|
| |||||||
 |
 |
| | Thread Tools |
|
#1
21 oktobris 2008, 10:48
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība datoru darbā hasn't bija labs anti vīruss, un pēc tam, kad es instal kaspersky tā konstatēja, ka mana lsass.exe \ qoMghecb.dll faili ir inficēti ar heur.trojan.generic vīrusu. Nav informācijas par to visvairāk mājas lapām par vīrusu un kā to noņemt. Vai kāds lūdzu man palīdzēt? |
|
#2
21 oktobris 2008, 10:49
| ||||||||||||
| ||||||||||||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība http://www.computer-juice.com/forums...-posting-7476/
__________________
Sekojiet guide, ierīkot brīvo programmatūru un pēc log failiem. Tad malware komanda var redzēt, kas nav kārtībā ar Jūsu sistēmu. Mana sistēma: Hybr! D
|
|
#3
27 oktobris 2008, 08:58
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība ok, šeit ir no skenē nolaupīt tas, super spiegprogrammatūru un ļaunprātīgu programmatūru attiecīgi Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 11:48:36, uz 10/27/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Microsoft Windows OneCare Live \ Antivīrusi \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Windows \ Explorer.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ msfwsvc.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Western Union \ Universal-Release \ Translink.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll O2 - BHO: CBrowserHelperObject Objekts - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar3.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe Ø8 - ārpus konteksta izvēlnes vienums: Pievienot Banner Ad Blocker - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000 Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll Ø9 - Extra button: Web satiksmes aizsardzība statistics - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL Ø9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø16 - DPF: (05D44720-58E3, 49E6-BDF6-D00330E511D3) (StagingUI Object) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab Ø16 - DPF: (3BB54395-5.982-4.788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Uzaicināt) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab Ø16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Printer klase) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab Ø16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Object) -- http://zone.msn.com/binframework/v10...t.cab55579.cab Ø16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB Ø16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220.313.175.592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab Ø16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab Ø16 - DPF: (F773E7B2-62A9-4.524-9.109-87D2F0BEFAA4) (ChessControl klase) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab O18 - Filter nolaupīt: text / html - (59.610.584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll Ø20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ Google ~ 1 \ GOEC62 ~ 1.DLL, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ Kasper ~ 1 \ mzvkbd.dll, C: \ PROGRA ~ 1 \ kasper ~ 1 \ Kasper ~ 1 \ mzvkbd3.dll, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ Kasper ~ 1 \ kloe hk.dll dwolhm.dll Ø20 - Winlogon Paziņot:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: AOL Savienojumi Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe -- End of failu - 6.163 bytes |
|
#4
27 oktobris 2008, 08:58
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 10/23/2008 at 11:31 Application Version: 4.21.1004 Core Noteikumi Database Version: 3606 Trace Noteikumi Database Version: 1592 Scan type: Complete Scan Kopā Scan Time: 00:36:11 Atmiņas vienības skenēts: 460 Memory draudiem detected: 3 Reģistra vienības skenēts: 5.191 Reģistrs draudiem detected: 385 File preces skenēts: 37.221 File draudiem detected: 260 Trojan.Downloader-NewJuan/VM C: \ WINDOWS \ SYSTEM32 \ SZNQNJ.DLL C: \ WINDOWS \ SYSTEM32 \ SZNQNJ.DLL Trojan.Vundo-Variant/Small-GEN C: \ WINDOWS \ SYSTEM32 \ RQRIJAST.DLL C: \ WINDOWS \ SYSTEM32 \ RQRIJAST.DLL Adware.Vundo Variants / Resident C: \ WINDOWS \ SYSTEM32 \ QOMGHECB.DLL C: \ WINDOWS \ SYSTEM32 \ QOMGHECB.DLL Trojan.Vundo-Variant/NextGen HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (14F3A19A-1.552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1.552-46C1-A1C8-A2179A397038) HKCR \ CLSID \ (14F3A19A-1.552-46C1-A1C8-A2179A397038) \ InprocServer32 HKCR \ CLSID \ (14F3A19A-1.552-46C1-A1C8-A2179A397038) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (9AD7FC7F-1FE1-4.414-9AC5-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-4.414-9AC5-EC51457528E4) HKCR \ CLSID \ (9AD7FC7F-1FE1-4.414-9AC5-EC51457528E4) \ InprocServer32 HKCR \ CLSID \ (9AD7FC7F-1FE1-4.414-9AC5-EC51457528E4) \ InprocServer32 # ThreadingModel HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ ShellExecuteHooks # (9AD7FC7F-1FE1-4.414-9AC5-EC51457528E4) Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Paziņot \ rqRiJAst Trojan.Vundo-Variant/NextGen-Six HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (f904655c-8a31-4df9-be6d-8b5cb123d208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 HKCR \ CLSID \ (F904655C-8A31-4DF9-BE6D-8B5CB123D208) \ InprocServer32 # ThreadingModel C: \ WINDOWS \ SYSTEM32 \ PNSWWF.DLL Trojan.Smitfraud Variants / IE Anti-Spyware HKLM \ Software \ Microsoft \ Internet Explorer \ Extensions \ (9034A523-D068-4BE8-A284-9DF278BE776E) Adware.Tracking Cookie C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@dynamic.media.a drevolver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ html [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ reklāmu [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ Chitika [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@server.iad.live personai [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ linksynergy [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ questionmarket [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@trvlnet.adburea u [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@statse.webtrend slive [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ fastclick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ specificclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@iacas.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@citi.bridgetrac k [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@banners.andomed ia [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ apkalpo-SYS [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ trafficmp [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.addynamix [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ Zedo [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.pointroll [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@glb.adtechus [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ interclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-hyundaiusa.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.ntsserve [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.shopica [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 60960915 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@bs.serving-sys [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ bluestreak [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ roiservice [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ superrewards [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ atdmt [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ trackalyzer [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@sparknetworks.1 12.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ kolektīvo nesēji [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ atwola [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 35668663 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@web4.realtracke r [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ checkingsaccoun tsfree [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@track.bestbuy [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.as4x.tmcs [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adbrite [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-spyderactivesportinc.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ media6degrees [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ DoubleClick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@edge.ru4 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ casalemedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ ieņēmumi [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@homeaway.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ insightexpressa i [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adserver.adreac tor [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.mtvnservi CES [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adinterax [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tremor.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@optimize.indiec lick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ valueclick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 44153975 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.travelcount ry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.adrevolve r [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@hearstugo.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ lūdzu, [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-hollywoodmedia.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ .112.2 o7 waterfrontmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@anat.tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@snapfish.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.cnn [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.bridgetrack [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ NeoShop [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@data.coremetric s [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ burstnet [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ azjmp [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 247realmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ TradeDoubler [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ cgi-bin [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-dig.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adopt.euroclick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adrevolver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@anad.tacoda [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ pro-tirgū [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viavh1com.112.2 o7 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adrevolver [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ realmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viavh1comdev.11 2.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wdl4umcjogo.stats.esomniture [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adopt.specificc lick [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ statcounter [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@rm.yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ uvertīra [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ revsci [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 27467505 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@extrovert.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.keywor Dmax [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ tribalfusion [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ mediaplex [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@richmedia.yahoo [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ apmebf [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@at.atwola [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.calorie-count [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1071868927 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ sīkrīku [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.mynetfinder [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adlegend [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ Kontera [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ Backcountry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ SPD0478 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ my-kaloriju Counter [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.polygonelit e [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@mlarmani.122.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.o2 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@aerlingus.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.widgetbucks [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@prospect.adbure au [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@wunderloop.zano x [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.fathom seo [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ valeantpharmace uticals.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1072676049 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@pai.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@shopping.112.2o 7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.cheapflight s [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@stampscom.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 27814325 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ordie.adbureau [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry noieta [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry noieta [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 60960915 [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.mediamayhem corp [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@counter.surfcou nters [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@msnportal.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.associatedco ntent [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@hit.stat [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@e-2dj6wjnyekc5ogo.stats.esomniture [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ showit [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 41586732 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.foundr y42 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.scribefire [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1070515056 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ eXTReMe Tracker [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-homesandland.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@homestore.122.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@te.kontera [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@perf.overture [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@redirect.clicks hield [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ hypertracker [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1069204868 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1070848910 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ joyforouryouth. 112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@sales.liveperso n [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adtech [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1070932382 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.backcountry [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@warnerbros.112. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@zbox.zanox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1068787440 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-officeworld.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-warnerbrothers.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ s.112.2o7 microsoftwindow [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ qnsr [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ media303 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ LPneimanmarcus [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-foxsports.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @-skaits [2 kaloriju]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@bridge.admarket vietu [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adserver.adtech mums [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viacom.adbureau [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@healthgrades.11 2.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ford.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ partner2profit [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ backcountryoutl et [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viator.122.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.burstnet [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@blackstone.122. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ssm.directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ yadro [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yoyo [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ mediapromoter [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ rotators [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ angleinteractiv e.directtrack [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@amazonbebe.122. 2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ clickbooth [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ sharewellgroup. 112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-guess.hitbox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.quixsurf [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1068951109 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ cgi-bin [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ socialmedia [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adtrafficdriver [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ pcvirusremover2 008 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@login.tracking1 01 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.burstbeacon [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ efashionsolutio ns.122.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ polygonelite [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.penis.com [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@stat.dealtime [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ clicktorrent [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 56294818 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@sixapart.adbure au [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad1.clickhype [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@kaboose.112.2o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-groupernetworks.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@afe.specificcli ck [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ palielināt [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@videoegg.adbure au [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@208.122.40 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ eyewonder [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ hornymatches [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ adserver [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@adserver.easyad [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 33069911 [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ specificmedia [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ mo-media [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@test.coremetric s [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@counter.hitslin k [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.zanox [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.monster [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ lūdzu [3]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.findgift [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ pricesexposed [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ shopica [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ wmvmedialease [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1052094474 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ watchmyclicks [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ads.ovguide [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ sprakšķēt [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ehg-advertisementbv.hitbox [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ ātri scanner [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 1066497271 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@clickz.lonelych eatingwives [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ 76226072 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@tracking.novem [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@viamtvcom.112.2 o7 [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@www.findit-quick [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ pārskatiem [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.adocean [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@ad.yieldmanager [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ lifeline@media.licenseac quisition [2]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ apkalpo-SYS [1]. Txt C: \ Documents and Settings \ Lifeline \ Cookies \ LifeLine @ webstats [1]. Txt C: \ Documents and Settings \ LocalService \ Cookies \ SYSTEM @ 2o7 [1]. Txt CommonName rīkjoslu / Browser Helper Object HKCR \ CLSID \ (00000000-0000-0000-0000-000000000000) Trojan.MalwareWipe HKCR \ AppId \ (70F17C8C-1744-41B6-9D07-575DB448DCC5) Malware.AntiVirusGolden HKCR \ Cerberus.EngineListener HKCR \ Cerberus.EngineListener \ CLSID HKCR \ Cerberus.EngineListener \ CurVer HKCR \ Cerberus.EngineListener.1 HKCR \ Cerberus.EngineListener.1 \ CLSID HKCR \ Cerberus.Scanner HKCR \ Cerberus.Scanner \ CLSID HKCR \ Cerberus.Scanner \ CurVer HKCR \ Cerberus.Scanner.1 HKCR \ Cerberus.Scanner.1 \ CLSID HKCR \ Cerberus.ThreatCollection HKCR \ Cerberus.ThreatCollection \ CLSID HKCR \ Cerberus.ThreatCollection \ CurVer HKCR \ Cerberus.ThreatCollection.1 HKCR \ Cerberus.ThreatCollection.1 \ CLSID HKCR \ Engine.Backup HKCR \ Engine.Backup \ CLSID HKCR \ Engine.Backup \ CurVer HKCR \ Engine.Backup.1 HKCR \ Engine.Backup.1 \ CLSID HKCR \ Engine.IgnoreList HKCR \ Engine.IgnoreList \ CLSID HKCR \ Engine.IgnoreList \ CurVer HKCR \ Engine.IgnoreList.1 HKCR \ Engine.IgnoreList.1 \ CLSID HKCR \ Engine.Log HKCR \ Engine.Log \ CLSID HKCR \ Engine.Log \ CurVer HKCR \ Engine.Log.1 HKCR \ Engine.Log.1 \ CLSID HKCR \ Engine.LogRecord HKCR \ Engine.LogRecord \ CLSID HKCR \ Engine.LogRecord \ CurVer HKCR \ Engine.LogRecord.1 HKCR \ Engine.LogRecord.1 \ CLSID HKCR \ Engine.Paths HKCR \ Engine.Paths \ CLSID HKCR \ Engine.Paths \ CurVer HKCR \ Engine.Paths.1 HKCR \ Engine.Paths.1 \ CLSID HKCR \ Engine.Quarantine HKCR \ Engine.Quarantine \ CLSID HKCR \ Engine.Quarantine \ CurVer HKCR \ Engine.Quarantine.1 HKCR \ Engine.Quarantine.1 \ CLSID HKCR \ Engine.RunAs HKCR \ Engine.RunAs \ CLSID HKCR \ Engine.RunAs \ CurVer HKCR \ Engine.RunAs.1 HKCR \ Engine.RunAs.1 \ CLSID HKCR \ Engine.SearchItem HKCR \ Engine.SearchItem \ CLSID HKCR \ Engine.SearchItem \ CurVer HKCR \ Engine.SearchItem.1 HKCR \ Engine.SearchItem.1 \ CLSID HKCR \ Engine.Threat HKCR \ Engine.Threat \ CLSID HKCR \ Engine.Threat \ CurVer HKCR \ Engine.Threat.1 HKCR \ Engine.Threat.1 \ CLSID HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) # AppID HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ LocalServer32 HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ ProgId HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ Programmable HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ TypeLib HKCR \ CLSID \ (020B1227-417D-4.682-9AC3-61F43CB5B6B1) \ VersionIndependentProgID HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) # AppID HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32 HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ ProgId HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ Programmable HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ TypeLib HKCR \ CLSID \ (125494B2-ACAD-414c-98B9-452F3EF7703A) \ VersionIndependentProgID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) # AppID HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ ProgId HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ Programmable HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ TypeLib HKCR \ CLSID \ (20A3D913-30EF-4e69-B3F7-93B3F1FB9D5C) \ VersionIndependentProgID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) # AppID HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ ProgId HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ TypeLib HKCR \ CLSID \ (3D00A39C-655B-428b-AEB2-2FBA03DCC49C) \ VersionIndependentProgID HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) # AppID HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) \ LocalServer32 HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) \ ProgId HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) \ TypeLib HKCR \ CLSID \ (408F660A-9.465-44a3-B557-8709DFD992BC) \ VersionIndependentProgID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) # AppID HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ ProgId HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ TypeLib HKCR \ CLSID \ (5F6BBD8A-18CF-4d55-8B4C-C9B4C9328DFE) \ VersionIndependentProgID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) # AppID HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ ProgId HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ TypeLib HKCR \ CLSID \ (8C56B6CE-C53F-44c4-9BDC-A9BC1711D05A) \ VersionIndependentProgID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) # AppID HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) \ LocalServer32 HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) \ ProgId HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) \ TypeLib HKCR \ CLSID \ (8EE6BF73-B370-4d13-9.126-EB0071178F2E) \ VersionIndependentProgID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) # AppID HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ ProgId HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ Programmable HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ TypeLib HKCR \ CLSID \ (97F56E12-C706-4aeb-9FFB-133C05EE5D38) \ VersionIndependentProgID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) # AppID HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ ProgId HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ TypeLib HKCR \ CLSID \ (9BB7E700-4E48-476d-B75C-6F47606BE988) \ VersionIndependentProgID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) # AppID HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ LocalServer32 HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ ProgId HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ Programmable HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ TypeLib HKCR \ CLSID \ (CBCACA58-1AEE-4600-8CF0-E8B30BFF1535) \ VersionIndependentProgID HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) # AppID HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) \ LocalServer32 HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) \ LocalServer32 # ThreadingModel HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) \ ProgId HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) \ TypeLib HKCR \ CLSID \ (D6D64CDF-0.363-4.261-B723-29A3AF365E1D) \ VersionIndependentProgID HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) \ 1,0 HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) \ 1.0 \ 0 HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) \ 1.0 \ KAROGI HKCR \ TypeLib \ (60F94D7D-563E-4.942-B5EC-2DE9C135C139) \ 1.0 \ HELPDIR HKCR \ Interface \ (27ED4AC2-B6D8-4.079-9.831-017A100B391E) HKCR \ Interface \ (27ED4AC2-B6D8-4.079-9.831-017A100B391E) \ ProxyStubClsid HKCR \ Interface \ (27ED4AC2-B6D8-4.079-9.831-017A100B391E) \ ProxyStubClsid32 HKCR \ Interface \ (27ED4AC2-B6D8-4.079-9.831-017A100B391E) \ TypeLib HKCR \ Interface \ (27ED4AC2-B6D8-4.079-9.831-017A100B391E) \ TypeLib # Version HKCR \ Interface \ (3F6D6C35-FB73-45E6-9.473-BB4CC25CE019) HKCR \ Interface \ (3F6D6C35-FB73-45E6-9.473-BB4CC25CE019) \ ProxyStubClsid HKCR \ Interface \ (3F6D6C35-FB73-45E6-9.473-BB4CC25CE019) \ ProxyStubClsid32 HKCR \ Interface \ (3F6D6C35-FB73-45E6-9.473-BB4CC25CE019) \ TypeLib HKCR \ Interface \ (3F6D6C35-FB73-45E6-9.473-BB4CC25CE019) \ TypeLib # Version HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ ProxyStubClsid32 HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib HKCR \ Interface \ (715D709B-2B10-42FA-A069-297D25D93601) \ TypeLib # Version HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ ProxyStubClsid32 HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib HKCR \ Interface \ (872C1B1E-3CF0-4D3A-95E5-A0C662D2854C) \ TypeLib # Version HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ ProxyStubClsid32 HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib HKCR \ Interface \ (886B1D08-B404-40F0-AA18-4E416682A2E9) \ TypeLib # Version HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ ProxyStubClsid32 HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib HKCR \ Interface \ (8B5F65CF-0B0A-4291-8DA2-86D7F7B0A6DB) \ TypeLib # Version HKCR \ Interface \ (925B0211-A1C1-4.712-8FCA-5F5B8101736D) HKCR \ Interface \ (925B0211-A1C1-4.712-8FCA-5F5B8101736D) \ ProxyStubClsid HKCR \ Interface \ (925B0211-A1C1-4.712-8FCA-5F5B8101736D) \ ProxyStubClsid32 HKCR \ Interface \ (925B0211-A1C1-4.712-8FCA-5F5B8101736D) \ TypeLib HKCR \ Interface \ (925B0211-A1C1-4.712-8FCA-5F5B8101736D) \ TypeLib # Version HKCR \ Interface \ (B01E37C4-5.497-4D58-9FFD-D5653B8DC866) HKCR \ Interface \ (B01E37C4-5.497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid HKCR \ Interface \ (B01E37C4-5.497-4D58-9FFD-D5653B8DC866) \ ProxyStubClsid32 HKCR \ Interface \ (B01E37C4-5.497-4D58-9FFD-D5653B8DC866) \ TypeLib HKCR \ Interface \ (B01E37C4-5.497-4D58-9FFD-D5653B8DC866) \ TypeLib # Version HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ ProxyStubClsid32 HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib HKCR \ Interface \ (CCAA201C-C48D-48A8-A1E8-846562CBF1C1) \ TypeLib # Version HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ ProxyStubClsid32 HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib HKCR \ Interface \ (D483521B-D5CC-43FF-A45A-9BE4A8E6606E) \ TypeLib # Version HKCR \ Interface \ (ED2AFF47-B7BE-4.273-A203-C796E87F72D2) HKCR \ Interface \ (ED2AFF47-B7BE-4.273-A203-C796E87F72D2) \ ProxyStubClsid HKCR \ Interface \ (ED2AFF47-B7BE-4.273-A203-C796E87F72D2) \ ProxyStubClsid32 HKCR \ Interface \ (ED2AFF47-B7BE-4.273-A203-C796E87F72D2) \ TypeLib HKCR \ Interface \ (ED2AFF47-B7BE-4.273-A203-C796E87F72D2) \ TypeLib # Version HKCR \ Interface \ (F0FA7ED9-5A0A-4.374-B63E-BEBAFD52192E) HKCR \ Interface \ (F0FA7ED9-5A0A-4.374-B63E-BEBAFD52192E) \ ProxyStubClsid HKCR \ Interface \ (F0FA7ED9-5A0A-4.374-B63E-BEBAFD52192E) \ ProxyStubClsid32 HKCR \ Interface \ (F0FA7ED9-5A0A-4.374-B63E-BEBAFD52192E) \ TypeLib HKCR \ Interface \ (F0FA7ED9-5A0A-4.374-B63E-BEBAFD52192E) \ TypeLib # Version HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ ProxyStubClsid32 HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib HKCR \ Interface \ (F5DEE77C-87EB-4E00-BBF9-8CBF3BDEA7AF) \ TypeLib # Version HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9.541-5A75ADDF4ABA) HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9.541-5A75ADDF4ABA) \ ProxyStubClsid HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9.541-5A75ADDF4ABA) \ ProxyStubClsid32 HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9.541-5A75ADDF4ABA) \ TypeLib HKCR \ Interface \ (FB5DDAB7-6AA5-4E97-9.541-5A75ADDF4ABA) \ TypeLib # Version HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ ProxyStubClsid32 HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ TypeLib HKCR \ Interface \ (FDDF521B-0EBE-4D15-838C-73E2D851161B) \ TypeLib # Version HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ ProxyStubClsid32 HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib HKCR \ Interface \ (FF609434-EB47-481B-BA0E-1D2B467629A5) \ TypeLib # Version HKCR \ AppId \ Cerberus.EXE HKCR \ AppId \ Cerberus.EXE # AppID Trojan.Media-Codec C: \ Documents and Settings \ Lifeline \ favorītiem \ Online Security Test.url Adware.180solutions/Seekmo HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ seekmo HKLM \ Software \ seekmo HKLM \ Software \ seekmo # CVF HKLM \ Software \ seekmo # install_embedded HKLM \ Software \ seekmo # ÜMT HKLM \ Software \ seekmo # duid HKLM \ Software \ seekmo # partner_id HKLM \ Software \ seekmo # product_id C: \ Program Files \ Seekmo \ seekmoau.dat C: \ Program Files \ Seekmo \ seekmo_gdf.dat C: \ Program Files \ Seekmo \ seekmo_kyf.dat C: \ Program Files \ Seekmo C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Meklēšanas palīgs \ Seekmo Klientu Support.url C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Meklēšanas palīgs \ Seekmo.com.url C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Meklēšanas palīgs \ Uninstall Seekmo Instructions.lnk C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Seekmo Meklēšanas palīgs Trojan.DNSChanger-Codec HKCR \ CLSID \ E404.e404mgr HKCR \ CLSID \ E404.e404mgr # LietotājaID Trojan.Media-Codec/V4 HKCR \ videoPl.chl HKCR \ videoPl.chl \ CLSID HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # ProductionEnvironment HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # UninstallString HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # DisplayIcon HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # DisplayVersion HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ MultiMedia Software # Publisher Rogue.AntiSpyKit HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ cnreqoyLmwnuv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ crrmlfrwzfxhg HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ gizbuobfa HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ InprocServer32 HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ KIcbv HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ nfjRol HKCR \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) \ rDkSqA Rogue.VirusHeat HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ hwuhrcdfh HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ hxgfzhjfHrx HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ InprocServer32 HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ InprocServer32 # ThreadingModel HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ iTzlTI HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ nMnkE HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ OufPqTb HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ sBnix HKCR \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) \ uAEeiihPke HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1,0 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ 0 \ Win32 HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ KAROGI HKCR \ TypeLib \ (CBD02E9B-37EF-47D2-96B0-3ABBB2EB92BF) \ 1.0 \ HELPDIR HKCR \ Interface \ (0EC085A8-9.818-43B7-B975-EC7555EDA4D2) HKCR \ Interface \ (0EC085A8-9.818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid HKCR \ Interface \ (0EC085A8-9.818-43B7-B975-EC7555EDA4D2) \ ProxyStubClsid32 HKCR \ Interface \ (0EC085A8-9.818-43B7-B975-EC7555EDA4D2) \ TypeLib HKCR \ Interface \ (0EC085A8-9.818-43B7-B975-EC7555EDA4D2) \ TypeLib # Version HKCR \ Interface \ (1A74C41C-0.837-4FBE-BA50-621EB70F01CE) HKCR \ Interface \ (1A74C41C-0.837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid HKCR \ Interface \ (1A74C41C-0.837-4FBE-BA50-621EB70F01CE) \ ProxyStubClsid32 HKCR \ Interface \ (1A74C41C-0.837-4FBE-BA50-621EB70F01CE) \ TypeLib HKCR \ Interface \ (1A74C41C-0.837-4FBE-BA50-621EB70F01CE) \ TypeLib # Version HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ ProxyStubClsid32 HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib HKCR \ Interface \ (25297614-1B76-4C2C-82C6-62738AA0E8F0) \ TypeLib # Version HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ ProxyStubClsid32 HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib HKCR \ Interface \ (37F89457-1208-4670-9245-58C62BD6D870) \ TypeLib # Version HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ ProxyStubClsid32 HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ TypeLib HKCR \ Interface \ (45477032-ABD0-454D-9CE4-EA34C10322F8) \ TypeLib # Version HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ ProxyStubClsid32 HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib HKCR \ Interface \ (69E34747-0B27-4B30-AE20-1023BF29E246) \ TypeLib # Version HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ ProxyStubClsid32 HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib HKCR \ Interface \ (79BE5B3B-80B2-4B77-A042-EFC90F6E0DE7) \ TypeLib # Version HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9.447-4ED29A36BF5D) HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9.447-4ED29A36BF5D) \ ProxyStubClsid HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9.447-4ED29A36BF5D) \ ProxyStubClsid32 HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9.447-4ED29A36BF5D) \ TypeLib HKCR \ Interface \ (7C0EC6BF-81B9-4FE0-9.447-4ED29A36BF5D) \ TypeLib # Version HKCR \ Interface \ (7EBB34CF-1.728-4.136-A968-48F231DAD1B4) HKCR \ Interface \ (7EBB34CF-1.728-4.136-A968-48F231DAD1B4) \ ProxyStubClsid HKCR \ Interface \ (7EBB34CF-1.728-4.136-A968-48F231DAD1B4) \ ProxyStubClsid32 HKCR \ Interface \ (7EBB34CF-1.728-4.136-A968-48F231DAD1B4) \ TypeLib HKCR \ Interface \ (7EBB34CF-1.728-4.136-A968-48F231DAD1B4) \ TypeLib # Version HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ ProxyStubClsid32 HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ TypeLib HKCR \ Interface \ (88DAA291-B413-4C46-B378-3BE66F65369E) \ TypeLib # Version HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ ProxyStubClsid32 HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib HKCR \ Interface \ (936A2F4A-53F8-4D2F-92AA-2F9DE889841C) \ TypeLib # Version HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ ProxyStubClsid32 HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib HKCR \ Interface \ (AFCC3FA7-82A9-42D5-A405-78711E97A5D6) \ TypeLib # Version HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ ProxyStubClsid32 HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib HKCR \ Interface \ (CC05A4A3-7B28-488F-AB02-6AAEDB86ACCF) \ TypeLib # Version HKCR \ Interface \ (E80114AA-6.653-4.952-9E97-5F1DC63BEE0F) HKCR \ Interface \ (E80114AA-6.653-4.952-9E97-5F1DC63BEE0F) \ ProxyStubClsid HKCR \ Interface \ (E80114AA-6.653-4.952-9E97-5F1DC63BEE0F) \ ProxyStubClsid32 HKCR \ Interface \ (E80114AA-6.653-4.952-9E97-5F1DC63BEE0F) \ TypeLib HKCR \ Interface \ (E80114AA-6.653-4.952-9E97-5F1DC63BEE0F) \ TypeLib # Version HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ ProxyStubClsid32 HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib HKCR \ Interface \ (F9109A2A-432B-4ADD-A6FA-06BA22DCD2D9) \ TypeLib # Version HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ ProxyStubClsid32 HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib HKCR \ Interface \ (FCA3958A-8D38-4D14-8B81-CCD7F68A8A01) \ TypeLib # Version Trojan.Media-Codec/V5 HKU \ S-1-5-21-4234981574-39719586-4263454222-1007 \ Software \ NetProject HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Internet Service HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Internet Service # DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Internet Service # UninstallString HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Secure Pārlūkošana HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Secure Pārlūkošana # DisplayName HKLM \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Uni INSTALĒT \ Secure Pārlūkošana # UninstallString Adware.Vundo Variants / Rel HKLM \ SOFTWARE \ Microsoft \ FCOVM HKLM \ SOFTWARE \ Microsoft \ RemoveRP |
|
#5
27 oktobris 2008, 08:59
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība Malwarebytes "Anti-Malware 1,30 Database version: 1310 Windows 5.1.2600 Service Pack 2 10/23/2008 12:24:55 mbam-log-2008-10-23 (12-24-55). txt Scan type: Quick Scan Objekti skenēts: 52.051 Pagājušo laiku: 6 minūte (s), 54 second (s) Memory Processes Inficētie: 0 Memory Modules Inficētie: 7 Registry Keys Inficētie: 124 Reģistra vērtības Inficētie: 15 Registry Data Items Infected: 2 Mapes Inficētie: 6 Faili Inficētie: 56 Atmiņas procesi Inficētie: (No ļaunprātīgs preces konstatētas) Memory Modules Inficētie: C: \ WINDOWS \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ pnswwf.dll (Trojan.Vundo) -> Delete par reboot. C: \ WINDOWS \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ emufbyex.dll (Trojan.Vundo) -> Delete par reboot. C: \ WINDOWS \ system32 \ dwolhm.dll (Trojan.Vundo) -> Delete par reboot. C: \ WINDOWS \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Delete par reboot. Registry Keys Inficētie: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (06ef2cab-3.340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo.H) -> Delete par reboot. HKEY_CLASSES_ROOT \ CLSID \ (06ef2cab-3.340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (9ad7fc7f-1fe1-4.414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Paziņot \ rqrijast (Trojan.Vundo.H) -> Delete par reboot. HKEY_CLASSES_ROOT \ CLSID \ (9ad7fc7f-1fe1-4.414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Paziņot \ jvkuajdi (Trojan.Vundo.H) -> Delete par reboot. HKEY_CLASSES_ROOT \ CLSID \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (c8a09740-1b82-4f12-8.249-39844419ed2d) (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (c8a09740-1b82-4f12-8.249-39844419ed2d) (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (9ad7fc7f-1fe1-4.414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (06ef2cab-3.340-4eb1-A740-c33ac922fa1f) (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (c8a09740-1b82-4f12-8.249-39844419ed2d) (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.enginelistener (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.enginelistener.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.scanner (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.scanner.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.threatcollection (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ cerberus.threatcollection.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.backup (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.backup.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.ignorelist (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.ignorelist.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.log (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.log.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.logrecord (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.logrecord.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.paths (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.paths.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.quarantine (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.quarantine.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.runas (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.runas.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.searchitem (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.searchitem.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.threat (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ engine.threat.1 (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ main.bho (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ main.bho.1 (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (0ec085a8-9.818-43b7-b975-ec7555eda4d2) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (1a74c41c-0.837-4fbe-ba50-621eb70f01ce) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (25297614-1b76-4c2c-82c6-62738aa0e8f0) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (27ed4ac2-b6d8-4.079-9.831-017a100b391e) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (37f89457-1208-4670-9245-58c62bd6d870) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (3f6d6c35-fb73-45e6-9.473-bb4cc25ce019) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (45477032-abd0-454d-9ce4-ea34c10322f8) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (69e34747-0b27-4b30-ae20-1023bf29e246) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (715d709b-2b10-42fa-a069-297d25d93601) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (79be5b3b-80b2-4b77-a042-efc90f6e0de7) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (7c0ec6bf-81b9-4fe0-9.447-4ed29a36bf5d) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (7ebb34cf-1.728-4.136-a968-48f231dad1b4) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (872c1b1e-3cf0-4d3a-95e5-a0c662d2854c) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (886b1d08-b404-40f0-aa18-4e416682a2e9) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (88daa291-b413-4c46-b378-3be66f65369e) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (8b5f65cf-0b0a-4291-8da2-86d7f7b0a6db) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (925b0211-a1c1-4.712-8fca-5f5b8101736d) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (936a2f4a-53f8-4d2f-92aa-2f9de889841c) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (986a8ac1-ab4d-4f41-9.068-4b01c0197867) (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (afcc3fa7-82a9-42d5-a405-78711e97a5d6) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (b01e37c4-5.497-4d58-9ffd-d5653b8dc866) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (cc05a4a3-7b28-488f-ab02-6aaedb86accf) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (ccaa201c-c48d-48a8-a1e8-846562cbf1c1) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (d483521b-d5cc-43ff-a45a-9be4a8e6606e) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (e80114aa-6.653-4.952-9e97-5f1dc63bee0f) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (ed2aff47-b7be-4.273-A203-c796e87f72d2) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (f0fa7ed9-5a0a-4.374-b63e-bebafd52192e) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (f5dee77c-87eb-4e00-bbf9-8cbf3bdea7af) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (f9109a2a-432b-4add-a6fa-06ba22dcd2d9) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (fb5ddab7-6aa5-4e97-9.541-5a75addf4aba) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (fca3958a-8d38-4d14-8b81-ccd7f68a8a01) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (fddf521b-0ebe-4d15-838c-73e2d851161b) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Interface \ (ff609434-eb47-481b-ba0e-1d2b467629a5) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (6743c36c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (3935B537-3E6D-04ED-ABB3-ACB16A699E3B) (Rogue.Multiple) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (E94EB13E-D78F-0.857-7.734-5E67A49FFFF1) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (020b1227-417d-4.682-9ac3-61f43cb5b6b1) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (125494b2-akadē-414c-98b9-452f3ef7703a) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (20a3d913-30ef-4e69-b3f7-93b3f1fb9d5c) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (3d00a39c-655b-428b-aeb2-2fba03dcc49c) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (408f660a-9.465-44a3-b557-8709dfd992bc) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (5f6bbd8a-18cf-4d55-8b4c-c9b4c9328dfe) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (8c56b6ce-c53f-44c4-9bdc-a9bc1711d05a) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (8ee6bf73-b370-4d13-9.126-eb0071178f2e) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (97f56e12-c706-4aeb-9ffb-133c05ee5d38) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (9bb7e700-4e48-476d-b75c-6f47606be988) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (cbcaca58-1aee-4600-8cf0-e8b30bff1535) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ CLSID \ (d6d64cdf-0.363-4.261-b723-29a3af365e1d) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Typelib \ (8e3c68cd-F500-4a2a-8cb9-132bb38c3573) (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Typelib \ (60f94d7d-563E-4.942-b5ec-2de9c135c139) (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Typelib \ (cbd02e9b-37ef-47d2-96b0-3abbb2eb92bf) (Rogue.VirusHeat) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ AppID \ (a0e1054b-01ee-4d57-a059-4d99f339709f) (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ AppID \ (70f17c8c-1744-41b6-9d07-575db448dcc5) (Rogue.Multiple) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ Installer \ UpgradeCodes \ 7c673a5b8 71b8cd419f47dd0de5a6d18 (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (afd4ad01-58c1-47dB-a404-fbe00a6c5486) (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (c2a1c5cb-c0ef-4.689-9.436-f62cca1c5383) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ SearchScopes \ (daed9266-8c28-4c1c-8b58-5c66eff1d302) (Search.Hijack) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ UpgradeCodes \ 7c673a5b871b8cd4 19f47dd0de5a6d18 (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ControlPanel \ Namespace \ (6743c3 6c-cbfe-11db-9705-005056c00008) (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (0ac49246-419b-4ee0-8.917-8818daad6a4e) (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (99410cde-6f16-42ce-9d49-3807f78f0287) (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Ext \ PreApproved \ (f31a5d11-bf0b-4a4e-90af-274f2090aaa6) (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Internet Explorer \ Extensions \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet001 \ Services \ j qvxedzb (Trojan.Vundo.H) -> Delete par reboot. HKEY_LOCAL_MACHINE \ SYSTEM \ ControlSet003 \ Services \ j qvxedzb (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ Servic es \ jqvxedzb (Trojan.Vundo.H) -> Delete par reboot. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Ext \ statistika \ (b8c54c47-9d3c-40f3-baf6-2443d2941e84) (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ seekmo (Adware.Seekmo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ AdwareAlert (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ NetProject (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Internet Service (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Secure Pārlūkošana (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ Web Application (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Juan (Malware.Trace) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ contim (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ instkey (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ MS Track System (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ rdfa (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Uninstall \ MultiMedia Software (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ seekmo (Adware.Seekmo) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ videoPl.chl (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CLASSES_ROOT \ AppID \ Cerberus.EXE (Rogue.Antivirus.Gold) -> Karantīnā ievietotie un svītrots veiksmīgi. Reģistra vērtības Inficētie: HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ b0c087c0 (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks \ (9ad7fc7f-1fe1-4.414-9ac5-ec51457528e4) (Trojan.Vundo.H) -> Delete par reboot. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ Extensions \ CmdMapping \ (9034a523-d068-4be8-a284-9df278be776e) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ SharedTaskScheduler \ (ee9f7cf5-cd49-4cd8-8ba6-1514e7a5c22c) (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ bf (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ BK (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ SV (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Settings \ mu (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Mapes \ c: \ Program Files \ adwarealert \ (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Mapes \ c: \ Program Files \ adwarealert \ filterdrv \ (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Installer \ Mapes \ c: \ Documents and Settings \ visiem lietotājiem \ start menu \ programs \ adwarealert \ (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ ADP (Rogue.Multiple) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ New Windows \ aut \ *. securewebinfo.com (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ New Windows \ aut \ *. safetyincludes.com (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Internet Explorer \ New Windows \ aut \ *. securemanaging.com (Trojan.Zlob) -> Karantīnā ievietotie un svītrots veiksmīgi. Registry Data Items Infected: HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Paziņojums paketes (Trojan.Vundo.H) -> Data: c: \ windows \ system32 \ qomghecb -> Karantīnā ievietotie un svītrots veiksmīgi. HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Authentication paketes (Trojan.Vundo) -> Data: c: \ windows \ system32 \ qomghecb -> Delete par reboot. Mapes Inficētie: C: \ Program Files \ Seekmo (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ AppCert (Trojan.Downloader) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. Faili Inficētie: C: \ WINDOWS \ system32 \ qoMghecb.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ bcehgMoq.ini (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ bcehgMoq.ini2 (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ rqRiJAst.dll (Trojan.Vundo.H) -> Delete par reboot. c: \ WINDOWS \ system32 \ cryptuik.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ dwolhm.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ evhuoman.dll (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ namouhve.ini (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ lptjntqu.dll (Trojan.Vundo.H) -> Delete par reboot. C: \ WINDOWS \ system32 \ uqtnjtpl.ini (Trojan.Vundo.H) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ pnswwf.dll (Trojan.Vundo) -> Delete par reboot. C: \ WINDOWS \ system32 \ emufbyex.dll (Trojan.Vundo) -> Delete par reboot. C: \ Program Files \ Common \ _helper.dll (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Windows \ Installer \ (AD4149B3-56B1-4E2A-A8A4-54FF9DE92C87) \ Icon.exe (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ ywpnxpys.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ cwokkj.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ cypdyp.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ dhebaasf.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ fdbgbvkj.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ mpasahjl.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ sznqnj.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ nuuwnrfb.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ opcapbye.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ plljru.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ tgycffmw.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ blukkoij.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ bxdiyfrs.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ ftvwbfjg.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ vgrksjuc.dll (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ ulmxavjt.exe (Trojan.LowZones) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Local Settings \ Temporary Internet Files \ Content.IE5 \ LMQL183J \ upd105320 [1] (Trojan.Vundo) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Program Files \ Seekmo \ seekmoau.dat (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Program Files \ Seekmo \ seekmo_gdf.dat (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Program Files \ Seekmo \ seekmo_kyf.dat (Adware.180Solutions) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ AppCert \ filter.drv (Trojan.Downloader) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ system32 \ AppCert \ options.dat (Trojan.Downloader) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert par Web.lnk (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ AdwareAlert \ AdwareAlert.lnk (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ rs.dat (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 19 - 03_00_00 AM_625.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 19 - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 20 - 03_00_00 AM_609.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 20 - 03_00_01 AM_046.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 21 - 03_00_00 AM_484.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 21 - 03_00_01 AM_203.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 22 - 03_00_00 AM_250.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 22 - 03_00_00 AM_562.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 23 - 03_00_00 AM_281.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 23 - 03_00_00 AM_640.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 23 - 11_06_53 AM_968.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Log \ 2.008 aprīlis 23 - 11_12_02 AM_000.log (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ Application Data \ AdwareAlert \ Settings \ ScanResults.pie (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Program Files \ Common \ helper.dll (Trojan.BHO) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ WINDOWS \ Uzdevumi \ AdwareAlert Plānotais Scan.job (Trojan.Downloader) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ Lifeline \ favorītiem \ Online Security Test.url (Rogue.Link) -> Karantīnā ievietotie un svītrots veiksmīgi. C: \ Documents and Settings \ All Users \ Desktop \ AdwareAlert.lnk (Rogue.AdwareAlert) -> Karantīnā ievietotie un svītrots veiksmīgi. |
|
#6
27 oktobris 2008, 09:04
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība Lietojat divas antivīrusu un divi ugunsmūri (drošība suites). Lūdzu atinstalēt viens no tiem tagad, tad pēc svaiga HijackThis log.
__________________  |
|
#7
27 oktobris 2008, 09:11
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība Nu man ir kaspersky uzstādītas tā savu antivīrusu un uguns sienu un im guessing Windows ugunsmūris ir ieslēgts un i dont zināt kādi citi antivirus man ir uzstādītas im nav palaists kaut kas cits var u būt konkrēts jautājums? |
|
#8
27 oktobris 2008, 09:17
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība Microsoft Windows OneCare Live ir arī antivirus / firewall kombināciju.
__________________ |
|
#9
29 oktobris 2008, 08:01
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība ok i izskatījās bet viens aprūpē nav uzstādīts man bija atinstalēt to, kad man bija instalējot Kaspersky Šeit ir jauna HijackThis anyway. Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 11:02:53, uz 10/29/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Windows \ Explorer.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe C: \ Program Files \ Common Files \ Microsoft Shared \ VS7DEBUG \ MDM.EXE C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Western Union \ Universal-Release \ Translink.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.dell.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, Default_Page_URL = http://www.google.com/ig/dell?hl=en&...us&ibd=6061025 O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4.638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll O2 - BHO: CBrowserHelperObject Objekts - (CA6319C0-31B7-401E-A518-A07C3DB8F777) - C: \ Program Files \ BAE \ BAE.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ installs \ CPN \ yt.dll O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar3.dll O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [AVP] "C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe" O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe Ø8 - ārpus konteksta izvēlnes vienums: Pievienot Banner Ad Blocker - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ ie_banner_deny.htm Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ EXCEL.EXE/3000 Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.5.0_09 \ bin \ ssv.dll Ø9 - Extra button: Web satiksmes aizsardzība statistics - (1F460357-8A94-4D71-9CA3-AA4ACF32ED8E) - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ SCIEPlgn.dll Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI1933 ~ 1 \ Office11 \ REFIEBAR.DLL Ø9 - Extra button: Real.com - (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø16 - DPF: (05D44720-58E3, 49E6-BDF6-D00330E511D3) (StagingUI Object) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab Ø16 - DPF: (3BB54395-5.982-4.788-8AF4-B5388FFDD0D8) (MSN Games - Buddy Uzaicināt) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab Ø16 - DPF: (3C1F44A9-D1FD-4AA5-BC66-69816B58680C) (Printer klase) -- https: / / webcenter.ipponline.com / ippo...iptPrinter.cab Ø16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Object) -- http://zone.msn.com/binframework/v10...t.cab55579.cab Ø16 - DPF: (6B0228D7-D6D5-4B97-82E7-79557E4314D0) (ScannerDll.CheckScanner) -- https: / / webcenter.ipponline.com / ippo...ScannerDll.CAB Ø16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220.313.175.592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab Ø16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Game Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab Ø16 - DPF: (F773E7B2-62A9-4.524-9.109-87D2F0BEFAA4) (ChessControl klase) -- http://zone.msn.com/bingame/zpagames...p.cab56961.cab O18 - Filter nolaupīt: text / html - (59.610.584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll Ø20 - AppInit_DLLs: C: \ PROGRA ~ 1 \ Google \ Google ~ 1 \ GOEC62 ~ 1.DLL, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ Kasper ~ 1 \ mzvkbd.dll, C: \ PROGRA ~ 1 \ kasper ~ 1 \ Kasper ~ 1 \ mzvkbd3.dll, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ KASPE R ~ 1 \ adialhk.dll, C: \ PROGRA ~ 1 \ Kasper ~ 1 \ Kasper ~ 1 \ kloe hk.dll dwolhm.dll Ø20 - Winlogon Paziņot:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: AOL Savienojumi Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ Common ~ 1 \ AOL \ ACS \ AOLacsd.exe O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C: \ Program Files \ Kaspersky Lab \ Kaspersky Internet Security 2009 \ avp.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: OneCare Firewall (msfwsvc) - Unknown īpašnieks - C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ msfwsvc.exe (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: OneCare AntiSpyware un AntiVirus (OneCareMP) - Unknown īpašnieks - C: \ Program Files \ Microsoft Windows OneCare Live \ Antivirus \ MsMpEng.exe (file missing) -- End of failu - 6.332 bytes |
|
#10
29 oktobris 2008, 09:55
| |||
| |||
| Inficēti ar Heur.trojan.generic Lūdzu Palīdzība Open HijackThis un izvēlieties Vai sistēmas skenēšanu tikai. Vieta atzīme blakus šādiem ierakstiem: (ja ir) - O18 - Filter nolaupīt: text / html - (59.610.584-cc18-436f-b031-a6893781f08d) - C: \ WINDOWS \ system32 \ msziptools.dll - O23 - Service: OneCare Firewall (msfwsvc) - Unknown īpašnieks - C: \ Program Files \ Microsoft Windows OneCare Live \ Firewall \ msfwsvc.exe (file missing) - O23 - Service: OneCare AntiSpyware un AntiVirus (OneCareMP) - Unknown īpašnieks - C: \ Program Files \ Microsoft Windows OneCare Live \ Antivirus \ MsMpEng.exe (file missing) Svarīgi: Aizveriet visus logus, izņemot HijackThis un pēc tam noklikšķiniet uz Fix pārbaudīja. Iziet HijackThis. ---------- Doties uz Start> Run un tips Notepad.exe noklikšķiniet uz OK. Nokopējiet un ielīmējiet turpmāk teksta kods kārbas, jauns Notepad fails. Kods: @ ECHO OFF sc pieturas "msfwsvc" sc izdzēst "msfwsvc" sc pieturas "OneCareMP" sc izdzēst "OneCareMP" izejas Izvēlieties Saglabāt, lai vietā, ko Desktop un Faila nosaukums: tips fixme.bat pārliecinoties, ka Saglabāt kā tipu lauka saka Visi faili. Next dubultklikšķis fixservice.bat lai tā varētu darboties. Melnā kaste vajadzētu atvērt un aizvērt pēc neilga laika, tas ir normāli. Neturpina, līdz melnā kaste ir slēgts Dzēst fixservice.bat no darbvirsmas. ---------- Lejupielādēt OTMoveIt2 ar oldtimer un saglabājiet to savā Desktop. Piezīme: Ja jūs izmantojat uz Vista, ar peles labo pogu noklikšķiniet uz OTMoveIt2.exe un izvēlēties Run As Administrator. 1. Veiciet dubultklikšķi uz OTMoveIt2.exe lai tā varētu darboties. 2. Kopija ar codebox zem līnijas. Kods: [kill explorer] C: \ Program Files \ Microsoft Windows OneCare Live EmptyTemp [sākums Explorer] 4. Click sarkans Moveit! pogu. 5. Kopija viss Rezultāti loga (zem zaļā josla) un ielīmējiet to savā nākamajā atbildi. 6. Aizvērt OTMoveIt2 Atzīmēt: Ja faila vai mapes nevar pārvietot tieši jums var lūgt pārstartēt datoru lai pabeigtu pārvietoties procesu. Ja lūdza reboot, izvēlieties Jā. Ja ne, reboot anyway. ---------- Download ComboFix by subs no vienas no saitēm. Pārliecinieties top saglabājiet to Desktop. Link # 1 Link # 2 ** Piezīme: Ir svarīgi, ka tā ir saglabāta tieši jūsu Desktop Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt ComboFix. Laiku sakropļot jūsu antivīruss, Un jebkuru antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību. Dubultklikšķi combofix.exe un sekojiet norādījumiem. Windows XP Systems instalēt Recovery Console: - Ja lietojat Windows XP un nav jau Recovery Console uzstādītas, lūdzu, pārliecinieties, jūsu interneta savienojums ir aktīvs (ja iespējams) un noklikšķiniet uz Jā. - Ja kaut kādu iemeslu dēļ interneta nedarbojas klikšķi Nē. -- Ja nelietojat Windows XP, jums netiks piedāvāts. - Kad mudināts piekrist EULA klikšķi OK. - Pieņemt Microsoft EULA (Click Jā). - Ja Jums ir teikts, ka RC ir uzstādīts pareizi klikšķi JĀ turpināt meklētu ļaunprātīgu programmatūru. Kad pabeigts ComboFix ražos log for you. Post ComboFix log Jūsu nākamo atbildi. Svarīgi: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies. Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.
__________________ |
|
| |
| Bookmarks |
Similar Threads | ||||
| Pavediens | Thread Starter | Forums | Replies | Last Post |
| Problēma ar Trojan Horse Downloader Generic 9 | ÖGB | Vīrusu, spiegprogrammatūru un drošība | 7 | 21 novembris 2009 13:06 |
| Inficēti ar MultiPacked.Multi.Generic Malware! | ruffryder2k7 | Vīrusu, spiegprogrammatūru un drošība | 12 | 26 jūnijs 2009 19:26 |
| Dators ir inficēts ar Trojan.downloader un nebūs Dzēst Via MBAM | bvauilt | Vīrusu, spiegprogrammatūru un drošība | 15 | 17 aprīlis 2009 15:43 |
| Trojan.vundo.h, trojan.agent, adware.mirar + VAIRĀK! : ( | sillyarfer | Vīrusu, spiegprogrammatūru un drošība | 1 | 14 decembris 2008 09:59 |
| Heur Trojan Generic | kathymer | Vīrusu, spiegprogrammatūru un drošība | 10 | 29 novembris 2008 12:58 |
| Thread Tools | |
| |
