|
| |||||||
| Registruotis | Svetainės spy | Narių sąrašas | Donate | Ieškoti | Šiandien Žinutės | Pažymėti forumus kaip skaitytus | Forumo taisyklės |
 |
 |
| | Temos įrankiai |
|
#1
Sausis 21, 2008, 20:16
| |||
| |||
| Adware rimta problema Turiu rimtą problemą. Ive got some of adware natūra mano kompiuteryje. Kai Im surfing, ar tiesiog savo naršyklėje atidaryti popup langas kas 2-3 minutes. Ive bandė naudoti AVG Anti-Virus "," AVG Anti-spyware, CounterSpy ir Bazooka Skeneris. Jie visi rasti tonų dalykų, aš atsikratė juos visus, aš nuskaityti iš naujo, viskas dingo. Išskyrus gana mažai TrackingCookies, tačiau tai neturėtų prisidėti prie Adware problema. Tai suppost būti geriausias programas. Any suggestions, ką man reikia naudoti, arba, ką turėčiau daryti? |
|
#2
Sausis 21, 2008, 20:34
| |||
| |||
| Adware rimta problema Leidžia atidžiau pažvelgti. Atsisiųskite ir pervardinti HijackThis (HJT)
__________________  |
|
#3
Sausis 21, 2008, 20:50
| |||
| |||
| Adware rimta problema Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 10:50:07, on 1/21/2008 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16574) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ SOUNDMAN.EXE C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ SlySoft \ CloneCD \ CloneCDTray.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ Grisoft \ AVG Anti-spyware 7,5 \ avgas.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ DAEMON Tools \ daemon.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ Program Files \ TRENDnet \ Trendnet TEW-421PC_TEW-423PI \ WlanCU.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Grisoft \ AVG Anti-spyware 7,5 \ guard.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Trend Micro \ HijackThis \ sniper.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.yahoo.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://us.rd.yahoo.com/customize/ie/...ch/search.html R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://us.rd.yahoo.com/customize/ie/.../www.yahoo.com R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.yahoo.com/ R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R3 - URLSearchHook: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Įrenginiai \ NKP \ yt.dll O2 - BHO: & Yahoo! Toolbar Helper - (02478D38-C3F9-4efb-9B51-7695ECA05670) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Įrenginiai \ NKP \ yt.dll O2 - BHO: Yahoo! IE Services Button - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll (file missing) O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ PROGRA ~ 1 \ Yahoo! \ Companion \ Įrenginiai \ NKP \ yt.dll O4 - HKLM \ .. \ Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM \ .. \ Run: [ATICCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe" runtime-Delay O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [CloneCDTray] "C: \ Program Files \ SlySoft \ CloneCD \ CloneCDTray.exe" / s O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / autostart O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / mažinimą O4 - HKLM \ .. \ Run: [LXCFCATS] rundll32 C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ LXCFtim e.dll, _RunDLLEntry @ 16 O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [DAEMON Tools] "C: \ Program Files \ DAEMON Tools \ daemon.exe"-lang 1.033 O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe"-tyliai O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: Wireless Configuration Utility HW.15.lnk = C: \ Program Files \ TRENDnet \ Trendnet TEW-421PC_TEW-423PI \ WlanCU.exe O9 - Extra button: Yahoo! Paslaugos - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O9 - Extra button: ShopperReports - palyginkite kainas - (C5428486-50A0-4a02-9D20-520B59A9F9B2) - C: \ Program Files \ ShoppingReport \ bin \ 2.0.26 \ ShoppingReport.dll (file missing) O9 - Extra button: ShopperReports - Palyginti kelionių tarifus - (C5428486-50A0-4a02-9D20-520B59A9F9B3) - C: \ Program Files \ ShoppingReport \ bin \ 2.0.26 \ ShoppingReport.dll (file missing) O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (05D44720-58E3-49E6-BDF6-D00330E511D3) (StagingUI Object) -- http://zone.msn.com/binFrameWork/v10...I.cab55579.cab O16 - DPF: (30528230-99f7-4bb4-88d8-fa1d4f56a2ab) (Installation Support) - C: \ Program Files \ Yahoo! \ Common \ Yinsthelper.dll O16 - DPF: (39B0684F-D7BF-4743-B050-FDC3F48F7E3B) -- http://www.fileplanet.com/fpdlmgr/ca..._2.3.6.108.cab O16 - DPF: (3BB54395-5982-4788-8AF4-B5388FFDD0D8) (MSN Games - draugų Pakviesti) -- http://zone.msn.com/BinFrameWork/v10...y.cab55579.cab O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1005.cab O16 - DPF: (5736C456-EA94-4AAC-BB08-917ABDD035B3) (ZonePAChat Object) -- http://zone.msn.com/binframework/v10...t.cab55579.cab O16 - DPF: (67A5F8DC-1A4B-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.systemrequirementslab.com/sysreqlab2.cab O16 - DPF: (9BDF4724-10AA-43D5-BD15-AEA0D2287303) (MSN Games - Texas Holdem Poker) -- http://zone.msn.com/bingame/zpagames...e.cab60231.cab O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://cdn2.zone.msn.com/binFramewor...o.cab56649.cab O16 - DPF: (DA2AA6CF-5C7A-4B71-BC3B-C771BB369937) (MSN Games - Žaidimas Communicator) -- http://zone.msn.com/binframework/v10...y.cab55579.cab Ø20 - Winlogon Notify:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: AVG E-mail Scanner (AVGEMS) - Grisoft, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 1.150 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: lxcf_device - - C: \ WINDOWS \ system32 \ lxcfcoms.exe -- End of file - 7.993 baitų |
|
#4
Sausis 21, 2008, 20:59
| |||
| |||
| Adware rimta problema Kad neliko daug, mes turime ką nors išsamiau nuskaito. Keletas tuščių įrašų nustatyti su HJT nekilnojamojo greitai. Atidaryti HijackThis ir pasirinkite Ar sistema nuskaito tik. Vieta varnelė prie šių įrašų: O9 - Extra button: ShopperReports - palyginkite kainas - (C5428486-50A0-4a02-9D20-520B59A9F9B2) - C: \ Program Files \ ShoppingReport \ bin \ 2.0.26 \ ShoppingReport.dll (file missing) O9 - Extra button: ShopperReports - Palyginti kelionių tarifus - (C5428486-50A0-4a02-9D20-520B59A9F9B3) - C: \ Program Files \ ShoppingReport \ bin \ 2.0.26 \ ShoppingReport.dll (file missing) Uždaryti visus išskyrus HijackThis ir spustelėkite Windows Fix patikrinta. Išeitis HijackThis. --------- Atsisiųsti CCleaner
Atsisiųsti SUPERAntispyware Free Edition (SAS)
Sekantis prašome pridėti SuperantiSpyware Prisijungti
__________________ |
|
#5
Sausis 21, 2008, 22:20
| |||
| |||
| Adware rimta problema Gerai, aš pagaliau gavo tai padaryti, bet .... langų vis dar čia, anyways Heres Prisijungti: SUPERAntiSpyware Scan Prisijungti http://www.superantispyware.com At 00:10 01/22/2008 Generated AM Application Version: 3.9.1008 Core Taisyklės Database Versija: 3.385 Sekti Taisyklės duomenų bazė Versija: 1.379 Scan Type: Complete Scan Iš viso nuskaitymo laikas: 00:48:33 Atminties elementai nuskaityta: 556 Atminties grėsmių detected: 0 Registro objektų nuskaitomi: 4213 Registras grėsmių detected: 0 Failo elementai nuskaityta: 39.567 Failo grėsmių nustatyta: 8 Adware.Tracking Cookie C: \ Documents and Settings \ Robertas \ Cookies \ richard@login.revenueloop [2]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ richard@publishers.clickb ooth [2]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ Richard @ DoubleClick "[1]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ richard@ads.pointroll [1]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ Richard @ Bluestreak [1]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ Richard @ tribalfusion [2]. Txt C: \ Documents and Settings \ Robertas \ Cookies \ Richard @ atdmt [2]. Txt RootKit.TnCore / Trace C: \ WINDOWS \ system32 \ drivers \ core.cache.dsk |
|
#6
Sausis 21, 2008, 22:23
| |||
| |||
| Adware rimta problema Šis skenavimas bus maždaug 5 iki 10 minučių. Atsisiųskite Combofix iki einantys iš vienos iš žemiau nuorodų. (Pabandykite visi trys, jei reikia)SVARBU - Combofix.exe TURI bus išsaugotas jūsų Desktop.
Scan bus laikinai išjungti savo darbalaukyje. Jeigu nutraukiamas, jis gali palikti kompiuterį užšaldyti. Jei taip atsitinka, prašom perkrauti atkurti darbastalio. Sekantis Combofix Prisijungti
__________________ |
|
#7
Sausis 21, 2008, 22:48
| |||
| |||
| Adware rimta problema Gerai padarė. Ive, bet dar gavo langų :-( Heres Prisijungti: ComboFix 08-01-21.3 - Richard 2008-01-22 0:30:28.1 - NTFSx86 Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.628 [GMT -5:00] Veikia nuo: C: \ Documents and Settings \ Robertas \ Desktop \ ComboFix.exe * Sukurtas naujas atkūrimo taškas ĮSPĖJIMAS-ši mašina neturi atkūrimo konsolę Installed!! . ((((((((((((((((((((((((((((((((((((((( Kiti deletions ))))))))) )))))))))))))))))))))))))))))))))))))))) . C: \ Temp \ tn3 C: \ WINDOWS \ system32 \ drivers \ core.cache.dsk. . . . Nepavyko ištrinti . ((((((((((((((((((((((((( Failus, sukurtus nuo 2007/12/22 iki 2008/01/22 ))))))))))) )))))))))))))))))))) . 2008-01-22 00:36. 2008-01-22 00:36 167.545 --------- C: \ WINDOWS \ system32 \ drivers \ core.cache.dsk 2008-01-22 00:34. 2008-01-22 00:34 <DIR> d -------- C: \ Temp \ tn3 2008-01-22 00:29. 2000-08-31 08:00 51.200 - ------ C: \ WINDOWS \ Nircmd.exe 2008-01-21 23:10. 2008-01-21 23:10 <DIR> d -------- C: \ Program Files \ CCleaner 2008-01-21 22:47. 2008-01-21 22:47 <DIR> d -------- C: \ Program Files \ Trend Micro 2008-01-21 22:21. 2008-01-22 00:16 <DIR> d -------- C: \ Program Files \ SUPERAntiSpyware 2008-01-21 02:10. 2008-01-21 02:10 <DIR> d -------- C: \ Program Files \ Lavasoft 2008-01-21 02:09. 2008-01-21 22:20 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008-01-20 22:04. 2008-01-20 22:04 <DIR> d -------- C: \ Program Files \ Bazooka Skeneriai 2008-01-20 17:41. 2007-05-30 07:10 10.872 - ------ C: \ WINDOWS \ system32 \ drivers \ AvgAsCln.sys 2008-01-20 16:39. 2008-01-20 16:39 86.144 - ------ C: \ WINDOWS \ system32 \ drivers \ ALCXWDMM.sys 2008-01-12 16:25. 2008-01-12 16:25 <DIR> d -------- C: \ Program Files \ Electronic Arts 2008-01-12 15:11. 2005-06-24 16:24 438.272-RA ------ C: \ WINDOWS \ system32 \ vp6vfw.dll 2008-01-12 15:11. 2004-12-10 09:06 327.680 - ------ C: \ WINDOWS \ system32 \ vp6dec.ax 2008-01-12 15:06. 2008-01-12 15:20 <DIR> D - h ----- C: \ WINDOWS \ msdownld.tmp 2008-01-10 19:21. 2008-01-10 19:21 <DIR> d -------- C: \ Program Files \ uTorrent 2008-01-10 19:01. 2008-01-10 19:21 <DIR> d -------- C: \ Program Files \ megamaps 2008-01-08 22:43. 2008-01-10 19:30 <DIR> d -------- C: \ Program Files \ Guitar Pro 5 2008-01-06 05:19. 2008-01-06 05:19 <DIR> d -------- C: \ Program Files \ Galia Tab Programinė įranga 2008-01-03 22:31. 2008-01-03 22:31 <DIR> d -------- C: \ AeriaGames 2008-01-03 21:30. 2008-01-12 21:55 <DIR> d -------- C: \ UnrealTournament 2007-12-25 14:25. 2007-12-28 16:53 90 - ------ C: \ WINDOWS \ RCAMPEG4VC.ini 2007-12-25 14:18. 2006-09-13 14:52 561.152 - ------ C: \ WINDOWS \ system32 \ xvidcore.dll 2007-12-25 14:18. 2006-09-13 15:01 237.568 - ------ C: \ WINDOWS \ system32 \ xvidvfw.dll 2007-12-25 14:18. 2005-12-30 15:34 2.864 - ------ C: \ WINDOWS \ system32 \ xvid.inf 2007-12-25 14:17. 2007-12-25 14:17 <DIR> d -------- C: \ Program Files \ RCA . (((((((((((((((((((((((((((((((((((((((( Find3M Pranešimas )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008-01-20 20:59 --------- D - h - w C: \ Program Files \ InstallShield įrengimas Informacija 2008-01-17 00:48 --------- d ----- w C: \ Program Files \ Yahoo! 2008-01-16 01:15 --------- d ----- w C: \ Program Files \ Lx_cats 2008-01-11 00:21 --------- d ----- w C: \ Program Files \ Xfire 2008-01-11 00:21 --------- d ----- w C: \ Program Files \ LimeWire 2007-12-22 10:47 --------- d ----- w C: \ Program Files \ DriftCity 2007-12-20 07:35 --------- d ----- w C: \ Program Files \ Sierra On-Line 2007-12-18 08:02 --------- d ----- w C: \ Program Files \ NHN JAV 2007-12-17 21:17 --------- d ----- w C: \ Program Files \ Bethesda Softworks 2007-12-05 04:14 --------- d ----- w C: \ Program Files \ SlySoft 2007-12-03 03:06 --------- d ----- w C: \ Program Files \ TGTSoft 2007-11-25 18:18 --------- d ----- w C: \ Program Files \ Common Files \ Sonic Bendri 2007-11-22 05:03 --------- d ----- w C: \ Program Files \ Cliprex DVD Player Professional . ((((((((((((((((((((((((((((((((((((( Reg Kraunasi Taškai )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Pastaba: * tuščių įrašų ir teisėtu default įrašai nerodoma REGEDIT4 [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntVersion \ Run] "Ctfmon.exe" = "C: \ WINDOWS \ system32 \ Ctfmon.exe" [2004-08-04 07:00 15360] "DAEMON Tools" = "C: \ Program Files \ DAEMON Tools \ daemon.exe" [2007-08-29 10:09 171464] "Yahoo! Gaviklis" = "C: \ Program Files \ Yahoo! \ Messenger \ YahooMessenger.exe" [2007-08-30 17:43 4670704] "SUPERAntiSpyware" = "C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe" [2007-06-21 14:06 1318912] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "SoundMan" = "SOUNDMAN.EXE" [2006-11-16 16:42 577536 C: \ WINDOWS \ SOUNDMAN.EXE] "ATICCC" = "C: \ Program Files \ ATI Technologies \ ATI.ACE \ cli.exe" [2005-08-12 13:43 45056] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe" [2007-09-25 01:11 132496] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2007-09-26 13:42 267064] "CloneCDTray" = "C: \ Program Files \ SlySoft \ CloneCD \ CloneCDTray.exe" [2006-09-28 14:21 57344] "AVG7_CC" = "C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe" [2008-01-20 17:18 579072] "! AVG Anti-spyware" = "C: \ Program Files \ Grisoft \ AVG Anti-spyware 7,5 \ avgas.exe" [2007-06-11 04:25 6731312] "LXCFCATS" = "C: \ WINDOWS \ System32 \ spool \ drivers \ W32X 86 \ 3 \ LXCFtime.dll" [2005-07-20 12:47 73728] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "AVG7_Run" = "C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe" [2008-01-20 17:18 219136] C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Wireless Configuration Utility HW.15.lnk - C: \ Program Files \ TRENDnet \ Trendnet TEW-421PC_TEW-423PI \ WlanCU.exe [2007-01-30 13:57:42 577536] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Policies \ System] "DisableRegistryTools" = 0 (0x0) [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows \ Curr entversion \ Explorer \ ShellExecuteHooks] (5AE067D3-9AFB-48E0-853A-EBB7F4A000DA) "= C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [2006-12-20 13:55 77824] [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon] "UIHost" = "LogonUI.EXE" [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ Notify \! SASWinLogon] C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll 2007-04-19 13:41 294912 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKLM \ ~ \ startupfolder \ C: Documents and Settings ^ ^ ^ All Users Start Menu Programs ^ ^ ^ Paleidimas Sonic CinePlayer Greita Launch.lnk] PATH = C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Sonic CinePlayer Greita Launch.lnk Backup = C: \ WINDOWS \ PSS \ Sonic CinePlayer Greita Launch.lnkCommon Paleidimas [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ igndlm.exe] C: \ Program Files \ Download Manager \ DLM.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ MSMSGS] --------- 2004-10-13 11:24 1694208 C: \ Program Files \ Messenger \ msmsgs.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ QuickTime Task] - ------ 2007-06-29 05:24 286720 C: \ Program Files \ QuickTime \ qttask.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Shared Tools \ msconfig \ startupreg \ SBCSTray] C: \ Program Files \ Sunbelt Software \ CounterSpy \ SBCSTray.exe R0 videX32; videX32, C: \ WINDOWS \ system32 \ drivers \ videX3 2.sys [2006-10-17 07:22] R0 xfilt; VIA IDE, SATA hot-plug Driver, C: \ WINDOWS \ system32 \ drivers \ xfilt.sys [2006-10-18 04:39] R1 ALCXWDMM; ALCXWDMM, C: \ WINDOWS \ system32 \ drivers \ ALCX WDMM.sys [2008-01-20 16:39] R1 Cinemsup; Cinemsup, C: \ WINDOWS \ system32 \ drivers \ Cine msup.sys [2002-07-19 09:10] R3 odysseyIM3; Odyssey Tinklo paslaugos miniprievado, C: \ WINDOWS \ system32 \ drivers \ odysseyIM3.sy S [2007-08-17 20:35] S3 rtl8180; Realtek RTL8180 Wireless LAN (mini) PCI NIC NT Driver, C: \ WINDOWS \ system32 \ drivers \ RTL8180.SYS [2003-12-30 12:20] S3 SetupNTGLM7X; SetupNTGLM7X; D: \ NTGLM7X.sys [] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (5ed3c7c1-4bdf-11DC-8daa-806d6172696f)] \ Shell \ Autorun \ command - D: \ Autorun.exe [HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Active Setup \ Installed Components \ (2352721C-2267-DB51-0008-030706070804)] C: \ WINDOWS \ system32 \ vsc32.exe . ************************************************** ************************ catchme 0.3.1344 W2K/XP/Vista - rootkit / Stealth kenkėjiškų detektorius pagal Gmer, http://www.gmer.net Rootkit scan 2008-01-22 00:37:48 Windows 5.1.2600 Service Pack 2 NTFS skenavimo paslėptus procesus ... skenavimo paslėptas autostart entries ... skenavimo paslėptus failus ... skenavimas baigtas sėkmingai paslėptus failus: 0 ************************************************** ************************ . Atlikimo laikas: 2008-01-22 0:42:14 - mašina buvo paleistas ComboFix-karantine-files.txt 2008-01-22 05:42:10 . 2008-01-11 00:38:07 --- EOF --- |
|
#8
Sausis 21, 2008, 22:57
| |||
| |||
| Adware rimta problema Atsisiųsti Iki Swandog46 AvengerIr išsaugokite jį darbalaukyje.
Kodas Aplankus norite ištrinti C: \ Temp \ tn3 Failai trinti: C: \ WINDOWS \ system32 \ drivers \ core.cache.dsk registro raktus trinti: HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Active Setup \ Installed Components \ (2352721C-2267 - DB51-0008-030706070804)
Sekantis Avenger Prisijungti
__________________ |
|
#9
Sausis 21, 2008, 23:09
| |||
| |||
| Adware rimta problema Gerai čia u go, dar langų btw. Logfile of Avenger 1 versija, kurią Swandog46 Bėgimas iš registro raktą: \ Registry \ Machine \ System \ CurrentControlSet \ Paslauga s hptxmheu ******************* Scenarijaus failo adresu: wqwsrviw Negaliu atidaryti failo scenarijaus! Klaida Negaliu atidaryti failo scenarijaus! Statusas: 0xc000003b Abort! |
|
#10
Sausis 21, 2008, 23:16
| |||
| |||
| Adware rimta problema Oi mano bloga i redid to, cuz Prisijungti didnt ieškoti teisę, ir, matyt i didnt kažką teisę pirmą kartą, Cheres naują žurnalą. Oh ir vis dar yra langų. Logfile of Avenger 1 versija, kurią Swandog46 Bėgimas iš registro raktą: \ Registry \ Machine \ System \ CurrentControlSet \ Paslauga s mkawvjax ******************* Scenarijaus failo adresu: \? \ C: \ WINDOWS \ system32 \ ygueewld.txt Scenarijaus failas pradėjo sėkmingai. Scenarijaus failas skaityti sėkmingai Pradėtas sėkmingai backups kataloge C: \ Avenger ******************* Pradedant tvarkyti skripto failą: Aplankas C: \ Temp \ tn3 sėkmingai ištrintas. Faile C: \ WINDOWS \ system32 \ drivers \ core.cache.dsk sėkmingai ištrintas. Registro raktą HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Active Setup \ Installed Components \ (2352721C-2267-DB51-0008-030706070804) sėkmingai ištrintas. Baigtumas skripto. ******************* Pavyko! Nutraukti. |
|
| |
| Bookmarks |
Panašios Temos | ||||
| Siūlas | Thread Starter | Forumas | Atsakymai | Last Post |
| Need Help Pašalinti Adware | ezong | Virus, Spyware & Security | 8 | 15 liepa 2009 13:15 |
| Tribalfusion tai kai Adware tipo | hopthwoks | Virus, Spyware & Security | 2 | 2 vasaris 2009 01:37 |
| Adware problemų | Marcus123 | Virus, Spyware & Security | 3 | 30 sausis 2008 11:11 |
| Adware problemos negali sustoti langų | Passat | Virus, Spyware & Security | 8 | 23 sausis 2008 21:42 |
| Nid help! ~ Negaliu pašalinti šį Adware / virusas! | jomm43point67 | Virus, Spyware & Security | 10 | 16 sausis 2008 08:38 |
| Temos įrankiai | |
| |
