|
|
#1
Novembris 30, 2008, 09:59
| |||
| |||
 Please help Trojan.SystemDriver atrasts Sveiki, Man ir dators, kas ir jauns, esmu failus un programmu ietekmes un tad šo mēnesi, tas tiek atskaņots augšu. Kad es eju, lai uzsāktu dators dažreiz tas darbojas, bet 80% tas neko agrāk Welcome Page 10% no laika tas taču arī tad tikai uz ekrāna iet melns, katru reizi ir gors melnu vai neiešu pagātnes welcome lapā. Man pārstartēt datoru. Dažreiz man atvērt tā izveidota safemode tad restart un tad tā darbojas. Un tad, kad es dodos uz slēgtām to uz leju, tas aptur uz slēgtas lapu un nepārvietojas, es pa kreisi par vienu nakti, lai redzētu, vai tas būtu, un no rīta tas vēl saprotams logi slēgtu. I ilga Super anti spyware un tā uzskatīja, ka šis: Trojan. System Driver, C: \ 32788R22FWJFW \ CREG.DAT Kas ir iekļauti karantīnā ievietotos vienumus failu, man vajadzētu izdzēst? Tā arī fould 52 Tracking Cookies, kas arī ir iekļauti karantīnā failu. I did HijackThis scan un tas ir tas, kas to teica: Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 12:04:20, uz 15/11/2008 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Safe mode Running procesiem: C: \ Windows \ Explorer.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = https: / / login.yahoo.com / config / mail?. intl = uk &. src = ym R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://ie.redirect.hp.com/svs/rdr?TY...ion&pf=desktop R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page = R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = O1 - Hosts::: 1 localhost O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll O2 - BHO: NCO 2,0 IE BHO - (602ADB0E-4AFF-4217-8AA1-95DAC4DFA408) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2,6 \ coIEPlg.dll O2 - BHO: Symantec Ielaušanās novēršanas - (6D53EC84-6AAE-4.787-AEEE-F4628F01010C) - C: \ PROGRA ~ 1 \ Common ~ 1 \ SYMANT ~ 1 \ IDS \ IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - (72.853.161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar2.dll O3 - Toolbar: Rādīt Norton Toolbar - (7FEBEFE3-6B19-4.349-98D2-FFB09D4B49CA) - C: \ Program Files \ Common Files \ Symantec Shared \ coShared \ Browser \ 2,6 \ CoIEPlg.dll O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar2.dll O4 - HKLM \ .. \ Run: [Windows Defender]% programfiles% \ Windows Defender \ MSASCui.exe-hide O4 - HKLM \ .. \ Run: [hpsysdrv] c: \ HP \ Support \ hpsysdrv.exe O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KbdStub.EXE O4 - HKLM \ .. \ Run: [ATICCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ CLIStart.exe" O4 - HKLM \ .. \ Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM \ .. \ Run: [ccApp] "C: \ Program Files \ Common Files \ Symantec Shared \ ccApp.exe" O4 - HKLM \ .. \ Run: [osCheck] "C: \ Program Files \ Norton 360 \ osCheck.exe" O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [GrooveMonitor] "C: \ Program Files \ Microsoft Office \ Office12 \ GrooveMonitor.exe" O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaanotif.exe" O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe O4 - HKLM \ .. \ Run: [RoxWatchTray] "C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxWatchTray9.exe" O4 - HKLM \ .. \ Run: [DMXLauncher] "C: \ Program Files \ Roxio \ Media Experience \ DMXLauncher.exe" O4 - HKLM \ .. \ Run: [RoxioDragToDisc] "C: \ Program Files \ Roxio \ Drag-to-Disc \ DrgToDsc.exe" O4 - HKLM \ .. \ RunOnce: [Launcher]% WINDIR% \ SMINST \ launcher.exe O4 - HKCU \ .. \ Run: [ķeburs] C: \ Program Files \ ķeburs \ Scribble.exe-kluss O4 - HKCU \ .. \ Run: [OM2_Monitor] "C: \ Program Files \ OLYMPUS \ OLYMPUS Master 2 \ MMonitor.exe" O4 - HKUS \ S-1-5-19 \ .. \ Run: [Sidebar]% programfiles% \ Windows sānjoslas \ Sidebar.exe / detectMem (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-19 \ .. \ Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll, ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Sidebar]% programfiles% \ Windows sānjoslas \ Sidebar.exe / detectMem (User 'NETWORK SERVICE') O4 - Startup: Scheduler.lnk =? O4 - Startup: TracksCleaner.lnk = C: \ Program Files \ GhostSurf Platinum \ TracksCleaner.exe O4 - Global Startup: GhostSurf proxy.lnk = C: \ Program Files \ GhostSurf Platinum \ Proxy.exe O4 - Global Startup: SpyCatcher.lnk = C: \ Program Files \ GhostSurf Platinum \ SpyCatcher.exe Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000 Ø9 - Extra button: Nosūtīt OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ ONBttnIE.dll Ø9 - Extra 'Tools' MENUITEM: S & galu OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ ONBttnIE.dll Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL O13 - Gopher Prefix: Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- https: / / fpdownload.macromedia.com / ge...nt / swflash.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4.636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll Ø20 - AppInit_DLLs: secuload.dll O23 - Service: Intel (R) Alert Service (AlertService) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ CCU \ AlertService.exe O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Ati External Event Utility - ATI Technologies Inc - C: \ Windows \ system32 \ Ati2evxx.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Symantec Lic NetConnect dienests (CLTNetCnService) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ VAScanner \ comHost.exe O23 - Service: DQLWinService - Unknown īpašnieks - C: \ Program Files \ Common Files \ Intel \ IntelDH \ NLS \ AdpPlugins \ DQLWinService.e XE O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: Intel (R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C: \ Program Files \ Intel \ Intel Matrix Storage Manager \ Iaantmon.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.050 \ Intel 32 \ IDriverT.exe O23 - Service: Intel DH Service (IntelDHSvcConf) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Tools \ IntelDHSvcConf.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Intel (R) Software Services Manager (ISSM) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ ISSM.exe O23 - Service: LightScribeService Direct Disc Marķēšanas dienests (LightScribeService) - Hewlett-Packard Company - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: LiveUpdate - Symantec Corporation - C: \ Program Files \ Symantec \ LiveUpdate \ LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - C: \ Program Files \ Common Files \ Symantec Shared \ ccSvcHst.exe O23 - Service: Intel (R) Viiv (TM) Media Server (M1 Server) - Unknown īpašnieks - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ Media Server \ bin \ mediaserver.exe O23 - Service: Intel (R) Piemērošana Tracker (MCLServiceATL) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ čaulas \ MCLServiceATL.exe O23 - Service: Protector - Tenebril Inc - C: \ Program Files \ GhostSurf Platinum \ ProtectorSvc.exe O23 - Service: Intel (R) Remoting Service (Remote UI Service) - Intel (R) Corporation - C: \ Program Files \ Intel \ IntelDH \ Intel Media Server \ čaulas \ Remote UI Service.exe O23 - Service: Roxio UPnP attēlotājs 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUPnPRenderer9.exe O23 - Service: Roxio UPnP Server 9 - Sonic Solutions - C: \ Program Files \ Roxio \ Digital Home 9 \ RoxioUpnpService9.exe O23 - Service: LiveShare P2P Server 9 (RoxLiveShare9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxLiveShare9.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxMediaDB9.exe O23 - Service: Roxio Hard Drive Watcher 9 (RoxWatch9) - Sonic Solutions - C: \ Program Files \ Common Files \ Roxio Shared \ 9,0 \ SharedCOM \ RoxWatch9.exe O23 - Service: stllssvr - MicroVision Development, Inc - C: \ Program Files \ Common Files \ SureThing Shared \ stllssvr.exe O23 - Service: Symantec Core LC - Unknown īpašnieks - C: \ PROGRA ~ 1 \ Common ~ 1 \ SYMANT ~ 1 \ CCPD-LC \ symlcsvc.exe -- End of failu - 9.503 bytes |
|
#2
Novembris 30, 2008, 13:03
| |||
| |||
| Please help Trojan.SystemDriver atrasts Welcome to CJ. Lejupielādēt Malwarebytes "Anti-Malware (MBAM)
Extra Piezīme: Ja MBAM sastopas failu, kas ir grūta, Jums tiks parādīts 1 of 2 uzvednes, noklikšķiniet uz Labi, lai nu un ļaujiet MBAM rīkoties ar dezinfekcijas procesu, ja prasīts restartēt datoru, lūdzu, dariet to nekavējoties. ---------- Lejupielādēt izlases veidā ir sistēmas informācijas rīks (RSIT) izlases / izlases no un saglabājiet to savā datorā.
__________________  |
|
#3
Decembris 2, 2008, 04:58
| |||
| |||
| Please help Trojan.SystemDriver atrasts Hi, piedodiet sajaukt jums apkārt, es šo divu vietā kā mēģināja saņemt palīdzību. Otra atbilde, labi, lai dont vēlaties mess jums abiem apkārt. Thank you anyway par savu piedāvājumu, lai palīdzētu. |
|
#4
Decembris 2, 2008, 11:59
| |||
| |||
| Please help Trojan.SystemDriver atrasts Paldies mums.
__________________ |
