[Axegrinder]

Bol som požiadaný, aby začala o tému týchto chýb. Takže som vysielania hijack tohto záznamu. Mohol by niekto prosím, či to. Mal som tu Prieskumník chybové hlásenie "došlo k chybe atď", a Generic host služba pre win32 "Keď som štartoval až dnes ráno.

Logfile Trend Micro HijackThis v2.0.2
Skenovanie uložený v 22:25:25 dňa 24/10/2007
Platforma: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16544)
Zavádzacia mód: Normálny
Bežiace procesy:
C: \ WINDOWS \ System32 \ Smss.exe
C: \ WINDOWS \ system32 \ Winlogon.exe
C: \ WINDOWS \ system32 \ Services.exe
C: \ WINDOWS \ system32 \ lsass.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ WINDOWS \ Explorer.exe
C: \ WINDOWS \ system32 \ Spoolsv.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
C: \ WINDOWS \ system32 \ nvsvc32.exe
C: \ WINDOWS \ system32 \ svchost.exe
C: \ Program Files \ Linksys Wireless-G Wireless USB Network Monitor \ WLService.exe
C: \ Program Files \ Linksys Wireless-G Wireless USB Network Monitor \ WUSB54GSv2.exe
C: \ WINDOWS \ system32 \ rundll32.exe
C: \ WINDOWS \ RTHDCPL.EXE
C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe
C: \ WINDOWS \ tsnp2std.exe
C: \ WINDOWS \ vsnp2std.exe
C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe
C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe
C: \ WINDOWS \ system32 \ Ctfmon.exe
C: \ Program Files \ MessengerDiscovery \ MessengerDiscovery Live.exe
C: \ Program Files \ MSN Messenger \ usnsvc.exe
C: \ Program Files \ Windows Media Player \ wmplayer.exe
C: \ Program Files \ LimeWire \ LimeWire.exe
C: \ Program Files \ Internet Explorer \ iexplore.exe
C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WLLoginProxy.exe
C: \ WINDOWS \ system32 \ wuauclt.exe
C: \ Program Files \ Trend Micro \ HijackThis \ HijackThis.exe
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://www.google.co.uk/
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Int ernet Settings, Proxyserver = webcache.blueyonder.net: 80
O2 - BHO: Adobe PDF Reader Link Helper - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Common Files \ Adobe \ Acrobat \ ActiveX \ AcroIEHelper.dll
O2 - BHO: (bez názvu) - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll
O2 - BHO: SSVHelper triedy - (761497BB-D6F0-462C-B6EB-D4DAF1D92D43) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O2 - BHO: Windows Live Sign-in Helper - (9030D464-4C02-4ABF-8ECC-5164760863C6) - C: \ Program Files \ Common Files \ Microsoft Shared \ Windows Live \ WindowsLiveLogin.dll
O4 - HKLM \ .. \ Run: [NvCplDaemon] rundll32.exe C: \ WINDOWS \ system32 \ NvCpl.dll, NvStartup
O4 - HKLM \ .. \ Run: [nwiz] nwiz.exe / install
O4 - HKLM \ .. \ Run: [NvMediaCenter] rundll32.exe C: \ WINDOWS \ system32 \ NvMcTray.dll, NvTaskbarInit
O4 - HKLM \ .. \ Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM \ .. \ Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM \ .. \ Run: [AVG7_CC] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgcc.exe / StartUp
O4 - HKLM \ .. \ Run: [Adobe Reader Speed Launcher] "C: \ Program Files \ Adobe \ Reader 8.0 \ Reader \ reader_sl.exe"
O4 - HKLM \ .. \ Run: [tsnp2std] C: \ WINDOWS \ tsnp2std.exe
O4 - HKLM \ .. \ Run: [snp2std] C: \ WINDOWS \ vsnp2std.exe
O4 - HKLM \ .. \ Run: [SunJavaUpdateSched] "C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ jusched.exe"
O4 - HKCU \ .. \ Run: [MsnMsgr] "C: \ Program Files \ MSN Messenger \ MsnMsgr.Exe" / pozadia
O4 - HKCU \ .. \ Run: [Cttfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe
O4 - HKUS \ S-1-5-19 \ .. \ Run: [Cttfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'miestnych')
O4 - HKUS \ S-1-5-19 \ .. \ Run: [AVG7_Run] C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgw.exe / RunOnce (User 'miestnych')
O4 - HKUS \ S-1-5-20 \ .. \ Run: [Cttfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Network Service')
O4 - HKUS \ S-1-5-18 \ .. \ Run: [Cttfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'systém')
O4 - HKUS \. DEFAULT \ .. \ Run: [Cttfmon.exe] C: \ WINDOWS \ system32 \ Ctfmon.exe (User 'Predvolené užívateľ')
O4 - Global Startup: Reboot.exe
O9 - Extra tlačidlá: (bez názvu) - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - (08B0E5C0-4FCB-11CF-AAA5-00401C608501) - C: \ Program Files \ Java \ jre1.6.0_03 \ bin \ ssv.dll
O9 - Extra tlačidlá: (bez názvu) - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostické \ xpnetdiag.exe
O9 - Extra 'Tools' MENUITEM: @ xpsp3res.dll, -20001 - (e2e2dd38-d088-4134-82b7-f2ba38496583) - C: \ WINDOWS \ Network Diagnostické \ xpnetdiag.exe
O9 - Extra tlačidlá: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ Msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ Msmsgs.exe
O16 - DPF: (0E5F0222-96B9-11D3-8997-00104BD12D94) (PCPitstop Utility) -- http://pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: (17492023-C23A-453E-A040-C7C580BBF700) (Windows Genuine Advantage validáciu Tool) -- http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: (74DBCB52-F298-4110-951D-AD2FF67BC8AB) (NVIDIA Smart Scan) -- http://www.nvidia.com/content/Driver...aSmartScan.cab
O16 - DPF: (A90A5822-F108-45AD-8482-9BC8B12DD539) (Rozhodujúci cpcScan) -- http://www.crucial.com/controls/cpcScanner.cab
O16 - DPF: (E8F628B5-259A-4734-97EE-BA914D7BE941) (Driver Agent ActiveX Control) -- http://driveragent.com/files/driveragent.cab
O16 - DPF: (F09BFD07-20B5-46D8-A6D5-BE4EF22F1F4D) (DGTx.uc1) -- http://69.57.132.82/DGTx.CAB
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, sro - C: \ PROGRA ~ 1 \ Grisoft \ AVG7 \ avgemc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C: \ WINDOWS \ system32 \ nvsvc32.exe
O23 - Service: WUSB54GSv2SVC - GEMTEKS - C: \ Program Files \ Linksys Wireless-G Wireless USB Network Monitor \ WLService.exe
--
End of file - 6108 bytes

[evilfantasy]

No nič zlého neexistuje.

Niekedy Yahoo Toolbar spôsobí, že chyby, ale nevidím to nainštalovať.

[Axegrinder]

Nie yahoo paneli nainštalované isnt, mala by byť s cudzou aj tieto chyby od svojho úplne nového počítača. Chyba im najviac znepokojuje, je "všeobecného hostiteľského procesu pre služby win32", som tiež stratil som aj zvuk, whenver aj klikli onthe ikona hlasitosti, ale uviedlo, že žiadne zvukové zariadenie. Vyriešený tým, že by znovuzrodenia.

[evilfantasy]

Můžeš zkusit spustit Rootkit scan len pre istotu.

http://research.pandasoftware.com/bl...ntiRootkit.zip

Rozbaľte ho a spustite PAVARK.exe súboru.

Začiarknite políčko, ktoré hovorí Podrobne scan a postupujte podľa pokynov na obrazovke.

[Axegrinder]

Nie nie rootkity prísť, má niekto vedieť, čo znamená "Global Startup: reboot.exe" je.?

[evilfantasy]

Reboot.exe

Citácia:

MS-DOS/Win3.1 utility použitie čistého spustenia systému. Niekedy je inštalovaná v predvolenom nastavení niektorých ovládač CD pre základné dosky