[vic66]

Hi everyone, a fost o vreme, a fost în 2 săptămâni spital.
Familia mea a decis să mă surprinde şi că au făcut-o!
au adăugat câteva programe noi!
OK aici este problema mea.
I sînt running panda security.which platină are propriul program antispyware.
Familie a decis să adauge bo curat, Blaster spyware, terminater spyware cu protecţie în timp real avg 7.5 antispyware, de asemenea, cu protecţie în timp real.
I de asemenea have la spybot cerere de anunţuri scanere conştient (cronometrul ceai off) si un pãtrat.
Când am ajuns acasă ran scanere şi sa constatat că 17 troienilor şi unele Junk adware.
Eu o am acum wooried ar putea fi deturnate.
poate cineva să aruncaţi o privire te rog.


Logfile de Trend Micro HijackThis v2.0.2
Scan saved at 3:38:57, pe 02.10.2007
Platforma: Windows XP SP2 (WINNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16512)
Boot mode: Normal
Rularea procese:
C: \ Windows \ system32 \ smss.exe
C: \ Windows \ system32 \ winlogon.exe
C: \ Windows \ system32 \ services.exe
C: \ Windows \ system32 \ lsass.exe
C: \ Windows \ system32 \ svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AVENGINE.EXE
C: \ Windows \ system32 \ svchost.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ TPSrv.exe
C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
C: \ Windows \ system32 \ Spoolsv.exe
C: \ Programas \ a-squared Free \ a2service.exe
C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ GUARD.EXE
C: \ Programas \ Ficheiros comuns \ Microsoft Shared \ VS7DEBUG \ MDM.EXE
C: \ Windows \ system32 \ nvsvc32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavFnSvr.exe
C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AntiSpam \ pskmssvc.exe
C: \ programas \ panda software \ panda Internet Security 2007 \ firewall \ PSHOST.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
C: \ Programas \ SiteAdvisor \ 6172 \ SAService.exe
C: \ Programas \ Spyware Terminator \ sp_rsser.exe
C: \ Windows \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ Windows \ system32 \ RunDll32.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ APVXDWIN.EXE
C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe
C: \ PROGRA ~ 1 \ Comodo \ CBOClean \ BOC425.exe
C: \ Programas \ BillP Studios \ WinPatrol \ WinPatrol.exe
C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe
C: \ Windows \ system32 \ Ctfmon.exe
C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ SRVLOAD.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ WebProxy.exe
C: \ PROGRAMAS \ SiteAdvisor \ 6172 \ SITEADV.EXE
C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavBckPT.exe
C: \ Programas \ uTorrent \ uTorrent.exe
C: \ Programas \ Bowlfish \ eMule.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Programas \ Internet Explorer \ iexplore.exe
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.pt/
R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://g.msn.com/0SEENUS/SAOS01?FORM=TOOLBR
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKLM \ SOFTWARE \ Microsoft \ Internet Explorer \ Main, Local Page =
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Toolbar, LinksFolderName = Hiperligações
R3 - URLSearchHook: WorldTV Bar Toolbar - (44c0b463-5a8a-452c-8e72-dc751dac6ec1) - C: \ Programas \ WorldTV_Bar \ tbWorl.dll
R3 - URLSearchHook: World TV Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O2 - BHO: IE7Pro - (00011268-E188-40DF-A514-835FCD78B1BF) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O2 - BHO: Facilitador de Leitor de Link Adobe PDF - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Programas \ Ficheiros comuns \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (no name) - (089FD14D-132B-48FC-8861-0048AE113215) - C: \ Programas \ SiteAdvisor \ 6172 \ SiteAdv.dll
O2 - BHO: Spybot-S & D IE Protecţia - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: Windows Live Toolbar Helper - (BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O2 - BHO: World TV Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O3 - Toolbar: Windows Live Toolbar - (BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0) - C: \ Programas \ Windows Live Toolbar \ msntb.dll
O3 - Toolbar: McAfee SiteAdvisor - (0BF43445-2F28-4351-9252-17FE6E806AA0) - C: \ Programas \ SiteAdvisor \ 6172 \ SiteAdv.dll
O3 - Toolbar: World TV Center Toolbar - (e077da94-6314-41f1-9F08-6607df65952e) - C: \ Programas \ World_Tv_Center \ tbWor1.dll
O4 - HKLM \ .. \ Run: [Cmaudio] rundll32 cmicnfg.cpl, CMICtrlWnd
O4 - HKLM \ .. \ Run: [APVXDWIN] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ APVXDWIN.EXE" / s
O4 - HKLM \ .. \ Run: [SCANINICIO] "C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ Inicio.exe"
O4 - HKLM \ .. \ Run: [! AVG Anti-Spyware] "C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ avgas.exe" / minimizat
O4 - HKLM \ .. \ Run: [Boc-425] C: \ PROGRA ~ 1 \ Comodo \ CBOClean \ BOC425.exe
O4 - HKLM \ .. \ Run: [WinPatrol] "C: \ Programas \ Studios BillP \ WinPatrol \ WinPatrol.exe"
O4 - HKLM \ .. \ Run: [SpywareTerminator] "C: \ Programas \ Spyware Terminator \ SpywareTerminatorShield.exe"
O4 - HKCU \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'LOCAL Serviciu ")
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'Serviciu de poveste ")
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'SYSTEM')
O4 - HKUS \. DEFAULT \ .. \ Run: [Ctfmon.exe] C: \ Windows \ system32 \ Ctfmon.exe (User 'Default user')
O4 - Global Startup: DSLMON.lnk = C: \ Programas \ SAGEM \ SAGEM F @ st 800-840 \ dslmon.exe
O8 - Extra context menu item: & Windows Live Search - res: / / C: \ Programas \ Windows Live Toolbar \ msntb.dll / search.htm
O8 - Extra context menu item: Add to Windows & Live Favorites -- http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E & xportar para o Microsoft Excel - res: / / C: \ Program ~ 1 \ MICROS ~ 2 \ OFFICE11 \ EXCEL.EXE/3000
O8 - Extra context menu item: Open in new tab fundal - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ en-US \ msntabres.dll.mui/229? 23e13882b2f34d2fb527e50edfede195
O8 - Extra context menu item: Open in prim-plan nou tab - res: / / C: \ Programas \ Windows Live Toolbar \ Components \ en-US \ msntabres.dll.mui/230? 23e13882b2f34d2fb527e50edfede195
O9 - Extra button: IE7Pro Preferences - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra 'Tools' MENUITEM: IE7Pro Preferences - (0026439F-A980-4f18-8C95-4F1CBBF9C1D8) - C: \ Programas \ IE7Pro \ IE7Pro.dll
O9 - Extra button: Pesquisar - (92780B25-18CC-41C8-B9BE-3C9C571A8263) - C: \ Program ~ 1 \ MICROS ~ 2 \ OFFICE11 \ REFIEBAR.DLL
O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O9 - Extra button: (no name) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network de diagnostic \ xpnetdiag.exe
O9 - Extra button: Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11d2-BB9E-00C04F795683) - C: \ Programas \ Messenger \ msmsgs.exe
O16 - DPF: (5ED80217-570B-4DA9-BF44-BE107C0EC166) -- http://cdn.scan.onecare.live.com/res...scbase8300.cab
O16 - DPF: (6E32070A-766D-4EE6-879C-DC1FA91D2FC3) (MUWebControl Class) -- http://www.update.microsoft.com/micr...?1189781903812
O16 - DPF: (D27CDB6E-AE6D-11CF-96B8-444553540000) (Shockwave Flash Object) -- http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O17 - HKLM \ System \ CCS \ Services \ Tcpip \ .. \ (EBEDA096-3520-470A-9F4F-E70844D02643): NameServer = 212.55.154.174
O20 - Winlogon Notify:! SASWinLogon - C: \ Programas \ SUPERAntiSpyware \ SASWINLO.dll
O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C: \ Programas \ a-squared Free \ a2service.exe
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - C: \ Programas \ Lavasoft \ Ad-Aware 2007 \ aawservice.exe
O23 - Service: AVG Anti-Spyware Guard - GRISOFT sro - C: \ Programas \ Grisoft \ AVG Anti-Spyware 7.5 \ GUARD.EXE
O23 - Service: BOCore - Unknown owner - (nici un dosar)
O23 - Service: NBService - Nero AG - C: \ Programas \ Nero \ Nero 7 \ Nero BackItUp \ NBService.exe
O23 - Service: NMIndexingService - Nero AG - C: \ Programas \ Ficheiros comuns \ Ahead \ Lib \ NMIndexingService.exe
O23 - Service: Driver AOpen Helper Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ NVSVC32.EXE
O23 - Service: Panda Software Controller - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ PavFnSvr.exe
O23 - Service: Panda Process Protecţia Service (PavPrSrv) - Panda Software International - C: \ Programas \ Ficheiros comuns \ Panda Software \ PavShld \ pavprsrv.exe
O23 - Service: Panda anti-virus de servicii (PAVSRV) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ AntiSpam \ pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - C: \ programas \ panda software \ panda Internet Security 2007 \ firewall \ PSHOST.EXE
O23 - Service: Panda LanceAuction Service (PSIMSVC) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ psimsvc.exe
O23 - Service: Serviço SiteAdvisor (SiteAdvisor Service) - Unknown owner - C: \ Programas \ SiteAdvisor \ 6172 \ SAService.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - C: \ Programas \ Spyware Terminator \ sp_rsser.exe
O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C: \ Programas \ Panda Software \ Panda Internet Security 2007 \ TPSrv.exe
--
Sfârşit de fişier - 10407 bytes

PS soory despre greşelile de ortografie trebuie să fie LOL medicaţie

[evilfantasy]

Bună ziua Vic. Speranţa este totul merge bine.

Voi avea o privire la jurnalul şi mă întorc la tine în câteva.

[vic66]

Evilfantasy Multumesc foarte mult.
Şi da încep să se simtă mai bine.

[vic66]

Acesta este de 4 dimineaţa aici, am nevoie de niste somn va fi din nou la 8 dimineaţa.
Promisiunea de a nu face nimic pana cand am aici de la tine.
Vă mulţumesc foarte mult pentru timpul acordat si ajutor.

[evilfantasy]

Du-te la
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Ştergeţi acest fişier.

============

Acum du-te la
C: \ Programas \ Trend Micro \ HijackThis \ HijackThis.exe
Click dreapta HijackThis.exe şi selectaţi Redenumire. Numele este Analyze.exe şi apăsaţi intra.

============

Este aceasta furnizorul Dvs. de internet?
PT.COM - COMUNICACOES INTERACTIVAS SA

============

Arati să fie curate.

De fapt, aşa cum aţi afirmat deja aveţi o prea puţină protecţie prea mult. Dar, atâta timp cât acesta este doar un antivirus şi un firewall nu trebuie să existe conflicte. Aţi putea fi încetinit de care au atât de mult să fie difuzate.

Se pare că dumneavoastră de securitate scanează eliminat toate că au găsit.

[vic66]

Vă mulţumim evilfantasy pentru răspunsul dvs., dar am rememeber un newbie o!
cum a face i propui să faci aceste cerinţe















"

[vic66]

Oops
pt. COM este furnizorul de

[vic66]

a avut grija de log hijack, iar acum este Analise .. exe
dar cant găsi documentele C şi setări în cazul în care orice
Vă rugăm să ajute
THANKS

[evilfantasy]

Deschideţi HijackThis şi selectaţi "Nu doar un sistem de scanare.
Se pune un marcaj de selectare de lângă
C: \ Documents and Settings \ Fabio \ Definições locais \ Temporary Internet Files \ Content.IE5 \ GSE4YWAK \ HiJackThis [2]. Exe
Apoi faceţi clic pe Fix verificate.

[vic66]

Evilfantasy Ne pare rau dar nu pot să-l găsiţi. Există un număr de
cum ar fi 04 or23 sau i se poate ghida 06 ceva cu mine însumi