|
|
#1
Marts 25, 2008, 08:58
| |||
| |||
 Trojas zirgs Sveiki, Man ir problēmas ar Trojas zirgu. Brīdinājuma ziņojums "C: \ Windows \ system32 \ crypt32n.dll Trojas zirgs BHO.CVX Man ir palaist AVG, un tas noteikti failu pārvietota tom velvēt bet re-boot tas tur vēlreiz. Esmu mēģinājis dzēst failu logiem, kas neizdevās. Es mēģināju pārdēvējot to logi (ar mērķi izņemt to), ka neizdevās. Es esmu mēģinājis iet atpakaļ un no jauna iestatīt datoru, bet es nevaru iet atpakaļ pēc sākuma mēnesis, un es esmu bijusi šī jau pirms Ziemassvētkiem. Datoru, šķiet, ir ok, bet es esmu joprojām pauž bažas, ka man ir vīruss! Vai tur kaut ko varu darīt? Help much appreciated sveicieni Ian |
|
#2
Marts 25, 2008, 10:47
| |||
| |||
Trojas zirgs Welcome to CJ.
__________________  |
|
#3
Marts 25, 2008, 14:33
| |||
| |||
| Trojas zirgs Hi Evil Fantansy Es centos šo sākumā mēnesis šeit ir log. Ceru, ka tas ir kaut kas jums Mani pirksti tiek šķērsotas Ta Ian StartupList ziņojumu, 05/03/2008, 14:49:42 StartupList versija: 1.52.2 Sākās no: C: \ Documents and Settings \ Iana \ Desktop \ HijackThis.EXE Atrasts: Windows XP SP2 (WinNT 5.01.2600) Atrasts: Internet Explorer v7.00 (7.00.6000.16608) * Izmantojot noklusējuma opcijas * Ieskaitot tukši un neinteresanti sadaļas * Rāda reti nozīmīgu sadaļu ==========================================\u0 Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Windows \ Explorer.exe C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe C: \ WINDOWS \ system32 \ TPSMain.exe C: \ Program Files \ Synaptics \ SynTP \ Toshiba.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ NDSTray.exe C: \ WINDOWS \ system32 \ TPSBattM.exe C: \ Program Files \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe C: \ Program Files \ TOSHIBA \ Touch un palaišanas \ PadExe.exe C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSServ.exe C: \ Program Files \ Atheros \ ACU.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ QuickTime \ qttask.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFXFER.exe C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Messenger \ msmsgs.exe C: \ Program Files \ FinePixViewer \ QuickDCF.exe C: \ Documents and Settings \ Iana \ Desktop \ HijackThis.exe -------------------------------------------------- Listing of Startup mapes: Shell mapes Startup: [C: \ Documents and Settings \ Iana \ Start Menu \ Programs \ Startup] * Nav datnes * Shell mapes AltStartup: * Mape netika atrasts * Lietotājs apvalks mapes Startup: * Mape netika atrasts * Lietotājs apvalks mapes AltStartup: * Mape netika atrasts * Shell mapes Bieži Startup: [C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup] Exif Launcher.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF.exe Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE Shell mapes Bieži AltStartup: * Mape netika atrasts * Lietotājs shell mapes Bieži Startup: * Mape netika atrasts * Lietotājs shell mapes aizstājējs Bieži Startup: * Mape netika atrasts * -------------------------------------------------- Pārbaude Windows NT Userinit: [HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon] Userinit = C: \ WINDOWS \ system32 \ userinit.exe, [HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Win pieteikšanās] * Reģistra atslēgu nav atrasts * [HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon] * Registry vērtība nav atrasts * [HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Win pieteikšanās] * Reģistra atslēgu nav atrasts * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run SynTPEnh = C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe Toshiba Hotkey Utility = "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang en TPSMain = TPSMain.exe NDSTray.exe = NDSTray.exe SmoothView = C: \ Program Files \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe PadTouch = C: \ Program Files \ TOSHIBA \ Touch un palaišanas \ PadExe.exe DLA = C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE CFSServ.exe = CFSServ.exe-NoClient REGSHAVE = C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / Autorun ACU = "C: \ Program Files \ Atheros \ ACU.exe"-nogui TkBellExe = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot QuickTime Task = "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime ! AVG Anti-Spyware = "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimāla AVG7_CC = C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Uzsākšana SunJavaUpdateSched = "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" Salestart = "C: \ Program Files \ Common Files \ AVSystemCare \ bm.exe" dm = http://avsystemcare.com; ad = http://avsystemcare.com Adobe Reader Speed Launcher = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" OpwareSE2 = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" OPSE atgādinājums = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg.ini" -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Kad * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Pakalpojumi * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run TOSCDSPD = C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe ctfmon.exe = C: \ WINDOWS \ system32 \ ctfmon.exe PnPUI Registrator = C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s MSMSGS = "C: \ Program Files \ Messenger \ msmsgs.exe" / background -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Kad * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Pakalpojumi * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Reģistra atslēgu nav atrasts * -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Reģistra atslēgu nav atrasts * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run [OptionalComponents] = -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Kad [Setup] * No atrasto vērtību * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Pakalpojumi * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Kad [setup] * No atrasto vērtību * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run OnceEx * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run Pakalpojumi * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Run ServicesOnce * Nav apakšatslēgas atrasti * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKLM \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Reģistra atslēgu nav atrasts * -------------------------------------------------- Autorun ieraksti Registry apakšatslēgas par: HKCU \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Run * Reģistra atslēgu nav atrasts * -------------------------------------------------- Failu asociācijas ierakstu. EXE: HKEY_CLASSES_ROOT \ exefile \ shell \ atvērt \ komanda (Default) = "% 1"% * -------------------------------------------------- Failu asociācijas ierakstu. COM: HKEY_CLASSES_ROOT \ comfile \ shell \ atvērt \ komanda (Default) = "% 1"% * -------------------------------------------------- Failu asociācijas ierakstu. BAT: HKEY_CLASSES_ROOT \ batfile \ shell \ atvērt \ komanda (Default) = "% 1"% * -------------------------------------------------- Failu asociācijas ierakstu. PIF: HKEY_CLASSES_ROOT \ piffile \ shell \ atvērt \ komanda (Default) = "% 1"% * -------------------------------------------------- Failu asociācijas ierakstu. SCR: HKEY_CLASSES_ROOT \ scrfile \ shell \ atvērt \ komanda (Default) = "% 1" / S -------------------------------------------------- Failu asociācijas ierakstu. HTA: HKEY_CLASSES_ROOT \ htafile \ shell \ atvērt \ komanda (Default) = C: \ WINDOWS \ system32 \ mshta.exe "% 1"% * -------------------------------------------------- Failu asociācijas ierakstu. TXT: HKEY_CLASSES_ROOT \ NetLog.Document \ shell \ atvērt \ comma nd (Default) = C: \ EPICOM ~ 1,02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE -------------------------------------------------- Uzskaitot Active Setup nepilnīgs ceļus: HKLM \ Software \ Microsoft \ Active Setup \ Installed Components (* = Invalīdiem ar HKCU Twin) [<(12d0ed0d-0ee0-4f90-8.827-78cefb8f4988)] * StubPath = C: \ WINDOWS \ system32 \ ieudinit.exe [> (22d6f312-b0f6-11d0-94ab-0080c74c7e95)] StubPath = C: \ WINDOWS \ inf \ unregmp2.exe / ShowWMP [> (26923b43-4d38-484f-9b9e-de460746276c)] * StubPath = C: \ WINDOWS \ system32 \ ie4uinit.exe-UserIconConfig [> (881dd1c5-3dcf-431b-b061-f3f88e8be88a)] * StubPath =% systemroot% \ system32 \ shmgrate.exe OCInstallUserConfigOE [(2C7339CF-2B09-4501-B3F3-F3508C9228ED)] * StubPath =% SystemRoot% \ system32 \ regsvr32.exe / s / n / i: / UserInstall% SystemRoot% \ system32 \ themeui.dll [(44BBA840-CC51-11CF-AAFA-00AA00B6015C)] * StubPath = "% programfiles% \ Outlook Express \ setup50.exe" / APP: OE / zvanītāju: WINNT / user / install [(7790769C-0.471-11d2-AF11-00C04FA35D02)] * StubPath = "% programfiles% \ Outlook Express \ setup50.exe" / APP: WAB / zvanītāju: WINNT / user / install [(89820200-ECBD-11CF-8B85-00AA005B4340)] * StubPath = regsvr32.exe / s / n / i: U shell32.dll [(89820200-ECBD-11CF-8B85-00AA005B4383)] * StubPath = C: \ WINDOWS \ system32 \ ie4uinit.exe-BaseSettings -------------------------------------------------- Uzskaitot ICQ Agent automātiskās palaišanas apps: HKCU \ Software \ mirabilis \ ICQ \ Agent \ Apps * Reģistra atslēgu nav atrasts * -------------------------------------------------- Load / Run atslēgas no C: \ WINDOWS \ WIN.INI: slodze =* INI sadaļā nav atrasts * palaist =* INI sadaļā nav atrasts * Load / Run atslēgas no reģistra: HKLM \ .. \ Windows NT \ CurrentVersion \ Winlogon: kravas =* Registry vērtības nav atrasts * HKLM \ .. \ Windows NT \ CurrentVersion \ Winlogon: palaist =* Registry vērtības nav atrasts * HKLM \ .. \ Windows \ CurrentVersion \ Winlogon: kravas =* reģistra atslēgu nav atrasts * HKLM \ .. \ Windows \ CurrentVersion \ Winlogon: palaist =* reģistra atslēgu nav atrasts * HKCU \ .. \ Windows NT \ CurrentVersion \ Winlogon: kravas =* Registry vērtības nav atrasts * HKCU \ .. \ Windows NT \ CurrentVersion \ Winlogon: palaist =* Registry vērtības nav atrasts * HKCU \ .. \ Windows \ CurrentVersion \ Winlogon: kravas =* reģistra atslēgu nav atrasts * HKCU \ .. \ Windows \ CurrentVersion \ Winlogon: palaist =* reģistra atslēgu nav atrasts * HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: load = HKCU \ .. \ Windows NT \ CurrentVersion \ Windows: palaist =* Registry vērtības nav atrasts * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: kravas =* Registry vērtības nav atrasts * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: palaist =* Registry vērtības nav atrasts * HKLM \ .. \ Windows NT \ CurrentVersion \ Windows: AppInit_DLLs = -------------------------------------------------- Shell & ekrānsaudzētājs atslēgu no C: \ WINDOWS \ SYSTEM.INI: Shell =* INI sadaļā nav atrasts * SCRNSAVE.EXE =* INI sadaļā nav atrasts * autovadītāju =* INI sadaļā nav atrasts * Shell & ekrānsaudzētājs atslēgu no reģistra: Shell = Explorer.exe SCRNSAVE.EXE = C: \ WINDOWS \ system32 \ logon.scr autovadītāju =* Registry vērtības nav atrasts * Politikas Shell atslēga: HKCU \ .. \ Policies: Shell =* Registry vērtības nav atrasts * HKLM \ .. \ Policies: Shell =* Registry vērtības nav atrasts * -------------------------------------------------- Pārbaude explorer.exe gadījumos: C: \ Windows \ Explorer.exe: PRESENT! C: \ Explorer.exe: nav klāt C: \ WINDOWS \ Explorer \ Explorer.exe: nav klāt C: \ Windows \ System \ Explorer.exe: nav klāt C: \ WINDOWS \ System32 \ Explorer.exe: nav klāt C: \ Windows \ Command \ Explorer.exe: nav klāt C: \ WINDOWS \ Fonts \ Explorer.exe: nav klāt -------------------------------------------------- Pārbaude superhidden paplašinājumiem: . LNK: HIDDEN! (arrow pārklāt: jā) . PIF: HIDDEN! (arrow pārklāt: jā) . exe: nav slēpto . com: nav slēpto . sikspārnis: nav slēpto . HTA: nav slēpto . scr: nav slēpto . SHS: HIDDEN! . SHB: HIDDEN! . VBS: nav slēpto . VBE: nav slēpto . wsh: nav slēpto . SCF: HIDDEN! (arrow pārklāt: NO!) . url: HIDDEN! (arrow pārklāt: jā) . js: nav slēpto . jse: nav slēpto -------------------------------------------------- Pārbaudītu regedit.exe integritāte: - Regedit.exe atrast C: \ WINDOWS -. Reg atvērts komanda ir normāls (regedit.exe% 1) - Uzņēmuma nosaukums OK: "Microsoft Corporation" - Original filename OK: "regedit.exe" - Faila aprakstam: "Registry Editor" Reģistra pārbaude pagājis -------------------------------------------------- Uzskaitot Browser Helper Objects: (bez nosaukuma) - c: \ windows \ system32 \ athcfg11c.dll (file missing) - (51.610.169-C280-4F36-84AB-82D92ED1F68B) (bez nosaukuma) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) (bez nosaukuma) - C: \ Program Files \ Google \ googletoolbar1.dll - (AA58ED58-01DD-4d91-8.333-CF10577473F7) (bez nosaukuma) - C: \ WINDOWS \ system32 \ crypt32n.dll - (EA389261-1100-451F-8.582-815CAB488AE6) -------------------------------------------------- Uzskaitot Task plānotājs darba vietas: AppleSoftwareUpdate.job At1.job Norton Security Scan.job RegCure Program Check.job RegCure.job -------------------------------------------------- Uzskaitot Download Program Files: [Microsoft XML Parser Java] CODEBASE = file: / / / C: / WINDOWS / Java / classes / xmldso.cab OSD = C: \ WINDOWS \ Downloaded Program Files \ Microsoft XML Parser par Java.osd [Flash ActiveX Control] InProcServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ ipixx.ocx CODEBASE = http://www.ipix.com/download/ipixx.cab [Shockwave ActiveX Control] InProcServer32 = C: \ WINDOWS \ system32 \ macromed \ Director \ SwDir.dll CODEBASE = http://fpdownload.macromedia.com/get...irector/sw.cab [MUWebControl Class] InProcServer32 = C: \ WINDOWS \ system32 \ muweb.dll CODEBASE = http://www.update.microsoft.com/micr...?1197453622703 [Java Plug-in 1.6.0_05] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab [(8FFBE65D-2C9C-4.669-84BD-5829DC0B603C)] CODEBASE = http://fpdownload.macromedia.com/get.../ultrashim.cab [kvadrāta Scanner] InProcServer32 = C: \ WINDOWS \ DOWNLO ~ 1 \ asquared.ocx CODEBASE = http://ax.emsisoft.com/asquared.cab [Java Plug-in 1.5.0_06] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab [Java Plug-in 1.5.0_11] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.5.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_03] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_05] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Java Plug-in 1.6.0_05] InProcServer32 = C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ npjpi160_05.dll CODEBASE = http://java.sun.com/update/1.6.0/jin...ndows-i586.cab [Shockwave Flash Object] InProcServer32 = C: \ WINDOWS \ system32 \ Macromed \ Flash \ Flash9e.ocx CODEBASE = http://fpdownload2.macromedia.com/ge...sh/swflash.cab -------------------------------------------------- Uzskaitot Winsock LSP failus: Namespace # 1: C: \ WINDOWS \ System32 \ mswsock.dll Namespace # 2: C: \ WINDOWS \ System32 \ winrnr.dll Namespace # 3: C: \ WINDOWS \ System32 \ mswsock.dll Namespace # 4: C: \ WINDOWS \ System32 \ nwprovau.dll Protokols # 1: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 2: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 3: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 4: C: \ WINDOWS \ system32 \ rsvpsp.dll Protokols # 5: C: \ WINDOWS \ system32 \ rsvpsp.dll Protokols # 6: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 7: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 8: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 9: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 10: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 11: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 12: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 13: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 14: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 15: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 16: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 17: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 18: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 19: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 20: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 21: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 22: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 23: C: \ WINDOWS \ system32 \ mswsock.dll Protokols # 24: C: \ WINDOWS \ system32 \ mswsock.dll -------------------------------------------------- Uzskaitot Windows NT/2000/XP pakalpojumi Microsoft ACPI Driver: system32 \ drivers \ ACPI.sys (sistēmas) Microsoft Embedded Controller Driver: system32 \ drivers \ ACPIEC.sys (sistēmas) Atheros Configuration Service: C: \ WINDOWS \ system32 \ acs.exe (palaišana) Microsoft Kernel Acoustic Echo Canceller: system32 \ drivers \ aec.sys (manual start) AFD: \ SystemRoot \ System32 \ drivers \ afd.sys (sistēmas) Alerter:% SystemRoot% \ system32 \ svchost.exe-k LocalService (invalīdiem) Application Layer Gateway Service:% SystemRoot% \ System32 \ alg.exe (manual start) Application Management:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manual start) Atheros Wireless Network Adapter dienests: system32 \ drivers \ ar5211.sys (manual start) ASP.NET Valsts dienests:% SystemRoot% \ Microsoft.NET \ Framework \ v1.1.4322 \ asp net_state.exe (manual start) RAS Asynchronous Media Driver: system32 \ drivers \ asyncmac.sys (manual start) Standard IDE / ESDI Hard Disk Controller: system32 \ drivers \ atapi.sys (sistēmas) ATI Hotkey Poller:% SystemRoot% \ system32 \ Ati2evxx.exe (palaišana) ati2mtag: system32 \ drivers \ ati2mtag.sys (manual start) ATM ARP Client Protocol system32 \ drivers \ atmarpc.sys (manual start) Logi Audio:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Audio Stub Driver: system32 \ drivers \ audstub.sys (manual start) AVG Anti-Spyware Driver: \? \ C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.sys (sistēmas) AVG Anti-Spyware Guard: C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe (palaišana) AVG7 Alert Manager Server: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe (palaišana) AVG7 Kernel: \ SystemRoot \ System32 \ Drivers \ avg7core.sys (sistēmas) AVG7 Wrap Driver: \ SystemRoot \ System32 \ Drivers \ avg7rsw.sys (sistēmas) AVG7 Resident Driver XP: \ SystemRoot \ System32 \ Drivers \ avg7rsxp.sys (sistēmas) AVG7 Update Service: C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe (palaišana) AVG Anti-Spyware Clean Driver: System32 \ Drivers \ AvgAsCln.sys (sistēmas) AVG7 Clean Driver: \ SystemRoot \ System32 \ Drivers \ avgclean.sys (sistēmas) Background Intelligent Transfer Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Access 32bits INT15 rutīnas: system32 \ drivers \ BoiHwSetup.sys (manual start) BrSplService: C: \ WINDOWS \ system32 \ brsvc01a.exe (palaišana) Computer Browser:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Logical Disk Manager Monitor:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Conexant AMC 3D Vides Audio: system32 \ drivers \ camc6aud.sys (manual start) CAMCHALA: system32 \ drivers \ camc6hal.sys (manual start) CD-ROM Driver: system32 \ drivers \ cdrom.sys (sistēmas) ConfigFree Service: C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe (palaišana) Indexing Service:% SystemRoot% \ system32 \ cisvc.exe (manual start) ClipBook:% SystemRoot% \ system32 \ clipsrv.exe (invalīdiem) Microsoft ACPI Control Method Battery Driver: system32 \ drivers \ CmBatt.sys (manual start) Microsoft Composite Battery Driver: system32 \ drivers \ compbatt.sys (sistēmas) COM + System Application: C: \ WINDOWS \ system32 \ dllhost.exe / Processid: (02D4B3F1-FD88-11D1-960D-00805FC79235) (manual start) Kriptogrāfijas Pakalpojumi:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) DCOM Server Process Launcher:% SystemRoot% \ system32 \ svchost-k DcomLaunch (palaišana) DHCP Client:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Disk Driver: system32 \ drivers \ disk.sys (sistēmas) DLABOIOM: System32 \ DLA \ DLABOIOM.SYS (palaišana) DLACDBHM: System32 \ Drivers \ DLACDBHM.SYS (sistēmas) DLADResN: System32 \ DLA \ DLADResN.SYS (palaišana) DLAIFS_M: System32 \ DLA \ DLAIFS_M.SYS (palaišana) DLAOPIOM: System32 \ DLA \ DLAOPIOM.SYS (palaišana) DLAPoolM: System32 \ DLA \ DLAPoolM.SYS (palaišana) DLARTL_N: System32 \ Drivers \ DLARTL_N.SYS (sistēmas) DLAUDFAM: System32 \ DLA \ DLAUDFAM.SYS (palaišana) DLAUDF_M: System32 \ DLA \ DLAUDF_M.SYS (palaišana) Logical Disk Manager Administrative Service:% SystemRoot% \ System32 \ dmadmin.exe / com (manual start) dmboot: System32 \ drivers \ dmboot.sys (invalīdiem) Logical Disk Manager Driver: System32 \ drivers \ dmio.sys (sistēmas) dmload: System32 \ drivers \ dmload.sys (sistēmas) Logical Disk Manager:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Microsoft Kernel DLS Syntheiszer: system32 \ drivers \ DMusic.sys (manual start) DNINDIS5 NDIS protokols Driver: \? \ C: \ PROGRA ~ 1 \ Belkin \ BELKIN ~ 1.11G \ DNINDIS5.SYS (manual start) DNS Client:% SystemRoot% \ system32 \ svchost.exe-k NetworkService (palaišana) Microsoft Kernel DRM Audio Descrambler: system32 \ drivers \ drmkaud.sys (manual start) DRVMCDB: System32 \ Drivers \ DRVMCDB.SYS (sistēmas) DRVNDDM: System32 \ Drivers \ DRVNDDM.SYS (palaišana) Error Reporting Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Event Log:% SystemRoot% \ system32 \ services.exe (palaišana) COM + Event System: C: \ WINDOWS \ system32 \ svchost.exe-k netsvcs (manual start) Fast User Switching Compatibility:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) FltMgr: system32 \ drivers \ fltMgr.sys (sistēmas) Volume Manager Driver: system32 \ drivers \ ftdisk.sys (sistēmas) Generic Packet Classifier: system32 \ drivers \ msgpc.sys (manual start) GTNDIS5 NDIS protokols Driver: \? \ C: \ WINDOWS \ system32 \ GTNDIS5.SYS (manual start) Google Updater Service: "C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe" (manual start) Palīdzība un atbalsts:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Human Interface Device Access:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (invalīdiem) Microsoft HID Class Driver: system32 \ drivers \ hidusb.sys (manual start) hlkvythd: system32 \ drivers \ vzrpdamf.dat (sistēmas) HSFHWATI: system32 \ drivers \ HSFHWATI.sys (manual start) HSF_DPV: system32 \ drivers \ HSF_DPV.sys (manual start) HTTP: System32 \ Drivers \ HTTP.sys (manual start) HTTP SSL:% SystemRoot% \ System32 \ svchost.exe-k HTTPFilter (manual start) i8042 klaviatūra un PS / 2 Mouse Port Driver: system32 \ drivers \ i8042prt.sys (sistēmas) InstallDriver Table Manager: "C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe" (manual start) CD-Burning Filter Driver: system32 \ drivers \ imapi.sys (sistēmas) IMAPI CD-Burning COM Service: C: \ WINDOWS \ system32 \ imapi.exe (manual start) Intel Processor Driver: system32 \ drivers \ intelppm.sys (sistēmas) IPv6 Windows ugunsmūri Driver: system32 \ drivers \ Ip6Fw.sys (manual start) IP Traffic Filter Driver: system32 \ drivers \ ipfltdrv.sys (manual start) IP IP Tunnel Driver: system32 \ drivers \ ipinip.sys (manual start) IP Network Address Translator: system32 \ drivers \ ipnat.sys (manual start) IPSEC vadītājs: system32 \ drivers \ ipsec.sys (sistēmas) IR Enumerator dienests: system32 \ drivers \ irenum.sys (manual start) PnP ISA / EISA Bus Driver: system32 \ drivers \ isapnp.sys (sistēmas) IVI ASPI Shell: system32 \ drivers \ iviaspi.sys (manual start) Keyboard Class Driver: system32 \ drivers \ kbdclass.sys (sistēmas) Microsoft Kernel Wave Audio Mixer: system32 \ drivers \ kmixer.sys (manual start) Server:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Darbstacija:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) TCP / IP NetBIOS Helper:% SystemRoot% \ system32 \ svchost.exe-k LocalService (palaišana) mdmxsdk: system32 \ drivers \ mdmxsdk.sys (palaišana) Messenger:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (invalīdiem) NetMeeting Remote Desktop Sharing: C: \ WINDOWS \ system32 \ mnmsrvc.exe (manual start) Mouse Class Driver: system32 \ drivers \ mouclass.sys (sistēmas) Mouse HID Driver: system32 \ drivers \ mouhid.sys (manual start) WebDAV Client virzienmainītājs: system32 \ drivers \ mrxdav.sys (manual start) MrxSmb: system32 \ drivers \ mrxsmb.sys (sistēmas) Distributed Transaction Coordinator: C: \ WINDOWS \ system32 \ msdtc.exe (manual start) Windows Installer: C: \ WINDOWS \ system32 \ Msiexec.exe / V (manual start) Microsoft Streaming Service Proxy: system32 \ drivers \ MSKSSRV.sys (manual start) Microsoft Streaming Clock Proxy: system32 \ drivers \ MSPCLOCK.sys (manual start) Microsoft Streaming Quality Manager Proxy: system32 \ drivers \ MSPQM.sys (manual start) Microsoft System Management BIOS Driver: system32 \ drivers \ mssmbios.sys (manual start) Remote Access NDIS TAPI Driver: system32 \ drivers \ ndistapi.sys (manual start) NDIS Usermode I / O protokols: system32 \ drivers \ ndisuio.sys (manual start) Remote Access NDIS WAN Driver: system32 \ drivers \ ndiswan.sys (manual start) NetBIOS Interface: system32 \ drivers \ netbios.sys (sistēmas) NetBIOS pār Tcpip: system32 \ drivers \ netbt.sys (sistēmas) Network DDE:% SystemRoot% \ system32 \ netdde.exe (invalīdiem) Network DDE DSDM:% SystemRoot% \ system32 \ netdde.exe (invalīdiem) TOSHIBA Network Device Usermode I / O protokols: system32 \ drivers \ netdevio.sys (palaišana) Net Logon:% SystemRoot% \ system32 \ lsass.exe (palaišana) Network Connections:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) Network Location Awareness (NLA):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manual start) NT LM Security Support Provider:% SystemRoot% \ system32 \ lsass.exe (manual start) Removable Storage:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manual start) Klientu apkalpošanas par NetWare:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) IPX Traffic Filter Driver: system32 \ drivers \ nwlnkflt.sys (manual start) IPX Traffic Ekspeditors Driver: system32 \ drivers \ nwlnkfwd.sys (manual start) NWLink IPX / SPX / NetBIOS Compatible Transport Protocol system32 \ drivers \ nwlnkipx.sys (palaišana) NWLink NetBIOS: system32 \ drivers \ nwlnknb.sys (palaišana) NWLink SPX / SPXII protokols: system32 \ drivers \ nwlnkspx.sys (palaišana) NetWare RDR: system32 \ drivers \ nwrdr.sys (manual start) Office Source Engine: "C: \ Program Files \ Common Files \ Microsoft Shared \ Source Engine \ OSE.EXE" (manual start) PCI Bus Driver: system32 \ drivers \ pci.sys (sistēmas) PCIIde: system32 \ drivers \ pciide.sys (sistēmas) PCMCIA: system32 \ drivers \ pcmcia.sys (sistēmas) Padus ASPI Shell: system32 \ drivers \ pfc.sys (manual start) Plug and Play:% SystemRoot% \ system32 \ services.exe (palaišana) IPSEC Services:% SystemRoot% \ system32 \ lsass.exe (palaišana) WAN Miniport (PPTP): system32 \ drivers \ raspptp.sys (manual start) Protected Storage:% SystemRoot% \ system32 \ lsass.exe (palaišana) QoS Packet Scheduler: system32 \ drivers \ psched.sys (manual start) Direct Parallel Link Driver: system32 \ drivers \ ptilink.sys (manual start) PxHelp20: System32 \ Drivers \ PxHelp20.sys (sistēmas) Quanta Hotkey Keyboard Filter Driver: system32 \ drivers \ qkbfiltr.sys (manual start) Quanta Hotkey Mouse Filter Driver: system32 \ drivers \ qmofiltr.sys (manual start) Remote Access Auto Connection Driver: system32 \ drivers \ rasacd.sys (sistēmas) Remote Access Auto Connection Manager:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manual start) WAN Miniport (L2TP): system32 \ drivers \ rasl2tp.sys (manual start) Remote Access Connection Manager:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (manual start) Remote Access PPPoE Driver: system32 \ drivers \ raspppoe.sys (manual start) Direct Parallel: system32 \ drivers \ raspti.sys (manual start) Rdbss: system32 \ drivers \ rdbss.sys (sistēmas) RDPCDD: System32 \ Drivers \ RDPCDD.sys (sistēmas) Terminal Server Device virzienmainītājs Driver: system32 \ drivers \ rdpdr.sys (manual start) Remote Desktop Help Session Manager: C: \ WINDOWS \ system32 \ sessmgr.exe (manual start) Digitālās CD Audio Playback Filter Driver: system32 \ drivers \ redbook.sys (sistēmas) Routing and Remote Access:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (invalīdiem) Remote Registry:% SystemRoot% \ system32 \ svchost.exe-k LocalService (palaišana) Remote Procedure Call (RPC) Locator:% SystemRoot% \ system32 \ locator.exe (manual start) Remote Procedure Call (RPC):% SystemRoot% \ system32 \ svchost-k rpcss (palaišana) QoS RSVP:% SystemRoot% \ system32 \ rsvp.exe (manual start) Belkin RT2500 Wireless Driver: system32 \ drivers \ RT61.sys (manual start) Realtek 10/100/1000 NIC Ģimenes visu vienā NDIS XP Driver: system32 \ drivers \ Rtlnicxp.sys (manual start) Realtek RTL8139 (A / B / C) bāzes PCI Fast Ethernet Adapter NT Driver: system32 \ drivers \ RTL8139.SYS (manual start) Security Accounts Manager:% SystemRoot% \ system32 \ lsass.exe (palaišana) Smart Card:% SystemRoot% \ System32 \ SCardSvr.exe (manual start) Task Scheduler:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Secdrv: system32 \ drivers \ secdrv.sys (manual start) Secondary Logon:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) System Event Notification:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Sitecom Serial port vadītājs: system32 \ drivers \ ser2pl.sys (manual start) Serenum Filter Driver: system32 \ drivers \ serenum.sys (manual start) High-Capacity Floppy Disk Drive: system32 \ drivers \ sfloppy.sys (manual start) Windows Firewall / Internet Connection Sharing (ICS):% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Shell Hardware Detection:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Microsoft Kernel Audio Splitter: system32 \ drivers \ Splitter.sys (manual start) Drukāt spolētāja:% SystemRoot% \ system32 \ Spoolsv.exe (palaišana) System Restore Filter Driver: system32 \ drivers \ sr.sys (sistēmas) System Restore Service:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) SRV: system32 \ drivers \ srv.sys (manual start) SSDP Discovery Service:% SystemRoot% \ system32 \ svchost.exe-k LocalService (manual start) Still Serial Digital Camera Driver: system32 \ drivers \ serscan.sys (manual start) Windows Image Acquisition (WIA):% SystemRoot% \ system32 \ svchost.exe-k imgsvc (palaišana) Programmatūra Bus Driver: system32 \ drivers \ swenum.sys (manual start) Microsoft Kernel GS Wavetable Sintezatori: system32 \ drivers \ swmidi.sys (manual start) MS Software Shadow Copy Provider: C: \ WINDOWS \ system32 \ dllhost.exe / Processid: (6C222AAE-7AD3-43BE-AC4B-02239FF8DEC6) (manual start) Synaptics Touchpad Driver: system32 \ drivers \ SynTP.sys (manual start) Microsoft Kernel System Audio Device: system32 \ drivers \ sysaudio.sys (manual start) Performance Logs and Alerts:% SystemRoot% \ system32 \ smlogsvc.exe (manual start) Telefoniju:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) TCP / IP protokols Driver: system32 \ drivers \ Tcpip.sys (sistēmas) Terminal Device Driver: system32 \ drivers \ termdd.sys (sistēmas) Terminal Services:% SystemRoot% \ System32 \ svchost-k DComLaunch (manual start) Tēmas:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Telnet: C: \ WINDOWS \ system32 \ tlntsvr.exe (invalīdiem) tmcomm: \? \ C: \ WINDOWS \ system32 \ drivers \ tmcomm.sys (palaišana) Distributed Link Tracking Client:% SystemRoot% \ system32 \ svchost.exe-k netsvcs (palaišana) Mikrokoda Update Driver: system32 \ drivers \ update.sys (manual start) Universal Plug and Play Device Host:% SystemRoot% \ system32 \ svchost.exe-k LocalService (manual start) Nepārtrauktās barošanas avots:% SystemRoot% \ System32 \ ups.exe (manual start) Microsoft USB Generic Parent Driver: system32 \ drivers \ usbccgp.sys (manual start) Microsoft USB 2.0 Enhanced Host Controller Miniport Driver: system32 \ drivers \ usbehci.sys (manual start) USB2 Enabled Hub: system32 \ drivers \ Usbhub.sys (manual start) Microsoft USB Open Host Controller Miniport Driver: system32 \ drivers \ usbohci.sys (manual start) Microsoft USB PRINTER klase: system32 \ drivers \ usbprint.sys (manual start) USB Scanner Driver: system32 \ drivers \ usbscan.sys (manual start) USB Mass Storage Driver: system32 \ drivers \ USBSTOR.SYS (manual start) Linksys Wireless-G USB Network Adapter ar SPEEDBOOSTER Driver v2: system32 \ drivers \ usb8023.sys (manual start) VgaSave: \ SystemRoot \ System32 \ drivers \ vga.sys (sistēmas) Volume Shadow Copy:% SystemRoot% \ System32 \ vssvc.exe (manual start) Windows Time:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Remote Access IP ARP Driver: system32 \ drivers \ wanarp.sys (manual start) Windows CE USB Serial Host Driver: system32 \ drivers \ wceusbsh.sys (manual start) Microsoft WINMM WDM Audio Compatibility Driver: system32 \ drivers \ wdmaud.sys (manual start) WebClient:% SystemRoot% \ system32 \ svchost.exe-k LocalService (palaišana) winachsf: system32 \ drivers \ HSF_CNXT.sys (manual start) Windows Management Instrumentation:% systemroot% \ system32 \ svchost.exe-k netsvcs (palaišana) Portable Media Serial Number Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) Windows Management Instrumentation Driver Extensions:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) WMI Performance Adapter: C: \ WINDOWS \ system32 \ wbem \ wmiapsrv.exe (manual start) Windows Media Player Network Sharing Service: "C: \ Program Files \ Windows Media Player \ WMPNetwk.exe" (manual start) Windows Socket 2,0 Non-IFS Service Provider Support Environment: \ SystemRoot \ System32 \ drivers \ ws2ifsl.sys (invalīdiem) Drošības centrs:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Automatic Updates:% systemroot% \ system32 \ svchost.exe-k netsvcs (palaišana) Windows Driver Foundation - Lietotāja mode Driver Framework Platform Driver: system32 \ drivers \ WudfPf.sys (manual start) Windows Driver Foundation - Lietotāja mode Driver Framework Reflector: system32 \ drivers \ wudfrd.sys (manual start) Windows Driver Foundation - User-mode Driver Framework:% SystemRoot% \ system32 \ svchost.exe-k WudfServiceGroup (manual start) Wireless Zero Configuration:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (palaišana) Network Provisioning Service:% SystemRoot% \ System32 \ svchost.exe-k netsvcs (manual start) -------------------------------------------------- Uzskaitot Windows NT pieteikšanās / logoff skriptus: * No skriptus, kas darboties * Windows NT checkdisk komandu: BootExecute = Automātiskā pārbaude autochk * Windows NT "Wininit.ini": PendingFileRenameOperations: * Registry vērtība nav atrasts * -------------------------------------------------- Uzskaitot ShellServiceObjectDelayLoad posteņus: PostBootReminder: C: \ WINDOWS \ system32 \ shell32.dll CDBurn: C: \ WINDOWS \ system32 \ shell32.dll WebCheck: C: \ WINDOWS \ system32 \ webcheck.dll SysTray: C: \ WINDOWS \ system32 \ stobject.dll UPnPMonitor: C: \ WINDOWS \ system32 \ upnpui.dll WPDShServiceObj: C: \ WINDOWS \ system32 \ WPDShServiceObj.dll -------------------------------------------------- Autorun ierakstus no reģistra: HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ pol icies \ Explorer \ Run * No atrasto vērtību * -------------------------------------------------- Autorun ierakstus no reģistra: HKLM \ Software \ Microsoft \ Windows \ CurrentVersion \ pol icies \ Explorer \ Run * No atrasto vērtību * -------------------------------------------------- Gada beigām ziņojumu, 38.242 baiti Report generated in 0,266 seconds Komandrindas opcijas: / runīgs - pievienot papildu informācija par katras sadaļas / pabeigts - iekļaut tukšs nodaļās un netur aizdomas dati / Pilns - lai arī vairāki reti nozīmīgu sadaļu / force9x - iekļaut Win9x tikai jaunizveidotiem uzņēmumiem, pat ja palaists WinNT / forcent - iekļaut WinNT tikai jaunizveidotiem uzņēmumiem, pat ja palaists Win9x / forceall - iekļaut visus Win9x un WinNT jaunizveidotiem neatkarīgi no platformas / vēstures - pie saraksta versiju vēsture tikai |
|
#4
Marts 25, 2008, 14:47
| |||
| |||
| Trojas zirgs Tas ir starta saraksts, no HJT, kas ir lietderīgi, bet man vajag galvenais skenēšanu. Open HJT un izvēlieties Vai sistēmas skenēšanu un saglabāt log failu pogu. Dienests, log please.
__________________ |
|
#5
Marts 27, 2008, 12:47
| |||
| |||
| Trojas zirgs Čau, Sorry, ja man šķiet lēns atbildēt, bet es esmu, kam grūtības glābšanas scan! Man ir bijis HJT Run 'Vai sistēmas skenēšanu un saglabāt log failu, bet, kad tā mēģina atvērt log failu neizdodas. Vienīgais veids, kā es varu redzēt, sniedzot šāda info ir, ja es saglabāt kopiju ekrāna, bet lai ievietotu ka tas būs liels fails, Jūsuprāt, tā ir laba doma, vai ir tur kaut kas cits varu mēģināt? Sveicieni Ian |
|
#6
Marts 27, 2008, 12:58
| |||
| |||
| Trojas zirgs Izmēģiniet šo vietā un pēc no tā apaļkokiem. Lejupielādēt Deckard's System Scanner (DSS) jūsu Desktop. Piezīme: Jums ir jābūt pieteicies uz kontu ar administratora privilēģijas.
Ko DSS darīs:
__________________ |
|
#7
Marts 28, 2008, 14:41
| |||
| |||
| Trojas zirgs Čau Man ir domā! Es esmu mēģinājis dodas uz karstā saite Deckards skaneris, bet es nevaru atrast dss.exe. Deckards lūdz mani reģistra citā mājas lapā forums līdzīgs man jau esmu par Lūdzu paskaidrojiet Ian |
|
#8
Marts 28, 2008, 14:46
| |||
| |||
| Trojas zirgs Izmantojiet šo saiti. http://www.techsupportforum.com/sect...eckard/dss.exe
__________________ |
|
#9
Aprīlis 7, 2008, 00:56
| |||
| |||
| Trojas zirgs Sveiki, Sorry, ja tā kādreiz, jo es esmu atpakaļ, bet man ir bijis prom Man tagad izdevies to skenēšanas un šeit rezultāti System Restore ------------------------------------------------ -------------- Veiksmīgi izveidots Deckard's System Scanner Restore Point. - Pēdējie 5 Restore Point (s) -- 49: 2008/04/07 07:50:49 UTC - RP160 - Deckard's System Scanner Restore Point 48: 2008/04/07 06:07:59 UTC - RP159 - System Checkpoint 47: 2008/04/01 17:50:42 UTC - RP158 - System Checkpoint 46: 2008/03/28 20:48:03 UTC - RP157 - Installed SUPERAntiSpyware Free Edition 45: 2008/03/28 19:02:25 UTC - RP156 - System Checkpoint - First Restore Point -- 1: 2008/01/04 07:54:54 UTC - RP112 - System Checkpoint Jāpapildina reģistra stropus. Veic disk cleanup. Procentos Memory in Use: 76% (vairāk nekā 75%). Kopā Fiziskāatmiņa: 447 MiB (512 MiB ieteicams). - HijackThis (darbojas kā iana.exe) ---------------------------------------- -------- Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 08:52:30, uz 07/04/2008 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16608) Boot mode: Normal Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Windows \ Explorer.exe C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe C: \ WINDOWS \ system32 \ TPSMain.exe C: \ Program Files \ Synaptics \ SynTP \ Toshiba.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ NDSTray.exe C: \ Program Files \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe C: \ Program Files \ TOSHIBA \ Touch un palaišanas \ PadExe.exe C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSServ.exe C: \ Program Files \ Atheros \ ACU.exe C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ QuickTime \ qttask.exe C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Messenger \ msmsgs.exe C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe C: \ WINDOWS \ system32 \ TPSBattM.exe C: \ Program Files \ FinePixViewer \ QuickDCF.exe C: \ Program Files \ TOSHIBA \ ConfigFree \ CFXFER.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ AcroRd32.exe C: \ WINDOWS \ system32 \ WISPTIS.EXE C: \ Documents and Settings \ Iana \ Local Settings \ Temporary Internet Files \ Content.IE5 \ EL9EICW6 \ dss [1]. Exe C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ nolaupīt ~ 1 \ iana.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, SearchAssistant = R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Search, CustomizeSearch = R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyServer = flotechsvr: 8.080 O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6,0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: (no name) - (51.610.169-C280-4F36-84AB-82D92ED1F68B) - C: \ Windows \ system32 \ athcfg11c.dll (file missing) O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll O2 - BHO: Google Toolbar Helper - (AA58ED58-01DD-4d91-8.333-CF10577473F7) - C: \ Program Files \ Google \ googletoolbar1.dll O2 - BHO: (no name) - (EA389261-1100-451F-8.582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll O3 - Toolbar: & Google - (2318C2B1-4.965-11d4-9B18-009027A5CD4F) - C: \ Program Files \ Google \ googletoolbar1.dll O4 - HKLM \ .. \ Run: [SynTPEnh] C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe O4 - HKLM \ .. \ Run: [Toshiba Hotkey Utility] "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" / lang en O4 - HKLM \ .. \ Run: [TPSMain] TPSMain.exe O4 - HKLM \ .. \ Run: [NDSTray.exe] NDSTray.exe O4 - HKLM \ .. \ Run: [SmoothView] C: \ Program Files \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe O4 - HKLM \ .. \ Run: [PadTouch] C: \ Program Files \ TOSHIBA \ Touch un palaišanas \ PadExe.exe O4 - HKLM \ .. \ Run: [DLA] C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE O4 - HKLM \ .. \ Run: [CFSServ.exe] CFSServ.exe-NoClient O4 - HKLM \ .. \ Run: [REGSHAVE] C: \ Program Files \ REGSHAVE \ REGSHAVE.EXE / Autorun O4 - HKLM \ .. \ Run: [ACU] "C: \ Program Files \ Atheros \ ACU.exe"-nogui O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / minimāla O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / Uzsākšana O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" O4 - HKLM \ .. \ Run: [OpwareSE2] "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" O4 - HKLM \ .. \ Run: [OPSE atgādinājums] "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe"-r "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ ereg . ini " O4 - HKCU \ .. \ Run: [TOSCDSPD] C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [PnPUI Registrator] C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe-s O4 - HKCU \ .. \ Run: [MSMSGS] "C: \ Program Files \ Messenger \ msmsgs.exe" / background O4 - HKCU \ .. \ Run: [SUPERAntiSpyware] C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User "SISTĒMA") O4 - HKUS \. DEFAULT \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'Default user') O4 - Global Startup: Exif Launcher.lnk = C: \ Program Files \ FinePixViewer \ QuickDCF.exe O4 - Global Startup: Microsoft Office.lnk = C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ ssv.dll Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ MI05E6 ~ 1 \ Office11 \ REFIEBAR.DLL Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø10 - Unknown failu Winsock LSP: c: \ windows \ system32 \ nwprovau.dll Ø14 - IERESET.INF: START_PAGE_URL = http://companyweb Ø16 - DPF: (11.260.943-421B-11D0-8EAC-0000C07D88CF) (Flash ActiveX Control) -- http://www.ipix.com/download/ipixx.cab Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://www.update.microsoft.com/micr...?1197453622703 Ø16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab Ø16 - DPF: (BB21F850-63F4-4EC9-BF9D-565BD30C9AE9) (kvadrāta Scanner) -- http://ax.emsisoft.com/asquared.cab Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: Domain = flotech.local Ø17 - HKLM \ Software \ .. \ telefoniju: DomainName = flotech.local Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (3C838800-1.126-48EC-8.092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222 Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: Domain = flotech.local Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222 Ø17 - HKLM \ System \ CS1 \ Services \ Tcpip \ .. \ (3C838800-1.126-48EC-8.092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222 Ø17 - HKLM \ System \ CS3 \ Services \ Tcpip \ Parameters: Domain = flotech.local Ø17 - HKLM \ System \ CS3 \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222 Ø17 - HKLM \ System \ CS3 \ Services \ Tcpip \ .. \ (3C838800-1.126-48EC-8.092-81CB4BD5BA88): NameServer = 208.67.220.220,208.67.222.222 Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ Parameters: NameServer = 208.67.220.220,208.67.222.222 Ø20 - Winlogon Paziņot:! SASWinLogon - C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll Ø20 - Winlogon Paziņot: detcdzqc - athcfg11c.dll (file missing) O23 - Service: Atheros Configuration Service (ACS) - Unknown īpašnieks - C: \ WINDOWS \ system32 \ acs.exe O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe O23 - Service: BrSplService (Brother XP SPL Service) - brālis Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: ConfigFree Service (CFSvcs) - Toshiba Corporation - C: \ Program Files \ TOSHIBA \ ConfigFree \ CFSvcs.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe -- End of failu - 9.862 bytes - HijackThis Fixed Ieraksti (C: \ PROGRA ~ 1 \ TRENDM ~ 1 \ nolaupīt ~ 1 \ backups \) ----------- backup-20071217-070814-188 O4 - HKLM \ .. \ Run: [\ \ WKS-216 \ EPSON Stylus C46 Series] C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_S4I0T 1.EXE / P33 "\ \ WKS-216 \ EPSON Stylus C46 Series "/ O6" USB002 "/ M" Stylus C46 " backup-20071217-071110-763 Ø16 - DPF: (935F9B04-0C7B-4.454-A391-348C54AD7ADD) (Jolly Bear Games Player) -- http://games.bigfishgames.com/en_big...GamePlayer.cab backup-20071219-071455-100 Ø20 - Winlogon Paziņot: detcdzqc - C: \ WINDOWS \ SYSTEM32 \ athcfg11c.dll backup-20071219-071455-320 O4 - Global Startup: EPSON Status Monitor 3 vides pārbaude (3). LNK = C: \ WINDOWS \ system32 \ spool \ drivers \ w32x86 \ 3 \ E_SRCV0 3.EXE backup-20071219-071455-780 O2 - BHO: (no name) - (EA389261-1100-451F-8.582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll backup-20080327-194111-931 O2 - BHO: (no name) - (51.610.169-C280-4F36-84AB-82D92ED1F68B) - C: \ Windows \ system32 \ athcfg11c.dll (file missing) backup-20080327-194139-797 O2 - BHO: (no name) - (EA389261-1100-451F-8.582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll backup-20080327-194247-663 O2 - BHO: (no name) - (EA389261-1100-451F-8.582-815CAB488AE6) - C: \ WINDOWS \ system32 \ crypt32n.dll - File Associations ---------------------------------------------- ------------- . txt - NetLog.Document - DefaultIcon - C: \ EPICOM ~ 1,02 \ EPICom2.02 \ EPICOM ~ 1.EXE, 8 . txt - NetLog.Document - shell \ atvērt \ komanda - C: \ EPICOM ~ 1,02 \ EPICom2.02 \ EPICOM ~ 1.EXE / DDE - Drivers: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled --------------------- R0 hlkvythd - c: \ windows \ system32 \ drivers \ vzrpdamf.dat R1 SASDIFSV - c: \ Program Files \ superantispyware \ sasdifsv.sys R1 SASKUTIL - c: \ Program Files \ superantispyware \ saskutil.sys R2 MASPINT - c: \ windows \ system32 \ drivers \ maspint.sys <Nav Verified; MicroStaff Co.,Ltd.; Aspi32 draiveris priekš WinNT> R2 mdmxsdk - c: \ windows \ system32 \ drivers \ mdmxsdk.sys <Nav Verified; Conexant; Diagnostic Interface> R2 Netdevio (Toshiba Network Device Usermode I / O Protocol) - c: \ windows \ system32 \ drivers \ netdevio.sys <Nav Verified; TOSHIBA Corporation.; TOSHIBA Network Device Usermode I/O protocol> R3 AR5211 (Atheros Wireless Network Adapter Service) - C: \ Windows \ system32 \ drivers \ ar5211.sys <Nav Verified; Atheros Communications, Inc.; Atheros AR5001 Wireless Network Adapter> R3 BoiHwsetup (Access 32bits INT15 rutīnas) - C: \ Windows \ system32 \ drivers \ boihwsetup.sys <Nav Verified; Quanta Computer Corp; Toshiba HwSetup Driver> R3 CAMCAUD (Conexant AMC 3D Environmental Audio) - c: \ windows \ system32 \ drivers \ camc6aud.sys <Nav Verified; Conexant Systems Inc.; Conexant Audio Driver> R3 CAMCHALA - C: \ windows \ system32 \ drivers \ camc6hal.sys <Nav Verified; Conexant Systems Inc.; Conexant AmcHal Driver> R3 HSF_DPV - c: \ windows \ system32 \ drivers \ hsf_dpv.sys <Nav Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> R3 HSFHWATI - c: \ windows \ system32 \ drivers \ hsfhwati.sys <Nav Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> R3 Iviaspi (IVI ASPI Shell) - c: \ windows \ system32 \ drivers \ iviaspi.sys <Nav Verified; InterVideo, Inc.; InterVideo ASPI Shell> R3 PFC (Padus ASPI Shell) - c: \ windows \ system32 \ drivers \ pfc.sys <Nav Verified; Padus, Inc.; Padus(R) ASPI Shell> R3 qkbfiltr (Quanta Hotkey Keyboard Filter Driver) - C: \ Windows \ system32 \ drivers \ qkbfiltr.sys <Nav Verified; Quanta Computer, Inc.; Quanta Hotkey Keyboard Filtrs Driver> R3 qmofiltr (Quanta Hotkey Mouse Filter Driver) - C: \ Windows \ system32 \ drivers \ qmofiltr.sys <Nav Verified; Quanta Computer, Inc.; Quanta Mouse Filter Device Driver> R3 SASENUM - c: \ Program Files \ superantispyware \ sasenum.sys <Nav Verified; SuperAdBlocker, Inc.; SuperAntiSpyware> R3 winachsf - c: \ windows \ system32 \ drivers \ hsf_cnxt.sys <Nav Verified; Conexant Systems, Inc.; SoftK56 Modem Driver> S3 DNINDIS5 (DNINDIS5 NDIS protokols Driver) - C: \ PROGRA ~ 1 \ belkin \ belkin ~ 1.11g \ dnindis5.sys (file missing) S3 GTNDIS5 (GTNDIS5 NDIS protokols Driver) - c: \ windows \ system32 \ gtndis5.sys (file missing) S3 RT61 (Belkin RT2500 Wireless Driver) - C: \ Windows \ system32 \ drivers \ rt61.sys (file missing) S3 Ser2pl (Sitecom Serial port vadītājs) - C: \ Windows \ system32 \ drivers \ ser2pl.sys <Nav Verified; Prolific Technology Inc.; Prolific USB-to-Serial Bridge Cable> S3 wceusbsh (Windows CE USB Serial Host Driver) - C: \ Windows \ system32 \ drivers \ wceusbsh.sys <Nav Verified; Microsoft Corporation; Windows CE USB Serial Host Driver> - Pakalpojumi: 0-Boot, 1-System, 2-Auto, 3-Demand, 4-Disabled -------------------- R2 CFSvcs (ConfigFree Service) - C: \ Program Files \ toshiba \ configfree \ cfsvcs.exe <Nav Verified; TOSHIBA CORPORATION; ConfigFree(TM)> S2 ACS (Atheros Konfiguràcijas pakalpojums) - c: \ windows \ system32 \ acs.exe - Device Manager: Disabled -------------------------------------------- -------- Nav invalīdi ierīces nav atrastas. - Scheduled Tasks ---------------------------------------------- --------------- 2008/04/07 06:48:40 436 - ------ C: \ WINDOWS \ Uzdevumi \ RegCure Program Check.job 2008/04/04 12:33:04 438 - ------ C: \ WINDOWS \ Uzdevumi \ At1.job 2008/03/15 17:25:00 284 - ------ C: \ WINDOWS \ Uzdevumi \ AppleSoftwareUpdate.job 2008/01/31 16:37:13 370 - ------ C: \ WINDOWS \ Uzdevumi \ RegCure.job - Faili izveidojies starp 2008/03/07 un 2008/04/07 ----------------------------- 2008/03/28 21:48:16 0 d -------- C: \ Documents and Settings \ All Users \ Application Data \ SUPERAntiSpyware.com 2008/03/28 21:48:05 0 d -------- C: \ Program Files \ SUPERAntiSpyware 2008/03/28 21:48:05 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ SUPERAntiSpyware.com 2008/03/28 21:47:28 0 d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard - Find3M Ziņojums ---------------------------------------------- ----------------- 2008/04/07 06:51:23 0 d -------- D: \ Documents and Settings \ Iana \ Application Data \ AVG7 2008/04/04 16:30:58 0 d -------- C: \ Program Files \ Hansa52Client 2008/04/04 15:41:49 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ AdobeUM 2008/03/28 21:47:28 0 d -------- C: \ Program Files \ Common Files 2008/03/25 10:03:27 0 d -------- C: \ Program Files \ Common Files \ Adobe 2008/03/25 09:31:28 0 d -------- C: \ Program Files \ Common Files \ Symantec Shared 2008/03/05 15:04:08 0 d -------- C: \ Program Files \ Canon 2008/03/05 11:57:28 0 d -------- C: \ Program Files \ Java 2008/02/25 09:26:29 0 d -------- C: \ Documents and Settings \ Iana \ Application Data \ ScanSoft 2008/02/25 09:26:26 0 d -------- C: \ Program Files \ Common Files \ ScanSoft Shared 2008/02/25 09:25:40 0 d -------- C: \ Program Files \ ScanSoft 2008/02/25 08:32:09 0 d -------- C: \ Program Files \ Google 2008/02/21 18:33:48 0 d -------- C: \ Program Files \ MumbleJumble 2008/02/21 18:10:04 0 d -------- C: \ Program Files \ Mahjong Deluxe 2008/02/21 12:06:28 0 d -------- C: \ Program Files \ RogueRemover FREE 2008/02/21 12:04:40 0 d -------- C: \ Program Files \ Walls of Jericho 2008/02/21 12:04:31 0 d -------- C: \ Program Files \ HP radošu ideju CD 2008/02/21 12:04:11 0 d -------- C: \ Program Files \ XviD 2008/02/21 12:03:54 0 d -------- C: \ Program Files \ RegCure 2008/02/21 12:02:55 0 d -------- C: \ Program Files \ Pārcelšanās Man 2008/02/21 12:02:55 0 d -------- C: \ Program Files \ Polarkubes 2008/02/21 12:01:40 0 d -------- C: \ Program Files \ PopCap Spēles 2008/02/18 19:38:17 16 - ------ C: \ WINDOWS \ popcinfot.dat 2008/02/18 19:19:59 0 - ------ C: \ WINDOWS \ popcreg.dat 2008/02/11 17:53:24 0 d -------- C: \ Program Files \ IDIGICON Limited 2008/01/21 18:36:58 1024 - ------ C: \ WINDOWS \ jericho_game_ra.dat - Registry Dump ---------------------------------------------- ----------------- * Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (51610169-C280-4F36-84AB-82D92ED1F68B)] [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (EA389261-1100-451F-8.582-815CAB488AE6)] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "SynTPEnh" = "C: \ Program Files \ Synaptics \ SynTP \ SynTPEnh.exe" [17/12/2005 00:32] "Toshiba Hotkey Utility" = "C: \ Program Files \ Toshiba \ Windows Utilities \ Hotkey.exe" [28/01/2006 05:13] "TPSMain" = "TPSMain.exe" [08/02/2006 16:02 C: \ WINDOWS \ system32 \ TPSMain.exe] "NDSTray.exe" = "NDSTray.exe" [] "SmoothView" = "C: \ Program Files \ TOSHIBA \ TOSHIBA Zooming Utility \ SmoothView.exe" [12/05/2005 11:31] "PadTouch" = "C: \ Program Files \ TOSHIBA \ Touch un palaišanas \ PadExe.exe" [21/12/2005 14:52] "DLA" = "C: \ WINDOWS \ System32 \ DLA \ DLACTRLW.EXE" [06/10/2005 06:20] "CFSServ.exe" = "CFSServ.exe" [] "REGSHAVE" = "C: \ Program Files \ REGSHAVE \ REGSHAVE.exe" [04/02/2002 23:32] "ACU" = "C: \ Program Files \ Atheros \ ACU.exe" [11/07/2005 16:04] "TkBellExe" = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [04/03/2007 17:39] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [01/09/2006 16:57] ! AVG Anti-Spyware "=" C: \ Program Files \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe "[11/06/2007 10:25] "AVG7_CC" = "C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe" [02/01/2008 12:20] "SunJavaUpdateSched" = "C: \ Program Files \ Java \ jre1.6.0_05 \ bin \ jusched.exe" [22/02/2008 05:25] "OpwareSE2" = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ OpwareSE2.exe" [08/05/2003 12:00] "OPSE atgādinājumu" = "C: \ Program Files \ ScanSoft \ OmniPageSE2.0 \ EregEng \ Ereg.exe" [07/07/2003 10:29] "RegistryMechanic" = "" [] [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "TOSCDSPD" = "C: \ Program Files \ TOSHIBA \ TOSCDSPD \ toscdspd.exe" [11/04/2005 12:26] "ctfmon.exe" = "C: \ WINDOWS \ system32 \ ctfmon.exe" [04/08/2004 14:00] "PnPUI Registrator" = "C: \ Program Files \ Common Files \ Sitecom Shared \ PnP Universal Installer \ PnPUIReg.exe" [22/11/2004 21:04] "MSMSGS" = "C: \ Program Files \ Messenger \ msmsgs.exe" [13/10/2004 17:24] "SUPERAntiSpyware" = "C: \ Program Files \ SUPERAntiSpyware \ SUPERAntiSpyware.exe" [27/02/2007 12:39] C: \ Documents and Settings \ All Users \ Start Menu \ Programs \ Startup \ Exif Launcher.lnk - C: \ Program Files \ FinePixViewer \ QuickDCF.exe [09/01/2002 22:53:14] Microsoft Office.lnk - C: \ Program Files \ Microsoft Office \ Office \ OSA9.EXE [21/01/2000 09:15:54] [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Policies \ SYSTEM] "DisableRegistryTools" = 0 (0x0) [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entversion \ Policies \ Explorer] "NoWelcomeScreen" = 1 (0x1) [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Explorer \ ShellExecuteHooks] "(5AE067D3-9AFB-48E0-853A-EBB7F4A000DA)" = C: \ Program Files \ SUPERAntiSpyware \ SASSEH.DLL [20/12/2006 13:55 77.824] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ paziņot \! SASWinLogon] C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll 27/02/2007 12:39 282.624 C: \ Program Files \ SUPERAntiSpyware \ SASWINLO.dll [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ Winlogon \ paziņot \ detcdzqc] athcfg11c.dll [HKEY_LOCAL_MACHINE \ SYSTEM \ CurrentControlSet \ contro l \ LSA] "Authentication Packages" = msv1_0 nwprovau HKEY_LOCAL_MACHINE \ Software \ Microsoft \ Windows NT \ CurrentVersion \ Svchost - NetSvcs buznlwxw [HKEY_CURRENT_USER \ Software \ Microsoft \ Windows \ Curre ntversion \ Explorer \ mountpoints2 \ (a2fd87dd-a192-11dc-b600-0016e375ed46)] Autorun \ command-E: \ LaunchU3.exe - End of Deckard sistēma Skaneris: gatavās at 2008/04/07 08:53:08 ------------ Ceru, ka tas viss ir jēga jums Sveicieni Iana |
 |
 |
| Bookmarks |
Similar Threads | ||||
| Pavediens | Thread Starter | Forums | Replies | Last Post |
| Trojan Horse & Worm?! | ct122592 | Vīrusu, spiegprogrammatūru un drošība | 2 | 27 aprīlis 2009 21:52 |
| Trojas zirgs, Help! | Phil1706 | Vīrusu, spiegprogrammatūru un drošība | 4 | 17 marts 2008 08:39 |
| Trojas zirgs BHO.CVX ir nozagts mana datora !!!!! | gļotas | Vīrusu, spiegprogrammatūru un drošība | 34 | 28 decembris 2007 09:05 |
| AVG ziņojumu Trojas zirgs BHO.CVX - Help, lūdzu | chrisleech11 | Vīrusu, spiegprogrammatūru un drošība | 24 | 20 decembris 2007 11:17 |
| Trojas zirgs un AVG | chuckeruk | Vīrusu, spiegprogrammatūru un drošība | 8 | 2 jūlijs 2007 10:02 |
| Thread Tools | |
| |
