|
| |||||||
| Регистрация | Карта Spy | Държава Списък | Дарения | Търся | Днешната Постове | Марк Форуми Прочети | Форум Правила |
 |
 |
| | Нишка Инструменти |
|
#1
21-ви октомври 2008, 10:48
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете моя компютър по време на работа hasn't имаше добър анти вирус и след като аз настанявам Kaspersky е установено, че ми lsass.exe \ qoMghecb.dll файлове са заразени с вируса на heur.trojan.generic. Там не е информация за това на повечето сайтове за вируса или как да го премахнете. Може ли някой, моля да ми помогнеш? |
|
#2
21-ви октомври 2008, 10:49
| ||||||||||||
| ||||||||||||
| Заразени с Heur.trojan.generic Моля, помогнете http://www.computer-juice.com/forums...-posting-7476/
__________________
Следвайте ръководство, инсталиране на безплатен софтуер и след дневника файлове. След това екипът на злонамерен софтуер може да види какво става с вашата система. Моята система: Hybr! Г
|
|
#3
27-ми октомври 2008 година, 08:58
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете OK тук са сканира от този разбойник, супер шпионски и зловреден софтуер съответно Logfile на Тренд Микро HijackThis v2.0.2 Сканиране записани в 11:48:36 ч. от 10/27/2008 Платформа: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Обувка готовност: Нормално Работещи процеси: C: \ Windows \ System32 \ smss.exe C: \ Windows \ System32 \ winlogon.exe C: \ Windows \ System32 \ services.exe C: \ Windows \ System32 \ lsass.exe C: \ Windows \ System32 \ Svchost.exe C: \ Program Files \ Microsoft Windows Live OneCare \ Antivirus \ MsMpEng.exe C: \ Windows \ System32 \ Svchost.exe C: \ Windows \ Explorer.exe C: \ Windows \ System32 \ spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Windows \ System32 \ Ctfmon.exe C: \ PROGRA ~ 1 \ ОБЩА ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Общи файлове \ Microsoft споделени \ VS7DEBUG \ MDM.EXE C: \ Windows \ System32 \ nvsvc32.exe C: \ Program Files \ Microsoft Windows Live OneCare \ Firewall \ msfwsvc.exe C: \ Windows \ System32 \ wscntfy.exe C: \ Program Files \ Western Union \ Универсален освобождаване \ Translink.exe C: \ Program Files \ Internet Explorer \ Iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Микро \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Първа страница = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Първа страница = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ търсенето, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Другар \ инсталира \ cpn \ yt.dll O2 - BHO: Adobe PDF Reader Линк Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper клас - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ SW g.dll O2 - BHO: CBrowserHelperObject обекта - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Другар \ инсталира \ cpn \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar3.dll O4 - HKLM \ .. \ Пусни: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ System32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Пусни: [QuickTime Задача] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Пусни: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Пусни: [Ctfmon.exe] C: \ Windows \ System32 \ Ctfmon.exe O8 - Extra контекста меню: Добави към Банер Рекламна прозорци - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm O8 - Extra контекст менюто: E & Експортиране към Microsoft Excel - RES: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000 O9 - Extra бутона: (няма име) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O9 - Extra "Инструменти" MENUITEM: Sun Java конзолата - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O9 - Extra бутона: Уеб трафика защита статистика - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll O9 - Extra бутона: Изследвания - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra бутона: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ Windows \ System32 \ Shdocvw.dll O9 - Extra бутона: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra "Инструменти" MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI обект) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Бъди Покани) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (принтер клас) -- HTTPS: / / webcenter.ipponline.com / ippo...iptPrinter.cab O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat обект) -- http://zone.msn.com/binframework/v10...t.cab55579.cab O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- HTTPS: / / webcenter.ipponline.com / ippo...ScannerDll.CAB O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Игри - Игра Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl клас) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab Ø18 - Филтър отвличане: текст / HTML - (59610584-cc18-436f-b031-a6893781f08d) - C: \ windows \ system32 \ msziptools.dll O20 - AppInit_DLLs: C: \ Program ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ Program Files 1 \ Каспер ~ 1 \ Каспер ~ 1 \ mzvkbd.dll, C: \ Program Files 1 \ Каспер ~ 1 \ Каспер ~ 1 \ mzvkbd3.dll, C: \ Program ~ 1 \ Каспер ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ Program ~ 1 \ Каспер ~ 1 \ Каспер ~ 1 \ kloe hk.dll dwolhm.dll O20 - Winlogon Уведомявай:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Обслужване: AOL Свързване служба (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ ОБЩА ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Обслужване: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Служба: Google Updater служба (gusvc) - Google - C: \ Program Files \ Google \ Обща \ Google Updater \ GoogleUpdaterService.exe O23 - Обслужване: NVIDIA Покажи Driver служба (NVSvc) - NVIDIA Corporation - C: \ Windows \ System32 \ nvsvc32.exe -- Край на файл - 6163 байта |
|
#4
27-ми октомври 2008 година, 08:58
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете SUPERAntiSpyware Сканирай Вход http://www.superantispyware.com Generated 10/23/2008 в 11:31 ч. Заявление Версия: 4.21.1004 Core правилник База данни Версия: 3606 "Трейс правилник База данни Версия: 1592 Сканиране тип: Пълно сканиране Общо сканиране Час: 00:36:11 Памет продукти сканирани: 460 Памет заплахи открити: 3 Секретариата продукти сканирани: 5191 Секретариата открити заплахи: 385 Файла позиции сканирани: 37221 Файл открити заплахи: 260 Trojan.Downloader-NewJuan/VM C: \ Program Files \ SYSTEM32 \ SZNQNJ.DLL C: \ Program Files \ SYSTEM32 \ SZNQNJ.DLL Trojan.Vundo-Variant/Small-GEN C: \ Program Files \ SYSTEM32 \ RQRIJAST.DLL C: \ Program Files \ SYSTEM32 \ RQRIJAST.DLL Adware.Vundo Вариант / Постоянен C: \ Program Files \ SYSTEM32 \ QOMGHECB.DLL C: \ Program Files \ SYSTEM32 \ QOMGHECB.DLL Trojan.Vundo-Variant/NextGen HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper обекти \ (14F3A19A-1552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32 HKCR \ CLSID \ (14F3A19A-1552-46C1-A1C8-A2179A397038) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper обекти \ (9AD7FC7F-1FE1-9AC5-4414-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-9AC5-4414-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-9AC5-4414-EC51457528E4) \ InprocServer32 HKCR \ CLSID \ (9AD7FC7F-1FE1-9AC5-4414-EC51457528E4) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (9AD7FC7F-4414-1FE1-9AC5-EC51457528E4) Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Изпращайте \ rqRiJAst Trojan.Vundo-Variant/NextGen-Six HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper обекти \ (f904655c-8a31-4df9-be6d-8b5cb123d208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 # ThreadingModel C: \ Program Files \ SYSTEM32 \ PNSWWF.DLL Trojan.Smitfraud Вариант / IE Анти-Spyware HKLM \ Software \ Microsoft \ Internet Explorer \ Разширения \ (9034A523-D068-4BE8-A284-9DF278BE776E) Adware.Tracking Cookie C: \ Documents и Settings \ Lifeline \ Cookies \ drevolver lifeline@dynamic.media.a [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ HTML [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ реклама [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Chitika [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@server.iad.live лице [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ linksynergy [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ questionmarket [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ U lifeline@trvlnet.adburea [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ slive lifeline@statse.webtrend [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ fastclick [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ specificclick [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@iacas.adbureau [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@citi.bridgetrac к [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@banners.andomed я [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ обслужващи-SYS [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ trafficmp [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.addynamix [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Zedo [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.pointroll [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@glb.adtechus [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ interclick [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-hyundaiusa.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@media.ntsserve [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.shopica [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 60960915 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@bs.serving-sys [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ bluestreak [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ roiservice [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ superrewards [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ atdmt [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ trackalyzer [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Tacoda [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@sparknetworks.1 12.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ колективно медиите [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ atwola [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 35668663 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@web4.realtracke R [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ checkingsaccoun tsfree [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@track.bestbuy [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.as4x.tmcs [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Adbrite [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-spyderactivesportinc.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ media6degrees [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ DoubleClick [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@edge.ru4 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ casalemedia [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ приходи [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@homeaway.112.2o 7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ insightexpressa I [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@adserver.adreac Tor [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@media.mtvnservi CES [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adinterax [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@tremor.adbureau [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@optimize.indiec оближе [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ valueclick [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 44153975 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.travelcount Ry [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@media.adrevolve R [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@hearstugo.112.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ моля [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-hollywoodmedia.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ waterfrontmedia .112.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@anat.tacoda [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@snapfish.112.2o 7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.cnn [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.bridgetrack [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ nextag [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@data.coremetric S [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ burstnet [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ azjmp [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 247realmedia [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ tradedoubler [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ CGI-BIN [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-dig.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@adopt.euroclick [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adrevolver [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@anad.tacoda [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ про-пазар [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@viavh1com.112.2 O7 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adrevolver [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ RealMedia [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@viavh1comdev.11 2.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wdl4umcjogo.stats.esomniture [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@adopt.specificc оближе [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ StatCounter [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@rm.yieldmanager [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ увертюра [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ revsci [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 27467505 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@extrovert.122.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ Dmax lifeline@tracking.keywor [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ tribalfusion [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ mediaplex [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@richmedia.yahoo [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ apmebf [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@at.atwola [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.calorie-count [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1071868927 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже приспособление @ [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.mynetfinder [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adlegend [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Kontera [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ Backcountry [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ SPD0478 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ ми калорични борсата [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.polygonelit д [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@mlarmani.122.2o 7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.o2 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@aerlingus.122.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.widgetbucks [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@prospect.adbure АС [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@wunderloop.zano X [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ SEO lifeline@tracking.fathom [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ valeantpharmace uticals.112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1072676049 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@pai.112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@shopping.112.2o 7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.cheapflight и [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@stampscom.112.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 27814325 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ordie.adbureau [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.backcountry изход [3]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.backcountry изход [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 60960915 [3]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.mediamayhem сп [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ nters lifeline@counter.surfcou [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@msnportal.112.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ ntent lifeline@ad.associatedco [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@hit.stat [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wjnyekc5ogo.stats.esomniture [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ showit [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 41586732 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@tracking.foundr y42 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.scribefire [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1070515056 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ bizrate [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-homesandland.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@homestore.122.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@te.kontera [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@perf.overture [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@redirect.clicks hield [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ hypertracker [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1069204868 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1070848910 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ joyforouryouth. 112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ н lifeline@sales.liveperso [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adtech [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1070932382 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@warnerbros.112. 2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@zbox.zanox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1068787440 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-officeworld.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-warnerbrothers.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ directtrack [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ microsoftwindow s.112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ qnsr [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ media303 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ LPneimanmarcus [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-foxsports.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ калориите в брой [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@bridge.admarket място [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ ни lifeline@adserver.adtech [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@viacom.adbureau [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@healthgrades.11 2.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ford.112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ partner2profit [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ backcountryoutl et [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@viator.122.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.burstnet [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@blackstone.122. 2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ssm.directtrack [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ yadro [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ yieldmanager [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.yoyo [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ mediapromoter [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ ротаторния [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ angleinteractiv e.directtrack [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@amazonbebe.122. 2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ clickbooth [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ sharewellgroup. 112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-guess.hitbox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.quixsurf [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1068951109 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ CGI-BIN [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ socialmedia [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adtrafficdriver [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ pcvirusremover2 008 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@login.tracking1 01 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.burstbeacon [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ efashionsolutio ns.122.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ polygonelite [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.penis.com [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@stat.dealtime [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ clicktorrent [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 56294818 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@sixapart.adbure АС [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad1.clickhype [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@kaboose.112.2o7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-groupernetworks.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@afe.specificcli CK [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ засили [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@videoegg.adbure АС [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ eyewonder [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ hornymatches [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ adserver [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@adserver.easyad [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 33069911 [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ specificmedia [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ п-медиите [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@test.coremetric S [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ к lifeline@counter.hitslin [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.zanox [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.monster [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ моля [3]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.findgift [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ pricesexposed [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ shopica [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ wmvmedialease [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1052094474 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ watchmyclicks [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ads.ovguide [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ пращене [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ehg-advertisementbv.hitbox [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ бърз скенер [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 1066497271 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@clickz.lonelych eatingwives [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ 76226072 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@tracking.novem [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@viamtvcom.112.2 O7 [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@www.findit-quick [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ сметки [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ lifeline@media.licenseac quisition [2]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ обслужващи-SYS [1]. TXT C: \ Documents и Settings \ Lifeline \ Cookies \ въже @ WebStats [1]. TXT C: \ Documents и Settings \ LocalService \ Cookies \ System @ 2o7 [1]. TXT CommonName Toolbar / Browser Helper Object HKCR \ CLSID \ (00000000-0000-0000-0000-000000000000) Trojan.MalwareWipe HKCR \ AppId \ (70F17C8C-1744-41B6-9D07-575DB448DCC5) Malware.AntiVirusGolden HKCR \ Cerberus.EngineListener HKCR \ Cerberus.EngineListener \ CLSID HKCR \ Cerberus.EngineListener \ CurVer HKCR \ Cerberus.EngineListener.1 HKCR \ Cerberus.EngineListener.1 \ CLSID HKCR \ Cerberus.Scanner HKCR \ Cerberus.Scanner \ CLSID HKCR \ Cerberus.Scanner \ CurVer HKCR \ Cerberus.Scanner.1 HKCR \ Cerberus.Scanner.1 \ CLSID HKCR \ Cerberus.ThreatCollection HKCR \ Cerberus.ThreatCollection \ CLSID HKCR \ Cerberus.ThreatCollection \ CurVer HKCR \ Cerberus.ThreatCollection.1 HKCR \ Cerberus.ThreatCollection.1 \ CLSID HKCR \ Engine.Backup HKCR \ Engine.Backup \ CLSID HKCR \ Engine.Backup \ CurVer HKCR \ Engine.Backup.1 HKCR \ Engine.Backup.1 \ CLSID HKCR \ Engine.IgnoreList HKCR \ Engine.IgnoreList \ CLSID HKCR \ Engine.IgnoreList \ CurVer HKCR \ Engine.IgnoreList.1 HKCR \ Engine.IgnoreList.1 \ CLSID HKCR \ Engine.Log HKCR \ Engine.Log \ CLSID HKCR \ Engine.Log \ CurVer HKCR \ Engine.Log.1 HKCR \ Engine.Log.1 \ CLSID HKCR \ Engine.LogRecord HKCR \ Engine.LogRecord \ CLSID HKCR \ Engine.LogRecord \ CurVer HKCR \ Engine.LogRecord.1 HKCR \ Engine.LogRecord.1 \ CLSID HKCR \ Engine.Paths HKCR \ Engine.Paths \ CLSID HKCR \ Engine.Paths \ CurVer HKCR \ Engine.Paths.1 HKCR \ Engine.Paths.1 \ CLSID HKCR \ Engine.Quarantine HKCR \ Engine.Quarantine \ CLSID HKCR \ Engine.Quarantine \ CurVer HKCR \ Engine.Quarantine.1 HKCR \ Engine.Quarantine.1 \ CLSID HKCR \ Engine.RunAs HKCR \ Engine.RunAs \ CLSID HKCR \ Engine.RunAs \ CurVer HKCR \ Engine.RunAs.1 HKCR \ Engine.RunAs.1 \ CLSID HKCR \ Engine.SearchItem HKCR \ Engine.SearchItem \ CLSID HKCR \ Engine.SearchItem \ CurVer HKCR \ Engine.SearchItem.1 HKCR \ Engine.SearchItem.1 \ CLSID HKCR \ Engine.Threat HKCR \ Engine.Threat \ CLSID HKCR \ Engine.Threat \ CurVer HKCR \ Engine.Threat.1 HKCR \ Engine.Threat.1 \ CLSID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) # AppID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32 HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ ProgID HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ програмируеми HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ TypeLib HKCR \ CLSID \ (020B1227-417D-4682-9AC3-61F43CB5B6B1) \ VersionIndependentProgID HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) # AppID HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32 HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ ProgID HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ програмируеми HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ TypeLib HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ VersionIndependentProgID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) # AppID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ ProgID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ програмируеми HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ TypeLib HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ VersionIndependentProgID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) # AppID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ ProgID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ TypeLib HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ VersionIndependentProgID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) # AppID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32 HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ ProgID HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ TypeLib HKCR \ CLSID \ (408F660A-9465-44a3-B557-8709DFD992BC) \ VersionIndependentProgID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) # AppID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ ProgID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ TypeLib HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ VersionIndependentProgID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) # AppID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ ProgID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ TypeLib HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ VersionIndependentProgID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) # AppID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32 HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ ProgID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ TypeLib HKCR \ CLSID \ (8EE6BF73-B370-4d13-9126-EB0071178F2E) \ VersionIndependentProgID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) # AppID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ ProgID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ програмируеми HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ TypeLib HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ VersionIndependentProgID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) # AppID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ ProgID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ TypeLib HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ VersionIndependentProgID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) # AppID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ LocalServer32 HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ ProgID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ програмируеми HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ TypeLib HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ VersionIndependentProgID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) # AppID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32 HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ ProgID HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ TypeLib HKCR \ CLSID \ (D6D64CDF-0363-4261-B723-29A3AF365E1D) \ VersionIndependentProgID HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1,0 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ ЗНАМЕНА HKCR \ TypeLib \ (60F94D7D-563E-4942-B5EC-2DE9C135C139) \ 1.0 \ HELPDIR HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ ProxyStubClsid32 HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ TypeLib HKCR \ Interface \ (27ED4AC2-B6D8-4079-9831-017A100B391E) \ TypeLib # Version HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ ProxyStubClsid32 HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ TypeLib HKCR \ Interface \ (3F6D6C35-FB73-45E6-9473-BB4CC25CE019) \ TypeLib # Version HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid32 HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib # Version HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid32 HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib # Version HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid32 HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib # Version HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid32 HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib # Version HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ ProxyStubClsid32 HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ TypeLib HKCR \ Interface \ (925B0211-A1C1-4712-8FCA-5F5B8101736D) \ TypeLib # Version HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid32 HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ TypeLib HKCR \ Interface \ (B01E37C4-5497-4D58-9FFD-D5653B8DC866) \ TypeLib # Version HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid32 HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib # Version HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid32 HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib # Version HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ ProxyStubClsid32 HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ TypeLib HKCR \ Interface \ (ED2AFF47-B7BE-4273-A203-C796E87F72D2) \ TypeLib # Version HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ ProxyStubClsid32 HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ TypeLib HKCR \ Interface \ (F0FA7ED9-5A0A-4374-B63E-BEBAFD52192E) \ TypeLib # Version HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid32 HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib # Version HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ ProxyStubClsid32 HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ TypeLib HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9541-5A75ADDF4ABA) \ TypeLib # Version HKCR \ Interface \ (FDDF521B-0EBE-838C-4D15-73E2D851161B) HKCR \ Interface \ (FDDF521B-0EBE-838C-4D15-73E2D851161B) \ ProxyStubClsid HKCR \ Interface \ (FDDF521B-0EBE-838C-4D15-73E2D851161B) \ ProxyStubClsid32 HKCR \ Interface \ (FDDF521B-0EBE-838C-4D15-73E2D851161B) \ TypeLib HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ TypeLib # Version HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid32 HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib # Version HKCR \ AppId \ Cerberus.EXE HKCR \ AppId \ Cerberus.EXE # AppID Trojan.Media-Кодек C: \ Documents и Settings \ Lifeline \ Favorites \ онлайн сигурност Test.url Adware.180solutions/Seekmo HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ seekmo HKLM \ Software \ seekmo HKLM \ Software \ seekmo # cvf HKLM \ Software \ seekmo # install_embedded HKLM \ Software \ seekmo # UMT HKLM \ Software \ seekmo # duid HKLM \ Software \ seekmo # partner_id HKLM \ Software \ seekmo # product_id C: \ Program Files \ Seekmo \ seekmoau.dat C: \ Program Files \ Seekmo \ seekmo_gdf.dat C: \ Program Files \ Seekmo \ seekmo_kyf.dat C: \ Program Files \ Seekmo C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Seekmo клиентите Support.url C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Seekmo.com.url C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant \ Uninstall Seekmo Instructions.lnk C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ Seekmo Search Assistant Trojan.DNSChanger-Кодек HKCR \ CLSID \ E404.e404mgr HKCR \ CLSID \ E404.e404mgr # UserId Trojan.Media-Codec/V4 HKCR \ videoPl.chl HKCR \ videoPl.chl \ CLSID HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # ProductionEnvironment HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # DisplayName HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # UninstallString HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # DisplayIcon HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # DisplayVersion HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ мултимедиен софтуер # Publisher Rogue.AntiSpyKit HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ cnreqoyLmwnuv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ crrmlfrwzfxhg HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ gizbuobfa HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ InprocServer32 HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ KIcbv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ nfjRol HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ rDkSqA Rogue.VirusHeat HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hwuhrcdfh HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ hxgfzhjfHrx HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32 HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ InprocServer32 # ThreadingModel HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ iTzlTI HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ nMnkE HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ OufPqTb HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ sBnix HKCR \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) \ uAEeiihPke HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1,0 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ ЗНАМЕНА HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ HELPDIR HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid32 HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ TypeLib HKCR \ Interface \ (0EC085A8-9818-43B7-B975-EC7555EDA4D2) \ TypeLib # Version HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid32 HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ TypeLib HKCR \ Interface \ (1A74C41C-0837-4FBE-BA50-621EB70F01CE) \ TypeLib # Version HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid32 HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib # Version HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid32 HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib # Version HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid32 HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ TypeLib HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ TypeLib # Version HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid32 HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib # Version HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid32 HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib # Version HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ ProxyStubClsid32 HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ TypeLib HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9447-4ED29A36BF5D) \ TypeLib # Version HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ ProxyStubClsid32 HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ TypeLib HKCR \ Interface \ (7EBB34CF-1728-4136-A968-48F231DAD1B4) \ TypeLib # Version HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid32 HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ TypeLib HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ TypeLib # Version HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid32 HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib # Version HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid32 HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib # Version HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid32 HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib # Version HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ ProxyStubClsid32 HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ TypeLib HKCR \ Interface \ (E80114AA-6653-4952-9E97-5F1DC63BEE0F) \ TypeLib # Version HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid32 HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib # Version HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid32 HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib # Version Trojan.Media-Codec/V5 HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ NetProject HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Интернет услуги HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Интернет услуги # DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Интернет услуги # UninstallString HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure браузър HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure браузър "# DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni nstall \ Secure браузър "# UninstallString Adware.Vundo Вариант / Rel HKLM \ Software \ Microsoft \ FCOVM HKLM \ Software \ Microsoft \ RemoveRP |
|
#5
27-ми октомври 2008 година, 08:59
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете Malwarebytes "Анти-злонамерен софтуер 1,30 База данни версия: 1310 Windows 5.1.2600 Service Pack 2 10/23/2008 12:24:55 ч. mbam-дневник-2008-10-23 (12-24-55). TXT Сканиране тип: Бързо сканиране Обекти сканирани: 52051 Време изминали: 6 минути (а), 54 секунди (а) Памет процеси Заразени: 0 Заразени модули памет: 7 Ключове в регистъра Infected: 124 Заразени стойности в системния регистър: 15 Регистър на данните Заразени Точки: 2 Заразени папки: 6 Заразени файлове: 56 Памет Заразени процеси: (№ злонамерени статии открит) Заразени модули памет: C: \ windows \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ pnswwf.dll (Trojan.Vundo) -> Изтриване на рестартиране. C: \ windows \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ emufbyex.dll (Trojan.Vundo) -> Изтриване на рестартиране. C: \ windows \ system32 \ dwolhm.dll (Trojan.Vundo) -> Изтриване на рестартиране. C: \ windows \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. Ключове в регистъра Заразени: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper обекти \ (06ef2cab-3340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_CLASSES_ROOT \ CLSID \ (06ef2cab-3340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper обекти \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Изпращайте \ rqrijast (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_CLASSES_ROOT \ CLSID \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper обекти \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Изпращайте \ jvkuajdi (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_CLASSES_ROOT \ CLSID \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper обекти \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (06ef2cab-3340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (c8a09740-1b82-4f12-8249-39844419ed2d) (Trojan.Vundo) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.enginelistener (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.enginelistener.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.scanner (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.scanner.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.threatcollection (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ cerberus.threatcollection.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.backup (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.backup.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.ignorelist (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.ignorelist.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.log (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.log.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.logrecord (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.logrecord.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.paths (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.paths.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.quarantine (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.quarantine.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.runas (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.runas.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.searchitem (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.searchitem.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.threat (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ engine.threat.1 (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ main.bho (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ main.bho.1 (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (0ec085a8-9818-43b7-b975-ec7555eda4d2) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (1a74c41c-0837-4fbe-ba50-621eb70f01ce) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (25297614-1b76-4c2c-82c6-62738aa0e8f0) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (27ed4ac2-b6d8-4079-9831-017a100b391e) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (37f89457-1208-4670-9245-58c62bd6d870) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (3f6d6c35-fb73-45e6-9473-bb4cc25ce019) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (45477032-abd0-454d-9ce4-ea34c10322f8) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (69e34747-0b27-4b30-ae20-1023bf29e246) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (715d709b-2b10-42fa-a069-297d25d93601) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (79be5b3b-80b2-4b77-a042-efc90f6e0de7) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (7c0ec6bf-81b9-4fe0-9447-4ed29a36bf5d) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (7ebb34cf-1728-4136-a968-48f231dad1b4) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (872c1b1e-3cf0-4d3a-95e5-a0c662d2854c) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (886b1d08-b404-40f0-aa18-4e416682a2e9) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (88daa291-b413-4c46-b378-3be66f65369e) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (8b5f65cf-0b0a-4291-8da2-86d7f7b0a6db) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (925b0211-a1c1-4712-8fca-5f5b8101736d) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (936a2f4a-53f8-4d2f-92aa-2f9de889841c) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (986a8ac1-ab4d-4f41-9068-4b01c0197867) (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (afcc3fa7-82a9-42d5-a405-78711e97a5d6) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (b01e37c4-5497-4d58-9ffd-d5653b8dc866) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (cc05a4a3-7b28-488f-ab02-6aaedb86accf) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (ccaa201c-c48d-48a8-a1e8-846562cbf1c1) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (d483521b-d5cc-43ff-a45a-9be4a8e6606e) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (e80114aa-6653-4952-9e97-5f1dc63bee0f) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (ed2aff47-b7be-4273-a203-c796e87f72d2) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (f0fa7ed9-5a0a-4374-b63e-bebafd52192e) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (f5dee77c-87eb-4e00-bbf9-8cbf3bdea7af) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (f9109a2a-432B-4add-a6fa-06ba22dcd2d9) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (fb5ddab7-6aa5-4e97-9541-5a75addf4aba) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (fca3958a-8d38-4d14-8b81-ccd7f68a8a01) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (fddf521b-0ebe-4d15-838c-73e2d851161b) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Interface \ (ff609434-eb47-481b-ba0e-1d2b467629a5) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (6743c36c-cbfe-11 db-9705-005056c00008) (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) (Rogue.Multiple) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (E94EB13E-D78F-0857-7734-5E67A49FFFF1) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (020b1227-417d-4682-9ac3-61f43cb5b6b1) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (125494b2-Акад.-414c-98b9-452f3ef7703a) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (20a3d913-30ef-4e69-b3f7-93b3f1fb9d5c) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (3d00a39c-655b-428b-aeb2-2fba03dcc49c) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (408f660a-9465-44a3-b557-8709dfd992bc) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (5f6bbd8a-18cf-4d55-8b4c-c9b4c9328dfe) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (8c56b6ce-c53f-44c4-9bdc-a9bc1711d05a) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (8ee6bf73-b370-4d13-9126-eb0071178f2e) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (97f56e12-c706-4aeb-9ffb-133c05ee5d38) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (9bb7e700-4e48-476d-b75c-6f47606be988) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (cbcaca58-1aee-4600-8cf0-e8b30bff1535) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ CLSID \ (d6d64cdf-0363-4261-b723-29a3af365e1d) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ TypeLib \ (8e3c68cd-ф500-4a2a-8cb9-132bb38c3573) (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ Typelib \ (60f94d7d-563e-4942-b5ec-2de9c135c139) (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ TypeLib \ (cbd02e9b-37ef-47d2-96b0-3abbb2eb92bf) (Rogue.VirusHeat) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ AppID \ (a0e1054b-01ee-4d57-a059-4d99f339709f) (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ AppID \ (70f17c8c-1744-41b6-9d07-575db448dcc5) (Rogue.Multiple) -> карантина и изтрити успешно. HKEY_CLASSES_ROOT \ Installer \ UpgradeCodes \ 7c673a5b8 71b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (afd4ad01-58c1-47 db-a404-fbe00a6c5486) (Trojan.BHO) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (c2a1c5cb-c0ef-4689-9436-f62cca1c5383) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ SearchScopes \ (daed9266-8c28-4c1c-8b58-5c66eff1d302) (Search.Hijack) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Installer \ UpgradeCodes \ 7c673a5b871b8cd4 19f47dd0de5a6d18 (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ControlPanel \ Namespace \ (6743c3 6в-cbfe-11 db-9705-005056c00008) (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Вътр \ PreApproved \ (0ac49246-419b-4ee0-8917-8818daad6a4e) (Adware.180Solutions) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Вътр \ PreApproved \ (99410cde-42ce-6f16-9d49-3807f78f0287) (Adware.180Solutions) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Вътр \ PreApproved \ (f31a5d11-bf0b-4a4e-90af-274f2090aaa6) (Adware.180Solutions) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Internet Explorer \ Разширения \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Услуги \ J qvxedzb (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet003 \ Услуги \ J qvxedzb (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Services ES \ jqvxedzb (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Извод Ext \ Stats \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ seekmo (Adware.Seekmo) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ AdwareAlert (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ NetProject (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Интернет услуги (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ охраняем браузъра (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Web Application (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Хуан (Malware.Trace) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ contim (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ instkey (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Track система (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ rdfa (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Деинсталиране \ MultiMedia Софтуер (Trojan.Zlob) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ seekmo (Adware.Seekmo) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ videoPl.chl (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CLASSES_ROOT \ AppID \ Cerberus.EXE (Rogue.Antivirus.Gold) -> карантина и изтрити успешно. Заразени стойности в системния регистър: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Run \ b0c087c0 (Trojan.Vundo.H) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks \ (9ad7fc7f-1fe1-4414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Изтриване на рестартиране. HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Разширения \ CmdMapping \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Explorer \ SharedTaskScheduler \ (ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c) (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ браузъра Settings \ BF (Trojan.Agent) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ браузъра Settings \ BK (Trojan.Agent) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ браузъра Settings \ IU (Trojan.Agent) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ браузъра Settings \ MU (Trojan.Agent) -> карантина и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Installer \ папка \ C: \ Program Files \ adwarealert \ (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Installer \ папка \ C: \ Program Files \ adwarealert \ filterdrv \ (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entVersion \ Installer \ папка \ C: \ Documents и Settings \ All Users \ менюто "Старт" \ Programs \ adwarealert \ (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ АДФ (Rogue.Multiple) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ Оставя \ *. securewebinfo.com (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ Оставя \ *. safetyincludes.com (Trojan.Zlob) -> Quarantined и изтрити успешно. HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ New Windows \ Оставя \ *. securemanaging.com (Trojan.Zlob) -> Quarantined и изтрити успешно. Регистър на данните Точки заболяване: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control L \ LSA \ Уведомление пакети (Trojan.Vundo.H) -> Данни: C: \ Windows \ System32 \ qomghecb -> Quarantined и изтрити успешно. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Control L \ LSA \ Authentication Packages (Trojan.Vundo) -> Данни: C: \ Windows \ System32 \ qomghecb -> Изтриване на рестартиране. Заразени папки: C: \ Program Files \ Seekmo (Adware.180Solutions) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ AppCert (Trojan.Downloader) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ AdwareAlert (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ настройки (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. Заразени файлове: C: \ windows \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ bcehgMoq.ini (Trojan.Vundo.H) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ bcehgMoq.ini2 (Trojan.Vundo.H) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ dwolhm.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ evhuoman.dll (Trojan.Vundo.H) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ namouhve.ini (Trojan.Vundo.H) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Изтриване на рестартиране. C: \ windows \ system32 \ uqtnjtpl.ini (Trojan.Vundo.H) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ pnswwf.dll (Trojan.Vundo) -> Изтриване на рестартиране. C: \ windows \ system32 \ emufbyex.dll (Trojan.Vundo) -> Изтриване на рестартиране. C: \ Program Files \ Common \ _helper.dll (Trojan.BHO) -> Quarantined и изтрити успешно. C: \ Program Files \ \ Installer (AD4149B3-56B1-4E2A-A8A4-54FF9DE92C87) \ Icon.exe (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ ywpnxpys.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ cwokkj.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ cypdyp.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ dhebaasf.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ fdbgbvkj.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ mpasahjl.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ sznqnj.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ nuuwnrfb.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ opcapbye.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ plljru.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ tgycffmw.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ blukkoij.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ bxdiyfrs.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ ftvwbfjg.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ vgrksjuc.dll (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ ulmxavjt.exe (Trojan.LowZones) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LMQL183J \ upd105320 [1] (Trojan.Vundo) -> Quarantined и изтрити успешно. C: \ Program Files \ Seekmo \ seekmoau.dat (Adware.180Solutions) -> Quarantined и изтрити успешно. C: \ Program Files \ Seekmo \ seekmo_gdf.dat (Adware.180Solutions) -> Quarantined и изтрити успешно. C: \ Program Files \ Seekmo \ seekmo_kyf.dat (Adware.180Solutions) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ AppCert \ filter.drv (Trojan.Downloader) -> Quarantined и изтрити успешно. C: \ windows \ system32 \ AppCert \ options.dat (Trojan.Downloader) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert на Web.lnk (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert.lnk (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ rs.dat (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 19 април - 03_00_00 AM_625.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 19 април - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 20 април - 03_00_00 AM_609.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 20 април - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 21 април - 03_00_00 AM_484.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 21 април - 03_00_01 AM_203.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 22 април - 03_00_00 AM_250.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 22 април - 03_00_00 AM_562.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 23 април - 03_00_00 AM_281.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 23 април - 03_00_00 AM_640.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 23 април - 11_06_53 AM_968.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Вход \ 2008 23 април - 11_12_02 AM_000.log (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings \ ScanResults.pie (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. C: \ Program Files \ Common \ helper.dll (Trojan.BHO) -> Quarantined и изтрити успешно. C: \ Program Files \ задачи \ AdwareAlert Планирана Scan.job (Trojan.Downloader) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ Lifeline \ Favorites \ онлайн сигурност Test.url (Rogue.Link) -> Quarantined и изтрити успешно. C: \ Documents и Settings \ All Users \ Desktop \ AdwareAlert.lnk (Rogue.AdwareAlert) -> Quarantined и изтрити успешно. |
|
#6
27-ми октомври 2008 година, 09:04
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете Намирате се използват две антивирусни и две защитни стени (сигурност апартамента). Деинсталирайте, един от тях сега това след нова HijackThis дънер.
__________________  |
|
#7
27-ми октомври 2008 година, 09:11
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете и аз имам Kaspersky Antivirus инсталира, така си и огън стена и IM познае защитната стена на Windows е включен Не знам и аз какъв друг антивирусен софтуер е инсталиран IM не работи нищо друго U може да бъде по-конкретен? |
|
#8
27-ми октомври 2008 година, 09:17
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете Microsoft Windows Live OneCare е антивирусна / фойерверк комбинация.
__________________ |
|
#9
29 октомври 2008, 08:01
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете Добре видях но се внимава да не се инсталира и го деинсталира, когато бях инсталирате Kaspersky тук е нов HijackThis така или иначе. Logfile на Тренд Микро HijackThis v2.0.2 Сканиране записани в 11:02:53 ч. от 10/29/2008 Платформа: Windows XP SP2 (Winnt 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Обувка готовност: Нормално Работещи процеси: C: \ Windows \ System32 \ smss.exe C: \ Windows \ System32 \ winlogon.exe C: \ Windows \ System32 \ services.exe C: \ Windows \ System32 \ lsass.exe C: \ Windows \ System32 \ Svchost.exe C: \ Windows \ System32 \ Svchost.exe C: \ Windows \ Explorer.exe C: \ Windows \ System32 \ spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Windows \ System32 \ Ctfmon.exe C: \ PROGRA ~ 1 \ ОБЩА ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Общи файлове \ Microsoft споделени \ VS7DEBUG \ MDM.EXE C: \ Windows \ System32 \ nvsvc32.exe C: \ Windows \ System32 \ wscntfy.exe C: \ Program Files \ Western Union \ Универсален освобождаване \ Translink.exe C: \ Program Files \ Internet Explorer \ Iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Микро \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Първа страница = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Първа страница = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ търсенето, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Другар \ инсталира \ cpn \ yt.dll O2 - BHO: Adobe PDF Reader Линк Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper клас - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ SW g.dll O2 - BHO: CBrowserHelperObject обекта - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Другар \ инсталира \ cpn \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar3.dll O4 - HKLM \ .. \ Пусни: [NvCplDaemon] RUNDLL32.EXE C: \ Windows \ System32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Пусни: [QuickTime Задача] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Пусни: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Пусни: [Ctfmon.exe] C: \ Windows \ System32 \ Ctfmon.exe O8 - Extra контекста меню: Добави към Банер Рекламна прозорци - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm O8 - Extra контекст менюто: E & Експортиране към Microsoft Excel - RES: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ EXCEL.EXE/3000 O9 - Extra бутона: (няма име) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O9 - Extra "Инструменти" MENUITEM: Sun Java конзолата - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ бен \ ssv.dll O9 - Extra бутона: Уеб трафика защита статистика - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll O9 - Extra бутона: Изследвания - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ OFFICE11 \ REFIEBAR.DLL O9 - Extra бутона: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ Windows \ System32 \ Shdocvw.dll O9 - Extra бутона: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra "Инструменти" MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI обект) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - Бъди Покани) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab O16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (принтер клас) -- HTTPS: / / webcenter.ipponline.com / ippo...iptPrinter.cab O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat обект) -- http://zone.msn.com/binframework/v10...t.cab55579.cab O16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- HTTPS: / / webcenter.ipponline.com / ippo...ScannerDll.CAB O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Игри - Игра Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab O16 - DPF: (F773E7B2-62A9-4524-9109-87D2F0BEFAA4) (ChessControl клас) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab Ø18 - Филтър отвличане: текст / HTML - (59610584-cc18-436f-b031-a6893781f08d) - C: \ windows \ system32 \ msziptools.dll O20 - AppInit_DLLs: C: \ Program ~ 1 \ Google \ GOOGLE ~ 1 \ GOEC62 ~ 1.DLL, C: \ Program Files 1 \ Каспер ~ 1 \ Каспер ~ 1 \ mzvkbd.dll, C: \ Program Files 1 \ Каспер ~ 1 \ Каспер ~ 1 \ mzvkbd3.dll, C: \ Program ~ 1 \ Каспер ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ Program ~ 1 \ Каспер ~ 1 \ Каспер ~ 1 \ kloe hk.dll dwolhm.dll O20 - Winlogon Уведомявай:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Обслужване: AOL Свързване служба (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ ОБЩА ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Обслужване: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Служба: Google Updater служба (gusvc) - Google - C: \ Program Files \ Google \ Обща \ Google Updater \ GoogleUpdaterService.exe O23 - Service: OneCare Firewall (msfwsvc) - Unknown собственик - C: \ Program Files \ Microsoft Windows Live OneCare \ Firewall \ msfwsvc.exe (файл липсва) O23 - Обслужване: NVIDIA Покажи Driver служба (NVSvc) - NVIDIA Corporation - C: \ Windows \ System32 \ nvsvc32.exe O23 - Service: OneCare AntiSpyware и AntiVirus (OneCareMP) - Unknown собственик - C: \ Program Files \ Microsoft Windows Live OneCare \ Antivirus \ MsMpEng.exe (файл липсва) -- Край на файл - 6332 байта |
|
#10
29-ти октомври 2008 година, 09:55
| |||
| |||
| Заразени с Heur.trojan.generic Моля, помогнете Отворете HijackThis и изберете Направи система, сканира само. Поставете отметка до следните данни: (ако има) - Ø18 - Филтър отвличане: текст / HTML - (59610584-cc18-436f-b031-a6893781f08d) - C: \ windows \ system32 \ msziptools.dll - O23 - Service: OneCare Firewall (msfwsvc) - Unknown собственик - C: \ Program Files \ Microsoft Windows Live OneCare \ Firewall \ msfwsvc.exe (файл липсва) - O23 - Service: OneCare AntiSpyware и AntiVirus (OneCareMP) - Unknown собственик - C: \ Program Files \ Microsoft Windows Live OneCare \ Antivirus \ MsMpEng.exe (файл липсва) Важно: Затворете всички прозорци освен HijackThis и натиснете Fix проверени. Изход HijackThis. ---------- Отиди на Start> Run и вид Notepad.exe след което натиснете OK. Копирайте и поставете следния текст в рамките на код в нов прозорец Notepad картотекирам. Код: @ Хуманитарна НОВО SC гише "msfwsvc" SC изтриване "msfwsvc" SC гише "OneCareMP" SC изтриване "OneCareMP" изход Изберете Запази в място, където да бъде Desktop, както и за Име на файла: въведете fixme.bat гарантира, че Запиши като тип областта казва Всички файлове. Следваща двойно кликване fixservice.bat за да го изпълним. Черна кутия трябва да отворите и да затворите след кратко време, това е нормално. Да не се продължи, докато черната кутия е затворена Изтриване fixservice.bat от Desktop. ---------- Изтеглям OTMoveIt2 от OldTimer и го запишете на вашия Desktop. Забележка: Ако работите на Vista, щракнете с десния бутон върху OTMoveIt2.exe и изберете Пусни като администратор. 1. Щракнете два пъти върху OTMoveIt2.exe за да го изпълним. 2. Копирайте линии в codebox долу. Код: [убие Explorer] C: \ Program Files \ Microsoft Windows Live OneCare EmptyTemp [старт Explorer] 4. Кликнете на червените Moveit! бутон. 5. Копирай всичко в резултатите прозорец (под зелената лента) и го поставете във Вашата следваща отговор. 6. Затварям OTMoveIt2 ЗабележкаАко даден файл или папка не може да се направи веднага може да ви бъде поискано да рестартирате компютъра си, за да завърши в движение процес. Ако поиска да се рестартира, изберете Да. Ако това не стане, рестартирайте така или иначе. ---------- Изтегли ComboFix от sUBs от една от връзките по-долу. Бъдете сигурни нагоре го запишете на Desktop. Линк # 1 Линк # 2 ** Забележка: Важно е, че тя се записва директно на вашия Desktop Затворете всички отворени уеб браузъри. (Firefox, Internet Explorer, и т.н.), преди да започне ComboFix. Временно изключвам твоя антивирусни, Както и всички antispyware защита в реално време преди изпълнение на сканиране. Документа този линк за да видите списък на програмите за сигурност, които трябва да бъдат извадени от строя, и как да ги прекъснем. Щракнете два пъти combofix.exe & следвайте указанията. За Windows XP системи инсталирате конзолата за възстановяване: - Ако използвате Windows XP и не вече са инсталирани на конзолата за възстановяване, моля ви осигури интернет връзка е активна (ако е възможно) и кликнете върху Да. - Ако по някаква причина ви интернет не работи кликнете Не. -- Ако не използвате Windows XP, няма да бъдете подканени. - Когато се появи подкана да приеме ЛСКП клик OK. - Приемане на Microsoft ЛСКП (Натисни Да). - Когато сте казал, че RC е инсталиран правилно клик YES за да продължите сканирането за злонамерен софтуер. Когато завърши ComboFix ще представи дневник за вас. Пост на ComboFix Дневник в следващата си реплика. Важно: Не mouseclick ComboFix в прозореца, докато тя работи. Това може да доведе до обора. Не забравяйте да включите вашата антивирусна и antispyware защита, когато ComboFix е пълна.
__________________ |
|
| |
| Маркери |
Подобни Конци | ||||
| Нишка | Нишка Начално | Форум | Отговори | Последно мнение |
| Проблем с Троянски кон Downloader Generic 9 | ÖGB | Вирус, шпионски софтуер & Сигурност | 7 | 21-ви ноември 2009 година 13:06 |
| Заразени с MultiPacked.Multi.Generic злонамерен софтуер! | ruffryder2k7 | Вирус, шпионски софтуер & Сигурност | 12 | 26 Юни 2009 19:26 |
| Компютър е заразен с Trojan.downloader и няма да изтрие Via MBAM | bvauilt | Вирус, шпионски софтуер & Сигурност | 15 | 17 април 2009 15:43 |
| Trojan.vundo.h, trojan.agent, adware.mirar + ПОВЕЧЕ! : ( | sillyarfer | Вирус, шпионски софтуер & Сигурност | 1 | 14 Дек 2008 09:59 |
| Heur троянски Generic | kathymer | Вирус, шпионски софтуер & Сигурност | 10 | 29 ноември 2008 12:58 |
| Нишка Инструменти | |
| |
