|
|
#1
1 septembris 2008, 12:51
|
|||
|
|||
HijackThis Log
Šajā isn't neko būtiski pateikties kungs, tikai jautājums, ja jūs varētu pārlūkot thorugh ja Jums minūtes, lai redzētu, vai man ir kādas nasties Es esmu neapzinās, paldies ķekars guys!
Logfile of Trend Micro HijackThis v2.0.2 Scan saglabāts 20:42:25, uz 01/09/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Running procesiem: C: \ WINDOWS \ System32 \ Smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ Windows \ Explorer.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ PnkBstrA.exe C: \ Program Files \ CyberLink \ Shared Files \ RichVideo.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe C: \ WINDOWS \ system32 \ LVCOMSX.EXE C: \ Program Files \ Logitech \ Video \ LogiTray.exe C: \ WINDOWS \ system32 \ RunDll32.exe C: \ Program Files \ tvaika \ steam.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Logitech \ Video \ FxSvr2.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ ccc.exe C: \ Program Files \ Windows Live \ Messenger \ usnsvc.exe C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe C: \ Program Files \ MessengerDiscovery \ MessengerDiscovery Live.exe C: \ Program Files \ Windows Live \ Kontakti \ wlcomm.exe C: \ Program Files \ iPod \ bin \ iPodService.exe c: \ Program Files \ Windows Media Player \ wmplayer.exe C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.EXE C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://cbfsms.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window title = Explore **** in 'Web R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet iestatījumi ProxyOverride = *. vietējo F2 - REG: SYSTEM.INI: Userinit = C: \ WINDOWS \ system32 \ userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - (72.853.161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O4 - HKLM \ .. \ Run: [Avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [Kernel un Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun O4 - HKLM \ .. \ Run: [LVCOMSX] C: \ WINDOWS \ system32 \ LVCOMSX.EXE O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Program Files \ Logitech \ Video \ ISStart.exe O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe O4 - HKLM \ .. \ Run: [Cmaudio] RunDll32 cmicnfg.cpl, CMICtrlWnd O4 - HKLM \ .. \ Run: [msconfig] C: \ WINDOWS \ PCHealth \ HelpCtr \ binaries \ MSConfig.exe / auto O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background O4 - HKUS \ S-1-5-19 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User "SISTĒMA") O4 - HKUS \. DEFAULT \ .. \ Run: [CTFMON.EXE] C: \ WINDOWS \ system32 \ CTFMON.EXE (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe Ø8 - ārpus konteksta menu item: E & ksportēt uz Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ EXCEL.EXE/3000 Ø9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll Ø9 - Extra 'Tools' MENUITEM: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll Ø9 - Extra button: Nosūtīt OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll Ø9 - Extra 'Tools' MENUITEM: S & galu OneNote - (2670000A-7350-4f3c-8.081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll Ø9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ REFIEBAR.DLL Ø9 - Extra button: (no name) - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe Ø9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20.001 - (e2e2dd38-d088-4.134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe Ø9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe Ø15 - Trusted Zona: http://asia.msi.com.tw Ø15 - Trusted Zona: http://global.msi.com.tw Ø15 - Trusted Zona: http://www.msi.com.tw Ø15 - Trusted Zona: http://download.windowsupdate.com Ø16 - DPF: (1E54D648-B804-468d-BC78-4AFFED8E262E) (System Requirements Lab) -- http://www.srtest.com/srl_bin/sysreqlab3.cab Ø16 - DPF: (20A60F0D-9AFA-4.515-A0FD-83BD84642501) (Dambrete klase) -- http://messenger.zone.msn.com/binary...r.cab56986.cab Ø16 - DPF: (48DD0448-9.209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab Ø16 - DPF: (4F1E5B1A-2A80-42CA-8.532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab Ø16 - DPF: (5D6F45B3-9.043-443D-A792-115447494D24) (UnoCtrl klase) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab Ø16 - DPF: (67A5F8DC-1A4b-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.nvidia.com/content/Driver...sysreqlab2.cab Ø16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab Ø16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klase) -- http://www.update.microsoft.com/micr...?1195685283109 Ø16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab Ø16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab Ø16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab Ø16 - DPF: (A90A5822-F108-45AD-8.482-9BC8B12DD539) (Izšķiroša cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab Ø16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220.313.175.592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab Ø16 - DPF: (BD393C14-72AD-4.790-A095-76522973D6B8) (CBreakshotControl klase) -- http://messenger.zone.msn.com/binary...t.cab57213.cab Ø16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klase) -- http://messenger.zone.msn.com/binary...t.cab56907.cab Ø16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444.553.540.000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab Ø16 - DPF: (E6187999-9FEC-46A1-A20F-F4CA977D5643) (ZoneChess Object) -- http://messenger.zone.msn.com/binary/Chess.cab57176.cab Ø16 - DPF: (E8F628B5-259A-4.734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4.636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll O23 - Service: Lavasoft Ad-Aware dienests (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: Avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Unknown īpašnieks - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: Avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: Avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: Avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: BrSplService (Brother XP SPL Service) - brālis Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Publisher \ FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc - C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTServ.exe O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe O23 - Service: PnkBstrA - Unknown īpašnieks - C: \ WINDOWS \ system32 \ PnkBstrA.exe O23 - Service: CyberLink RichVideo Service (CRVS) (RichVideo) - Unknown īpašnieks - C: \ Program Files \ CyberLink \ Shared Files \ RichVideo.exe -- End of failu - 11.133 bytes Hope theres neko un mazliet par lēnu ir mana P4 atmest .. |
|
#2
1 septembris 2008, 13:25
|
|||
|
|||
|
HijackThis Log
Lejupielādēt Malwarebytes "Anti-Malware (MBAM)
__________________
 |
|
#3
1 septembris 2008, 15:19
|
|||
|
|||
|
HijackThis Log
Malwarebytes "Anti-Malware 1,25
Database version: 1103 Windows 5.1.2600 Service Pack 3 23:16:55 01/09/2008 mbam-log-09-01-2008 (23-16-55). txt Scan type: Quick Scan Objekti skenēts: 51.583 Pagājušo laiku: 6 minūte (s), 29 second (s) Memory Processes Inficētie: 0 Memory Modules Inficētie: 0 Registry Keys Inficētie: 0 Reģistra vērtības Inficētie: 0 Registry Data Items Infected: 0 Mapes Inficētie: 0 Faili Inficētie: 0 Atmiņas procesi Inficētie: (No ļaunprātīgs preces konstatētas) Memory Modules Inficētie: (No ļaunprātīgs preces konstatētas) Registry Keys Inficētie: (No ļaunprātīgs preces konstatētas) Reģistra vērtības Inficētie: (No ļaunprātīgs preces konstatētas) Registry Data Items Infected: (No ļaunprātīgs preces konstatētas) Mapes Inficētie: (No ļaunprātīgs preces konstatētas) Faili Inficētie: (No ļaunprātīgs preces konstatētas) |
|
#4
1 septembris 2008, 15:23
|
|||
|
|||
|
HijackThis Log
Nav nekādas log malware.
Vai jūs zināt, kas tas ir? R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html
__________________
|
|
#5
Septembris 2, 2008, 08:28
|
|||
|
|||
|
HijackThis Log
Jā, Winzy ir meklētājprogramma, es mēdzu izmantot tthinking es varētu saņemt balvas no tā, nav jāuztraucas, ka
Cheers Jūsu laiku! 
|
|
#6
Septembris 2, 2008, 11:46
|
|||
|
|||
|
HijackThis Log
Java ir novecojis.
Vecākas versijas ir ievainojamības, ka ļaunprātīgas vietnes var izmantot, lai inficēt jūsu sistēmā. Vispirms instalēt jaunu Sun Java Runtime Environment Noteikti aizvērt visus pārlūkprogrammas logus, pirms sākt uzstādīšanu. Noņemt veco versiju (s)
Lietošanai Secunia Software Inspector lai pārbaudītu novecojis programmatūru.
---------- Doties uz Microsoft Windows Update un saņemt visu kritisko drošība atjauninājumus. (jums būs nepieciešams izmantot Internet Explorer do this)
__________________
|
