|
|
|||||||
| Registruotis | Svetainės spy | Narių sąrašas | Donate | Ieškoti | Šiandien Žinutės | Pažymėti forumus kaip skaitytus | Forumo taisyklės |
|
 |
|
|
Temos įrankiai |
|
#1
Rugsėjis 28, 2007, 17:13
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Mano vardas yra Tatjana ir im desperate for help, bandė beveik kiekvieną Virus Scan outthere, bet ne laimę. Mėginau parsisiųsti Smitfraud ištaisyti, tačiau ji negali būti Safed nes šaltinis negali būti nustatyta "arba" nežinoma klaida ".. pats tiksliai problema, kaip šis vyrukas" ir gaunu kvailas pop ups sako mano PC, pagal grėsmė per užduočių / toolbar ir didelis raudonas kryžius mirksi užduočių juostoje, ir mano ekrano fonas ant darbastalio pakeitimus raudoname fone didelis simbolis nuotrauką ir Norton cant see to, viena iš daugiau burbuliukų iš dėklo Pop / toolbar sako jo trojan32.looksky, ir taip pat mano namų puslapis IE perėjo į ucleaner.com galutinė švaresnis 2007 whicjh yra klaidingas šnipinėjimo dalykas Scanner / valiklis "
Please help me! Mano įrašai Logfile of HijackThis v1.99.1 Skaitymo išsaugotas 7:26:18 dėl 9/28/2007 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ brsvc01a.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe C: \ Program Files \ Creative \ Sound Blaster Live! 24-bit \ Surround Mixer \ CTSysVol.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe C: \ Program Files \ Yahoo! \ Antivirus \ cavtray.exe C: \ Program Files \ Yahoo! \ Antivirus \ cavrid.exe C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA JA.EXE C: \ Program Files \ QuickTime \ QTTask.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ Yahoo! \ Antivirus \ isafe.exe C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe C: \ WINDOWS \ system32 \ CTsvcCDA.EXE C: \ Program Files \ CIFPFiltering \ FilterService.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe C: \ Program Files \ Eset \ nod32krn.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Tablet.exe C: \ Program Files \ Yahoo! \ Antivirus \ VetMsg.exe C: \ WINDOWS \ wanmpsvc.exe C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe C: \ WINDOWS \ system32 \ MsPMSPSv.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ Webroot \ Spy Sweeper \ ssu.exe C: \ WINDOWS \ explorer.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrowser.exe C: \ Program Files \ HijackThis \ HijackThis.exe R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://www.dell4me.com/myway R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyServer = 127.0.0.1:8080 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Parametrai ProxyOverride = vietos N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "Variklis: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file) O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Browser \ YSidebarIEBHO.dll O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file) O3 - Toolbar: McAfee VirusScan - (BA52B914-B692-46c4-B683-905236F6F655) - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll O3 - Toolbar: Yahoo! Toolbar - (EF99BD32-C1FB-11D2-892F-0090271D4F88) - C: \ Program Files \ Yahoo! \ Companion \ Įrenginiai \ NKP \ yt.dll O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe" O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe" O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe" O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live 24-bit \ Surround Mixer \ CTSysVol.exe" / R O4 - HKLM \ .. \ Run: [P17Helper] Rundll32 P17.dll, P17Helper O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe" O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe" O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / R O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe" O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask O4 - HKLM \ .. \ Run: [VirusScan Online] C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsshld.exe O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe" O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo Music Engine \ ymetray.exe" O4 - HKLM \ .. \ Run: [CaAvTray] "C: \ Program Files \ Yahoo! \ Antivirus \ cavtray.exe" O4 - HKLM \ .. \ Run: [CAVRID] "C: \ Program Files \ Yahoo! \ Antivirus \ cavrid.exe" O4 - HKLM \ .. \ Run: [YOP] "C: \ PROGRA ~ 1 \ Yahoo! \ YOP \ yop.exe" / autostart O4 - HKLM \ .. \ Run: [Epson Stylus Photo R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATI AJA.EXE" / P30 "Epson Stylus Photo R340 serija" / O6 "USB002 "/ M" Stylus Photo R340 " O4 - HKLM \ .. \ Run: [nod32kui] "C: \ Program Files \ Eset \ nod32kui.exe" / WAITSERVICE O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKLM \ .. \ Run: [spysweeper] "C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeperui.exe" / startintray O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-tyliai O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] "C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe" O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: America Online "9,0 dėklas Icon.lnk = C: \ Program Files \ America Online 9.0 \ aoltray.exe O4 - Global Startup: UPS APC Status.lnk =? O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe O4 - Global Startup: TabUserW.exe.lnk = C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe O9 - Extra button: SBC Yahoo! Paslaugos - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file) O9 - Extra button: Musicmatch MX Web leistuve - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) -- Ø20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll Ø20 - Winlogon Notify: WRNotifier - C: \ WINDOWS \ SYSTEM32 \ WRLogonNTF.dll O21 - SSODL: MSSQL - (9516DDA8-E023-4472-A7C0-12A7A4834359) - C: \ WINDOWS \ mssql.dll O21 - SSODL: syscore - (D5B03680-8880-4BC8-80A4-C9BAC2A7A341) - C: \ WINDOWS \ syscore.dll O21 - SSODL: msmhost - (69F3A520-2471-4FF3-8139-ECFD56DED8DB) - C: \ WINDOWS \ msmhost.dll O21 - SSODL: msmdev - (E8E8584D-8FA5-4641-A934-8A93158794E9) - C: \ WINDOWS \ msmdev.dll O23 - Service: Adobe Aktyvus File Monitor (AdobeActiveFileMonitor) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe O23 - Service: UPS APC Service - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: BrSplService (Brolis SPL XP Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: CAISafe - Computer Associates International, Inc - C: \ Program Files \ Yahoo! \ Antivirus \ isafe.exe O23 - Service: CIFPLogAggregator - Unknown owner - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE O23 - Service: CyclopeInternetFilter - Unknown owner - C: \ Program Files \ CIFPFiltering \ FilterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcshield.exe O23 - Service: McAfee.com VirusScan Online Realtime Variklis (MCVSRte) - Networks Associates Technology, Inc - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C: \ Program Files \ Eset \ nod32krn.exe O23 - Service: TabletService - Wacom Technology, Corp - C: \ WINDOWS \ system32 \ Tablet.exe O23 - Service: profesijos Message Service (VETMSGNT) - Computer Associates International, Inc - C: \ Program Files \ Yahoo! \ Antivirus \ VetMsg.exe O23 - Service: WAN miniprievado (ATW) Paslaugos (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe O23 - Service: Webroot Spy Sweeper programa (WebrootSpySweeperService) - Webroot Software, Inc - C: \ Program Files \ Webroot \ Spy Sweeper \ spysweeper.exe O23 - Service: YPCService - Yahoo! Inc - C: \ WINDOWS \ SYSTEM32 \ YPCSER ~ 1.EXE |
|
#2
Rugsėjis 28, 2007, 17:55
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Sveiki Tatjana, Sveiki atvykę į TCF.
* Svarbu * Pervardyti Hijackthis.exe failą Analyze.exe. Tai svarbu, nes kai kurios naujos kenkėjų "formos, gali paslėpti nuo HijackThis.exe. Dešiniuoju pelės mygtuku spustelėkite HijackThis.exe failą C: \ Program Files \ HijackThis ir pasirinkite pervardyti. Įveskite Analyze.exe ir paspauskite Enter klavišą. Dešiniuoju pelės mygtuku spustelėkite failą ir Analyze.exe Siųsti Desktop sukurti nuorodą. ============================ Atrodo, kad turite daugiau nei vieną Antivirusinė įdiegta. Jei taip, prašome eiti į Add / Remove Programs ir pašalinkite visus, išskyrus vieną. Turintys daugiau kaip vieną antivirusinę yra nereikalingas ir gali sukelti konfliktus. ============================ Išjungti Spybot TeaTimer. Nors TeaTimer yra puikus įrankis šnipinėjimo prevencija, kartais gali užkirsti kelią mūsų įrankiais, nustatantis tam tikrų dalykų. Išjunkite TeaTimer dabar, kol yra švarus. TeaTimer gali būti atgaivintas, kai jūsų rąstai yra švarus. * Open Spybot Search & Destroy. * Į Mode meniu spustelėkite "Išplėstinė būdas", Jei dar nebuvo pasirinkta. * Pasirinkite "Taip"Ne Įspėjimas eilutę. * IšskleistiĮrankiaiMeniu. * Paspauskite "Imbuvys. * Nuimkite "Rezidentas "TeaTimer" (apsauga nuo bendros sistemos parametrai) aktyvų."Langelyje. * Į meniu Failas spustelėkite "AtsijungtiJei norite išeiti Spybot Search & Destroy. + Galite iš naujo įjungti TeaTimer, kai esame padaryti. ============================= Atsisiųskite ATF Cleaner pagal Atribune. Tai padės bet nuskaito run faster. ATF Cleaner.exe Ši programa nereikalauja įdiegimo. Vykdomąjį faktiškai veikia programa. PASTABA ATF Cleaner bus pašalinti visus failus iš elementų, kurie yra tikrinami, jei turite kokių nors slapukus norite išsaugoti. Prašome perkelti juos į kitą aplanką, pirmiausia. * Du kartus spustelėkite ATF-Cleaner.exe paleisti programą. * Pagal Pagrindinis pasirinkti: Select All * Paspauskite Tuščias Rinktiniai mygtuką. Jei naudojate Firefox naršyklė * Paspauskite "Firefox" viršuje ir pasirinkti: Select All * Paspauskite Tuščias Rinktiniai mygtuką. PASTABA Jei norite išsaugoti savo išsaugotus slaptažodžius, spauskite Ne į eilutę. Jei naudojate Opera naršyklė * Paspauskite Opera viršuje ir pasirinkti: Select All * Paspauskite Tuščias Rinktiniai mygtuką. PASTABA Jei norite išsaugoti savo išsaugotus slaptažodžius, spauskite Ne į eilutę. Spauskite Atsijungti apie Pagrindinis ATF Cleaner meniu uždaryti programą. =============================== 1. Parsisiųsti failą combofix.exe 2. Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas. 3. Kai bus baigta, ji pateikia žurnalas Jums. Skelbti kad Prisijungti kitą atsakymą. Pastaba Don't mouseclick combofix lango, o tai veikia. Tai gali sukelti ją gardas. ===================================== Kitame paštu prašome pridėti: Combofix Prisijungti Šviežios ir pervadintas HijackThis 
__________________
 |
|
#3
Rugsėjis 28, 2007, 18:31
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Pat:
Leiskite man žinoti, kaip viskas yra dabar.
__________________
|
|
#4
Rugsėjis 29, 2007, 22:23
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Hi evilfantasy-thx už greitą atsakymą .. Mano kompiuteryje yra labai lėtas, ir jis ėmėsi valandos posting this .. aš padariau, ką jūs man pasakė, kad pašalinta, Antivirus NOD32, spysweeper ir Yahoo internete apsauga ..
I pridedamas combofix žurnalas ir čia HijackThis. Logfile of HijackThis v1.99.1 Skaitymo išsaugotas 1:11:41 dėl 9/30/2007 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ explorer.exe C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe C: \ WINDOWS \ system32 \ CTsvcCDA.EXE C: \ Program Files \ CIFPFiltering \ FilterService.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Tablet.exe C: \ WINDOWS \ wanmpsvc.exe C: \ WINDOWS \ system32 \ MsPMSPSv.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe C: \ Program Files \ Creative \ Sound Blaster Live! 24-bit \ Surround Mixer \ CTSysVol.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA JA.EXE C: \ Program Files \ QuickTime \ QTTask.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ HijackThis \ Analyze.exe R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2 R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyServer = 127.0.0.1:8080 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Parametrai ProxyOverride = vietos N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "Variklis: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file) O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Browser \ YSidebarIEBHO.dll O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file) O3 - Toolbar: McAfee VirusScan - (BA52B914-B692-46c4-B683-905236F6F655) - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe" O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe" O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe" O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live 24-bit \ Surround Mixer \ CTSysVol.exe" / R O4 - HKLM \ .. \ Run: [P17Helper] Rundll32 P17.dll, P17Helper O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe" O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe" O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / R O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe" O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe" O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo Music Engine \ ymetray.exe" O4 - HKLM \ .. \ Run: [Epson Stylus Photo R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATI AJA.EXE" / P30 "Epson Stylus Photo R340 serija" / O6 "USB002 "/ M" Stylus Photo R340 " O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-tyliai O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: America Online "9,0 dėklas Icon.lnk = C: \ Program Files \ America Online 9.0 \ aoltray.exe O4 - Global Startup: UPS APC Status.lnk =? O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe O4 - Global Startup: TabUserW.exe.lnk = C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe O9 - Extra button: SBC Yahoo! Paslaugos - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file) O9 - Extra button: Musicmatch MX Web leistuve - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) -- Ø20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: MSSQL - (9516DDA8-E023-4472-A7C0-12A7A4834359) - C: \ WINDOWS \ mssql.dll O21 - SSODL: syscore - (D5B03680-8880-4BC8-80A4-C9BAC2A7A341) - C: \ WINDOWS \ syscore.dll O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll (file missing) O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll (file missing) O23 - Service: Adobe Aktyvus File Monitor (AdobeActiveFileMonitor) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe O23 - Service: UPS APC Service - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: BrSplService (Brolis SPL XP Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: CIFPLogAggregator - Unknown owner - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE O23 - Service: CyclopeInternetFilter - Unknown owner - C: \ Program Files \ CIFPFiltering \ FilterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcshield.exe O23 - Service: McAfee.com VirusScan Online Realtime Variklis (MCVSRte) - Networks Associates Technology, Inc - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe O23 - Service: TabletService - Wacom Technology, Corp - C: \ WINDOWS \ system32 \ Tablet.exe O23 - Service: WAN miniprievado (ATW) Paslaugos (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe |
|
#5
Rugsėjis 30, 2007, 00:49
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Atidaryti HijackThis ir pasirinkite "Ar sistema nuskaito tik"Ir vieta varnelė prie šių įrašų.
R0 - HKCU \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://softwarereferral.com/jump.php...MjI6Ojg5&lid=2 O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file) O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file) O9 - Extra button: (no name) - (CD67F990-D8E9-11D2-98FE-00C0F0318AFE) - (no file) O9 - Extra button: Musicmatch MX Web leistuve - (d81ca86b-ef63-42af-bee3-4502d9a03c2d) -- http://wwws.musicmatch.com/mmz/openWebRadio.html (file missing) O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) -- Uždarykite visus naršyklės langus, įskaitant šį, tada spustelėkite "Fix patikrinta" Perkraukite kompiuterį ir po šviežiai HijackThis. Pasakykite man, kaip viskas yra dabar.
__________________
|
|
#6
Rugsėjis 30, 2007, 08:16
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
helllo, ahh Mano kompiuteris pagaliau nėra erzinančių pop-up langus įspėjimai ir trys Virus Scan piktogramas, kurie buvo įdiegti į kompiuterį taip pat dingo, Yeeeah ..
 Atrodo, kad viskas grįžo į įprastas, raudoname fone, taip pat dingo. Štai žurnale.Logfile of HijackThis v1.99.1 Skaitymo išsaugotas 11:03:37, on 9/30/2007 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ explorer.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe C: \ Program Files \ Creative \ Sound Blaster Live! 24-bit \ Surround Mixer \ CTSysVol.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe C: \ WINDOWS \ system32 \ CTsvcCDA.EXE C: \ Program Files \ CIFPFiltering \ FilterService.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA JA.EXE C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ Program Files \ QuickTime \ QTTask.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Tablet.exe C: \ WINDOWS \ wanmpsvc.exe C: \ WINDOWS \ system32 \ MsPMSPSv.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ Mozilla Firefox \ firefox.exe C: \ Program Files \ HijackThis \ Analyze.exe R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyServer = 127.0.0.1:8080 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Parametrai ProxyOverride = vietos N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "Variklis: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: MSVPS sistema - (0D5227BF-0C5B-4EA8-833C-FE09F1496F39) - C: \ WINDOWS \ div32.dll O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file) O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll O2 - BHO: MSVPS sistema - (88418AA3-16F5-4FC2-A9D8-90B1266DF841) - C: \ WINDOWS \ nsduo.dll O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Browser \ YSidebarIEBHO.dll O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file) O3 - Toolbar: McAfee VirusScan - (BA52B914-B692-46c4-B683-905236F6F655) - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe" O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe" O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe" O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live 24-bit \ Surround Mixer \ CTSysVol.exe" / R O4 - HKLM \ .. \ Run: [P17Helper] Rundll32 P17.dll, P17Helper O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe" O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe" O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / R O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe" O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe" O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo Music Engine \ ymetray.exe" O4 - HKLM \ .. \ Run: [Epson Stylus Photo R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATI AJA.EXE" / P30 "Epson Stylus Photo R340 serija" / O6 "USB002 "/ M" Stylus Photo R340 " O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-tyliai O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: America Online "9,0 dėklas Icon.lnk = C: \ Program Files \ America Online 9.0 \ aoltray.exe O4 - Global Startup: UPS APC Status.lnk =? O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe O4 - Global Startup: TabUserW.exe.lnk = C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe O9 - Extra button: SBC Yahoo! Paslaugos - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) -- Ø20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll O21 - SSODL: MSSQL - (A6B63875-F4DA-4705-B945-16F8C1FA3FBF) - C: \ WINDOWS \ mssql.dll O21 - SSODL: syscore - (AF05D607-D0B5-4A61-8B71-A13F8997495B) - C: \ WINDOWS \ syscore.dll O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll O23 - Service: Adobe Aktyvus File Monitor (AdobeActiveFileMonitor) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe O23 - Service: UPS APC Service - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: BrSplService (Brolis SPL XP Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: CIFPLogAggregator - Unknown owner - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE O23 - Service: CyclopeInternetFilter - Unknown owner - C: \ Program Files \ CIFPFiltering \ FilterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcshield.exe O23 - Service: McAfee.com VirusScan Online Realtime Variklis (MCVSRte) - Networks Associates Technology, Inc - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe O23 - Service: TabletService - Wacom Technology, Corp - C: \ WINDOWS \ system32 \ Tablet.exe O23 - Service: WAN miniprievado (ATW) Paslaugos (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe |
|
#7
Rugsėjis 30, 2007, 08:35
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Džiaugiamės, kas yra geriau. Bet vis dar yra kai nasties spręsti.
Ištrinti iš Combofix turite ir atsisiųsti naują kopiją. Combofix atnaujinimai nuolat todėl visada gerai gauti naują kopiją. 1. Parsisiųsti failą combofix.exe 2. Dukart spustelėkite combofix.exe ir vykdykite ekrane pateikiamas instrukcijas. 3. Kai bus baigta, ji pateikia žurnalas Jums. Skelbti kad Prisijungti kitą atsakymą. Pastaba Don't mouseclick combofix lango, o tai veikia. Tai gali sukelti ją gardas. Į Sekantis pridėkite kaip priedą. Galite pridėti daugiau nei vieną priedą, tiesiog pakartokite veiksmus: Combofix Prisijungti Fresh HJT Prisijungti
__________________
|
|
#8
Rugsėjis 30, 2007, 09:03
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Sveiki, aš bandžiau paspaudę ant combofix.exe nuorodą, bet tai, kas atėjo
404 Not Found Prašomas URL '/ subs / combofix.exe "nerasta šiame serveryje. |
|
#9
Rugsėjis 30, 2007, 09:12
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
__________________
|
|
#10
Rugsėjis 30, 2007, 12:50
|
|||
|
|||
|
Zlob, Smitfraud, iššokančių langų, raudonas ekrano pakeitimai
Sveiki, taip, kad ryšys veikia, ačiū ... raudona tapetai grįžo: (ir taip pat padarė piktogramos ir pop ups .. šiaip čia yra combofix ir HJT žurnalas.
Logfile of HijackThis v1.99.1 Skaitymo išsaugotas 3:37:03 dėl 9/30/2007 Platforma: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Veikia procesus: C: \ WINDOWS \ System32 \ smss.exe C: \ WINDOWS \ system32 \ winlogon.exe C: \ WINDOWS \ system32 \ services.exe C: \ WINDOWS \ system32 \ lsass.exe C: \ WINDOWS \ system32 \ Ati2evxx.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Spoolsv.exe C: \ WINDOWS \ system32 \ brss01a.exe C: \ WINDOWS \ explorer.exe C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe C: \ WINDOWS \ system32 \ CTsvcCDA.EXE C: \ Program Files \ CIFPFiltering \ FilterService.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe C: \ WINDOWS \ System32 \ svchost.exe C: \ WINDOWS \ system32 \ Tablet.exe C: \ WINDOWS \ wanmpsvc.exe C: \ WINDOWS \ system32 \ MsPMSPSv.exe C: \ WINDOWS \ system32 \ wscntfy.exe C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe C: \ Program Files \ Creative \ Sound Blaster Live! 24-bit \ Surround Mixer \ CTSysVol.exe C: \ WINDOWS \ system32 \ rundll32.exe C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe C: \ Program Files \ Yahoo! \ Yahoo! Music Engine \ ymetray.exe C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATIA JA.EXE C: \ Program Files \ QuickTime \ QTTask.exe C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ycommon.exe C: \ Program Files \ iTunes \ iTunesHelper.exe C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe C: \ Program Files \ APC \ APC PowerChute Personal Edition \ apcsystray.exe C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ymsgr_tray.exe C: \ WINDOWS \ system32 \ wuauclt.exe C: \ Program Files \ iPod \ bin \ iPodService.exe C: \ Program Files \ HijackThis \ Analyze.exe R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Page_URL = http://yahoo.sbc.com/dsl R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Default_Search_URL = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Bar = http://red.clientapps.yahoo.com/cust...search/ie.html R1 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Search Page = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R0 - HKLM \ Software \ Microsoft \ Internet Explorer \ Main, Start Page = http://yahoo.sbc.com/dsl R1 - HKCU \ Software \ Microsoft \ Internet Explorer \ SearchURL, (Default) = http://red.clientapps.yahoo.com/cust.../www.yahoo.com R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Nustatymai, ProxyServer = 127.0.0.1:8080 R1 - HKCU \ Software \ Microsoft \ Windows \ CurrentVersion \ Žiniasklaida ernet Parametrai ProxyOverride = vietos N3 - Netscape 7: user_pref ( "browser.startup.homepage", "http://home.netscape.com/bookmark/7_2/home.html"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) N3 - Netscape 7: user_pref ( "browser.search.defaultengine", "Variklis: / / C% 3A% 5CPROGRA% 7E1% 5CNETSCAPE% 5CNETSCAPE% 5Csearchpl ugins% 5CSBWeb_01.src"); (C: \ Documents and Settings \ Tatjana Blazevic \ Application Data \ Mozilla \ Profiles \ default \ mhiwv3o3.slt \ prefs.js) O2 - BHO: AcroIEHlprObj Class - (06849E9F-C8D7-4D59-B87D-784B7D6BE0B3) - C: \ Program Files \ Adobe \ Acrobat 6.0 \ Reader \ ActiveX \ AcroIEHelper.dll O2 - BHO: MSVPS sistema - (0D5227BF-0C5B-4EA8-833C-FE09F1496F39) - C: \ WINDOWS \ div32.dll O2 - BHO: Spybot-S & D IE Protection - (53707962-6F74-2D53-2644-206D7942484F) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O2 - BHO: (no name) - (549B5CA7-4A86-11D7-A4DF-000874180BB3) - (no file) O2 - BHO: UberButton Class - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O2 - BHO: DriveLetterAccess - (5CA3D70E-1895-11CF-8E15-001234567890) - C: \ WINDOWS \ system32 \ dla \ tfswshx.dll O2 - BHO: YahooTaggedBM Class - (65D886A2-7CA7-479B-BB95-14D1EFB7946A) - C: \ Program Files \ Yahoo! \ Common \ YIeTagBm.dll O2 - BHO: SidebarAutoLaunch Class - (F2AA9440-6328-4933-B7C9-A6CCDF9CBF6D) - C: \ Program Files \ Yahoo! \ Browser \ YSidebarIEBHO.dll O2 - BHO: (no name) - (FDD3B846-8D59-4ffb-8758-209B6AD74ACC) - (no file) O3 - Toolbar: McAfee VirusScan - (BA52B914-B692-46c4-B683-905236F6F655) - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsshl.dll O4 - HKLM \ .. \ Run: [IAAnotif] "C: \ Program Files \ Intel \ Intel Application Accelerator \ iaanotif.exe" O4 - HKLM \ .. \ Run: [ATIPTA] "C: \ Program Files \ ATI Technologies \ ATI Control Panel \ atiptaxx.exe" O4 - HKLM \ .. \ Run: [IntelMeM] "C: \ Program Files \ Intel \ Modem Įvykio Monitor \ IntelMEM.exe" O4 - HKLM \ .. \ Run: [CTSysVol] "C: \ Program Files \ Creative \ Sound Blaster Live 24-bit \ Surround Mixer \ CTSysVol.exe" / R O4 - HKLM \ .. \ Run: [P17Helper] Rundll32 P17.dll, P17Helper O4 - HKLM \ .. \ Run: [UpdReg] C: \ WINDOWS \ UpdReg.EXE O4 - HKLM \ .. \ Run: [PCMService] "C: \ Program Files \ dell \ Žiniasklaida Patirtis \ PCMService.exe" O4 - HKLM \ .. \ Run: [DVDLauncher] "C: \ Program Files \ CyberLink \ PowerDVD \ DVDLauncher.exe" O4 - HKLM \ .. \ Run: [UpdateManager] "C: \ Program Files \ Common Files \ Sonic \ Update Manager \ sgtray.exe" / R O4 - HKLM \ .. \ Run: [dla] C: \ WINDOWS \ system32 \ dla \ tfswctrl.exe O4 - HKLM \ .. \ Run: [YBrowser] C: \ PROGRA ~ 1 \ Yahoo! \ Browser \ ybrwicon.exe O4 - HKLM \ .. \ Run: [BJCFD] "C: \ Program Files \ BroadJump \ Client fondas \ CFD.exe" O4 - HKLM \ .. \ Run: [VSOCheckTask] "C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcmnhdlr.exe" / checktask O4 - HKLM \ .. \ Run: [Adobe Photo Downloader] "C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ apdproxy.exe" O4 - HKLM \ .. \ Run: [ymetray] "C: \ Program Files \ Yahoo! \ Yahoo Music Engine \ ymetray.exe" O4 - HKLM \ .. \ Run: [Epson Stylus Photo R340 Series] "C: \ WINDOWS \ System32 \ spool \ drivers \ W32x86 \ 3 \ E_FATI AJA.EXE" / P30 "Epson Stylus Photo R340 serija" / O6 "USB002 "/ M" Stylus Photo R340 " O4 - HKLM \ .. \ Run: [QuickTime Task] "C: \ Program Files \ QuickTime \ QTTask.exe"-atboottime O4 - HKLM \ .. \ Run: [iTunesHelper] "C: \ Program Files \ iTunes \ iTunesHelper.exe" O4 - HKCU \ .. \ Run: [Yahoo! Pager] "C: \ PROGRA ~ 1 \ Yahoo! \ Messen ~ 1 \ ypager.exe"-tyliai O4 - HKCU \ .. \ Run: [SpybotSD TeaTimer] C: \ Program Files \ Spybot - Search & Destroy \ TeaTimer.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C: \ Program Files \ Common Files \ Adobe \ Calibration \ Adobe Gamma Loader.exe O4 - Global Startup: America Online "9,0 dėklas Icon.lnk = C: \ Program Files \ America Online 9.0 \ aoltray.exe O4 - Global Startup: UPS APC Status.lnk =? O4 - Global Startup: ColorVisionStartup.lnk = C: \ Program Files \ PANTONE COLORVISION \ Startup \ ColorVisionStartup.exe O4 - Global Startup: TabUserW.exe.lnk = C: \ WINDOWS \ SYSTEM32 \ WTablet \ TabUserW.exe O9 - Extra button: SBC Yahoo! Paslaugos - (5BAB4B5B-68BC-4B02-94D6-2FC0DE4A7897) - C: \ Program Files \ Yahoo! \ Common \ yiesrvc.dll O9 - Extra button: (no name) - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra 'Tools' MENUITEM: Spybot - Search & Destroy Configuration - (DFB852A3-47F8-48C4-A200-58CAB36FD2A2) - C: \ PROGRA ~ 1 \ Spybot ~ 1 \ SDHelper.dll O9 - Extra button: Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O9 - Extra 'Tools' MENUITEM: Windows Messenger - (FB5F1910-F110-11D2-BB9E-00C04F795683) - C: \ Program Files \ Messenger \ msmsgs.exe O16 - DPF: (9A9307A0-7DA4-4DAF-B042-5009F29E09E1) (ActiveScan Installer Class) -- http://acs.pandasoftware.com/actives...ree/asinst.cab O16 - DPF: (DBA230D1-8467-4e69-987E-5FAE815A3B45) -- Ø20 - Winlogon Notify: WgaLogon - C: \ WINDOWS \ SYSTEM32 \ WgaLogon.dll O21 - SSODL: MSSQL - (A6B63875-F4DA-4705-B945-16F8C1FA3FBF) - C: \ WINDOWS \ mssql.dll O21 - SSODL: syscore - (AF05D607-D0B5-4A61-8B71-A13F8997495B) - C: \ WINDOWS \ syscore.dll O21 - SSODL: msmhost - (70D6A632-39E2-4089-9E67-552ADB6B182D) - C: \ WINDOWS \ msmhost.dll (file missing) O21 - SSODL: msmdev - (074897B2-6CAF-45A4-905A-C5A5FC626767) - C: \ WINDOWS \ msmdev.dll (file missing) O23 - Service: Adobe Aktyvus File Monitor (AdobeActiveFileMonitor) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 3.0 \ PhotoshopElementsFileAgent.exe O23 - Service: Adobe Active File Monitor V4 (AdobeActiveFileMonitor4.0) - Unknown owner - C: \ Program Files \ Adobe \ Photoshop Elements 4.0 \ PhotoshopElementsFileAgent.exe O23 - Service: AOL Connectivity Service (AOL ACS) - America Online, Inc - C: \ PROGRA ~ 1 \ COMMON ~ 1 \ AOL \ ACS \ acsd.exe O23 - Service: UPS APC Service - American Power Conversion Corporation - C: \ Program Files \ APC \ APC PowerChute Personal Edition \ mainserv.exe O23 - Service: Apple Mobile Device - Apple, Inc - C: \ Program Files \ Common Files \ Apple \ Mobile Device Support \ bin \ AppleMobileDeviceService.exe O23 - Service: ATI HotKey Rinkėjas - Unknown owner - C: \ WINDOWS \ system32 \ Ati2evxx.exe O23 - Service: BrSplService (Brolis SPL XP Service) - Brother Industries Ltd - C: \ WINDOWS \ system32 \ brsvc01a.exe O23 - Service: CIFPLogAggregator - Unknown owner - C: \ Program Files \ CIFPFiltering \ CIFPLogAggregator.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C: \ WINDOWS \ system32 \ CTsvcCDA.EXE O23 - Service: CyclopeInternetFilter - Unknown owner - C: \ Program Files \ CIFPFiltering \ FilterService.exe O23 - Service: IAA Event Monitor (IAANTMon) - Intel Corporation - C: \ Program Files \ Intel \ Intel Application Accelerator \ iaantmon.exe O23 - Service: InstallDriver lentelė Manager (IDriverT) - Macrovision Corporation - C: \ Program Files \ Common Files \ InstallShield \ Driver \ 11 \ Intel 32 \ IDriverT.exe O23 - Service: iPod Service - Apple Inc - C: \ Program Files \ iPod \ bin \ iPodService.exe O23 - Service: LightScribeService Direct Disc Labeling tarnybos (LightScribeService) - Unknown owner - C: \ Program Files \ Common Files \ LightScribe \ LSSrvc.exe O23 - Service: McAfee.com McShield (McShield) - Unknown owner - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcshield.exe O23 - Service: McAfee.com VirusScan Online Realtime Variklis (MCVSRte) - Networks Associates Technology, Inc - C: \ PROGRA ~ 1 \ mcafee.com \ VSO \ mcvsrte.exe O23 - Service: TabletService - Wacom Technology, Corp - C: \ WINDOWS \ system32 \ Tablet.exe O23 - Service: WAN miniprievado (ATW) Paslaugos (WANMiniportService) - America Online, Inc - C: \ WINDOWS \ wanmpsvc.exe PS Aš bandžiau prijungti HJT žurnale, bet tai ne prideda, sorry! |
