ghost_ Публикувано Октомври 26, 2010 Report Share Публикувано Октомври 26, 2010 Здравейте, ако може да проверите и този лог имам съмнения, че понякога стрелката на мишката се появява на друго място, ако е долу тя ту се появява от горната страна или кадето и да е.Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 6:50:29 PM, on 10/26/2010 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Alwil Software\Avast5\AvastSvc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\D-Tools\daemon.exe C:\PROGRA~1\AVG\AVGLS9\avgtray.exe C:\Program Files\Alwil Software\Avast5\avastUI.exe C:\Program Files\uTorrent\uTorrent.exe C:\Program Files\Lightscreen\lightscreen.exe C:\Program Files\RocketDock\RocketDock.exe C:\WINDOWS\system32\ctfmon.exe C:\Documents and Settings\ico\My Documents\TrueTransparency\TrueTransparency.exe C:\Program Files\AVG\AVGLS9\avgwdsvc.exe C:\Program Files\Styler\Styler.exe C:\Program Files\LogMeIn Hamachi\hamachi-2.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\AVG\AVGLS9\avgnsx.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\post\Trend Micro\HiJackThis\HiJackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.flashget.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = F2 - REG:system.ini: UserInit=c:\windows\system32\userinit.exe O2 - BHO: SuggestMeYesBHO - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS9\avgssie.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O3 - Toolbar: StylerToolBar - {D2F8F919-690B-4EA2-9FA7-A203D1E04F75} - C:\Program Files\Styler\TB\StylerTB.dll O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033 O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVGLS9\avgtray.exe O4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui O4 - HKCU\..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe" O4 - HKCU\..\Run: [Lightscreen] C:\Program Files\Lightscreen\lightscreen.exe -h O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe" O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [TransBar] C:\Program Files\AKSoftware\TransBar\TransBar.exe /s O4 - HKCU\..\Run: [TrueTransparency] "C:\Documents and Settings\ico\My Documents\TrueTransparency\TrueTransparency.exe" O4 - Startup: Styler.lnk = ? O4 - Startup: TrueTransparency.lnk = C:\Documents and Settings\ico\My Documents\TrueTransparency 1\TrueTransparency.exe O9 - Extra button: (no name) - AutorunsDisabled - (no file) O16 - DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - O16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E222763D-2A48-497A-B381-F8AEB5B2B611}: NameServer = 192.168.1.1 O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVGLS9\avgpp.dll O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\System32\browseui.dll O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\System32\browseui.dll O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe O23 - Service: AVG LinkScanner®9 WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVGLS9\avgwdsvc.exe O23 - Service: LogMeIn Hamachi 2.0 Tunneling Engine (Hamachi2Svc) - LogMeIn Inc. - C:\Program Files\LogMeIn Hamachi\hamachi-2.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O24 - Desktop Component 0: (no name) - (no file) Благодаря предварително! Цитирай Link to comment Сподели другаде More sharing options...
panevdd Публикувано Октомври 26, 2010 Report Share Публикувано Октомври 26, 2010 Не видях да има опасни неща в log-а.Явно ползваш продукти на AVG и Avast!; избери си едно от двете и ползвай само него.Видях, че ползваш AutocompletePro; възможно е това приложение да предизвиква конфликт с RocketDock, Styler, TransBar, Lightscreen или TrueTransparency. Цитирай Link to comment Сподели другаде More sharing options...
ghost_ Публикувано Октомври 26, 2010 Report Share Публикувано Октомври 26, 2010 Ползвам AVG LinkScanner и Avast free 5.0.677Не помня да съм инсталирал това приложение - за какво служи и трябва ли да го изтрия. Цитирай Link to comment Сподели другаде More sharing options...
vesodimov Публикувано Ноември 22, 2010 Report Share Публикувано Ноември 22, 2010 Бихте ли погледнали и тук :Logfile of Trend Micro HijackThis v2.0.4Scan saved at 22:27:09, on 22.11.2010Platform: Windows XP SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v7.00 (7.00.6000.16981)Boot mode: Normal Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\Ati2evxx.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\Ati2evxx.exeC:\Program Files\Alwil Software\Avast5\AvastSvc.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\TeamViewer\Version5\TeamViewer_Service.exeC:\Program Files\TeamViewer\Version5\TeamViewer.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\SOUNDMAN.EXEC:\WINDOWS\Samsung\PanelMgr\SSMMgr.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\Home Series\Home Ftp Server\HomeFtpServer.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\MOM.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\FixCamera.exeC:\WINDOWS\tsnp2std.exeC:\WINDOWS\vsnp2std.exeC:\Program Files\Alwil Software\Avast5\avastUI.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exeC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeC:\Program Files\Siemens\Card API\bin\siecacst.exeE:\wamp\wampmanager.exeC:\Program Files\PC Connectivity Solution\ServiceLayer.exeC:\Program Files\ATI Technologies\ATI.ACE\Core-Static\ccc.exee:\wamp\bin\apache\apache2.2.11\bin\httpd.exeC:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclRSSrv.exeC:\Program Files\PC Connectivity Solution\Transports\NclMSBTSrv.exee:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exeE:\wamp\bin\apache\apache2.2.11\bin\httpd.exeC:\Downloads\tutifruti.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blankR1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: Ipswitch.WsftpBrowserHelper - {601ED020-FB6C-11D3-87D8-0050DA59922B} - C:\Program Files\Ipswitch\WS_FTP Pro\wsbho2k0.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO4 - HKLM\..\Run: [soundMan] SOUNDMAN.EXEO4 - HKLM\..\Run: [samsung PanelMgr] C:\WINDOWS\Samsung\PanelMgr\SSMMgr.exe /autorunO4 - HKLM\..\Run: [startCCC] "C:\Program Files\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRunO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\ISUSPM.exe" -startupO4 - HKLM\..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -startO4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottimeO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [HomeFtpServer] C:\Program Files\Home Series\Home Ftp Server\HomeFtpServer.exeO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [FixCamera] C:\WINDOWS\FixCamera.exeO4 - HKLM\..\Run: [tsnp2std] C:\WINDOWS\tsnp2std.exeO4 - HKLM\..\Run: [snp2std] C:\WINDOWS\vsnp2std.exeO4 - HKLM\..\Run: [avast5] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /noguiO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [PC Suite Tray] "C:\Program Files\Nokia\Nokia PC Suite 7\PCSuite.exe" -onlytrayO4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exeO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-19\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'LOCAL SERVICE')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-20\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'NETWORK SERVICE')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\S-1-5-18\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - HKUS\.DEFAULT\..\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,,4,N (User 'Default user')O4 - Global Startup: HiPath SIcurity Card API.lnk = ?O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXEO4 - Global Startup: start WampServer.lnk = E:\wamp\wampmanager.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000O8 - Extra context menu item: SmarThru4 Capture Selection - C:\Program Files\SmarThru 4\WebCapture.dll2.htmO8 - Extra context menu item: SmarThru4 Save as HTML - C:\Program Files\SmarThru 4\WebCapture.dll1.htmO8 - Extra context menu item: SmarThru4 Save Selected Text - C:\Program Files\SmarThru 4\WebCapture.dll.htmO8 - Extra context menu item: SmarThru4 Web Capture - C:\Program Files\SmarThru 4\WebCapture.dllO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra button: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra 'Tools' menuitem: SmarThru4 Web Capture - {5941A0E4-56C1-4a49-9B18-05762CAC5F9B} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra button: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra 'Tools' menuitem: SmarThru4 Capture Selection - {A07BFEF7-DD11-4937-B23B-E70C11D2EDF4} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra button: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra 'Tools' menuitem: SmarThru4 Save as HTML - {E753A93F-2367-4978-BFA0-83048C1E61CB} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra button: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O9 - Extra 'Tools' menuitem: SmarThru4 Save Selected Text - {F1F53366-3E11-47ab-BF84-580C94F9C9AD} - C:\Program Files\SmarThru 4\WebCapture.dll (HKCU)O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://www.dskdirect.bg/com/capicom.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cabO20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exeO23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exeO23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: avast! Mail Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: avast! Web Scanner - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exeO23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exeO23 - Service: TeamViewer 5 (TeamViewer5) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version5\TeamViewer_Service.exeO23 - Service: wampapache - Apache Software Foundation - e:\wamp\bin\apache\apache2.2.11\bin\httpd.exeO23 - Service: wampmysqld - Unknown owner - e:\wamp\bin\mysql\mysql5.1.36\bin\mysqld.exe --End of file - 10040 bytes Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Ноември 22, 2010 Report Share Публикувано Ноември 22, 2010 Като изключим старата версия на Internet Explorer не виждам други нередности. Цитирай Link to comment Сподели другаде More sharing options...
kemo69 Публикувано Декември 24, 2010 Report Share Публикувано Декември 24, 2010 Здравейте.Проблема ми е с флаш паметта.Когато я вкарам в служебния компютър на работа ми изкарва постоянно вирус,а когато се прибера вкъщи на компа нищо не ми изкарва,не мога да си го обясня дали проблема е от флашката или компютъра.Форматирал съм я сигурно 20 пъти обаче гадния вирус си седи там.Антивирусната която е инсталирана на компютъра във вкъщи и на работа е един и същ Avast.Вируса който излизаше първоначално беше във файла Autorun.inf и след това и в F:\RECYCLER\S-5-3-42-2819952290-8240758988-879315005-3665\jwgkvsq.vmx\[uPX].Влизал съм на много места да чета за проблема и съм инсталирал всякакви програми за чистене на вирус от флаш паметта и проблема не ми са оправи.Казаха ми да напиша тука този лог файл: Logfile of Trend Micro HijackThis v2.0.4Scan saved at 15:20:25, on 24.12.2010 г.Platform: Windows XP SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: Normal Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Google\Update\GoogleUpdate.exeC:\WINDOWS\eHome\ehRecvr.exeC:\WINDOWS\eHome\ehSched.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Torrents_Download\Torrents Download\SubsSearchService.exeC:\WINDOWS\system32\CAPRPCSK.EXEC:\Program Files\Torrents_Download\Torrents Download\SubsSearch.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\WINDOWS\system32\dllhost.exeC:\WINDOWS\system32\igfxtray.exeC:\WINDOWS\system32\hkcmd.exeC:\WINDOWS\system32\igfxpers.exeC:\WINDOWS\ehome\ehtray.exeC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\Program Files\Winamp\winampa.exeC:\WINDOWS\system32\rundll32.exeC:\WINDOWS\RTHDCPL.EXEC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\Program Files\DAEMON Tools Lite\DTLite.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\Datecs\Flex2K.exeC:\WINDOWS\system32\igfxsrvc.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXEC:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXEC:\WINDOWS\eHome\ehmsas.exeC:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXEC:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXEC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\1.2.183.39\GoogleCrashHandler.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Program Files\BitTorrent\bittorrent.exeC:\WINDOWS\System32\svchost.exeC:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Chrome\Application\chrome.exeC:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXEC:\WINDOWS\system32\msiexec.exeC:\Program Files\Trend Micro\HiJackThis\proba1.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet ExplorerO1 - Hosts: 66.98.148.65 auto.search.msn.comO1 - Hosts: 66.98.148.65 auto.search.msn.esO2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dllO2 - BHO: ShopperReports - {100EB1FD-D03E-47fd-81F3-EE91287F9465} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dllO2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO2 - BHO: Canon Easy-WebPrint EX BHO - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dllO2 - BHO: Live TV Bar Toolbar - {88e20c72-8089-469b-8bd9-53f2d2d65554} - C:\Program Files\torrents_download\tbtor2.dllO2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dllO3 - Toolbar: Live TV Bar Toolbar - {88e20c72-8089-469b-8bd9-53f2d2d65554} - C:\Program Files\torrents_download\tbtor2.dllO3 - Toolbar: Canon Easy-WebPrint EX - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dllO4 - HKLM\..\Run: [igfxTray] C:\WINDOWS\system32\igfxtray.exeO4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exeO4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exeO4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exeO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKLM\..\Run: [CAPON] C:\WINDOWS\system32\Spool\Drivers\w32x86\3\CAPONN.EXEO4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exeO4 - HKLM\..\Run: [Media Codec Update Service] C:\Program Files\Essentials Codec Pack\update.exe -silentO4 - HKLM\..\Run: [bluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgentO4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [skyTel] SkyTel.EXEO4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorunO4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /cO4 - HKCU\..\Run: [updateMyDrivers] C:\Program Files\SmartTweak Software\UpdateMyDrivers\UpdateMyDrivers.exe -tO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exeO4 - Global Startup: Canon LBP-800 Statusfцnster.LNK = C:\WINDOWS\system32\spool\drivers\w32x86\3\CAPPSWK.EXEO4 - Global Startup: FlexType 2K.lnk = C:\WINDOWS\Datecs\Flex2K.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O8 - Extra context menu item: Google Sidewiki... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_950DF09FAB501E03.dll/cmsidewiki.htmlO9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: ShopperReports - Compare product prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dllO9 - Extra button: ShopperReports - Compare travel rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} - C:\Program Files\ShopperReports3\bin\3.0.489.0\ShopperReports.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLLO20 - Winlogon Notify: Antiwpa - C:\WINDOWS\system32\antiwpa.dllO22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dllO22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dllO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Услуга Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exeO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: QuestDns Service - Unknown owner - C:\Documents and Settings\All Users\Application Data\QuestDns\questdns115.exeO23 - Service: SubsSearch - Unknown owner - C:\Program Files\Torrents_Download\Torrents Download\SubsSearchService.exeO24 - Desktop Component 0: (no name) - http://ladielynn.com/coloriage/barbie/bar2.gif --End of file - 8781 bytes и Ако можете да помогнете ще съм ви благодарен. Цитирай Link to comment Сподели другаде More sharing options...
TechMaster Публикувано Декември 24, 2010 Report Share Публикувано Декември 24, 2010 Виждам няколко неща, които не им е мястото във вашата система.Ще ви помоля да изпълните едно сканиране с MBAM, като преди това обновете програмата. Цитирай Link to comment Сподели другаде More sharing options...
Гост newnickname Публикувано Декември 26, 2010 Report Share Публикувано Декември 26, 2010 Моля, хвърлете един поглед на този кратък лог ...и ако има нещо...да го премахна Windows XP Pr0 SP3 2002 Running processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\WINDOWS\System32\svchost.exeC:\WINDOWS\system32\spoolsv.exeC:\WINDOWS\Explorer.EXEC:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exeC:\Program Files\Common Files\Java\Java Update\jusched.exeC:\WINDOWS\system32\ctfmon.exeC:\WINDOWS\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exeC:\Program Files\Java\jre6\bin\jqs.exeC:\WINDOWS\system32\oodag.exeC:\WINDOWS\system32\wuauclt.exeC:\Program Files\IObit\Advanced SystemCare 3\AWC.exeC:\WINDOWS\system32\wscntfy.exeO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: AcroIEHelperStub - {C920E44A-7F78-4E64-BDD7-A57026E7FEB7} - C:\Program Files\WOT\WOT.dllO2 - BHO: AcroIEHelperStub - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dllO2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dllO3 - Toolbar: WOT - {71576546-354D-41c9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dllO4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exeO4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exeO8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: ICQ7.2 - {72EFBFE4-C74F-4187-AEFD-73EA3BE968D6} - C:\Program Files\ICQ7.2\ICQ.exeO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLLO9 - Extra button: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Plug-in 1.6.0_23) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabO16 - DPF: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA} (Java Plug-in 1.6.0_23) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabO16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} (Java Plug-in 1.6.0_23) - http://java.sun.com/update/1.6.0/jinstall-1_6_0_23-windows-i586.cabO16 - DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cabO23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exeO23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe Цитирай Link to comment Сподели другаде More sharing options...
TechMaster Публикувано Декември 26, 2010 Report Share Публикувано Декември 26, 2010 Поне според лога не виждам нищо притеснително.Да не сте пропуснали обаче нещо от него? Цитирай Link to comment Сподели другаде More sharing options...
Гост newnickname Публикувано Декември 26, 2010 Report Share Публикувано Декември 26, 2010 Поне според лога не виждам нищо притеснително.Да не сте пропуснали обаче нещо от него? Да, пропуснато е нарочно. Само исках да се види този лог. Като цяло компа си работи добре, просто бави малко при зареждане.Благодаря за отделеното време! Цитирай Link to comment Сподели другаде More sharing options...
chakalov Публикувано Януари 13, 2011 Report Share Публикувано Януари 13, 2011 здравейте,някой би ли погледнал и ако е възможно да ми помогне,ако имам проблеми,че не съм много в час.Предварително благодаря Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Януари 13, 2011 Report Share Публикувано Януари 13, 2011 Някой да погледне какво? Цитирай Link to comment Сподели другаде More sharing options...
stanilabg Публикувано Август 20, 2011 Report Share Публикувано Август 20, 2011 Тъй като използвам от скоро Windows 7, не съм запознат с процесите които му принадлежат. Има ли нещо нередно в лога от HijackThis?hijackthis.txt Освен това, не мога да изтрия редовете R0 и R1. Досега винаги се е получавало. Цитирай Link to comment Сподели другаде More sharing options...
Night_Raven Публикувано Август 20, 2011 Report Share Публикувано Август 20, 2011 Всичко изглежда наред. И занапред работи с актуални версии на програмите. Нищо чудно, че имаш проблеми, след като ползваш версия на HijackThis, която не е съвместима с операционната система. А ако става въпрос за по-сериозна проверка на процеси и стартиращи се обекти, е редно да прибегнеш до Process Explorer и Autoruns. HijackThis е бита карта по всички параграфи и ползата от нея е общо взето никаква в днешно време. Цитирай Link to comment Сподели другаде More sharing options...
stanilabg Публикувано Август 20, 2011 Report Share Публикувано Август 20, 2011 И занапред работи с актуални версии на програмите. Ok. Ето и лог от Autoruns.AutoRuns.txt Цитирай Link to comment Сподели другаде More sharing options...
Препоръчан пост
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.