|
|
#1
Rugsėjis 1, 2008, 12:51
|
|||
|
|||
HijackThis
Šis forget nieko svarbaus Ačiū Viešpatie, tik įdomu, jei Jums gali peržiūrėti thorugh jei jums minutės matyti, jei turiu bet nasties aš nežinojo, Thanks a bunch guys!
Logfile Trend Micro HijackThis v2.0.2 Skaitymo išsaugotas 20:42:25, on 01/09/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ PnkBstrA.exe C: \ Program Files \ CyberLink \ Shared files \ RichVideo.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe C: \ WINDOWS \ system32 \ LVCOMSX.EXE C: \ Program Files \ Logitech \ Video \ LogiTray.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ Program Files \ garo \ steam.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ system32 \ Ctfmon.exe C: \ Program Files \ Logitech \ Video \ FxSvr2.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe C: \ Program Files \ Windows Live \ Messenger \ usnsvc.exe C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe C: \ Program Files \ MessengerDiscovery \ MessengerDiscovery Live.exe C: \ Program Files \ Windows Live \ Kontaktai \ wlcomm.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Windows Media Player \ Wmplayer.exe C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe C: \ Program Files \ Logitech \ valdikliai \ SetPoint.exe C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.EXE C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://cbfsms.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = Naršyti **** į "Web R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyOverride = *. vietos F2 - REG: System.ini: UserInit = C: \ WINDOWS \ system32 \ userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [Kernel and Hardware abstraction Layer] KHALMNPR.EXE O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun O4 - HKLM \ .. \ Run: [LVCOMSX] C: \ WINDOWS \ system32 \ LVCOMSX.EXE O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Program Files \ Logitech \ Video \ ISStart.exe O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe O4 - HKLM \ .. \ Run: [Cmaudio] Rundll32 cmicnfg.cpl, CMICtrlWnd O4 - HKLM \ .. \ Run: [MSConfig] C: \ WINDOWS \ PCHealth \ HELPCTR \ binaries \ MSConfig.exe / Auto O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C: \ Program Files \ Logitech \ valdikliai \ SetPoint.exe O8 - Extra kontekstinio meniu punktą: E & Eksportuoti į "Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ EXCEL.EXE/3000 O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra button: Send to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra 'Tools' MENUITEM: S & end to OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ REFIEBAR.DLL O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: (1E54D648-B804-468d-BC78-4AFFED8E262E) (System Requirements Lab) -- http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasė) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab O16 - DPF: (67A5F8DC-1A4B-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.nvidia.com/content/Driver...sysreqlab2.cab O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://www.update.microsoft.com/micr...?1195685283109 O16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab O16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasė) -- http://messenger.zone.msn.com/binary...t.cab57213.cab O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klasė) -- http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O16 - DPF: (E6187999-9FEC-46A1-A20F-F4CA977D5643) (ZoneChess Object) -- http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 kontrolės tarnybos (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: ATI HotKey Rinkėjas - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: BrSplService (Brolis SPL XP Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - "Logitech, Inc - C: \ Program Files \ Common Files \ Logishrd \" Bluetooth \ LBTServ.exe O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe O23 - Service: Cyberlink RichVideo tarnybos (CRVS) (RichVideo) - Unknown owner - C: \ Program Files \ CyberLink \ Shared files \ RichVideo.exe -- End of file - 11.133 baitų Hope Theres nieko ir iš lėto bit mano P4 mesti .. |
|
#2
Rugsėjis 1, 2008, 13:25
|
|||
|
|||
|
HijackThis
Atsisiųsti Malwarebytes 'Anti-Malware (MBAM)
__________________
 |
|
#3
Rugsėjis 1, 2008, 15:19
|
|||
|
|||
|
HijackThis
Malwarebytes 'Anti-Malware 1,25
Duomenų bazės versija: 1103 Windows 5.1.2600 Service Pack 3 23:16:55 01/09/2008 mbam-log-09-01-2008 (23-16-55). Txt Scan Type: Quick Scan Objektai nuskaitomi: 51.583 Praėjęs laikas: 6 minutes (-ai), 29 second (s) Atminties procesai Infected: 0 Atminties moduliai Infected: 0 Registro raktus Infected: 0 Vertybių registrą Infected: 0 Registro duomenų elementų Infected: 0 Katalogai Infected: 0 Failai Infected: 0 Atminties procesai Infected: (Nr. kenksminga daiktų aptikti) Atminties moduliai Infected: (Nr. kenksminga daiktų aptikti) Registro raktus Infected: (Nr. kenksminga daiktų aptikti) Vertybių registrą Infected: (Nr. kenksminga daiktų aptikti) Registro duomenų elementų Infected: (Nr. kenksminga daiktų aptikti) Katalogai Infected: (Nr. kenksminga daiktų aptikti) Failai Infected: (Nr. kenksminga daiktų aptikti) |
|
#4
Rugsėjis 1, 2008, 15:23
|
|||
|
|||
|
HijackThis
Nėra jokių Prisijungti kenkėjiškų programų.
Ar žinote, kas tai yra? R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html
__________________
|
|
#5
Rugsėjis 2, 2008, 08:28
|
|||
|
|||
|
HijackThis
Taip, Winzy yra paieškos I used naudoti tthinking galėčiau gauti prizus nuo to, nieko nerimauti nėra
Cheers už jūsų laiką! 
|
|
#6
Rugsėjis 2, 2008, 11:46
|
|||
|
|||
|
HijackThis
Java yra pasenusi.
Senesnės versijos turi silpnąsias vietas, kad kenkėjiškų svetainių galima naudoti užkrėsti savo sistemą. Pirmiausia įdiekite naują Sun Java Runtime Environment Būtinai uždaryti visus naršyklės langus, prieš pradedant diegti. Pašalinti seną versiją (-ai)
Naudokite Secunia Software Inspector patikrinti pasenusios programinės įrangos.
---------- Pereiti į Microsoft Windows Update ir gauti visus kritinius saugumas atnaujinimus. (jums reikės naudoti "Internet Explorer tai padaryti)
__________________
|
