mažiau kapitalo

Magazine
Go Back   Kompiuterių sultys > Kompiuterių programinė įranga > Virus, Spyware & Security
Reload this Page

Kenkėjiškų programų šalinimas - Žinynas

Registruotis Svetainės spy Narių sąrašas Donate Ieškoti Šiandien Žinutės Pažymėti forumus kaip skaitytus Forumo taisyklės


Register


Reply
Puslapis 1 iš 3 1 23
 
Temos įrankiai
  #1  
Old Balandis 8, 2008, 06:55
Narys
  
Mes padarėme viską iki Java veiksmus. parsisiųsti, tačiau ji teigė: "Nepavyko patvirtinti autentiškumo ...... įrengimo ir eksploatavimo šis kodas yra draudžiama." Please advise.
  #2  
Old Balandis 8, 2008, 07:36
Moderatorius Grupė
  
Grįžti į Pradėti> Valdymo skydas ir atidarykite Valdymo skydas Java rasti čia. Naudokite atnaujinimo galimybe ir pažiūrėkite, ar veikia.
__________________
  #3  
Old Balandis 8, 2008, 08:38
Narys
  
Citata:
Originally Posted by evilfantasy View Post
Grįžti į Pradėti> Valdymo skydas ir atidarykite Valdymo skydas Java rasti čia. Naudokite atnaujinimo galimybe ir pažiūrėkite, ar veikia.
Nėra Java Update galimybė ten.
  #4  
Old Balandis 8, 2008, 08:39
Moderatorius Grupė
  
Pasistenkite, kad pas jį iš čia www.java.com

Jei tai nepadeda, tada pereikite prie sekančio žingsnio ir mes spręsti vėliau.
__________________
  #5  
Old Balandis 8, 2008, 09:34
Donorų grupės
  
Turėtų būti Java aš bet savo kategorijoje peržiūrėti ieškoti savo viršutiniame kairiajame ir "Switch to classic view" ir jums tada turėtų rodyti Java.

Attached Thumbnails
Malware Removal - Help-category.jpg   Malware Removal - Help-java.jpg  
  #6  
Old Balandis 8, 2008, 09:38
Narys
  
Mes atlikome visus veiksmus, ir mes vis dar tos pačios problemos

Čia yra rąstų ...

SUPERAntiSpyware Scan Prisijungti
http://www.superantispyware.com

At 03:41 04/07/2008 Generated PM

Application Version: 4.0.1154

Core Taisyklės Database Versija: 3.432
Sekti Taisyklės duomenų bazė Versija: 1.424

Scan Type: Complete Scan
Iš viso nuskaitymo laikas: 01:38:06

Atminties elementai nuskaityta: 626
Atminties grėsmes, kiekis: 4
Registro objektų nuskaitomi: 6141
Registras grėsmių aptikta: 38
Failo elementai nuskaityta: 101.242
Failo grėsmių aptikta: 114

Adware.Vundo Variantas / Imbuvys
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL

Adware.Vundo-Variant/Small-A
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
HKLM \ Software \ Classes \ CLSID \ (65701471-4c01-4415-a067-51bacdf39b8b)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (65701471-4c01-4415-a067-51bacdf39b8b)
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP26 \ A0001080.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001330.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001331.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001337.DLL
C: \ WINDOWS \ SYSTEM32 \ HXYIXXAO.DLL
C: \ WINDOWS \ SYSTEM32 \ NALJPONC.DLL

Trojan.Downloader-NewJuan/VM
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL

MyWay Search Assistant Kompiuteriai
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
HKLM \ Software \ Classes \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKLM \ Software \ Classes \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Control
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus \ 1
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ ProgID
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ TypeLib
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Version
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ VersionIndependentProgID
HKLM \ Software \ Classes \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKU \. DEFAULT \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-21-1376253242-3474823476-3209291414-1006 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-18 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)

Adware.Vundo-Variantas
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (D0CC2EC3-123b-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866) \ InprocServer32
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866) \ InprocServer32 # ThreadingModel

Adware.Tracking Cookie
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ 2o7 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@a.websponsors [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ AdMarketplace [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.addynamix [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ reklamoje [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atdmt [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atwola [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ belnk [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bfast [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ BizRate [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ burstnet [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@c1.zedo [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@dist.belnk [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ DoubleClick "[1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wfkykpdzigp.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wgmyoidjmfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkokicpmlo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkygpczmep.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliahajicp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliwkc5kcp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlockajgho.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlykldpgfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@edge.ru4 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-bestbuy.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-cbot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-dig.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-gamespot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-hasbro.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ford.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@hg1.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@icc.intellisrv [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ indextools [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ interclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@login.tracking101 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@media.fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Mediaplex [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@msnportal.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ nextag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@perf.overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@pt.crossmediaservic ES [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ questionmarket [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ REALMEDIA [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ pajamas [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ revsci [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ serving-sys [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@sonycorporate.122.2 o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ StatCounter [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@statse.webtrendsliv E [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tacoda [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ ValueClick [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@www.burstbeacon [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@z1.adserver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Zedo [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ 2o7 [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adknowledge [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ AdMarketplace [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ads.addynamix [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adtech [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@adv.surinter [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ reklamos [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ apmebf [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ atdmt [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ burstnet [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ DoubleClick "[2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@edge.ru4 [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ fastclick [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ hitbox [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ interclick [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ Mediaplex [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@pt.crossmediaservices [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ questionmarket [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ REALMEDIA [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ pajamas [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@server.cpmstar [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@statse.webtrendslive [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ trafficmp [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ ValueClick [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ Zedo [2]. Txt



Malwarebytes 'Anti-Malware 1,10
Duomenų bazės versija: 598

Scan Type: Full Scan (C: \ |)
Objektai nuskaitomi: 135.868
Praėjęs laikas: 59 minučių (-ai), 20 second (s)

Atminties procesai Infected: 0
Atminties moduliai Infected: 2
Registro raktus Infected: 14
Vertybių registrą Infected: 2
Registro duomenų elementų Infected: 1
Katalogai Infected: 0
Failai Infected: 6

Atminties procesai Infected:
(Nr. kenksminga daiktų aptikti)

Atminties moduliai Infected:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> iškrauti modulis sėkmingai.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> iškrauti modulis sėkmingai.

Registro raktus Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> I ¹ trinti paleid.
HKEY_CLASSES_ROOT \ CLSID \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> I ¹ trinti paleid.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aoprndtws (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ jkwslist (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ aldd (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ MS Juan (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ rdfa (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Juan (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.

Vertybių registrą Infected:
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (b7d3e479-cc68-42b5-a338-938ece35f419) (Adware.Softomate) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMf7889183 (Trojan.Agent) -> I ¹ trinti paleid.

Registro duomenų elementų Infected:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Autentifikavimas programos (Trojan.Vundo) -> Data: c: \ windows \ system32 \ vtukkllf -> Karantinas ir sėkmingai ištrintas.

Katalogai Infected:
(Nr. kenksminga daiktų aptikti)

Failai Infected:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> I ¹ trinti paleid.
C: \ WINDOWS \ SYSTEM32 \ sbqhtpcp.ini (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> I ¹ trinti paleid.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini2 (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ qwlinvmk.dll (Trojan.Agent) -> I ¹ trinti paleid.



Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 11:21:13, dėl 4/8/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
C: \ Program Files \ Norton Internet Security \ ISSVC.exe
C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Sony \ Shared Plug-Ins \ Media Manager \ MSSQL $ SONY_MEDIAMGR \ Binn \ Sqlservr.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Yahoo! \ Paieškos apsauga \ SearchProtection.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnf.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb1 0.exe
C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
C: \ WINDOWS \ msn.com
C: \ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://mysearch.myway.com/jsp/frontiersidebar.jsp?p=CI
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://weather.wcco.com/cgi-bin/find...6251.001.99999
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = "Microsoft Internet Explorer pateiktas En-Tel Communications, LLC"
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
R3 - URLSearchHook: (no name) - (38E77F06-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Atsisiųsti ir įrašų Įskiepis Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ "RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (38E77F01-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: (31e8cbc1-30d8-bf99-0294-19db1acbcf74) - (47fcbca1-bd91-4920-99fb-8d031cbc8e13) - C: \ WINDOWS \ system32 \ xygpcrbt.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: (no name) - (6A35C34E-EE48-425F-B809-C6D64566FE2A) - C: \ WINDOWS \ system32 \ khfDwuvw.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: (no name) - (8E1BFC0E-8AD2-424D-AC8A-06038481516E) - C: \ WINDOWS \ system32 \ ljJDSihG.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: FrontierBA BHO - (A93A3CC1-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.0.1225.9868 \ s wg.dll
O2 - BHO: CNavExtBho Class - (BDF3E430-B101-42AD-A544-FADC6B084872) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ GoogleToolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
O3 - Toolbar: & Pasienio Naršyklės asistentas - (A93A3CC9-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O4 - HKLM \ .. \ Run: [YSearchProtection] "C: \ Program Files \ Yahoo! \ Paieškos apsauga \ SearchProtection.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [Symantec NetDriver Monitor] C: \ PROGRA ~ 1 \ SYMNET ~ 1 \ SNDMon.exe / vartotojų
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [Share-to-Web Namespace Daemon] C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% SystemRoot% \ System32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe" pradžios
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-startup
O4 - HKLM \ .. \ Run: [IntelMeM] C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb1 0.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [HP Component Manager] "C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe"
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [LogitechCommunicationsManager] "C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / slėpti
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Windows Live Messenger "] msn.com
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [BMf7889183] rundll32.exe "C: \ WINDOWS \ system32 \ vmptfdge.dll" S
O4 - HKLM \ .. \ Run: [f4bba21f] rundll32.exe "C: \ WINDOWS \ system32 \ jmiaxofx.dll", b
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [CTSyncU.exe] "C: \ Program Files \ Creative \ Sync Manager Unicode \ CTSyncU.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8.876.480 \ Program \ LogitechDesktopMessenger. Exe
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: dienoraštis - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' MENUITEM: & "Blog This" Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.en-tel.com
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Plugin Control) -- http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (5F8469B4-49DD-B055-83F7-62B522420ECC) (Facebook Nuotraukų Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klasė) -- http://update.microsoft.com/windowsu...?1120134982093
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Control) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klasė) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8.876.480 \ Program \ GAPlugProtocol-8876480.dll
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Notify: ljJDSihG - C: \ WINDOWS \ SYSTEM32 \ ljJDSihG.dll
O23 - Service: Automatinė LIVEUPDATE Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C: \ Program Files \ DellSupport \ brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ISSVC.exe
O23 - Service: LIVEUPDATE - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LVCOMSer - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ SrvLnch \ SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sinchronizacija \ NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking tarnybos (SBService) - Symantec Corporation - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ SCRIPT ~ 1 \ SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: SymWMI tarnybos (SymWSC) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe

--
End of file - 15.124 baitų
  #7  
Old Balandis 8, 2008, 09:45
Narys
  
Mes atlikome visus veiksmus ir jis vis dar neveikia.


Čia yra rąstų ...


SUPERAntiSpyware Scan Prisijungti
http://www.superantispyware.com

At 03:41 04/07/2008 Generated PM

Application Version: 4.0.1154

Core Taisyklės Database Versija: 3.432
Sekti Taisyklės duomenų bazė Versija: 1.424

Scan Type: Complete Scan
Iš viso nuskaitymo laikas: 01:38:06

Atminties elementai nuskaityta: 626
Atminties grėsmes, kiekis: 4
Registro objektų nuskaitomi: 6141
Registras grėsmių aptikta: 38
Failo elementai nuskaityta: 101.242
Failo grėsmių aptikta: 114

Adware.Vundo Variantas / Imbuvys
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL
C: \ WINDOWS \ SYSTEM32 \ IIFFGECT.DLL

Adware.Vundo-Variant/Small-A
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
C: \ WINDOWS \ SYSTEM32 \ BVJKLPEJ.DLL
HKLM \ Software \ Classes \ CLSID \ (65701471-4c01-4415-a067-51bacdf39b8b)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B)
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32
HKCR \ CLSID \ (65701471-4C01-4415-A067-51BACDF39B8B) \ InprocServer32 # ThreadingModel
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (65701471-4c01-4415-a067-51bacdf39b8b)
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP26 \ A0001080.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001330.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001331.DLL
C: \ System Volume Information \ _Restore (202550A8-7A33-4BCA-9586-051D24DDBF8F) \ RP28 \ A0001337.DLL
C: \ WINDOWS \ SYSTEM32 \ HXYIXXAO.DLL
C: \ WINDOWS \ SYSTEM32 \ NALJPONC.DLL

Trojan.Downloader-NewJuan/VM
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL
C: \ WINDOWS \ SYSTEM32 \ FUCLNHJD.DLL

MyWay Search Assistant Kompiuteriai
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
C: \ Program Files \ MYWAYSA \ SRCHASDE \ 1.BIN \ DESRCAS.DLL
HKLM \ Software \ Classes \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKLM \ Software \ Classes \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Control
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ MiscStatus \ 1
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ ProgID
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ TypeLib
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ Version
HKCR \ CLSID \ (4D25F924-B9FE-4682-BF72-8AB8210D6D75) \ VersionIndependentProgID
HKLM \ Software \ Classes \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ InprocServer32 # ThreadingModel
HKCR \ CLSID \ (4D25F926-B9FE-4682-BF72-8AB8210D6D75) \ Programuojama
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (4D25F921-B9FE-4682-BF72-8AB8210D6D75)
HKU \. DEFAULT \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-21-1376253242-3474823476-3209291414-1006 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)
HKU \ S-1-5-18 \ Software \ Microsoft \ Internet Explorer \ URLSearchHooks # (4D25F926-B9FE-4682-BF72-8AB8210D6D75)

Adware.Vundo-Variantas
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ exp lorer \ Browser Helper Objects \ (D0CC2EC3-123b-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866)
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866) \ InprocServer32
HKCR \ CLSID \ (D0CC2EC3-123b-4668-8346-A755825F6866) \ InprocServer32 # ThreadingModel

Adware.Tracking Cookie
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ 2o7 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@a.websponsors [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ad.yieldmanager [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ AdMarketplace [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.addynamix [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ reklamoje [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atdmt [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ atwola [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ belnk [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ bfast [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ BizRate [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ burstnet [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@c1.zedo [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@dist.belnk [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ DoubleClick "[1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wfkykpdzigp.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wgmyoidjmfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkokicpmlo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjkygpczmep.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliahajicp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjliwkc5kcp.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlockajgho.stats.esomniture [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@e-2dj6wjlykldpgfo.stats.esomniture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@edge.ru4 [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-bestbuy.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-cbot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-dig.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-gamespot.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-hasbro.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@ford.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@hg1.hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ hitbox [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@icc.intellisrv [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ indextools [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ interclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@login.tracking101 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@media.fastclick [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Mediaplex [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@msnportal.112.2o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ nextag [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@perf.overture [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@pt.crossmediaservic ES [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ questionmarket [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ REALMEDIA [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ pajamas [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ revsci [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ serving-sys [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@sonycorporate.122.2 o7 [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ StatCounter [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@statse.webtrendsliv E [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tacoda [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ ValueClick [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@www.burstbeacon [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ dustin@z1.adserver [1]. Txt
C: \ Documents and Settings \ Dustin \ Cookies \ Dustin @ Zedo [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ 2o7 [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ad.yieldmanager [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adknowledge [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ AdMarketplace [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adrevolver [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ads.addynamix [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ads.pointroll [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ adtech [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@adv.surinter [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ reklamos [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ apmebf [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@as-us.falkag [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ atdmt [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ burstnet [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ casalemedia [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ DoubleClick "[2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@edge.ru4 [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ehg-legonewyorkinc.hitbox [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@ehg-sonycomputer.hitbox [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ fastclick [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ hitbox [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ insightexpressai [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ interclick [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ Mediaplex [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@pt.crossmediaservices [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ questionmarket [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ REALMEDIA [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ pajamas [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@server.cpmstar [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@stats.gamestop [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ dylan@statse.webtrendslive [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ trafficmp [1]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ tribalfusion [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ ValueClick [2]. Txt
C: \ Documents and Settings \ Dylan \ Cookies \ Dylan @ Zedo [2]. Txt







Malwarebytes 'Anti-Malware 1,10
Duomenų bazės versija: 598

Scan Type: Full Scan (C: \ |)
Objektai nuskaitomi: 135.868
Praėjęs laikas: 59 minučių (-ai), 20 second (s)

Atminties procesai Infected: 0
Atminties moduliai Infected: 2
Registro raktus Infected: 14
Vertybių registrą Infected: 2
Registro duomenų elementų Infected: 1
Katalogai Infected: 0
Failai Infected: 6

Atminties procesai Infected:
(Nr. kenksminga daiktų aptikti)

Atminties moduliai Infected:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> iškrauti modulis sėkmingai.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> iškrauti modulis sėkmingai.

Registro raktus Infected:
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ Browser Helper Objects \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> I ¹ trinti paleid.
HKEY_CLASSES_ROOT \ CLSID \ (0d204632-0f04-4faa-965c-af04ba91e9aa) (Trojan.Vundo) -> I ¹ trinti paleid.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aoprndtws (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ jkwslist (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ aldd (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ MS Juan (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ affri (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ affltid (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_CURRENT_USER \ Software \ Microsoft \ rdfa (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affltid (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ affri (Malware.Trace) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Juan (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ FCOVM (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ RemoveRP (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.

Vertybių registrą Infected:
HKEY_CURRENT_USER \ Software \ Microsoft \ Internet Explorer \ Toolbar \ WebBrowser \ (b7d3e479-cc68-42b5-a338-938ece35f419) (Adware.Softomate) -> Karantinas ir sėkmingai ištrintas.
HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run \ BMf7889183 (Trojan.Agent) -> I ¹ trinti paleid.

Registro duomenų elementų Infected:
HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA \ Autentifikavimas programos (Trojan.Vundo) -> Data: c: \ windows \ system32 \ vtukkllf -> Karantinas ir sėkmingai ištrintas.

Katalogai Infected:
(Nr. kenksminga daiktų aptikti)

Failai Infected:
C: \ WINDOWS \ SYSTEM32 \ pcpthqbs.dll (Trojan.Vundo) -> I ¹ trinti paleid.
C: \ WINDOWS \ SYSTEM32 \ sbqhtpcp.ini (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ vtUkklLF.dll (Trojan.Vundo) -> I ¹ trinti paleid.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ FLlkkUtv.ini2 (Trojan.Vundo) -> Karantinas ir sėkmingai ištrintas.
C: \ WINDOWS \ SYSTEM32 \ qwlinvmk.dll (Trojan.Agent) -> I ¹ trinti paleid.








Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 11:21:13, dėl 4/8/2008
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Boot mode: Normal

Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
C: \ Program Files \ Norton Internet Security \ ISSVC.exe
C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Sony \ Shared Plug-Ins \ Media Manager \ MSSQL $ SONY_MEDIAMGR \ Binn \ Sqlservr.exe
C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe
C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
C: \ Program Files \ Yahoo! \ Paieškos apsauga \ SearchProtection.exe
C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe
C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe
C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnf.exe
C: \ WINDOWS \ system32 \ igfxpers.exe
C: \ WINDOWS \ system32 \ hkcmd.exe
C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb1 0.exe
C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe
C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe
C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe
C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
C: \ Program Files \ Logitech \ Desktop Messenger \ 8876480 \ Program \ LogitechDesktopMessenger. Exe
C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
C: \ WINDOWS \ msn.com
C: \ Program Files \ Common Files \ Logishrd \ LQCVFX \ COCIManager.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Program Files \ Messenger \ msmsgs.exe
C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://mysearch.myway.com/jsp/frontiersidebar.jsp?p=CI
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://weather.wcco.com/cgi-bin/find...6251.001.99999
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = "Microsoft Internet Explorer pateiktas En-Tel Communications, LLC"
R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
R3 - URLSearchHook: (no name) - (38E77F06-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7.0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: RealPlayer Atsisiųsti ir įrašų Įskiepis Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ "RealPlayer \ rpbrowserrecordplugin.dll
O2 - BHO: (no name) - (38E77F01-89FC-44f5-B3AB-11DDEB791947) - C: \ Program Files \ FrontierSH \ SrchHelp \ frSrcAs.dll
O2 - BHO: (31e8cbc1-30d8-bf99-0294-19db1acbcf74) - (47fcbca1-bd91-4920-99fb-8d031cbc8e13) - C: \ WINDOWS \ system32 \ xygpcrbt.dll
O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll
O2 - BHO: (no name) - (6A35C34E-EE48-425F-B809-C6D64566FE2A) - C: \ WINDOWS \ system32 \ khfDwuvw.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: (no name) - (8E1BFC0E-8AD2-424D-AC8A-06038481516E) - C: \ WINDOWS \ system32 \ ljJDSihG.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: CNisExtBho Class - (9ECB9560-04F9-4bbc-943D-298DDF1699E1) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O2 - BHO: FrontierBA BHO - (A93A3CC1-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8333-CF10577473F7) - C: \ Program Files \ Google \ GoogleToolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - (AF69DE43-7D58-4638-B6FA-CE66B5AD205D) - C: \ Program Files \ Google \ GoogleToolbarNotifier \ 3.0.1225.9868 \ s wg.dll
O2 - BHO: CNavExtBho Class - (BDF3E430-B101-42AD-A544-FADC6B084872) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: Norton Internet Security - (0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7) - C: \ Program Files \ Common Files \ Symantec Shared \ AdBlocking \ NISShExt.dll
O3 - Toolbar: Norton AntiVirus - (42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6) - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ NavShExt.dll
O3 - Toolbar: & Google - (2318C2B1-4965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ GoogleToolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ cpn1 \ yt.dll
O3 - Toolbar: & Pasienio Naršyklės asistentas - (A93A3CC9-BA23-4d0d-9440-6A0148362B7E) - C: \ Program Files \ FrontierBA \ BrowserAssistant \ fbabar.dll
O4 - HKLM \ .. \ Run: [YSearchProtection] "C: \ Program Files \ Yahoo! \ Paieškos apsauga \ SearchProtection.exe"
O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot
O4 - HKLM \ .. \ Run: [Symantec NetDriver Monitor] C: \ PROGRA ~ 1 \ SYMNET ~ 1 \ SNDMon.exe / vartotojų
O4 - HKLM \ .. \ Run: [SoundMAXPnP] C: \ Program Files \ Analog Devices \ Core \ smax4pnp.exe
O4 - HKLM \ .. \ Run: [Share-to-Web Namespace Daemon] C: \ Program Files \ Hewlett-Packard \ HP Share-to-Web \ hpgs2wnd.exe
O4 - HKLM \ .. \ Run: [KernelFaultCheck]% SystemRoot% \ System32 \ dumprep 0-k
O4 - HKLM \ .. \ Run: [ISUSScheduler] "C: \ Program Files \ Common Files \ InstallShield \ UpdateService \ issch.exe" pradžios
O4 - HKLM \ .. \ Run: [ISUSPM Startup] C: \ PROGRA ~ 1 \ COMMON ~ 1 \ INSTAL ~ 1 \ UPDATE ~ 1 \ ISUSPM.exe-startup
O4 - HKLM \ .. \ Run: [IntelMeM] C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe
O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe
O4 - HKLM \ .. \ Run: [igfxpers] C: \ WINDOWS \ system32 \ igfxpers.exe
O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe
O4 - HKLM \ .. \ Run: [HPDJ Taskbar Utility] C: \ WINDOWS \ system32 \ spool \ drivers \ W32x86 \ 3 \ hpztsb1 0.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ Hewlett-Packard \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [HP Component Manager] "C: \ Program Files \ HP \ hpcoretech \ hpcmpmgr.exe"
O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe
O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccapp.exe"
O4 - HKLM \ .. \ Run: [LogitechCommunicationsManager] "C: \ Program Files \ Common Files \ LogiShrd \ LComMgr \ Communications_Helper.exe"
O4 - HKLM \ .. \ Run: [LogitechQuickCamRibbon] "C: \ Program Files \ Logitech \ QuickCam \ Quickcam.exe" / slėpti
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKLM \ .. \ Run: [Windows Live Messenger "] msn.com
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe
O4 - HKLM \ .. \ Run: [BMf7889183] rundll32.exe "C: \ WINDOWS \ system32 \ vmptfdge.dll" S
O4 - HKLM \ .. \ Run: [f4bba21f] rundll32.exe "C: \ WINDOWS \ system32 \ jmiaxofx.dll", b
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7.0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_0_8
O4 - HKCU \ .. \ Run: [SWG] C: \ Program Files \ Google \ GoogleToolbarNotifier \ GoogleToolbarNo tifier.exe
O4 - HKCU \ .. \ Run: [CTSyncU.exe] "C: \ Program Files \ Creative \ Sync Manager Unicode \ CTSyncU.exe"
O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe
O4 - Startup: Stardock ObjectDock.lnk = C: \ Program Files \ Stardock \ ObjectDock \ ObjectDock.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C: \ Program Files \ Logitech \ Desktop Messenger \ 8.876.480 \ Program \ LogitechDesktopMessenger. Exe
O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll
O9 - Extra button: dienoraštis - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra 'Tools' MENUITEM: & "Blog This" Windows Live Writer - (219C3416-8CB2-491a-A3C7-D9FCDDC9D600) - C: \ Program Files \ Windows Live \ Writer \ WriterBrowserExtension.dll
O9 - Extra button: Real.com - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - C: \ WINDOWS \ system32 \ Shdocvw.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL = http://www.en-tel.com
O16 - DPF: (02BF25D5-8C17-4B23-BC80-D3488ABDDC6B) (QuickTime Plugin Control) -- http://appldnld.apple.com.edgesuite....x/qtplugin.cab
O16 - DPF: (406B5949-7190-4245-91A9-30A17DE16AD0) (Snapfish Activia) -- http://photos.walmart.com/WalmartActivia.cab
O16 - DPF: (5F8469B4-49DD-B055-83F7-62B522420ECC) (Facebook Nuotraukų Uploader Control) -- http://upload.facebook.com/controls/...toUploader.cab
O16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klasė) -- http://update.microsoft.com/windowsu...?1120134982093
O16 - DPF: (AB86CE53-AC9F-449F-9399-D8ABCA09EC09) (Get_ActiveX Control) -- https: / / h17000.www1.hp.com/ewfrf-JAV...oadManager.ocx
O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab
O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klasė) -- http://messenger.zone.msn.com/binary...t.cab56907.cab
O16 - DPF: (F5A7706B-B9C0-4C89-A715-7A0C6B05DD48) (Minesweeper Flags Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab
O18 - Protocol: bwfile-8876480 - (9462A756-7B47-47BC-8C80-C34B9B80B32B) - C: \ Program Files \ Logitech \ Desktop Messenger \ 8.876.480 \ Program \ GAPlugProtocol-8876480.dll
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll
Ø20 - Winlogon Notify: ljJDSihG - C: \ WINDOWS \ SYSTEM32 \ ljJDSihG.dll
O23 - Service: Automatinė LIVEUPDATE Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LIVEUPDATE \ aluschedulersvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccproxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccsetmgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE
O23 - Service: DSBrokerService - Unknown owner - C: \ Program Files \ DellSupport \ brkrsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe
O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ ISSVC.exe
O23 - Service: LIVEUPDATE - Symantec Corporation - C: \ PROGRA ~ 1 \ Symantec \ LIVEUP ~ 1 \ LUCOMS ~ 1.EXE
O23 - Service: LVCOMSer - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVCOMSER \ LVComSer.exe
O23 - Service: Process Monitor (LVPrcSrv) - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ LVMVFM \ LVPrcSrv.exe
O23 - Service: LVSrvLauncher - Logitech Inc - C: \ Program Files \ Common Files \ LogiShrd \ SrvLnch \ SrvLnch.exe
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ navapsvc.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel (R) Corporation - C: \ Program Files \ Intel \ PROSetWired \ NCS \ Sinchronizacija \ NetSvc.exe
O23 - Service: SAVScan - Symantec Corporation - C: \ Program Files \ Norton Internet Security \ Norton AntiVirus \ SAVScan.exe
O23 - Service: ScriptBlocking tarnybos (SBService) - Symantec Corporation - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ SYMANT ~ 1 \ SCRIPT ~ 1 \ SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ sndsrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ SPBBC \ spbbcsvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ CCPD-LC \ symlcsvc.exe
O23 - Service: SymWMI tarnybos (SymWSC) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ Security Center \ SymWSC.exe

--
End of file - 15.124 baitų
  #8  
Old Balandis 8, 2008, 09:48
Narys
  
Zamieściłem mano Įrašai kartus ir jie nuolat nyksta. taip mes visi veiksmai ir mūsų kompiuteryje vis dar kyla problemų.
  #9  
Old Balandis 8, 2008, 09:55
Donorų grupės
  
Ar po mano mažas gidas apie tai, kaip su Java?
  #10  
Old Balandis 8, 2008, 10:07
Narys
  
Citata:
Originally Posted by kanoakavirus View Post
Ar po mano mažas gidas apie tai, kaip su Java?
Mes turime jį iš darbo "Java" svetainėje.
Reply
Puslapis 1 iš 3 1 23

Register
Temos įrankiai



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Kompiuterių Sultys.
Kontaktas -- Privatumo -- Svetainės -- Viršus

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO by © 2009 vBSEO, zaindeksowania, Inc