Malware Διαγραφή - Βοήθεια

**VNani** · #1 8 Απρίλη 2008, 06:55

Κάναμε όλα τα βήματα μέχρι Java. τηλεφορτωθούν αλλά είπε ότι "Αποτυχία να επαληθεύσει την αυθεντικότητα ...... την εγκατάσταση και τη λειτουργία αυτού του κώδικα δεν επιτρέπεται." Παρακαλώ συμβουλές.

**evilfantasy** · #2 8 Απρίλη 2008, 07:36

Πηγαίνετε στο Έναρξη> Πίνακας Ελέγχου και ανοικτό το Java πίνακα ελέγχου που βρέθηκαν εκεί. Χρησιμοποίησε την ενημέρωση και να δούμε εάν η επιλογή που λειτουργεί.

**VNani** · #3 8 Απρίλη 2008, 08:38

Απόσπασμα:

Αρχικά Αποστολέας evilfantasy

Πηγαίνετε στο Έναρξη> Πίνακας Ελέγχου και ανοικτό το Java πίνακα ελέγχου που βρέθηκαν εκεί. Χρησιμοποίησε την ενημέρωση και να δούμε εάν η επιλογή που λειτουργεί.

Δεν υπάρχει δυνατότητα Java ενημέρωση εκεί.

**evilfantasy** · #4 8 Απρίλη 2008, 08:39

Προσπαθήστε να πάρετε από εδώ www.java.com

Αν αυτό δεν πετύχει τότε απλά να μεταβείτε στο επόμενο βήμα και εμείς θα ασχοληθούμε με αυτό αργότερα.

**KanoakaVirus** · #5 8 Απρίλη 2008, 09:34

Θα πρέπει να υπάρχει ένα εικονίδιο Java Σίγουρα σας στην κατηγορία σκοπό να σας δούμε επάνω αριστερά και "switch to classic view" και στη συνέχεια θα πρέπει να δείτε ένα εικονίδιο Java.

**VNani** · #6 8 Απρίλη 2008, 09:38

Κάναμε όλα τα βήματα και είμαστε ακόμη έχοντας τα ίδια προβλήματα

Εδώ είναι οι κορμοί ...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/07/2008 στις 03:41 μμ

Αίτηση έκδοσης: 4.0.1154

Core Κανονισμού Database Έκδοση: 3432
Trace Κανονισμού Database Έκδοση: 1424

Scan type: Complete Scan
Σύνολο Scan Ώρα: 01:38:06

Μνήμη στοιχεία σαρωμένη: 626
Μνήμη απειλές που διαπιστώθηκαν: 4
Γραμματεία στοιχεία σαρωμένη: 6141
Γραμματεία απειλές που εντοπίστηκαν: 38
Φάκελος στοιχεία σαρωμένη: 101242
Φάκελος απειλές που διαπιστώθηκαν: 114

Adware.Vundo Παραλλαγή / Κάτοικος
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL

Adware.Vundo-Variant/Small-A
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
HKLM \ Software \ Classes \ CLSID \ (65701471-4c01-4415-a067-51bacdf39b8b)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (65701471-4c01-4415-a067-51bacdf39b8b)
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP26 \ A0001080.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001330.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001331.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001337.DLL
C: \ WINDOWS \ SYSTEM32 \ HXYIXXAO.DLL
C: \ WINDOWS \ SYSTEM32 \ NALJPONC.DLL

Trojan.Downloader-NewJuan/VM
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL

MyWay Αναζήτηση βοηθός Υπολογιστές
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
HKLM \ Software \ Classes \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKLM \ Software \ Classes \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Control
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus \ 1
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ ProgID
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ TypeLib
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Version
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ VersionIndependentProgID
HKLM \ Software \ Classes \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKU \. DEFAULT \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-21-1376253242-3474823476-3209291414-1006 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-18 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)

Adware.Vundo-Παραλλαγή
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (D0CC2EC3-123B-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866) \ InprocServer32
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866) \ InprocServer32 # ThreadingModel

Adware.Tracking Cookie
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ 2o7 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@a.websponsors [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ admarketplace [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.addynamix [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ @ Dustin διαφήμιση [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atdmt [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atwola [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ belnk [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bfast [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bizrate [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ burstnet [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@c1.zedo [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@dist.belnk [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin DoubleClick @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wfkykpdzigp.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wgmyoidjmfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkokicpmlo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkygpczmep.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliahajicp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliwkc5kcp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlockajgho.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlykldpgfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@edge.ru4 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-bestbuy.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-cbot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-dig.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-gamespot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-hasbro.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ford.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@hg1.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@icc.intellisrv [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ indextools [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ interclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@login.tracking101 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@media.fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ mediaplex [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@msnportal.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ nextag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Overture Dustin @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@perf.overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@pt.crossmediaservic es [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ questionmarket [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ realmedia [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ εσόδων [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ revsci [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ εξυπηρετούν-sys [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@sonycorporate.122.2 O7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin statcounter @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@statse.webtrendsliv ε [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tacoda [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ valueclick [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@www.burstbeacon [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@z1.adserver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin Zedo @ [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ 2o7 [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adknowledge [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ admarketplace [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adrevolver [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ads.addynamix [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adtech [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@adv.surinter [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ @ Ντίλαν διαφήμιση [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ apmebf [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ atdmt [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ burstnet [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ casalemedia [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan DoubleClick @ [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@edge.ru4 [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ fastclick [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ hitbox [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ interclick [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ mediaplex [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@pt.crossmediaservices [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ questionmarket [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ realmedia [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ εσόδων [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@server.cpmstar [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@statse.webtrendslive [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ trafficmp [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ valueclick [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan Zedo @ [2]. Txt

Malwarebytes' Anti-Malware 1,10
Database version: 598

Scan type: Full Scan (C: \ |)
Αντικείμενα σαρωμένη: 135868
Ο χρόνος που έχει παρέλθει: 59 λεπτό (ά), 20 δευτερόλεπτο (α)

Διεργασίες Μολυσμένες Μνήμη: 0
Memory Modules Μολυσμένα: 2
Κλειδιά μητρώου Μολυσμένα: 14
Μητρώο Αξιών Μολυσμένα: 2
Registry Data Items Μολυσμένα: 1
Φάκελοι Μολυσμένα: 0
Μολυσμένα αρχεία: 6

Διεργασίες Μολυσμένες Μνήμη:
(Δεν εντοπίστηκαν στοιχεία κακόβουλο)

Memory Modules Μολυσμένα:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> εκφορτούμενος ενότητα επιτυχώς.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> εκφορτούμενος ενότητα επιτυχώς.

Μολυσμένα κλειδιών μητρώου:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> Delete για επανεκκίνηση.
HKEY_CLASSES_ROOT \ CLSID \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> Delete για επανεκκίνηση.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aoprndtws (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ jkwslist (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ aldd (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ MS Juan (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ rdfa (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Juan (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.

Μολυσμένες τιμές μητρώου:
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (b7d3e479-cc68-42b5-a338-938ece35f419) (Adware.Softomate) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMf7889183 (Trojan.Agent) -> Delete για επανεκκίνηση.

Registry Data Items Μολυσμένα:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Authentication Πακέτα (Trojan.Vundo) -> Στοιχεία: C: \ Windows \ system32 \ vtukkllf -> καραντίνα και διαγράφηκε με επιτυχία.

Φάκελοι Μολυσμένα:
(Δεν εντοπίστηκαν στοιχεία κακόβουλο)

Μολυσμένα αρχεία:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> Delete για επανεκκίνηση.
C: \ WINDOWS \ SYSTEM32 \ sbqhtpcp.ini (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> Delete για επανεκκίνηση.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini2 (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ qwlinvmk.dll (Trojan.Agent) -> Delete για επανεκκίνηση.

Logfile του Trend Micro HijackThis v2.0.2
Scan είναι αποθηκευμένα σε 11:21:13 AM, στις 4/8/2008
Πλατφόρμα: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Διαδικασίες λειτουργίας:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Norton Internet Security \ ISSVC.exe
Γ: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Sony \ Shared plug-ins \ Media Manager \ MSSQL $ SONY_MEDIAMGR \ Binn \ sqlservr.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Yahoo! \ Αναζήτηση Προστασίας \ SearchProtection.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnf.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ System32 \ Spool \ Drivers \ w32x86 \ 3 \ hpztsb1 0.exe
C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
C: \ WINDOWS \ msn.com
C: \ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://mysearch.myway.com/jsp/frontiersidebar.jsp?p=CI
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://weather.wcco.com/cgi-bin/find...6251.001.99999
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Παράθυρο Τίτλος = Microsoft Internet Explorer που παρέχονται από En-Τηλ Communications, LLC
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
R3 - URLSearchHook: (δεν υπάρχει το όνομα) - (38E77F06-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download Εγγραφή και Plugin για τον Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (38E77F01-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: (31e8cbc1-30d8-bf99-0294-19db1acbcf74) - (47fcbca1-bd91-4920-99fb-8d031cbc8e13) - C: \ WINDOWS \ system32 \ xygpcrbt.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (6A35C34E-EE48-B809-425F-C6D64566FE2A) - C: \ WINDOWS \ system32 \ khfDwuvw.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (δεν αρχείου)
O2 - BHO: (δεν υπάρχει το όνομα) - (8E1BFC0E-8AD2-424D-AC8A-06038481516E) - C: \ WINDOWS \ system32 \ ljJDSihG.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: FrontierBA BHO - (A93A3CC1-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.0.1225.9868 \ s wg.dll
O2 - BHO: CNavExtBho Class - (BDF3E430-B101-42AD-A544-FADC6B084872) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
O3 - Toolbar: & Μεθοριακοί Browser Επίκουρος - (A93A3CC9-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O4 - HKLM \ .. \ Run: [YSearchProtection] "C: \ Program Files \ Yahoo! \ Αναζήτηση Προστασίας \ SearchProtection.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [Symantec NetDriver Monitor] C: \ PROGRA ~ 1 \ SYMNET ~ 1 \ SNDMon.exe / Καταναλωτών
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [Share-to-Web Namespace Daemon] C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Εγκαταστάσεις ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-εκκίνηση
O4 - HKLM \ .. \ Run: [IntelMeM] C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [HPDJ εργασιών Utility] C: \ WINDOWS \ System32 \ Spool \ Drivers \ w32x86 \ 3 \ hpztsb1 0.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [HP Component Manager] "C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe"
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [LogitechCommunicationsManager] "C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / απόκρυψη
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Windows Live Messenger] msn.com
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [BMf7889183] Rundll32.exe "C: \ WINDOWS \ system32 \ vmptfdge.dll", s
O4 - HKLM \ .. \ Run: [f4bba21f] rundll32.exe "C: \ WINDOWS \ system32 \ jmiaxofx.dll", β
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [CTSyncU.exe] "C: \ Program Files \ Creative \ Sync Manager Unicode \ CTSyncU.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
O9 - Extra κουμπί: (δεν υπάρχει το όνομα) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra κουμπί: Αυτό το Blog - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' MENUITEM: & Blog Αυτό το Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra κουμπί: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra κουμπί: (δεν υπάρχει το όνομα) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra κουμπί: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.en-tel.com
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Plugin Ελέγχου) -- http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1120134982093
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Ελέγχου) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ GAPlugProtocol-8876480.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: ljJDSihG - C: \ WINDOWS \ SYSTEM32 \ ljJDSihG.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: DSBrokerService - Άγνωστος ιδιοκτήτη - C: \ Program Files \ DellSupport \ brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Πίνακας Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LVCOMSer - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ SrvLnch \ SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sync \ Netsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking Υπηρεσία (SBService) - Symantec Corporation - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ SCRIPT ~ 1 \ SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: SymWMI Υπηρεσία (SymWSC) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe

--
Τέλος του αρχείου - 15124 bytes

**VNani** · #7 8 Απρίλη 2008, 09:45

Κάναμε όλες τις ενέργειες και θα εξακολουθεί να μην λειτουργεί.

Εδώ είναι οι κορμοί ...

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 04/07/2008 στις 03:41 μμ

Αίτηση έκδοσης: 4.0.1154

Core Κανονισμού Database Έκδοση: 3432
Trace Κανονισμού Database Έκδοση: 1424

Scan type: Complete Scan
Σύνολο Scan Ώρα: 01:38:06

Μνήμη στοιχεία σαρωμένη: 626
Μνήμη απειλές που διαπιστώθηκαν: 4
Γραμματεία στοιχεία σαρωμένη: 6141
Γραμματεία απειλές που εντοπίστηκαν: 38
Φάκελος στοιχεία σαρωμένη: 101242
Φάκελος απειλές που διαπιστώθηκαν: 114

Adware.Vundo Παραλλαγή / Κάτοικος
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL

Adware.Vundo-Variant/Small-A
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
HKLM \ Software \ Classes \ CLSID \ (65701471-4c01-4415-a067-51bacdf39b8b)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (65701471-4c01-4415-a067-51bacdf39b8b)
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP26 \ A0001080.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001330.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001331.DLL
C: \ System Volume Information \ _RESTORE (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001337.DLL
C: \ WINDOWS \ SYSTEM32 \ HXYIXXAO.DLL
C: \ WINDOWS \ SYSTEM32 \ NALJPONC.DLL

Trojan.Downloader-NewJuan/VM
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL

MyWay Αναζήτηση βοηθός Υπολογιστές
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
HKLM \ Software \ Classes \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKLM \ Software \ Classes \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Control
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus \ 1
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ ProgID
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ TypeLib
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Version
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ VersionIndependentProgID
HKLM \ Software \ Classes \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ Programmable
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKU \. DEFAULT \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-21-1376253242-3474823476-3209291414-1006 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-18 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)

Adware.Vundo-Παραλλαγή
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Exp lorer \ Browser Helper Objects \ (D0CC2EC3-123B-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866) \ InprocServer32
HKCR \ CLSID \ (D0CC2EC3-123B-4668-8346-A755825F6866) \ InprocServer32 # ThreadingModel

Adware.Tracking Cookie
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ 2o7 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@a.websponsors [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ admarketplace [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.addynamix [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ @ Dustin διαφήμιση [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atdmt [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atwola [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ belnk [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bfast [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bizrate [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ burstnet [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@c1.zedo [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@dist.belnk [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin DoubleClick @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wfkykpdzigp.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wgmyoidjmfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkokicpmlo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkygpczmep.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliahajicp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliwkc5kcp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlockajgho.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlykldpgfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@edge.ru4 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-bestbuy.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-cbot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-dig.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-gamespot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-hasbro.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ford.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@hg1.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@icc.intellisrv [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ indextools [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ interclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@login.tracking101 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@media.fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ mediaplex [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@msnportal.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ nextag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Overture Dustin @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@perf.overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@pt.crossmediaservic es [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ questionmarket [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ realmedia [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ εσόδων [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ revsci [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ εξυπηρετούν-sys [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@sonycorporate.122.2 O7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin statcounter @ [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@statse.webtrendsliv ε [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tacoda [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ valueclick [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@www.burstbeacon [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@z1.adserver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin Zedo @ [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ 2o7 [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adknowledge [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ admarketplace [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adrevolver [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ads.addynamix [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ adtech [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@adv.surinter [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ @ Ντίλαν διαφήμιση [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ apmebf [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ atdmt [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ burstnet [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ casalemedia [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan DoubleClick @ [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@edge.ru4 [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ fastclick [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ hitbox [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ interclick [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ mediaplex [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@pt.crossmediaservices [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ questionmarket [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ realmedia [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ εσόδων [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@server.cpmstar [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ dylan@statse.webtrendslive [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ trafficmp [1]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan @ valueclick [2]. Txt
C: \ Documents and Settings \ Ντίλαν \ Cookies \ Dylan Zedo @ [2]. Txt

Malwarebytes' Anti-Malware 1,10
Database version: 598

Scan type: Full Scan (C: \ |)
Αντικείμενα σαρωμένη: 135868
Ο χρόνος που έχει παρέλθει: 59 λεπτό (ά), 20 δευτερόλεπτο (α)

Διεργασίες Μολυσμένες Μνήμη: 0
Memory Modules Μολυσμένα: 2
Κλειδιά μητρώου Μολυσμένα: 14
Μητρώο Αξιών Μολυσμένα: 2
Registry Data Items Μολυσμένα: 1
Φάκελοι Μολυσμένα: 0
Μολυσμένα αρχεία: 6

Διεργασίες Μολυσμένες Μνήμη:
(Δεν εντοπίστηκαν στοιχεία κακόβουλο)

Memory Modules Μολυσμένα:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> εκφορτούμενος ενότητα επιτυχώς.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> εκφορτούμενος ενότητα επιτυχώς.

Μολυσμένα κλειδιών μητρώου:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> Delete για επανεκκίνηση.
HKEY_CLASSES_ROOT \ CLSID \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> Delete για επανεκκίνηση.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aoprndtws (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ jkwslist (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ aldd (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ MS Juan (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_CURRENT_USER \ Software \ Microsoft \ rdfa (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Juan (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.

Μολυσμένες τιμές μητρώου:
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (b7d3e479-cc68-42b5-a338-938ece35f419) (Adware.Softomate) -> καραντίνα και διαγράφηκε με επιτυχία.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMf7889183 (Trojan.Agent) -> Delete για επανεκκίνηση.

Registry Data Items Μολυσμένα:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Authentication Πακέτα (Trojan.Vundo) -> Στοιχεία: C: \ Windows \ system32 \ vtukkllf -> καραντίνα και διαγράφηκε με επιτυχία.

Φάκελοι Μολυσμένα:
(Δεν εντοπίστηκαν στοιχεία κακόβουλο)

Μολυσμένα αρχεία:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> Delete για επανεκκίνηση.
C: \ WINDOWS \ SYSTEM32 \ sbqhtpcp.ini (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> Delete για επανεκκίνηση.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini2 (Trojan.Vundo) -> καραντίνα και διαγράφηκε με επιτυχία.
C: \ WINDOWS \ SYSTEM32 \ qwlinvmk.dll (Trojan.Agent) -> Delete για επανεκκίνηση.

Logfile του Trend Micro HijackThis v2.0.2
Scan είναι αποθηκευμένα σε 11:21:13 AM, στις 4/8/2008
Πλατφόρμα: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Διαδικασίες λειτουργίας:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ WINDOWS \ Explorer.EXE
C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
C: \ Program Files \ Norton Internet Security \ ISSVC.exe
Γ: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Sony \ Shared plug-ins \ Media Manager \ MSSQL $ SONY_MEDIAMGR \ Binn \ sqlservr.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ system32 \ Svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Yahoo! \ Αναζήτηση Προστασίας \ SearchProtection.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ System32 \ Svchost.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnf.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ System32 \ Spool \ Drivers \ w32x86 \ 3 \ hpztsb1 0.exe
C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe
C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
C: \ WINDOWS \ msn.com
C: \ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://mysearch.myway.com/jsp/frontiersidebar.jsp?p=CI
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://weather.wcco.com/cgi-bin/find...6251.001.99999
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Παράθυρο Τίτλος = Microsoft Internet Explorer που παρέχονται από En-Τηλ Communications, LLC
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
R3 - URLSearchHook: (δεν υπάρχει το όνομα) - (38E77F06-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Download Εγγραφή και Plugin για τον Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (38E77F01-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: (31e8cbc1-30d8-bf99-0294-19db1acbcf74) - (47fcbca1-bd91-4920-99fb-8d031cbc8e13) - C: \ WINDOWS \ system32 \ xygpcrbt.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (6A35C34E-EE48-B809-425F-C6D64566FE2A) - C: \ WINDOWS \ system32 \ khfDwuvw.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: (δεν υπάρχει το όνομα) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (δεν αρχείου)
O2 - BHO: (δεν υπάρχει το όνομα) - (8E1BFC0E-8AD2-424D-AC8A-06038481516E) - C: \ WINDOWS \ system32 \ ljJDSihG.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: FrontierBA BHO - (A93A3CC1-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.0.1225.9868 \ s wg.dll
O2 - BHO: CNavExtBho Class - (BDF3E430-B101-42AD-A544-FADC6B084872) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Εγκαθιστά \ cpn1 \ yt.dll
O3 - Toolbar: & Μεθοριακοί Browser Επίκουρος - (A93A3CC9-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O4 - HKLM \ .. \ Run: [YSearchProtection] "C: \ Program Files \ Yahoo! \ Αναζήτηση Προστασίας \ SearchProtection.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [Symantec NetDriver Monitor] C: \ PROGRA ~ 1 \ SYMNET ~ 1 \ SNDMon.exe / Καταναλωτών
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [Share-to-Web Namespace Daemon] C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% systemroot% \ system32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe"-start
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ Εγκαταστάσεις ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-εκκίνηση
O4 - HKLM \ .. \ Run: [IntelMeM] C: \ Program Files \ Intel \ Modem Event Monitor \ IntelMEM.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [HPDJ εργασιών Utility] C: \ WINDOWS \ System32 \ Spool \ Drivers \ w32x86 \ 3 \ hpztsb1 0.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [HP Component Manager] "C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe"
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe"
O4 - HKLM \ .. \ Run: [LogitechCommunicationsManager] "C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / απόκρυψη
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Windows Live Messenger] msn.com
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [BMf7889183] Rundll32.exe "C: \ WINDOWS \ system32 \ vmptfdge.dll", s
O4 - HKLM \ .. \ Run: [f4bba21f] rundll32.exe "C: \ WINDOWS \ system32 \ jmiaxofx.dll", β
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [CTSyncU.exe] "C: \ Program Files \ Creative \ Sync Manager Unicode \ CTSyncU.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
O9 - Extra κουμπί: (δεν υπάρχει το όνομα) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra κουμπί: Αυτό το Blog - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' MENUITEM: & Blog Αυτό το Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra κουμπί: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra κουμπί: (δεν υπάρχει το όνομα) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra κουμπί: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.en-tel.com
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Plugin Ελέγχου) -- http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (5F8469B4-B055-49DD-83F7-62B522420ECC) (Facebook Photo Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl Class) -- http://update.microsoft.com/windowsu...?1120134982093
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Ελέγχου) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient Class) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ GAPlugProtocol-8876480.dll
O20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
O20 - Winlogon Notify: ljJDSihG - C: \ WINDOWS \ SYSTEM32 \ ljJDSihG.dll
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ ALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: DSBrokerService - Άγνωστος ιδιοκτήτη - C: \ Program Files \ DellSupport \ brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver Πίνακας Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ISSVC.exe
O23 - Service: LiveUpdate - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LVCOMSer - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech συν - C: \ Program Files \ Common Files \ LogiShrd \ SrvLnch \ SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sync \ Netsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking Υπηρεσία (SBService) - Symantec Corporation - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ SCRIPT ~ 1 \ SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: SymWMI Υπηρεσία (SymWSC) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe

--
Τέλος του αρχείου - 15124 bytes

**VNani** · #8 8 Απρίλη 2008, 09:48

Θα μου δημοσιεύτηκε κορμοί δύο φορές και ότι οι επιχειρήσεις τηρούν εξαφανίζονται. έτσι κάναμε όλα τα βήματα και υπολογιστή μας εξακολουθεί να είναι πρόβλημα.