[vic66]

Hi everyone, jis buvo kartu, buvo ligoninėje 2weeks.
Mano šeima nusprendė nustebinti mane, ir kad jie tai padarė!
Jais įtrauktos kai kurios naujos programos!
Gerai, štai mano problema.
Aš einu Panda Platinum security.which turi savo apsaugą nuo šnipinėjimo programų.
Šeima nusprendė pridėti bo švarus, spyware blaster, šnipinėjimo terminater su realaus laiko apsauga nuo šnipinėjimo avg 7,5 ir su realaus laiko apsauga.
Aš taip pat turiu paklausos skeneriai skelbimą žino Spybot (arbatos laikmatis išjungtas), ir kvadratu.
kai aš namuose vyko skaitytuvų ir nustatė 17 Trojans Adware ir kai kurių šiukšlių.
Aš dabar wooried galiu būti pagrobtas.
Ar kas nors pažiūrėti prašom.


Logfile Trend Micro HijackThis v2.0.2
Skaitymo išsaugotas 3:38:57 dėl 02-10-2007
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Veikia procesus:
C: \ WINDOWS \ System32 \ smss.exe
C: \ WINDOWS \ system32 \ winlogon.exe
C: \ WINDOWS \ system32 \ services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ avengine.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ tpsrv.exe
C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ Programas \ a-squared Free \ a2service.exe
C: \ Programas \ Grisoft \ AVG Anti-spyware 7,5 \ guard.exe
C: \ Programas \ Ficheiros comuns \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavfnsvr.exe
C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AntiSpam \ pskmssvc.exe
C: \ programs \ Panda Software \ Panda Internet Security 2007 \ Firewall \ PSHOST.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
C: \ Programas \ SiteAdvisor \ 6.172 \ SAService.exe
C: \ Programas \ Spyware Terminator \ sp_rsser.exe
C: \ WINDOWS \ System32 \ svchost.exe
C: \ WINDOWS \ explorer.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ apvxdwin.exe
C: \ Programas \ Grisoft \ AVG Anti-spyware 7,5 \ avgas.exe
C: \ PROGRA ~ 1 \ Comodo \ CBOClean \ BOC425.exe
C: \ Programas \ BillP Studios \ WinPatrol \ WinPatrol.exe
C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ srvload.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ webproxy.exe
C: \ PROGRAMAS \ SiteAdvisor \ 6.172 \ SITEADV.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavBckPT.exe
C: \ Programas \ uTorrent \ uTorrent.exe
C: \ Programas \ Bowlfish \ eMule.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Fabio \ Definições Solutions \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Hiperligações
R3 - URLSearchHook: WorldTV Baras Toolbar - (44c0b463-5a8a-452c-8e72-dc751dac6ec1) - C: \ Programas \ WorldTV_Bar \ tbWorl.dll
R3 - URLSearchHook: World TV centras Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O2 - BHO: IE7Pro - (00011268-E188-40DF-A514-835FCD78B1BF) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O2 - BHO: Facilitador de Leitor de Nuoroda Adobe PDF - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programas \ Ficheiros comuns \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (089FD14D-132B-48FC-8861-0048AE113215) - C: \ Programas \ SiteAdvisor \ 6.172 \ SiteAdv.dll
O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O2 - BHO: World TV centras Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - (0BF43445-2F28-4351-9252-17FE6E806AA0) - C: \ Programas \ SiteAdvisor \ 6.172 \ SiteAdv.dll
O3 - Toolbar: World TV centras Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O4 - HKLM \ .. \ Run: [Cmaudio] Rundll32 cmicnfg.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [APVXDWIN] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ apvxdwin.exe" / s
O4 - HKLM \ .. \ Run: [SCANINICIO] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ Inicio.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Programas \ Grisoft \ AVG Anti-Spyware 7,5 \ avgas.exe" / mažinimą
O4 - HKLM \ .. \ Run: [BOC-425] C: \ PROGRA ~ 1 \ Comodo \ CBOClean \ BOC425.exe
O4 - HKLM \ .. \ Run: [WinPatrol] "C: \ Programas \ BillP Studios \ WinPatrol \ WinPatrol.exe"
O4 - HKLM \ .. \ Run: [SpywareTerminator] "C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'LOCAL serviço')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Serviço de rede ")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
O8 - Extra kontekstinio meniu punktą: "ir" Windows Live Search - res: / / C: \ Programas \ Windows Live Toolbar \ msntb.dll / search.htm
O8 - Extra kontekstinio meniu punktą: Pridėti prie "Windows Live & Favoritus -- http://favorites.live.com/quickadd.aspx
O8 - Extra kontekstinio meniu punktą: E & xportar para o Microsoft Excel - res: / / C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ EXCEL.EXE/3000
O8 - Extra kontekstinio meniu punktą: Atidaryti naujame skirtuke fone - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ en-us \ msntabres.dll.mui/229? 23e13882b2f34d2fb527e50edfede195
O8 - Extra kontekstinio meniu punktą: Atidaryti naujame skirtuke žinių - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ en-us \ msntabres.dll.mui/230? 23e13882b2f34d2fb527e50edfede195
O9 - Extra button: IE7Pro nuostatos - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra 'Tools' MENUITEM: IE7Pro nuostatos - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra button: Ieskoti - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ PROGRA ~ 1 \ Micros ~ 2 \ Office11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ Xpsp3res.dll, -20.001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ msmsgs.exe
O16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) -- http://cdn.scan.onecare.live.com/res...scbase8300.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl klasė) -- http://www.update.microsoft.com/micr...?1189781903812
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
Ø17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (EBEDA096-3520-470A-9F4F-E70844D02643): NameServer = 212.55.154.174
Ø20 - Winlogon Notify:! SASWinLogon - C: \ Programas \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C: \ Programas \ a-squared Free \ a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - Grisoft sro - C: \ Programas \ Grisoft \ AVG Anti-Spyware 7,5 \ guard.exe
O23 - Service: BOCore - Unknown owner - (no file)
O23 - Service: NBService - Nero AG - C: \ Programas \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Programas \ Ficheiros comuns \ Ahead \ Lib \ NMIndexingService.exe
O23 - Service: AOpen Driver Helper Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: Panda Software Controller - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
O23 - Service: Panda Pareigos tarnybos (PAVFNSVR) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavfnsvr.exe
O23 - Service: Panda Technologinių apsaugos tarnybos (PavPrSrv) - Panda Software International - C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
O23 - Service: Panda antivirusinę paslaugos (PAVSRV) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
O23 - Service: Panda antispam Variklis (pmshellsrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AntiSpam \ pskmssvc.exe
O23 - Service: Panda priimančiosios tarnybos (PSHost) - Panda Software International - C: \ programs \ Panda Software \ Panda Internet Security 2007 \ Firewall \ PSHOST.EXE
O23 - Service: Panda IManager tarnybos (PSIMSVC) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
O23 - Service: Serviço SiteAdvisor (SiteAdvisor Service) - Unknown owner - C: \ Programas \ SiteAdvisor \ 6.172 \ SAService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C: \ Programas \ Spyware Terminator \ sp_rsser.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ tpsrv.exe
--
End of file - 10.407 baitų

PS soory apie rašybos klaidas, turi būti vaistas LOL

[evilfantasy]

Labas Vic. Hope viskas vyksta gerai.

Aš jau ne žurnalas atrodo ir grįžti į jūsų kelis.

[vic66]

Thanks very much evilfantasy.
Ir taip pradeda jaustis geriau.

[vic66]

Jis yra 4 ryto čia, I need some sleep bus atgal 8 ryto.
Pažadas nieko daryti, kol aš čia iš jūsų.
Labai ačiū už Jūsų laiką ir padėti.

[evilfantasy]

Pereiti į
C: \ Documents and Settings \ Fabio \ Definições Solutions \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Ištrinti visą šią bylą.

============

Dabar eikite į
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
Dešiniuoju pelės mygtuku spustelėkite HijackThis.exe pasirinkite Pervadinti. Pavadinimas tai Analyze.exe paspauskite įeiti.

============

Ar tai jūsų interneto tiekėjas?
PT.COM - COMUNICACOES interactivas SA

============

Jums atrodo, kad bus švarus.

Iš tikrųjų, kaip jau nurodė turite šiek tiek per daug apsaugos. Tačiau tol, kol ji yra tik viena antivirusinė ir viena ugniasienė neturi būti jokių konfliktų. Jums gali būti sulėtintas, turintys tiek veikia.

Atrodo, kad jūsų saugumo skenuoja pašalinti visus rado.

[vic66]

Evilfantasy Ačiū už atsakymą, bet rememeber aš naujokas!
Kaip man pereiti Apie daro šiuos reikalavimus















"

[vic66]

Oi
pt. Com teikėjo

[vic66]

rūpinosi svetimą prisijunkite ir dabar yra análise .. exe
bet cant find C Documents and Settings bet kur
Please help
THANKS

[evilfantasy]

Atidaryti HijackThis ir pasirinkite "Ar sistema nuskaito tik.
Vieta žymės langelį
C: \ Documents and Settings \ Fabio \ Definições Solutions \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Tada spauskite Fix patikrinta.

[vic66]

Atsiprašome evilfantasy bet aš negaliu jos rasti. Ar yra numeris
kaip 04 or23 ar 06 nors galiu vadovas save su