Wirus na kompie kuzyna :(

dresik · 9 Marzec 2008 22:56

witam!!

dzwoni do mnie kuzyn zeby natychmiast przyjechal!! bo mu wolno internet chodzi :] przychodze i widze

odrazu pierwsza mysl wirus

zrobil skana wirem Demo

a=========================================================================


This file was created by SpyAway on 03.9.08 20:02:40


http://spyaway2007.com/


=========================================================================



PRODUCT VERSION:


1.1.20


DATABASE VERSION:


1.0.1.21


SCAN MODE:


Full Scan



*******************************


INFECTED:


80



=========================================


 - DETAILED REPORT.


=========================================



*******************************


INFECTED PROCCESS:


1


*******************************



c:\windows\system32\rxjddnvj.exe - Trojan.ADHammer




*******************************


INFECTED REGISTRY ENTRIES:


23


*******************************



HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000000-d9e3-4bc6-a0bd-3d0ca4be5271} - AdBreak

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{00000012-890e-4aac-afd9-eff6954a34dd} - AdBreak

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{029e02f0-a0e5-4b19-b958-7bf2db29fb13} - Adgoblin

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06dfedaa-6196-11d5-bfc8-00508b4a487d} - 7FaSSt Search

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{12F02779-6D88-4958-8AD3-83C12D86ADC7} - ActiveSearch

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1adbcce8-cf84-441e-9b38-afc7a19c06a4} - ActivShop

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{2d7cb618-cc1c-4126-a7e3-f5b12d3bcf71} - Adblaster

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{51641ef3-8a7a-4d84-8659-b0911e947cc8} - AdBars

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53C330D6-A4AB-419B-B45D-FD4411C1FEF4} - 404Search

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{54645654-2225-4455-44A1-9F4543D34546} - ADCLICKER

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{669695bc-a811-4a9d-8cdf-ba8c795f261e} - 7FaSSt Search

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6abc861a-31e7-4d91-b43b-d3c98f22a5c0} - Aconti

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{944864a5-3916-46e2-96a9-a2e84f3f1208} - AccoonaSearch

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{a4a435cf-3583-11d4-91bd-0048546a1450} - ACXInstall

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{b8875bfe-b021-11d4-bfa8-00508b8e9bd3} - 7FaSSt Search

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{bb936323-19fa-4521-ba29-eca6a121bc78} - 3721 Spyware

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c2680e10-1655-4a0e-87f8-4259325a84b7} - Adgoblin

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c4ca6559-2cf1-48b6-96b2-8340a06fd129} - AdBars

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{c5af2622-8c75-4dfb-9693-23ab7686a456} - ADCLICKER

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{ca1d1b05-9c66-11d5-a009-000103c1e50b} - 4Arcade PBar

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d8efadf1-9009-11d6-8c73-608c5dc19089} - AccessPlugin

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9147a0a-a866-4214-b47c-da821891240f} - Adblaster

HKEY_LOCAL_MACHINE=SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{e9306072-417e-43e3-81d5-369490beef7c} - Adgoblin




*******************************


INFECTED FILES:


56


*******************************



c:\program files\3721\assist\asbar.dll - 3721 Spyware

c:\program files\accoona\asearchassist.dll - AccoonaSearch

c:\program files\e-zshopper\barlcher.dll - ActivShop

c:\program files\p2pnetworks\amp2pl.exe - AccessMedia

c:\windows\system32\eshopee.exe - ActivShop

c:\windows\system32\msole32.exe - ADCLICKER

c:\windows\system32\rxjddnvj.exe - Trojan.ADHammer

c:\windows\system32\vxddsk.exe - Abebot

c:\windows\system32\wml.exe - Abebot

c:\windows\764.exe - 764 Dialer

c:\windows\7search.dll - 7FaSSt Search

c:\windows\absolute key logger.lnk - AbsoluteKey

c:\windows\aconti.exe - Aconti

c:\windows\aconti.ini - Aconti

c:\windows\aconti.log - Aconti

c:\windows\aconti.sdb - Aconti

c:\windows\acontidialer.txt - Aconti

c:\windows\adbar.dll - AdBars

c:\windows\cbinst$.exe - AdBreak

c:\windows\daxtime.dll - Adgoblin

c:\windows\default.htm - Trojan.ADHammer

c:\windows\dp0.dll - AccessPlugin

c:\windows\eventlowg.dll - Adgoblin

c:\windows\fhfmm.exe - AdBreak

c:\windows\fhfmm-uninstaller.exe - AdBreak

c:\windows\flt.dll - 7FaSSt Search

c:\windows\hcwprn.exe - AdBreak

c:\windows\hotporn.exe - AccessPlugin

c:\windows\ie_32.exe - Acext

c:\windows\iexplorr23.dll - Adblaster

c:\windows\jd2002.dll - ACXInstall

c:\windows\kkcomp$.exe - AdBreak

c:\windows\kkcomp.dll - AdBreak

c:\windows\kkcomp.exe - AdBreak

c:\windows\kvnab$.exe - AdBreak

c:\windows\kvnab.dll - AdBreak

c:\windows\kvnab.exe - AdBreak

c:\windows\liqad$.exe - AdBreak

c:\windows\liqad.dll - AdBreak

c:\windows\liqad.exe - AdBreak

c:\windows\liqui.dll - AdBreak

c:\windows\liqui.exe - AdBreak

c:\windows\liqui-uninstaller.exe - AdBreak

c:\windows\ngd.dll - AccessPlugin

c:\windows\pbar.dll - 4Arcade PBar

c:\windows\pbsysie.dll - AdBreak

c:\windows\settn.dll - AdBreak

c:\windows\spredirect.dll - ActualNames.AdvSearch

c:\windows\vxddsk.exe - Abebot

c:\windows\wbecheck.exe - AdBreak

c:\windows\wbeinst$.exe - AdBreak

c:\windows\wml.exe - Abebot

c:\windows\xadbrk.dll - AdBreak

c:\windows\xadbrk.exe - AdBreak

c:\windows\xadbrk_.exe - AdBreak

c:\windows\xxxvideo.exe - AccessPlugin




*******************************


INFECTED COOKIES:


0


*******************************



- NOT FOUND -



*******************************


INFECTED FAVORITES:


0


*******************************



- NOT FOUND -



=========================================


 - END OF FILE.

pousuwalem mu wirusy recznie przez neta nie dalo sie poniewaz wirus mu neta przymula!! nie moge usunac tego wirusa!!

c:\windows\system32\rxjddnvj.exe - Trojan.ADHammer

recznie probowalem w trybie awaryjnym nic!! potrzebuje szczepionki na usuniecie tego goscia nie moge dac loga bo mu www ciezko wchodza!!

Leon1 · 10 Marzec 2008 17:06

uruchom HijackThis i jak będzie taki wpis to go usuń

potem spróbuj usunąć plik

Gutek · 10 Marzec 2008 20:06

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Pobierz program SDFix