kisebb-sajáttőke

Magazine
Go Back   Számítógép Juice > Számítógépes szoftver > Vírus, kémprogram és biztonság
Reload this Page

LSASSMGR.exe (és mások) a fertőzött! Minden info / segítség?

Regisztráció Oldaltérkép Spy Tagok listája Donate Keres Mai hozzászólások Megjelöl Fórumok Olvas Fórum Szabályok

Register


 Default 

LSASSMGR.exe (és mások) a fertőzött! Minden info / segítség?




Reply
 
Téma eszközök
  #1  
Old Szeptember 9, 2008, 10:31
Új tag Csoport
  
Hello all,

Én nagyon új webhely, de hihetetlenül hálás, hogy itt vagy. Belebotlottam, mert egy friss fertőzés anyám laptop (osztjuk), és bizonytalan vagyok, hogyan oldja meg.

Körülbelül négy nappal ezelőtt, IE ablakok a pop-up hirdetéseket hirtelen történik egy léggömb én deskbar hogy így szól: "Spyware detected! Itt letölthető anti-spyware"

Futottam a Symantec és a Spybot S & D teljes beolvasása (nem tudja biztosan, hogy ez a vírus kicsúszott a két ezeket), és nem találtak semmit! Aztán elkezdtem googling és a letöltött Malwarebyte's Anti-Malware és rohantam ezt. Úgy ítélte meg, néhány dolgot, de ez nem oldja meg a problémát.

Letöltöttem PrevxCSI de nincs elég $ $ $ még megvenni a licenc (de majd ha kell), és felsorolja a következőket:

C: \ WINDOWS \ System32 \ ds fmon.dll - Malicious Software
C: \ WINDOWS \ System32 \ CSRLT.exe - Malware Dropper
C: \ WINDOWS \ MSBLT.exe - Malware Dropper
C: \ WINDOWS \ System32 \ LSASSMGR.exe - álcázott Malware
C: \ Program Files \ Mozilla Firefox \ firefoxe.exe - álcázott Malware
C: \ Program Files \ Internet Explorer \ iexplor.exe - álcázott Malware
C: \ WINDOWS \ System32 \ spool.exe - álcázott Malware
C: \ WINDOWS \ System32 \ srtsrv32.exe - álcázott Malware
C: \ WINDOWS \ System32 \ LSSMON.exe - Malware Dropper
C: \ WINDOWS \ divx32.dll - Malware Dropper
C: \ WINDOWS \ System32 \ msupd32.exe - Malware Dropper
C: \ WINDOWS \ System32 \ upd01.exe - Malware Dropper

Úgy néz ki, és soknak hangzik nekem, és én nagyon aggódom. Csinál akárki volna akármi hasznos javaslatokat nekem? Nem megyek is költeni egy csomó pénzt hoz erősít ez?

Köszönöm szépen!
  #2  
Old Szeptember 9, 2008, 11:32
Moderátor Csoport
  
Hello teddynicholas. Üdvözöljük a CJ.

Letöltés ComboFix a köv az egyik a lenti linkeket. Győződjön meg róla, top menteni a Desktop.

Link # 1
Link # 2

** Megjegyzés: Fontos, hogy a telefon közvetlenül az asztalra

Zárjon be minden megnyitott webböngészők. (Firefox, Internet Explorer, stb) ComboFix megkezdése előtt.

Ideiglenesen kikapcsol öné antivirus, És minden AntiSpyware valós idejű védelem előtt elvégzi a vizsgálatot. Kattints ez a kapcsolat listájának megtekintéséhez biztonsági programokat kell, hogy a fogyatékkal élők és az, hogyan lehet letiltani őket.

Kattintson duplán combofix.exe és kövesse az instrukciókat.
Ha kész ComboFix fog log Önnek.
A Post ComboFix napló a következő választ.

Fontos: Ne mouseclick ComboFix az ablakon, miközben az fut. Ez okozhatja, hogy az istálló.

Ne felejtsük el újra, hogy a víruskereső és AntiSpyware során ComboFix kész.
__________________
  #3  
Old Szeptember 16, 2008, 14:27
Új tag Csoport
  
ComboFix 08-09-15.02 - Teddy 2008-09-16 16:34:04.1 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.550 [GMT -4:00]
Running from: C: \ Documents and Settings \ Teddy \ Desktop \ ComboFix.exe
* Létrehozott egy új visszaállítási pontot

FIGYELMEZTETÉS-Ez a gép nem rendelkezik a helyreállítási konzol telepítve!!
.

Egyéb ((((((((((((((((((((((((((((((((((((((( Törlések ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ Documents and Settings \ LocalService \ Cookies \ system@ad.yieldmanag er [1]. Txt
C: \ Documents and Settings \ Teddy \ Cookies \ teddy@ad.yieldmanager [1]. Txt
C: \ WINDOWS \ Downloaded Program Files \ setup.inf
C: \ WINDOWS \ System32 \ spool.exe

.
((((((((((((((((((((((((( Files létrehozott 2008/08/16 a 2008/09/16 ))))))))))) ))))))))))))))))))))
.

2008-09-16 16:21. 2008-09-16 16:50 <DIR> d -------- C: \ WINDOWS \ System32 \ CatRoot_bak
2008-09-16 13:23. 2008-09-16 13:23 <DIR> d -------- C: \ WINDOWS \ LastGood
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Program Files \ iTunes
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Program Files \ iPod
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-09-13 13:12. 2008-09-13 13:16 <DIR> d -------- C: \ Program Files \ Common Files \ Apple
2008-09-08 16:10. 2008-09-08 16:10 <DIR> d -------- C: \ Program Files \ Easy SpyRemover
2008-09-08 15:45. 2008-09-06 00:59 741.376 - a ------ C: \ WINDOWS \ System32 \ LSSMON.EXE
2008-09-08 15:45. 2008-09-04 21:59 17.920 - a ------ C: \ WINDOWS \ System32 \ LSASSMGR.EXE
2008-09-07 22:34. 2008-09-02 00:16 38.528 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbamswissarmy.sys
2008-09-07 22:33. 2008-09-07 22:34 <DIR> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware a
2008-09-07 22:33. 2008-09-07 22:33 <DIR> d -------- C: \ Documents and Settings \ Teddy \ Application Data \ Malwarebytes
2008-09-07 22:33. 2008-09-07 22:33 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-09-07 22:33. 2008-09-02 00:16 17.200 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbam.sys
2008-09-06 15:09. 2008-09-06 15:09 90.112 - a ------ C: \ WINDOWS \ System32 \ QuickTimeVR.qtx
2008-09-06 15:09. 2008-09-06 15:09 57.344 - a ------ C: \ WINDOWS \ System32 \ QuickTime.qts
2008-09-05 10:44. 2008-09-06 00:59 741.376 - a ------ C: \ WINDOWS \ System32 \ msupd32.exe
2008-09-04 21:59. 2008-09-07 12:59 741.376 - a ------ C: \ WINDOWS \ System32 \ upd01.exe
2008-09-04 21:59. 2008-09-06 00:59 741.376 - a ------ C: \ WINDOWS \ divx32.dll
2008-09-04 21:59. 2008-09-04 21:59 17.920 - a ------ C: \ WINDOWS \ System32 \ srtsrv32.exe
2008-09-04 21:59. 2008-09-16 16:24 5.903 - a ------ C: \ WINDOWS \ System32 \ mssc32.dll
2008-09-04 21:59. 2008-09-16 16:24 5.903 - a ------ C: \ WINDOWS \ System32 \ bsc32.dll
2008-09-02 13:23. 2008-09-02 13:23 <DIR> d -------- C: \ Program Files \ PrevxCSI
2008-09-02 13:23. 2008-09-16 13:32 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI
2008-09-02 13:23. 2008-09-02 13:23 17.408 - a ------ C: \ WINDOWS \ System32 \ Drivers \ pxark.sys
2008-09-01 01:30. 2008-09-02 13:10 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-09-01 01:20. 2008-09-07 22:19 0 - a ------ C: \ WINDOWS \ System32 \ sc02.sc
2008-08-31 01:46. 2007-02-20 16:04 2.463.976 - a ------ C: \ WINDOWS \ System32 \ NPSWF32.dll
2008-08-31 01:46. 2007-02-20 16:04 190.696 - a ------ C: \ WINDOWS \ System32 \ NPSWF32_FlashUtil.exe
2008-08-30 09:59. 2008-08-30 21:34 <DIR> d -------- C: \ Program Files \ Macromedia
2008-08-30 09:59. 2008-08-30 21:27 <DIR> d -------- C: \ Program Files \ Common Files \ Macromedia
2008-08-30 01:25. 2008-09-13 13:18 <DIR> d -------- C: \ Program Files \ Bonjour -
2008-08-29 14:33. 2006-09-18 17:55 109.744 - a ------ C: \ WINDOWS \ System32 \ drivers \ SYMEVENT.SYS
2008-08-29 14:33. 2006-09-18 17:55 48.816 - a ------ C: \ WINDOWS \ System32 \ S32EVNT1.DLL
2008-08-29 10:18. 2008-08-29 10:18 87.336 - a ------ C: \ WINDOWS \ System32 \ DNS-sd.exe
2008-08-29 09:53. 2008-08-29 09:53 61.440 - a ------ C: \ WINDOWS \ System32 \ dnssd.dll
2008-08-27 04:05. 2008-04-07 05:38 45.392-ra ------ C: \ WINDOWS \ System32 \ AdobePDF.dll
2008-08-27 04:05. 2008-04-07 05:38 22.872-ra ------ C: \ WINDOWS \ System32 \ AdobePDFUI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-16 20:53 --------- d ----- w C: \ Program Files \ Symantec AntiVirus
2008-09-13 17:17 --------- d ----- w C: \ Program Files \ QuickTime
2008-09-13 17:13 --------- d ----- w C: \ Program Files \ Apple Software Update
2008-09-08 18:53 249.956 ---- aw C: \ WINDOWS \ System32 \ dsfMon.dll
2008-09-01 07:50 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy program
2008-09-01 05:56 --------- d ----- w C: \ Program Files \ Spybot - Search & Destroy program
2008-08-30 05:24 --------- d ----- w C: \ Program Files \ Common Files \ Adobe
2008-08-29 18:34 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008-08-29 18:33 --------- d ----- w C: \ Program Files \ Symantec
2008-08-29 18:32 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-08-27 08:22 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FLEXnet
2008-08-26 00:52 --------- d ----- w C: \ Documents and Settings \ Teddy \ Application Data \ OpenOffice.org2
2008-08-13 21:33 --------- d ----- w C: \ Program Files \ Microsoft Silverlight
2008-08-12 02:46 --------- d ----- w C: \ Program Files \ PHM
2008-07-26 08:55 --------- d ----- w C: \ Program Files \ OpenOffice.org 2.4
2008-07-26 08:54 --------- d ----- w C: \ Program Files \ Java
2008-07-19 02:10 94.920 ---- aw C: \ WINDOWS \ System32 \ cdm.dll
2008-07-19 02:10 53.448 ---- aw C: \ WINDOWS \ System32 \ wuauclt.exe
2008-07-19 02:09 563.912 ---- aw C: \ WINDOWS \ System32 \ wuapi.dll
2008-07-19 02:09 325.832 ---- aw C: \ WINDOWS \ System32 \ wucltui.dll
2008-07-19 02:09 205.000 ---- aw C: \ WINDOWS \ System32 \ wuweb.dll
2008-07-19 02:09 1.811.656 ---- aw C: \ WINDOWS \ System32 \ Wuaueng.dll
2008-07-07 20:32 253.952 ---- aw C: \ WINDOWS \ System32 \ es.dll
2008-06-24 22:12 295.936 ------ w C: \ WINDOWS \ System32 \ wmpeffects.dll
2008-06-24 16:23 74.240 ---- aw C: \ WINDOWS \ System32 \ mscms.dll
2008-06-23 16:57 826.368 ---- aw C: \ WINDOWS \ System32 \ Wininet.dll A
2008-06-20 17:41 245.248 ---- aw C: \ WINDOWS \ System32 \ mswsock.dll
2008-04-19 16:57 32 ---- aw C: \ Documents and Settings \ All Users \ Application Data \ ezsid.dat
.

((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
: "swg" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe" [2007-04-02 68856]
: "QuickTime Task" = "C: \ Program Files \ qttask.exe" [2008-09-06 413696]
: "H / PC Connection Agent" = "C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe" [2006-11-13 1289000]
"Ctfmon.exe" = "C: \ WINDOWS \ System32 \ Ctfmon.exe" [2004-08-04 15360]
: "IndxStoreSvr_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)" = "C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexStoreSvr.exe" [2008-02-28 1828136]
: "SpybotSD TeaTimer" = "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
: "RemoteControl" = "C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe" [2004-05-14 32768]
: "RoxioEngineUtility" = "C: \ Program Files \ Common Files \ Roxio Shared \ System \ EngUtil.exe" [2003-05-01 65536]
: "RoxioAudioCentral" = "C: \ Program Files \ Roxio \ Easy CD Creator 6 \ AudioCentral \ RxMon.exe" [2003-07-15 319488]
"SiS Windows KeyHook" = "C: \ WINDOWS \ System32 \ keyhook.exe" [2004-09-02 249856]
: "SiSUSBRG" = "C: \ WINDOWS \ SiSUSBrg.exe" [2004-09-22 106496]
: "Apoint" = "C: \ Program Files \ Apoint2K \ Apoint.exe" [2003-12-05 159744]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
: "DSFHost" = "C: \ Program Files \ Staples \ easyprint \ dsfhost.exe" [2006-01-05 2142301]
"Synchronization Manager" = "C: \ WINDOWS \ System32 \ mobsync.exe" [2004-08-04 143360]
: "Zune Launcher" = "C: \ Program Files \ Zune \ ZuneLauncher.exe" [2007-03-14 24104]
: "GrooveMonitor" = "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe" [2006-10-27 31016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
: "NeroFilterCheck" = "C: \ Program Files \ Common Files \ Nero \ Lib \ NeroCheck.exe" [2008-02-28 570664]
: "NBKeyScan" = "C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBKeyScan.exe" [2008-02-18 2221352]
: "Adobe Acrobat Speed Launcher" = "C: \ Program Files \ Adobe \ Acrobat 9.0 \ Acrobat \ Acrobat_sl.exe" [2008-06-12 37232]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" [2006-07-19 52896]
"vptray" = "C: \ PROGRA ~ 1 \ SYMANT ~ 1 \ VPTray.exe" [2006-09-27 125168]
: "Layersecurity Servicemonitor" = "C: \ WINDOWS \ System32 \ LSSMON.EXE" [2008-09-06 741376]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-09-10 289576]
: "SoundMan" = "SOUNDMAN.EXE" [2004/09/22 C: \ WINDOWS \ SOUNDMAN.EXE]
: "AGRSMMSG" = "AGRSMMSG.exe" [2004/09/22 C: \ WINDOWS \ AGRSMMSG.exe]
: "SiSPower" = "SiSPower.dll" [2004/09/22 C: \ WINDOWS \ System32 \ SiSPower.dll]

C: \ Documents and Settings \ Teddy \ Start Menu \ Programs \ Startup \
Az Adobe Gamma.lnk - C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2005-03-16 113664]
OneNote 2007 Screen Clipper és Launcher.lnk - C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE [2006-10-26 98632]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Windows Desktop Search.lnk - C: \ Program Files \ Windows Desktop Search \ WindowsSearch.exe [2007-02-05 118784]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
: "(56F9679E-7826-4C84-81F3-532071A8BCC5)" = "C: \ Program Files \ Windows Desktop Search \ MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
: "AppInit_DLLs" = acaptuser32.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ képfájlban végrehajtás options \ firefox.exe]
"Debugger" = C: \ Program Files \ Mozilla Firefox \ firefoxe.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ képfájlban végrehajtás options \ iexplore.exe]
"Debugger" = C: \ Program Files \ Internet Explorer \ iexplor.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ képfájlban végrehajtás options \ Spoolsv.exe]
"Debugger" = C: \ WINDOWS \ System32 \ spool.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ System32 \ \ Sessmgr.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"" C: \ \ Program Files \ \ \ BitLord \ \ BitLord.exe "=
"" C: \ \ Program Files \ \ Soulseek \ \ slsk.exe "=
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"C: \ \ StubInstaller.exe" =
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"C: \ \ Program Files \ \ Messenger \ \ msmsgs.exe" =
"C: \ \ Program Files \ \ AIM \ \ aim.exe" =
"C: \ Program Files \ Microsoft ActiveSync \ rapimgr.exe" = C: \ Program Files \ Microsoft ActiveSync \ rapimgr.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync RAPI Manager
: "C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe" = C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync Connection Manager
: "C: \ Program Files \ Microsoft ActiveSync \ WCESMgr.exe" = C: \ Program Files \ Microsoft ActiveSync \ WCESMgr.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync Application
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ Outlook.exe" =
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ GROOVE.EXE" =
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ ONENOTE.EXE" =
"" C: \ \ Program Files \ \ \ Isadora \ \ isadora.exe "=
"C: \ \ Program Files \ \ Skype \ \ Phone \ \ Skype.exe" =
"C: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ GloballyOpenPorts \ List]
"3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009
"1500: TCP" = 1500: TCP: Safe Access Agent Port
"26675: TCP" = 26675: TCP: 169.254.2.0/255.255.255.0: Enabled: ActiveSync szolgáltatás


* Newly Created Service * - CatchMe
* Newly Created Service * - PROCEXP90
.
Tartalma az "Ütemezett feladatok" mappába
.
- - - - ÁRVAELLÁTÁS REMOVED - - - --

HKLM-Run-CSRLT.EXE - C: \ WINDOWS \ System32 \ CSRLT.EXE


.
Kiegészítő Scan ------- -------
.
FireFox -: Profile - C: \ Documents and Settings \ Teddy \ Application Data \ Mozilla \ Firefox \ Profiles \ 6xzfp0sa.default \
FireFox -: prefs.js - SEARCH.DEFAULTURL - hxxp: / / www.google.com/search?lr=&ie=UTF-8&oe=UTF-8&q =
.

************************************************** ************************

CatchMe 0.3.1361 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-16 16:51:46
5/1/2600 Windows Service Pack 2 NTFS

szkennelés rejtett folyamatok ...

scanning hidden autostart entries ...

scanning hidden files ...

scan sikeresen befejeződött
hidden files: 0

************************************************** ************************
.
Teljesítés ideje: 2008-09-16 17:15:59
ComboFix-karantén-files.txt 2008-09-16 21:15:16

Pre-Run: 10478669824 byte szabad
Post-Run: 10446106624 byte szabad

190 --- EOF --- 2008-09-11 20:07:51
  #4  
Old 16. Sep 2008, 14:45
Moderátor Csoport
  
Megjegyzés: Az alábbi utasításokat hoztak létre külön erre a felhasználót. Ha nem ez a felhasználó, NEM alábbi irányokba, mivel azok károsíthatják a működését a rendszer

Törölje ezeket a fájlokat / mappákat, az alábbiak szerint:

1. Menj a Start > Fut > Type Notepad.exe , és kattintson OK megnyitásához Jegyzettömbbe.
Azt kell a Jegyzettömb, nem Wordpad.
2. Másolja az alábbi szöveget a kód mezőbe, kiemelve az összes szöveget, és nyomja meg Ctrl + C

Kód:
Killall:: File:: C: \ Program Files \ Easy SpyRemover C: \ WINDOWS \ System32 \ LSSMON.EXE C: \ WINDOWS \ System32 \ LSASSMGR.EXE C: \ WINDOWS \ System32 \ msupd32.exe C: \ WINDOWS \ System32 \ upd01.exe C: \ WINDOWS \ System32 \ srtsrv32.exe C: \ WINDOWS \ System32 \ mssc32.dll C: \ WINDOWS \ System32 \ bsc32.dll Registry:: [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image fájl végrehajtása options \ iexplore.exe] "Debugger" =- [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ image file végrehajtás options \ spoolsv.exe] "Debugger" =-
3. Ugrás a Jegyzettömb ablak, és kattintson Szerkesztés > Beillesztés
4. Ezután kattintson a Fájl > Ment
5. A fájl neve CFScript.txt - Mentsük a fájlt az asztalra
6. Ezután húzza a CFScript (tartsuk lenyomva a bal egérgombot, miközben húzza a fájlt), és dobja el (engedje el a bal egérgombot) a ComboFix.exe mint látod a screenshot alább. Fontos: Végezze el ezt az utasítást figyelmesen!



ComboFix kezdődik végrehajtásához, kövesse az instrukciókat.
Újraindítás után (amennyiben azt kéri, hogy reboot), majd egy naplót az Ön számára.
Post hogy log (Combofix.txt) a következő választ.

Megjegyzés: Ne mouseclick ComboFix az ablakon, miközben az fut. Ezt okozhatja a rendszer befagyasztja
__________________
  #5  
Old Szeptember 16, 2008, 15:32
Új tag Csoport
  
ComboFix 08-09-15.02 - Teddy 2008-09-16 17:49:20.2 - NTFSx86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.850 [GMT -4:00]
Running from: C: \ Documents and Settings \ Teddy \ Desktop \ ComboFix.exe
Parancs kapcsolók használhatók: C: \ Documents and Settings \ Teddy \ Desktop \ CFScript.txt
* Létrehozott egy új visszaállítási pontot

FIGYELMEZTETÉS-Ez a gép nem rendelkezik a helyreállítási konzol telepítve!!
.

Egyéb ((((((((((((((((((((((((((((((((((((((( Törlések ))))))))) ))))))))))))))))))))))))))))))))))))))))
.

C: \ WINDOWS \ System32 \ bsc32.dll
C: \ WINDOWS \ System32 \ LSASSMGR.EXE
C: \ WINDOWS \ System32 \ LSSMON.EXE
C: \ WINDOWS \ System32 \ mssc32.dll
C: \ WINDOWS \ System32 \ msupd32.exe
C: \ WINDOWS \ System32 \ spool.exe
C: \ WINDOWS \ System32 \ srtsrv32.exe
C: \ WINDOWS \ System32 \ upd01.exe

.
((((((((((((((((((((((((( Files létrehozott 2008/08/16 a 2008/09/16 ))))))))))) ))))))))))))))))))))
.

2008-09-16 16:21. 2008-09-16 16:50 <DIR> d -------- C: \ WINDOWS \ System32 \ CatRoot_bak
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Program Files \ iTunes
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Program Files \ iPod
2008-09-13 13:19. 2008-09-13 13:19 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6)
2008-09-13 13:12. 2008-09-13 13:16 <DIR> d -------- C: \ Program Files \ Common Files \ Apple
2008-09-08 16:10. 2008-09-08 16:10 <DIR> d -------- C: \ Program Files \ Easy SpyRemover
2008-09-07 22:34. 2008-09-02 00:16 38.528 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbamswissarmy.sys
2008-09-07 22:33. 2008-09-07 22:34 <DIR> d -------- C: \ Program Files \ Malwarebytes 'Anti-Malware a
2008-09-07 22:33. 2008-09-07 22:33 <DIR> d -------- C: \ Documents and Settings \ Teddy \ Application Data \ Malwarebytes
2008-09-07 22:33. 2008-09-07 22:33 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008-09-07 22:33. 2008-09-02 00:16 17.200 - a ------ C: \ WINDOWS \ System32 \ Drivers \ mbam.sys
2008-09-06 15:09. 2008-09-06 15:09 90.112 - a ------ C: \ WINDOWS \ System32 \ QuickTimeVR.qtx
2008-09-06 15:09. 2008-09-06 15:09 57.344 - a ------ C: \ WINDOWS \ System32 \ QuickTime.qts
2008-09-04 21:59. 2008-09-06 00:59 741.376 - a ------ C: \ WINDOWS \ divx32.dll
2008-09-02 13:23. 2008-09-02 13:23 <DIR> d -------- C: \ Program Files \ PrevxCSI
2008-09-02 13:23. 2008-09-16 13:32 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PrevxCSI
2008-09-02 13:23. 2008-09-02 13:23 17.408 - a ------ C: \ WINDOWS \ System32 \ Drivers \ pxark.sys
2008-09-01 01:30. 2008-09-02 13:10 <DIR> da ------ C: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008-09-01 01:20. 2008-09-07 22:19 0 - a ------ C: \ WINDOWS \ System32 \ sc02.sc
2008-08-31 01:46. 2007-02-20 16:04 2.463.976 - a ------ C: \ WINDOWS \ System32 \ NPSWF32.dll
2008-08-31 01:46. 2007-02-20 16:04 190.696 - a ------ C: \ WINDOWS \ System32 \ NPSWF32_FlashUtil.exe
2008-08-30 09:59. 2008-08-30 21:34 <DIR> d -------- C: \ Program Files \ Macromedia
2008-08-30 09:59. 2008-08-30 21:27 <DIR> d -------- C: \ Program Files \ Common Files \ Macromedia
2008-08-30 01:25. 2008-09-13 13:18 <DIR> d -------- C: \ Program Files \ Bonjour -
2008-08-29 14:33. 2006-09-18 17:55 109.744 - a ------ C: \ WINDOWS \ System32 \ drivers \ SYMEVENT.SYS
2008-08-29 14:33. 2006-09-18 17:55 48.816 - a ------ C: \ WINDOWS \ System32 \ S32EVNT1.DLL
2008-08-29 10:18. 2008-08-29 10:18 87.336 - a ------ C: \ WINDOWS \ System32 \ DNS-sd.exe
2008-08-29 09:53. 2008-08-29 09:53 61.440 - a ------ C: \ WINDOWS \ System32 \ dnssd.dll
2008-08-27 04:05. 2008-04-07 05:38 45.392-ra ------ C: \ WINDOWS \ System32 \ AdobePDF.dll
2008-08-27 04:05. 2008-04-07 05:38 22.872-ra ------ C: \ WINDOWS \ System32 \ AdobePDFUI.dll

.
(((((((((((((((((((((((((((((((((((((((( Find3M Jelentés )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008-09-16 21:33 --------- d ----- w C: \ Program Files \ Symantec AntiVirus
2008-09-13 17:17 --------- d ----- w C: \ Program Files \ QuickTime
2008-09-13 17:13 --------- d ----- w C: \ Program Files \ Apple Software Update
2008-09-01 07:50 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy program
2008-09-01 05:56 --------- d ----- w C: \ Program Files \ Spybot - Search & Destroy program
2008-08-30 05:24 --------- d ----- w C: \ Program Files \ Common Files \ Adobe
2008-08-29 18:34 --------- d ----- w C: \ Program Files \ Common Files \ Symantec Shared
2008-08-29 18:33 --------- d ----- w C: \ Program Files \ Symantec
2008-08-29 18:32 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ Symantec
2008-08-27 08:22 --------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ FLEXnet
2008-08-26 00:52 --------- d ----- w C: \ Documents and Settings \ Teddy \ Application Data \ OpenOffice.org2
2008-08-13 21:33 --------- d ----- w C: \ Program Files \ Microsoft Silverlight
2008-08-12 02:46 --------- d ----- w C: \ Program Files \ PHM
2008-07-26 08:55 --------- d ----- w C: \ Program Files \ OpenOffice.org 2.4
2008-07-26 08:54 --------- d ----- w C: \ Program Files \ Java
2008-04-19 16:57 32 ---- aw C: \ Documents and Settings \ All Users \ Application Data \ ezsid.dat
.

((((((((((((((((((((((((((((( Snapshot@2008-09-16_17.03.48.82 )))))))))) )))))))))))))))))))))))))))))))
.
- 2007/07/30 23:18:40 33.624-c - aw C: \ WINDOWS \ system32 \ dllcache \ wups.dll
+ 2008-07-19 02:10:20 36.552-c - aw C: \ WINDOWS \ system32 \ dllcache \ wups.dll
- 2007-07-30 23:18:40 33.624 ---- aw C: \ WINDOWS \ System32 \ wups.dll
+ 2008-07-19 02:10:20 36.552 ---- aw C: \ WINDOWS \ System32 \ wups.dll
- 2007-07-30 23:19:12 43.352 ---- aw C: \ WINDOWS \ System32 \ wups2.dll
+ 2008-07-19 02:10:40 45.768 ---- aw C: \ WINDOWS \ System32 \ wups2.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Megjegyzés * empty entries & legit default bejegyzések nem jelennek meg
REGEDIT4

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run]
: "swg" = "C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe" [2007-04-02 68856]
: "QuickTime Task" = "C: \ Program Files \ qttask.exe" [2008-09-06 413696]
: "H / PC Connection Agent" = "C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe" [2006-11-13 1289000]
"Ctfmon.exe" = "C: \ WINDOWS \ System32 \ Ctfmon.exe" [2004-08-04 15360]
: "IndxStoreSvr_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)" = "C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexStoreSvr.exe" [2008-02-28 1828136]
: "SpybotSD TeaTimer" = "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe" [2008-08-18 1832272]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
: "RemoteControl" = "C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe" [2004-05-14 32768]
: "RoxioEngineUtility" = "C: \ Program Files \ Common Files \ Roxio Shared \ System \ EngUtil.exe" [2003-05-01 65536]
: "RoxioAudioCentral" = "C: \ Program Files \ Roxio \ Easy CD Creator 6 \ AudioCentral \ RxMon.exe" [2003-07-15 319488]
"SiS Windows KeyHook" = "C: \ WINDOWS \ System32 \ keyhook.exe" [2004-09-02 249856]
: "SiSUSBRG" = "C: \ WINDOWS \ SiSUSBrg.exe" [2004-09-22 106496]
: "Apoint" = "C: \ Program Files \ Apoint2K \ Apoint.exe" [2003-12-05 159744]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe" [2008-06-10 144784]
: "DSFHost" = "C: \ Program Files \ Staples \ easyprint \ dsfhost.exe" [2006-01-05 2142301]
"Synchronization Manager" = "C: \ WINDOWS \ System32 \ mobsync.exe" [2004-08-04 143360]
: "Zune Launcher" = "C: \ Program Files \ Zune \ ZuneLauncher.exe" [2007-03-14 24104]
: "GrooveMonitor" = "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe" [2006-10-27 31016]
"Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe" [2008-01-11 39792]
: "NeroFilterCheck" = "C: \ Program Files \ Common Files \ Nero \ Lib \ NeroCheck.exe" [2008-02-28 570664]
: "NBKeyScan" = "C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBKeyScan.exe" [2008-02-18 2221352]
: "Adobe Acrobat Speed Launcher" = "C: \ Program Files \ Adobe \ Acrobat 9.0 \ Acrobat \ Acrobat_sl.exe" [2008-06-12 37232]
"ccApp" = "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" [2006-07-19 52896]
"vptray" = "C: \ PROGRA ~ 1 \ SYMANT ~ 1 \ VPTray.exe" [2006-09-27 125168]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008-09-10 289576]
: "CSRLT.EXE" = "C: \ WINDOWS \ System32 \ CSRLT.EXE" [BU]
: "SoundMan" = "SOUNDMAN.EXE" [2004/09/22 C: \ WINDOWS \ SOUNDMAN.EXE]
: "AGRSMMSG" = "AGRSMMSG.exe" [2004/09/22 C: \ WINDOWS \ AGRSMMSG.exe]
: "SiSPower" = "SiSPower.dll" [2004/09/22 C: \ WINDOWS \ System32 \ SiSPower.dll]

C: \ Documents and Settings \ Teddy \ Start Menu \ Programs \ Startup \
Az Adobe Gamma.lnk - C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe [2005-03-16 113664]
OneNote 2007 Screen Clipper és Launcher.lnk - C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE [2006-10-26 98632]

C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Windows Desktop Search.lnk - C: \ Program Files \ Windows Desktop Search \ WindowsSearch.exe [2007-02-05 118784]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks]
: "(56F9679E-7826-4C84-81F3-532071A8BCC5)" = "C: \ Program Files \ Windows Desktop Search \ MSNLNamespaceMgr.dll" [2007-02-05 294400]

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
: "AppInit_DLLs" = acaptuser32.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ képfájlban végrehajtás options \ firefox.exe]
"Debugger" = C: \ Program Files \ Mozilla Firefox \ firefoxe.exe

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security Center \ Monitoring \ SymantecAntiVirus]
"DisableMonitoring" = dword: 00000001

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ System32 \ \ Sessmgr.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"" C: \ \ Program Files \ \ \ BitLord \ \ BitLord.exe "=
"" C: \ \ Program Files \ \ Soulseek \ \ slsk.exe "=
"C: \ \ Program Files \ \ Mozilla Firefox \ \ firefox.exe" =
"C: \ \ StubInstaller.exe" =
"C: \ \ Program Files \ \ LimeWire \ \ LimeWire.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"C: \ \ Program Files \ \ Messenger \ \ msmsgs.exe" =
"C: \ \ Program Files \ \ AIM \ \ aim.exe" =
"C: \ Program Files \ Microsoft ActiveSync \ rapimgr.exe" = C: \ Program Files \ Microsoft ActiveSync \ rapimgr.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync RAPI Manager
: "C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe" = C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync Connection Manager
: "C: \ Program Files \ Microsoft ActiveSync \ WCESMgr.exe" = C: \ Program Files \ Microsoft ActiveSync \ WCESMgr.exe: 169.254.2.0/255.255.255.0: Enabled: ActiveSync Application
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ Outlook.exe" =
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ GROOVE.EXE" =
"C: \ \ Program Files \ \ Microsoft Office \ \ Office12 \ \ ONENOTE.EXE" =
"" C: \ \ Program Files \ \ \ Isadora \ \ isadora.exe "=
"C: \ \ Program Files \ \ Skype \ \ Phone \ \ Skype.exe" =
"C: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =

[HKLM \ ~ \ Services \ SharedAccess \ Parameters \ firewallpo wildwolf \ standardprofile \ GloballyOpenPorts \ List]
"3389: TCP" = 3389: TCP: @ xpsp2res.dll, -22009
"1500: TCP" = 1500: TCP: Safe Access Agent Port
"26675: TCP" = 26675: TCP: 169.254.2.0/255.255.255.0: Enabled: ActiveSync szolgáltatás

R0 pxark; pxark, C: \ WINDOWS \ System32 \ Drivers \ pxark.sys [2008-09-02 17408]
R2 CSIScanner; CSIScanner, C: \ Program Files \ PrevxCSI \ prevxcsi.exe [2008-09-02 618040]
R2 SafeAccessAgent; Safe Access Agent, C: \ Program Files \ StillSecure \ Safe Access Agent \ SAService.exe [2006-01-27 880640]
R2 Viewpoint Manager Service; Viewpoint Service Manager, C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007-01-04 24652]
S3 HwIOctl; HwIOctl, C: \ Documents and Settings \ Owner \ Desktop \ HwIOctl.sys []
S3 Ktp3; Elantech TouchPad (KTP3), C: \ WINDOWS \ System32 \ DRIVERS \ Ktp3.sy s [2004-09-22 24704]
S3 Memctl; Memctl, C: \ Documents and Settings \ Owner \ Desktop \ Memctl.sys []
.
Tartalma az "Ütemezett feladatok" mappába
.
- - - - ÁRVAELLÁTÁS REMOVED - - - --

HKLM-Run-Layersecurity Servicemonitor - C: \ WINDOWS \ System32 \ LSSMON.EXE
HKLM-Run-MSBLT.EXE - C: \ WINDOWS \ MSBLT.EXE



************************************************** ************************

CatchMe 0.3.1361 W2K/XP/Vista - Rootkit / stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2008-09-16 18:00:27
5/1/2600 Windows Service Pack 2 NTFS

szkennelés rejtett folyamatok ...

scanning hidden autostart entries ...

scanning hidden files ...


************************************************** ************************
.
------------------------ Other Running Processes ----------------------- --
.
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ Symantec AntiVirus \ DefWatch.exe
C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBService.exe
C: \ WINDOWS \ System32 \ IoctlSvc.exe
C: \ WINDOWS \ System32 \ MsPMSPSv.exe
C: \ WINDOWS \ System32 \ searchindexer.exe
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ WINDOWS \ System32 \ Rundll32.exe
C: \ PROGRA ~ 1 \ mikrók ~ 3 \ rapimgr.exe
C: \ Program Files \ Roxio \ Easy CD Creator 6 \ AudioCentral \ Playlist.exe
C: \ Program Files \ Apoint2K \ ApntEx.exe
C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexingService.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ WINDOWS \ System32 \ searchprotocolhost.exe
C: \ WINDOWS \ System32 \ searchfilterhost.exe
.
************************************************** ************************
.
Teljesítés ideje: 2008-09-16 18:24:56 - gép újraindul, volt
ComboFix-karantén-files.txt 2008-09-16 22:23:49
ComboFix2.txt 2008-09-16 21:16:14

Pre-Run: 10626510848 byte szabad
Post-Run: 10616803328 byte szabad

205 --- EOF --- 2008-09-11 20:07:51
  #6  
Old Szeptember 16, 2008, 15:50
Moderátor Csoport
  
Letöltés TrendMicro HijackThis.exe (HJT) az asztalra.
  • Kattintsunk duplán a HJTInstall.
  • Kattintson a Telepítés gombra.
  • Ez automatikusan helyet HJT a C: \ Program Files \ TrendMicro \ HijackThis \ HijackThis.exe.
  • A telepítés, HijackThis kell nyitnia, az Ön számára.
  • Kattintson a Van egy rendszer scan, és mentse a log file gomb
  • HijackThis majd scan, majd egy napló nyit a Jegyzettömbben.
  • Másolja, majd illessze be a teljes tartalma a napló a postán.
  • Ne HijackThis volna meg valamit. A legtöbb, amit úgy találja majd ártalmatlan, sőt szükséges.
__________________
  #7  
Old Szeptember 23, 2008, 09:24
Új tag Csoport
  
Naplózás A Trend Micro HijackThis v2.0.2
Scan mentése 12:21:04, on 9/23/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Futó folyamatok:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ System32 \ Services.exe
C: \ WINDOWS \ System32 \ Lsass.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ System32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ Program Files \ Symantec AntiVirus \ DefWatch.exe
C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBService.exe
C: \ WINDOWS \ System32 \ IoctlSvc.exe
C: \ Program Files \ StillSecure \ Safe Access Agent \ SAService.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe
C: \ WINDOWS \ System32 \ MsPMSPSv.exe
C: \ WINDOWS \ System32 \ SearchIndexer.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ PrevxCSI \ prevxcsi.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe
C: \ WINDOWS \ SOUNDMAN.EXE
C: \ WINDOWS \ System32 \ keyhook.exe
C: \ Program Files \ Apoint2K \ Apoint.exe
C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe
C: \ Program Files \ Staples \ easyprint \ dsfhost.exe
C: \ Program Files \ Zune \ ZuneLauncher.exe
C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ Apoint2K \ Apntex.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe
C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexStoreSvr.exe
C: \ PROGRA ~ 1 \ mikrók ~ 3 \ rapimgr.exe
C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexingService.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Viewpoint \ Viewpoint Manager \ ViewMgr.exe
C: \ Program Files \ Adobe \ Acrobat 9.0 \ Acrobat \ AcroTray.exe
C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Kiadó \ FNPLicensingService.exe
C: \ WINDOWS \ System32 \ Taskmgr.exe
C: \ WINDOWS \ lsass.exe
C: \ WINDOWS \ System32 \ SPOOLER.EXE
C: \ WINDOWS \ System32 \ wscntfy.exe
C: \ WINDOWS \ System32 \ Ctfmon.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ WINDOWS \ System32 \ SearchProtocolHost.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.averatec.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://oqaserver-a/
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ int ernet Beállítások, ProxyOverride = *. helyi
O2 - BHO: Yahoo! Toolbar Helper - (02478D38-C3F9-4EFB-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
Az O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office12 \ GRA8E1 ~ 1.DLL
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Az O2 - BHO: AOL Launcher Toolbar - (7C554162-8CB7-45A4-B8F4-8EA1C75885F9) - C: \ Program Files \ AOL \ AOL Toolbar 2.0 \ aoltb.dll
Az O2 - BHO: Viewpoint Toolbar BHO - (A7327C09-B521-4EDB-8509-7D2660C9EC98) - C: \ Program Files \ Viewpoint \ Viewpoint Toolbar \ 3.8.0 \ ViewBarBHO.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - (AE7CD045-E861-484f-8273-0445EE161910) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.1.807.1746 \ sw g.dll
O2 - BHO: SmartSelect - (F4971EE7-DAA0-4053-9964-665D8EE6A077) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Installs \ cpn \ yt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11D4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll
O3 - Toolbar: AOL Toolbar - (DE9C389F-3316-41A7-809B-AA305ED9D922) - C: \ Program Files \ AOL \ AOL Toolbar 2.0 \ aoltb.dll
O3 - Toolbar: Viewpoint Toolbar - (F8AD5AA5-D966-4667-9DAF-2561D68B2012) - C: \ Program Files \ Common Files \ Viewpoint \ Toolbar Futásidejű \ 3.8.0 \ IEViewBar.dll
O3 - Toolbar: Adobe PDF - (47833539-D0C5-4125-9FA8-0819E2EAAC93) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll
O4 - HKLM \ .. \ Run: [RemoteControl] "C: \ Program Files \ CyberLink \ PowerDVD \ PDVDServ.exe"
"O4 - HKLM \ .. \ Run: [RoxioEngineUtility]" C: \ Program Files \ Common Files \ Roxio Shared \ System \ EngUtil.exe "
"O4 - HKLM \ .. \ Run: [RoxioAudioCentral]" C: \ Program Files \ Roxio \ Easy CD Creator 6 \ AudioCentral \ RxMon.exe "
O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM \ .. \ Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [SiS Windows KeyHook] C: \ WINDOWS \ System32 \ keyhook.exe
O4 - HKLM \ .. \ Run: [SiSUSBRG] C: \ WINDOWS \ SiSUSBrg.exe
O4 - HKLM \ .. \ Run: [Apoint] C: \ Program Files \ Apoint2K \ Apoint.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ jusched.exe"
Background O4 - HKLM \ .. \ Run: [DSFHost] C: \ Program Files \ Staples \ easyprint \ dsfhost.exe
O4 - HKLM \ .. \ Run: [Szinkronizálási Manager]% SystemRoot% \ System32 \ mobsync.exe / logon
"O4 - HKLM \ .. \ Run: [Microsoft Zune Launcher]" C: \ Program Files \ Zune \ ZuneLauncher.exe "
O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ Program Files \ Common Files \ Nero \ Lib \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [NBKeyScan] "C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBKeyScan.exe"
"O4 - HKLM \ .. \ Run: [Adobe Acrobat Speed Launcher]" C: \ Program Files \ Adobe \ Acrobat 9.0 \ Acrobat \ Acrobat_sl.exe "
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [vptray] C: \ PROGRA ~ 1 \ SYMANT ~ 1 \ VPTray.exe
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [Layersecurity Servicemonitor] C: \ WINDOWS \ System32 \ LSSMON.EXE
O4 - HKLM \ .. \ Run: [Print-kezelő] C: \ WINDOWS \ System32 \ SPOOLER.EXE
O4 - HKCU \ .. \ Run: [swg] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKCU \ .. \ Run: [H / PC Connection Agent] "C: \ Program Files \ Microsoft ActiveSync \ wcescomm.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ System32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [IndxStoreSvr_ (79662E04-7C6C-4d9f-84C7-88D8A56B10AA)] "C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F -39A1E5104020
O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe
"O4 - HKCU \ .. \ Run: [AdobeUpdater] C: \ Program Files \ Common Files \ Adobe \ Updater \ AdobeUpdater.exe
Background O4 - HKLM \ .. \ Policies \ Explorer \ Run: [LocalSecurityAuthoritySubsystem] C: \ WINDOWS \ lsass.exe
O4 - Startup: Adobe Gamma.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe
O4 - Startup: OneNote 2007 Screen Clipper és Launcher.lnk = C: \ Program Files \ Microsoft Office \ Office12 \ ONENOTEM.EXE
O4 - Global Startup: Windows asztali Search.lnk = C: \ Program Files \ Windows Desktop Search \ WindowsSearch.exe
O8 - Extra context menu item: & AOL Toolbar Search - C: \ Program Files \ AOL \ AOL eszköztár 2,0 \ Resources \ en-US \ local \ search.html
O8 - Extra context menu item: Append Link cél a meglévő PDF - res: / / C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll / AcroIEAppendSelLinks.html
O8 - Extra context menu item: Append a meglévő PDF - res: / / C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll / AcroIEAppend.html
O8 - Extra context menu item: Convert link Cél, hogy az Adobe PDF - res: / / C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll / AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konvertálás Adobe PDF - res: / / C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEFavClient.dll / AcroIECapture.html
O8 - Extra context menu item: E & xportálás Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ mikrók ~ 4 \ Office12 \ EXCEL.EXE/3000
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O9 - Extra button: Send to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikrók ~ 4 \ Office12 \ ONBttnIE.dll
O9 - Extra 'Tools' menuitem: S & véget OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ mikrók ~ 4 \ Office12 \ ONBttnIE.dll
O9 - Extra button: Create Mobile Favorite - (2EAF5BB1-070F-11D3-9307-00C04FAE2D4F) - C: \ PROGRA ~ 1 \ mikrók ~ 3 \ INetRepl.dll
O9 - Extra button: (no name) - (2EAF5BB2-070F-11D3-9307-00C04FAE2D4F) - C: \ PROGRA ~ 1 \ mikrók ~ 3 \ INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite ... - (2EAF5BB2-070F-11D3-9307-00C04FAE2D4F) - C: \ PROGRA ~ 1 \ mikrók ~ 3 \ INetRepl.dll
O9 - Extra button: AOL Toolbar - (3369AF0D-62E9-4bda-8103-B4C75499B578) - C: \ Program Files \ AOL \ AOL Toolbar 2.0 \ aoltb.dll
O9 - Extra button: Kutatás - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MIC273 ~ 1 \ Office12 \ REFIEBAR.DLL
O9 - Extra button: AIM - (AC9E2541-2814-11d5-BC6D-00B0D0A1DE45) - C: \ Program Files \ AIM \ aim.exe
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.averatec.com
Ø16 - DPF: (0D6BB8B8-0257-420C-B9EB-CFA90DB1026C) -- http://svrnsec01.purchase.edu:88/setup.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl osztály) -- http://v5.windowsupdate.microsoft.co...?1096453339343
Ø18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ PROGRA ~ 1 \ MICROS ~ 4 \ Office12 \ GR99D3 ~ 1.DLL
O18 - Protocol: skype4com - (FFC8B962-9B40-4DFF-9458-1830C7DD7F5D) - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Skype \ SKYPE4 ~ 1.DLL
Ø20 - AppInit_DLLs: acaptuser32.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C: \ Program Files \ Common Files \ Adobe Systems Shared \ Service \ Adobelmsvc.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Automatikus LiveUpdate ütemező - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Bonjour Service - Apple Inc. - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: CSIScanner - Prevx - C: \ Program Files \ PrevxCSI \ prevxcsi.exe
O23 - Service: Symantec AntiVirus Definition Watcher (DefWatch) - Symantec Corporation - C: \ Program Files \ Symantec AntiVirus \ DefWatch.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Kiadó \ FNPLicensingService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: Nero BackItUp scheduler 3 - Nero AG - C: \ Program Files \ Nero \ Nero8 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Nero \ Lib \ NMIndexingService.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C: \ WINDOWS \ System32 \ IoctlSvc.exe
O23 - Service: Safe Access Agent (SafeAccessAgent) - StillSecure - C: \ Program Files \ StillSecure \ Safe Access Agent \ SAService.exe
O23 - Service: SAVRoam (SavRoam) - symantec - C: \ Program Files \ Symantec AntiVirus \ SavRoam.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Symantec AntiVirus - Symantec Corporation - C: \ Program Files \ Symantec AntiVirus \ Rtvscan.exe
O23 - Service: SymWMI Szolgálat (SymWSC) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe

--
End of file - 14719 bájt
  #8  
Old Szeptember 23, 2008, 10:25
Moderátor Csoport
  
Letöltés Malwarebytes' Anti-Malware (MBAM)
  • Double-click mbam-setup.exe és kövesse az instrukciókat, hogy telepítse a programot.
  • Végén, akkor egy pipa helyezik következő a következő:
    • Frissítés Malwarebytes' Anti-Malware
    • Launch Malwarebytes' Anti-Malware
  • Ezután kattintson a Befejezés.
  • Ha a frissítés nem találnak, akkor töltse le és telepítse a legújabb verziót.
  • Amint a program betölteni, válasszuk Végezze gyorsan scan, Majd kattintsunk Beolvasás.
  • Ha a vizsgálat befejezése után kattintson a OK, Majd Kiállítási eredmények megtekinthetjük az eredményt.
  • Győződjön meg róla, hogy minden be van jelölve, és kattintson Távolítsa el a válogatott.
  • Ha fertőtlenítés befejezését log megnyílik a Jegyzettömb, és lehet a számítógép újraindítására. (Lásd Extra megjegyzés)
  • A napló a készülék automatikusan menti a MBAM és megtekinthetők kattintva a naplók fülön MBAM.
  • Másolja be a teljes jelentés a következő választ.

Extra Megjegyzés: Ha MBAM találkozás egy fájlt, amit nehéz eltávolítani, akkor be kell mutatni, 1 / 2 kéri, kattintson az OK gombra, és hagyja, hogy vagy MBAM folytathatja a fertőtlenítési folyamat, ha felkérik, hogy indítsa újra a számítógépet, kérjük, azonnal.

----------


Most futtassuk egy új HijackThis szkennelni és elküldeni a napló együtt MBAM naplót.
__________________
Reply

Register
Téma eszközök



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Számítógép Juice.
Kapcsolat -- Adatvédelem -- Sitemap -- Felső

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd. SEO by vBSEO © 2009, Crawlability, Inc.