascuns autostart intrări ...

HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
DLCXCATS = rundll32 C: \ WINDOWS \ System32 \ Spool \ DRIVERS \ W32X86 \ 3 \ e.dll DLCXtim, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????

scanare fişiere ascunse ...

scanare sa finalizat cu succes
fişiere ascunse: 0

************************************************** ************************
.
--------------------- DLLs Loaded Sub Running Processes ---------------------

Proces: C: \ Windows \ system32 \ winlogon.exe
-> C: \ Windows \ system32 \ Ati2evxx.dll
.
Finalizarea time: 2008-09-28 11:50:56
ComboFix-carantină-files.txt 2008-09-28 15:50:52

Pre-Run: 25918537728 bytes liber
Post-Run: 25986658304 bytes liber

255 --- EOF --- 2008-09-26 12:22:29

**evilfantasy** · #10 28 septembrie 2008, 10:25

Notă: instrucţiunile de mai jos au fost create special pentru acest utilizator. Dacă nu sunteţi acest utilizator, NU urmaţi aceste direcţii în care acestea ar putea deteriora funcţionarea sistemului dvs.

Ştergeţi aceste fişiere / foldere, după cum urmează:

1. Du-te la Porni > Fugi > Tip Notepad.exe şi faceţi clic pe OK pentru a deschide Notepad.
El / ea trebui fi Notepad, nu Wordpad.
2. Copia textul în caseta de mai jos codul de evidenţă tot textul şi apăsând Ctrl + C

Cod:

Killall:: File:: C: \ WINDOWS \ system32 \ SJv56bM4.exe.a_a C: \ WINDOWS \ system32 \ Folder 0vx55IOc.exe:: C: \ Documents and Settings \ Administrator \ Application Data \ ErrorSmart

3. Du-te la fereastră şi faceţi clic pe Notepad Editare > Lipire
4. Apoi, faceţi clic pe Dosar > Economisi
5. Nume de fişier CFScript.txt - Salvaţi fişierul pe spaţiul de lucru
6. Apoi, glisaţi CFScript (ţineţi butonul stânga al mouse-ului în timp ce fişierul de lungă durată) şi fixaţi-l (de eliberare din stânga mouse-ul) în ComboFix.exe după cum puteţi vedea în imaginea de mai jos. Important: Efectua această instrucţiune cu atenţie!

ComboFix vor începe să execute, urmaţi solicitările.
După repornirea sistemului (în cazul în care le cere să reporniţi), aceasta va produce un jurnal pentru tine.
Post că jurnal (Combofix.txt) în următoarea replică.

Notă: Nu mouseclick ComboFix de fereastră în timp ce se execută. Care pot determina sistemul dvs. pentru a se congela

Similar Threads
Fir	Thread Starter	Forum	Răspunsurile	Ultimul mesaj
Iexplore.exe	electra369	Nume, Spyware & Securitate	1	12 ianuarie 2009 00:16
Winzix adware iexplore.exe problemă. Te rog, ajută!!	winzix imbecil	Nume, Spyware & Securitate	35	18 decembrie 2008 16:47
Iexplore.exe # 3	jman8700	Nume, Spyware & Securitate	8	29 mai 2008 10:39
Un alt iexplore>. <	sens	Nume, Spyware & Securitate	20	18 ianuarie 2008 08:15
Iexplore.exe	rsteenoven	Nume, Spyware & Securitate	19	16 ianuarie 2008 14:02