deniskopn Zverejnené 24. Máj, 2009 Zdieľať Zverejnené 24. Máj, 2009 Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 12:54:51, on 24.5.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\winsys2.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Analog Devices\SoundMAX\Smax4.exe D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe D:\Program Files\Bonjour\mDNSResponder.exe D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\System32\svchost.exe D:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe D:\Program Files\Mozilla Firefox\firefox.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O4 - HKLM\..\Run: [SW20] D:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [SW24] D:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [WinSys2] D:\WINDOWS\system32\winsys2.exe O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "D:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CanonSolutionMenu] D:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKLM\..\Policies\Explorer\Run: [SystemService] D:\Program Files\Common Files\System\wab32sr.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk.disabled O4 - Global Startup: Nokia Ovi Suite.lnk.disabled O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O17 - HKLM\System\CCS\Services\Tcpip\..\{EDC4178C-D161-4ED6-9419-7B07D23C1C2B}: NameServer = 195.146.128.62 195.146.132.58 O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - D:\Program Files\Lavasoft\Ad-Aware\aawservice.exe O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Unknown owner - D:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Core LC - Unknown owner - D:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: TwonkyMedia - PacketVideo - D:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- End of file - 7023 bytes Odkaz na príspevok Zdieľať na iných stránkach Ďalšie možnosti zdieľania...
Sniper Zverejnené 26. Máj, 2009 Zdieľať Zverejnené 26. Máj, 2009 D:\WINDOWS\system32\winsys2.exe Toto je určite niečo čo by tam nemalo byť. O4 - HKLM\..\Policies\Explorer\Run: [SystemService] D:\Program Files\Common Files\System\wab32sr.exe Tiež niečo čo by bolo dobré fixnúť. Rebootni sa do safe modu, fixni tie hodnoty a súbory odstráň. Možno by pomohol lepší antivír alebo nejaký antispyware. Po reštarte by to už malo byť OK. Odkaz na príspevok Zdieľať na iných stránkach Ďalšie možnosti zdieľania...
deniskopn Zverejnené 15. Október, 2009 Autor Zdieľať Zverejnené 15. Október, 2009 Prosím o kontrolu logu vopred ďakujem... Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 22:09:58, on 15.10.2009 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\WINDOWS\system32\svchost.exe D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe D:\WINDOWS\system32\spoolsv.exe D:\WINDOWS\Explorer.EXE D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe D:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe D:\Program Files\Bonjour\mDNSResponder.exe D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe D:\WINDOWS\system32\nvsvc32.exe D:\WINDOWS\system32\PnkBstrA.exe D:\WINDOWS\system32\PnkBstrB.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Analog Devices\Core\smax4pnp.exe D:\Program Files\Analog Devices\SoundMAX\Smax4.exe D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe D:\WINDOWS\system32\ctfmon.exe D:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe D:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - D:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - D:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - D:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.0\CoIEPlg.dll O4 - HKLM\..\Run: [SW20] D:\WINDOWS\system32\sw20.exe O4 - HKLM\..\Run: [SW24] D:\WINDOWS\system32\sw24.exe O4 - HKLM\..\Run: [SoundMAXPnP] D:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [SoundMAX] "D:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [CnxDslTaskBar] "D:\Program Files\DrayTek\Vigor318 ADSL\CnxDslTb.exe" O4 - HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [RivaTunerStartupDaemon] "D:\Program Files\RivaTuner v2.06\RivaTuner.exe" /S O4 - HKLM\..\Run: [ccApp] "D:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [osCheck] "D:\Program Files\Norton Internet Security\osCheck.exe" O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [CanonSolutionMenu] D:\Program Files\Canon\SolutionMenu\CNSLMAIN.exe /logon O4 - HKLM\..\Run: [CanonMyPrinter] D:\Program Files\Canon\MyPrinter\BJMyPrt.exe /logon O4 - HKCU\..\Run: [NBJ] "D:\Program Files\Ahead\Nero BackItUp\NBJ.exe" O4 - HKCU\..\Run: [NVIDIA nTune] "D:\Program Files\NVIDIA Corporation\nTune\nTuneCmd.exe" clear O4 - HKCU\..\Run: [SpybotSD TeaTimer] D:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe O4 - HKLM\..\Policies\Explorer\Run: [SystemService] D:\Program Files\Common Files\System\wab32sr.exe O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Global Startup: Microsoft Office.lnk.disabled O4 - Global Startup: Nokia Ovi Suite.lnk.disabled O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - D:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - D:\Program Files\ICQ6.5\ICQ.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Apple Mobile Device - Apple Inc. - D:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc.exe O23 - Service: Bonjour Service - Apple Inc. - D:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\VAScanner\comHost.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe O23 - Service: iPod Service - Apple Inc. - D:\Program Files\iPod\bin\iPodService.exe O23 - Service: Convalida password di Symantec IS (ISPwdSvc) - Unknown owner - D:\Program Files\Norton Internet Security\isPwdSvc.exe (file missing) O23 - Service: LiveUpdate - Symantec Corporation - D:\Program Files\Symantec\LiveUpdate\LuComServer_3_4.EXE O23 - Service: LiveUpdate Notice - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe O23 - Service: nTune Service (nTuneService) - NVIDIA - D:\Program Files\NVIDIA Corporation\nTune\nTuneService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\system32\nvsvc32.exe O23 - Service: PnkBstrA - Unknown owner - D:\WINDOWS\system32\PnkBstrA.exe O23 - Service: PnkBstrB - Unknown owner - D:\WINDOWS\system32\PnkBstrB.exe O23 - Service: ServiceLayer - Nokia. - D:\Program Files\PC Connectivity Solution\ServiceLayer.exe O23 - Service: Symantec Core LC - Unknown owner - D:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc.exe O23 - Service: TwonkyMedia - PacketVideo - D:\Program Files\Nokia\Nokia Home Media Server\Media Server\TwonkyMedia.exe -- End of file - 7854 bytes Odkaz na príspevok Zdieľať na iných stránkach Ďalšie možnosti zdieľania...
Odporúčané príspevky
Vytvorte si účet alebo sa prihláste, aby ste mohli písať príspevky
Ak chcete odoslať príspevok, musíte byť členom
Vytvoriť konto
Zaregistrujte si nový účet v našej komunite. Je to ľahké!
Zaregistrovať si nové kontoPrihlásiť sa
Máte už konto? Prihláste sa tu.
Prihlásiť sa teraz