|
| |||||||
| Zarejestruj się | Strona Spy | Lista Użytkowników | Darowizna | Szukać | Dzisiejsze Posty | Mark Forums Read | Regulamin forum |
 |
 |
| | Narzędzia wątku |
|
#1
1-cia Wrz 2008, 12:51
| |||
| |||
| To wszystko ważne isnt podziękować panu, po prostu zastanawiasz się, jeśli mogą mieć Ludzie thorugh jeśli otrzymasz minut, aby sprawdzić, czy mam jakiekolwiek nasties jestem nieświadomy, thanks a bunch faceci! Logfile of Trend Micro HijackThis v2.0.2 Skanowanie zapisany na 20:42:25, na 01/09/2008 Platforma: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Boot mode: Normal Uruchamianie procesów: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ Services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MsMpEng.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe C: \ WINDOWS \ explorer.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ spoolsv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe C: \ Program Files \ Bonjour \ mDNSResponder.exe C: \ WINDOWS \ system32 \ PnkBstrA.exe C: \ Program Files \ CyberLink \ Shared files \ richvideo.exe C: \ WINDOWS \ system32 \ svchost.exe C: \ Program Files \ Windows Defender \ MSASCui.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ MOM.exe C: \ WINDOWS \ system32 \ LVCOMSX.EXE C: \ Program Files \ Logitech \ Video \ LogiTray.exe C: \ WINDOWS \ system32 \ Rundll32.exe C: \ Program Files \ parą \ steam.exe C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe C: \ WINDOWS \ system32 \ ctfmon.exe C: \ Program Files \ Logitech \ Video \ FxSvr2.exe C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CCC.exe C: \ Program Files \ Windows Live \ Messenger \ usnsvc.exe C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe C: \ Program Files \ MessengerDiscovery \ MessengerDiscovery Live.exe C: \ Program Files \ Windows Live \ Kontakt \ wlcomm.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ Windows Media Player \ wmplayer.exe C: \ WINDOWS \ Microsoft.NET \ Framework \ v3.0 \ Windows Communication Foundation \ infocard.exe C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe C: \ Program Files \ Common Files \ Logishrd \ KHAL2 \ KHALMNPR.EXE C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://cbfsms.com/ R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Window Title = zbadania **** w "Web R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, ProxyOverride = *. lokalnych F2 - REG: system.ini: Userinit = C: \ WINDOWS \ system32 \ userinit.exe O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll O2 - BHO: Groove GFS Browser Helper - (72853161-30C5-4D22-B7F9-0BBC1D38A37E) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveShellExtensions.dll O2 - BHO: SSVHelper Class - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll O4 - HKLM \ .. \ Run: [avast!] C: \ PROGRA ~ 1 \ ALWILS ~ 1 \ Avast4 \ ashDisp.exe O4 - HKLM \ .. \ Run: [Kernel i Hardware Abstraction Layer] KHALMNPR.EXE O4 - HKLM \ .. \ Run: [Windows Defender] "C: \ Program Files \ Windows Defender \ MSASCui.exe"-hide O4 - HKLM \ .. \ Run: [StartCCC] "C: \ Program Files \ ATI Technologies \ ATI.ACE \ Core-Static \ CLIStart.exe" MSRun O4 - HKLM \ .. \ Run: [LVCOMSX] C: \ WINDOWS \ system32 \ LVCOMSX.EXE O4 - HKLM \ .. \ Run: [LogitechVideoRepair] C: \ Program Files \ Logitech \ Video \ ISStart.exe O4 - HKLM \ .. \ Run: [igfxtray] C: \ WINDOWS \ system32 \ igfxtray.exe O4 - HKLM \ .. \ Run: [igfxhkcmd] C: \ WINDOWS \ system32 \ hkcmd.exe O4 - HKLM \ .. \ Run: [Cmaudio] Rundll32 cmicnfg.cpl, CMICtrlWnd O4 - HKLM \ .. \ Run: [narzędzia MSConfig] C: \ WINDOWS \ PCHealth \ HelpCtr \ Binaries \ Msconfig.exe / auto O4 - HKCU \ .. \ Run: [ctfmon.exe] C: \ WINDOWS \ system32 \ ctfmon.exe O4 - HKCU \ .. \ Run: [msnmsgr] "C: \ Program Files \ Windows Live \ Messenger \ msnmsgr.exe" / background O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL SERVICE') O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'NETWORK SERVICE') O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM') O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user') O4 - Global Startup: Logitech SetPoint.lnk = C: \ Program Files \ Logitech \ SetPoint \ SetPoint.exe O8 - Extra kontekście menu: E & ksportuj do programu Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ EXCEL.EXE/3000 O9 - Extra button: (no name) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll O9 - Extra button: Wyślij do programu OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra 'Tools' menuitem: S & end do programu OneNote - (2670000A-7350-4f3c-8081-5663EE0C6C49) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ ONBttnIE.dll O9 - Extra button: Research - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office12 \ REFIEBAR.DLL O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra 'Tools' menuitem: @ Xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O15 - Trusted Zone: http://asia.msi.com.tw O15 - Trusted Zone: http://global.msi.com.tw O15 - Trusted Zone: http://www.msi.com.tw O15 - Trusted Zone: http://download.windowsupdate.com O16 - DPF: (1E54D648-B804-468d-BC78-4AFFED8E262E) (System Requirements Lab) -- http://www.srtest.com/srl_bin/sysreqlab3.cab O16 - DPF: (20A60F0D-9AFA-4515-A0FD-83BD84642501) (Checkers Class) -- http://messenger.zone.msn.com/binary...r.cab56986.cab O16 - DPF: (48DD0448-9209-4F81-9F6D-D83562940134) (MySpace Uploader Control) -- http://lads.myspace.com/upload/MySpaceUploader1006.cab O16 - DPF: (4F1E5B1A-2A80-42CA-8532-2D05CB959537) (MSN Photo Upload Tool) -- http://gfx1.hotmail.com/mail/w2/resources/MSNPUpld.cab O16 - DPF: (5D6F45B3-9043-443D-A792-115447494D24) (UnoCtrl klasy) -- http://messenger.zone.msn.com/EN-GB/.../GAME_UNO1.cab O16 - DPF: (67A5F8DC-1A4B-4D66-9F24-A704AD929EEE) (System Requirements Lab) -- http://www.nvidia.com/content/Driver...sysreqlab2.cab O16 - DPF: (67DABFBF-D0AB-41FA-9C46-CC0F21721616) (DivXBrowserPlugin Object) -- http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1195685283109 O16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab O16 - DPF: (8167C273-DF59-4416-B647-C8BB2C7EE83E) (WebSDev Control) -- http://liveupdate.msi.com.tw/autobio...ne/install.cab O16 - DPF: (8AD9C840-044E-11D1-B3E9-00805F499D93) (Java Runtime Environment 1.6.0) -- http://javadl-esd.sun.com/update/1.6...ws-i586-jc.cab O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Crucial cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab O16 - DPF: (B8BE5E93-A60C-4D26-A2DC-220313175592) (MSN Games - Installer) -- http://messenger.zone.msn.com/binary...o.cab56649.cab O16 - DPF: (BD393C14-72AD-4790-A095-76522973D6B8) (CBreakshotControl klasy) -- http://messenger.zone.msn.com/binary...t.cab57213.cab O16 - DPF: (C3F79A2B-B9B4-4A66-B012-3EE46475B072) (MessengerStatsClient klasy) -- http://messenger.zone.msn.com/binary...t.cab56907.cab O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab O16 - DPF: (E6187999-9FEC-46A1-A20F-F4CA977D5643) (ZoneChess Object) -- http://messenger.zone.msn.com/binary/Chess.cab57176.cab O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://plugin.driveragent.com/files/driveragent.cab O18 - Protocol: grooveLocalGWS - (88FED34C-F0CA-4636-A375-3CB6248B04CD) - C: \ Program Files \ Microsoft Office \ Office12 \ GrooveSystemServices.dll O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C: \ Program Files \ Lavasoft \ Ad-Aware \ aawservice.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ aswUpdSv.exe O23 - Service: Ati Hotkey Poller - ATI Technologies Inc - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: ATI Smart - Unknown owner - C: \ WINDOWS \ system32 \ ati2sgag.exe O23 - Service: avast! Antivirus - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashServ.exe O23 - Service: avast! Mail Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashMaiSv.exe O23 - Service: avast! Web Scanner - ALWIL Software - C: \ Program Files \ Alwil Software \ Avast4 \ ashWebSv.exe O23 - Service: Bonjour Service - Apple Inc - C: \ Program Files \ Bonjour \ mDNSResponder.exe O23 - Service: BrSplService (Brother XP spl Service) - brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C: \ Program Files \ Common Files \ Macrovision Shared \ FLEXnet Wydawnictwo \ FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: Logitech Bluetooth Service (LBTServ) - Logitech, Inc - C: \ Program Files \ Common Files \ Logishrd \ Bluetooth \ LBTServ.exe O23 - Service: NBService - Nero AG - C: \ Program Files \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe O23 - Service: NMIndexingService - Nero AG - C: \ Program Files \ Common Files \ Ahead \ Lib \ NMIndexingService.exe O23 - Service: PnkBstrA - Unknown owner - C: \ WINDOWS \ system32 \ PnkBstrA.exe O23 - Service: Cyberlink RichVideo Service (CRVS) (RichVideo) - Unknown owner - C: \ Program Files \ CyberLink \ Shared files \ richvideo.exe -- Koniec pliku - 11133 bajtów Nadzieja theres nothing i trochę powolność jest mój P4 rezygnację .. |
|
#2
1-cia Wrz 2008, 13:25
| |||
| |||
| Pobrać Malwarebytes' Anti-Malware (MBAM)
__________________  |
|
#3
1-cia Wrz 2008, 15:19
| |||
| |||
| Malwarebytes' Anti-Malware 1.25 Baza wersji: 1103 Windows 5.1.2600 Service Pack 3 23:16:55 01/09/2008 mbam-log-09-01-2008 (23-16-55). txt Scan type: Quick Scan Obiekty skanowane: 51583 Czas, jaki upłynął: 6 minut (y), 29 sekund (y) Memory Processes Infected: 0 Memory Modules Infected: 0 Zainfekowane klucze rejestru: 0 Zainfekowane wartości rejestru: 0 Danych Rejestru przedmioty Infected: 0 Foldery Infected: 0 Pliki Infected: 0 Memory Processes Infected: (Nie wykryto złośliwego pozycji) Memory Modules Infected: (Nie wykryto złośliwego pozycji) Zainfekowane klucze rejestru: (Nie wykryto złośliwego pozycji) Zainfekowane wartości rejestru: (Nie wykryto złośliwego pozycji) Danych Rejestru przedmioty Infected: (Nie wykryto złośliwego pozycji) Foldery Infected: (Nie wykryto złośliwego pozycji) Zainfekowane pliki: (Nie wykryto złośliwego pozycji) |
|
#4
1-cia Wrz 2008, 15:23
| |||
| |||
| Nie ma złośliwego oprogramowania w dzienniku. Czy wiesz co to jest? R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://search.winzy.com/ie.html
__________________ |
|
#5
2-ga Wrz 2008, 08:28
| |||
| |||
| Tak, Winzy jest wyszukiwarka kiedyś używałem tthinking mogę dostać nagrody od niego, nic nie martwić się o nie Cheers for your time!  |
|
#6
2-ga Wrz 2008, 11:46
| |||
| |||
| Twoja Java jest nieaktualna. Starsze wersje złośliwych witryn usterek, które mogą wykorzystać w celu zainfekowania systemu. Najpierw zainstaluj nowy Sun Java Runtime Environment Należy zamknąć wszystkie okna przeglądarki przed rozpoczęciem instalacji. Usuń starą wersję (s)
Użyj Secunia Software Inspector aby sprawdzić, czy nieaktualne oprogramowanie.
---------- Idź do Microsoft Windows Update i uzyskać wszystkie krytyczne bezpieczeństwa aktualizacje. (będziesz musiał użyć programu Internet Explorer, aby to zrobić)
__________________ |
