Скайп вирус

tamitara · Октомври 14, 2010

Здравейте! МОЛЯ АКО НЯКОЙ СЕ ЧУВСТВА ВЕЩ ПО ВЪПРОСА ДА СЪДЕЙСТВА!!! Преди два дни се сблъсках с вирус в скайп. Дойде при мен от познат пребиваващ в Щатите под следната форма "Foto <премахнат линк>" като текста на адреса периодично се променя, а началото фото с усмивка си остава. Активира се след като отвориш упоменатия адрес и запазиш дадения файл който така или иначе не се отваря. И тогава започва досадата......дава най-разнообразни бъгове на скайп. Проблема поне до сега е само и единственно със скайп и то когато е включен. Като се изразява в следното: досадната гадинка се изпраща сама на който и когато реши от абонатите в листата ми и ежедневно променя част от текста си; също така имам проблем с уеб камерата при провеждане на видео разговори - нито приемам нито предавам картина.

Това което направих на първо време, но без резултатно е да предупредя всичките си абонати за опасноста, също така направих няколко варианта на сканиране с антивирусната програма с която разполагам (Avast) и накрая, но не на последно място два пъти дейнсталирах и прейнсталирах скайп програмата. За мое голямо съжаление ситуацията си остава все така досадна.

Моля за помощ!

Night_Raven · Октомври 14, 2010

Сканирай с Malwarebytes' Anti-Malware и SUPERAntiSpyware Free. Ако вече имаш програмите, провери дали имаш последните версии и ако нямаш, премахни твоите и инсталирай най-новите. Ако тепърва инсталираш програмите, след инсталацията те ще предложат да се обновят автоматично, съгласи се. В противен случай обнови дефинициите им ръчно.

За Malwarebytes' Anti-Malware:

- стартирай програмата;

- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);

- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;

- ако са открити заплахи, кликни бутон OK и после Show results (Покажи резултатите);

- кликни бутон Remove Selected (Премахни избраните);

- ще се появи текстов файл (дневник/лог), копирай съдържанието му тук.

За SUPERAntiSpyware:

- стартирай програмата;

- кликни бутон Scan your Computer (Сканиране на компютъра);

- вляво избери само дял C:, а вдясно избери Perform Complete Scan (Извърши пълно сканиране);

- кликни Next и изчакай програмата да сканира;

- кликни OK на съобщението;

- ако има засечени заплахи, кликни Next, за да се премахнат гадинките, OK на потвърждението и накрая Finish;

- кликни бутон Preferences... (Настройки) и иди на подпрозорец Statistics/Logs (Дневници), маркирай последния лог по дата и кликни бутон View Log... (Покажи дневника);

- копирай съдържанието му тук.

Ако е нужен рестарт при някое от сканиранията, се съгласи и рестартирай веднага.

TechMaster · Октомври 14, 2010

....

Незабавно промени http от адреса на гадинката в hxxtp, защото някой може неволно да кликне и да бъде инфектиран!

Друго, как за толкова време не се научихте, че разните непредвидени линкове, без обяснение към тях или с неадекватно обяснение като "Is this your own pic" са капани създадени от вирусите, ползвайки вече заразени машини!

В интернет не всичко, което виждаш се яде!

tamitara · Октомври 14, 2010

Здравейте! МОЛЯ АКО НЯКОЙ СЕ ЧУВСТВА ВЕЩ ПО ВЪПРОСА ДА СЪДЕЙСТВА!!! Преди два дни се сблъсках с вирус в скайп. Дойде при мен от познат пребиваващ в Щатите под следната форма "Foto hxxtp://photogalery-img.net/profile.php" като текста на адреса периодично се променя, а началото фото с усмивка си остава. Активира се след като отвориш упоменатия адрес и запазиш дадения файл който така или иначе не се отваря. И тогава започва досадата......дава най-разнообразни бъгове на скайп. Проблема поне до сега е само и единственно със скайп и то когато е включен. Като се изразява в следното: досадната гадинка се изпраща сама на който и когато реши от абонатите в листата ми и ежедневно променя част от текста си; също така имам проблем с уеб камерата при провеждане на видео разговори - нито приемам нито предавам картина.
Това което направих на първо време, но без резултатно е да предупредя всичките си абонати за опасноста, също така направих няколко варианта на сканиране с антивирусната програма с която разполагам (Avast) и накрая, но не на последно място два пъти дейнсталирах и прейнсталирах скайп програмата. За мое голямо съжаление ситуацията си остава все така досадна.
Моля за помощ!

Ето промените са направени, благодаря за забележката и съжалявам за невежеството си..........но цитирах с цел да покажа лицето на гадинката

Незабавно промени http от адреса на гадинката в hxxtp, защото някой може неволно да кликне и да бъде инфектиран!
Друго, как за толкова време не се научихте, че разните непредвидени линкове, без обяснение към тях или с неадекватно обяснение като "Is this your own pic" са капани създадени от вирусите, ползвайки вече заразени машини!
В интернет не всичко, което виждаш се яде!

Коригирах, благодаря за градивната забележката и се извинявам за невежеството си! Найстина не знаех

А по отношение на злобната ти критика и надсмешка мога да кажа, че звучиш типично по български или да не кажа даже по шопски и със злорадството си вместо да помогнеш само напрягаш ситуацията. Аз се обърнах с молба за помощ, а ти като не искаш да помогнеш то поне не пречи. Напълно съм на ясно, че в интернет не всичко което се вижда се и яде, но повярвай ми никой не е застрахован от това да се подведе в дадена ситуация...........и аз обичам да давам акъли и да поучавам ама виж ме сега в каква ситуация съм.

Така, че по добре голям камък хвъли, а голяма дума не казвай!

Сканирай с Malwarebytes' Anti-Malware и SUPERAntiSpyware Free. Ако вече имаш програмите, провери дали имаш последните версии и ако нямаш, премахни твоите и инсталирай най-новите. Ако тепърва инсталираш програмите, след инсталацията те ще предложат да се обновят автоматично, съгласи се. В противен случай обнови дефинициите им ръчно.

За Malwarebytes' Anti-Malware:
- стартирай програмата;
- избери Perform quick scan (Бързо сканиране) и кликни бутон Scan (Сканиране);
- след като приключи сканирането, ако не са открити заплахи, ще се отвори автоматично текстов файл (който можеш да затвориш) и програмата ще те уведоми, че не е открила нищо, след което можеш да кликнеш бутон OK и да я затвориш;
- ако са открити заплахи, кликни бутон OK и после Show results (Покажи резултатите);
- кликни бутон Remove Selected (Премахни избраните);
- ще се появи текстов файл (дневник/лог), копирай съдържанието му тук.

За SUPERAntiSpyware:
- стартирай програмата;
- кликни бутон Scan your Computer (Сканиране на компютъра);
- вляво избери само дял C:, а вдясно избери Perform Complete Scan (Извърши пълно сканиране);
- кликни Next и изчакай програмата да сканира;
- кликни OK на съобщението;
- ако има засечени заплахи, кликни Next, за да се премахнат гадинките, OK на потвърждението и накрая Finish;
- кликни бутон Preferences... (Настройки) и иди на подпрозорец Statistics/Logs (Дневници), маркирай последния лог по дата и кликни бутон View Log... (Покажи дневника);
- копирай съдържанието му тук.

Ако е нужен рестарт при някое от сканиранията, се съгласи и рестартирай веднага.

Благодаря за бързата реакция и съвет! Веднага ще пробвам

Впечатляващо! Това е единият резултат:

Malwarebytes' Anti-Malware 1.46

www.malwarebytes.org

Версия на базата от данни: 4821

Windows 5.1.2600 Service Pack 2

Internet Explorer 6.0.2900.2180

14.10.2010 г. 15:14:05

mbam-log-2010-10-14 (15-14-05).txt

Тип сканиране: Бързо сканиране

Сканирани обекти: 143997

Изминало време: 6 минута(и), 7 секунда(и)

Заразени процеси в паметта: 1

Заразени модули в паметта: 0

Заразени ключове в регистратурата: 112

Заразени стойности в регистратурата: 9

Заразени информационни обекти в регистратурата: 1

Заразени папки: 20

Заразени файлове: 60

Заразени процеси в паметта:

C:\WINDOWS\jusched.exe (Trojan.Agent) -> Unloaded process successfully.

Заразени модули в паметта:

(Не бяха открити зловредни обекти)

Заразени ключове в регистратурата:

HKEY_CLASSES_ROOT\acm.acmfactory (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\acm.acmfactory.1 (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.datacontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{c8cecde3-1ae1-4c4a-ad82-6d5b00212144} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{17de5e5e-bfe3-4e83-8e1f-8755795359ec} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1f52a5fa-a705-4415-b975-88503b291728} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{a626cdbd-3d13-4f78-b819-440a28d7e8fc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{25560540-9571-4d7b-9389-0f166788785a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.datacontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8ca01f0e-987c-49c3-b852-2f1ac4a7094c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{1093995a-ba37-41d2-836e-091067c4ad17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{120927bf-1700-43bc-810f-fab92549b390} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{247a115f-06c2-4fb3-967d-2d62d3cf4f0a} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e53e2cb-86db-4a4a-8bd9-ffeb7a64df82} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{90449521-d834-4703-bb4e-d3aa44042ff8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{991aac62-b100-47ce-8b75-253965244f69} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{bbabdc90-f3d5-4801-863a-ee6ae529862d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{d6ff3684-ad3b-48eb-bbb4-b9e6c5a355c1} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{eb9e5c1c-b1f9-4c2b-be8a-27d6446fdaf8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{0f8ecf4f-3646-4c3a-8881-8e138ffcaf70} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{b813095c-81c0-4e40-aa14-67520372b987} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{c9d7be3e-141a-4c85-8cd6-32461f3df2c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{cff4ce82-3aa2-451f-9b77-7165605fb835} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historykillerscheduler.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.historyswattercontrolbar.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{e47caee0-deea-464a-9326-3f2801535a4d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{3e1656ed-f60e-4597-b6aa-b6a58e171495} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{741de825-a6f0-4497-9aa6-8023cf9b0fff} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3dc201fb-e9c9-499c-a11f-23c360d7c3f8} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{98d9753d-d73b-42d5-8c85-4469cda897ab} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.htmlmenu.2 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.iecookiesmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.killerobjmanager.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\TypeLib\{8e6f1830-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2b-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{63d0ed2d-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{63d0ed2c-b45b-4458-8b3b-60c69bbbd83c} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{8e6f1832-9607-4440-8530-13be7c4b1d14} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a9571378-68a1-443d-b082-284f960c6d17} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswatterbarbutton.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\funwebproducts.popswattersettingscontrol.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.chatsessionplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.htmlpanel.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.pseudotransparentplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.settingsplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearchtoolbar.toolbarplugin.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\screensavercontrol.screensaverinstaller.1 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Interface\{cf54be1c-9359-4395-8533-1657cf209cfe} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\{127df9b4-d75d-44a6-af78-8c3a8ceb03db} (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{147a976f-eee1-4377-8ea7-4716e4cdd239} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{1e0de227-5ce4-4ea3-ab0c-8b03e1aa76bc} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{53ced2d0-5e9a-4761-9005-648404e6f7e5} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d292-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{7473d296-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{d9fffb27-d62a-4d64-8cec-1ff006528805} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\CLSID\{a9aae1ab-9688-42c5-86f5-c12f6b9015ad} (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\Typelib\{d518921a-4a03-425e-9873-b9a71756821e} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{00a6faf1-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea1-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\Stats\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{59c7fc09-1c83-4648-b3e6-003d2bbc7481} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{68af847f-6e91-45dd-9b68-d6a12c30e5d7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9170b96c-28d4-4626-8358-27e6caeef907} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{d1a71fa0-ff48-48dd-9b6d-7a13a3e42127} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ddb1968e-ead6-40fd-8dae-ff14757f60c7} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{f138d901-86f0-4383-99b6-9cdd406036da} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{56256a51-b582-467e-b8d4-7786eda79ae0} (Trojan.Vundo) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{07b18eab-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{3e720452-b472-4954-b7aa-33069eb53906} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7473d294-b7bb-4f24-ae82-7e2ce94bb6a9} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{9ff05104-b030-46fc-94b8-81276e4e27df} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{e79dfbca-5697-4fbd-94e5-5b2a9c7c1612} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\AppID\ACM.dll (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\mywebsearch.outlookaddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CLASSES_ROOT\WUSN.1 (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Casino King (Adware.Casino) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\FocusInteractive (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Fun Web Products (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\RunDll32Policy\f3ScrCtr.dll (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Multimedia\WMPlayer\Schemes\f3pss (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Outlook\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Office\Word\Addins\MyWebSearch.OutlookAddin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SaveNow (Adware.WhenU) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\WhenUSave (Adware.WhenU) -> Quarantined and deleted successfully.

Заразени стойности в регистратурата:

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks\{00a6faf6-072e-44cf-8957-5838f569a31d} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{07b18ea9-a523-4961-b6bb-170de4475cca} (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\java developer script browse (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\java developer script browse (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\MenuExt\&Search\(default) (Adware.Hotbar) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Media\WMSDK\Sources\f3popularscreensavers (Adware.MyWebSearch) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Terminal Server\Install\Software\Microsoft\Windows\CurrentVersion\Run\java developer script browse (Trojan.Agent) -> Quarantined and deleted successfully.

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\User Agent\Post Platform\funwebproducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

Заразени информационни обекти в регистратурата:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\UpdatesDisableNotify (Disabled.SecurityCenter) -> Bad: (1) Good: (0) -> Quarantined and deleted successfully.

Заразени папки:

C:\Program Files\FunWebProducts (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\ScreenSaver\Images (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Message (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\SrchAstt\1.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Save (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU (Adware.WhenU) -> Quarantined and deleted successfully.

Заразени файлове:

C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3HISTSW.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3HTMLMU.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3POPSWT.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3REPROX.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\My Documents\downloads\PIC675799074533-JPG-www.facebook.com.exe (Trojan.Downloader) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\CursorManiaBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\FunWebProducts\Shared\Cache\SmileyCentralBtn.html (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3BKGERR.JPG (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3SPACER.WMV (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3WALLPP.DAT (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\F3WPHOOK.DLL (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\FWPBUDDY.PNG (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3FFXTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3IMPIPE.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3NTSTBR.MANIFEST (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\1.bin\M3SKPLAY.EXE (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\00088E1F (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\000893CD (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\00089505.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\0008962E.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\00089776.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\000898DD.bin (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Cache\files.ini (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\CHESS.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Game\REVERSI.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\History\search3 (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\CM.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\MFC.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\PSS.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\SMILEY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\WB.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\icons\ZWINKY.ICO (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Message\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\COMMON.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\DOG.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\FISH.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\KUNGFU.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\LIFEGARD.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAID.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\MAILBOX.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\OPERA.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\ROBOT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SEDUCT.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Notifier\SURFER.F3S (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\prevcfg2.htm (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\MyWebSearch\bar\Settings\s_pid.dat (Adware.MyWebSearch) -> Quarantined and deleted successfully.

C:\Program Files\Save\ffext.mod (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Program Files\Save\save.db (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Program Files\Save\save.htm (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Program Files\Save\SaveUninst.exe (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Program Files\Save\store.db (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU\Customer Support.lnk (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU\Learn More About WhenU Save.url (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU\Learn More About WhenU SaveNow.url (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU\Uninstall Instructions.lnk (Adware.WhenU) -> Quarantined and deleted successfully.

C:\Documents and Settings\User\Start Menu\Programs\WhenU\WhenU.com Website.url (Adware.WhenU) -> Quarantined and deleted successfully.

C:\WINDOWS\jusched.exe (Trojan.Agent) -> Quarantined and deleted successfully.

Направо останах с отворена уста и нямам думи! Това е резултата от втората атака:

SUPERAntiSpyware Scan Log

http://www.superantispyware.com

Generated 10/14/2010 at 03:58 PM

Application Version : 4.44.1000

Core Rules Database Version : 5682

Trace Rules Database Version: 3494

Scan type : Complete Scan

Total Scan Time : 00:22:11

Memory items scanned : 719

Memory threats detected : 0

Registry items scanned : 8093

Registry threats detected : 67

File items scanned : 16182

File threats detected : 105

Adware.WhenU

HKU\S-1-5-21-1801674531-1417001333-839522115-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B}

HKCR\CLSID\{BA2325ED-F9EB-4830-8FCE-0BC35B16969B}

HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}

HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid

HKCR\Interface\{572FB162-C0BA-4EDF-8CFF-E3846153B9B0}\ProxyStubClsid32

HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}

HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid

HKCR\Interface\{72A836D1-BC00-43C0-A941-17960E4FB842}\ProxyStubClsid32

HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}

HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid

HKCR\Interface\{43382522-A846-46F4-AC57-1F71AE6E1086}\ProxyStubClsid32

HKCR\WUSE.1

HKCR\WUSE.1#WUSE_Id

C:\PROGRAM FILES\DAEMON TOOLS\SETUPDTSB.EXE

Adware.Tracking Cookie

C:\Documents and Settings\User\Cookies\user@statcounter[2].txt

C:\Documents and Settings\User\Cookies\user@ads.btv[1].txt

C:\Documents and Settings\User\Cookies\user@cgi-bin[2].txt

C:\Documents and Settings\User\Cookies\user@ad.httpool[1].txt

C:\Documents and Settings\User\Cookies\user@insightexpressai[1].txt

C:\Documents and Settings\User\Cookies\user@adbrite[2].txt

C:\Documents and Settings\User\Cookies\user@classifiedventures1.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@ehg-nokiafin.hitbox[2].txt

C:\Documents and Settings\User\Cookies\user@fastclick[1].txt

C:\Documents and Settings\User\Cookies\user@AdServer[3].txt

C:\Documents and Settings\User\Cookies\user@xiti[1].txt

C:\Documents and Settings\User\Cookies\user@www.888[2].txt

C:\Documents and Settings\User\Cookies\user@msnbc.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@2o7[1].txt

C:\Documents and Settings\User\Cookies\user@adrevolver[2].txt

C:\Documents and Settings\User\Cookies\user@adserver[1].txt

C:\Documents and Settings\User\Cookies\user@adtech[1].txt

C:\Documents and Settings\User\Cookies\user@videoegg.adbureau[1].txt

C:\Documents and Settings\User\Cookies\user@rambler[1].txt

C:\Documents and Settings\User\Cookies\user@apmebf[2].txt

C:\Documents and Settings\User\Cookies\user@sales.liveperson[1].txt

C:\Documents and Settings\User\Cookies\user@ad.yieldmanager[2].txt

C:\Documents and Settings\User\Cookies\user@adopt.specificclick[2].txt

C:\Documents and Settings\User\Cookies\user@tribalfusion[1].txt

C:\Documents and Settings\User\Cookies\user@smartadserver[2].txt

C:\Documents and Settings\User\Cookies\user@28856772[1].txt

C:\Documents and Settings\User\Cookies\user@burstnet[2].txt

C:\Documents and Settings\User\Cookies\user@content.yieldmanager[1].txt

C:\Documents and Settings\User\Cookies\user@questionmarket[1].txt

C:\Documents and Settings\User\Cookies\user@diff3.smartadserver[2].txt

C:\Documents and Settings\User\Cookies\user@www.etracker[2].txt

C:\Documents and Settings\User\Cookies\user@casalemedia[2].txt

C:\Documents and Settings\User\Cookies\user@tns-counter[1].txt

C:\Documents and Settings\User\Cookies\user@atdmt[2].txt

C:\Documents and Settings\User\Cookies\user@adv.thinkdigital[2].txt

C:\Documents and Settings\User\Cookies\user@realmedia[1].txt

C:\Documents and Settings\User\Cookies\user@tacoda[2].txt

C:\Documents and Settings\User\Cookies\user@microsoftwga.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@media.adrevolver[1].txt

C:\Documents and Settings\User\Cookies\user@microsoftwlcashback.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@microsoftxbox.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@new-pcp[1].txt

C:\Documents and Settings\User\Cookies\user@ad.wsod[1].txt

C:\Documents and Settings\User\Cookies\user@www.windowsmedia[2].txt

C:\Documents and Settings\User\Cookies\user@zedo[2].txt

C:\Documents and Settings\User\Cookies\user@doubleclick[1].txt

C:\Documents and Settings\User\Cookies\user@media.easyads[1].txt

C:\Documents and Settings\User\Cookies\user@mywebsearch[2].txt

C:\Documents and Settings\User\Cookies\user@msnportal.112.2o7[1].txt

C:\Documents and Settings\User\Cookies\user@specificclick[2].txt

C:\Documents and Settings\User\Cookies\user@ehg-foxmovies.hitbox[1].txt

C:\Documents and Settings\User\Cookies\user@1071864986[1].txt

C:\Documents and Settings\User\Cookies\user@eyewonder[1].txt

C:\Documents and Settings\User\Cookies\user@ads.neg[1].txt

C:\Documents and Settings\User\Cookies\user@statse.webtrendslive[1].txt

C:\Documents and Settings\User\Cookies\user@hitbox[2].txt

C:\Documents and Settings\User\Cookies\user@advertising[2].txt

C:\Documents and Settings\User\Cookies\user@ads.pointroll[1].txt

69.memecounter.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

acvs.mediaonenetwork.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

ads1.msn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

bc.youporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

c2.zedo.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

cdn-www.pornhub.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

embed.pornhub.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

files.streamsex.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

free.porn.sc [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

free.sexparty.tv [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

googleads.g.doubleclick.net [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

ia.media-imdb.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

media.scanscout.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

myfreepaysite.privatemediacontent.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

naiadsystems.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

porn.gonzo-movies.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

porno.dreammovies.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

products.adultlegalporn2go.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

secure-it.imrworldwide.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

sex.magicmovies.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

static.youporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

video.pornorama.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

videos.teensnow.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.3d-porngames.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.3d-sexgames.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.freepornofreeporn.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.freshteen.biz [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.mediashare.bg [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.naiadsystems.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.pornhub.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.pornstar.bg [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.sexvidz.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

www.thrixxx.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

xxx.xnxxmovies.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

xxxearth.com [ C:\Documents and Settings\User\Application Data\Macromedia\Flash Player\#SharedObjects\FG6UUEPL ]

C:\Documents and Settings\User\Cookies\user@adserving[2].txt

Adware.MyWebSearch/FunWebProducts

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid

HKCR\Interface\{07B18EAA-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32

HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}

HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid

HKCR\Interface\{07B18EAC-A523-4961-B6BB-170DE4475CCA}\ProxyStubClsid32

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid

HKCR\Interface\{2E3537FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32

HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}

HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid

HKCR\Interface\{2E9937FC-CF2F-4F56-AF54-5A6A3DD375CC}\ProxyStubClsid32

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid

HKCR\Interface\{3E720451-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32

HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}

HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid

HKCR\Interface\{3E720453-B472-4954-B7AA-33069EB53906}\ProxyStubClsid32

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid

HKCR\Interface\{6E74766C-4D93-4CC0-96D1-47B8E07FF9CA}\ProxyStubClsid32

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid

HKCR\Interface\{72EE7F04-15BD-4845-A005-D6711144D86A}\ProxyStubClsid32

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid

HKCR\Interface\{7473D291-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32

HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}

HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid

HKCR\Interface\{7473D293-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32

HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}

HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid

HKCR\Interface\{7473D295-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32

HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}

HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid

HKCR\Interface\{7473D297-B7BB-4F24-AE82-7E2CE94BB6A9}\ProxyStubClsid32

HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}

HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid

HKCR\Interface\{DE38C398-B328-4F4C-A3AD-1B5E4ED93477}\ProxyStubClsid32

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25E}\ProxyStubClsid32

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid

HKCR\Interface\{E342AF55-B78A-4CD0-A2BB-DA7F52D9D25F}\ProxyStubClsid32

HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}

HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid

HKCR\Interface\{E79DFBC9-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32

HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}

HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid

HKCR\Interface\{E79DFBCB-5697-4FBD-94E5-5B2A9C7C1612}\ProxyStubClsid32

HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}

HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid

HKCR\Interface\{F87D7FB5-9DC5-4C8C-B998-D8DFE02E2978}\ProxyStubClsid32

Trojan.Agent/Gen-Nullo[short]

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197243.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197244.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197245.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197246.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197247.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197248.DLL

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197250.EXE

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197252.EXE

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197260.EXE

C:\SYSTEM VOLUME INFORMATION\_RESTORE{C476EB4A-7897-4725-AA78-469986CDC5C5}\RP833\A0197263.EXE

Night_Raven · Октомври 14, 2010

След сканирането и евентуалните рестарти, нужни за почистването, има ли още някакви проблеми със системата?

tamitara · Октомври 14, 2010

След сканирането и евентуалните рестарти, нужни за почистването, има ли още някакви проблеми със системата?

Не. Мисля, че всичко е ок. Още веднъж, благодаря!

Night_Raven · Октомври 14, 2010

Тогава за финал да препоръчам горещо да инсталираш Service Pack 3 и Internet Explorer 8.

Service Pack 3 е последният сервизен пакет за Windows XP и е много важен от гледна точка сигурност. Разбира се също силно препоръчително е след това и операционната система да се обнови с последните актуализации.

Internet Explorer 8 е голяма крачка в правилната посока и е важно да бъде инсталиран, дори и да не се ползва като основен браузър.

И разбира се поддържай останалия софтуер актуален.

nikikom · Октомври 14, 2010

Здравей jjjjjk

Явно ще трябва да обясняваш на няколко стотин хиляди или милиони потребителя по отделно за какво иде реч, а може да започнеш, да провеждаш групово убочение за самозащита, и който го вълнува само социални мрежи и определени форуми за запознанства, може да го режеш, като му спреш интернета.

Влез

Скайп вирус

Препоръчан пост

tamitara

Link to comment

Сподели другаде

Night_Raven

Link to comment

Сподели другаде

TechMaster

Link to comment

Сподели другаде

tamitara

Link to comment

Сподели другаде

Night_Raven

Link to comment

Сподели другаде

tamitara

Link to comment

Сподели другаде

Night_Raven

Link to comment

Сподели другаде

nikikom

Link to comment

Сподели другаде

Join the conversation

Разгледай

Какво ново?