Forum Komputery Wirusy, trojany, spyware
ZMIEŃ
    Dodaj do ulubionych

    Generic PUP.g".

    IP: *.pools.arcor-ip.net 16.03.07, 09:02
    Zeskanowalam komp.i znalazl mi 4 obiekty:

    typ:potentiell unerwünschtes programm
    nazwa:Generic PUP.g
    Jak po skanowaniu naciskam "usun",to wyskakuje mi haslo ze jest nie jest
    mozliwe usuniecie.A jestem sama w domu przez pare dni i nie wiem co z tym
    zrobic,ani co to jest.
    Obserwuj wątek
      • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 09:17
        Logfile of HijackThis v1.99.1
        Scan saved at 09:15:20, on 16.03.2007
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\SYSTEM32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Programme\Intel\Wireless\Bin\EvtEng.exe
        C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
        C:\WINDOWS\system32\spoolsv.exe
        c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
        C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
        C:\Acer\Empowering Technology\admServ.exe
        C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
        C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
        C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
        C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
        C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
        c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
        C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
        C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
        C:\WINDOWS\SYSTEM32\Ati2evxx.exe
        C:\WINDOWS\Explorer.EXE
        c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
        C:\PROGRA~1\mcafee.com\agent\mcagent.exe
        C:\WINDOWS\RTHDCPL.EXE
        C:\Programme\Synaptics\SynTP\SynTPLpr.exe
        C:\Programme\Synaptics\SynTP\SynTPEnh.exe
        C:\Program Files\Acer\Acer Arcade\PCMService.exe
        C:\Acer\Empowering Technology\eRecovery\Monitor.exe
        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
        C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
        C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
        C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
        C:\WINDOWS\system32\LVCOMSX.EXE
        C:\Programme\Acer\OrbiCam\CameraAssistant.exe
        C:\WINDOWS\system32\ElkCtrl.exe
        C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
        C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
        C:\Programme\iTunes\iTunesHelper.exe
        C:\Programme\QuickTime\qttask.exe
        C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe
        C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
        C:\Programme\SiteAdvisor\6028\SiteAdv.exe
        C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
        C:\Programme\K-litePro\K-litePro.exe
        C:\Programme\McAfee\MPF\MPFSrv.exe
        C:\Programme\Skype\Phone\Skype.exe
        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
        C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
        C:\Programme\CyberLink\Shared Files\RichVideo.exe
        C:\Programme\SiteAdvisor\6028\SAService.exe
        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
        C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
        C:\WINDOWS\system32\svchost.exe
        C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
        C:\Programme\Logitech\SetPoint\SetPoint.exe
        C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
        C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
        C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe
        C:\Programme\iPod\bin\iPodService.exe
        C:\WINDOWS\system32\wbem\unsecapp.exe
        C:\WINDOWS\System32\svchost.exe
        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
        C:\Programme\Mozilla Firefox\firefox.exe
        C:\Programme\Gemeinsame Dateien\Real\Update_OB\RealOneMessageCenter.exe
        C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
        C:\WINDOWS\system32\wuauclt.exe
        c:\programme\mcafee\msc\mcshell.exe
        C:\Dokumente und Einstellungen\KASIA\Desktop\hijackthis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
        search.bearshare.com/sidebar.html?src=ssb
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
        search.bearshare.com/sidebar.html?src=ssb
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
        search.bearshare.com/sidebar.html?src=ssb
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
        google.bearshare.com/de/
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
        www.arcor.de
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
        www.arcor.de
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
        www.arcor.de
        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.arcor.de
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        search.bearshare.com/sidebar.html?src=ssb
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
        R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} -
        C:\Programme\MyWebSearch\SrchAstt\b.bin\MWSSRCAS.DLL
        R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
        - C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
        R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} -
        C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
        O2 - BHO: MyWebSearch Search Assistant BHO -
        {00A6FAF1-072E-44cf-8957-5838F569A31D} -
        C:\Programme\MyWebSearch\SrchAstt\b.bin\MWSSRCAS.DLL
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
        C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
        c:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} -
        C:\Programme\MyWebSearch\bar\b.bin\MWSBAR.DLL
        O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} -
        C:\Programme\SiteAdvisor\6028\SiteAdv.dll
        O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} -
        C:\Programme\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
        O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} -
        c:\programme\hbtools\hbtv\hbtvhelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
        C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
        O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
        c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} -
        C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
        O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} -
        C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
        c:\programme\google\googletoolbar3.dll
        O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} -
        C:\PROGRA~1\BEARSH~1\BEARSH~2\MediaBar.dll
        O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
        C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
        C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
        c:\programme\google\googletoolbar3.dll
        O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} -
        C:\Programme\SiteAdvisor\6028\SiteAdv.dll
        O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
        C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
        O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
        C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
        O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} -
        C:\Programme\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
        O4 - HKLM\..\Run: [LaunchApp] Alaunch
        O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
        O4 - HKLM
      • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 09:19
        Powyzej zamiescilam logo,o ile to cos da.
        • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 16.03.07, 11:05
          Podaj nazwe zainfekowanego pliku, oraz wklej koncowke log'a ktora sie nie zmiescila.
          • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 11:20
            O4 - HKLM\..\Run: [LaunchApp] Alaunch
            O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
            O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
            O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
            O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
            O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
            O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
            /RemAdvDef /Migration32
            O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
            O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
            /SYNC
            O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
            /IMEName
            O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe"
            runtime -Delay
            O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering
            Technology\eDataSecurity\eDSloader.exe
            O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
            O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering
            Technology\ePower\Acer ePower Management.exe boot
            O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
            O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering
            Technology\eRecovery\Monitor.exe
            O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
            O4 - HKLM\..\Run: [LogitechCameraAssistant]
            C:\Programme\Acer\OrbiCam\CameraAssistant.exe
            O4 - HKLM\..\Run: [LogitechVideo[inspector]]
            C:\Programme\Acer\OrbiCam\InstallHelper.exe /inspect
            O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe
            /automation
            O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
            O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
            O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
            O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
            O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame
            Dateien\Real\Update_OB\realsched.exe" -osboot
            O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
            O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
            O4 - HKLM\..\Run: [My Web Search Bar] rundll32
            C:\PROGRA~1\MYWEBS~1\bar\b.bin\MWSBAR.DLL,S
            O4 - HKLM\..\Run: [MyWebSearch Email Plugin]
            C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe
            O4 - HKLM\..\Run: [HbTools] C:\Programme\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe
            O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop
            Search\GoogleDesktop.exe" /startup
            O4 - HKLM\..\Run: [SiteAdvisor] C:\Programme\SiteAdvisor\6028\SiteAdv.exe
            O4 - HKLM\..\Run: [BearFlix] "C:\Programme\BearFlix\BearFlix.exe" /pause
            O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame
            Dateien\Ahead\Lib\NeroCheck.exe
            O4 - HKCU\..\Run: [BitTorrent] "C:\Programme\BitTorrent\bittorrent.exe"
            --force_start_minimized
            O4 - HKCU\..\Run: [MyWebSearch Email Plugin]
            C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe
            O4 - HKCU\..\Run: [Shareaza] "C:\Programme\K-litePro\K-litePro.exe" -tray
            O4 - HKCU\..\Run: [DinerDashSetup.exe] C:\DOKUME~1\KASIA\Desktop\DINERD~1.EXE /r
            O4 - HKCU\..\Run: [swg]
            C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
            O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
            O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
            "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
            O4 - Global Startup: Logitech SetPoint.lnk =
            C:\Programme\Logitech\SetPoint\SetPoint.exe
            O8 - Extra context menu item: &Search -
            edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
            O8 - Extra context menu item: Nach Microsoft &Excel exportieren -
            res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
            C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
            O9 - Extra 'Tools' menuitem: Sun Java Konsole -
            {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
            O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} -
            C:\Programme\Gemeinsame Dateien\moje.js
            O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
            C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
            O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
            C:\WINDOWS\system32\Shdocvw.dll
            O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
            C:\Programme\Messenger\msmsgs.exe
            O9 - Extra 'Tools' menuitem: Windows Messenger -
            {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
            O16 - DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} (GameDesire Solitaires) -
            67.15.101.3/g_bin/pl/solitaire_2_0_0_20.cab
            O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
            Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
            O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) -
            67.15.101.3/g_bin/pl/roulette_2_0_0_17.cab
            O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) -
            67.15.101.3/g_bin/pl/cards_2_0_0_70.cab
            O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) -
            67.15.101.3/g_bin/pl/cardsmakao_2_0_0_21.cab
            O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) -
            67.15.101.3/g_bin/pl/boards_2_0_0_28.cab
            O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) -
            67.15.101.3/g_bin/pl/navy_2_0_0_22.cab
            O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System
            Class) - download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
            O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) -
            67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
            O16 - DPF: {9085316E-42BA-11D4-BAA3-0080C8D7ED4A} (GameDesire JungleHunter) -
            67.15.101.3/g_bin/pl/hunter_2_0_0_19.cab
            O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) -
            67.15.101.3/g_bin/pl/demon_2_0_0_22.cab
            O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) -
            67.15.101.3/g_bin/pl/pirate_2_0_0_22.cab
            O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) -
            67.15.101.3/g_bin/pl/domino_2_0_0_25.cab
            O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire
            Marbles&Diamonds&Runes) - 67.15.101.3/g_bin/pl/marbles_2_0_0_24.cab
            O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) -
            67.15.101.3/g_bin/pl/darts_2_0_0_31.cab
            O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) -
            67.15.101.3/g_bin/pl/breakout_2_0_0_21.cab
            O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
            (MsnMess
            • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 11:23
              O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
              (MsnMessengerSetupDownloadControl Class) -
              messenger.msn.com/download/MsnMessengerSetupDownloader.cab
              O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
              download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
              O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) -
              67.15.101.3/g_bin/pl/words_2_0_0_41.cab
              O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word
              Games) - 67.15.101.3/g_bin/pl/wordssingle_2_0_0_39.cab
              O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) -
              67.15.101.3/g_bin/pl/mahjong_2_0_0_23.cab
              O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) -
              67.15.101.3/g_bin/pl/soccer_2_0_0_10.cab
              O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) -
              67.15.101.3/g_bin/pl/slots80_2_0_0_26.cab
              O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) -
              67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
              O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C3} (GameDesire Pool 14) -
              67.15.101.3/g_bin/pl/billard14_2_0_0_24.cab
              O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) -
              67.15.101.3/g_bin/pl/billardt_2_0_0_24.cab
              O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) -
              67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab
              O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
              C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
              O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
              C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
              O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} -
              C:\Programme\SiteAdvisor\6028\SiteAdv.dll
              O20 - AppInit_DLLs: sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
              sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll sockspy.dll
              sockspy.dll C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL
              O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
              O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
              C:\WINDOWS\system32\WPDShServiceObj.dll
              O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH -
              C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
              O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
              C:\WINDOWS\system32\Ati2evxx.exe
              O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. -
              C:\Acer\Empowering Technology\admServ.exe
              O23 - Service: Boonty Games - BOONTY - C:\Programme\Gemeinsame Dateien\BOONTY
              Shared\Service\Boonty.exe
              O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown
              owner - C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
              O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner -
              C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
              O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program
              Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
              O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. -
              C:\PROGRA~1\GEMEIN~1\McAfee\EmProxy\emproxy.exe
              O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation -
              C:\Programme\Intel\Wireless\Bin\EvtEng.exe
              O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation
              - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
              O23 - Service: iPodService - Apple Computer, Inc. -
              C:\Programme\iPod\bin\iPodService.exe
              O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech -
              c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
              O23 - Service: McAfee HackerWatch Service - McAfee, Inc. -
              C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
              O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
              O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
              O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. -
              c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
              O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
              O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
              O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. -
              c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
              O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
              O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. -
              C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
              O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. -
              C:\Programme\McAfee\MPF\MPFSrv.exe
              O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero
              BackItUp\NBService.exe
              O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame
              Dateien\Ahead\Lib\NMIndexingService.exe
              O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel
              Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
              O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner -
              C:\Programme\CyberLink\Shared Files\RichVideo.exe
              O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) -
              Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f
              "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
              O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel
              Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
              O23 - Service: SiteAdvisor Service - McAfee, Inc. -
              C:\Programme\SiteAdvisor\6028\SAService.exe
              O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division
              Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

              • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 16.03.07, 11:37
                Podaj nazwe zainfekowanego pliku i jego lokalizacje o co prosilem juz wczesniej.

                W menadzerze zadan zakoncz:
                C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe

                W hjt usun:
                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
                search.bearshare.com/sidebar.html?src=ssb
                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
                search.bearshare.com/sidebar.html?src=ssb
                R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
                search.bearshare.com/sidebar.html?src=ssb
                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
                google.bearshare.com/de/
                R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
                search.bearshare.com/sidebar.html?src=ssb
                R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} -
                C:\Programme\MyWebSearch\SrchAstt\b.bin\MWSSRCAS.DLL
                R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A}
                - C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
                R3 - URLSearchHook: (no name) - {9CB65206-89C4-402c-BA80-02D8C59F9B1D} -
                C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
                O2 - BHO: MyWebSearch Search Assistant BHO -
                {00A6FAF1-072E-44cf-8957-5838F569A31D} -
                C:\Programme\MyWebSearch\SrchAstt\b.bin\MWSSRCAS.DLL
                O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
                C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
                O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} -
                C:\Programme\MyWebSearch\bar\b.bin\MWSBAR.DLL
                O2 - BHO: TVEngine Helper - {4B18DD50-C996-44fc-AC52-0FECFF82ED58} -
                c:\programme\hbtools\hbtv\hbtvhelper.dll
                O2 - BHO: Ask Search Assistant BHO - {9CB65201-89C4-402c-BA80-02D8C59F9B1D} -
                C:\Programme\AskTBar\SrchAstt\1.bin\A5SRCHAS.DLL
                O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} -
                C:\PROGRA~1\BEARSH~1\BEARSH~2\MediaBar.dll
                O2 - BHO: Ask Toolbar BHO - {FE063DB1-4EC0-403e-8DD8-394C54984B2C} -
                C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
                O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
                C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll <- katalog Yahoo! usun z dysku.
                O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
                C:\Programme\BearShare applications\BearShare MediaBar\MediaBar.dll
                O3 - Toolbar: Ask Toolbar - {FE063DB9-4EC0-403e-8DD8-394C54984B2C} -
                C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL <- katalog AskTBar usun z dysku.
                O4 - HKLM\..\Run: [My Web Search Bar] rundll32
                C:\PROGRA~1\MYWEBS~1\bar\b.bin\MWSBAR.DLL,S
                O4 - HKLM\..\Run: [MyWebSearch Email Plugin]
                C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe
                O4 - HKLM\..\Run: [HbTools] C:\Programme\HbTools\Bin\4.8.0.0\HbtOEAddOn.exe <- katalog HbTools usun z dysku.
                O4 - HKCU\..\Run: [MyWebSearch Email Plugin]
                C:\PROGRA~1\MYWEBS~1\bar\b.bin\mwsoemon.exe <- katalog MyWeb... usun z dysku.
                O8 - Extra context menu item: &Search -
                edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZCfox000
              • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 11:39
                C:\Programme\HbTools\HBTV\HBTV.exe.
                c:\programme\hbtools\hbtvhelper.dll
                C:\Programme\hbtools\HBTV\HBTV.exe
                C:\Programme\HbTools\HBTV\HBTVHelper.dll
                • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 16.03.07, 11:44
                  To juz Ci podalem do usuniecia, jezeli bedzie problem z kasacja to usun wpisy w hjt i reset, a po resecie kasuj. Albo uzyj killbox z opcja delete on reboot.
                  • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 16.03.07, 13:53
                    C:\Programme\AskTBar\bar\1.bin\ASKTBAR.DLL
                    niestety tego nie da sie usunac
                    • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 16.03.07, 14:00
                      Wszystko sie da! Przeciez napisalem uzyj killbox'a.
                      • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 23.03.07, 12:39
                        Moze mi pan sprawdzic jeszcze raz log?Po skanowaniu wyskakuja mi 2 elementy,jak
                        je usuwam i znowu skanuje to wyskakuja inne.
                        Logfile of HijackThis v1.99.1
                        Scan saved at 12:38:04, on 23.03.2007
                        Platform: Windows XP SP2 (WinNT 5.01.2600)
                        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                        Running processes:
                        C:\WINDOWS\System32\smss.exe
                        C:\WINDOWS\SYSTEM32\winlogon.exe
                        C:\WINDOWS\system32\services.exe
                        C:\WINDOWS\system32\lsass.exe
                        C:\WINDOWS\system32\Ati2evxx.exe
                        C:\WINDOWS\system32\svchost.exe
                        C:\WINDOWS\System32\svchost.exe
                        C:\Programme\Intel\Wireless\Bin\EvtEng.exe
                        C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
                        C:\WINDOWS\system32\spoolsv.exe
                        c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
                        C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
                        C:\Acer\Empowering Technology\admServ.exe
                        C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLCapSvc.exe
                        C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
                        C:\Program Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLService.exe
                        C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
                        C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
                        c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
                        C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
                        C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
                        c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
                        C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
                        C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
                        C:\Programme\McAfee\MPF\MPFSrv.exe
                        C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
                        C:\Programme\CyberLink\Shared Files\RichVideo.exe
                        C:\Programme\SiteAdvisor\6028\SAService.exe
                        C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
                        C:\WINDOWS\system32\svchost.exe
                        C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
                        C:\WINDOWS\System32\svchost.exe
                        C:\WINDOWS\SYSTEM32\Ati2evxx.exe
                        C:\WINDOWS\Explorer.EXE
                        C:\PROGRA~1\mcafee.com\agent\mcagent.exe
                        C:\Acer\Empowering Technology\eRecovery\Monitor.exe
                        C:\WINDOWS\RTHDCPL.EXE
                        C:\Programme\Synaptics\SynTP\SynTPLpr.exe
                        C:\Programme\Synaptics\SynTP\SynTPEnh.exe
                        C:\Program Files\Acer\Acer Arcade\PCMService.exe
                        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
                        C:\Acer\Empowering Technology\eDataSecurity\eDSloader.exe
                        C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
                        C:\WINDOWS\system32\wbem\unsecapp.exe
                        C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
                        C:\WINDOWS\system32\LVCOMSX.EXE
                        C:\Programme\Acer\OrbiCam\CameraAssistant.exe
                        C:\WINDOWS\system32\ElkCtrl.exe
                        C:\Programme\iTunes\iTunesHelper.exe
                        C:\Programme\QuickTime\qttask.exe
                        C:\Programme\iPod\bin\iPodService.exe
                        C:\Programme\Google\Google Desktop Search\GoogleDesktop.exe
                        C:\Programme\SiteAdvisor\6028\SiteAdv.exe
                        C:\Programme\Skype\Phone\Skype.exe
                        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe
                        C:\Programme\Google\Google Desktop Search\GoogleDesktopIndex.exe
                        C:\Programme\Logitech\SetPoint\SetPoint.exe
                        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexStoreSvr.exe
                        C:\Programme\Gemeinsame Dateien\Logitech\KHAL\KHALMNPR.EXE
                        C:\Programme\Google\Google Desktop Search\GoogleDesktopCrawl.exe
                        C:\Programme\Gemeinsame Dateien\Real\Update_OB\RealOneMessageCenter.exe
                        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
                        C:\Programme\ATI Technologies\ATI.ACE\cli.exe
                        C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMIndexingService.exe
                        C:\PROGRA~1\GEMEIN~1\McAfee\EmProxy\emproxy.exe
                        C:\Programme\Mozilla Firefox\firefox.exe
                        C:\PROGRA~1\MICROS~2\OFFICE11\OUTLOOK.EXE
                        C:\PROGRA~1\mcafee\VIRUSS~1\mcvsshld.exe
                        C:\Programme\Gemeinsame Dateien\Real\Update_OB\realsched.exe
                        C:\PROGRA~1\McAfee\MSC\mcshell.exe
                        C:\Dokumente und Einstellungen\KASIA\Desktop\hijackthis.exe

                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
                        www.arcor.de
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
                        www.arcor.de
                        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
                        www.arcor.de
                        R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.arcor.de
                        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Arcor AG & Co. KG
                        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
                        c:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                        O2 - BHO: (no name) - {089FD14D-132B-48FC-8861-0048AE113215} -
                        C:\Programme\SiteAdvisor\6028\SiteAdv.dll
                        O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} -
                        C:\Programme\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
                        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
                        C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
                        O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} -
                        c:\PROGRA~1\mcafee\VIRUSS~1\scriptcl.dll
                        O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} -
                        C:\Programme\Gemeinsame Dateien\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
                        O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
                        c:\programme\google\googletoolbar3.dll
                        O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
                        c:\programme\google\googletoolbar3.dll
                        O3 - Toolbar: McAfee SiteAdvisor - {0BF43445-2F28-4351-9252-17FE6E806AA0} -
                        C:\Programme\SiteAdvisor\6028\SiteAdv.dll
                        O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} -
                        C:\Programme\Alcohol Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
                        O4 - HKLM\..\Run: [LaunchApp] Alaunch
                        O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
                        O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
                        O4 - HKLM\..\Run: [SynTPLpr] C:\Programme\Synaptics\SynTP\SynTPLpr.exe
                        O4 - HKLM\..\Run: [SynTPEnh] C:\Programme\Synaptics\SynTP\SynTPEnh.exe
                        O4 - HKLM\..\Run: [PCMService] "C:\Program Files\Acer\Acer Arcade\PCMService.exe"
                        O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
                        /RemAdvDef /Migration32
                        O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
                        O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
                        /SYNC
                        O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
                        /IMEName
                        O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe"
                        runtime -Delay
                        O4 - HKLM\..\Run: [eDataSecurity Loader] C:\Acer\Empowering
                        Technology\eDataSecurity\eDSloader.exe
                        O4 - HKLM\..\Run: [ePower_DMC] C:\Acer\Empowering Technology\ePower\ePower_DMC.exe
                        O4 - HKLM\..\Run: [Acer ePower Management] C:\Acer\Empowering
                        Technology\ePower\Acer ePower Management.exe boot
                        O4 - HKLM\..\Run: [LManager] C:\PROGRA~1\LAUNCH~1\QtZgAcer.EXE
                        O4 - HKLM\..\Run: [eRecoveryService] C:\Acer\Empowering
                        Technology\eRecovery\Monitor.exe
                        O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE
                        O4 - HKLM\..\Run: [LogitechCameraAssistant]
                        C:\Programme\Acer\OrbiCam\CameraAssistant.exe
                        O4 - HKLM\..\Run: [LogitechVideo[inspector]]
                        C:\Programme\Acer\OrbiCam\InstallHelper.exe /inspect
                        O4 - HKLM\..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe
                        /automation
                        O4 - HKLM\..\Run: [ADMTray.exe] "C:\Acer\Empowering Technology\admtray.exe"
                        O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
                        O4 - HKLM\..\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe
                        O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
                        O4 - HKLM\..\Run: [TkBellExe] "C:\Programme\Gemeinsame
                        Dateien\Real\Update_OB\realsched.exe" -osboot
                        O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
                        O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -atboottime
                        O4 - HKLM\..\Run: [Google Desktop Search] "C:\Programme\Google\Google Desktop
                        Search\GoogleDesktop.exe" /startup
                        O4 - HKLM\..\Run: [SiteAdvisor] C:\Programme\SiteAdvisor\6028\SiteAdv.exe
                        O4 - HKLM\..\Run: [BearFlix] "C:\Programme\BearFlix\BearFlix.exe" /pause
                        O4 - HKLM\..\Run: [NeroFilterCheck] C:\Programme\Gemeinsame
                        Dateien\Ahead\Lib\NeroCheck.exe
                        O4 - HKCU\..\Run:
                        • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 23.03.07, 12:41
                          O4 - HKCU\..\Run: [BitTorrent] "C:\Programme\BitTorrent\bittorrent.exe"
                          --force_start_minimized
                          O4 - HKCU\..\Run: [swg]
                          C:\Programme\Google\GoogleToolbarNotifier\1.0.720.3640\GoogleToolbarNotifier.exe
                          O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
                          O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]
                          "C:\Programme\Gemeinsame Dateien\Ahead\Lib\NMBgMonitor.exe"
                          O4 - Global Startup: Logitech SetPoint.lnk =
                          C:\Programme\Logitech\SetPoint\SetPoint.exe
                          O8 - Extra context menu item: Nach Microsoft &Excel exportieren -
                          res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
                          C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
                          O9 - Extra 'Tools' menuitem: Sun Java Konsole -
                          {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_06\bin\ssv.dll
                          O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} -
                          C:\Programme\Gemeinsame Dateien\moje.js
                          O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
                          C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                          O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
                          C:\WINDOWS\system32\Shdocvw.dll
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
                          C:\Programme\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger -
                          {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
                          O16 - DPF: {112857FE-03FF-11D5-9A3F-0080C8D85044} (GameDesire Solitaires) -
                          67.15.101.3/g_bin/pl/solitaire_2_0_0_20.cab
                          O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
                          Validation Tool) - go.microsoft.com/fwlink/?linkid=39204
                          O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) -
                          67.15.101.3/g_bin/pl/roulette_2_0_0_17.cab
                          O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) -
                          67.15.101.3/g_bin/pl/cards_2_0_0_70.cab
                          O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) -
                          67.15.101.3/g_bin/pl/cardsmakao_2_0_0_21.cab
                          O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) -
                          67.15.101.3/g_bin/pl/boards_2_0_0_28.cab
                          O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) -
                          67.15.101.3/g_bin/pl/navy_2_0_0_22.cab
                          O16 - DPF: {4ED9DDF0-7479-4BBE-9335-5A1EDB1D8A21} (McAfee.com Operating System
                          Class) - download.mcafee.com/molbin/shared/mcinsctl/4,0,0,101/mcinsctl.cab
                          O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) -
                          67.15.101.3/g_bin/pl/poker_2_0_0_39.cab
                          O16 - DPF: {9085316E-42BA-11D4-BAA3-0080C8D7ED4A} (GameDesire JungleHunter) -
                          67.15.101.3/g_bin/pl/hunter_2_0_0_19.cab
                          O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) -
                          67.15.101.3/g_bin/pl/demon_2_0_0_22.cab
                          O16 - DPF: {A1FE3DEF-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Pirate) -
                          67.15.101.3/g_bin/pl/pirate_2_0_0_22.cab
                          O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) -
                          67.15.101.3/g_bin/pl/domino_2_0_0_25.cab
                          O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire
                          Marbles&Diamonds&Runes) - 67.15.101.3/g_bin/pl/marbles_2_0_0_24.cab
                          O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) -
                          67.15.101.3/g_bin/pl/darts_2_0_0_31.cab
                          O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) -
                          67.15.101.3/g_bin/pl/breakout_2_0_0_21.cab
                          O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF}
                          (MsnMessengerSetupDownloadControl Class) -
                          messenger.msn.com/download/MsnMessengerSetupDownloader.cab
                          O16 - DPF: {BCC0FF27-31D9-4614-A68E-C18E1ADA4389} (DwnldGroupMgr Class) -
                          download.mcafee.com/molbin/shared/mcgdmgr/1,0,0,26/mcgdmgr.cab
                          O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) -
                          67.15.101.3/g_bin/pl/words_2_0_0_41.cab
                          O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word
                          Games) - 67.15.101.3/g_bin/pl/wordssingle_2_0_0_39.cab
                          O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) -
                          67.15.101.3/g_bin/pl/mahjong_2_0_0_23.cab
                          O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) -
                          67.15.101.3/g_bin/pl/soccer_2_0_0_10.cab
                          O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) -
                          67.15.101.3/g_bin/pl/slots80_2_0_0_26.cab
                          O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) -
                          67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
                          O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C3} (GameDesire Pool 14) -
                          67.15.101.3/g_bin/pl/billard14_2_0_0_24.cab
                          O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) -
                          67.15.101.3/g_bin/pl/billardt_2_0_0_24.cab
                          O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) -
                          67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab
                          O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} -
                          C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
                          O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} -
                          C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
                          O18 - Protocol: siteadvisor - {3A5DC592-7723-4EAA-9EE6-AF4222BCF879} -
                          C:\Programme\SiteAdvisor\6028\SiteAdv.dll
                          O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
                          O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
                          C:\WINDOWS\system32\WPDShServiceObj.dll
                          O23 - Service: AccSys WiFi Component (accsvc) - AccSys GmbH -
                          C:\Programme\Gemeinsame Dateien\AccSys\accsvc.exe
                          O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
                          C:\WINDOWS\system32\Ati2evxx.exe
                          O23 - Service: AdminWorks Agent X6 (AWService) - Avocent Inc. -
                          C:\Acer\Empowering Technology\admServ.exe
                          O23 - Service: Boonty Games - BOONTY - C:\Programme\Gemeinsame Dateien\BOONTY
                          Shared\Service\Boonty.exe
                          O23 - Service: CyberLink Background Capture Service (CBCS) (CLCapSvc) - Unknown
                          owne
                          • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 23.03.07, 12:44
                            Te elementy to:
                            C:\Recycled\Dc93.dll
                            C:\Recycled\Dc92.exe
                            • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 23.03.07, 12:49
                              Log sie nie zmiescil...

                              Usun katalog Recycled (w razie potrzeby killbox'em).

                              Uzyj tez:
                              wirusy.antivirenkit.pl/en/szczepionki/2.html
                              www.sophos.com/support/disinfection/baglea.html
                              www.f-secure.com/tools/f-bagle.exe
                              • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 23.03.07, 12:52
                                O23 - Service: CyberLink Task Scheduler (CTS) (CLSched) - Unknown owner -
                                C:\Program Files\Acer\Acer Arcade\Kernel\TV\CLSched.exe
                                O23 - Service: CyberLink Media Library Service - Cyberlink - C:\Program
                                Files\Acer\Acer Arcade\Kernel\CLML_NTService\CLMLServer.exe
                                O23 - Service: McAfee E-mail Proxy (Emproxy) - McAfee, Inc. -
                                C:\PROGRA~1\GEMEIN~1\McAfee\EmProxy\emproxy.exe
                                O23 - Service: Intel(R) PROSet/Wireless Event Log (EvtEng) - Intel Corporation -
                                C:\Programme\Intel\Wireless\Bin\EvtEng.exe
                                O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation
                                - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32\IDriverT.exe
                                O23 - Service: iPodService - Apple Computer, Inc. -
                                C:\Programme\iPod\bin\iPodService.exe
                                O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech -
                                c:\programme\gemeinsame dateien\logitech\lvmvfm\LVPrcSrv.exe
                                O23 - Service: McAfee HackerWatch Service - McAfee, Inc. -
                                C:\Programme\Gemeinsame Dateien\McAfee\HackerWatch\HWAPI.exe
                                O23 - Service: McAfee Update Manager (mcmispupdmgr) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\MSC\mcupdmgr.exe
                                O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\MSC\mcmscsvc.exe
                                O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. -
                                c:\programme\gemeinsame dateien\mcafee\mna\mcnasvc.exe
                                O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\VIRUSS~1\mcods.exe
                                O23 - Service: McAfee Protection Manager (mcpromgr) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\MSC\mcpromgr.exe
                                O23 - Service: McAfee Redirector Service (McRedirector) - McAfee, Inc. -
                                c:\PROGRA~1\GEMEIN~1\mcafee\redirsvc\redirsvc.exe
                                O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\VIRUSS~1\mcshield.exe
                                O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. -
                                C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon.exe
                                O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. -
                                C:\Programme\McAfee\MPF\MPFSrv.exe
                                O23 - Service: NBService - Nero AG - C:\Programme\Nero\Nero 7\Nero
                                BackItUp\NBService.exe
                                O23 - Service: NMIndexingService - Nero AG - C:\Programme\Gemeinsame
                                Dateien\Ahead\Lib\NMIndexingService.exe
                                O23 - Service: Intel(R) PROSet/Wireless Registry Service (RegSrvc) - Intel
                                Corporation - C:\Programme\Intel\Wireless\Bin\RegSrvc.exe
                                O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner -
                                C:\Programme\CyberLink\Shared Files\RichVideo.exe
                                O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) -
                                Unknown owner - %ProgramFiles%\WinPcap\rpcapd.exe" -d -f
                                "%ProgramFiles%\WinPcap\rpcapd.ini (file missing)
                                O23 - Service: Intel(R) PROSet/Wireless Service (S24EventMonitor) - Intel
                                Corporation - C:\Programme\Intel\Wireless\Bin\S24EvMon.exe
                                O23 - Service: SiteAdvisor Service - McAfee, Inc. -
                                C:\Programme\SiteAdvisor\6028\SAService.exe
                                O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division
                                Software - C:\Programme\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

                                • Gość: lambda100 Re: Generic PUP.g". IP: *.pools.arcor-ip.net 23.03.07, 12:58
                                  Usun katalog Recycled
                                  Czyli mam usunac wszystkie elementy ktore zawieraja nazwe Recycled?
                                  • Gość: Kolobos Re: Generic PUP.g". IP: *.escom.net.pl 23.03.07, 15:56
                                    Masz usunac C:\Recycled\
    Inne wątki na temat:

    Najnowsze z forum Wirusy, trojany, spyware

    Nie masz jeszcze konta? Zarejestruj się

    Nakarm Pajacyka
    Osoby zamieszczające wypowiedzi naruszające prawo lub prawem chronione dobra osób trzecich mogą ponieść z tego tytułu odpowiedzialność karną lub cywilną. Regulamin
    Treści z serwisów internetowych Grupy Wyborcza.pl oraz serwisu tokfm.pl prezentujemy w ramach komercyjnej współpracy z ich wydawcami: Wyborcza sp. z o.o. oraz Grupą Radiową Agory sp. z o.o.