|
| |||||||
| Registruotis | Svetainės spy | Narių sąrašas | Donate | Ieškoti | Šiandien Žinutės | Pažymėti forumus kaip skaitytus | Forumo taisyklės |
 |
 |
| | Temos įrankiai |
|
#1
Spalis 10, 2008, 19:08
| |||
| |||
| Iexplore.exe virusas vėl! Sveiki, aš manau taip pat Iexplore virusas ir bandė daug įvairių programų atsikratyti jo, bet niekas neveikia! Mačiau, kad Jūsų svetainė yra pagalba ir daug ppl tai gal man irgi? Čia yra mano Blokuoti šį failą: Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 1:01:32 dėl 11/10/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ acs.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ windows \ system \ hpsysdrv.exe C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe C: \ WINDOWS \ ALCXMNTR.EXE C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe C: \ HP \ KBD \ KBD.EXE C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Nikon \ PictureProject \ NkbMonitor.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ WINDOWS \ system32 \ kite taskmgr.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows+XP&osv=5.1 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyOverride = *. vietos O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing) O2 - BHO: malicious Skriptai Scanner - (55EA1964-F5E4-4D6A-B9B2-125B37655FCB) - C: \ Documents and Settings \ All Users \ Application Data \ Prevx \ pxbho.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ GoogleToolbar1.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ GoogleToolbar1.dll O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Spoil / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / Sync O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / Sync O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ windows \ system \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM \ .. \ Run: [TWCU] "C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe"-nogui O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [Epson Stylus CX3700 serija] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / autostart O4 - HKLM \ .. \ Run: [Pažymėti owns Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software taisyklė vėliava valdo \ First obj.exe O4 - HKLM \ .. \ Run: [PrevxOne] "C: \ Program Files \ Prevx2 \ PXConsole.exe" O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKCU \ .. \ Run: [MODE NEKILNOJAMASIS] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ reader_sl.exe O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Program Files \ Nikon \ PictureProject \ NkbMonitor.exe O8 - Extra kontekstinio meniu punktą: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm O8 - Extra kontekstinio meniu punktą: & Download su & VPN - C: \ Program Files \ DAP \ dapextie.htm O8 - Extra kontekstinio meniu punktą: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsearch.html O8 - Extra kontekstinio meniu punktą: Backward Links - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmbacklinks.html O8 - Extra kontekstinio meniu punktą: Cached Snapshot of Page - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmcache.html O8 - Extra kontekstinio meniu punktą: Atsisiųsti ir visus su DAP - C: \ Program Files \ DAP \ dapextie2.htm O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000 O8 - Extra kontekstinio meniu punktą: "Panašūs puslapiai" - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsimilar.html O8 - Extra kontekstinio meniu punktą: išversti į anglų kalbą - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL O9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra button: Connection Pagalba - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Pardavėjai \ CN = "Hewlett-Packard", L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Prisijungimas Pagalba - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Pardavėjai \ CN = "Hewlett-Packard", L = Cupertino, S = Ca, C = JAV \ IEButton \ support.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Nuotraukų Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Mokėti internetu) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab O23 - Service: TP-LINK tinklo tarnyba (ACS) - Unknown owner - C: \ WINDOWS \ system32 \ acs.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: PREVXAgent - Prevx - C: \ Program Files \ Prevx2 \ PXAgent.exe O23 - Service: TrueVector Interneto monitorius (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe -- End of file - 10.831 baitų |
|
#2
Spalis 10, 2008, 23:12
| |||
| |||
| Iexplore.exe virusas vėl! Atsisiųsti Lop S & D by Eric_71 ir išsaugokite jį savo kompiuteryje. Lop S & D veikia tik Windows XP ir Windows Vista Išjunkite antivirusinę ir AntiMalware programas, kad jie netrukdytų su Lop S & D veikia Norėdami pamatyti, kaip išjungti saugumo programas aplankyti šią Tutorial: Kaip laikinai išjungti antivirusinę, Firewall ir Anti-kenkėjiškų programų
__________________  |
|
#3
Spalis 11, 2008, 00:15
| |||
| |||
| Iexplore.exe virusas vėl! Štai iš Lop rezultatų S & D Paieška: -------------------- \ \ Lop S & D 4.2.4-5 XP / Vista Microsoft Windows XP Home Edition (v5.1.2600) Service Pack 3 X86 PC (Jednoprocesorowy Free: AMD Athlon (tm) Processor 3200 +) BIOS: Phoenix - Award BIOS v6.00PG Vartotojas: Compaq_Owner (Administrator) Boot: Normal boot Antivirusinė: AVG 7.5.524 7.5.524 (nesuaktyvinta) Ugniasienė: ZoneAlarm Firewall 7.0.483.000 (nesuaktyvinta) C: \ (vietinis diskas) - NTFS - Iš viso: 68 Grįžti Nemokamai: 10 Grįžti D: \ (vietinis diskas) - FAT32 - Iš viso: 5 Grįžti Nemokamai: 1 Grįžti E: \ (CD arba DVD) F: \ (CD arba DVD) G: \ (USB) H: \ (USB) I: \ (USB) J: \ (USB) "C: \ Lop SD" (MAJ: 02-10-2008 | 23:42) Variantas: [1] (Pen 11/10/2008 | 18:11) -------------------- \ \ Sąrašas katalogus applic ~ 1 [11/10/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Adobe [03/10/2007 | 01:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Apple [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Apple Computer [28/08/2007 | 04:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Autodesk [03/09/2008 | 10:46] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Avg7 [10/06/2008 | 12:37] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Avg8 [02/07/2006 | 01:52] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> DVD Shrink [15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> EnterNHelp [27/03/2007 | 10:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Google [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ Grisoft <DIR> [23/10/2007 | 12:15] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> įrenginiai [12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> InstallShield [11/10/2008 | 12:29] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> MailFrontier [18/08/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Microsoft [10/09/2008 | 07:07] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Microsoft Help [10/09/2007 | 04:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Nero [11/10/2008 | 03:51] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> NOS [21/05/2008 | 12:55] "C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> PC Drivers Headquarters [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> QuickTime [24/11/2007 | 02:56] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Real [12/09/2005 | 09:04] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> SBSI [02/02/2008 | 05:17] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Seagate [09/10/2008 | 11:53] "C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Software vėliavos valstybę valdo [01/11/2006 | 01:13] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Sophos [14/09/2008 | 02:08] "C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Spybot - Search & Destroy [19/05/2008 | 07:41] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ Symantec <DIR> [11/10/2008 | 06:00] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ TEMP <DIR> [15/02/2006 | 01:11] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> UDL [15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> Ultima_T15 [08/04/2006 | 02:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> "Windows Genuine Advantage [22/06/2008 | 11:01] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ <DIR> WLInstaller [17.03.2008 | 09:32] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Adobe [11/10/2008 | 03:55] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> AdobeUM [13/09/2007 | 05:26] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Ahead [13/06/2008 | 07:29] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Apple Computer [02/10/2007 | 12:55] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> "ArcSoft [18/06/2006 | 11:34] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Atari [21/05/2007 | 07:47] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Autodesk [11/10/2008 | 11:11] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> AVG7 [19/05/2008 | 02:40] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> AVGTOOLBAR [08/10/2008 | 01:29] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Aktyvūs [21/05/2007 | 12:09] "C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Command & Conquer 3 Tiberium Wars [01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Datalayer [28.05.2007 | 02:25] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> dvdcss [13/08/2007 | 03:00] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> EPSON [03/05/2007 | 02:12] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Google [07/09/2006 | 02:08] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Pagalba [26/06/2008 | 12:16] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> HPQ [16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ Identities <DIR> [19/02/2006 | 05:44] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> InterVideo [23/04/2008 | 11:49] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Iwin [03/05/2008 | 03:20] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Joost [28/01/2006 | 03:15] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Leadertech [13/09/2008 | 08:45] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> LimeWire [14/02/2006 | 05:22] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Macromedia [24/11/2007 | 03:04] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Media Player Classic [19/05/2008 | 06:44] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Microsoft [09/04/2008 | 06:13] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Mozilla [15/07/2006 | 12:31] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Nikon [01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Nokia [01/09/2006 | 08:54] "C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR>" Nokia Multimedia Player [01/09/2006 | 08:41] "C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> PC Suite" [19/05/2008 | 07:32] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Real [12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> SampleView [21/05/2007 | 12:07] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> SecuROM [09/10/2008 | 11:54] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Muilas yra meilė [28/01/2006 | 03:16] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Sonic [23/04/2008 | 11:45] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> SpinTop [14/09/2008 | 06:04] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Spore [15.04.2008 | 05:04] "C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Spybot - Search & Destroy [14/02/2006 | 05:49] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> Sk [12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ Symantec <DIR> [16/04/2008 | 06:42] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> U3 [26/05/2008 | 11:14] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> uTorrent [27/05/2006 | 09:46] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> vlc [20/05/2008 | 10:26] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ <DIR> WinBatch [12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ <DIR> Apple Computer [16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ Identities <DIR> [12/09/2005 | 09:51] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ <DIR> Microsoft [12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ <DIR> Real [12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ <DIR> SampleView [12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ applic ~ 1 \ Symantec <DIR> [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ locals ~ 1 \ applic ~ 1 \ <DIR> AVG7 [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ locals ~ 1 \ applic ~ 1 \ <DIR> Microsoft [18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ NETWOR ~ 1 \ applic ~ 1 \ <DIR> Microsoft -------------------- \ \ Scheduled Tasks aplanke C: \ WINDOWS \ Uždaviniai [11/10/2008 06:00 PM] [- Ah -----] C: \ WINDOWS \ užduočių \ A396018B9185B27B.job [11/10/2008 06:11 PM] [- ------] "C: \ WINDOWS \ užduočių \ Symantec NetDetect.job [11/10/2008 05:00 PM] [- ------] "C: \ WINDOWS \ užduočių \ RegCure programa Check.job [28/08/2008 04:00] [- ------] "C: \ WINDOWS \ užduočių \ RegCure.job [11/10/2008 04:07 PM] [- Ah -----] C: \ WINDOWS \ užduočių \ SA.DAT [05/08/2004 05:00 AM] [-Rah -----] C: \ WINDOWS \ užduotis \ Desktop.ini (A396018B9185B27B.job) = (C: \ DOCUME ~ 1 \ Compaq ~ 1 \ applic ~ 1 \ soapli ~ 1 \ Axisgreatex tra.exe) -------------------- \ \ Listing Katalogai C: \ Program Files [27/07/2008 | 05:02] "C: \ Program Files \ Activision <DIR> [11/10/2008 | 04:05] "C: \ Program Files \ Adobe <DIR> [15/06/2008 | 12:20] "C: \ Program Files \ Ahead <DIR> [20/05/2007 | 11:20] "C: \ Program Files \ <DIR> Alkoholis Soft [03/06/2008 | 09:01] "C: \ Program Files \ <DIR> Apple Software Update [15/07/2006 | 12:27] C: \ Program Files \ <DIR> "ArcSoft [12/09/2005 | 09:13] "C: \ Program Files \ ATI Technologies <DIR> [21/05/2007 | 07:36] C: \ Program Files \ Autodesk <DIR> [27.05.2008 | 04:42] C: \ Program Files \ <DIR> AVG [20.06.2008 | 04:54] "C: \ Program Files \ BitTorrent <DIR> [11/10/2008 | 04:05] "C: \ Program Files \ Common Files <DIR> [24/11/2004 | 01:06] C: \ Program Files \ <DIR> ComPlus Programos [21/05/2008 | 12:51] "C: \ Program Files \ <DIR> VPN [08/11/2006 | 02:07] "C: \ Program Files \ <DIR> DIVX [30/09/2008 | 09:12] C: \ Program Files \ <DIR> DominateGame [21/05/2007 | 10:35] "C: \ Program Files \ <DIR> Drug Lord 2 [18/08/2008 | 03:56] C: \ Program Files \ D-Tools <DIR> [08/11/2006 | 12:56] "C: \ Program Files \ <DIR> DVD Shrink [19/05/2008 | 07:12] "C: \ Program Files \ <DIR> Easy Interneto prenumerata [14/09/2008 | 06:02] "C: \ Program Files \ <DIR> Electronic Arts [15/02/2006 | 01:11] "C: \ Program Files \ <DIR> Epson [26/05/2008 | 11:15] C: \ Program Files \ <DIR> eToro [30/09/2008 | 09:12] "C: \ Program Files \ <DIR> E. Nova [13/11/2006 | 09:39] C: \ Program Files \ <DIR> FLVPlayer [26/06/2008 | 12:13] "C: \ Program Files \ <DIR> GameSpy Arcade [12/09/2005 | 09:37] "C: \ Program Files \ <DIR>" Google " [27/11/2006 | 10:19] C: \ Program Files \ <DIR> grafikas [08/11/2007 | 06:44] "C: \ Program Files \ <DIR> Griffin Technology [18/08/2008 | 07:44] C: \ Program Files \ Grisoft <DIR> [27/03/2006 | 09:17] "C: \ Program Files \ <DIR> GustoSoft [29/09/2008 | 04:41] C: \ Program Files \ <DIR> Hp [05/12/2007 | 01:09] C: \ Program Files \ <DIR> Infogrames Interaktyvūs [14/09/2008 | 06:03] "C: \ Program Files \ <DIR> Diegimo įrengimas Informacija [17/08/2008 | 09:45] "C: \ Program Files \ Internet Explorer <DIR> [12/09/2005 | 09:23] C: \ Program Files \ InterVideo <DIR> [03/06/2008 | 09:04] "C: \ Program Files \ iPod <DIR> [14/02/2006 | 05:20] C: \ Program Files \ <DIR> iPrimus [03/06/2008 | 09:05] "C: \ Program Files \ iTunes <DIR> [30/09/2008 | 08:51] "C: \ Program Files \ Java <DIR> [14/09/2008 | 05:43] "C: \ Program Files \ <DIR> John Deere American Farmer Deluxe [09/04/2008 | 06:13] C: \ Program Files \ <DIR> Joost [24/11/2007 | 02:56] "C: \ Program Files \ <DIR> K-Lite Codec Pack [20.03.2008 | 05:13] C: \ Program Files \ <DIR> LimeWire [31/08/2008 | 05:28] C: \ Program Files \ <DIR> Maxis [18/08/2008 | 02:14] "C: \ Program Files \ <DIR> Messenger [15/05/2007 | 11:48] "C: \ Program Files \ Microsoft <DIR> CAPICOM 2.1.0.2 [12/09/2005 | 09:19] "C: \ Program Files \ Microsoft Encarta <DIR> [16/12/2004 | 04:23] "C: \ Program Files \ Microsoft FrontPage <DIR> [26/06/2008 | 12:17] "C: \ Program Files \ Microsoft Games <DIR> [12/09/2005 | 09:25] "C: \ Program Files \ <DIR> Microsoft Money 2005 [29/06/2008 | 10:10] "C: \ Program Files \ Microsoft Office <DIR> [15/02/2006 | 12:29] "C: \ Program Files \ Microsoft Visual Studio <DIR> [03/06/2008 | 03:51] "C: \ Program Files \ Microsoft Works <DIR> [14/02/2008 | 10:22] C: \ Program Files \ <DIR> Microsoft.NET [14.03.2008 | 09:22] C: \ Program Files \ <DIR> MindArk [18/08/2008 | 02:11] "C: \ Program Files \ <DIR> Movie Maker [11/10/2008 | 11:09] "C: \ Program Files \ Mozilla Firefox <DIR> [16/12/2004 | 04:23] "C: \ Program Files \ MSN <DIR> [16/12/2004 | 04:23] "C: \ Program Files \ MSN <DIR> Gaming Zone [18/10/2006 | 01:19] "C: \ Program Files \ <DIR> MSXML 4.0 [02/02/2008 | 05:16] "C: \ Program Files \ <DIR> MSXML 6.0 [10/09/2007 | 04:25] "C: \ Program Files \ Nero <DIR> [18/08/2008 | 02:10] "C: \ Program Files \ NetMeeting <DIR> [15/07/2006 | 12:30] C: \ Program Files \ <DIR> Nikon [11/10/2008 | 03:51] C: \ Program Files \ <DIR> NOS [15/02/2006 | 12:42] C: \ Program Files \ <DIR> OfficeUpdate11 [14/09/2008 | 02:59] "C: \ Program Files \ <DIR> Online Services [18/08/2008 | 02:10] "C: \ Program Files \ Outlook Express <DIR> [26.06.2007 | 09:29] "C: \ Program Files \ <DIR> PartyGaming [12/09/2005 | 09:34] "C: \ Program Files \ <DIR> PC-Doctor DOS [17/06/2007 | 08:43] C: \ Program Files \ <DIR> PokerRoom.com [31.05.2007 | 01:55] "C: \ Program Files \ PokerStars <DIR> [03/06/2008 | 09:04] "C: \ Program Files \ QuickTime <DIR> [21/04/2008 | 08:30] C: \ Program Files \ <DIR> RegCure [02/02/2008 | 05:17] "C: \ Program Files \ <DIR> SEAGATE [23/04/2008 | 01:20] "C: \ Program Files \ <DIR> Sean O'Connor's Windows žaidimus [24/07/2008 | 06:08] C: \ Program Files \ <DIR> SEGA [18/08/2008 | 03:56] C: \ Program Files \ <DIR> Sierra Entertainment [08/02/2007 | 11:24] "C: \ Program Files \ <DIR> SLD Codec Pack [09/10/2008 | 11:53] "C: \ Program Files \ <DIR> Muilas yra meilė [14.03.2008 | 06:16] "C: \ Program Files \ <DIR> Sophos [15.04.2008 | 09:22] "C: \ Program Files \ <DIR> Spybot - Search & Destroy [24/11/2007 | 02:59] "C: \ Program Files \ <DIR> StrongDC + + [19/05/2008 | 07:41] "C: \ Program Files \ Symantec <DIR> [13/09/2008 | 10:03] "C: \ Program Files \ <DIR> TeaTimer (Spybot - Search & Destroy) [14/02/2006 | 05:39] C: \ Program Files \ <DIR> Telstra [19.06.2007 | 09:45] C: \ Program Files \ <DIR> TexasCalculatem [30/05/2008 | 01:43] "C: \ Program Files \ <DIR> Theorica DivX ;-) kodekai [29/02/2008 | 06:25] "C: \ Program Files \ <DIR> TP-LINK [11/10/2008 | 12:33] "C: \ Program Files \ Trend Micro <DIR> [03/04/2008 | 12:17] C: \ Program Files \ <DIR> Trymedia [24/11/2004 | 01:07] "C: \ Program Files \ Uninstall <DIR> Informacija [27/05/2006 | 08:19] C: \ Program Files \ VideoLAN <DIR> [10/09/2008 | 01:44] C: \ Program Files \ <DIR> VUGames [11/10/2008 | 05:57] "C: \ Program Files \ Warcraft III <DIR> [05/06/2008 | 01:07] C: \ Program Files \ <DIR> Weatherzone Tracker [13/09/2006 | 12:25] C: \ Program Files \ <DIR> WinAVI VideoConverter [14.03.2008 | 06:35] "C: \ Program Files \ <DIR> Windows Live" [10/10/2007 | 11:18] "C: \ Program Files \ <DIR> Windows Media Connect 2 [25/08/2008 | 06:37] "C: \ Program Files \ <DIR> Windows Media Player" [14/09/2008 | 02:59] "C: \ Program Files \ <DIR> Windows NT [03/10/2007 | 03:00] "C: \ Program Files \ <DIR> Windows XP Pramogos Pack [24/11/2004 | 01:07] C: \ Program Files \ <DIR> WindowsUpdate [14/09/2008 | 05:41] "C: \ Program Files \ WinRAR <DIR> [16/12/2004 | 04:24] "C: \ Program Files \ <DIR> Xerox [11/10/2008 | 12:29] "C: \ Program Files \ Zone Labs <DIR> [11/10/2008 | 12:31] C: \ Program Files \ <DIR> ZoneAlarmSB -------------------- \ \ Listing Katalogai C: \ Program Files \ Common Files [11/10/2008 | 04:05] "C: \ Program Files \ Common Files \ Adobe <DIR> [11/10/2008 | 04:05] "C: \ Program Files \ Common Files \ <DIR> Adobe AIR" [10/09/2007 | 04:28] "C: \ Program Files \ Common Files \ Ahead <DIR> [03/10/2007 | 01:28] "C: \ Program Files \ Common Files \ Apple <DIR> [28/08/2007 | 04:28] "C: \ Program Files \ Common Files \ Autodesk Shared <DIR> [03/06/2008 | 03:50] "C: \ Program Files \ Common Files \ <DIR> KONSTRUKTORIUS [12/09/2005 | 09:27] "C: \ Program Files \ Common Files \ <DIR> InstallShield [12/09/2005 | 09:06] "C: \ Program Files \ Common Files \ Java <DIR> [19/05/2008 | 07:25] "C: \ Program Files \ Common Files \ Microsoft Shared <DIR> [16/12/2004 | 04:23] "C: \ Program Files \ Common Files \ <DIR> MSSoap [15/07/2006 | 12:30] C: \ Program Files \ Common Files \ <DIR> muvee Technologijos [15/07/2006 | 12:31] "C: \ Program Files \ Common Files \ <DIR> Nikon [16/12/2004 | 04:23] "C: \ Program Files \ Common Files \ <DIR> ODBC [19/05/2008 | 07:32] "C: \ Program Files \ Common Files \ Real <DIR> [20/05/2008 | 11:24] "C: \ Program Files \ Common Files \ <DIR> Paslaugos [16/12/2004 | 04:23] "C: \ Program Files \ Common Files \ <DIR> SpeechEngines [19/05/2008 | 07:41] "C: \ Program Files \ Common Files \ Symantec Shared <DIR> [18/08/2008 | 02:10] "C: \ Program Files \ Common Files \ System <DIR> [11/03/2007 | 11:10] "C: \ Program Files \ Common Files \ <DIR> Thraex Programinė įranga [14.03.2008 | 06:34] "C: \ Program Files \ Common Files \ <DIR> WindowsLiveInstaller -------------------- \ \ Procesas (41 procesai) IEXPLORE.EXE ~ [PID: 2612] IEXPLORE.EXE ~ [PID: 2640] iexplore.exe ~ [PID: 3160] IEXPLORE.EXE ~ [PID: 2940] -------------------- \ \ Paieškai S_Lop C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ locals ~ 1 \ Temp \ bis9A.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ kryptis Didžiosios extra.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ ilouimpk.ex e C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ jvuyskje.ex e C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ lfbsabiw.ex e -------------------- \ \ Ieškoma Lop Failai - katalogai C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ Software taisyklė vėliava priklauso C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ Software taisyklė vėliava valdo \ First obj.exe C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ applic ~ 1 \ Software taisyklė vėliava valdo \ Pereiti proc.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 \ ATOM DASH.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 \ kryptis Didžiosios extra.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 \ ilouimpk.ex e C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 \ jvuyskje.ex e C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ soapli ~ 1 \ lfbsabiw.ex e C: \ Program Files \ soapli ~ 1 C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ locals ~ 1 \ Temp \ TorrentSpeeder. ZIP C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ adultfri endfinder [1]. Txt C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ Propozyc Ing [2]. Txt C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ ero-Skelbimai [1]. Txt C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner@adopt.eu roclick [2]. Txt C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ partypok er [1]. Txt C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ 888 [2]. Txt C: \ WINDOWS \ Uždaviniai \ A396018B9185B27B.job -------------------- \ \ Paieška pagal registro [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Uninstall \ Laikydami WMA Nuoroda] "DisplayName" = "cid Pagalba" "UninstallString" = "C: \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe-uninstall" [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] Režimas REAL "=" C: \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe " Režimas REAL "=" C: \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe " [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "Vėliavos owns Live Grim" = "C: \ \ Documents and Settings \ \ All Users \ \ Application Data \ \ Software taisyklė vėliava valdo \ \ Pirmasis obj.exe" -------------------- \ \ Tikrinimas Hosts failas Hosts VALYMAS -------------------- \ \ Paieška paslėptus failus su catchme catchme 0.3.1353 W2K/XP/Vista - rootkit / Stealth kenkėjiškų detektorius pagal Gmer, http://www.gmer.net Rootkit scan 2008-10-11 18:12:47 Windows 5.1.2600 Service Pack 3 NTFS skenavimo paslėptus procesus ... skenavimo paslėptus failus ... skenavimas baigtas sėkmingai paslėptus procesus: 0 paslėptus failus: 0 -------------------- \ \ Ieškoti kitų infekcijų -------------------- \ \ Cracks & White .. C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Crack C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Crack \ RLD-spor.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Crack \ SporeApp.exe C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Naujausi \ Spore.GENERIC_KEYGEN-FFF.lnk [F: 343] [D 29] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ locals ~ 1 \ Temp [F: 200] [D: 0] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies [F: 18.285] [D 24] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ locals ~ 1 \ tempor ~ 1 \ Content.IE5 1 - "C: \ Lop SD \ LopR_1.txt" - Wed 11/10/2008 | 18:07 - variantas: [1] 2 - "C: \ Lop SD \ LopR_2.txt" - Wed 11/10/2008 | 18:14 - variantas: [1] -------------------- \ \ Scan baigtas 18:14:22 |
|
#4
Spalis 11, 2008, 22:29
| |||
| |||
| Iexplore.exe virusas vėl! Parsisiųsti NoLop darbalaukyje. NoLop.exe
Taip pat paleisti naujas HijackThis nuskaityti ir po žurnalą.
__________________ |
|
#5
Spalis 11, 2008, 22:46
| |||
| |||
| Iexplore.exe virusas vėl! Gerai čia žurnalai: Nolop NoLop! Prisijungti by Skate_Punk_21 Fix skaičiuojamas nuo: C: \ Documents and Settings \ Compaq_Owner \ Desktop [12/10/2008] [4:33:52] --- Infekcija Failai Found/Removed--- C: \ WINDOWS \ užduočių \ A396018B9185B27B.job Pradžia šalinimo ... Paleista ... Šalinama Lop's Leftover files / folders ... Taisomas registro ... ** Fix Complete! ** --- Sąrašas AppData sub katalogų --- C: \ Documents and Settings \ All Users \ Application Data \ Adobe C: \ Documents and Settings \ All Users \ Application Data \ Apple C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer C: \ Documents and Settings \ All Users \ Application Data \ Autodesk C: \ Documents and Settings \ All Users \ Application Data \ Avg7 C: \ Documents and Settings \ All Users \ Application Data \ Avg8 - tuščią katalogą C: \ Documents and Settings \ All Users \ Application Data \ DVD Shrink C: \ Documents and Settings \ All Users \ Application Data \ Enternhelp C: \ Documents and Settings \ All Users \ Application Data \ Google C: \ Documents and Settings \ All Users \ Application Data \ Grisoft C: \ Documents and Settings \ All Users \ Application Data \ įrenginiai C: \ Documents and Settings \ All Users \ Application Data \ InstallShield C: \ Documents and Settings \ All Users \ Application Data \ Mailfrontier - tuščią katalogą C: \ Documents and Settings \ All Users \ Application Data \ Microsoft C: \ Documents and Settings \ All Users \ Application Data \ Microsoft Pagalba C: \ Documents and Settings \ All Users \ Application Data \ Nero C: \ Documents and Settings \ All Users \ Application Data \ Nos C: \ Documents and Settings \ All Users \ Application Data \ PC Drivers įstaigose C: \ Documents and Settings \ All Users \ Application Data \ Quicktime C: \ Documents and Settings \ All Users \ Application Data \ Real - tuščią katalogą C: \ Documents and Settings \ All Users \ Application Data \ Sbsi C: \ Documents and Settings \ All Users \ Application Data \ Seagate C: \ Documents and Settings \ All Users \ Application Data \ Software taisyklės Vėliavos owns C: \ Documents and Settings \ All Users \ Application Data \ Sophos C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy C: \ Documents and Settings \ All Users \ Application Data \ Symantec C: \ Documents and Settings \ All Users \ Application Data \ Temp - tuščią katalogą C: \ Documents and Settings \ All Users \ Application Data \ UDL C: \ Documents and Settings \ All Users \ Application Data \ Ultima_t15 C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage C: \ Documents and Settings \ All Users \ Application Data \ Wlinstaller C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobe C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobeum C: \ Documents and Settings \ Compaq_owner \ Application Data \ Ahead C: \ Documents and Settings \ Compaq_owner \ Application Data \ Apple Computer C: \ Documents and Settings \ Compaq_owner \ Application Data \ Arcsoft C: \ Documents and Settings \ Compaq_owner \ Application Data \ Atari C: \ Documents and Settings \ Compaq_owner \ Application Data \ Autodesk C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avg7 C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avgtoolbar C: \ Documents and Settings \ Compaq_owner \ Application Data \ Bittorrent C: \ Documents and Settings \ Compaq_owner \ Application Data \ Command & Conquer 3 Tiberium Wars C: \ Documents and Settings \ Compaq_owner \ Application Data \ Datalayer C: \ Documents and Settings \ Compaq_owner \ Application Data \ Dvdcss C: \ Documents and Settings \ Compaq_owner \ Application Data \ EPSON C: \ Documents and Settings \ Compaq_owner \ Application Data \ Google C: \ Documents and Settings \ Compaq_owner \ Application Data \ Pagalba - tuščią katalogą C: \ Documents and Settings \ Compaq_owner \ Application Data \ HPQ C: \ Documents and Settings \ Compaq_owner \ Application Data \ Identities C: \ Documents and Settings \ Compaq_owner \ Application Data \ InterVideo C: \ Documents and Settings \ Compaq_owner \ Application Data \ Iwin C: \ Documents and Settings \ Compaq_owner \ Application Data \ Joost C: \ Documents and Settings \ Compaq_owner \ Application Data \ Leadertech C: \ Documents and Settings \ Compaq_owner \ Application Data \ Limewire C: \ Documents and Settings \ Compaq_owner \ Application Data \ Macromedia C: \ Documents and Settings \ Compaq_owner \ Application Data \ Media Player Classic C: \ Documents and Settings \ Compaq_owner \ Application Data \ Microsoft C: \ Documents and Settings \ Compaq_owner \ Application Data \ Mozilla C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nikon C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia Multimedia Player C: \ Documents and Settings \ Compaq_owner \ Application Data \ PC Suite " C: \ Documents and Settings \ Compaq_owner \ Application Data \ Real C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sampleview - tuščią katalogą C: \ Documents and Settings \ Compaq_owner \ Application Data \ SecuROM C: \ Documents and Settings \ Compaq_owner \ Application Data \ Muilas Lies Love C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sonic C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spintop C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spore C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spybot - Search & Destroy C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sun C: \ Documents and Settings \ Compaq_owner \ Application Data \ Symantec - tuščią katalogą C: \ Documents and Settings \ Compaq_owner \ Application Data \ U3 C: \ Documents and Settings \ Compaq_owner \ Application Data \ uTorrent C: \ Documents and Settings \ Compaq_owner \ Application Data \ vlc C: \ Documents and Settings \ Compaq_owner \ Application Data \ Winbatch C: \ Documents and Settings \ Default User \ Application Data \ Apple Computer C: \ Documents and Settings \ Default User \ Application Data \ Identities C: \ Documents and Settings \ Default User \ Application Data \ Microsoft C: \ Documents and Settings \ Default User \ Application Data \ Real C: \ Documents and Settings \ Default User \ Application Data \ Sampleview - tuščią katalogą C: \ Documents and Settings \ Default User \ Application Data \ Symantec - tuščią katalogą C: \ Documents and Settings \ Localservice \ Application Data \ Avg7 - tuščią katalogą C: \ Documents and Settings \ Localservice \ Application Data \ Microsoft C: \ Documents and Settings \ NetworkService \ Application Data \ Microsoft Hijackthis: Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 4:44:14 dėl 12/10/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ acs.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ windows \ system \ hpsysdrv.exe C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe C: \ WINDOWS \ ALCXMNTR.EXE C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe C: \ HP \ KBD \ KBD.EXE C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Internet Explorer \ IEXPLORE.EXE C: \ Program Files \ Nikon \ PictureProject \ NkbMonitor.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows+XP&osv=5.1 O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing) O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ GoogleToolbar1.dll O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ GoogleToolbar1.dll O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Spoil / RemAdvDef / Migration32 O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / Sync O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / Sync O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ windows \ system \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE O4 - HKLM \ .. \ Run: [TWCU] "C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe"-nogui O4 - HKLM \ .. \ Run: [kbd] C: \ HP \ KBD \ KBD.EXE O4 - HKLM \ .. \ Run: [Epson Stylus CX3700 serija] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA CP.EXE / F "C: \ Windows \ Temp \ E_SC4.tmp" / EF "HKLM" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / autostart O4 - HKLM \ .. \ Run: [Pažymėti owns Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software taisyklė vėliava valdo \ First obj.exe O4 - HKLM \ .. \ Run: [ZoneAlarm Client] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe" O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9.0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKCU \ .. \ Run: [MODE NEKILNOJAMASIS] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0-REBOOT 1 O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Program Files \ Nikon \ PictureProject \ NkbMonitor.exe O8 - Extra kontekstinio meniu punktą: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm O8 - Extra kontekstinio meniu punktą: & Download su & VPN - C: \ Program Files \ DAP \ dapextie.htm O8 - Extra kontekstinio meniu punktą: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsearch.html O8 - Extra kontekstinio meniu punktą: Backward Links - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmbacklinks.html O8 - Extra kontekstinio meniu punktą: Cached Snapshot of Page - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmcache.html O8 - Extra kontekstinio meniu punktą: Atsisiųsti ir visus su DAP - C: \ Program Files \ DAP \ dapextie2.htm O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000 O8 - Extra kontekstinio meniu punktą: "Panašūs puslapiai" - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsimilar.html O8 - Extra kontekstinio meniu punktą: išversti į anglų kalbą - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmtrans.html O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL O9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL O9 - Extra button: Connection Pagalba - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Pardavėjai \ CN = "Hewlett-Packard", L = Cupertino, S = Ca, C = US \ IEButton \ support.htm O9 - Extra 'Tools' MENUITEM: Prisijungimas Pagalba - (E2D4D26B-0180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Pardavėjai \ CN = "Hewlett-Packard", L = Cupertino, S = Ca, C = JAV \ IEButton \ support.htm O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Nuotraukų Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab O16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Mokėti internetu) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab O16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom klasė) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab O23 - Service: TP-LINK tinklo tarnyba (ACS) - Unknown owner - C: \ WINDOWS \ system32 \ acs.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: getPlus (R) Helper - Nr Microsystems Ltd - C: \ Program Files \ NOS \ bin \ getPlus_HelperSvc.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: TrueVector Interneto monitorius (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe -- End of file - 10.505 baitų |
|
#6
Spalis 11, 2008, 22:53
| |||
| |||
| Iexplore.exe virusas vėl! Atidaryti HijackThis ir pasirinkite Ar sistema nuskaito tik. Vieta varnelė prie šių įrašų: (jei yra)
Išeitis HijackThis. ---------- Pastaba Toliau instrukcijos buvo sukurtas specialiai šiam vartotojui. Jei nėra šio vartotojo NĖRA laikytis šių nurodymų, nes jie gali sugadinti jūsų sistemos veikimą Pereiti į Start> Run ir tipas notepad.exe tada Gerai Nukopijuokite ir įklijuokite šį kodą į Notepad ir išsaugokite fixme.reg Jūsų Desktop Kodas REGEDIT4 [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Run] "AlcxMonitor" =- "Pažymėti owns Live Grim" =- [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run] "režimu Real" =- Įsitikinkite, kad galite pasakyti, jei gausite pranešimą apie sėkmingą pridedant pirmiau į registrą. Jei nenorite gauti prane ¹ im ± sėkmė, it didn't work. Ištrinti iš darbastalio fixme.reg. Perkraukite kompiuterį ---------- Atsisiųsti CCleaner Slim ir išsaugokite jį darbalaukyje. Jei failas buvo išsaugotas, eikite į savo darbastalio ir dukart paspauskite ccsetupxxx_slim.exe Vykdykite nurodymus, kad įdiegti šią programą. Užbaigti diegimo tada:
---------- Atsisiųsti Malwarebytes 'Anti-Malware (MBAM)
Papildomos pastabos: Jei MBAM susitikimai failą, kurį sunku pašalinti, jums bus pateikiamas kartu su 1, 2 ekrane, spustelėkite Gerai, kad nors ir tegul MBAM elgtis su dezinfekavimo procesą, jei paprašys perkrauti kompiuterį, prašome tai padaryti nedelsiant.
__________________ |
|
#7
Spalis 11, 2008, 23:26
| |||
| |||
| Iexplore.exe virusas vėl! Gavau laišką iš sėkmės fixme.reg failą ir čia yra MBAM Prisijungti: Malwarebytes 'Anti-Malware 1,28 Duomenų bazės versija: 1259 Windows 5.1.2600 Service Pack 3 12/10/2008 5:24:27 mbam-log-2008-10-12 (17-24-27). Txt Scan Type: Quick Scan Objektai nuskaitomi: 45.849 Praėjęs laikas: 2 minutės (-ai), 43 second (s) Atminties procesai Infected: 0 Atminties moduliai Infected: 0 Registro raktus Infected: 0 Vertybių registrą Infected: 0 Registro duomenų elementų Infected: 0 Katalogai Infected: 0 Failai Infected: 0 Atminties procesai Infected: (Nr. kenksminga daiktų aptikti) Atminties moduliai Infected: (Nr. kenksminga daiktų aptikti) Registro raktus Infected: (Nr. kenksminga daiktų aptikti) Vertybių registrą Infected: (Nr. kenksminga daiktų aptikti) Registro duomenų elementų Infected: (Nr. kenksminga daiktų aptikti) Katalogai Infected: (Nr. kenksminga daiktų aptikti) Failai Infected: (Nr. kenksminga daiktų aptikti) |
|
#8
Spalis 11, 2008, 23:29
| |||
| |||
| Iexplore.exe virusas vėl! Kaip viskas dabar?
__________________ |
|
#9
Spalis 11, 2008, 23:33
| |||
| |||
| Iexplore.exe virusas vėl! Veikia greičiau, tačiau Task Manager procesų iexplore.exe vis dar ten ir jei i pabaiga tai jis grįžta. Apie 5 minutes ji naudoja beveik 99% CPU tada Po kiek laiko ji sumažėja iki 0, bet MEM naudojimas lieka iki maždaug 100,000 K. |
|
#10
Spalis 12, 2008, 11:41
| |||
| |||
| Iexplore.exe virusas vėl! Parsisiųsti ComboFix iki einantys iš vienos iš žemiau nuorodų. Būtinai įrašykite jį į viršų Desktop. Link # 1 Link # 2 ** Pastaba: Svarbu, kad ji yra saugomi tiesiai darbalaukyje Uždarykite visus atidarytus interneto naršyklių. (Firefox, Internet Explorer, ir tt) prieš pradedant ComboFix. Laikinai daryti nepajėgų tavo AntivirusIr bet Antispyware realaus laiko apsauga prieš atlikti nuskaitymo. Spauskite šį saitą matyti saugumo programų sąrašą, kuris turėtų būti išjungtas ir kaip juos išjungti. Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas. Baigę ComboFix gamins žurnalas Jums. Skelbti ComboFix Prisijungti ir nauja HijackThis Jūsų kitą atsakymą. Svarbu: Don't mouseclick ComboFix lango kol jis veikia. Tai gali sukelti ją gardas. Atminkite, kad vėl įjungti antivirusinės ir apsaugos nuo šnipinėjimo programų, kai ComboFix baigtas.
__________________ |
