mazāku kapitāla

Magazine
Go Back   Computer Sulas > Computer Software > Vīrusu, spiegprogrammatūru un drošība
Reload this Page

Savienojuma problēmu novēršana

Reģistrēties Site Spy Member List Ziedot Meklēt Today's Posts Mark Forums Read Foruma Noteikumi

Register


 Default 

Savienojuma problēmu novēršana




Reply
 
Thread Tools
  #1  
Old 5 novembris 2008, 12:37
Loceklis
  
Čau,
i bija teicis, lai pēc nolaupīt ar serverguy šo logfile no šī post:
http://www.computer-juice.com/forums...998/ # post90830

Te tā ir:
Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 19:36:22, uz 05/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer versija!
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Windows \ Explorer.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ PeerGuardian2 \ pg2.exe
C: \ Program Files \ POP lūrētājs \ POPPeeper.exe
C: \ Program Files \ uTorrent \ utorrent.exe
C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe
C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ filehippo.com \ UpdateChecker.exe
C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
C: \ WINDOWS \ system32 \ sistray.exe
C: \ Program Files \ CalcFire \ CalcFire.exe
C: \ Program Files \ FreshIP \ FreshIP.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Sniper.exe

R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = *. vietējo
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Noklikšķiniet, lai zvanītu BHO - (5C255C8A-E604-49b4-9D64-90988571CECB) - C: \ Program Files \ Windows Live \ Messenger \ wlchtc.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ ti \ jqs_plugin.dll
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [egui] "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" / paslēpt / waitservice
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [PeerGuardian] C: \ Program Files \ PeerGuardian2 \ pg2.exe
O4 - HKCU \ .. \ Run: [POP lūrētājs] "C: \ Program Files \ POP lūrētājs \ POPPeeper.exe"-min
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [uTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [labo] "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKCU \ .. \ Run: [filehippo.com] "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" / background
O4 - HKCU \ .. \ Run: [AnyDVD] C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_3] rundll32 advpack.dll, LaunchINFSectionEx nLite.inf, C, 4, N (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User "SISTĒMA")
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'Default user')
O4 - Startup: CalcFire.lnk = C: \ Program Files \ CalcFire \ CalcFire.exe
O4 - Startup: FreshIP.lnk = C: \ Program Files \ FreshIP \ FreshIP.exe
O4 - Global Startup: Utility Tray.lnk = C: \ WINDOWS \ system32 \ sistray.exe
O6 - HKLM \ Software \ Policies \ Microsoft \ Internet Explorer \ ierobežojumi šajā
O6 - HKLM \ Software \ Policies \ Microsoft \ Internet Explorer \ ierobežojumi šajā
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 1 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 1 \ Office11 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: lxcf_device - - C: \ WINDOWS \ system32 \ lxcfcoms.exe

--
End of failu - 5.869 bytes
  #2  
Old 5 novembris 2008, 15:27
Moderator Group
  
Lejupielādēt Malwarebytes "Anti-Malware (MBAM)
  • Veiciet dubultklikšķi uz mbam-setup.exe un sekojiet norādījumiem, lai instalētu programmu.
  • Gada beigās, pārliecinieties atzīmes atrodas blakus šādi:
    • Update Malwarebytes "Anti-Malware
    • Launch Malwarebytes "Anti-Malware
  • Pēc tam noklikšķiniet uz Apdare.
  • Ja atjaunināšana ir atrasts, tas lejupielādētu un instalētu jaunāko versiju.
  • Kad programma ir piekrauts, izvēlieties Veikt quick scan, Tad noklikšķiniet uz Scan.
  • Kad skenēšana ir pabeigta, noklikšķiniet uz OK, Tad Parādīt rezultātus apskatīt rezultātus.
  • Pārliecinieties, ka viss ir pārbaudīts, un noklikšķiniet uz Noņemt atlasīto.
  • Kad dezinfekcija ir pabeigta, log atvērsies Notepad un jums var tikt piedāvāts restartēt. (Skatīt Extra piezīmi)
  • Log tiek automātiski saglabāts ar MBAM un to var apskatīt, noklikšķinot Baļķi cilnē MBAM.
  • Kopēt un ielīmēt visu ziņojumu savā nākamajā atbildi.

Extra Piezīme: Ja MBAM sastopas failu, kas ir grūta, Jums tiks parādīts 1 of 2 uzvednes, noklikšķiniet uz Labi, lai nu un ļaujiet MBAM rīkoties ar dezinfekcijas procesu, ja prasīts restartēt datoru, lūdzu, dariet to nekavējoties.
__________________
  #3  
Old 6 novembris 2008, 01:01
Loceklis
  
Malwarebytes "Anti-Malware 1,30
Database version: 1.368
Windows 5.1.2600 Service Pack 2

06/11/2008 07:44:27
mbam-log-2008-11-06 (07-44-27). txt

Scan type: Quick Scan
Objekti skenēts: 43.086
Laiks pagājis kopš: 3 minūte (s), 25 second (s)

Memory Processes Inficētie: 0
Memory Modules Inficētie: 0
Registry Keys Inficētie: 0
Reģistra vērtības Inficētie: 0
Registry Data Items Infected: 3
Mapes Inficētie: 0
Faili Inficētie: 1

Atmiņas procesi Inficētie:
(No ļaunprātīgs preces konstatētas)

Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Keys Inficētie:
(No ļaunprātīgs preces konstatētas)

Reģistra vērtības Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Data Items Infected:
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ Start_ShowSearch (Hijack.StartMenu) -> Bad: (0) Laba: (1) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ Start_ShowHelp (Hijack.StartMenu) -> Bad: (0) Laba: (1) -> Karantīnā ievietotie un svītrots veiksmīgi.
HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Explorer \ Advanced \ StartMenuLogOff (Hijack.StartMenu) -> Bad: (1) Labs: (0) -> Karantīnā ievietotie un svītrots veiksmīgi.

Mapes Inficētie:
(No ļaunprātīgs preces konstatētas)

Faili Inficētie:
C: \ WINDOWS \ run32.sys (Trojan.Agent) -> Karantīnā ievietotie un svītrots veiksmīgi.
  #4  
Old 6 novembris 2008, 09:35
Moderator Group
  
Download ComboFix by subs no vienas no saitēm. Pārliecinieties top saglabājiet to Desktop.

Link # 1
Link # 2

** Piezīme: Ir svarīgi, ka tā ir saglabāta tieši jūsu Desktop

Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt ComboFix.

Laiku sakropļot jūsu antivīruss, Un jebkuru antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību.

Dubultklikšķi combofix.exe un sekojiet norādījumiem.

Windows XP Systems instalēt Recovery Console:

- Ja lietojat Windows XP un nav jau Recovery Console uzstādītas, lūdzu, pārliecinieties, jūsu interneta savienojums ir aktīvs (ja iespējams) un noklikšķiniet uz .
- Ja kaut kādu iemeslu dēļ interneta nedarbojas klikšķi .
-- Ja nelietojat Windows XP, jums netiks piedāvāts.
- Kad mudināts piekrist EULA klikšķi OK.
- Pieņemt Microsoft EULA (Click ).
- Ja Jums ir teikts, ka RC ir uzstādīts pareizi klikšķi turpināt meklētu ļaunprātīgu programmatūru.

Kad pabeigts ComboFix ražos log for you.
Post ComboFix log un jaunu HijackThis log Jūsu nākamo atbildi.

Svarīgi: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies.

Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.
__________________
  #5  
Old 6 novembris 2008, 10:56
Loceklis
  
ComboFix 08-11-05.02 - Administrator 2008-11-06 17:52:06.2 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.2.1252.1.1033.18.607 [GMT 0:00]
Sākot no: c: \ Documents and Settings \ Administrator \ Desktop \ ComboFix.exe
.

((((((((((((((((((((((((( Faili Created no 2008/10/06 līdz 2008/11/06 ))))))))))) ))))))))))))))))))))
.

2008/11/06 07:59. 2008/11/06 07:59 236 - ------ C: \ sqmdata02.sqm
2008/11/06 07:59. 2008/11/06 07:59 200 - ------ C: \ sqmnoopt02.sqm
2008/11/06 07:39. 2008/11/06 07:39 236 - ------ C: \ sqmdata01.sqm
2008/11/06 07:39. 2008/11/06 07:39 200 - ------ C: \ sqmnoopt01.sqm
2008/11/05 22:36. 2008/11/05 22:36 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes
2008/11/05 22:35. 2008/11/05 22:35 <DIR> d -------- C: \ Program Files \ Malwarebytes "Anti-Malware
2008/11/05 22:35. 2008/11/05 22:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes
2008/11/05 22:35. 2008/10/22 16:10 38.496 - ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2008/11/05 22:35. 2008/10/22 16:10 15.504 - ------ c: \ windows \ system32 \ drivers \ mbam.sys
2008/11/05 19:35. 2008/11/05 19:35 <DIR> d -------- C: \ Program Files \ Trend Micro
2008/11/04 22:07. 2008/11/04 22:07 <DIR> d -------- C: \ Program Files \ Cabos
2008/11/04 22:07. 2008/11/04 22:07 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Shared
2008/11/04 22:07. 2008/11/04 22:09 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Cabos
2008/11/04 17:50. 2008/11/04 17:50 <DIR> d -------- C: \ CloneDVDTemp
2008/11/04 17:49. 2008/11/04 17:49 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Izstrādāt Bytes
2008/11/04 17:37. 2008/11/04 17:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ SlySoft
2008/11/04 17:33. 2008/11/04 17:33 <DIR> d -------- C: \ Program Files \ Izstrādāt Bytes
2008/11/04 17:31. 2008/11/04 17:31 <DIR> d -------- C: \ Program Files \ SlySoft
2008/11/03 17:05. 2008/11/03 17:05 2.560 - ------ c: \ windows \ _MSRSTRT.EXE
2008/11/03 17:05. 2008/11/03 17:05 236 - ------ C: \ sqmdata00.sqm
2008/11/03 17:05. 2008/11/03 17:05 200 - ------ C: \ sqmnoopt00.sqm
2008/11/03 17:04. 2008/11/03 17:05 <DIR> d -------- C: \ Program Files \ Jūsu atinstalētājs 2.008
2008/11/03 17:04. 2008/11/03 17:05 <DIR> da ------ c: \ Documents and Settings \ All Users \ Application Data \ TEMP
2008/11/03 17:04. 2008/11/03 17:04 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ URSoft
2008/11/03 17:01. 2008/11/03 17:09 158 - ------ c: \ windows \ nurtab.bat
2008/11/03 07:53. 2008/11/03 07:53 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ ImgBurn
2008/11/03 07:50. 2008/11/03 07:50 0 --------- c: \ windows \ WB.ini
2008/11/02 13:19. 2008/11/02 13:36 64 - ------ c: \ windows \ prio.ini
2008/11/01 22:23. 2008/11/01 22:23 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ vlc
2008/11/01 18:49. 2008/11/01 18:49 410.976 - ------ c: \ windows \ system32 \ deploytk.dll
2008/11/01 11:04. 2008/11/06 07:46 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Tracing
2008/11/01 11:00. 2008/11/01 11:03 <DIR> d -------- C: \ Program Files \ Mozilla Firefox 3,1 Beta 1
2008/11/01 10:59. 2008/11/01 10:59 <DIR> d -------- C: \ Program Files \ Microsoft
2008/11/01 10:57. 2008/11/01 10:58 <DIR> d -------- C: \ Program Files \ Windows Live
2008/11/01 10:54. 2008/11/01 10:54 <DIR> d -------- C: \ Program Files \ filehippo.com
2008/11/01 10:51. 2008/11/01 10:51 <DIR> d -------- C: \ Program Files \ Common Files \ Windows Live
2008/10/31 13:40. 2008/11/04 21:34 <DIR> d -------- C: \ Program Files \ DupeEliminator
2008/10/31 10:32. 2008/10/31 10:32 <DIR> d -------- C: \ Program Files \ Foxit Software
2008/10/30 23:21. 2008/10/30 23:21 <DIR> d -------- C: \ Windows \ Sun
2008/10/30 22:55. 2008/10/30 23:00 <DIR> d -------- C: \ Program Files \ Free Music Zilla
2008/10/30 22:55. 2008/10/30 22:59 <DIR> d -------- C: \ downloads
2008/10/30 22:55. 2008/10/30 22:55 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ FMZilla
2008/10/30 22:38. 2008/10/31 22:55 <DIR> d -------- C: \ DVDVideoSoft
2008/10/30 21:03. 2008/10/30 21:03 <DIR> d -------- C: \ Program Files \ Belkin
2008/10/30 21:03. 2005/10/03 09:49 204.800 - ------ c: \ windows \ system32 \ UploadDLL.dll
2008/10/30 21:03. 2005/11/20 04:31 192.512 - ------ c: \ windows \ system32 \ blkwcd.dll
2008/10/30 21:03. 2005/10/03 09:50 167.936 - ------ c: \ windows \ system32 \ BelkinwcuiDLL.dll
2008/10/30 21:03. 2005/10/03 09:50 101.888 - ------ c: \ windows \ system32 \ CrashRpt.dll
2008/10/30 21:03. 2005/10/03 09:49 81.920 - ------ c: \ windows \ system32 \ brdcm2k.dll
2008/10/30 21:03. 2005/10/03 09:49 61.440 - ------ c: \ windows \ system32 \ BelkinHWStatus.dll
2008/10/30 21:03. 2004/10/29 12:09 53.248 - ------ c: \ windows \ system32 \ preflib.dll
2008/10/30 20:23. 2008/10/30 20:23 20.747 - ------ c: \ windows \ system32 \ drivers \ AegisP.sys
2008/10/30 20:23. 2003/07/24 12:10 17.149 - ------ c: \ windows \ system32 \ DNINDIS5.SYS
2008/10/30 20:21. 2008/10/30 20:21 <DIR> d -------- C: \ Program Files \ DVDVideoSoft
2008/10/30 20:21. 2008/10/30 20:22 <DIR> d -------- C: \ Program Files \ Common Files \ DVDVideoSoft
2008/10/30 20:21. 2002/01/05 14:37 344.064 - ------ c: \ windows \ system32 \ msvcr70.dll
2008/10/30 11:23. 2008/10/30 11:23 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ vsosdk
2008/10/30 09:53. 2008/11/02 16:08 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ vso
2008/10/30 09:53. 2008/10/30 09:53 47.360 - ------ c: \ windows \ system32 \ drivers \ pcouffin.sys
2008/10/30 09:53. 2008/10/30 09:53 47.360 - ------ c: \ Documents and Settings \ Administrator \ Application Data \ pcouffin.sys
2008/10/30 09:52. 2008/10/30 09:52 <DIR> d -------- C: \ Program Files \ VSO
2008/10/30 09:52. 2004/05/04 12:53 1.645.320 - ------ c: \ windows \ gdiplus.dll
2008/10/30 09:52. 2006/05/20 17:16 1.184.984 - ------ c: \ windows \ system32 \ wvc1dmod.dll
2008/10/30 09:52. 2006/05/11 20:21 626.688 - ------ c: \ windows \ system32 \ vp7vfw.dll
2008/10/30 09:52. 2006/09/29 13:24 217.127 - ------ c: \ windows \ system32 \ drv43260.dll
2008/10/30 09:52. 2006/09/29 13:25 208.935 - ------ c: \ windows \ system32 \ drv33260.dll
2008/10/30 09:52. 2006/09/29 13:26 176.165 - ------ c: \ windows \ system32 \ drv23260.dll
2008/10/30 09:52. 2007/03/18 21:37 65.602 - ------ c: \ windows \ system32 \ cook3260.dll
2008/10/29 14:11. 2008/10/29 15:48 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ dvdcss
2008/10/29 13:17. 2008/10/29 13:17 376 - ------ c: \ windows \ ODBC.INI
2008/10/29 13:16. 2003/06/18 17:31 17.920 - ------ c: \ windows \ system32 \ mdimon.dll
2008/10/29 13:13. 2008/10/29 13:13 <DIR> d -------- C: \ Program Files \ Microsoft ActiveSync
2008/10/29 13:10. 2008/10/29 13:10 <DIR> d -------- C: \ Windows \ SHELLNEW
2008/10/29 13:10. 2008/10/29 13:10 <DIR> d -------- C: \ Program Files \ Microsoft.NET
2008/10/29 13:08. 2008/10/29 13:08 <DIR> dr-h ----- C: \ MSOCache
2008/10/29 11:53. 2008/10/29 11:53 12.670 - ------ c: \ windows \ system32 \ LexFiles.ulf
2008/10/29 11:52. 2008/10/30 09:38 <DIR> d -------- C: \ temp \ (9F5FBC24-EFE2-4f90-B498-EC0FB7D47D15)
2008/10/29 11:52. 2008/10/29 11:53 <DIR> d -------- C: \ Program Files \ Lexmark 730 Series
2008/10/29 11:17. 2008/10/31 13:03 <DIR> d -------- C: \ Program Files \ stāvbremzi
2008/10/29 09:27. 2008/10/29 09:27 <DIR> d -------- C: \ Program Files \ FreshIP
2008/10/29 09:27. 2008/10/29 09:27 <DIR> d -------- C: \ Program Files \ ežektoru
2008/10/29 09:27. 2008/10/29 09:27 <DIR> d -------- C: \ Program Files \ CalcFire
2008/10/29 09:26. 2008/10/29 09:26 <DIR> d -------- C: \ Windows \ SIS
2008/10/29 09:26. 2008/10/29 09:26 <DIR> d -------- C: \ Program Files \ sisagp
2008/10/29 09:26. 2008/10/29 09:26 <DIR> d -------- C: \ Program Files \ SiS VGA Utilities V3.81
2008/10/29 09:26. 2008/10/30 21:03 <DIR> d - h ----- C: \ Program Files \ InstallShield Installation Information
2008/10/29 09:26. 2008/10/30 21:03 <DIR> d -------- C: \ Program Files \ Common Files \ InstallShield
2008/10/29 09:26. 2007/06/25 16:45 262.144 - ------ c: \ windows \ system32 \ sistray.exe
2008/10/29 09:26. 2006/04/12 19:35 208.896 - ------ c: \ windows \ Progress.exe
2008/10/29 09:26. 2007/06/25 16:44 135.168 --------- c: \ windows \ system32 \ SiSApCom.dll
2008/10/29 09:26. 2007/06/25 16:46 110.592 --------- c: \ windows \ system32 \ TVMode.dll
2008/10/29 09:26. 2007/06/29 21:04 92.761 - ------ c: \ windows \ VGAsetup.ini
2008/10/29 09:26. 2008/10/29 09:26 78.664 - ------ c: \ windows \ system32 \ VGAunistlog.ini
2008/10/29 09:26. 2007/06/25 16:46 65.536 --------- c: \ windows \ system32 \ SiSHook.dll
2008/10/29 09:25. 2007/06/25 16:46 9.728 - ------ c: \ windows \ system32 \ SiSPIns2.dll
2008/10/28 20:06. 2004/08/03 22:58 5.504 - ------ c: \ windows \ system32 \ drivers \ MSTEE.sys
2008/10/28 20:05. 2004/08/03 23:10 85.376 - ------ c: \ windows \ system32 \ drivers \ NABTSFEC.sys
2008/10/28 20:05. 2004/08/03 23:10 19.328 - ------ c: \ windows \ system32 \ drivers \ WSTCODEC.SYS
2008/10/28 20:05. 2004/08/03 23:10 17.024 - ------ c: \ windows \ system32 \ drivers \ CCDECODE.sys
2008/10/28 20:05. 2004/08/04 00:56 16.384 - ------ c: \ windows \ system32 \ ipsink.ax
2008/10/28 20:05. 2004/08/03 23:10 15.360 - ------ c: \ windows \ system32 \ drivers \ StreamIP.sys
2008/10/28 20:05. 2004/08/03 23:10 11.136 - ------ c: \ windows \ system32 \ drivers \ SLIP.sys
2008/10/28 20:05. 2004/08/03 23:10 10.880 - ------ c: \ windows \ system32 \ drivers \ NdisIP.sys
2008/10/28 19:49. 2008/10/28 19:49 <DIR> d -------- C: \ Documents and Settings \ Administrator \ WINDOWS
2008/10/28 19:49. 1998/01/23 12:22 304.128 - ------ c: \ windows \ IsUninst.exe
2008/10/28 19:49. 2002/08/20 14:58 139.264 - ------ c: \ windows \ system32 \ IDEproperty.dll
2008/10/28 19:49. 2002/10/17 15:14 49.024 - ------ c: \ windows \ system32 \ drivers \ sisidex.sys
2008/10/28 19:49. 2002/08/20 17:19 9.472 - ------ c: \ windows \ system32 \ drivers \ sisperf.sys
2008/10/28 19:49. 2003/03/25 17:50 4.096 - ------ c: \ windows \ system32 \ drivers \ siside.sys
2008/10/28 18:36. 2008/10/28 18:36 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Media Player Classic
2008/10/28 18:19. 2008/10/28 18:49 <DIR> d -------- C: \ Windows \ system32 \ Adobe
2008/10/28 18:19. 2008/08/06 15:27 499.712 - ------ c: \ windows \ system32 \ msvcp71.dll
2008/10/28 18:10. 2008/10/28 18:10 822 - ------ c: \ windows \ langorig.ini
2008/10/28 17:58. 2008/03/03 14:25 5.702 - ah ----- c: \ windows \ nod32restoretemdono.reg
2008/10/28 17:58. 2008/03/03 18:21 568 - ah ----- c: \ windows \ nod32fixtemdono.reg
2008/10/28 17:57. 2008/10/28 17:57 <DIR> d -------- C: \ Program Files \ ESET
2008/10/28 17:57. 2008/10/28 17:57 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ ESET
2008/10/28 17:49. 2008/10/28 17:49 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Kontakti
2008/10/28 17:07. 2008/10/28 17:07 <DIR> d -------- C: \ Program Files \ POP lūrētājs
2008/10/28 17:07. 2008/11/04 20:22 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ POP lūrētājs
2008/10/28 17:02. 2008/10/28 17:02 <DIR> d -------- C: \ Documents and Settings \ Administrator \ dwhelper
2008/10/28 17:01. 2008/10/28 17:01 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Apple Computer
2008/10/28 17:01. 2008/04/17 13:12 107.368 - ------ c: \ windows \ system32 \ GEARAspi.dll
2008/10/28 17:01. 2008/04/17 13:12 15.464 - ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys
2008/10/28 17:00. 2008/10/28 17:00 <DIR> d -------- C: \ Program Files \ QuickTime

.
(((((((((((((((((((((((((((((((((((((((( Find3M Ziņojums )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2008/10/28 15:52 --------- d ----- wc: \ Program Files \ Opera
2008/10/23 15:07 99.904 ---- aw c: \ windows \ system32 \ drivers \ AnyDVD.sys
2008/09/09 00:03 51.712 ---- aw c: \ windows \ system32 \ sirenacm.dll
2008/08/29 10:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe
2008/08/29 09:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll
2007/07/31 12:00 34.048 ---- ar c: \ Program Files \ Mozilla Firefox \ plugins \ upd62i9x.dll
2007/07/31 12:00 45.056 ---- ar c: \ Program Files \ Mozilla Firefox \ plugins \ upd62int.dll
2007/07/31 12:00 34.048 ---- ar c: \ Program Files \ Opera \ program \ plugins \ upd62i9x.dll
2007/07/31 12:00 45.056 ---- ar c: \ Program Files \ Opera \ program \ plugins \ upd62int.dll
.

------- Sigcheck -------

2007/07/31 12:00 360.576 c7be59b07c6eb74bea6fd67c1b164015 c: \ windows \ system32 \ drivers \ Tcpip.sys
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti
REGEDIT4

[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"PeerGuardian" = "C: \ Program Files \ PeerGuardian2 \ pg2.exe" [2007/01/30 1.432.064]
"POP lūrētājs" = "C: \ Program Files \ POP lūrētājs \ POPPeeper.exe" [2008/07/18 1.437.696]
"μTorrent" = "C: \ Program Files \ uTorrent \ utorrent.exe" [2008/10/28 270.128]
"uTorrent" = "C: \ Program Files \ uTorrent \ utorrent.exe" [2008/10/28 270.128]
"msnmsgr" = "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" [2008/09/09 3.513.344]
"Google Update" = "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" [2008/11/01 133.104]
"filehippo.com" = "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" [2008/10/22 147.968]
"AnyDVD" = "C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe" [2008/11/04 2.259.904]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ QTTask.exe" [2008/09/06 413.696]
"iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008/10/01 289.576]
"egui" = "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" [2008/02/20 1.443.072]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2008/11/01 136.600]
"SiSPower" = "SiSPower.dll" [2007/06/25 c: \ windows \ system32 \ SiSPower.dll]

[HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ RunOnce]
"nltide_2" = "shell32" [X]
"nltide_3" = "advpack.dll" [2007/07/31 c: \ windows \ system32 \ advpack.dll]

c: \ Documents and Settings \ Administrator \ Start Menu \ Programs \ Startup \
CalcFire.lnk - c: \ Program Files \ CalcFire \ CalcFire.exe [2008/09/04 283.529]
FreshIP.lnk - c: \ Program Files \ FreshIP \ FreshIP.exe [2008/09/15 232.891]

c: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \
Utility Tray.lnk - c: \ windows \ system32 \ sistray.exe [2008/10/29 262.144]

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Policies \ Explorer]
"MemCheckBoxInRunDlg" = 1 (0x1)
"StartMenuFavorites" = 0 (0x0)
"Start_ShowMyComputer" = 1 (0x1)
"Start_ShowMyDocs" = 1 (0x1)
"Start_ShowMyMusic" = 0 (0x0)
"Start_ShowRun" = 1 (0x1)
"Start_ShowSearch" = 0 (0x0)

[HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Policies \ Explorer]
"NoSMHelp" = 1 (0x1)
"ForceClassicControlPanel" = 1 (0x1)
"NoResolveTrack" = 1 (0x1)
"NoResolveSearch" = 1 (0x1)
"NoSMMyPictures" = 1 (0x1)
"NoSMConfigurePrograms" = 1 (0x1)
"MemCheckBoxInRunDlg" = 1 (0x1)

[HKEY_USERS \. Default \ Software \ Microsoft \ Windows \ cur rentversion \ Policies \ Explorer]
"NoInternetIcon" = 1 (0x1)
"NoSMHelp" = 1 (0x1)
"ForceClassicControlPanel" = 1 (0x1)
"NoResolveTrack" = 1 (0x1)
"NoResolveSearch" = 1 (0x1)
"NoSMMyPictures" = 1 (0x1)
"NoSMConfigurePrograms" = 1 (0x1)
"MemCheckBoxInRunDlg" = 1 (0x1)

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ paziņot \ WBSrv]
2008/09/16 08:44 174.328 c: \ Program Files \ Stardock \ Object Desktop \ WindowBlinds \ WbSrv.dll

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = wbsys.dll

[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ securityproviders]
SecurityProviders schannel.dll, digest.dll

[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security center]
"UpdatesDisableNotify" = DWORD: 00000001
"AntiVirusDisableNotify" = DWORD: 00000001
"AntiVirusOverride" = DWORD: 00000001
"FirewallOverride" = DWORD: 00000001

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"% windir% \ \ system32 \ \ sessmgr.exe" =
"% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"C: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" =
"C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" =
"C: \ \ Program Files \ \ uTorrent \ \ utorrent.exe" =
"C: \ \ Program Files \ \ Free Music Zilla \ \ FMZilla.exe" =
"C: \ \ Program Files \ \ Windows Live \ \ Messenger \ \ wlcsdk.exe" =
"C: \ \ Program Files \ \ Windows Live \ \ Messenger \ \ msnmsgr.exe" =
"c: \ \ WINDOWS \ \ system32 \ \ java.exe" =

[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ IcmpSettings]
"AllowInboundEchoRequest" = 1 (0x1)

R1 epfwtdir; epfwtdir c: \ windows \ system32 \ drivers \ epfw tdir.sys [2008/02/20 33.800]
R1 lusbaudio; Logitech USB Microphone; c: \ windows \ system32 \ drivers \ OVSound2.sy s [2001/08/17 25.216]
R2 JavaQuickStarterService; Java Quick Versija: c: \ Program Files \ Java \ jre6 \ bin \ jqs.exe [2008/11/01 152.984]
R3 QCEmerald; Logitech QuickCam Web c: \ windows \ system32 \ drivers \ OVCE.sys [2001/08/17 31.872]
S2 NOD32FiXTemDono; Eset Nod32 Boot c: \ windows \ system32 \ Regedt32.exe [2007/07/31 3.584]
S3 DNINDIS5; DNINDIS5 NDIS protokola Driver; c: \ PROGRA ~ 1 \ Belkin \ BELKIN ~ 1.11G \ DNINDIS5.SY S [2003/07/24 17.149]

NETSVCS JĀNOSAKA REMONTDARBI - pašreizējais norādēm
6to4
AppMgmt
AudioSrv
Browser
Cryptsvc
DMServer
DHCP
EventSystem
FastUserSwitchingCompatibility
HidServ
SGS
Iprip
Irmon
LanmanServer
LanmanWorkstation
Netman
NLA
Ntmssvc
NWCWorkstation
Nwsapagent
Rasauto
Rasman
Remoteaccess
Grafiks
Seclogon
SENS
Sharedaccess
SRService
Tapisrv
Tēmas
TrkWks
W32Time
WZCSVC
WMI
WmdmPmSp
winmgmt
xmlprov
ShellHWDetection

HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Svchost - NetSvcs


* Jaunizveidoto Service * - CATCHME
* Jaunizveidoto Service * - PROCEXP90
.
Saturs "Scheduled Tasks" mape

2008/11/03 c: \ windows \ Uzdevumi \ AppleSoftwareUpdate.job
- C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008/07/30 12:34]

2008/11/06 c: \ windows \ Uzdevumi \ GoogleUpdateTaskUser.job
- C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe [2008/11/01 10:54]
.
.
------- Papildu Scan -------
.
FireFox -: Profile - c: \ Documents and Settings \ Administrator \ Application Data \ Mozilla \ Firefox \ Profiles \ p2eog6ij.default \
FireFox -: prefs.js - STARTUP.HOMEPAGE - hxxp: / / www.google.com/
FF -: Plugin - c: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ 1.2.131.25 \ npGoogleOneClick6.dl l
FF -: Plugin - c: \ Program Files \ iTunes \ Mozilla Plugins \ npitunes.dll
FF -: Plugin - c: \ Program Files \ Java \ jre6 \ bin \ new_plugin \ npdeploytk.dll
FF -: Plugin - c: \ Program Files \ Java \ jre6 \ bin \ new_plugin \ npjp2.dll
FF -: Plugin - c: \ Program Files \ K-Lite Codec Pack \ Real \ pārlūku \ plugins \ nppl3260.dll
FF -: Plugin - c: \ Program Files \ K-Lite Codec Pack \ Real \ pārlūku \ plugins \ nprpjplug.dll
.

************************************************** ************************

catchme 0.3.1367 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net
Rootkit scan 2008/11/06 17:53:46
Windows 5.1.2600 Service Pack 2 NTFS

skenēšana slēptās procesi ...

skenēšana slēptās palaišana ieraksti ...

skenēšana slēptos failus ...

scan sekmīgi pabeigta
slēptos failus: 0

************************************************** ************************
.
Pabeigšanas laiks: 2008/11/06 17:55:07
ComboFix-karantīnā-files.txt 2008/11/06 17:54:43
ComboFix2.txt 2008/11/06 17:44:22

Pre-Run: 71168983040 bytes free
Post-Run: 71160324096 bytes free

306
  #6  
Old 6 novembris 2008, 10:56
Loceklis
  
Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 17:56:55, uz 06/11/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer versija!
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ POP lūrētājs \ POPPeeper.exe
C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe
C: \ Program Files \ filehippo.com \ UpdateChecker.exe
C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ iTunes \ iTunes.exe
C: \ WINDOWS \ explorer.exe
C: \ Program Files \ Mozilla Firefox \ firefox.exe
C: \ Program Files \ Trend Micro \ HijackThis \ Sniper.exe

R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = *. vietējo
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName =
O2 - BHO: Noklikšķiniet, lai zvanītu BHO - (5C255C8A-E604-49b4-9D64-90988571CECB) - C: \ Program Files \ Windows Live \ Messenger \ wlchtc.dll
O2 - BHO: Java (tm) Plug-In SSV Helper - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre6 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Java (tm) Plug-In 2 SSV Helper - (DBC80044-A445-435b-BC74-9C25C1C588A9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - (E7E6F031-17CE-4C07-BC86-EABFE594F69C) - C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ ti \ jqs_plugin.dll
O4 - HKLM \ .. \ Run: [SiSPower] Rundll32.exe SiSPower.dll, ModeAgent
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [egui] "C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ egui.exe" / paslēpt / waitservice
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [PeerGuardian] C: \ Program Files \ PeerGuardian2 \ pg2.exe
O4 - HKCU \ .. \ Run: [POP lūrētājs] "C: \ Program Files \ POP lūrētājs \ POPPeeper.exe"-min
O4 - HKCU \ .. \ Run: [μTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [uTorrent] "C: \ Program Files \ uTorrent \ utorrent.exe"
O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background
O4 - HKCU \ .. \ Run: [labo] "C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Google \ Update \ GoogleUpdate.exe" / c
O4 - HKCU \ .. \ Run: [filehippo.com] "C: \ Program Files \ filehippo.com \ UpdateChecker.exe" / background
O4 - HKCU \ .. \ Run: [AnyDVD] C: \ Program Files \ SlySoft \ AnyDVD \ AnyDVDtray.exe
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-19 \ .. \ RunOnce: [nltide_3] rundll32 advpack.dll, LaunchINFSectionEx nLite.inf, C, 4, N (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User "SISTĒMA")
O4 - HKUS \. DEFAULT \ .. \ RunOnce: [nltide_2] regsvr32 / s / n / i: U shell32 (User 'Default user')
O4 - Startup: CalcFire.lnk = C: \ Program Files \ CalcFire \ CalcFire.exe
O4 - Startup: FreshIP.lnk = C: \ Program Files \ FreshIP \ FreshIP.exe
O4 - Global Startup: Utility Tray.lnk = C: \ WINDOWS \ system32 \ sistray.exe
O6 - HKLM \ Software \ Policies \ Microsoft \ Internet Explorer \ ierobežojumi šajā
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 1 \ Office11 \ EXCEL.EXE/3000
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 1 \ Office11 \ REFIEBAR.DLL
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: Indexing Service (CiSvc) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ cisvc.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C: \ Program Files \ ESET \ ESET NOD32 Antivirus \ ekrn.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc - C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
O23 - Service: lxcf_device - - C: \ WINDOWS \ system32 \ lxcfcoms.exe

--
End of failu - 5.724 bytes
  #7  
Old 6 novembris 2008, 11:30
Moderator Group
  
Open HijackThis un izvēlieties Vai sistēmas skenēšanu tikai.

Vieta atzīme blakus šādiem ierakstiem: (ja ir)
O13 - DefaultPrefix:
O13 - WWW Prefix:
O13 - Home Prefix:
O13 - Mosaic Prefix:
O13 - FTP Prefix:
O13 - Gopher Prefix:
Svarīgi: Aizveriet visus logus, izņemot HijackThis un pēc tam noklikšķiniet uz Fix pārbaudīja.

Iziet HijackThis.

----------
Lejupielādēt CCleaner Slim un saglabājiet to savā Desktop .- Alternate download link
Kad fails ir saglabāts, dodieties uz Desktop un veiciet dubultklikšķi uz ccsetupxxx_slim.exe
Sekojiet norādēm, lai instalētu programmu.
  • Veiciet dubultklikšķi uz CCleaner saīsni darbvirsmā, lai sāktu programmu.
  • Noklikšķiniet uz Options bloķēt pa kreisi, tad izvēlieties Cookies.
    • Zem Sīkdatnes Dzēst, Iezīmējiet visus sīkfailus vēlaties saglabāt pastāvīgi
    • Noklikšķiniet uz bultiņas pa labi > lai pārvietotu tos uz Cookies ievērots logu.
  • Doties Options > Advanced unpārbaudīt Izdzēst tikai failus Windows Temp mapes, kas vecāki par 48 stundām
  • Click Tīrītājs par kreisi, tad Run Cleaner par tiesībām vadīt programmu.
  • Svarīgi: Pārliecinieties, ka ALL pārlūkprogrammas logi ir slēgti pirms atlases Run Cleaner
  • Uzmanību: Izmantot tikai Reģistrs iezīme, ja Jūs esat ļoti labi pārzina reģistru.
  • Vienmēr back up your reģistra pirms veikt jebkādas izmaiņas.
  • Iziet CCleaner pēc tam, kad ir pabeigts, tā ir process.
----------
Lejupielādēt SUPERAntiSpyware.exe

Alternate download link 1
Alternate download link 2
  • Veiciet dubultklikšķi uz ikonas uz darbvirsmas, lai palaistu uzstādītājam.
  • Kad mums jautā, Atjaunot programma definīcijas, noklikšķiniet uz
  • Ja Jums rodas jebkādas problēmas, bet lejupielādēt atjauninājumus, manuāli lejupielādēt un unzip tos no šeit
  • Next klikšķi Preferences pogu.
  • Zem Start-Up Options neatķeksējiet šādi:
  • Start SUPERAntiSpyware startējot sistēmu Windows
  • Rādīt SUPERAntiSpyware ikonas sistēmas teknē
  • Rādīt uzplaiksnījuma ekrānu
  • Click Scanning Control tab.
  • Zem Skeneris Options pārliecināties tikai šādas pārbaudes:
  • Aizveriet pārlūkprogrammu pirms skanēšanas
  • Scan izsekošanai cookies
  • Pārtraukt atmiņa draudiem pirms quarantining
  • Scan Alternate Data Streams
  • Lūdzu atstājiet citiem nekontrolētu.
  • Click Aizvērt poga atstāt kontroles centra ekrāna.
  • Uz galvenā ekrāna klikšķi Skenēt datoru
  • Uz kreiso izvēles rūtiņu, lai vadīt jūs skenēšanu.
  • Par tiesībām izvēlēties Veikt Complete Scan
  • Click Nākamais , lai sāktu skenēšanu. Lūdzu, esiet pacietīgi kamēr skenē datoru.
  • Pēc skenēšanas pabeigšanas kopsavilkums lodziņā parādīsies. Click OK
  • Pārliecinieties, ka viss baltā kaste ir pārbaude tam blakus, tad noklikšķiniet uz Nākamais
  • Tas karantīnas ko tā konstatējusi, un, ja tā jautā, vai vēlaties reboot, noklikšķiniet uz
  • Lai ielādētu pārcelšanās informāciju, lūdzu, rīkojieties šādi:
  • Pēc reboot, veiciet dubultklikšķi uz SUPERAntiSpyware ikonas uz darbvirsmas.
  • Click Preferences. Click Statistika / Logs tab.
  • Saskaņā Scanner Baļķi, veiciet dubultklikšķi uz SUPERAntiSpyware Scan Žurnālā.
  • Tā tiks atvērta noklusējuma teksta redaktoru (vislabāk Notepad).
  • Saglabāt notepad failu darbvirsmā noklikšķinot uz (iekš Notepad) Fails > Save As...
  • Saglabāt log kaut kur var viegli atrast. (parasti desktop)
  • Noklikšķiniet uz Aizvērt un gandrīz no jauna, lai izietu no programmas.
  • Copy un Paste log in your post.
__________________
Reply

Register
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Sulas.
Kontaktpersona -- Privacy -- Sitemap -- Augša

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO līdz 2009 vBSEO ©, Crawlability, Inc