mazāku kapitāla

Magazine
Go Back   Computer Sulas > Computer Software > Vīrusu, spiegprogrammatūru un drošība
Reload this Page

Iexplore.exe vīruss atkal!

Reģistrēties Site Spy Member List Ziedot Meklēt Today's Posts Mark Forums Read Foruma Noteikumi

Register


 Default 

Iexplore.exe vīruss atkal!




Reply
Page 1 of 2 1 2
 
Thread Tools
  #1  
Old 10 oktobris 2008, 19:08
New Member Group
  
Default Iexplore.exe vīruss atkal!

Hi man šķiet, arī ir iexplore vīrusu un esam centušies daudz dažādas programmas, lai atbrīvotos no tā, bet neviens darbs! Es esmu redzējis, ka jūsu vietne palīdz daudz ppl tā varbūt man arī? Te ir mana nolaupīt šis žurnāls:


Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 1:01:32 gada 11/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal
Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
C: \ Windows \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ acs.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ Program Files \ Bonjour \ mDNSResponder.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Windows \ System \ hpsysdrv.exe
C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Canon \ PictureProject \ NkbMonitor.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ taskmgr.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows+XP&osv=5.1
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = *. vietējo
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 7,0 \ ActiveX \ AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: ļaunprātīgās Skripti Scanner - (55EA1964-F5E4-4D6A-B9B2-125B37655FCB) - C: \ Documents and Settings \ All Users \ Application Data \ Prevx \ pxbho.dll
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ Windows \ System \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [TWCU] "C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe"-nogui
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [EPSON Stylus CX3700 Series] C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ WINDOWS \ TEMP \ E_SC4.tmp" / EF "HKLM"
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Uzsākšana
O4 - HKLM \ .. \ Run: [karoga pieder Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software noteikums karogu, pieder \ First obj.exe
O4 - HKLM \ .. \ Run: [PrevxOne] "C: \ Program Files \ Prevx2 \ PXConsole.exe"
O4 - HKLM \ .. \ Run: [ZoneAlarm Klientu] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User "SISTĒMA")
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ reader_sl.exe
O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Program Files \ Canon \ PictureProject \ NkbMonitor.exe
Ø8 - ārpus konteksta menu item: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
Ø8 - ārpus konteksta menu item: & Download ar & DAP - C: \ Program Files \ DAP \ dapextie.htm
Ø8 - ārpus konteksta menu item: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsearch.html
Ø8 - ārpus konteksta izvēlnes vienums: Atpakaļsaites - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmbacklinks.html
Ø8 - ārpus konteksta izvēlnes vienums: Cached Snapshot Page - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmcache.html
Ø8 - ārpus konteksta menu item: Download & visi ar DAP - C: \ Program Files \ DAP \ dapextie2.htm
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000
Ø8 - ārpus konteksta izvēlnes vienums: Līdzīgas lapas - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsimilar.html
Ø8 - ārpus konteksta izvēlnes vienums: Tulko angļu valodā - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmtrans.html
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
Ø9 - Extra button: Connection Help - (E2D4D26B-0.180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
Ø9 - Extra 'Tools' MENUITEM: Connection Help - (E2D4D26B-0.180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = ASV \ IEButton \ support.htm
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
Ø16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Maksāt online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab
O23 - Service: TP-LINK Configuration dienests (ACS) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: PREVXAgent - Prevx - C: \ Program Files \ Prevx2 \ PXAgent.exe
O23 - Service: TrueVector Interneta Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe
--
End of failu - 10.831 bytes
  #2  
Old 10 oktobris 2008, 23:12
Moderator Group
  
Default Iexplore.exe vīruss atkal!

Lejupielādēt Nocirst S & D by Eric_71 un saglabājiet to savā datorā.
Nocirst S & D darbosies tikai uz Windows XP un Windows Vista

Atslēgt antivīrusu un antimalware programmām, lai tās netraucē darbību Lop S & D.
Lai redzētu, kā atspējot drošības programmu, apmeklējiet šo pamācību:
Kā lai uz laiku apturēt jūsu Anti-virus, ugunsmūra un anti-ļaundabīgo programmu Programs
  • Veiciet dubultklikšķi uz Nocirst S & D.exe
  • Izvēlieties valodu, ierakstot atbilstošo burtu un nospiediet Enter
  • Click OK pie informatīvo logu
  • Veids 1, Lai izvēlētos Option 1 (Meklēt) un pēc tam nospiediet Enter
  • Uzgaidiet, līdz gada beigām skenēšanu
  • Ziņojums tiks radīti, pēc to satura savu nākamo atbildi.
Kopiju, ziņojumu var atrast šajā vietā:% systemdrive% \ lopR.txt, vairumā gadījumu C: \lopR.txt
__________________
  #3  
Old 11 oktobris 2008, 00:15
New Member Group
  
Default Iexplore.exe vīruss atkal!

Šeit ir no lop rezultātiem S & D search:



-------------------- \ \ Lop S & D 4.2.4-5 XP / Vista
Microsoft Windows XP Home Edition (v5.1.2600) Service Pack 3
X86 PC (Uniprocessor Free: AMD Sempron (tm) Processor 3200 +)
BIOS: Phoenix - Award BIOS v6.00PG
Lietotājs: Compaq_Owner (Administrator)
BOOT: Normal boot
Antivirus: AVG 7.5.524 7.5.524 (nav aktivizēts)
Ugunsmūris: ZoneAlarm Firewall 7.0.483.000 (nav aktivizēts)
C: \ (Local Disk) - NTFS - Kopā: 68 Go Free: 10 lapas
D: \ (Local Disk) - FAT32 - Kopā: 5 Go Free: 1 Atveriet
E: \ (CD vai DVD)
F: \ (CD vai DVD)
G: \ (USB)
H: \ (USB)
I: \ (USB)
J: \ (USB)
"C: \ Lop SD" (MAJ: 02-10-2008 | 23:42)
Izvēle: [1] (Sestdiena 11/10/2008 | 18:11)

-------------------- \ \ Listing mapes Applic ~ 1
[11/10/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Adobe
[03/10/2007 | 01:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Apple
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Apple Computer
[28/08/2007 | 04:28] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Autodesk
[03/09/2008 | 10:46] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Avg7
[10/06/2008 | 12:37] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Avg8
[02/07/2006 | 01:52] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> DVD Shrink
[15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> EnterNHelp
[27/03/2007 | 10:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Google
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Grisoft
[23/10/2007 | 12:15] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Iekārtas
[12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> InstallShield
[11/10/2008 | 12:29] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> MailFrontier
[18/08/2008 | 04:05] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Microsoft
[10/09/2008 | 07:07] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Microsoft palīdzība
[10/09/2007 | 04:25] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Nero
[11/10/2008 | 03:51] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> NOS
[21/05/2008 | 12:55] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> PC Drivers Headquarters
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> QuickTime
[24/11/2007 | 02:56] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Real
[12/09/2005 | 09:04] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> SBSI
[02/02/2008 | 05:17] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Seagate
[09/10/2008 | 11:53] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Software noteikums karogu, pieder
[01/11/2006 | 01:13] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Sophos
[14/09/2008 | 02:08] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Spybot - Search & Destroy
[19/05/2008 | 07:41] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Symantec
[11/10/2008 | 06:00] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> TEMP
[15/02/2006 | 01:11] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> UDL
[15/07/2006 | 12:35] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Ultima_T15
[08/04/2006 | 02:27] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> Windows Genuine Advantage
[22/06/2008 | 11:01] C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ <DIR> WLInstaller
[17/03/2008 | 09:32] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Adobe
[11/10/2008 | 03:55] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> AdobeUM
[13/09/2007 | 05:26] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Ahead
[13/06/2008 | 07:29] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Apple Computer
[02/10/2007 | 12:55] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> ArcSoft
[18/06/2006 | 11:34] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Atari
[21/05/2007 | 07:47] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Autodesk
[11/10/2008 | 11:11] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> AVG7
[19/05/2008 | 02:40] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> AVGTOOLBAR
[08/10/2008 | 01:29] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> BitTorrent
[21/05/2007 | 12:09] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Command & iekarot 3 Tiberium Wars
[01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Datalayer
[28/05/2007 | 02:25] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> dvdcss
[13/08/2007 | 03:00] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> EPSON
[03/05/2007 | 02:12] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Google
[07/09/2006 | 02:08] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Palīdzība
[26/06/2008 | 12:16] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> HPQ
[16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Identities
[19/02/2006 | 05:44] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> InterVideo
[23/04/2008 | 11:49] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> iWin
[03/05/2008 | 03:20] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Joost
[28/01/2006 | 03:15] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Leadertech
[13/09/2008 | 08:45] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> limewire
[14/02/2006 | 05:22] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Macromedia
[24/11/2007 | 03:04] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Media Player Classic
[19/05/2008 | 06:44] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Microsoft
[09/04/2008 | 06:13] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Mozilla
[15/07/2006 | 12:31] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Nikon
[01/09/2006 | 08:52] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Nokia
[01/09/2006 | 08:54] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Nokia Multimedia Player
[01/09/2006 | 08:41] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> PC Suite
[19/05/2008 | 07:32] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Real
[12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> SampleView
[21/05/2007 | 12:07] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> SecuROM
[09/10/2008 | 11:54] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> ziepes ir mīlestība
[28/01/2006 | 03:16] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Sonic
[23/04/2008 | 11:45] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> SpinTop
[14/09/2008 | 06:04] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> sporu
[15/04/2008 | 05:04] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Spybot - Search & Destroy
[14/02/2006 | 05:49] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Sv
[12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> Symantec
[16/04/2008 | 06:42] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> U3
[26/05/2008 | 11:14] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> uTorrent
[27/05/2006 | 09:46] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> vlc
[20/05/2008 | 10:26] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ <DIR> WinBatch
[12/09/2005 | 09:27] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> Apple Computer
[16/12/2004 | 04:22] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> Identities
[12/09/2005 | 09:51] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> Microsoft
[12/09/2005 | 09:21] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> Real
[12/09/2005 | 09:30] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> SampleView
[12/09/2005 | 09:41] C: \ DOCUME ~ 1 \ DEFAUL ~ 1 \ Applic ~ 1 \ <DIR> Symantec
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ Lokālie ~ 1 \ Applic ~ 1 \ <DIR> AVG7
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ Lokālie ~ 1 \ Applic ~ 1 \ <DIR> Microsoft
[18/08/2008 | 07:44] C: \ DOCUME ~ 1 \ NETWOR ~ 1 \ Applic ~ 1 \ <DIR> Microsoft

-------------------- \ \ Scheduled Tasks, kas atrodas C: \ WINDOWS \ Uzdevumi
[11/10/2008 06:00 pm] [- ah -----] C: \ WINDOWS \ uzdevumus \ A396018B9185B27B.job
[11/10/2008 06:11 pm] [- ------] C: \ WINDOWS \ uzdevumus \ Symantec NetDetect.job
[11/10/2008 05:00 pm] [- ------] C: \ WINDOWS \ uzdevumus \ RegCure Program Check.job
[28/08/2008 04:00] [- ------] C: \ WINDOWS \ uzdevumus \ RegCure.job
[11/10/2008 04:07 pm] [- ah -----] C: \ WINDOWS \ uzdevumus \ SA.DAT
[05/08/2004 05:00] [-Rah -----] C: \ WINDOWS \ uzdevumus \ desktop.ini
(A396018B9185B27B.job) = (c: \ DOCUME ~ 1 \ compaq ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ Axisgreatex tra.exe)
-------------------- \ \ Listing mapes C: \ Program Files
[27/07/2008 | 05:02] C: \ Program Files \ <DIR> Activision
[11/10/2008 | 04:05] C: \ Program Files \ <DIR> Adobe
[15/06/2008 | 12:20] C: \ Program Files \ <DIR> Ahead
[20/05/2007 | 11:20] C: \ Program Files \ <DIR> Alcohol Soft
[03/06/2008 | 09:01] C: \ Program Files \ <DIR> Apple Software Update
[15/07/2006 | 12:27] C: \ Program Files \ <DIR> ArcSoft
[12/09/2005 | 09:13] C: \ Program Files \ <DIR> ATI Technologies
[21/05/2007 | 07:36] C: \ Program Files \ <DIR> Autodesk
[27/05/2008 | 04:42] C: \ Program Files \ <DIR> AVG
[20/06/2008 | 04:54] C: \ Program Files \ <DIR> BitTorrent
[11/10/2008 | 04:05] C: \ Program Files \ <DIR> Common Files
[24/11/2004 | 01:06] C: \ Program Files \ <DIR> ComPlus Pieteikumi
[21/05/2008 | 12:51] C: \ Program Files \ <DIR> DAP
[08/11/2006 | 02:07] C: \ Program Files \ <DIR> DivX
[30/09/2008 | 09:12] C: \ Program Files \ <DIR> DominateGame
[21/05/2007 | 10:35] C: \ Program Files \ <DIR> Drug Kungu 2
[18/08/2008 | 03:56] C: \ Program Files \ <DIR> D-Tools
[08/11/2006 | 12:56] C: \ Program Files \ <DIR> DVD Shrink
[19/05/2008 | 07:12] C: \ Program Files \ <DIR> Easy interneta reģistrēšanās
[14/09/2008 | 06:02] C: \ Program Files \ <DIR> Electronic Arts
[15/02/2006 | 01:11] C: \ Program Files \ <DIR> epson
[26/05/2008 | 11:15] C: \ Program Files \ <DIR> eToro
[30/09/2008 | 09:12] C: \ Program Files \ <DIR> EV Nova
[13/11/2006 | 09:39] C: \ Program Files \ <DIR> FLVPlayer
[26/06/2008 | 12:13] C: \ Program Files \ <DIR> GameSpy Arcade
[12/09/2005 | 09:37] C: \ Program Files \ <DIR> Google
[27/11/2006 | 10:19] C: \ Program Files \ <DIR> Graph
[08/11/2007 | 06:44] C: \ Program Files \ <DIR> Griffin Technology
[18/08/2008 | 07:44] C: \ Program Files \ <DIR> Grisoft
[27/03/2006 | 09:17] C: \ Program Files \ <DIR> GustoSoft
[29/09/2008 | 04:41] C: \ Program Files \ <DIR> Hp
[05/12/2007 | 01:09] C: \ Program Files \ <DIR> Infogrames Interactive
[14/09/2008 | 06:03] C: \ Program Files \ <DIR> InstallShield Installation Information
[17/08/2008 | 09:45] C: \ Program Files \ <DIR> Internet Explorer
[12/09/2005 | 09:23] C: \ Program Files \ <DIR> InterVideo
[03/06/2008 | 09:04] C: \ Program Files \ <DIR> iPod
[14/02/2006 | 05:20] C: \ Program Files \ <DIR> iPrimus
[03/06/2008 | 09:05] C: \ Program Files \ <DIR> iTunes
[30/09/2008 | 08:51] C: \ Program Files \ <DIR> Java
[14/09/2008 | 05:43] C: \ Program Files \ <DIR> John Deere American Farmer Deluxe
[09/04/2008 | 06:13] C: \ Program Files \ <DIR> Joost
[24/11/2007 | 02:56] C: \ Program Files \ <DIR> K-Lite Codec Pack
[20/03/2008 | 05:13] C: \ Program Files \ <DIR> limewire
[31/08/2008 | 05:28] C: \ Program Files \ <DIR> Maxis
[18/08/2008 | 02:14] C: \ Program Files \ <DIR> Messenger
[15/05/2007 | 11:48] C: \ Program Files \ <DIR> Microsoft CAPICOM 2.1.0.2
[12/09/2005 | 09:19] C: \ Program Files \ <DIR> Microsoft Encarta
[16/12/2004 | 04:23] C: \ Program Files \ <DIR> microsoft frontpage
[26/06/2008 | 12:17] C: \ Program Files \ <DIR> Microsoft Games
[12/09/2005 | 09:25] C: \ Program Files \ <DIR> Microsoft Money 2005
[29/06/2008 | 10:10] C: \ Program Files \ <DIR> Microsoft Office
[15/02/2006 | 12:29] C: \ Program Files \ <DIR> Microsoft Visual Studio
[03/06/2008 | 03:51] C: \ Program Files \ <DIR> Microsoft Works
[14/02/2008 | 10:22] C: \ Program Files \ <DIR> Microsoft.NET
[14/03/2008 | 09:22] C: \ Program Files \ <DIR> MindArk
[18/08/2008 | 02:11] C: \ Program Files \ <DIR> Movie Maker
[11/10/2008 | 11:09] C: \ Program Files \ <DIR> Mozilla Firefox
[16/12/2004 | 04:23] C: \ Program Files \ <DIR> MSN
[16/12/2004 | 04:23] C: \ Program Files \ <DIR> MSN Gaming Zone
[18/10/2006 | 01:19] C: \ Program Files \ <DIR> MSXML 4,0
[02/02/2008 | 05:16] C: \ Program Files \ <DIR> MSXML 6,0
[10/09/2007 | 04:25] C: \ Program Files \ <DIR> Nero
[18/08/2008 | 02:10] C: \ Program Files \ <DIR> NetMeeting
[15/07/2006 | 12:30] C: \ Program Files \ <DIR> Nikon
[11/10/2008 | 03:51] C: \ Program Files \ <DIR> NOS
[15/02/2006 | 12:42] C: \ Program Files \ <DIR> OfficeUpdate11
[14/09/2008 | 02:59] C: \ Program Files \ <DIR> Online Services
[18/08/2008 | 02:10] C: \ Program Files \ <DIR> Outlook Express
[26/06/2007 | 09:29] C: \ Program Files \ <DIR> PartyGaming
[12/09/2005 | 09:34] C: \ Program Files \ <DIR> PC-Doctor DOS
[17/06/2007 | 08:43] C: \ Program Files \ <DIR> PokerRoom.com
[31/05/2007 | 01:55] C: \ Program Files \ <DIR> PokerStars
[03/06/2008 | 09:04] C: \ Program Files \ <DIR> QuickTime
[21/04/2008 | 08:30] C: \ Program Files \ <DIR> RegCure
[02/02/2008 | 05:17] C: \ Program Files \ <DIR> Seagate
[23/04/2008 | 01:20] C: \ Program Files \ <DIR> Šona O'Connor Windows spēles
[24/07/2008 | 06:08] C: \ Program Files \ <DIR> SEGA
[18/08/2008 | 03:56] C: \ Program Files \ <DIR> Sierra Entertainment
[08/02/2007 | 11:24] C: \ Program Files \ <DIR> SLD Codec Pack
[09/10/2008 | 11:53] C: \ Program Files \ <DIR> ziepes ir mīlestība
[14/03/2008 | 06:16] C: \ Program Files \ <DIR> Sophos
[15/04/2008 | 09:22] C: \ Program Files \ <DIR> Spybot - Search & Destroy
[24/11/2007 | 02:59] C: \ Program Files \ <DIR> StrongDC + +
[19/05/2008 | 07:41] C: \ Program Files \ <DIR> Symantec
[13/09/2008 | 10:03] C: \ Program Files \ <DIR> TeaTimer (Spybot - Search & Destroy)
[14/02/2006 | 05:39] C: \ Program Files \ <DIR> Telstra
[19/06/2007 | 09:45] C: \ Program Files \ <DIR> TexasCalculatem
[30/05/2008 | 01:43] C: \ Program Files \ <DIR> Theorica Divx ;-) kodeki
[29/02/2008 | 06:25] C: \ Program Files \ <DIR> TP-LINK
[11/10/2008 | 12:33] C: \ Program Files \ <DIR> Trend Micro
[03/04/2008 | 12:17] C: \ Program Files \ <DIR> Trymedia
[24/11/2004 | 01:07] C: \ Program Files \ <DIR> Uninstall Informācija
[27/05/2006 | 08:19] C: \ Program Files \ <DIR> VideoLAN
[10/09/2008 | 01:44] C: \ Program Files \ <DIR> VUGames
[11/10/2008 | 05:57] C: \ Program Files \ <DIR> Warcraft III
[05/06/2008 | 01:07] C: \ Program Files \ <DIR> Weatherzone Tracker
[13/09/2006 | 12:25] C: \ Program Files \ <DIR> WinAVI VideoConverter
[14/03/2008 | 06:35] C: \ Program Files \ <DIR> Windows Live
[10/10/2007 | 11:18] C: \ Program Files \ <DIR> Windows Media Connect 2
[25/08/2008 | 06:37] C: \ Program Files \ <DIR> Windows Media Player
[14/09/2008 | 02:59] C: \ Program Files \ <DIR> Windows NT
[03/10/2007 | 03:00] C: \ Program Files \ <DIR> Windows XP Fun Pack
[24/11/2004 | 01:07] C: \ Program Files \ <DIR> WindowsUpdate
[14/09/2008 | 05:41] C: \ Program Files \ <DIR> WinRAR
[16/12/2004 | 04:24] C: \ Program Files \ <DIR> Xerox
[11/10/2008 | 12:29] C: \ Program Files \ <DIR> Zone Labs
[11/10/2008 | 12:31] C: \ Program Files \ <DIR> ZoneAlarmSB
-------------------- \ \ Listing mapes C: \ Program Files \ Common Files
[11/10/2008 | 04:05] C: \ Program Files \ Common Files \ <DIR> Adobe
[11/10/2008 | 04:05] C: \ Program Files \ Common Files \ <DIR> Adobe AIR
[10/09/2007 | 04:28] C: \ Program Files \ Common Files \ <DIR> Ahead
[03/10/2007 | 01:28] C: \ Program Files \ Common Files \ <DIR> Apple
[28/08/2007 | 04:28] C: \ Program Files \ Common Files \ <DIR> Autodesk Shared
[03/06/2008 | 03:50] C: \ Program Files \ Common Files \ <DIR> DIZAINERS
[12/09/2005 | 09:27] C: \ Program Files \ Common Files \ <DIR> InstallShield
[12/09/2005 | 09:06] C: \ Program Files \ Common Files \ <DIR> Java
[19/05/2008 | 07:25] C: \ Program Files \ Common Files \ <DIR> Microsoft Shared
[16/12/2004 | 04:23] C: \ Program Files \ Common Files \ <DIR> MSSoap
[15/07/2006 | 12:30] C: \ Program Files \ Common Files \ <DIR> muvee Technologies
[15/07/2006 | 12:31] C: \ Program Files \ Common Files \ <DIR> Nikon
[16/12/2004 | 04:23] C: \ Program Files \ Common Files \ <DIR> ODBC
[19/05/2008 | 07:32] C: \ Program Files \ Common Files \ <DIR> Real
[20/05/2008 | 11:24] C: \ Program Files \ Common Files \ <DIR> Pakalpojumi
[16/12/2004 | 04:23] C: \ Program Files \ Common Files \ <DIR> SpeechEngines
[19/05/2008 | 07:41] C: \ Program Files \ Common Files \ <DIR> Symantec Shared
[18/08/2008 | 02:10] C: \ Program Files \ Common Files \ <DIR> System
[11/03/2007 | 11:10] C: \ Program Files \ Common Files \ <DIR> Thraex Software
[14/03/2008 | 06:34] C: \ Program Files \ Common Files \ <DIR> WindowsLiveInstaller
-------------------- \ \ Process
(41 procesi)
Iexplore.exe ~ [PID: 2612]
Iexplore.exe ~ [PID: 2640]
iexplore.exe ~ [PID: 3160]
Iexplore.exe ~ [PID: 2940]
-------------------- \ \ Searching ar S_Lop
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Lokālie ~ 1 \ Temp \ bis9A.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ Axis liels extra.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ ilouimpk.ex e
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ jvuyskje.ex e
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ lfbsabiw.ex e

-------------------- \ \ Meklē Lop Faili - mapes
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ Software noteikums karogu, pieder
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ Software noteikums karogu, pieder \ First obj.exe
C: \ DOCUME ~ 1 \ ALLUSE ~ 1 \ Applic ~ 1 \ Software noteikums karogu, pieder \ Skip proc.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ ATOM DASH.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ Axis liels extra.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ ilouimpk.ex e
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ jvuyskje.ex e
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ soapli ~ 1 \ lfbsabiw.ex e
C: \ Program Files \ soapli ~ 1
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Lokālie ~ 1 \ Temp \ TorrentSpeeder. zip
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ adultfri endfinder [1]. Txt
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ advertis ing [2]. Txt
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ ero-reklāma [1]. Txt
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner@adopt.eu roclick [2]. Txt
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ partypok er [1]. Txt
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies \ compaq_owner @ 888 [2]. Txt
C: \ WINDOWS \ Uzdevumi \ A396018B9185B27B.job

-------------------- \ \ Meklēšanu Reģistrs
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Uninstall \ Hold wma ref]
"DisplayName" = "CID Help"
"UninstallString" = "C: \ \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ Applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe-uninstall"
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"MODE REAL" = "C: \ \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ Applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe"
"MODE REAL" = "C: \ \ DOCUME ~ 1 \ \ COMPAQ ~ 1 \ \ Applic ~ 1 \ \ SOAPLI ~ 1 \ \ ATOM DASH.exe"
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"Karoga pieder Live Grim" = "C: \ \ Documents and Settings \ \ All Users \ \ Application Data \ \ Software noteikums karogu, pieder \ \ First obj.exe"
-------------------- \ \ Pārbaude Hosts fails
Hosts fails CLEAN

-------------------- \ \ Meklē slēptos failus ar Catchme

catchme 0.3.1353 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net
Rootkit scan 2008/10/11 18:12:47
Windows 5.1.2600 Service Pack 3 NTFS
skenēšana slēptās procesi ...
skenēšana slēptos failus ...
scan sekmīgi pabeigta
slēptās procesiem: 0
slēptos failus: 0

-------------------- \ \ Meklē citas infekcijas
-------------------- \ \ Plaisas & Keygens ..
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Kreka
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Kreka \ rld-spor.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Local Settings \ Temp \ Rar $ EX02.922 \ Kreka \ SporeApp.exe
C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Recent \ Spore.GENERIC_KEYGEN-FFF.lnk

[F: 343] [D: 29] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Lokālie ~ 1 \ Temp
[F: 200] [D: 0] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Cookies
[F: 18.285] [D: 24] -> C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Lokālie ~ 1 \ TEMPOR ~ 1 \ content.IE5
1 - "C: \ Lop SD \ LopR_1.txt" - Sat 11/10/2008 | 18:07 - Variants: [1]
2 - "C: \ Lop SD \ LopR_2.txt" - Sat 11/10/2008 | 18:14 - Variants: [1]
-------------------- \ \ Scan pabeigtas 18:14:22
  #4  
Old 11 oktobris 2008, 22:29
Moderator Group
  
Default Iexplore.exe vīruss atkal!

Download NoLop uz Jūsu rakstāmgalda. NoLop.exe
  • Aizveriet visas programmas, ir darbojusies kopš reboot ir vajadzīga
  • Dubultklikšķis NoLop.exe lai tā varētu darboties
  • Pēc tam noklikšķiniet uz pogas ar nosaukumu: Search and Destroy
    • Jūsu dators tagad būs skenēti inficēto failu
  • Kad skenēšana ir pabeigta, ja inficēti, jums tiek piedāvāts atsāknēšana
  • Noklikšķiniet uz OK
  • Tagad noklikšķiniet: Reboot
  • Message vajadzētu popup no NoLop. Ja ne, divreiz uzklikšķiniet programmu vēlreiz, un tā beigsies.
  • Post saturs C: \ NoLop.log ar nākamo atbildi.
Piezīme: Ja saņemat kļūdas, "mscomctl.ocx vai vienā no tās atkarības nav pareizi reģistrēta," lūdzu, lejupielādējiet mscomctl.ocx jūsu system32 mapē pēc tam atkārto programmu.

Palaist arī jauns HijackThis skenēšanas un pasta žurnālā.
__________________
  #5  
Old 11 oktobris 2008, 22:46
New Member Group
  
Default Iexplore.exe vīruss atkal!

Ok, šeit ir logs:

Nolop


NoLop! Log by Skate_Punk_21

Fix sākot no: C: \ Documents and Settings \ Compaq_Owner \ Desktop
[12/10/2008]
[4:33:52]

--- Infection Faili Found/Removed---
C: \ WINDOWS \ uzdevumus \ A396018B9185B27B.job

Sākums Removal ...
Rebooting ...
Noņemot Lop's atliekas failus / mapes ...
Editing Registry ...
** Fix Complete! **

--- Listing AppData sub katalogi ---

C: \ Documents and Settings \ All Users \ Application Data \ Adobe
C: \ Documents and Settings \ All Users \ Application Data \ Apple
C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer
C: \ Documents and Settings \ All Users \ Application Data \ Autodesk
C: \ Documents and Settings \ All Users \ Application Data \ Avg7
C: \ Documents and Settings \ All Users \ Application Data \ Avg8 - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Dvd Shrink
C: \ Documents and Settings \ All Users \ Application Data \ Enternhelp
C: \ Documents and Settings \ All Users \ Application Data \ Google
C: \ Documents and Settings \ All Users \ Application Data \ Grisoft
C: \ Documents and Settings \ All Users \ Application Data \ Iekārtas
C: \ Documents and Settings \ All Users \ Application Data \ InstallShield
C: \ Documents and Settings \ All Users \ Application Data \ Mailfrontier - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft
C: \ Documents and Settings \ All Users \ Application Data \ Microsoft palīdzība
C: \ Documents and Settings \ All Users \ Application Data \ Nero
C: \ Documents and Settings \ All Users \ Application Data \ Nos
C: \ Documents and Settings \ All Users \ Application Data \ Pc Drivers Headquarters
C: \ Documents and Settings \ All Users \ Application Data \ Quicktime
C: \ Documents and Settings \ All Users \ Application Data \ Real - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ Sbsi
C: \ Documents and Settings \ All Users \ Application Data \ Seagate
C: \ Documents and Settings \ All Users \ Application Data \ Software pants Karoga pieder
C: \ Documents and Settings \ All Users \ Application Data \ Sophos
C: \ Documents and Settings \ All Users \ Application Data \ Spybot - Search & Destroy
C: \ Documents and Settings \ All Users \ Application Data \ Symantec
C: \ Documents and Settings \ All Users \ Application Data \ Temp - EMPTY Directory
C: \ Documents and Settings \ All Users \ Application Data \ UDL
C: \ Documents and Settings \ All Users \ Application Data \ Ultima_t15
C: \ Documents and Settings \ All Users \ Application Data \ Windows Genuine Advantage
C: \ Documents and Settings \ All Users \ Application Data \ Wlinstaller
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobe
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Adobeum
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Ahead
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Apple Computer
C: \ Documents and Settings \ Compaq_owner \ Application Data \ ArcSoft
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Atari
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Autodesk
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avg7
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Avgtoolbar
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Bittorrent
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Command & iekarot 3 Tiberium Wars
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Datalayer
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Dvdcss
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Epson
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Google
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Help - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ HPQ
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Identities
C: \ Documents and Settings \ Compaq_owner \ Application Data \ InterVideo
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Iwin
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Joost
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Leadertech
C: \ Documents and Settings \ Compaq_owner \ Application Data \ limewire
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Macromedia
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Media Player Classic
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Microsoft
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Mozilla
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nikon
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Nokia Multimedia Player
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Pc Suite
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Real
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sampleview - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Securom
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Ziepes Meli Love
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sonic
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spintop
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spore
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Spybot - Search & Destroy
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Sun
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Compaq_owner \ Application Data \ U3
C: \ Documents and Settings \ Compaq_owner \ Application Data \ uTorrent
C: \ Documents and Settings \ Compaq_owner \ Application Data \ vlc
C: \ Documents and Settings \ Compaq_owner \ Application Data \ Winbatch
C: \ Documents and Settings \ Default User \ Application Data \ Apple Computer
C: \ Documents and Settings \ Default User \ Application Data \ Identities
C: \ Documents and Settings \ Default User \ Application Data \ Microsoft
C: \ Documents and Settings \ Default User \ Application Data \ Real
C: \ Documents and Settings \ Default User \ Application Data \ Sampleview - EMPTY Directory
C: \ Documents and Settings \ Default User \ Application Data \ Symantec - EMPTY Directory
C: \ Documents and Settings \ Localservice \ Application Data \ Avg7 - EMPTY Directory
C: \ Documents and Settings \ Localservice \ Application Data \ Microsoft
C: \ Documents and Settings \ Networkservice \ Application Data \ Microsoft


HijackThis:


Logfile of Trend Micro HijackThis v2.0.2
Scan saglabāts 4:44:14 gada 12/10/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16705)
Boot mode: Normal

Running procesiem:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ system32 \ Ati2evxx.exe
C: \ Windows \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ WINDOWS \ system32 \ acs.exe
C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Windows \ System \ hpsysdrv.exe
C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
C: \ WINDOWS \ ALCXMNTR.EXE
C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe
C: \ HP \ KBD \ KBD.EXE
C: \ Program Files \ iTunes \ iTunesHelper.exe
C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ Program Files \ Adobe \ Reader 9,0 \ Reader \ Reader_sl.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Canon \ PictureProject \ NkbMonitor.exe
C: \ Program Files \ iPod \ bin \ iPodService.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe

R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page =
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = http://ie.redirect.hp.com/svs/rdr?TY...rio&pf=desktop
R1 - HKCU \ Software \ Microsoft \ Internet Connection Wizard, ShellNext = http://www.limewire.com/inclient/?st...ows+XP&osv=5.1
O2 - BHO: AcroIEHelperStub - (18DF081C-E8AD-4.283-A596-FA578C2EBDC3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - (3CA2F312-6F6E-4B53-A66E-4E65E497C8C0) - C: \ Program Files \ AVG \ AVG8 \ avgssie.dll (file missing)
O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file)
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - (F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - (F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA) - C: \ Program Files \ ZoneAlarmSB \ bar \ 1.bin \ SPYBLOCK.DLL
O4 - HKLM \ .. \ Run: [IMJPMIG8.1] "C: \ WINDOWS \ IME \ imjp8_1 \ IMJPMIG.EXE" / Spoil / RemAdvDef / Migration32
O4 - HKLM \ .. \ Run: [MSPY2002] C: \ WINDOWS \ system32 \ IME \ PINTLGNT \ ImScInst.exe / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC
O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ system32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName
O4 - HKLM \ .. \ Run: [hpsysdrv] C: \ Windows \ System \ hpsysdrv.exe
O4 - HKLM \ .. \ Run: [ATIPTA] C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe
O4 - HKLM \ .. \ Run: [Recguard] C: \ WINDOWS \ SMINST \ RECGUARD.EXE
O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
O4 - HKLM \ .. \ Run: [TWCU] "C: \ Program Files \ TP-LINK \ TWCU \ TWCU.exe"-nogui
O4 - HKLM \ .. \ Run: [KBD] C: \ HP \ KBD \ KBD.EXE
O4 - HKLM \ .. \ Run: [EPSON Stylus CX3700 Series] C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIA CP.EXE / F "C: \ WINDOWS \ TEMP \ E_SC4.tmp" / EF "HKLM"
O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe"
O4 - HKLM \ .. \ Run: [NeroFilterCheck] C: \ WINDOWS \ system32 \ NeroCheck.exe
O4 - HKLM \ .. \ Run: [HP Software Update] C: \ Program Files \ HP \ HP Software Update \ HPWuSchd2.exe
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Uzsākšana
O4 - HKLM \ .. \ Run: [karoga pieder Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software noteikums karogu, pieder \ First obj.exe
O4 - HKLM \ .. \ Run: [ZoneAlarm Klientu] "C: \ Program Files \ Zone Labs \ ZoneAlarm \ zlclient.exe"
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 9,0 \ Reader \ Reader_sl.exe"
O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime
O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe
O4 - HKCU \ .. \ Run: [updateMgr] "C: \ Program Files \ Adobe \ Acrobat 7,0 \ Reader \ AdobeUpdateManager.exe" AcRdB7_1_0-reboot 1
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User "SISTĒMA")
O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user')
O4 - Global Startup: NkbMonitor.exe.lnk = C: \ Program Files \ Canon \ PictureProject \ NkbMonitor.exe
Ø8 - ārpus konteksta menu item: & Clean Traces - C: \ Program Files \ DAP \ Privacy Package \ dapcleanerie.htm
Ø8 - ārpus konteksta menu item: & Download ar & DAP - C: \ Program Files \ DAP \ dapextie.htm
Ø8 - ārpus konteksta menu item: & Google Search - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsearch.html
Ø8 - ārpus konteksta izvēlnes vienums: Atpakaļsaites - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmbacklinks.html
Ø8 - ārpus konteksta izvēlnes vienums: Cached Snapshot Page - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmcache.html
Ø8 - ārpus konteksta menu item: Download & visi ar DAP - C: \ Program Files \ DAP \ dapextie2.htm
Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ EXCEL.EXE/3000
Ø8 - ārpus konteksta izvēlnes vienums: Līdzīgas lapas - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmsimilar.html
Ø8 - ārpus konteksta izvēlnes vienums: Tulko angļu valodā - res: / / C: \ Program Files \ Google \ GoogleToolbar1.dll/cmtrans.html
Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_07 \ bin \ ssv.dll
Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 3 \ Office12 \ REFIEBAR.DLL
Ø9 - Extra button: (no name) - (B205A35E-1FC4-4CE3-818B-899DBBB3388C) - C: \ Program Files \ Common Files \ Microsoft Shared \ Encarta Search Bar \ ENCSBAR.DLL
Ø9 - Extra button: Connection Help - (E2D4D26B-0.180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = US \ IEButton \ support.htm
Ø9 - Extra 'Tools' MENUITEM: Connection Help - (E2D4D26B-0.180-43a4-B05F-462D6D54C789) - C: \ WINDOWS \ PCHEALTH \ HELPCTR \ Vendors \ CN = Hewlett-Packard, L = Cupertino, S = Ca, C = ASV \ IEButton \ support.htm
Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5) -- http://upload.facebook.com/controls/...oUploader5.cab
Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx2.hotmail.com/mail/w3/pr01...s/MSNPUpld.cab
Ø16 - DPF: (96EEC7FF-106A-47F3-90D6-B4BB754AA40E) (POLI Maksāt online) -- https: / / autxn.paywithpoli.com / ewcust...iPayOnline.cab
Ø16 - DPF: (CF40ACC5-E1BB-4AFF-AC72-04C2F616BCA7) (get_atlcom klase) -- http://wwwimages.adobe.com/www.adobe...bat/nos/gp.cab
O23 - Service: TP-LINK Configuration dienests (ACS) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ acs.exe
O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe
O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: getPlus (R) Helper - NOS Microsystems Ltd - C: \ Program Files \ NOS \ bin \ getPlus_HelperSvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe
O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe
O23 - Service: TrueVector Interneta Monitor (vsmon) - Zone Labs, LLC - C: \ WINDOWS \ system32 \ ZoneLabs \ vsmon.exe

--
End of failu - 10.505 bytes
  #6  
Old 11 oktobris 2008, 22:53
Moderator Group
  
Default Iexplore.exe vīruss atkal!

Open HijackThis un izvēlieties Vai sistēmas skenēšanu tikai.

Vieta atzīme blakus šādiem ierakstiem: (ja ir)
  • O4 - HKLM \ .. \ Run: [AlcxMonitor] ALCXMNTR.EXE
  • O4 - HKLM \ .. \ Run: [karoga pieder Live Grim] C: \ Documents and Settings \ All Users \ Application Data \ Software noteikums karogu, pieder \ First obj.exe
  • O4 - HKCU \ .. \ Run: [MODE REAL] C: \ DOCUME ~ 1 \ COMPAQ ~ 1 \ Applic ~ 1 \ SOAPLI ~ 1 \ ATOM DASH.exe
Svarīgi: Aizveriet visus logus, izņemot HijackThis un pēc tam noklikšķiniet uz Fix pārbaudīja.

Iziet HijackThis.

----------

Piezīme: Instrukcijas turpmāk tika izveidota speciāli šim lietotājam. Ja Jums nav šī lietotāja, DO NOT ievērojiet šos norādījumus, jo tie varētu kaitēt jūsu sistēmas darbības principus

Doties uz Start> Run un tips notepad.exe noklikšķiniet uz OK

Nokopējiet un ielīmējiet tālāk vērā Notepad un saglabāt kā fixme.reg līdz Jūsu Desktop

Kods:
REGEDIT4 [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Run] "AlcxMonitor" =- "Flag pieder Live Grim" =- [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ CurrentVersion \ Policies \ Explorer \ Run] "MODE REAL" =-
Atrodiet fixme.reg uz darbvirsmas un veiciet uz tā dubultklikšķi. Atbilde kad tiek piedāvāts apvienot ar reģistru.

Pārliecinieties, ka jūs man pateikt, ja saņemat panākumus ziņu par pieskaitot iepriekš, lai reģistrā. Ja Jums nav iegūt panākumus ziņu, tā nestrādāja.

Dzēst fixme.reg no darbvirsmas.

Restart computer

----------

Lejupielādēt CCleaner Slim un saglabājiet to savā datorā.
Kad fails ir saglabāts, dodieties uz Desktop un veiciet dubultklikšķi uz ccsetupxxx_slim.exe
Sekojiet norādēm, lai instalētu programmu.
Pabeigtu uzstādīšanu, tad:
  • Veiciet dubultklikšķi uz CCleaner saīsni darbvirsmā, lai sāktu programmu.
  • Noklikšķiniet uz Options bloķēt pa kreisi, tad izvēlieties Cookies.
    • Zem Sīkdatnes Dzēst, Iezīmējiet visus sīkfailus vēlaties saglabāt pastāvīgi
    • Noklikšķiniet uz bultiņas pa labi > lai pārvietotu tos uz Cookies ievērots logu.
  • Doties Options > Advanced unpārbaudīt Izdzēst tikai failus Windows Temp mapes, kas vecāki par 48 stundām
  • Click Tīrītājs par kreisi, tad Run Cleaner par tiesībām vadīt programmu.
  • Svarīgi: Pārliecinieties, ka ALL pārlūkprogrammas logi ir slēgti pirms atlases Run Cleaner
  • Uzmanību: Nav ieteicams lietot "Reģistrs" īpašība, ja Jums ir ļoti labi pārzina reģistru.
  • Iziet CCleaner pēc tam, kad ir pabeidzis savu procesu.

----------

Lejupielādēt Malwarebytes "Anti-Malware (MBAM)
  • Veiciet dubultklikšķi uz mbam-setup.exe un sekojiet norādījumiem, lai instalētu programmu.
  • Gada beigās, pārliecinieties atzīmes atrodas blakus šādi:
    • Update Malwarebytes "Anti-Malware
    • Launch Malwarebytes "Anti-Malware
  • Pēc tam noklikšķiniet uz Apdare.
  • Ja atjaunināšana ir atrasts, tas lejupielādētu un instalētu jaunāko versiju.
  • Kad programma ir piekrauts, izvēlieties Veikt quick scan, Tad noklikšķiniet uz Scan.
  • Kad skenēšana ir pabeigta, noklikšķiniet uz OK, Tad Parādīt rezultātus apskatīt rezultātus.
  • Pārliecinieties, ka viss ir pārbaudīts, un noklikšķiniet uz Noņemt atlasīto.
  • Kad dezinfekcija ir pabeigta, log atvērsies Notepad un jums var tikt piedāvāts restartēt. (Skatīt Extra piezīmi)
  • Log tiek automātiski saglabāts ar MBAM un to var apskatīt, noklikšķinot Baļķi cilnē MBAM.
  • Kopēt un ielīmēt visu ziņojumu savā nākamajā atbildi.

Extra Piezīme: Ja MBAM sastopas failu, kas ir grūta, Jums tiks parādīts 1 of 2 uzvednes, noklikšķiniet uz Labi, lai nu un ļaujiet MBAM rīkoties ar dezinfekcijas procesu, ja prasīts restartēt datoru, lūdzu, dariet to nekavējoties.
__________________
  #7  
Old 11 oktobris 2008, 23:26
New Member Group
  
Default Iexplore.exe vīruss atkal!

Es saņēmu panākumus ziņu no fixme.reg failu un šeit ir MBAM žurnāls:


Malwarebytes "Anti-Malware 1,28
Database version: 1259
Windows 5.1.2600 Service Pack 3

12/10/2008 5:24:27
mbam-log-2008-10-12 (17-24-27). txt

Scan type: Quick Scan
Objekti skenēts: 45.849
Pagājušo laiku: 2 minūte (s), 43 second (s)

Memory Processes Inficētie: 0
Memory Modules Inficētie: 0
Registry Keys Inficētie: 0
Reģistra vērtības Inficētie: 0
Registry Data Items Infected: 0
Mapes Inficētie: 0
Faili Inficētie: 0

Atmiņas procesi Inficētie:
(No ļaunprātīgs preces konstatētas)

Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Keys Inficētie:
(No ļaunprātīgs preces konstatētas)

Reģistra vērtības Inficētie:
(No ļaunprātīgs preces konstatētas)

Registry Data Items Infected:
(No ļaunprātīgs preces konstatētas)

Mapes Inficētie:
(No ļaunprātīgs preces konstatētas)

Faili Inficētie:
(No ļaunprātīgs preces konstatētas)
  #8  
Old 11 oktobris 2008, 23:29
Moderator Group
  
Default Iexplore.exe vīruss atkal!

Kā viss tagad?
__________________
  #9  
Old 11 oktobris 2008, 23:33
New Member Group
  
Default Iexplore.exe vīruss atkal!

Running ātrāk, bet uzdevumu menedžeris procesos iexplore.exe joprojām ir tur, un kad es beigās tā tas nāk atpakaļ. Apmēram 5 minūtes tā izmanto gandrīz 99% cpu tad pēc awhile to samazinās līdz 0, bet atm lietošanas paliek ap 100.000 K.
  #10  
Old 12 oktobris 2008, 11:41
Moderator Group
  
Default Iexplore.exe vīruss atkal!

Download ComboFix by subs no vienas no saitēm. Pārliecinieties top saglabājiet to Desktop.

Link # 1
Link # 2

** Piezīme: Ir svarīgi, ka tā ir saglabāta tieši jūsu Desktop

Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt ComboFix.

Laiku sakropļot jūsu antivīruss, Un jebkuru antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību.

Dubultklikšķi combofix.exe un sekojiet norādījumiem.
Kad pabeigts ComboFix ražos log for you.
Post ComboFix log un jaunu HijackThis log Jūsu nākamo atbildi.

Svarīgi: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies.

Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.
__________________
Reply
Page 1 of 2 1 2

Register

Bookmarks

Similar Threads
Pavediens Thread Starter Forums Replies Last Post
Iexplore.exe vīrusu? Please help! tharp68 Vīrusu, spiegprogrammatūru un drošība 8 7 janvāris 2009 16:33
Iespējams iexplore.exe vīruss .... sipper Vīrusu, spiegprogrammatūru un drošība 7 3 decembris 2008 22:23
Re: iexplore.exe vīruss mpenney Vīrusu, spiegprogrammatūru un drošība 6 3 novembris, 2008 14:11
Iexplore.exe vīruss .... Please help! zm741 Vīrusu, spiegprogrammatūru un drošība 29 24 septembris 2008 21:57
Iexplore.exe vīruss kfarns00 Vīrusu, spiegprogrammatūru un drošība 9 4 decembris 2007 14:26
Thread Tools



Arabic Bulgarian Chinese (Simplified) Chinese (Traditional) Croatian Czech Danish Dutch English Finnish French German Greek Hebrew Hungarian Italian Japanese Korean Latvian Lithuanian Norwegian Polish Portuguese Romanian Russian Serbian Slovak Spanish Swedish Thai Turkish Ukrainian

Copyright © 2006 - 2009 Computer Sulas.
Kontaktpersona -- Privacy -- Sitemap -- Augša

Powered by vBulletin ® Copyright © 2000 - 2009 Jelsoft Enterprises Ltd SEO līdz 2009 vBSEO ©, Crawlability, Inc