|
|
#1
6 novembris 2008, 02:16
| |||
| |||
 Vīruss: iexplore.exe kā sistēmu process Man šķiet, nevaram slēgt iexplore.exe, pat ja nav Windows Explorer atver. Reklāmas vienmēr pop laiku pa laikam. Es arī dzirdēt reklāmas balsis / trokšņi fonā. Tas ir kaitinošas, un es justos kā sistēmas darbības ir palēninājusies. Please help. Šis ir mans HijackThis log: Logfile of HijackThis v1.99.1 Scan saglabāts 4:15:28, par 11/6/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ Windows \ Explorer.exe C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe C: \ WINDOWS \ RTHDCPL.EXE C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ HP \ APPS \ 1.00.61 \ aaCenter.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ nokia \ MPAPI \ MPAPI3s.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ System32 \ PSIService.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Winamp \ winamp.exe C: \ Program Files \ Real \ RealPlayer \ RealPlay.exe C: \ WINDOWS \ system32 \ s1S8Dh6X.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ Program Files \ HijackThis \ HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6.641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll O2 - BHO: RealPlayer Download and Record Plugin Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe" O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ HP \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" O4 - HKLM \ .. \ Run: [Cpu Level Up palīdzēt] C: \ Program Files \ HP \ Ai Suite \ CpuLevelUpHelp.exe O4 - HKLM \ .. \ Run: [HP Energy Saving] "C: \ Program Files \ HP \ Ai Suite \ EnergySaving \ PwSave.exe" O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / starta O4 - HKLM \ .. \ Run: [Avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKCU \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ vietējie ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU " O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog Ø8 - ārpus konteksta izvēlnes vienums: Pievienot Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 Ø8 - ārpus konteksta menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing) Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) -% windir% \ Network Diagnostic \ xpnetdiag.exe (file missing) Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø10 - Unknown failu Winsock LSP: c: \ Program Files \ bonjour \ mdnsnsp.dll Ø11 - grupā Opcijas: [INTERNATIONAL] International * Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab Ø16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klase) -- http://www.update.microsoft.com/wind...?1224821007296 Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://www.update.microsoft.com/micr...?1224825458984 Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O18 - Protocol: livecall - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL O18 - Protocol: msnim - (828030A1-22C1-4009-854F-8E305202313F) - C: \ PROGRA ~ 1 \ MSNMES ~ 1 \ MSGRAP ~ 1.DLL Ø20 - Winlogon Paziņot: dimsntfy -% SystemRoot% \ System32 \ dimsntfy.dll (file missing) Ø20 - Winlogon Paziņot: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: WPDShServiceObj - (AAA288BA-9A4C-45B0-95D7-94D524869DB5) - C: \ WINDOWS \ system32 \ WPDShServiceObj.dll O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: Avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: Avast! Mail Scanner - Unknown īpašnieks - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe "/ service (file missing) O23 - Service: Avast! Web Scanner - Unknown īpašnieks - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe "/ service (file missing) O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown īpašnieks - C: \ WINDOWS \ System32 \ PSIService.exe O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe |
|
#2
6 novembris 2008, 09:37
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process Lejupielādēt CCleaner Slim un saglabājiet to savā datorā. Kad fails ir saglabāts, dodieties uz Desktop un veiciet dubultklikšķi uz ccsetupxxx_slim.exe Sekojiet norādēm, lai instalētu programmu. Pabeigtu uzstādīšanu, tad:
---------- Tagad uzstādīt jauno versiju HijackThis un pasta log no tā. Lejupielādēt TrendMicro HijackThis.exe (HJT) uz Desktop.
__________________  |
|
#3
6 novembris 2008, 16:19
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process I ilga CCleaner un pārinstalēta jaunā versija HijackThis. Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 6:18:15, par 11/6/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ Windows \ Explorer.exe C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe C: \ WINDOWS \ RTHDCPL.EXE C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ HP \ APPS \ 1.00.61 \ aaCenter.exe C: \ WINDOWS \ system32 \ RUNDLL32.EXE C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ nvsvc32.exe C: \ WINDOWS \ System32 \ PSIService.exe C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ s1S8Dh6X.exe C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ AcroRd32.exe C: \ PROGRA ~ 1 \ Common ~ 1 \ pcsuite \ DATALA ~ 1 \ DATALA ~ 1.EXE C: \ WINDOWS \ system32 \ conime.exe C: \ Program Files \ CCleaner \ CCleaner.exe C: \ Program Files \ Internet Explorer \ iexplore.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: IE2EMBHO Class - (0A0DDBD3-6.641-40B9-873F-BBDD26D6C14E) - C: \ Program Files \ easyMule \ modules \ IE2EM.dll O2 - BHO: RealPlayer Download and Record Plugin Internet Explorer - (3049C3E9-B461-4BC5-8870-4C09146192CA) - C: \ Program Files \ Real \ RealPlayer \ rpbrowserrecordplugin.dll O2 - BHO: (no name) - (7E853D72-626A-48EC-A868-BA8D5E23E045) - (no file) O4 - HKLM \ .. \ Run: [PHIME2002ASync] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / SYNC O4 - HKLM \ .. \ Run: [PHIME2002A] C: \ WINDOWS \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE / IMEName O4 - HKLM \ .. \ Run: [Ai Nap] "C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe" O4 - HKLM \ .. \ Run: [CPU Power Monitor] "C: \ Program Files \ HP \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" O4 - HKLM \ .. \ Run: [Cpu Level Up palīdzēt] C: \ Program Files \ HP \ Ai Suite \ CpuLevelUpHelp.exe O4 - HKLM \ .. \ Run: [HP Energy Saving] "C: \ Program Files \ HP \ Ai Suite \ EnergySaving \ PwSave.exe" O4 - HKLM \ .. \ Run: [Ulead AutoDetector v2] C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE O4 - HKLM \ .. \ Run: [TkBellExe] "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe"-osboot O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ qttask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [NvCplDaemon] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install O4 - HKLM \ .. \ Run: [NvMediaCenter] RUNDLL32.EXE C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" O4 - HKLM \ .. \ Run: [NSLauncher] C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe / starta O4 - HKLM \ .. \ Run: [Avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKCU \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [\ \ MING3 \ EPSON Stylus C120 Series] C: \ WINDOWS \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATIC CA.EXE / FU "C: \ DOCUME ~ 1 \ MKJ \ vietējie ~ 1 \ Temp \ E_S13.tmp "/ EF" HKCU " O4 - HKCU \ .. \ Run: [PcSync] C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe / NoDialog O4 - HKCU \ .. \ Run: [Uniblue RegistryBooster 2009] C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe / S O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User "SISTĒMA") O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ System32 \ CTFMON.EXE (User 'Default user') Ø8 - ārpus konteksta izvēlnes vienums: Pievienot Google Photos Screensa & ver - res: / / C: \ WINDOWS \ system32 \ GPhotos.scr/200 Ø8 - ārpus konteksta menu item: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø15 - ESC Trusted Zona: http:// *. update.microsoft.com Ø16 - DPF: (0CCA191D-13A6-4E29-B746-314DEE697D83) (Facebook Photo Uploader 5 Control) -- http://upload.facebook.com/controls/...oUploader5.cab Ø16 - DPF: (6414512B-B978-451D-A0D8-FCFDF33E833C) (WUWebControl klase) -- http://www.update.microsoft.com/wind...?1224821007296 Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://www.update.microsoft.com/micr...?1224825458984 Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O23 - Service: Apple Mobile Device - Apple Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: Avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: Avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: Avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: Google Updater Service (gusvc) - Google - C: \ Program Files \ Google \ Common \ Google Updater \ GoogleUpdaterService.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe O23 - Service: ProtexisLicensing - Unknown īpašnieks - C: \ WINDOWS \ System32 \ PSIService.exe O23 - Service: ServiceLayer - Nokia. - C: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe O23 - Service: Viewpoint Manager Service - Viewpoint Corporation - C: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe -- End of failu - 7.422 bytes Kāds ir nākamais solis? Thanks for your help. |
|
#4
6 novembris 2008, 16:53
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process Aizdomīgus failus skenēt Lūdzu, dodieties uz VirSCAN.org FREE on-line skenēšanas pakalpojumu (Ja vairāk nekā vienu failu vajadzībām skenētas tie jāveic atsevišķi un žurnāliem ievietojis katram vienam) 1. Nokopējiet un ielīmējiet turpmāk faila ceļu stāšanās Aizdomīgus failus skenēt rūtiņu lapas augšpusē. Kods: C: \ WINDOWS \ system32 \ s1S8Dh6X.exe 3. Prese Ctrl + V uz tastatūras (uz abiem vienlaicīgi), lai ielīmētu faila ceļu stājas logā. 4. Noklikšķiniet uz Upload pogu. Tas būs veikt skenēšanu vairākiem dažādu vīrusu skenēšanas dzinēji. Jūsu fails, iespējams, jāieraksta rindā, kas parasti aizņem mazāk nekā minūti, skaidrs. Svarīgi: Jāgaida visiem skanēšanas dzinēju lai to pabeigtu. 5. Kad skenēšana ir pabeigta ritiniet uz leju un noklikšķiniet uz Kopēt uz starpliktuvi pogu. Tas būs kopija saikne atskaiti starpliktuvē. 6. Paste no starpliktuves saturu nākamo atbildi.
__________________ |
|
#5
6 novembris 2008, 17:19
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process Šeit ir starpliktuves info par failu s1S8Dh6X.exe. File informācija Faila nosaukums: s1S8Dh6X.exeFile Izmērs: 62.464 byteFile tips PE32 izpildāmā for MS Windows (GUI) Intel 80.386 32 bitMD5: 895f4e2eed5a30e317460e66989042d0SHA1: 8d133ba222ce2d511ff28d900586e79041a8b4cfScanner rezultāti Skaneris rezultāti: 8% Scanner (3 / 39) konstatēts, malware! Laiks: 2008 / 11/06 19:15:08 (EST)Skeneris  Motors VerSig VerSig DatumsScan rezultātsLaiks-squared4.0.0.232008.11.032008-11-03--1.832AhnLab V32008.11.07.012008.11.072008-11-07-- 0.987AntiVir7.9.0.267.1.0.492008-11-06-- 1.503Antiy2.0.1820081106.15602992008-11-06-- 0.122Arcavir1.0.52008110611442008-11-06-- 1.227Authentium5.1.12008110611422008-11-06-- 1.367AVAST! 3.0.1081106-02008-11-06-- 0.725AVG7.5.52.442270.9.0/17722008-11-06Clicker.TXO 1.691BitDefender7.60825.20709477.217192008-11-07-- 3.401CA (VET) 9.0.0.14331.6.61952008-11-06-- 7.230ClamAV0.9485842008-11-07-- 0.021Comodo2.112.0.0.6992008-11-06-- 0.422CP Secure1.1.0.7152008.11.062008-11-06-- 6.447Dr.Web4.44.0.91702008.11.062008-11-06-- 3.465ewido4.0.0.22008.11.062008-11-06-- 3.024F-Prot4.4.4.56200811062008-11-06-- 1.293F-Secure5.51.61002008.11.06.112008-11-06-- 3.681Fortinet2.81-3.1179.6922008-11-06-- 0.215GData19.1393/19.94200811072008-11-07-- 2.739IkarusT3.1.01.452008.11.06.718072008-11-06-- 3.517JiangMin11.0.7062008.11.062008-11-06-- 1.312Kaspersky5.5.102008.11.062008-11-06-- 0.034KingSoft2008.9.8.182008.11.6.202008-11-06-- 0.690McAfee5.3.0054262008-11-06-- 2.352Microsoft1.41042008.11.072008-11-07-- 8.785mks_vir2.012008.11.062008-11-06-- 2.720Norman5.93.015.93.002008-11-06-- 5.480nProtect2008-11-06,0023828662008-11-06-- 5.379Panda9.05.012008.11.062008-11-06-- 3.744Quick Heal9.502008.09.122008-09-12-- 2.520Rising20.021.02.32.002008-11-06-- 3.054Sophos2.80.04.352008-11-07Mal / EncPk-CZ 1.881Sunbelt3.1.1783.223742008-11-04-- 1.058Symantec1.3.0.2420081106.0042008-11-06Infostealer 0.046The Hacker6.3.1.1v001432008-11-06-- 0.445Trend Micro8.700-10045.642.172008-11-06-- 0.028VBA323.12.8.920081106.17172008-11-06-- 1.390ViRobot200811052008.11.052008-11-05-- 0.398VirusBuster4.5.11.1010.90.27/6712492008-11-06-- 0.876Thanks |
|
#6
6 novembris 2008, 17:30
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process |
|
#7
6 novembris 2008, 17:39
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process Download ComboFix by subs no vienas no saitēm. Pārliecinieties top saglabājiet to Desktop. Link # 1 Link # 2 ** Piezīme: Ir svarīgi, ka tā ir saglabāta tieši jūsu Desktop Aizveriet visas atvērtās interneta pārlūkprogrammas. (Firefox, Internet Explorer uc) pirms uzsākt ComboFix. Laiku sakropļot jūsu antivīruss, Un jebkuru antispyware reāllaika aizsardzību pirms veic skenēšanu. Click šo saiti redzēt sarakstu drošības programmas, kas ir invalīdi un to, kā pārtraukt to darbību. Dubultklikšķi combofix.exe un sekojiet norādījumiem. Windows XP Systems instalēt Recovery Console: - Ja lietojat Windows XP un nav jau Recovery Console uzstādītas, lūdzu, pārliecinieties, jūsu interneta savienojums ir aktīvs (ja iespējams) un noklikšķiniet uz Jā. - Ja kaut kādu iemeslu dēļ interneta nedarbojas klikšķi Nē. -- Ja nelietojat Windows XP, jums netiks piedāvāts. - Kad mudināts piekrist EULA klikšķi OK. - Pieņemt Microsoft EULA (Click Jā). - Ja Jums ir teikts, ka RC ir uzstādīts pareizi klikšķi JĀ turpināt meklētu ļaunprātīgu programmatūru. Kad pabeigts ComboFix ražos log for you. Post ComboFix log Jūsu nākamo atbildi. Svarīgi: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt to apstāsies. Atcerieties, ka jauna aktivizētu jūsu antivīrusu un antispyware aizsardzību, ja ComboFix ir pabeigta.
__________________ |
|
#8
6 novembris 2008, 17:57
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process ComboFix Log ComboFix 08-11-05.02 - MKJ 2008-11-06 19:51:34.2 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.3144 [GMT -5:00] Sākot no: c: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe . ((((((((((((((((((((((((( Faili Created no 2008/10/07 līdz 2008/11/07 ))))))))))) )))))))))))))))))))) . 2008/11/06 18:15. 2008/11/06 18:15 <DIR> d -------- C: \ Program Files \ CCleaner 2008/11/06 03:51. 2008/11/06 03:51 <DIR> d -------- C: \ Program Files \ Trend Micro 2008/11/06 03:22. 2008/11/06 03:22 <DIR> d -------- C: \ Program Files \ Alwil Software 2008/11/06 02:10. 2008/11/06 02:10 <DIR> d -------- C: \ Program Files \ Reference Assemblies 2008/11/06 02:07. 2008/11/06 02:07 <DIR> dr-h ----- C: \ AHCache 2008/11/05 23:11. 2008/11/06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue 2008/11/05 22:05. 2008/11/05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes 2008/11/05 22:04. 2008/11/05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator 2008/11/05 16:34. 2008/11/05 16:34 <DIR> d -------- C: \ Program Files \ Xanga Uploader 2008/11/05 16:34. 2008/11/05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Program Files \ Malwarebytes "Anti-Malware 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes 2008/11/05 16:08. 2008/10/22 16:10 38.496 - ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2008/11/05 16:08. 2008/10/22 16:10 15.504 - ------ c: \ windows \ system32 \ drivers \ mbam.sys 2008/11/05 15:38. 2008/11/05 15:38 62.464 - ------ c: \ windows \ system32 \ s1S8Dh6X.exe 2008/11/01 16:18. 2008/11/01 16:18 <DIR> d -------- C: \ Windows \ system32 \ IOSUBSYS 2008/11/01 16:18. 2008/11/01 16:18 <DIR> d -------- C: \ Program Files \ Google 2008/10/28 02:00. 2008/10/28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4,0 2008/10/28 01:19. 2008/10/28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia 2008/10/28 01:19. 2008/10/28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer 2008/10/28 01:18. 2008/10/30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser 2008/10/28 00:55. 2008/10/28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX 2008/10/28 00:54. 2008/10/28 00:54 <DIR> d -------- C: \ Program Files \ Windows Media Components 2008/10/28 00:54. 2005/06/10 09:43 73.728 - ------ c: \ windows \ system32 \ ISUSPM.cpl 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ DIFX 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia 2008/10/28 00:50. 2008/10/28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite 2008/10/28 00:50. 2008/10/28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Iekārtas 2008/10/28 00:50. 2006/05/29 07:26 127.488 - ------ c: \ windows \ system32 \ drivers \ nmwcd.sys 2008/10/28 00:50. 2006/05/29 07:26 50.688 - ------ c: \ windows \ system32 \ nmwcdcls.dll 2008/10/28 00:50. 2006/05/29 07:26 30.720 - ------ c: \ windows \ system32 \ nmwcdcocls.dll 2008/10/28 00:50. 2006/05/29 07:26 13.312 - ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys 2008/10/28 00:50. 2006/05/29 07:26 13.312 - ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys 2008/10/28 00:50. 2006/05/29 07:26 8.704 - ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys 2008/10/28 00:50. 2006/05/29 07:26 4.608 - ------ c: \ windows \ system32 \ nmwcdlog.dll 2008/10/28 00:49. 2008/10/28 00:49 <DIR> d -------- C: \ windows \ Downloaded Iekārtas 2008/10/28 00:49. 2008/10/28 00:51 <DIR> d -------- C: \ Program Files \ Nokia 2008/10/28 00:49. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite 2008/10/27 23:54. 2008/10/27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON 2008/10/27 21:55. 2008/10/27 21:55 <DIR> d -------- C: \ Program Files \ Ventrilo 2008/10/27 21:55. 2008/10/27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008/10/27 21:55. 2008/10/27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo 2008/10/27 21:13. 2008/11/06 19:50 160.100 - ------ c: \ windows \ system32 \ nvapps.xml 2008/10/27 21:05. 2008/11/05 16:09 <DIR> da ------ c: \ Documents and Settings \ All Users \ Application Data \ TEMP 2008/10/26 23:48. 2008/11/06 05:29 <DIR> d -------- C: \ Program Files \ easyMule 2008/10/26 13:53. 2008/10/26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint 2008/10/25 19:37. 2008/10/25 19:37 <DIR> d -------- C: \ Program Files \ iPod 2008/10/25 19:37. 2008/10/25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer 2008/10/25 19:37. 2008/04/17 12:12 107.368 - ------ c: \ windows \ system32 \ GEARAspi.dll 2008/10/25 19:37. 2008/04/17 12:12 15.464 - ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime 2008/10/25 19:36. 2008/10/25 19:37 <DIR> d -------- C: \ Program Files \ iTunes 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer 2008/10/25 19:36. 2008/10/25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6) 2008/10/25 19:35. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple 2008/10/25 19:35. 2008/10/25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple 2008/10/24 18:11. 2007/07/30 18:19 271.224 - ------ c: \ windows \ system32 \ mucltui.dll 2008/10/24 18:11. 2007/07/30 18:19 30.072 - ------ c: \ windows \ system32 \ mucltui.dll.mui 2008/10/24 15:39. 2008/10/24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Real 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing dalītas 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real 2008/10/24 14:07. 2008/10/24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Baļķi 2008/10/24 13:59. 2008/10/24 13:59 <DIR> d -------- C: \ Baļķi 2008/10/24 10:05. 2008/10/27 21:15 <DIR> d -------- C: \ Windows \ nView 2008/10/24 10:05. 2008/01/10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe 2008/10/24 10:05. 2008/03/06 15:23 442.368 - ------ c: \ windows \ system32 \ NVUNINST.EXE 2008/10/24 10:05. 2008/03/19 04:04 442.368 - ------ c: \ windows \ system32 \ nvudisp.exe 2008/10/24 10:05. 2007/09/27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe 2008/10/24 10:05. 2008/01/03 17:26 17.737 - ------ c: \ windows \ system32 \ nvdisp.nvu 2008/10/24 10:05. 2007/10/12 03:53 13.312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys 2008/10/24 10:05. 2007/12/07 03:12 5.836 - ------ c: \ windows \ system32 \ nvnrm.nvu 2008/10/24 10:05. 2008/01/16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin 2008/10/24 10:05. 2007/12/07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu 2008/10/24 10:05. 2007/09/12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu 2008/10/24 10:04. 2008/10/23 22:44 35.647 - ------ c: \ windows \ Ascd_log.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Ziņojums )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008/11/06 10:37 --------- d ----- wc: \ Program Files \ AIMTunes 2008/11/04 21:36 --------- d ----- wc: \ Program Files \ World of Warcraft 2008/10/28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems 2008/10/28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems 2008/10/28 05:54 --------- d ----- wc: \ Program Files \ Ulead Systems 2008/10/28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems 2008/10/28 05:53 --------- d - h - wc: \ Program Files \ InstallShield Installation Information 2008/10/28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe 2008/10/24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll 2008/10/24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll 2008/10/24 14:51 --------- d ----- wc: \ Program Files \ Microsoft FrontPage 2008/10/24 07:55 --------- d ----- wc: \ Program Files \ MSN Messenger 2008/10/24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2 2008/10/24 05:44 --------- d ----- wc: \ Program Files \ Winamp 2008/10/24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp 2008/10/24 05:40 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ acccore 2008/10/24 05:39 --------- d ----- wc: \ Program Files \ AIM6 2008/10/24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads 2008/10/24 05:38 --------- d ----- wc: \ Program Files \ Viewpoint 2008/10/24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore 2008/10/24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment 2008/10/24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2 2008/10/24 05:10 --------- d ----- wc: \ Program Files \ DivX 2008/10/24 05:08 --------- d ----- wc: \ Program Files \ DefilerPak 2008/10/24 04:37 --------- d ----- wc: \ Program Files \ Realtek 2008/10/24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec 2008/10/24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared 2008/10/24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield 2008/10/24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield 2008/10/24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel 2008/10/24 03:33 --------- d ----- wc: \ Program Files \ HP 2008/10/24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe 2008/10/24 03:08 --------- d ----- wc: \ Program Files \ profils 2008/10/24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr 2008/09/23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll 2008/09/15 12:12 1.846.400 ---- aw c: \ windows \ system32 \ win32k.sys 2008/09/08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ srv.sys 2008/08/29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe 2008/08/29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll 2008/08/26 07:24 826.368 ---- aw c: \ windows \ system32 \ Wininet.dll 2008/08/14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe 2008/08/14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ Ntkrnlpa.exe . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti REGEDIT4 [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6.641-40B9-873F-BBDD26D6C14E)] 2008/10/23 02:37 147.928 - ------ c: \ Program Files \ easyMule \ modules \ IE2EM.dll [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "CTFMON.EXE" = "C: \ Windows \ system32 \ ctfmon.exe" [2008/04/13 15.360] "\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ Windows \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATICCA.EXE "[2007/03/12 182.272] "PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006/06/27 1.449.984] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "PHIME2002ASync" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004/08/04 455.168] "PHIME2002A" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004/08/04 455.168] "Ai Nap" = "C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe" [2008/01/28 1.413.120] "CPU Power Monitor" = "C: \ Program Files \ HP \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008/01/09 627.200] "Cpu Level Up Help" = "C: \ Program Files \ HP \ Ai Suite \ CpuLevelUpHelp.exe" [2007/11/30 881.152] "ASUS Energy Saving" = "C: \ Program Files \ HP \ Ai Suite \ EnergySaving \ PwSave.exe" [2008/01/28 1.352.704] "Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006/11/29 90.112] "TkBellExe" = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [2008/10/24 185.872] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008/09/06 413.696] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008/10/01 289.576] "NvCplDaemon" = "C: \ Windows \ system32 \ NvCpl.dll" [2008/01/03 13.508.608] "NvMediaCenter" = "C: \ Windows \ system32 \ NvMcTray. Dll" [2008/01/03 86.016] "Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" [2008/01/11 39.792] "NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006/11/28 2.658.304] "Avast!" = "C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp. exe" [2008/07/19 78.008] "RTHDCPL" = "RTHDCPL.EXE" [2008/05/07 c: \ windows \ RTHDCPL.exe] "nwiz" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "CTFMON.EXE" = "C: \ Windows \ System32 \ CTFMON.EXE" [2008/04/13 15.360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.dvacm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ vardarbības \ Dvacm.acm "msacm.divxa32" = DivXa32.acm "msacm.ulmp3acm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm "msacm.mpegacm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ AIM6 \ \ aim6.exe" = "C: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" = "C: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" = "C: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" = "C: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ easyMule \ \ emule.exe" = [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List] "3.724: TCP" = 3.724: TCP: Blizzard Downloader: 3.724 "12.178: TCP" = 12.178: TCP: BitComet 12.178 TCP "12.178: UDP" = 12.178: UDP: BitComet 12.178 UDP R1 aswSP; Avast! Self aizsardzību; c: \ windows \ system32 \ drivers \ aswSP.sys [2008/07/19 78.416] R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008/07/19 20.560] R2 Viewpoint Manager Service; Viewpoint Manager dienests c: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007/01/04 24.652] R3 NVHDA; dienests NVIDIA High Definition Audio Driver; c: \ windows \ system32 \ drivers \ nvhda32.sys [2008/05/04 38.560] . Saturs "Scheduled Tasks" mape 2008/11/01 c: \ windows \ Uzdevumi \ AppleSoftwareUpdate.job - C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008/07/30 11:34] 2008/11/06 c: \ windows \ Uzdevumi \ At1.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At10.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At11.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At12.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At13.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At14.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At15.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At16.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At17.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At18.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At19.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At2.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/07 c: \ windows \ Uzdevumi \ At20.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At21.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At22.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At23.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At24.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At3.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At4.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At5.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At6.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At7.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At8.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] 2008/11/06 c: \ windows \ Uzdevumi \ At9.job - C: \ windows \ system32 \ s1S8Dh6X.exe [2008/11/05 15:38] . - - - - Bāreņiem likvidētas - - - -- HKCU-Run-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe MSConfigStartUp-Uniblue RegistryBooster 2009 - C: \ Program Files \ Uniblue \ RegistryBooster \ RegistryBooster.exe . ------- Papildu Scan ------- . R0 -: HKCU-Main, Start Page = aptuveni: blank R1 -: HKCU-Internet Settings, ProxyOverride = *. vietējo Ø8 -: Pievienot Google Photos Screensa & ver - c: \ windows \ system32 \ GPhotos.scr/200 Ø8 -: Download by easyMule - C: \ Program Files \ easyMule \ IE2EM.htm . ************************************************** ************************ catchme 0.3.1367 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net Rootkit scan 2008/11/06 19:54:20 Windows 5.1.2600 Service Pack 3 NTFS skenēšana slēptās procesi ... skenēšana slēptās palaišana ieraksti ... skenēšana slēptos failus ... scan sekmīgi pabeigta slēptos failus: 0 ************************************************** ************************ . Pabeigšanas laiks: 2008/11/06 19:54:45 ComboFix-karantīnā-files.txt 2008/11/07 00:54:42 Pre-Run: 41621639168 bytes free Post-Run: 41699291136 bytes free 396 --- EOF --- 2008/10/28 07:00:21 |
|
#9
6 novembris 2008, 18:28
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process Piezīme: Instrukcijas turpmāk tika izveidota speciāli šim lietotājam. Ja Jums nav šī lietotāja, DO NOT ievērojiet šos norādījumus, jo tie varētu kaitēt jūsu sistēmas darbības principus Izdzēst šos failus / mapes, tas ir: 1. Doties uz Sākums > Skriet > Type Notepad.exe un noklikšķiniet uz OK atvērt Notepad. Tas vajag ir Notepad, nevis Wordpad. 2. Kopēt tekstu tālāk kodu ailē, uzsverot visu tekstu un nospiediet Ctrl + C Kods: Killall:: Fails: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Uzdevumi \ At1.job c: \ windows \ Uzdevumi \ At10.job c: \ windows \ Uzdevumi \ At11.job c: \ windows \ Uzdevumi \ At12.job c: \ windows \ Uzdevumi \ At13.job c: \ windows \ Uzdevumi \ At14.job c: \ windows \ Uzdevumi \ At15.job c: \ windows \ Uzdevumi \ At16.job c: \ windows \ Uzdevumi \ At17.job c: \ windows \ Uzdevumi \ At18.job c: \ windows \ Uzdevumi \ At19.job c: \ windows \ Uzdevumi \ At2.job c: \ windows \ Uzdevumi \ At20.job c: \ windows \ Uzdevumi \ At21.job c: \ windows \ Uzdevumi \ At22.job c: \ windows \ Uzdevumi \ At23.job c: \ windows \ Uzdevumi \ At24.job c: \ windows \ Uzdevumi \ At3.job c: \ windows \ Uzdevumi \ At4.job c: \ windows \ Uzdevumi \ At5.job c: \ windows \ Uzdevumi \ At6.job c: \ windows \ Uzdevumi \ At7.job c: \ windows \ Uzdevumi \ At8.job c: \ windows \ Uzdevumi \ At9.job 4. Pēc tam noklikšķiniet uz Fails > Glābt 5. Nosaukums failu CFScript.txt - Saglabāt failu darbvirsmā 6. Velciet CFScript (turiet peles kreiso pogu un velkot failu) un nometiet to (izlaide peles kreiso pogu) pārnes ComboFix.exe kā redzat attēlā zemāk. Svarīgi: Veic šo instrukciju uzmanīgi!  ComboFix sāks izpildīt, vienkārši sekojiet instrukcijām. Pēc reboot (ja tā lūdz atsāknēšana), tā sagatavos log for you. Post (Combofix.txt), kas ieiet jūsu nākamo atbildi. Piezīme: Nav mouseclick ComboFix loga kamēr tas darbojas. Tas var izraisīt sistēmas iesaldēt
__________________ |
|
#10
6 novembris 2008, 18:37
| |||
| |||
| Vīruss: iexplore.exe kā sistēmu process ComboFix Log ComboFix 08-11-05.02 - MKJ 2008-11-06 20:31:01.3 - NTFSx86 Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.2458 [GMT -5:00] Sākot no: c: \ Documents and Settings \ MKJ \ Desktop \ ComboFix.exe Komandu slēdžus izmanto:: c: \ Documents and Settings \ MKJ \ Desktop \ CFScript.txt * Izveido jaunu atjaunošanas punktu ATTĒLS: c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Uzdevumi \ At1.job c: \ windows \ Uzdevumi \ At10.job c: \ windows \ Uzdevumi \ At11.job c: \ windows \ Uzdevumi \ At12.job c: \ windows \ Uzdevumi \ At13.job c: \ windows \ Uzdevumi \ At14.job c: \ windows \ Uzdevumi \ At15.job c: \ windows \ Uzdevumi \ At16.job c: \ windows \ Uzdevumi \ At17.job c: \ windows \ Uzdevumi \ At18.job c: \ windows \ Uzdevumi \ At19.job c: \ windows \ Uzdevumi \ At2.job c: \ windows \ Uzdevumi \ At20.job c: \ windows \ Uzdevumi \ At21.job c: \ windows \ Uzdevumi \ At22.job c: \ windows \ Uzdevumi \ At23.job c: \ windows \ Uzdevumi \ At24.job c: \ windows \ Uzdevumi \ At3.job c: \ windows \ Uzdevumi \ At4.job c: \ windows \ Uzdevumi \ At5.job c: \ windows \ Uzdevumi \ At6.job c: \ windows \ Uzdevumi \ At7.job c: \ windows \ Uzdevumi \ At8.job c: \ windows \ Uzdevumi \ At9.job . ((((((((((((((((((((((((((((((((((((((( Citi Svītrojumi ))))))))) )))))))))))))))))))))))))))))))))))))))) . c: \ windows \ system32 \ s1S8Dh6X.exe c: \ windows \ Uzdevumi \ At1.job c: \ windows \ Uzdevumi \ At10.job c: \ windows \ Uzdevumi \ At11.job c: \ windows \ Uzdevumi \ At12.job c: \ windows \ Uzdevumi \ At13.job c: \ windows \ Uzdevumi \ At14.job c: \ windows \ Uzdevumi \ At15.job c: \ windows \ Uzdevumi \ At16.job c: \ windows \ Uzdevumi \ At17.job c: \ windows \ Uzdevumi \ At18.job c: \ windows \ Uzdevumi \ At19.job c: \ windows \ Uzdevumi \ At2.job c: \ windows \ Uzdevumi \ At20.job c: \ windows \ Uzdevumi \ At21.job c: \ windows \ Uzdevumi \ At22.job c: \ windows \ Uzdevumi \ At23.job c: \ windows \ Uzdevumi \ At24.job c: \ windows \ Uzdevumi \ At3.job c: \ windows \ Uzdevumi \ At4.job c: \ windows \ Uzdevumi \ At5.job c: \ windows \ Uzdevumi \ At6.job c: \ windows \ Uzdevumi \ At7.job c: \ windows \ Uzdevumi \ At8.job c: \ windows \ Uzdevumi \ At9.job . ((((((((((((((((((((((((( Faili Created no 2008/10/07 līdz 2008/11/07 ))))))))))) )))))))))))))))))))) . 2008/11/06 18:15. 2008/11/06 18:15 <DIR> d -------- C: \ Program Files \ CCleaner 2008/11/06 03:51. 2008/11/06 03:51 <DIR> d -------- C: \ Program Files \ Trend Micro 2008/11/06 03:22. 2008/11/06 03:22 <DIR> d -------- C: \ Program Files \ Alwil Software 2008/11/06 02:10. 2008/11/06 02:10 <DIR> d -------- C: \ Program Files \ Reference Assemblies 2008/11/06 02:07. 2008/11/06 02:07 <DIR> dr-h ----- C: \ AHCache 2008/11/05 23:11. 2008/11/06 02:12 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Uniblue 2008/11/05 22:05. 2008/11/05 22:05 <DIR> d -------- C: \ Documents and Settings \ Administrator \ Application Data \ Malwarebytes 2008/11/05 22:04. 2008/11/05 22:04 <DIR> d -------- C: \ Documents and Settings \ Administrator 2008/11/05 16:34. 2008/11/05 16:34 <DIR> d -------- C: \ Program Files \ Xanga Uploader 2008/11/05 16:34. 2008/11/05 16:34 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \. Xuploader 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Program Files \ Malwarebytes "Anti-Malware 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Malwarebytes 2008/11/05 16:08. 2008/11/05 16:08 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Malwarebytes 2008/11/05 16:08. 2008/10/22 16:10 38.496 - ------ c: \ windows \ system32 \ drivers \ mbamswissarmy.sys 2008/11/05 16:08. 2008/10/22 16:10 15.504 - ------ c: \ windows \ system32 \ drivers \ mbam.sys 2008/11/01 16:18. 2008/11/01 16:18 <DIR> d -------- C: \ Windows \ system32 \ IOSUBSYS 2008/11/01 16:18. 2008/11/01 16:18 <DIR> d -------- C: \ Program Files \ Google 2008/10/28 02:00. 2008/10/28 02:00 <DIR> d -------- C: \ Program Files \ MSXML 4,0 2008/10/28 01:19. 2008/10/28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Nokia 2008/10/28 01:19. 2008/10/28 01:19 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Datalayer 2008/10/28 01:18. 2008/10/30 05:43 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Phone Browser 2008/10/28 00:55. 2008/10/28 00:55 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ DivX 2008/10/28 00:54. 2008/10/28 00:54 <DIR> d -------- C: \ Program Files \ Windows Media Components 2008/10/28 00:54. 2005/06/10 09:43 73.728 - ------ c: \ windows \ system32 \ ISUSPM.cpl 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ DIFX 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ Nokia 2008/10/28 00:50. 2008/10/28 00:58 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ PC Suite 2008/10/28 00:50. 2008/10/28 00:58 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ PC Suite 2008/10/28 00:50. 2008/10/28 00:50 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Downloaded Iekārtas 2008/10/28 00:50. 2006/05/29 07:26 127.488 - ------ c: \ windows \ system32 \ drivers \ nmwcd.sys 2008/10/28 00:50. 2006/05/29 07:26 50.688 - ------ c: \ windows \ system32 \ nmwcdcls.dll 2008/10/28 00:50. 2006/05/29 07:26 30.720 - ------ c: \ windows \ system32 \ nmwcdcocls.dll 2008/10/28 00:50. 2006/05/29 07:26 13.312 - ------ c: \ windows \ system32 \ drivers \ nmwcdcm.sys 2008/10/28 00:50. 2006/05/29 07:26 13.312 - ------ c: \ windows \ system32 \ drivers \ nmwcdcj.sys 2008/10/28 00:50. 2006/05/29 07:26 8.704 - ------ c: \ windows \ system32 \ drivers \ nmwcdc.sys 2008/10/28 00:50. 2006/05/29 07:26 4.608 - ------ c: \ windows \ system32 \ nmwcdlog.dll 2008/10/28 00:49. 2008/10/28 00:49 <DIR> d -------- C: \ windows \ Downloaded Iekārtas 2008/10/28 00:49. 2008/10/28 00:51 <DIR> d -------- C: \ Program Files \ Nokia 2008/10/28 00:49. 2008/10/28 00:50 <DIR> d -------- C: \ Program Files \ Common Files \ pcsuite 2008/10/27 23:54. 2008/10/27 23:54 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ EPSON 2008/10/27 21:55. 2008/10/27 21:55 <DIR> d -------- C: \ Program Files \ Ventrilo 2008/10/27 21:55. 2008/10/27 21:55 <DIR> d -------- C: \ Program Files \ Common Files \ Wise Installation Wizard 2008/10/27 21:55. 2008/10/27 21:56 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Ventrilo 2008/10/27 21:13. 2008/11/06 20:34 160.100 - ------ c: \ windows \ system32 \ nvapps.xml 2008/10/27 21:05. 2008/11/05 16:09 <DIR> da ------ c: \ Documents and Settings \ All Users \ Application Data \ TEMP 2008/10/26 23:48. 2008/11/06 05:29 <DIR> d -------- C: \ Program Files \ easyMule 2008/10/26 13:53. 2008/10/26 13:53 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Viewpoint 2008/10/25 19:37. 2008/10/25 19:37 <DIR> d -------- C: \ Program Files \ iPod 2008/10/25 19:37. 2008/10/25 19:37 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Application Data \ Apple Computer 2008/10/25 19:37. 2008/04/17 12:12 107.368 - ------ c: \ windows \ system32 \ GEARAspi.dll 2008/10/25 19:37. 2008/04/17 12:12 15.464 - ------ c: \ windows \ system32 \ drivers \ GEARAspiWDM.sys 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ QuickTime 2008/10/25 19:36. 2008/10/25 19:37 <DIR> d -------- C: \ Program Files \ iTunes 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Bonjour 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Apple Software Update 2008/10/25 19:36. 2008/10/25 19:36 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple Computer 2008/10/25 19:36. 2008/10/25 19:37 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ (3276BE95_AF08_429F_A64F_CA64CB79BCF6) 2008/10/25 19:35. 2008/10/25 19:36 <DIR> d -------- C: \ Program Files \ Common Files \ Apple 2008/10/25 19:35. 2008/10/25 19:35 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Apple 2008/10/24 18:11. 2007/07/30 18:19 271.224 - ------ c: \ windows \ system32 \ mucltui.dll 2008/10/24 18:11. 2007/07/30 18:19 30.072 - ------ c: \ windows \ system32 \ mucltui.dll.mui 2008/10/24 15:39. 2008/10/24 15:39 <DIR> d -------- C: \ Documents and Settings \ All Users \ Application Data \ Blizzard 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Real 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ xing dalītas 2008/10/24 14:24. 2008/10/24 14:24 <DIR> d -------- C: \ Program Files \ Common Files \ Real 2008/10/24 14:07. 2008/10/24 14:07 <DIR> d -------- C: \ Documents and Settings \ MKJ \ Baļķi 2008/10/24 13:59. 2008/10/24 13:59 <DIR> d -------- C: \ Baļķi 2008/10/24 10:05. 2008/10/27 21:15 <DIR> d -------- C: \ Windows \ nView 2008/10/24 10:05. 2008/01/10 01:30 442.368-ra ------ c: \ windows \ system32 \ nvusmb.exe 2008/10/24 10:05. 2008/03/06 15:23 442.368 - ------ c: \ windows \ system32 \ NVUNINST.EXE 2008/10/24 10:05. 2008/03/19 04:04 442.368 - ------ c: \ windows \ system32 \ nvudisp.exe 2008/10/24 10:05. 2007/09/27 22:32 356.352-ra ------ c: \ windows \ system32 \ nvusmu.exe 2008/10/24 10:05. 2008/01/03 17:26 17.737 - ------ c: \ windows \ system32 \ nvdisp.nvu 2008/10/24 10:05. 2007/10/12 03:53 13.312-ra ------ c: \ windows \ system32 \ drivers \ nvsmu.sys 2008/10/24 10:05. 2007/12/07 03:12 5.836 - ------ c: \ windows \ system32 \ nvnrm.nvu 2008/10/24 10:05. 2008/01/16 17:17 3.948-ra ------ c: \ windows \ system32 \ drivers \ nvphy.bin 2008/10/24 10:05. 2007/12/07 01:34 2.016-ra ------ c: \ windows \ system32 \ nvsmb.nvu 2008/10/24 10:05. 2007/09/12 01:14 659-ra ------ c: \ windows \ system32 \ nvsmu.nvu 2008/10/24 10:04. 2008/10/23 22:44 35.647 - ------ c: \ windows \ Ascd_log.ini . (((((((((((((((((((((((((((((((((((((((( Find3M Ziņojums )))))))) )))))))))))))))))))))))))))))))))))))))))))) . 2008/11/06 10:37 --------- d ----- wc: \ Program Files \ AIMTunes 2008/11/04 21:36 --------- d ----- wc: \ Program Files \ World of Warcraft 2008/10/28 05:55 --------- d ----- wc: \ Program Files \ Common Files \ Ulead Systems 2008/10/28 05:55 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Ulead Systems 2008/10/28 05:54 --------- d ----- wc: \ Program Files \ Ulead Systems 2008/10/28 05:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Ulead Systems 2008/10/28 05:53 --------- d - h - wc: \ Program Files \ InstallShield Installation Information 2008/10/28 05:02 --------- d ----- wc: \ Program Files \ Common Files \ Adobe 2008/10/24 19:24 499.712 ---- aw c: \ windows \ system32 \ msvcp71.dll 2008/10/24 19:24 348.160 ---- aw c: \ windows \ system32 \ msvcr71.dll 2008/10/24 14:51 --------- d ----- wc: \ Program Files \ Microsoft FrontPage 2008/10/24 07:55 --------- d ----- wc: \ Program Files \ MSN Messenger 2008/10/24 06:09 --------- d ----- wc: \ Program Files \ Microsoft CAPICOM 2.1.0.2 2008/10/24 05:44 --------- d ----- wc: \ Program Files \ Winamp 2008/10/24 05:44 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ Winamp 2008/10/24 05:40 --------- d ----- wc: \ Documents and Settings \ MKJ \ Application Data \ acccore 2008/10/24 05:39 --------- d ----- wc: \ Program Files \ AIM6 2008/10/24 05:39 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL Downloads 2008/10/24 05:38 --------- d ----- wc: \ Program Files \ Viewpoint 2008/10/24 05:38 --------- d ----- wc: \ Program Files \ Common Files \ AOL 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Viewpoint 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL OCP 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ AOL 2008/10/24 05:38 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ acccore 2008/10/24 05:32 --------- d ----- wc: \ Program Files \ Common Files \ Blizzard Entertainment 2008/10/24 05:20 --------- d ----- wc: \ Program Files \ Windows Media Connect 2 2008/10/24 05:10 --------- d ----- wc: \ Program Files \ DivX 2008/10/24 05:08 --------- d ----- wc: \ Program Files \ DefilerPak 2008/10/24 04:37 --------- d ----- wc: \ Program Files \ Realtek 2008/10/24 04:33 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Symantec 2008/10/24 04:18 --------- d ----- wc: \ Program Files \ Common Files \ Symantec Shared 2008/10/24 03:58 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ InstallShield 2008/10/24 03:57 --------- d ----- wc: \ Program Files \ Common Files \ InstallShield 2008/10/24 03:54 --------- d ----- wc: \ Documents and Settings \ All Users \ Application Data \ Corel 2008/10/24 03:33 --------- d ----- wc: \ Program Files \ HP 2008/10/24 03:08 315.392 ---- aw c: \ windows \ HideWin.exe 2008/10/24 03:08 --------- d ----- wc: \ Program Files \ profils 2008/10/24 00:18 2.302.017 ---- aw c: \ windows \ system32 \ GPhotos.scr 2008/09/23 22:46 245.408 ---- aw c: \ windows \ system32 \ unicows.dll 2008/09/15 12:12 1.846.400 ---- aw c: \ windows \ system32 \ win32k.sys 2008/09/08 10:41 333.824 ---- aw c: \ windows \ system32 \ drivers \ srv.sys 2008/08/29 14:18 87.336 ---- aw c: \ windows \ system32 \ dns-sd.exe 2008/08/29 13:53 61.440 ---- aw c: \ windows \ system32 \ dnssd.dll 2008/08/26 07:24 826.368 ---- aw c: \ windows \ system32 \ Wininet.dll 2008/08/14 10:09 2.145.280 ---- aw c: \ windows \ system32 \ ntoskrnl.exe 2008/08/14 09:33 2.023.936 ---- aw c: \ windows \ system32 \ Ntkrnlpa.exe . ((((((((((((((((((((((((((((( Snapshot@2008-11-06_19.54.31.75 )))))))))) ))))))))))))))))))))))))))))))) . - 2008/11/06 23:26:54 49.198 ---- aw c: \ windows \ system32 \ perfc009.dat + 2008/11/07 00:54:48 49.198 ---- aw c: \ windows \ system32 \ perfc009.dat - 2008/11/06 23:26:54 390.094 ---- aw c: \ windows \ system32 \ perfh009.dat + 2008/11/07 00:54:48 390.094 ---- aw c: \ windows \ system32 \ perfh009.dat + 2008/11/07 01:33:47 16.384 ---- Rokām un nagiem c: \ windows \ Temp \ Perflib_Perfdata_584.dat . ((((((((((((((((((((((((((((((((((((( Reg Loading Points )))))))))) )))))))))))))))))))))))))))))))))))))))) . . * Piezīme * tukši ieraksti & legit default ieraksti netiek parādīti REGEDIT4 [HKEY_LOCAL_MACHINE \ ~ \ Browser Helper Objects \ (0A0DDBD3-6.641-40B9-873F-BBDD26D6C14E)] 2008/10/23 02:37 147.928 - ------ c: \ Program Files \ easyMule \ modules \ IE2EM.dll [HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ Curre ntVersion \ Run] "CTFMON.EXE" = "C: \ Windows \ system32 \ ctfmon.exe" [2008/04/13 15.360] "\ \ MING3 \ EPSON Stylus C120 Series "=" C: \ Windows \ System32 \ spool \ drivers \ W32X86 \ 3 \ E_FATICCA.EXE "[2007/03/12 182.272] "PcSync" = "C: \ Program Files \ Nokia \ Nokia PC Suite 6 \ PcSync2.exe" [2006/06/27 1.449.984] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows \ Curr entVersion \ Run] "PHIME2002ASync" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TINTSETP.EXE" [2004/08/04 455.168] "PHIME2002A" = "C: \ Windows \ System32 \ IME \ TINTLGNT \ TIN TSETP.EXE" [2004/08/04 455.168] "Ai Nap" = "C: \ Program Files \ HP \ Ai Suite \ AiNap \ AiNap.exe" [2008/01/28 1.413.120] "CPU Power Monitor" = "C: \ Program Files \ HP \ Ai Suite \ AiGear3 \ CpuPowerMonitor.exe" [2008/01/09 627.200] "Cpu Level Up Help" = "C: \ Program Files \ HP \ Ai Suite \ CpuLevelUpHelp.exe" [2007/11/30 881.152] "ASUS Energy Saving" = "C: \ Program Files \ HP \ Ai Suite \ EnergySaving \ PwSave.exe" [2008/01/28 1.352.704] "Ulead AutoDetector v2" = "C: \ Program Files \ Common Files \ Ulead Systems \ AutoDetector \ monitor.exe" [2006/11/29 90.112] "TkBellExe" = "C: \ Program Files \ Common Files \ Real \ Update_OB \ realsched.exe" [2008/10/24 185.872] "QuickTime Task" = "C: \ Program Files \ QuickTime \ qttask.exe" [2008/09/06 413.696] "iTunesHelper" = "C: \ Program Files \ iTunes \ iTunesHelper.exe" [2008/10/01 289.576] "NvCplDaemon" = "C: \ Windows \ system32 \ NvCpl.dll" [2008/01/03 13.508.608] "NvMediaCenter" = "C: \ Windows \ system32 \ NvMcTray. Dll" [2008/01/03 86.016] "Adobe Reader Speed Launcher" = "C: \ Program Files \ Adobe \ Reader 8,0 \ Reader \ Reader_sl.exe" [2008/01/11 39.792] "NSLauncher" = "C: \ Program Files \ Nokia \ Nokia Software Launcher \ NSLauncher.exe" [2006/11/28 2.658.304] "RTHDCPL" = "RTHDCPL.EXE" [2008/05/07 c: \ windows \ RTHDCPL.exe] "nwiz" = "nwiz.exe" [2008/01/03 c: \ windows \ system32 \ nwiz.exe] [HKEY_USERS \. DEFAULT \ Software \ Microsoft \ Windows \ Cur rentVersion \ Run] "CTFMON.EXE" = "C: \ Windows \ System32 \ CTFMON.EXE" [2008/04/13 15.360] [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ drivers32] "msacm.dvacm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ vardarbības \ Dvacm.acm "msacm.divxa32" = DivXa32.acm "msacm.ulmp3acm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ ulmp3acm.acm "msacm.mpegacm" = c: \ PROGRA ~ 1 \ Common ~ 1 \ ULEADS ~ 1 \ MPEG \ mpegacm.acm [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnet3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx30SP1setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx35 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3setup [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx3_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ dotnetfx [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx20SP2_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx30SP1_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_ia64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx35_x86 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64.exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64 [1]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Windows NT \ CurrentVersion \ image file izpildes iespējām \ NetFx64 [2]. Exe] "Debugger" = c: \ windows \ Microsoft.NET \ Framework \ v2.0 ,50727 \ DotNetFxInstallBlock.exe [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ AuthorizedApplications \ List] "% windir% \ \ system32 \ \ sessmgr.exe" = "% windir% \ \ Network Diagnostic \ \ xpnetdiag.exe" = "C: \ \ Program Files \ \ Common Files \ \ AOL \ \ Loader \ \ aolload.exe" = "C: \ \ Program Files \ \ AIM6 \ \ aim6.exe" = "C: \ \ Program Files \ \ World of Warcraft \ \ WoW-2.3.0-enUS-downloader.exe" = "C: \ \ Program Files \ \ MSN Messenger \ \ msnmsgr.exe" = "C: \ \ Program Files \ \ MSN Messenger \ \ livecall.exe" = "C: \ \ Program Files \ \ Bonjour \ \ mDNSResponder.exe" = "C: \ \ Program Files \ \ iTunes \ \ iTunes.exe" = "C: \ \ Program Files \ \ easyMule \ \ emule.exe" = [HKLM \ ~ \ Services \ sharedaccess \ Parameters \ firewallpo licy \ standardprofile \ GloballyOpenPorts \ List] "3.724: TCP" = 3.724: TCP: Blizzard Downloader: 3.724 "12.178: TCP" = 12.178: TCP: BitComet 12.178 TCP "12.178: UDP" = 12.178: UDP: BitComet 12.178 UDP R1 aswSP; Avast! Self aizsardzību; c: \ windows \ system32 \ drivers \ aswSP.sys [2008/07/19 78.416] R2 aswFsBlk; aswFsBlk c: \ windows \ system32 \ drivers \ aswF sBlk.sys [2008/07/19 20.560] R2 Viewpoint Manager Service; Viewpoint Manager dienests c: \ Program Files \ Viewpoint \ Common \ ViewpointService.exe [2007/01/04 24.652] R3 NVHDA; dienests NVIDIA High Definition Audio Driver; c: \ windows \ system32 \ drivers \ nvhda32.sys [2008/05/04 38.560] . Saturs "Scheduled Tasks" mape 2008/11/01 c: \ windows \ Uzdevumi \ AppleSoftwareUpdate.job - C: \ Program Files \ Apple Software Update \ SoftwareUpdate.exe [2008/07/30 11:34] . ************************************************** ************************ catchme 0.3.1367 W2K/XP/Vista - rootkit / Stealth malware detektoru, ar Gmer, http://www.gmer.net Rootkit scan 2008/11/06 20:34:11 Windows 5.1.2600 Service Pack 3 NTFS skenēšana slēptās procesi ... skenēšana slēptās palaišana ieraksti ... skenēšana slēptos failus ... scan sekmīgi pabeigta slēptos failus: 0 ************************************************** ************************ . ------------------------ Citi Running Processes ----------------------- -- . c: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe c: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe c: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe c: \ Program Files \ Bonjour \ mDNSResponder.exe c: \ windows \ system32 \ nvsvc32.exe c: \ windows \ system32 \ PSIService.exe c: \ Program Files \ HP \ APPS \ 1.00.61 \ aaCenter.exe c: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe c: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe c: \ windows \ system32 \ rundll32.exe c: \ Program Files \ iPod \ bin \ iPodService.exe c: \ Program Files \ Common Files \ pcsuite \ Services \ ServiceLayer.exe c: \ PROGRA ~ 1 \ Common ~ 1 \ nokia \ MPAPI \ MPAPI3s.exe . ************************************************** ************************ . Pabeigšanas laiks: 2008/11/06 20:36:06 - mašīna bija rebooted ComboFix-karantīnā-files.txt 2008/11/07 01:36:02 ComboFix2.txt 2008/11/07 00:54:46 Pre-Run: 41668276224 bytes free Post-Run: 41678303232 bytes free 418 --- EOF --- 2008/10/28 07:00:21 Pateicība |
 |
 |
| Bookmarks |
Similar Threads | ||||
| Pavediens | Thread Starter | Forums | Replies | Last Post |
| System Idle Process Mazāks par vai vienāds ar 99 Cpu | sgonzalez90 | Windows Operating Systems | 4 | 6 aprīlis 2009 14:50 |
| System idle process - Windows Task Manager | pest79456 | Windows Operating Systems | 3 | 8 februāris 2009 09:20 |
| Uzklikšķinot, skaņas un slēptās iexplore.exe process | ad hoc | Vīrusu, spiegprogrammatūru un drošība | 5 | 7 oktobris 2008 18:44 |
| Iexplore.exe sistēma vīrusu? HijackThis log, lūdzu izskatu. | samDd | Vīrusu, spiegprogrammatūru un drošība | 4 | 29 septembris 2008 17:13 |
| Problēmas ar logus un iexplore ekspluatācijas process | 1carly1 | Vīrusu, spiegprogrammatūru un drošība | 3 | 15 februāris 2008 10:36 |
| Thread Tools | |
| |
