Microsoft Pop Up Tell Me I Have Virus

**hopthwoks** · #1 Jūlijs 3, 2009, 00:31

Man bija microsoft pop up man saki man bija vīruss Ran malwarebyts neko. Ran super anti vīruss bija 16 problēma. Tad atcerējās, ka man bija Drweb skeneris datoru un vadīja to. Bet es pamanīju, ka pats tā sauktā Trojas tur nāk uz augšu.

aolcinst.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ Program Files \ Common Files \ aolback \ Comps \ treneris \ aolcinst.exe; Adware.Gdow n;;
aolcinst.exe, C: \ Program Files \ Common Files \ aolback \ Comps \ treneris; Archive satur inficētās objektiem; Pārcelts.;
TSSetup.exe \ data002, C: \ Program Files \ Common Files \ aolback \ Comps \ tpspd \ TSSetup.exe; Iespējams DLOADER.Trojan;;
TSSetup.exe, C: \ Program Files \ Common Files \ aolback \ Comps \ tpspd; Archive satur inficētās objektiem; Pārcelts.;
ppctl.dll, C: \ Program Files \ Common Files \ scanner; Iespējams DLOADER.Trojan; Pārcelts.;
AIM.exe \ data090, C: \ AOL Instant Messenger \ AIM.exe, Adware.Aws;;
AIM.exe, C: \ AOL Instant Messenger, arhīvs ir inficēti objektiem; Pārcelts.;
setup.exe, C: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4; Iespējams BACKDOOR.Trojan; Pārcelts.;
A0089111.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Adware.Gdown; Pārcelts.;
A0089113.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP212; Iespējams BACKDOOR.Trojan; Pārcelts.;
A0101519.exe \ data090, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217 \ A0101519.exe, Adware.Aws;;
A0101519.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP217; Archive satur inficētās objektiem; Pārcelts.;
A0122098.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP257; Iespējams BATCH.Virus; Pārcelts.;
A0122542.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Iespējams BATCH.Virus; Pārcelts.;
A0122632.bat, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP265; Iespējams BATCH.Virus; Pārcelts.;
A0138379.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292 \ A0138379.exe, Adware.Gdown;;
A0138379.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP292; Archive satur inficētās objektiem; Pārcelts.;
A0139338.exe \ data090, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139338.exe, Adware.Aws;;
A0139338.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Archive satur inficētās objektiem; Pārcelts.;
A0139364.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139364.exe, Adware.Gdown;;
A0139364.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Archive satur inficētiem priekšmetiem; Pārcelts.;
A0139386.exe \ data002, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293 \ A0139386.exe; Iespējams DLOADER.Trojan;;
A0139386.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP293; Archive satur inficētās objektiem; Pārcelts.;
A0139531.DLL, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP296; Iespējams DLOADER.Trojan; Pārcelts.;
A0156077.exe \ data090, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156077.exe, Adware.Aws;;
A0156077.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Archive satur inficētās objektiem; Pārcelts.;
A0156103.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156103.exe, Adware.Gdown;;
A0156103.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Archive satur inficētās objektiem; Pārcelts.;
A0156125.exe \ data002, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315 \ A0156125.exe; Iespējams DLOADER.Trojan;;
A0156125.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP315; Archive satur inficētās objektiem; Pārcelts.;
A0156545.DLL, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP317; Iespējams DLOADER.Trojan; Pārcelts.;
A0157937.exe \ core.cab \ GTDOWNAO_106.ocx, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157937.exe, Adware.Gdown;;
A0157937.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Archive satur inficētās objektiem; Pārcelts.;
A0157938.exe \ data002, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157938.exe; Iespējams DLOADER.Trojan;;
A0157938.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Archive satur inficētās objektiem; Pārcelts.;
A0157939.exe \ data090, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327 \ A0157939.exe, Adware.Aws;;
A0157939.exe, C: \ System Volume Information \ _restore (D9C30710-440A-4B3A-837F-765DA7B6372B) \ RP327; Archive satur inficētās objektiem; Pārcelts.;
Un tas nedrīkst noteikt problēmu vienkārši pārvietot.
Ko man vajadzētu izmantot, lai saņemtu šo Trojas pie datora vienreiz un uz visiem?
Šobrīd man nav anti vīruss darbojas šī iemesla dēļ visiem man tryed nav svarīgi, vai maksā vai bezmaksas tur velkot Aol. (My ISP), kā vīruss.

**evilfantasy** · #2 Jūlijs 3, 2009, 10:09

Update Malwarebytes un vadīt pilnu skenēšanas tad pēc log please.

**hopthwoks** · #3 Jūlijs 3, 2009, 13:29

updated Malwarebytes
Malwarebytes "Anti-Malware 1,38
Database version: 2.297
Windows 5.1.2600 Service Pack 2
7/2/2009 3:06:04
mbam-log-2009-07-02 (15-06-04). txt
Scan type: Full Scan (C: \ |)
Objekti skenēts: 168.556
Pagājušo laiku: 17 minūte (s), 16 second (s)
Memory Processes Inficētie: 0
Memory Modules Inficētie: 0
Registry Keys Inficētie: 0
Reģistra vērtības Inficētie: 0
Registry Data Items Infected: 0
Mapes Inficētie: 0
Faili Inficētie: 0
Atmiņas procesi Inficētie:
(No ļaunprātīgs preces konstatētas)
Memory Modules Inficētie:
(No ļaunprātīgs preces konstatētas)
Registry Keys Inficētie:
(No ļaunprātīgs preces konstatētas)
Reģistra vērtības Inficētie:
(No ļaunprātīgs preces konstatētas)
Registry Data Items Infected:
(No ļaunprātīgs preces konstatētas)
Mapes Inficētie:
(No ļaunprātīgs preces konstatētas)
Faili Inficētie:
(No ļaunprātīgs preces konstatētas)

Bet pēc šīs skenēšanas bija virs loga poped līdz stāstīja man tur bija kļūda, logi nepieciešams slēgt.

**evilfantasy** · #4 Jūlijs 3, 2009, 14:52

Download DDS no | Šeit | vai | Šeit | vai | Šeit | un saglabājiet to savā datorā.

Vista lietotājiem labais klikšķis uz DDS un izvēlieties Palaist kā administratoram (jūs saņemsiet UAC ātru, lūdzu, atļauj to)

* XP lietotājiem Divreiz uzklikšķiniet uz DDS lai tā varētu darboties.
* Ja jūsu antivīruss vai ugunsmūra mēģināt bloķēt DDS tad, lūdzu, lai tā varētu darboties.
* Kad pabeigts DDS tiks atvērta divu (2) apaļkokiem.

1) DDS.txt
2) Attach.txt

* Save gan apaļkokus uz Jūsu rakstāmgalda.
* Lūdzu, nokopējiet un ielīmējiet visu saturu gan savā nākamajā atbildes logs.

Piezīme: DDS Jums dos norādījumus, lai ievietotu Attach.txt žurnālā, kā pielikumu.
Lūdzu, tikai pēc tā, kā jūs jebkuru citu žurnālu, ko kopēt un ielīmēt to atbildi.

----------

Lejupielādēt Rooter.exe Jūsu datorā

* Dubultklikšķis Rooter.exe sākt rīks .* DOS logs un parādīt skenēšanas progresu.
* Kad pabeigta notepad fails satur ziņojums tiks atvērts.
* Kopēt un ielīmēt savā nākamajā atbildes rezultātus.
* Close notepad un Rooter būs tuvu.

Log arī ietaupījumu % systemdrive% \ Rooter.txt (Ja% systemdrive% parasti ir C: vai diska, jums ir Windows uzstādīti).

**hopthwoks** · #5 Jūlijs 3, 2009, 17:13

DDS (Ver_09-06-26,01) - FAT32x86
Palaidiet Windows lietotājs 19:43:32.90 no 07/03/2009 Piektdiena
Internet Explorer: 8.0.6001.18702
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.788 [GMT -4:00]

============== Running Processes ===============
C: \ WINDOWS \ system32 \ svchost-k DcomLaunch
Svchost.exe
C: \ WINDOWS \ System32 \ svchost.exe-k netsvcs
Svchost.exe
Svchost.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
Svchost.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe
C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe
C: \ WINDOWS \ System32 \ snmp.exe
C: \ WINDOWS \ system32 \ svchost.exe-k imgsvc
C: \ Windows \ Explorer.exe
C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmgr.exe
C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe
C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmon.exe
C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe
C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe
C: \ WINDOWS \ system32 \ ctfmon.exe
C: \ Program Files \ Jet Screenshot \ jetScreenshot.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ America Online 9,0 \ waol.exe
C: \ Program Files \ America Online 9,0 \ shellmon.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ MYDOCU ~ 1 \ dds.scr
============== Pseudo HJT Ziņojums ===============
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & RLS = com.micros bieži: en-US & ie = utf8 & oe = utf8
uStart Page = hxxp: / / www.aol.com/
uWindow title = Internet Explorer, ko Epix ®
mWindow title = Internet Explorer, ko Epix ®
BHO: AskBar BHO: (201f27d4-3.704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
BHO: Java (tm) Plug-In 2 SSV Helper: (dbc80044-a445-435b-bc74-9c25c1c588a9) - C: \ Program Files \ Java \ jre6 \ bin \ jp2ssv.dll
BHO: JQSIEStartDetectorImpl Klase: (e7e6f031-17ce-4c07-bc86-eabfe594f69c) - C: \ Program Files \ Java \ jre6 \ lib \ izvietot \ jqs \ ti \ jqs_plugin.dll
TB: AIM Meklēt: (40d41a8b-d79b-43d7-99a7-9ee0f344c385) --
TB: AOL Toolbar: (4982d40a-c53b-4.615-b15b-b5b5e98d167c) - C: \ Program Files \ aol rīkjoslu \ toolbar.dll
TB: Jautājiet Toolbar: (3041d03e-fd4b-44e0-b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
EB: Real.com: (fe54fa40-d68c-11d2-98fa-00c0f0318afe) - C: \ Windows \ system32 \ Shdocvw.dll
uRun: [ctfmon.exe] C: \ Windows \ system32 \ ctfmon.exe
uRun: [AOL Fast Start] "C: \ Program Files \ America Online 9,0 \ AOL.EXE"-b
uRun: [Jet Screenshot] "C: \ Program Files \ jet screenshot \ jetScreenshot.exe"
mRun: [Lexmark 5.200 sērija] "C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmgr.exe"
mRun: [LXBTCATS] rundll32 C: \ Windows \ system32 \ spool \ drivers \ w32x86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16
mRun: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe"
mRun: [HostManager] C: \ Program Files \ Common Files \ aol \ 1246084174 \ ee \ AOLSoftware.exe
mRun: [AOLDialer] C: \ Program Files \ Common Files \ aol \ ACS \ AOLDial.exe
mRun: [Pure Networks Port Burvju] "C: \ PROGRA ~ 1 \ purene ~ 1 \ portma ~ 1 \ PortAOL.exe"-Run
mRun: [QuickTime Task] "C: \ Program Files \ quicktime \ qttask.exe"-atboottime
IE: & Pievienot animācijas IncrediMail Style Box - c: \ Program Files \ IncrediMail \ bin \ resursu \ WebMenuImg.htm
IE: & AIM Meklēt
IE: & AOL Toolbar meklēšana - C: \ Program Files \ AOL rīkjosla \ toolbar.dll / search.html
IE: (e2e2dd38-d088-4.134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe
IE: (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe
IE: (4982D40A-C53B-4.615-B15B-B5B5E98D167C) - (4982D40A-C53B-4.615-B15B-B5B5E98D167C) - C: \ Program Files \ aol rīkjoslu \ toolbar.dll
IE: (CD67F990-D8E9-11d2-98FE-00C0F0318AFE) - (FE54FA40-D68C-11d2-98FA-00C0F0318AFE) - C: \ Windows \ system32 \ Shdocvw.dll
LSP: FarLsp.dll
Trusted Zona: 88sears.com \ www
Trusted Zona: aol.com \ www
Trusted Zona: comodo.com \ www
Trusted Zona: computer-juice.com \ www
Trusted Zona: giveawayoftheday.com \ www
Trusted Zona: newegg.com \ www
Trusted Zona: pchelpforum.com \ www
Trusted Zona: searscard.com \ www
Trusted Zona: statefarm.com \ www
Trusted Zona: winpatrol.com \ www
DPF: DirectAnimation Java Classes
DPF: Internet Explorer klasēm Java
DPF: Microsoft XML Parser Java
DPF: Win32 Classes
DPF: (05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8) - hxxp: / / download.microsoft.com/download/e/7/3/e7345c16-80aa-4488-ae10-9ac6be844f99/OGAControl.cab
DPF: (15589FA1-C456-11CE-BF01-00AA0055595A) - hxxp: / / w4s2.work4sure.com/c/ge/w4sgeen9.exe
DPF: (5D86DDB5-BDF9-441B-9E9E-D4730F4EE499) - hxxp: / / download.bitdefender.com/resources/scanner/sources/en/scan8/oscan8.cab
DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) - hxxp: / / update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab? 1181748806125
DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) - hxxp: / / update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab? 1223016488385
DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (A90A5822-F108-45AD-8.482-9BC8B12DD539) - hxxp: / / www.crucial.com / kontroles / cpcScanner.cab
DPF: (B1E2B96C-12FE-45E2-BEF1-44A219113CDD) - hxxp: / / www.superadblocker.com / ActiveX / sabspx.cab
DPF: (CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (CAFEEFAC-ffff-ffff-ffff-ABCDEFFEDCBA) - hxxp: / / java.sun.com/update/1.6.0/jinstall-1_6_0_14-windows-i586.cab
DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) - hxxp: / / download.macromedia.com / pub / shockwave / kabīnēm / flash / swflash.cab
DPF: (E8F628B5-259A-4.734-97EE-BA914D7BE941) - hxxp: / / plugin.driveragent.com / files / driveragent.cab
AppInit_DLLs: c: \ windows \ system32 \ cssdll32.dll
LSA: Paziņojums Packages = scecli
============= PAKALPOJUMI / Drivers ===============
R1 SASDIFSV; SASDIFSV c: \ Program Files \ superantispyware \ sasdifsv.sys [2006/10/10 5.632]
R1 SASKUTIL; SASKUTIL c: \ Program Files \ superantispyware \ SASKUTIL.SYS [2007/2/27 32.256]
R3 Winacusb; Winacusb c: \ windows \ system32 \ drivers \ wina cusb.sys [2008/3/25 902.860]
S2 ioloFileInfoList; iolo FileInfoList dienests c: \ Program Files \ iolo \ Common \ lib \ ioloservicemanager.exe -> C: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo sistēmu serviss, c: \ Program Files \ iolo \ Common \ lib \ ioloservicemanager.exe -> C: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive c: \ win dows \ system32 \ drivers \ FarDrive.sys [2003/4/2 140.256]
S3 ousb2hub; OrangeWare USB 2.0 Hub sekmēšana; c: \ windows \ system32 \ drivers \ ousb2hub.sys [2008/2/27 53.248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ pavs rk.sys -> C: \ Windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ pavt pk.sys -> C: \ Windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM c: \ Program Files \ superantispyware \ SASENUM.SYS [2006/2/16 4.096]
S3 SIVDRIVER; SIV Kernel Driver; c: \ windows \ system32 \ drivers \ SIVX32.sys [2008/4/9 48.480]
============== File Associations ===============
JSEFile = NOTEPAD.EXE% 1
VBEFile = NOTEPAD.EXE% 1
VBSFile = NOTEPAD.EXE% 1
=============== Izveidots Pēdējā 30 ================
2009/07/03 02:49 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ licences
2009/07/03 02:49 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ PCMM2009
2009/07/03 02:48 <DIR> - d ----- c: \ Program Files \ PC MightyMax 2.009
2009/07/01 09:43 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ ArcticLine
2009/07/01 09:43 <DIR> - d ----- c: \ Program Files \ Jet Screenshot
2009/06/27 02:36 <DIR> - d ----- C: \ Windows \ system32 \ CatRoot_bak
2009/06/27 02:30 <DIR> - d ----- C: \ Install iTunes
2009/06/27 02:30 <DIR> - d ----- C: \ Install ICQ
2009/06/27 02:30 <DIR> - d ----- C: \ AOL Instant Messenger
2009/06/27 02:30 <DIR> - d ----- C: \ MAV
2009/06/27 02:29 <DIR> - d ----- c: \ Program Files \ Common Files \ aolshare
2009/06/27 02:29 <DIR> - d ----- c: \ Program Files \ America Online 9,0
2009/06/24 22:33 221.184 ------- c: \ windows \ system32 \ wmpns.dll
2009/06/24 22:05 <DIR> - d ----- C: \ Windows \ system32 \ scripting
2009/06/24 22:05 <DIR> - d ----- c: \ windows \ l2schemas
2009/06/24 22:05 <DIR> - d ----- C: \ Windows \ system32 \ LV
2009/06/24 22:05 <DIR> - d ----- C: \ Windows \ system32 \ bits
2009/06/24 21:56 67.584 ------- c: \ windows \ system32 \ drivers \ sdbus.sys
2009/06/24 21:56 36.096 ------- c: \ windows \ system32 \ drivers \ intelppm.sys
2009/06/24 21:56 15.488 ------- c: \ windows \ system32 \ drivers \ mssmbios.sys
2009/06/24 21:56 12.416 ------- c: \ windows \ system32 \ drivers \ tunmp.sys
2009/06/24 21:56 11.136 ------- c: \ windows \ system32 \ drivers \ sffdisk.sys
2009/06/24 21:56 10.240 ------- c: \ windows \ system32 \ drivers \ sffp_sd.sys
2009/06/24 21:56 262.784 ------- c: \ windows \ system32 \ drivers \ http.sys
2009/06/24 21:54 2.012.670 ------- c: \ windows \ system32 \ dllcache \ nt5.cat
2009/06/24 21:53 114.688 ------- c: \ windows \ system32 \ dllcache \ wscript.exe
2009/06/24 21:50 <DIR> - d ----- c: \ windows \ EHome
2009/06/24 02:10 <DIR> - d ----- c: \ Program Files \ SNSafe & Software
2009/06/24 02:10 <DIR> - d ----- c: \ DOCUME ~ 1 \ alluse ~ 1 \ Applic ~ 1 \ SNSafe & Software
2009/06/20 20:46 246.272 -------- C: \ Windows \ system32 \ dllcache \ ieproxy.dll
2009/06/20 20:46 12.800 -------- C: \ Windows \ system32 \ dllcache \ xpshims.dll
2009/06/17 20:32 <DIR> - DSH --- C: \ FOUND.020
2009/06/17 10:03 <DIR> - dh --- c: \ windows \ IE8
2009/06/16 19:54 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ AVS4YOU
2009/06/16 19:54 <DIR> - d ----- c: \ DOCUME ~ 1 \ alluse ~ 1 \ Applic ~ 1 \ AVS4YOU
2009/06/16 19:53 <DIR> - d ----- c: \ Program Files \ Common Files \ AVSMedia
2009/06/16 19:53 1.700.352 ------- c: \ windows \ system32 \ GdiPlus.dll
2009/06/16 19:53 974.848 ------- c: \ windows \ system32 \ mfc70.dll
2009/06/16 19:53 487.424 ------- c: \ windows \ system32 \ msvcp70.dll
2009/06/16 19:53 344.064 ------- c: \ windows \ system32 \ msvcr70.dll
2009/06/16 19:53 <DIR> - d ----- c: \ Program Files \ AVS4YOU
2009/06/12 21:45 3.120 ------- c: \ windows \ MF_C426.lfa
2009/06/11 16:27 <DIR> - d ----- c: \ Program Files \ Fresh RAM
2009/06/11 16:21 <DIR> - DSH --- C: \ FOUND.019
2009/06/11 11:55 5.465.088 ------- C: \ Fresh RAM.msi
2009/06/09 02:29 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ Blitware
2009/06/09 02:29 <DIR> - d ----- c: \ Program Files \ Driver Robot
2009/06/08 22:24 <DIR> - d ----- c: \ DOCUME ~ 1 \ alluse ~ 1 \ Applic ~ 1 \ PC Drivers Headquarters
2009/06/07 23:00 <DIR> - d ----- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ GetRightToGo
2009/06/07 19:38 7.680 ------- c: \ windows \ system32 \ spdwnwxp.exe
2009/06/07 19:38 19.569 ------- c: \ windows \ 002865_.tmp
2009/06/06 23:57 <DIR> - DSH --- C: \ Recycled
2009/06/06 10:46 <DIR> - d ----- c: \ Program Files \ filehippo.com
2009/06/04 23:59 <DIR> - d ----- c: \ Program Files \ DrWeb
2009/06/03 23:57 <DIR>-dshr - C: \ cmdcons
2009/06/03 23:28 161.792 ------- c: \ windows \ SWREG.exe
2009/06/03 23:28 98.816 ------- c: \ windows \ sed.exe
==================== Find3M ====================
2009/06/27 02:16 76.487 ------- c: \ windows \ pchealth \ helpctr \ offlinecache \ index.dat
2009/06/17 11:27 38.160 ------- c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009/06/17 11:27 19.096 ------- c: \ windows \ system32 \ drivers \ mbam.sys
2009/06/11 18:43 1.744 ------- c: \ windows \ system32 \ d3d9caps.dat
2009/05/27 11:21 372 ------- c: \ Program Files \ ujhonz.txt
2009/05/21 11:33 410.984 ------- c: \ windows \ system32 \ deploytk.dll
2009/05/13 01:15 5.936.128 ------- c: \ windows \ system32 \ dllcache \ mshtml.dll
2009/05/13 01:15 915.456 ------- c: \ windows \ system32 \ Wininet.dll
2009/05/13 01:15 915.456 ------- c: \ windows \ system32 \ dllcache \ Wininet.dll
2009/05/12 01:11 102.912 -------- C: \ Windows \ system32 \ dllcache \ iecompat.dll
2009/05/07 11:44 344.064 ------- c: \ windows \ system32 \ localspl.dll
2009/05/07 11:44 344.064 ------- c: \ windows \ system32 \ dllcache \ localspl.dll
2009/04/30 17:22 1.985.024 ------- c: \ windows \ system32 \ dllcache \ iertutil.dll
2009/04/30 17:22 11.064.832 ------- c: \ windows \ system32 \ dllcache \ ieframe.dll
2009/04/30 17:22 1.207.808 ------- c: \ windows \ system32 \ dllcache \ urlmon.dll
2009/04/30 17:22 385.536 ------- c: \ windows \ system32 \ dllcache \ iedkcs32.dll
2009/04/30 17:22 25.600 ------- c: \ windows \ system32 \ dllcache \ jsproxy.dll
2009/04/30 07:21 173.056 ------- c: \ windows \ system32 \ dllcache \ ie4uinit.exe
2009/04/22 00:07 253.688 ------- c: \ windows \ system32 \ cssdll32.dll
2009/04/17 05:58 1.846.656 ------- c: \ windows \ system32 \ win32k.sys
2009/04/17 05:58 1.846.656 ------- c: \ windows \ system32 \ dllcache \ win32k.sys
2009/04/15 11:26 583.168 ------- c: \ windows \ system32 \ rpcrt4.dll
2009/04/15 11:26 583.168 ------- c: \ windows \ system32 \ dllcache \ rpcrt4.dll
2008/03/18 03:11 332 ------- c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ wklnhst.dat
2007/06/10 23:19 11.079 ------- c: \ Program Files \ folder.htt
2007/06/10 23:19 266 --- SH --- c: \ Program Files \ desktop.ini
============= Apdare: 19:43:58.97 ===============
Ja vien īpaši apmācīti, DO NOT POST THIS LOG.
Ja to pieprasa, ZIP IT UP & PIEVIENOJIET IT
DDS (Ver_09-06-26,01)
Microsoft Windows XP Home Edition
Boot Device \ Device \ HarddiskVolume1
Install Date: 6/13/2007 12:27:51
System Uptime: 7/3/2009 6:50:56 PM (1 hours ago)
Motherboard: EKS | | K7S5A
Procesors: AMD Athlon (tm) XP 1.900 + | Socket-| 1593/66mhz
==== Disk Starpsienas =========================
: Ir Removable
C: ir fiksēts (FAT32) - 112 GiB Kopā 90,479 GiB bezmaksas.
D: ir CDROM ()
==== Disabled Device Manager Items =============
==== System Restore Points ===================
RP205: 3/27/2009 3:00:16 AM - Software Distribution Service 3,0
RP206: 3/27/2009 3:38:07 AM - Software Distribution Service 3,0
RP207: 3/28/2009 3:52:35 AM - System Checkpoint
RP208: 3/29/2009 10:01:09 PM - Software Distribution Service 3,0
RP209: 6/6/2009 10:52:13 PM - Installed dziedātājstrazds Beacon Pasniedz Typing 15
RP210: 6/6/2009 10:52:30 PM - Removed dziedātājstrazds Beacon Pasniedz Typing 15
RP211: 6/6/2009 10:52:49 PM - Installed Panda Internet Security 2.007
RP212: 6/6/2009 10:53:06 PM - Removed Panda Internet Security 2.007
RP213: 5/16/2009 12:48:17 PM - Software Distribution Service 3,0
RP214: 5/17/2009 4:49:29 PM - Software Distribution Service 3,0
RP215: 5/17/2009 5:35:08 PM - Software Distribution Service 3,0
RP216: 5/18/2009 8:44:14 AM - Software Distribution Service 3,0
RP217: 5/18/2009 8:51:46 AM - Software Distribution Service 3,0
RP218: 5/19/2009 12:10:32 PM - Software Distribution Service 3,0
RP219: 5/19/2009 1:35:25 PM - Software Distribution Service 3,0
RP220: 5/20/2009 8:09:36 AM - Software Distribution Service 3,0
RP221: 5/20/2009 9:17:11 AM - Software Distribution Service 3,0
RP222: 5/21/2009 8:36:45 AM - Software Distribution Service 3,0
RP223: 5/21/2009 9:24:15 AM - Software Distribution Service 3,0
RP224: 5/21/2009 3:40:47 PM - Software Distribution Service 3,0
RP225: 5/21/2009 11:38:45 PM - Software Distribution Service 3,0
RP226: 5/22/2009 7:54:23 PM - Software Distribution Service 3,0
RP227: 5/22/2009 10:48:21 PM - Software Distribution Service 3,0
RP228: 5/23/2009 7:15:10 PM - Software Distribution Service 3,0
RP229: 5/24/2009 4:32:34 PM - Software Distribution Service 3,0
RP230: 5/24/2009 6:46:46 PM - Software Distribution Service 3,0
RP231: 5/24/2009 8:21:48 PM - Software Distribution Service 3,0
RP232: 5/24/2009 11:47:56 PM - Software Distribution Service 3,0
RP233: 5/25/2009 8:18:22 AM - Software Distribution Service 3,0
RP234: 5/25/2009 8:39:45 AM - Software Distribution Service 3,0
RP235: 5/25/2009 11:41:13 PM - Software Distribution Service 3,0
RP236: 5/26/2009 10:33:23 AM - Software Distribution Service 3,0
RP237: 5/27/2009 8:13:50 AM - Software Distribution Service 3,0
RP238: 5/27/2009 8:45:24 AM - Software Distribution Service 3,0
RP239: 5/27/2009 7:16:04 PM - Software Distribution Service 3,0
RP240: 5/28/2009 4:52:25 PM - Software Distribution Service 3,0
RP241: 5/28/2009 4:58:56 PM - Software Distribution Service 3,0
RP242: 5/28/2009 5:05:35 PM - Installed Windows Internet Explorer 8.
RP243: 5/28/2009 5:06:37 PM - Software Distribution Service 3,0
RP244: 5/29/2009 8:39:44 AM - Software Distribution Service 3,0
RP245: 5/29/2009 8:52:41 AM - Software Distribution Service 3,0
RP246: 5/30/2009 5:01:53 AM - Software Distribution Service 3,0
RP247: 5/31/2009 9:08:55 PM - Software Distribution Service 3,0
RP248: 6/1/2009 12:30:50 AM - Installed Windows Internet Explorer 8.
RP249: 6/1/2009 12:31:29 AM - Software Distribution Service 3,0
RP250: 6/1/2009 1:01:01 AM - Software Distribution Service 3,0
RP251: 6/1/2009 9:59:00 AM - Software Distribution Service 3,0
RP252: 6/2/2009 1:25:10 AM - Software Distribution Service 3,0
RP253: 6/2/2009 1:44:44 PM - Software Distribution Service 3,0
RP254: 6/2/2009 9:42:45 PM - Software Distribution Service 3,0
RP255: 6/3/2009 2:52:20 AM - Software Distribution Service 3,0
RP256: 6/3/2009 10:07:30 AM - Software Distribution Service 3,0
RP257: 6/3/2009 9:03:54 PM - Software Distribution Service 3,0
RP258: 6/4/2009 1:16:16 AM - Installed MSXML 4,0 SP2 (KB925672)
RP259: 6/4/2009 3:00:13 AM - Software Distribution Service 3,0
RP260: 6/4/2009 3:13:34 AM - Software Distribution Service 3,0
RP261: 6/4/2009 11:59:13 PM - Installed Dr.Web pretvīrusu par 5,0 Windows.
RP262: 6/5/2009 12:36:30 AM - Removed Dr.Web pretvīrusu par 5,0 Windows.
RP263: 6/5/2009 12:38:54 AM - Removed Dr.Web pretvīrusu par 5,0 Windows.
RP264: 6/5/2009 2:22:38 AM - Software Distribution Service 3,0
RP265: 6/6/2009 3:00:14 AM - Software Distribution Service 3,0
RP266: 6/6/2009 10:51:09 AM - Software Distribution Service 3,0
RP267: 6/7/2009 12:10:12 AM - Software Distribution Service 3,0
RP268: 6/8/2009 12:20:37 AM - Software Distribution Service 3,0
RP269: 6/8/2009 10:03:39 AM - Software Distribution Service 3,0
RP270: 6/8/2009 10:23:28 PM - Installed Driver Detective
RP271: 6/8/2009 10:41:57 PM - Software Distribution Service 3,0
RP272: 6/9/2009 2:32:24 AM - Software Distribution Service 3,0
RP273: 6/9/2009 8:29:05 AM - Software Distribution Service 3,0
RP274: 6/9/2009 1:25:29 PM - Software Distribution Service 3,0
RP275: 6/9/2009 11:06:13 PM - Software Distribution Service 3,0
RP276: 6/10/2009 8:56:06 AM - Software Distribution Service 3,0
RP277: 6/10/2009 9:40:44 AM - Software Distribution Service 3,0
RP278: 6/11/2009 1:45:31 AM - Software Distribution Service 3,0
RP279: 6/11/2009 4:27:14 PM - Installed Fresh RAM
RP280: 6/11/2009 6:45:39 PM - konfigurēts Driver Detective
RP281: 6/12/2009 1:51:36 AM - Software Distribution Service 3,0
RP282: 6/12/2009 8:55:19 AM - Software Distribution Service 3,0
RP283: 6/13/2009 11:02:27 AM - Software Distribution Service 3,0
RP284: 6/13/2009 11:13:50 AM - Software Distribution Service 3,0
RP285: 6/14/2009 10:49:45 PM - Software Distribution Service 3,0
RP286: 6/15/2009 9:16:53 AM - Software Distribution Service 3,0
RP287: 6/15/2009 11:09:18 PM - Software Distribution Service 3,0
RP288: 6/16/2009 10:07:34 AM - Software Distribution Service 3,0
RP289: 6/17/2009 9:01:20 AM - Software Distribution Service 3,0
RP290: 6/17/2009 10:05:33 AM - Installed Windows Internet Explorer 8.
RP291: 6/18/2009 10:16:10 AM - Software Distribution Service 3,0
RP292: 6/18/2009 10:41:06 AM - Installed Windows Media Format 9 Series Runtime Setup
RP293: 6/18/2009 1:11:48 PM - Installed Windows Media Format 9 Series Runtime Setup
RP294: 6/18/2009 1:29:13 PM - Software Distribution Service 3,0
RP295: 6/19/2009 3:01:54 AM - Software Distribution Service 3,0
RP296: 6/19/2009 9:29:35 AM - Software Distribution Service 3,0
RP297: 6/19/2009 5:47:01 PM - Software Distribution Service 3,0
RP298: 6/20/2009 6:59:50 PM - Software Distribution Service 3,0
RP299: 6/20/2009 7:05:46 PM - Installed Java (TM) 6 Update 14
RP300: 6/21/2009 4:07:26 PM - Software Distribution Service 3,0
RP301: 6/21/2009 4:14:22 PM - Software Distribution Service 3,0
RP302: 6/22/2009 9:44:00 AM - Software Distribution Service 3,0
RP303: 6/22/2009 11:31:38 AM - Software Distribution Service 3,0
RP304: 6/23/2009 3:00:23 AM - Software Distribution Service 3,0
RP305: 6/24/2009 9:44:31 AM - Software Distribution Service 3,0
RP306: 6/24/2009 9:55:45 AM - Software Distribution Service 3,0
RP307: 6/24/2009 10:14:50 AM - Software Distribution Service 3,0
RP308: 6/24/2009 9:41:13 PM - Software Distribution Service 3,0
RP309: 6/25/2009 2:52:04 AM - Software Distribution Service 3,0
RP310: 6/25/2009 12:17:49 PM - Software Distribution Service 3,0
RP311: 6/26/2009 9:27:47 PM - Software Distribution Service 3,0
RP312: 6/27/2009 12:41:14 AM - Restore Operation
RP313: 6/27/2009 1:35:40 AM - Restore Operation
RP314: 6/27/2009 2:25:58 AM - Software Distribution Service 3,0
RP315: 6/27/2009 2:30:41 AM - Installed Windows Media Format 9 Series Runtime Setup
RP316: 6/28/2009 8:31:27 AM - Software Distribution Service 3,0
RP317: 6/29/2009 10:03:24 AM - Software Distribution Service 3,0
RP318: 6/29/2009 6:35:12 PM - Software Distribution Service 3,0
RP319: 6/29/2009 9:00:14 PM - Software Distribution Service 3,0
RP320: 6/30/2009 3:32:09 AM - Software Distribution Service 3,0
RP321: 6/30/2009 11:45:20 AM - Software Distribution Service 3,0
RP322: 7/1/2009 9:15:52 AM - Software Distribution Service 3,0
RP323: 7/1/2009 11:21:44 AM - Software Distribution Service 3,0
RP324: 7/1/2009 10:38:39 PM - Software Distribution Service 3,0
RP325: 7/2/2009 3:16:53 AM - Software Distribution Service 3,0
RP326: 7/2/2009 12:22:35 PM - Software Distribution Service 3,0
RP327: 7/2/2009 7:09:25 PM - Software Distribution Service 3,0
RP328: 7/3/2009 4:04:54 AM - Software Distribution Service 3,0
==== Installed Programs ======================

ABBYY FineReader 5.0 Sprint Plus
Adobe Flash Player 10 ActiveX
AOL Coach Version 2.0 (Build: 20.041.026,5 en)
AOL Connectivity Services
AOL Deskbar
AOL Toolbar
AOL atinstalētājs (Izvēlieties kuras Produkti, atcelt)
AOL You've Got Bildes Screensaver
C-Media Audio
C-Media WDM Audio Driver
Comodo SafeSurf
Saderības pakotne Office 2007 sistēmas
Cool PDF Reader 1,0
Driver Robot 1.0.6.0
filehippo.com Update Checker
Fresh RAM
HackerSmacker
HijackThis 2.0.2
Labojumfailu Windows XP (KB896344)
Labojumfailu Windows XP (KB914440)
Labojumfailu Windows XP (KB915865)
Labojumfailu Windows XP (KB952287)
IncrediMail Xe
Java (TM) 6 Update 14
Jet Screenshot v 2.0
Lexmark 5.200 Series
Macromedia Shockwave Player
Magentic
Malwarebytes "Anti-Malware
Microsoft. NET Framework 1.1
Microsoft. NET Framework 2.0
Microsoft Internationalized Domain Names mazināšanas APIs
Microsoft National Language Support Downlevel APIs
Microsoft Office PowerPoint Viewer 2007 (Angļu)
Microsoft Visual C + + 2005 Redistributable
Microsoft Web Publishing Wizard 1,52
Microsoft Works
MSXML 4,0 SP2 (KB925672)
MSXML 4,0 SP2 (KB927978)
MSXML 4,0 SP2 (KB936181)
MSXML 4,0 SP2 (KB954430)
MSXML 6 Service Pack 2 (KB954459)
Pure Networks Port Magic
QuickTime
RealPlayer Basic
Security Update for Windows Internet Explorer 7 (KB933566)
Security Update for Windows Internet Explorer 7 (KB937143)
Security Update for Windows Internet Explorer 7 (KB938127)
Security Update for Windows Internet Explorer 7 (KB939653)
Security Update for Windows Internet Explorer 7 (KB942615)
Security Update for Windows Internet Explorer 7 (KB944533)
Security Update for Windows Internet Explorer 7 (KB963027)
Security Update for Windows Internet Explorer 8 (KB969897)
Security Update for Windows Media Player (KB911564)
Security Update for Windows Media Player (KB952069)
Security Update for Windows Media Player 6.4 (KB925398)
Security Update for Windows Media Player 9 (KB917734)
Security Update for Windows Media Player 9 (KB936782)
Security Update for Windows XP (KB893756)
Security Update for Windows XP (KB896358)
Security Update for Windows XP (KB896423)
Security Update for Windows XP (KB896428)
Security Update for Windows XP (KB899587)
Security Update for Windows XP (KB899591)
Security Update for Windows XP (KB900725)
Security Update for Windows XP (KB901017)
Security Update for Windows XP (KB901214)
Security Update for Windows XP (KB902400)
Security Update for Windows XP (KB904706)
Security Update for Windows XP (KB905414)
Security Update for Windows XP (KB905749)
Security Update for Windows XP (KB908519)
Security Update for Windows XP (KB911562)
Security Update for Windows XP (KB911927)
Security Update for Windows XP (KB913580)
Security Update for Windows XP (KB914388)
Security Update for Windows XP (KB914389)
Security Update for Windows XP (KB917344)
Security Update for Windows XP (KB917953)
Security Update for Windows XP (KB918118)
Security Update for Windows XP (KB918439)
Security Update for Windows XP (KB919007)
Security Update for Windows XP (KB920213)
Security Update for Windows XP (KB920670)
Security Update for Windows XP (KB920683)
Security Update for Windows XP (KB920685)
Security Update for Windows XP (KB921503)
Security Update for Windows XP (KB922819)
Security Update for Windows XP (KB923191)
Security Update for Windows XP (KB923414)
Security Update for Windows XP (KB923561)
Security Update for Windows XP (KB923689)
Security Update for Windows XP (KB923980)
Security Update for Windows XP (KB924191)
Security Update for Windows XP (KB924270)
Security Update for Windows XP (KB924496)
Security Update for Windows XP (KB924667)
Security Update for Windows XP (KB925902)
Security Update for Windows XP (KB926247)
Security Update for Windows XP (KB926255)
Security Update for Windows XP (KB926436)
Security Update for Windows XP (KB927779)
Security Update for Windows XP (KB927802)
Security Update for Windows XP (KB928255)
Security Update for Windows XP (KB928843)
Security Update for Windows XP (KB929123)
Security Update for Windows XP (KB930178)
Security Update for Windows XP (KB931261)
Security Update for Windows XP (KB931784)
Security Update for Windows XP (KB932168)
Security Update for Windows XP (KB933566)
Security Update for Windows XP (KB933729)
Security Update for Windows XP (KB935839)
Security Update for Windows XP (KB935840)
Security Update for Windows XP (KB936021)
Security Update for Windows XP (KB938464)
Security Update for Windows XP (KB938829)
Security Update for Windows XP (KB941202)
Security Update for Windows XP (KB941568)
Security Update for Windows XP (KB941569)
Security Update for Windows XP (KB941644)
Security Update for Windows XP (KB941693)
Security Update for Windows XP (KB943055)
Security Update for Windows XP (KB943460)
Security Update for Windows XP (KB943485)
Security Update for Windows XP (KB944653)
Security Update for Windows XP (KB945553)
Security Update for Windows XP (KB946026)
Security Update for Windows XP (KB946648)
Security Update for Windows XP (KB948590)
Security Update for Windows XP (KB948881)
Security Update for Windows XP (KB950749)
Security Update for Windows XP (KB950760)
Security Update for Windows XP (KB950762)
Security Update for Windows XP (KB950974)
Security Update for Windows XP (KB951066)
Security Update for Windows XP (KB951376-v2)
Security Update for Windows XP (KB951376)
Security Update for Windows XP (KB951698)
Security Update for Windows XP (KB951748)
Security Update for Windows XP (KB952004)
Security Update for Windows XP (KB952954)
Security Update for Windows XP (KB953839)
Security Update for Windows XP (KB954211)
Security Update for Windows XP (KB954600)
Security Update for Windows XP (KB955069)
Security Update for Windows XP (KB956391)
Security Update for Windows XP (KB956572)
Security Update for Windows XP (KB956802)
Security Update for Windows XP (KB956803)
Security Update for Windows XP (KB956841)
Security Update for Windows XP (KB957095)
Security Update for Windows XP (KB957097)
Security Update for Windows XP (KB958644)
Security Update for Windows XP (KB958687)
Security Update for Windows XP (KB958690)
Security Update for Windows XP (KB959426)
Security Update for Windows XP (KB960225)
Security Update for Windows XP (KB960715)
Security Update for Windows XP (KB960803)
Security Update for Windows XP (KB961373)
Security Update for Windows XP (KB961501)
Security Update for Windows XP (KB968537)
Security Update for Windows XP (KB969898)
Security Update for Windows XP (KB970238)
SiS 900 PCI Fast Ethernet Adapter Driver
SIW versija 2008/04/02
SUPERAntiSpyware Free Edition
Drukāšanas 21
US Robotics 56K Faxmodem USB
Update for Windows XP (KB894391)
Update for Windows XP (KB898461)
Update for Windows XP (KB900485)
Update for Windows XP (KB904942)
Update for Windows XP (KB908531)
Update for Windows XP (KB910437)
Update for Windows XP (KB911280)
Update for Windows XP (KB916595)
Update for Windows XP (KB920342)
Update for Windows XP (KB920872)
Update for Windows XP (KB922582)
Update for Windows XP (KB927891)
Update for Windows XP (KB930916)
Update for Windows XP (KB931836)
Update for Windows XP (KB932823-v3)
Update for Windows XP (KB933360)
Update for Windows XP (KB938828)
Update for Windows XP (KB942763)
Update for Windows XP (KB955839)
Update for Windows XP (KB967715)
Viedoklis Media Player
WebFldrs XP
Windows Genuine Advantage Validation Tool (KB892130)
Windows Installer 3.1 (KB893803)
Windows Internet Explorer 8
Windows XP Hotfix - KB873339
Windows XP Hotfix - KB885836
Windows XP Hotfix - KB886185
Windows XP Hotfix - KB887472
Windows XP Hotfix - KB888302
Windows XP Hotfix - KB890859
Windows XP Hotfix - KB891781
Windows XP Uninstall
WinPatrol 2.009
Zoom V.92 PCI Balss Faxmodem
Zoom V92 PC Card Balss Faxmodem
==== Event Viewer ziņas no pagājušajā nedēļā ========
7/3/2009 4:23:49 PM, kļūda: System Error [1.003] - Error code 00.000.077, parameter1 c000000e, parameter2 c000000e, parameter3 00.000.000, parameter4 01.422.000.
7/3/2009 2:33:40 PM, kļūda: System Error [1.003] - Error code 000000f4, parameter1 00.000.003, parameter2 86cdb430, parameter3 86cdb5a4, parameter4 805fa1f0.
7/1/2009 10:39:09 PM, kļūda: Service Control Manager [7.034] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 6 reizi (-iem).
6/30/2009 5:05:18 PM, kļūda: Drukāt [6.161] - dokuments Syslog - Notepad pieder Windows lietotājs nav drukāt uz printera Lexmark 5.200 Series. Data Type: LEMF. Izmērs tītavas faila bytes: 1.208.022. Baitu skaitu iespiestas: 1.208.022. Kopējo lapu skaitu dokumentā: 3. Lappušu skaita iespiestas: 0. Client mašīna: \ \ SUNPORCH. Win32 error code atpakaļ drukāt procesors: 126 (0x7e).
6/29/2009 11:36:01 PM, kļūda: Service Control Manager [7.000] - SASDIFSV dienests neizdevās uzsākt, jo šāda kļūda: Nevar izveidot failu, ja šis fails jau eksistē.
6/27/2009 2:24:45 AM, kļūda: Service Control Manager [7.000] - Augšupielādēt Manager pakalpojums nav sākt dēļ šādu kļūdu: norādītajā kontā par šo pakalpojumu, atšķiras no norādītajā kontā par citiem pakalpojumiem darbības šajā pašā procesā.
6/27/2009 2:24:37 AM, kļūda: BITS [16.391] - BITS darbu saraksts nav atzītas formātā. Tas var būt izveidota ar dažādas versijas BITS. Darba vietu saraksts tika iztīrīts.
6/27/2009 2:08:32 AM, kļūda: SnsCore [20] --
6/27/2009 2:08:24 AM, kļūda: Service Control Manager [7.000] - iolo FileInfoList Pakalpojumu dienests nav sākt dēļ šādu kļūdu: sistēmas, nevar atrast failu norādīta.
6/27/2009 1:41:24 AM, kļūda: Service Control Manager [7.023] - HID Input Service dienests pārtrauc ar šādu kļūdu: sistēmas, nevar atrast failu norādīta.
6/27/2009 1:41:24 AM, kļūda: Service Control Manager [7.000] - iolo sistēmas pakalpojumu dienests nav sākt dēļ šādu kļūdu: sistēmas, nevar atrast failu norādīta.
6/27/2009 1:36:19 AM, kļūda: Service Control Manager [7.034] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 5 reizi (-iem).
6/27/2009 1:36:09 AM, kļūda: Service Control Manager [7.031] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 4 reizi (-iem). Pēc korektīvu pasākumu tiks veikti 1000 milisekundēs: Restart pakalpojumu.
6/27/2009 1:36:01 AM, kļūda: Service Control Manager [7.031] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 3 reizi (-iem). Pēc korektīvu pasākumu tiks veikti 1000 milisekundēs: Restart pakalpojumu.
6/27/2009 1:35:53 AM, kļūda: Service Control Manager [7.031] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 2 reizi (-iem). Pēc korektīvu pasākumu tiks veikti 1000 milisekundēs: Restart pakalpojumu.
6/27/2009 1:35:35 AM, kļūda: Service Control Manager [7.031] - AOL Topspeed Monitor dienests pārtrauc negaidīti. Tā ir izdarījusi 1 time (s). Pēc korektīvu pasākumu tiks veikti 1000 milisekundēs: Restart pakalpojumu.
6/27/2009 1:32:44 AM, kļūda: DCOM [10.005] - DCOM got error "% 1.084", mēģinot sākt pakalpojumu EventSystem ar argumentiem ", lai varētu izmantot serveri: (1BE1F766-5.536-11D1 - B726-00C04FB926AF)
6/27/2009 1:30:38 AM, kļūda: Service Control Manager [7.026] - šādu boot palaišanas vai sistēmas palaišanas vadītāja (-as) nav slodzes: AFD AmdK7 FIPS IPSec MrxSmb NetBIOS NetBT RasAcd Rdbss SASDIFSV SASKUTIL SnsCore Tcpip WS2IFSL
6/27/2009 1:30:38 AM, kļūda: Service Control Manager [7.001] - TCP / IP NetBIOS Helper dienests ir atkarīgs AFD pakalpojumu, kas nav sākums, jo šāda kļūda: ierīce pievienota sistēma nedarbojas.
6/27/2009 1:30:38 AM, kļūda: Service Control Manager [7.001] - IPSEC Services pakalpojums ir atkarīgs IPSEC vadītāja pakalpojumu, kas nav sākums, jo šāda kļūda: ierīce pievienota sistēma nedarbojas .
6/27/2009 1:30:38 AM, kļūda: Service Control Manager [7.001] - DNS Klientu apkalpošanas atkarīgs TCP / IP protokolu Driver pakalpojumu, kas nav sākums, jo šāda kļūda: ierīce pievienota sistēma nedarbojas.
6/27/2009 1:30:38 AM, kļūda: Service Control Manager [7.001] - DHCP Klientu apkalpošanas atkarīgs NetBIOS pār Tcpip pakalpojumu, kas nav sākums, jo šāda kļūda: ierīce pievienota sistēma nav darbību.
6/27/2009 1:29:52 AM, kļūda: DCOM [10.005] - DCOM got error "% 1.084", mēģinot sākt pakalpojumu netman ar argumentiem ", lai varētu izmantot serveri: (BA126AE5-2166-11D1 - B1D0-00805FC1270E)
6/27/2009 1:19:01 AM, kļūda: Service Control Manager [7.009] - Timeout (30000 milisekundēm) gaida IMAPI CD-Burning COM Service pakalpojumu savienojumu.
6/27/2009 1:19:01 AM, kļūda: Service Control Manager [7.000] - IMAPI CD-Burning COM Service pakalpojums nav sākt dēļ šādas kļūdas: pakalpojumu nesniedza atbildi sākt vai kontroles pieprasījuma savlaicīgi.
6/27/2009 1:16:56 AM, kļūda: Service Control Manager [7.023] - Terminal Services dienests pārtrauc ar šādu error: Invalid piekļūt atmiņas vietā.
6/27/2009 1:16:56 AM, kļūda: Service Control Manager [7.023] - Automatic Updates dienests pārtrauc ar šādu kļūdu:%% 3228369023
6/27/2009 1:16:56 AM, kļūda: Service Control Manager [7.001] - Fast User Switching Compatibility pakalpojumu atkarīgs Terminal Services pakalpojumu, kas nav uzsākšanas, jo šāda kļūda: Invalid piekļūt atmiņas vietā.
6/27/2009 1:05:23 AM, kļūda: DCOM [10.005] - DCOM got error "% 1.084", mēģinot sākt pakalpojumu wuauserv ar argumentiem ", lai varētu izmantot serveri: (E60687F7-01A1-40AA - 86AC-DB1CBF673334)
6/26/2009 9:29:28 PM, kļūda: Windows Update Agent [20] - Installation Pārkāpums: Windows izdevies uzstādīt šādu maiņu 0x80070643 kļūdu: Microsoft. NET Framework 1.1 Service Pack 1.
==== End Of File ===========================
Rooter.exe (v1.0.2) ar Eric_71
.
SeDebugPrivilege piešķirts veiksmīgi ...
.
Windows XP Home Edition (5.1.2600) Service Pack 2
[32_bits] - x86 Family 6 Model 6 Stepping 2, AuthenticAMD
.
[wscsvc] (Security Center) DARBĪBAS (valsts: 4)
[Sharedaccess] DARBĪBAS (valsts: 4)
Windows Firewall -> Enabled
.
Internet Explorer 8.0.6001.18702
.
: \ [Removable]
C: \ [Fixed-FAT32] .. (Kopā: 112 Go - Free: 90 lapas)
D: \ [CD_Rom]
.
Scan: 19:57.51
Path: C: \ Documents and Settings \ Windows User \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. Exe
Lietotājs: Windows User (Administrator -> jā)
.
---------------------- \ \ Procesi
.
Slēgta [System Process] (0)
______ Sistēmas (4)
______ \ SystemRoot \ System32 \ Smss.exe (292)
______ \? \ C: \ WINDOWS \ system32 \ csrss.exe (348)
______ \? \ C: \ WINDOWS \ SYSTEM32 \ winlogon.exe (372)
______ C: \ WINDOWS \ system32 \ services.exe (416)
______ C: \ WINDOWS \ system32 \ lsass.exe (428)
______ C: \ WINDOWS \ system32 \ svchost.exe (576)
______ C: \ WINDOWS \ system32 \ svchost.exe (620)
______ C: \ WINDOWS \ System32 \ svchost.exe (664)
______ C: \ WINDOWS \ system32 \ svchost.exe (708)
______ C: \ WINDOWS \ system32 \ svchost.exe (804)
______ C: \ WINDOWS \ system32 \ Spoolsv.exe (900)
______ C: \ WINDOWS \ system32 \ svchost.exe (980)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLAcsd.exe (1012)
______ C: \ Program Files \ Java \ jre6 \ bin \ jqs.exe (1.056)
______ C: \ WINDOWS \ System32 \ snmp.exe (1.148)
______ C: \ WINDOWS \ system32 \ svchost.exe (1180)
______ C: \ WINDOWS \ System32 \ alg.exe (1900)
______ C: \ WINDOWS \ explorer.exe (1.124)
______ C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmgr.exe (528)
______ C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe (1736)
______ C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmon.exe (1.468)
______ C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe (1316)
______ C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe (1572)
______ C: \ WINDOWS \ system32 \ ctfmon.exe (1648)
______ C: \ Program Files \ Jet Screenshot \ jetScreenshot.exe (1216)
______ C: \ WINDOWS \ system32 \ wbem \ wmiprvse.exe (2.148)
______ C: \ WINDOWS \ system32 \ wuauclt.exe (2.428)
______ C: \ Program Files \ America Online 9,0 \ waol.exe (596)
______ C: \ Program Files \ America Online 9,0 \ shellmon.exe (756)
______ C: \ Documents and Settings \ Windows User \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EI7LBMQF \ Rooter [1]. Exe (3.388)
.
---------------------- \ \ Device \ Harddisk0 \
.
\ Device \ Harddisk0 [Nozares: 63 x 512 Bytes]
.
\ Device \ Harddisk0 \ Partition1 - [MBR] - (Start_Offset: 32.256 | Length: 120.681.275.904)
.
---------------------- \ \ Scheduled Tasks
.
C: \ WINDOWS \ Uzdevumi \ SA.DAT
C: \ WINDOWS \ Uzdevumi \ DESKTOP.INI
C: \ WINDOWS \ Uzdevumi \ Driver Robot.job
.
---------------------- \ \ Registry
.
.
---------------------- \ \ Files & Folders
.
C: \ DOCUME ~ 1 \ WINDOW ~ 1 \ Applic ~ 1 \ PrivacyControl
==> Rogues <==
.
---------------------- \ \ Scan pabeigtas 19:57.56
.
C: \ Rooter $ \ Rooter_1.txt - (03/07/2009 | 19:57.56)

**evilfantasy** · #6 Jūlijs 3, 2009, 19:01

Izdzēst šos failus / mapes, tas ir:

1. Doties uz Sākums > Skriet > Type Notepad.exe un noklikšķiniet uz OK atvērt Notepad.
Tas vajag ir Notepad, nevis Wordpad.
2. Kopēt tekstu tālāk kodu ailē, uzsverot visu tekstu un nospiediet Ctrl + C

Kods:

Killall:: DDS:: BHO: AskBar BHO: (201f27d4-3.704-41d6-89c1-aa35e39143ed) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll TB: Jautājiet Toolbar: (3041d03e-fd4b-44e0 - b742-2d9b88305f98) - C: \ Program Files \ askbardis \ bar \ bin \ askBar.dll IE: (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Mape:: c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ licences c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ PCMM2009 c: \ Program Files \ PC MightyMax 2.009 c: \ Program Files \ askbardis c: \ program files \ messenger

3. Go to Notepad logu un noklikšķiniet uz Rediģēt > Ielīmēt
4. Pēc tam noklikšķiniet uz Fails > Glābt
5. Nosaukums failu CFScript.txt - Saglabāt failu darbvirsmā
6. Velciet CFScript (turiet peles kreiso pogu un velkot failu) un nometiet to (izlaide peles kreiso pogu) pārnes ComboFix.exe kā redzat attēlā zemāk. Svarīgi: Veic šo instrukciju uzmanīgi!

ComboFix sāks izpildīt, vienkārši sekojiet instrukcijām.
Pēc reboot (ja tā lūdz atsāknēšana), tā sagatavos log for you.
Post (Combofix.txt), kas ieiet jūsu nākamo atbildi.

Piezīme: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt sistēmas iesaldēt

**hopthwoks** · #7 Jūlijs 5, 2009, 14:04

Vienkārši vajag pārlādēt ComboFix. Šķiet, ka fails Wes delrtrd viss, kas man ir teksts failus combofix.

**evilfantasy** · #8 Jūlijs 5, 2009, 14:28

http://download.bleepingcomputer.com/sUBs/ComboFix.exe

**hopthwoks** · #9 Jūlijs 5, 2009, 21:33

Sorry tas bija tik ilgi. Ieguvuši sakodiens ar zirnekļa un bija izdevumu lielāko daļu laika meklēšanai, lai redzētu, vai es varētu uzzināt kas mazliet mani.
Šeit ir skenēšanu.
ComboFix 09-07-05.01 - Windows Lietotājs 07/06/2009 0:04.4 - FAT32x86
Microsoft Windows XP Home Edition 5.1.2600.2.1252.1.1033.18.1023.742 [GMT -4:00]
Sākot no: c: \ Documents and Settings \ Windows User \ Desktop \ ComboFix.exe
Komandu slēdžus izmanto:: c: \ Documents and Settings \ Windows User \ Desktop \ CFScript.txt
.
((((((((((((((((((((((((((((((((((((((( Citi Svītrojumi ))))))))) ))))))))))))))))))))))))))))))))))))))))
.
c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ licences
c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ licences \ PCMightyMax c27fe264-0.186-4.910-8a97-50c383296a11
c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ PCMM2009
c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ PCMM2009 \ diagnostikas \ pēdējā scan
c: \ DOCUME ~ 1 \ logs ~ 1 \ Applic ~ 1 \ PCMM2009 \ pcmm2009 konfigurāciju
c: \ Program Files \ askbardis
c: \ Program Files \ askbardis \ bar \ bin \ askBar.dll
c: \ Program Files \ askbardis \ bar \ bin \ askPopStp.dll
c: \ Program Files \ askbardis \ bar \ bin \ psvince.dll
c: \ Program Files \ askbardis \ bar \ Cache \ files.ini
c: \ Program Files \ askbardis \ bar \ Vēsture \ meklēšana
c: \ Program Files \ askbardis \ bar \ Settings \ config.dat
c: \ Program Files \ askbardis \ bar \ Settings \ config.dat.bak
c: \ Program Files \ askbardis \ unins000.dat
c: \ Program Files \ askbardis \ unins000.exe
c: \ Program Files \ Messenger
c: \ Program Files \ Messenger \ custsat.dll
c: \ Program Files \ Messenger \ logowin.gif
c: \ Program Files \ Messenger \ lvback.gif
c: \ Program Files \ Messenger \ msgsc.dll
c: \ Program Files \ Messenger \ msgslang.dll
c: \ Program Files \ Messenger \ msmsgs.exe
c: \ Program Files \ Messenger \ newalert.wav
c: \ Program Files \ Messenger \ newemail.wav
c: \ Program Files \ Messenger \ online.wav
c: \ Program Files \ Messenger \ type.wav
c: \ Program Files \ Messenger \ xpmsgr.chm
c: \ Program Files \ PC MightyMax 2.009
c: \ Program Files \ PC MightyMax 2.009 \ pcmm2009.error.log
.
((((((((((((((((((((((((( Faili Created no 2009/06/06 līdz 2009-07-06 ))))))))))) ))))))))))))))))))))
.
2009/07/06 02:18. 2008/12/03 16:09 59.184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ toolbarsud.exe
2009/07/06 02:18. 2006/04/06 15:33 81.000 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ ProgUpd.dll
2009/07/06 02:18. 2006/04/06 15:33 33.896 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ postproc.exe
2009/07/06 02:18. 2006/04/06 15:33 156.264 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ setup.exe
2009/07/06 02:18. 2008/12/02 18:34 2.316.392 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ ocpinst.exe
2009/07/06 02:18. 2008/11/12 21:12 1.370.528 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ msvc9rt.exe
2009/07/06 02:18. 2008/11/06 14:42 2.100.984 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ aol_toolbar_dual.exe
2009/07/06 02:18. 2008/07/23 18:35 62.248 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ ocpgc.exe
2009/07/06 02:18. 2008/07/23 18:35 15.144 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ ocpchk.dll
2009/07/06 02:18. 2008/07/23 18:35 74.536 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ instSup.dll
2009/07/06 02:18. 2006/07/31 18:41 474.184 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ gui.dll
2009/07/06 02:18. 2006/04/06 15:33 25.088 ------ w-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ CACHE \ 4381.3.4 \ EEStart.exe
2009/07/03 23:57. 2009/07/03 23:57 -------- d ----- w C: \ Rooter $
2009/07/01 13:43. 2009/07/01 13:43 -------- d ----- w C: \ Documents and Settings \ Windows User \ Application Data \ ArcticLine
2009/07/01 13:43. 2009/07/01 13:43 -------- d ----- w C: \ Program Files \ Jet Screenshot
2009/06/30 03:17. 2006/10/12 16:29 83.504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ UserProfiles \ All Users \ suds \ TEMP \ ProgUpd.dll
2009/06/30 03:11. 2009/06/30 03:11 -------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ AOL OCP
2009/06/30 03:11. 2009/06/30 03:11 -------- d ----- w C: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ AOL OCP
2009/06/30 03:05. 2009/06/30 03:07 370.496 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC UInst.exe
2009/06/30 03:05. 2009/06/30 03:05 94.256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ in stph.dll
2009/06/30 02:57. 2009/06/30 03:05 2.439.824 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsti.exe
2009/06/30 02:56. 2009/06/30 02:57 260.040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uinst.exe
2009/06/30 02:55. 2009/06/30 02:56 237.616 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ gu i.dll
2009/06/30 02:55. 2009/06/30 02:55 127.224 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixlang.exe
2009/06/30 02:55. 2009/06/30 02:55 83.504 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ Pr ogUpd.dll
2009/06/30 02:54. 2009/06/30 02:55 223.152 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ bija finst.exe
2009/06/30 02:53. 2009/06/30 02:54 355.592 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ af ixinst.exe
2009/06/30 02:52. 2009/06/30 02:52 11.056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ CC NdInst.dll
2009/06/30 02:52. 2009/06/30 02:52 11.312 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ ec uchk.dll
2009/06/30 02:52. 2009/06/30 02:52 11.568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb inst.dll
2009/06/30 02:52. 2009/06/30 02:52 170.544 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ se tup.exe
2009/06/30 02:51. 2009/06/30 02:52 98.992 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ sm instlp.exe
2009/06/30 02:51. 2009/06/30 02:51 11.568 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc fcheck.dll
2009/06/30 02:51. 2009/06/30 02:51 15.920 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pchk.dll
2009/06/30 02:49. 2009/06/30 02:51 580.136 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ mu inst.exe
2009/06/30 02:48. 2009/06/30 02:49 282.056 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ cc ulang.exe
2009/06/30 02:48. 2009/06/30 02:48 36.912 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ po stproc.exe
2009/06/30 02:47. 2009/06/30 02:48 359.184 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ tb setup.exe
2009/06/30 02:36. 2009/06/30 02:47 3.147.256 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ oc pinsts.exe
2009/06/30 02:36. 2009/06/30 02:36 10.800 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ bija fixchk.dll
2009/06/30 02:35. 2009/06/30 02:36 174.752 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ st mninst.exe
2009/06/30 02:35. 2009/06/30 02:35 142.040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ al setup.exe
2009/06/30 02:34. 2009/06/30 02:34 67.120 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads \ ccu_suite \ 4.3.38.1 \ ccu_suite_4.3.38.1 \ in stSup.dll
2009/06/27 06:36. 2009/06/27 06:36 -------- d ----- w C: \ Windows \ system32 \ CatRoot_bak
2009/06/27 06:31. 2009/06/27 06:31 167.999 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9,0 \ aolEULanPack \ cswitch.exe
2009/06/27 06:31. 2009/06/27 06:31 3.298.040 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ AOL \ C_America Online 9,0 \ aolEULanPack \ langpack.exe
2009/06/27 06:30. 2009/06/27 06:30 -------- d ----- w C: \ Install iTunes
2009/06/27 06:30. 2009/06/27 06:30 -------- d ----- w C: \ Install ICQ
2009/06/27 06:30. 2009/06/27 06:30 -------- d ----- w C: \ AOL Instant Messenger
2009/06/27 06:30. 2009/06/27 06:30 -------- d ----- w C: \ MAV
2009/06/27 06:29. 2009/06/27 06:29 -------- d ----- w C: \ Program Files \ Common Files \ aolshare
2009/06/27 06:29. 2009/06/27 06:29 -------- d ----- w C: \ Program Files \ America Online 9,0
2009/06/27 05:04. 2009/06/27 05:04 -------- d-sh - w-c: \ Documents and Settings \ Administrator \ IETldCache
2009/06/27 05:03. 2007/12/04 03:49 487.323 ---- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro \ prosetup.exe
2009/06/27 05:03. 2007/12/04 03:43 -------- d --- aw-c: \ Documents and Settings \ Administrator \ Application Data \ IE7Pro
2009/06/27 05:03. 2009/06/27 05:03 -------- d ----- w C: \ Documents and Settings \ Administrator
2009/06/27 05:03. 2007/12/04 03:43 -------- d ----- w C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ SITEguard
2009/06/27 05:03. 2007/06/13 04:19 -------- d ----- w C: \ Documents and Settings \ Administrator \ Local Settings \ Application Data \ Microsoft
2009/06/25 02:33. 2008/04/14 00:12 221.184 ---- aw-c: \ windows \ system32 \ wmpns.dll
2009/06/25 02:05. 2009/06/25 02:05 -------- d ----- w C: \ Windows \ system32 \ scripting
2009/06/25 02:05. 2009/06/25 02:05 -------- d ----- w C: \ Windows \ l2schemas
2009/06/25 02:05. 2009/06/25 02:05 -------- d ----- w C: \ Windows \ system32 \ LV
2009/06/25 02:05. 2009/06/25 02:05 -------- d ----- w C: \ Windows \ system32 \ bits
2009/06/25 01:56. 2006/02/28 16:00 67.584 ---- aw-c: \ windows \ system32 \ drivers \ sdbus.sys
2009/06/25 01:56. 2006/02/28 16:00 36.096 ---- aw-c: \ windows \ system32 \ drivers \ intelppm.sys
2009/06/25 01:56. 2006/02/28 16:00 15.488 ---- aw-c: \ windows \ system32 \ drivers \ mssmbios.sys
2009/06/25 01:56. 2006/02/28 16:00 12.416 ---- aw-c: \ windows \ system32 \ drivers \ tunmp.sys
2009/06/25 01:56. 2006/02/28 16:00 11.136 ---- aw-c: \ windows \ system32 \ drivers \ sffdisk.sys
2009/06/25 01:56. 2006/02/28 16:00 10.240 ---- aw-c: \ windows \ system32 \ drivers \ sffp_sd.sys
2009/06/25 01:56. 2006/03/17 00:33 262.784 ---- aw-c: \ windows \ system32 \ drivers \ http.sys
2009/06/25 01:54. 2006/02/28 16:00 15.360 ---- aw-c: \ windows \ system32 \ dllcache \ nppagent.exe
2009/06/25 01:53. 2006/02/28 16:00 82.944 ---- aw-c: \ windows \ system32 \ dllcache \ ws2_32.dll
2009/06/25 01:50. 2009/06/25 01:51 -------- d ----- w C: \ Windows \ EHome
2009/06/24 06:11. 2009/06/24 06:11 -------- d-sh - w-c: \ Documents and Settings \ LocalService \ IETldCache
2009/06/24 06:10. 2009/06/24 06:10 -------- d ----- w C: \ Program Files \ SNSafe & Software
2009/06/24 06:10. 2009/06/24 06:10 -------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ SNSafe & Software
2009/06/21 00:46. 2009/04/30 21:22 12.800 ------ w-c: \ windows \ system32 \ dllcache \ xpshims.dll
2009/06/21 00:46. 2009/04/30 21:22 246.272 ------ w-c: \ windows \ system32 \ dllcache \ ieproxy.dll
2009/06/20 23:05. 2009/06/20 23:05 152.576 ---- aw-c: \ Documents and Settings \ Windows User \ Application Data \ Sun \ Java \ jre1.6.0_14 \ lzma.dll
2009/06/18 00:32. 2009/06/18 00:32 -------- d-sh - w-C: \ FOUND.020
2009/06/17 14:03. 2009/06/17 14:03 -------- d - h - w-c: \ windows \ IE8
2009/06/16 23:54. 2009/06/16 23:54 -------- d ----- w C: \ Documents and Settings \ Windows User \ Application Data \ AVS4YOU
2009/06/16 23:54. 2009/06/16 23:54 -------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ AVS4YOU
2009/06/16 23:53. 2009/06/16 23:53 -------- d ----- w C: \ Program Files \ Common Files \ AVSMedia
2009/06/16 23:53. 2007/02/27 22:36 974.848 ---- aw-c: \ windows \ system32 \ mfc70.dll
2009/06/16 23:53. 2007/02/27 22:36 487.424 ---- aw-c: \ windows \ system32 \ msvcp70.dll
2009/06/16 23:53. 2007/02/27 22:36 344.064 ---- aw-c: \ windows \ system32 \ msvcr70.dll
2009/06/16 23:53. 2007/02/27 22:36 1.700.352 ---- aw-c: \ windows \ system32 \ GdiPlus.dll
2009/06/16 23:53. 2009/06/16 23:53 -------- d ----- w C: \ Program Files \ AVS4YOU
2009/06/12 05:15. 2009/06/12 05:15 -------- d ----- w C: \ Program Files \ Alwil Software
2009/06/11 20:27. 2009/06/11 20:27 18.942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4.322-AB83-EBF42BFCC470) \ _2ce7ed6.exe
2009/06/11 20:27. 2009/06/11 20:27 18.942 ---- ar-c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4.322-AB83-EBF42BFCC470) \ _2447235c.exe
2009/06/11 20:27. 2009/06/11 20:27 -------- d ----- w C: \ Program Files \ Fresh RAM
2009/06/11 20:21. 2009/06/11 20:21 -------- d-sh - w-C: \ FOUND.019
2009/06/11 15:55. 2009/06/10 17:39 5.465.088 ---- aw-C: \ Fresh RAM.msi
2009/06/09 06:29. 2009/06/09 06:29 -------- d ----- w C: \ Documents and Settings \ Windows User \ Application Data \ Blitware
2009/06/09 06:29. 2009/06/09 06:29 -------- d ----- w C: \ Program Files \ Driver Robot
2009/06/09 02:24. 2009/06/09 02:24 -------- d ----- w C: \ Documents and Settings \ All Users \ Application Data \ PC Drivers Headquarters
2009/06/09 02:23. 2009/06/09 02:23 -------- d ----- w C: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ Downloaded Iekārtas
2009/06/08 03:00. 2009/06/08 03:00 -------- d ----- w C: \ Documents and Settings \ Windows User \ Application Data \ GetRightToGo
2009/06/07 23:38. 2008/04/14 00:12 7.680 ---- aw-c: \ windows \ system32 \ spdwnwxp.exe
2009/06/06 14:46. 2009/06/06 14:46 -------- d ----- w C: \ Program Files \ filehippo.com
.
(((((((((((((((((((((((((((((((((((((((( Find3M Ziņojums )))))))) ))))))))))))))))))))))))))))))))))))))))))))
.
2009/07/03 06:49. 2007/06/16 18:55 302.080 ---- aw-c: \ Documents and Settings \ Windows User \ Local Settings \ Application Data \ GDIPFONTCACHEV1.DAT
2009/06/30 03:32. 2009/05/21 02:29 3.561.743 ---- aw-c: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes \ Malwarebytes "Anti-Malware \ mbam-setup.exe
2009/06/27 06:16. 2007/06/13 04:18 76.487 ---- aw-c: \ windows \ pchealth \ helpctr \ OfflineCache \ index.dat
2009/06/17 15:27. 2009/05/21 02:17 38.160 ---- aw-c: \ windows \ system32 \ drivers \ mbamswissarmy.sys
2009/06/17 15:27. 2009/05/21 02:17 19.096 ---- aw-c: \ windows \ system32 \ drivers \ mbam.sys
2009/06/11 22:43. 2007/06/21 02:45 1.744 ---- aw-c: \ windows \ system32 \ d3d9caps.dat
2009/06/05 03:59. 2009/06/05 03:59 -------- d ----- w C: \ Program Files \ DrWeb
2009/05/28 23:14. 2009/05/28 23:14 -------- d ----- w C: \ Program Files \ Java
2009/05/28 23:14. 2009/05/28 23:14 152.576 ---- aw-c: \ Documents and Settings \ Windows User \ Application Data \ Sun \ Java \ jre1.6.0_13 \ lzma.dll
2009/05/27 15:21. 2009/05/27 15:21 372 ---- aw-c: \ Program Files \ ujhonz.txt
2009/05/21 15:33. 2009/05/28 23:15 410.984 ---- aw-c: \ windows \ system32 \ deploytk.dll
2009/05/21 02:17. 2009/05/21 02:17 -------- d ----- w C: \ Program Files \ Malwarebytes "Anti-Malware
2009/05/17 00:04. 2009/05/17 00:04 -------- d ----- w C: \ Documents and Settings \ Windows User \ Application Data \ WinPatrol
2009/05/17 00:03. 2009/05/17 00:03 -------- d ----- w C: \ Program Files \ BillP Studios
2009/05/13 05:15. 2007/06/13 03:56 915.456 ---- aw-c: \ windows \ system32 \ Wininet.dll
2009/05/07 15:44. 2009/06/25 01:53 344.064 ---- aw-c: \ windows \ system32 \ localspl.dll
2009/04/22 04:07. 2009/04/22 04:07 253.688 ---- aw-c: \ windows \ system32 \ cssdll32.dll
2009/04/17 09:58. 2009/06/25 01:53 1.846.656 ---- aw-c: \ windows \ system32 \ win32k.sys
2009/04/15 15:26. 2007/06/13 03:55 583.168 ---- aw-c: \ windows \ system32 \ rpcrt4.dll
2007/06/11 03:19. 2007/06/07 04:37 11.079 ---- aw-c: \ Program Files \ folder.htt
.
((((((((((((((((((((((((((((( SnapShot_2009-07-06_03.59.12 )))))))))))))) )))))))))))))))))))))))))))
.
+ 2009/07/06 04:08. 2009/07/06 04:08 16.384 c: \ windows \ temp \ Perflib_Perfdata_468.dat
+ 2009/07/06 04:08. 2009/07/06 04:08 16.384 c: \ windows \ temp \ Perflib_Perfdata_430.dat
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) ))))))))))))))))))))))))))))))))))))))))
.
.
* Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti
REGEDIT4
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Explorer \ shelliconoverlayidentifiers \ Sl owFile Icon Overlay]
@ = "(7D688A77-C613-11D0-999B-00C04FD655E1)"
[HKEY_CLASSES_ROOT \ CLSID \ (7D688A77-C613-11D0-999B-00C04FD655E1)]
2008/07/03 13:03 8.460.800 ---- aw-c: \ Windows \ System32 \ shell32.dll
[HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run]
"ctfmon.exe" = "C: \ Windows \ system32 \ ctfmon.exe" [2006/02/28 15.360]
"AOL Fast Start" = "C: \ Program Files \ America Online 9,0 \ AOL.EXE" [2005/07/12 50.776]
"Jet Screenshot" = "C: \ Program Files \ Jet Screenshot \ jetScreenshot.exe" [2009/05/10 3.804.160]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run]
"Lexmark 5.200 sērija" = "C: \ Program Files \ Lexmark 5.200 sērija \ lxbtbmgr.exe" [2004/06/04 57.344]
"LXBTCATS" = "C: \ Windows \ System32 \ spool \ drivers \ W32X 86 \ 3 \ LXBTtime.dll" [2004/03/17 65.536]
"SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre6 \ bin \ jusched.exe" [2009/05/21 148.888]
"HostManager" = "C: \ Program Files \ Common Files \ AOL \ 1246084174 \ ee \ AOLSoftware.exe" [2007/04/12 42.032]
"AOLDialer" = "C: \ Program Files \ Common Files \ AOL \ ACS \ AOLDial.exe" [2004/10/20 34.904]
"Pure Networks Port Magic" = "C: \ PROGRA ~ 1 \ PURENE ~ 1 \ PORTMA ~ 1 \ PortAOL.exe" [2004/04/05 99.480]
"QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008/02/20 98.304]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Windows]
"AppInit_DLLs" = c: \ Windows \ System32 \ cssdll32.dl l
[HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ Session Manager]
BootExecute REG_MULTI_SZ Automātiskā pārbaude autochk * \ 0autocheck smrgdf c: \ Documents and Settings \ Windows User \ Application Data \ iolo \
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ setup \ disabledrunkeys]
"Cmaudio" = RunDll32 cmicnfg.cpl, CMICtrlWnd
"NvCplDaemon" = RUNDLL32.EXE NvQTwk, NvCplDaemon inicializēt
"nwiz" = nwiz.exe / install
"RegistrySmart" = "C: \ Program Files \ RegistrySmart \ RegistrySmart.exe"-boot
"<Nav Nosaukums>" =
"LoadPowerProfile" = Rundll32.exe powrprof.dll, LoadCurrentPwrScheme
[HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Security center]
"AntiVirusOverride" = DWORD: 00000001
[HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List]
"c: \ \ WINDOWS \ \ system32 \ \ sessmgr.exe" =
"C: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImApp.exe" =
"C: \ \ Program Files \ \ IncrediMail \ \ bin \ \ IncMail.exe" =
"C: \ \ Program Files \ \ IncrediMail \ \ bin \ \ ImpCnt.exe" =
"C: \ \ Program Files \ \ Magentic \ \ bin \ \ MgImp.exe" =
"C: \ \ Program Files \ \ Magentic \ \ bin \ \ Magentic.exe" =
"C: \ \ Program Files \ \ Magentic \ \ bin \ \ MgApp.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLDial.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ ACS \ \ AOLacsd.exe" =
"C: \ \ Program Files \ \ America Online 9,0 \ \ waol.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Topspeed \ \ 2,0 \ \ aoltsmon.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Topspeed \ \ 2,0 \ \ aoltpspd.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ System Information \ \ sinf.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AolCoach \ \ en_en \ \ atskaņotājs \ \ AOLNySEV.exe" =
"C: \ \ Program Files \ \ Malwarebytes" Anti-Malware \ \ mbam.exe "=
"C: \ \ Program Files \ \ BillP Studios \ \ WinPatrol \ \ WinPatrol.exe" =
"c: \ \ WINDOWS \ \ Network Diagnostic \ \ xpnetdiag.exe" =
"% windir% \ \ system32 \ \ sessmgr.exe" =
"C: \ \ Program Files \ \ Common Files \ \ AOL \ \ 1246084174 \ \ EE \ \ AOLServiceHost.exe" =
R1 SASDIFSV; SASDIFSV c: \ Program Files \ SUPERAntiSpyware \ sasdifsv.sys [10/10/2006 1:53 5.632]
R1 SASKUTIL; SASKUTIL c: \ Program Files \ SUPERAntiSpyware \ SASKUTIL.SYS [2/27/2007 12:39 32.256]
R3 Winacusb; Winacusb c: \ Windows \ System32 \ Drivers \ wina cusb.sys [3/25/2008 6:57 902.860]
S2 ioloFileInfoList; iolo FileInfoList dienests c: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe -> C: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe [?]
S2 ioloSystemService; iolo sistēmu serviss, c: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe -> C: \ Program Files \ iolo \ Common \ lib \ ioloServiceManager.exe [?]
S3 FarStoneFireWallDrive; FarStoneFireWallDrive c: \ win dows \ system32 \ drivers \ FarDrive.sys [4/2/2003 2:36 140.256]
S3 ousb2hub; OrangeWare USB 2.0 Hub Support: c: \ Windows \ System32 \ Drivers \ ousb2hub.sys [2/27/2008 7:17 53.248]
S3 PavSRK.sys; PavSRK.sys; \? \ C: \ windows \ system32 \ PavS RK.sys -> C: \ Windows \ system32 \ PavSRK.sys [?]
S3 PavTPK.sys; PavTPK.sys; \? \ C: \ windows \ system32 \ PavT PK.sys -> C: \ Windows \ system32 \ PavTPK.sys [?]
S3 SASENUM; SASENUM c: \ Program Files \ SUPERAntiSpyware \ SASENUM.SYS [2/16/2006 5:51 4.096]
S3 SIVDRIVER; SIV Kernel Driver; c: \ windows \ system32 \ drivers \ SIVX32.sys [4/9/2008 9:47 48.480]
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktīvās setup \ uzstādītas sastāvdaļas \> (60B49E34-C7CC-11D0-8.953-00A0C90347FF)]
"c: \ windows \ system32 \ rundll32.exe" "c: \ windows \ system32 \ iedkcs32.dll" BrandIEActiveSe auns SIGNUP
[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ aktīvās setup \ uzstādītas sastāvdaļas \ (9EF0045A-CDD9-438e-95E6-02B9AFEC8E11)]
c: \ windows \ system32 \ updcrl.exe-e-uc: \ windows \ SYSTEM \ verisignpub1.crl
.
Saturs "Scheduled Tasks" mape
2009/06/09 c: \ windows \ Uzdevumi \ Driver Robot.job
- C: \ Program Files \ Driver Robot \ 1.0.6.0 \ DriverRobot.exe [2009/06/09 13:02]
.
- - - - Bāreņiem likvidētas - - - --
BHO-(201f27d4-3.704-41d6-89c1-aa35e39143ed) - (no file)

.
------- Papildu Scan -------
.
uSearchMigratedDefaultURL = hxxp: / / www.google.com/search?q = (searchTerms) & sourceid = ie7 & RLS = com.micros bieži: en-US & ie = utf8 & oe = utf8
uStart Page = hxxp: / / www.aol.com/
mWindow title = Internet Explorer, ko Epix
IE: & Pievienot animācijas IncrediMail Style Box - c: \ Program Files \ IncrediMail \ bin \ resursu \ WebMenuImg.htm
IE: & AIM Meklēt
IE: & AOL Toolbar meklēšana - C: \ Program Files \ AOL Toolbar \ toolbar.dll / search.html
LSP: FarLsp.dll
Trusted Zona: 88sears.com \ www
Trusted Zona: aol.com \ www
Trusted Zona: comodo.com \ www
Trusted Zona: computer-juice.com \ www
Trusted Zona: giveawayoftheday.com \ www
Trusted Zona: newegg.com \ www
Trusted Zona: pchelpforum.com \ www
Trusted Zona: searscard.com \ www
Trusted Zona: statefarm.com \ www
Trusted Zona: winpatrol.com \ www
TCP: (68589BEF-2503-4090-B404-9FB7D2105BB4) = 205.188.146.145
DPF: DirectAnimation Java Classes
DPF: Internet Explorer klasēm Java
DPF: Microsoft XML Parser Java
DPF: Win32 Classes
.
************************************************** ************************
catchme 0.3.1398 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net
Rootkit scan 2009/07/06 00:08
Windows 5.1.2600 Service Pack 2 FAT NTAPI
skenēšana slēptās procesi ...
skenēšana slēptās palaišana ieraksti ...
HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run
LXBTCATS = rundll32 C: \ Windows \ System32 \ spool \ drivers \ W32X86 \ 3 \ LXBTtim e.dll, _RunDLLEntry @ 16 ???????????????????????? ????? ?????????????????????????????????????????????????? ?????????????????????????????????????????????????? ??????????????????????????????????????????????????
skenēšana slēptos failus ...
scan sekmīgi pabeigta
slēptos failus: 0
************************************************** ************************
.
--------------------- Bloķēt reģistra atslēgas ---------------------
[HKEY_USERS \ $ $ $ \ Software \ Microsoft \ SystemCertificat es \ adrešu *]
@ Allowed: (Read) (RestrictedCode)
@ Allowed: (Read) (RestrictedCode)
.
--------------------- DLL Loaded Under Running Processes ---------------------
- - - - - - -> "Lsass.exe" (428)
c: \ windows \ system32 \ FarLsp.dll
- - - - - - -> "Explorer.exe" (2420)
c: \ windows \ system32 \ Wininet.dll
c: \ Program Files \ Common Files \ AOL \ ACS \ WLHook.dll
c: \ Program Files \ AOL Deskbar \ deskbar.dll
c: \ Program Files \ Common Files \ AOL \ AOL Toolbar \ AOLHelper.dll
c: \ windows \ system32 \ ieframe.dll
c: \ windows \ system32 \ webcheck.dll
.
------------------------ Citi Running Processes ----------------------- --
.
c: \ Program Files \ Common Files \ AOL \ ACS \ AOLACSD.EXE
c: \ Program Files \ JAVA \ JRE6 \ BIN \ JQS.EXE
c: \ windows \ system32 \ SNMP.EXE
c: \ Program Files \ LEXMARK 5.200 SERIES \ LXBTBMON.EXE
c: \ Program Files \ America Online 9,0 \ WAOL.EXE
c: \ Program Files \ America Online 9,0 \ SHELLMON.EXE
.
************************************************** ************************
.
Pabeigšanas laiks: 2009/07/06 0:10 - mašīna bija rebooted
ComboFix-karantīnā-files.txt 2009/07/06 04:10
ComboFix2.txt 2009/07/06 04:01
ComboFix3.txt 2009/06/06 14:20
ComboFix4.txt 2009/06/04 04:03
Pre-Run: 97549156352 bytes free
Post-Run: 97532772352 bytes free
320 --- EOF --- 2009/07/05 21:28

**evilfantasy** · #10 6 jūlijs 2009, 09:43

Scan Aizdomīgie File (s)

Lūdzu, dodieties uz VirusTotal.com
(Ja vairāk nekā vienu failu vajadzībām skenētas tie jāveic atsevišķi un žurnāliem ievietojis katram vienam)

1. Kopēt faila ceļu tālāk Code box:

Kods:

c: \ Documents and Settings \ Windows User \ Application Data \ Microsoft \ Installer \ (334A33C2-B9A5-4.322-AB83-EBF42BFCC470) \ _2ce7ed6.exe

2. Pie augšupielādēt vietnē, noklikšķiniet vienreiz iekšpusē logu blakus Pārlūkot.
3. Prese Ctrl + V uz tastatūras (uz abiem vienlaicīgi), lai ielīmētu faila ceļu stājas logā.
4. Next klikšķi Nosūtīt failu
Jūsu fails, iespējams, jāieraksta rindā, kas parasti aizņem mazāk nekā minūti, skaidrs.
Tas būs veikt skenēšanu vairākiem dažādu vīrusu skenēšanas dzinēji.
Svarīgi: Jāgaida visiem skanēšanas dzinēju lai to pabeigtu.
5. Kopējiet un ielīmējiet saiti ar nākamo atbildi rezultāti

Similar Threads
Pavediens	Thread Starter	Forums	Replies	Last Post
Pārejot no 2007 Microsoft Office Outlook 2 PC Microsoft Office X Entoutage uz MAC	jjuli	Office Suites & Applications	0	11 jūnijs 2009 15:52
Virus jautājums - Vai kāds man pateikt, ja man var būt vīruss	billozz	Vīrusu, spiegprogrammatūru un drošība	1	2 aprīlis 2009 13:58
$ 250.000 (172.000 £) ir Piedāvā Microsoft Find Kas ir aiz Downadup / Conficker Virus	Hybr! D	Vīrusu, spiegprogrammatūru un drošība	1	17 februāris 2009 11:03
Mani draugi MAC ir vīruss ... Umm ... yeah ... Virus ...	cheesepuff	Vīrusu, spiegprogrammatūru un drošība	3	29 oktobris 2008 12:58
Microsoft atsakās uz Vista	philthomas	Windows Operating Systems	2	8 aprīlis 2008 16:09