Akillas mIRC'e

Prosenelis · Rugsėjis 22, 2004, 12:00ryte

Akillas mIRC’e

Prosenelis · Rugsėjis 22, 2004, 12:00ryte

Nesuprantu už ką gaunu akilla mirce… lyg ir virusu ir trojanų neturiu… O lan’o kaimynai mirc’e nesilanko… Ką daryti? [19:03] -irc.data.lt- *** autokilled for [venturis] trojanas. Until Tue Oct 5 10:10:53 2004 (2004/09/21 10.10) - [19:03] Closing Link: 0.0.0.0 ([venturis] trojanas. Until Tue Oct 5 10:10:53 2004 (2004/09/21 10.10)) Praskanavau kompą su HijackThis jei tai kuo nors jums padės tai: Logfile of HijackThis v1.98.2 Scan saved at 18:31:34, on 22/09/2004 Platform: Windows XP SP1 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon .exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\ WINDOWS\system32\spoolsv.exe C:\Program Files\AVPersonal\AVGUARD.EXE C:\Program Files\AVPersonal\AVWUPSRV.EXE C:\WINDOWS\System32
vsvc32.exe C:\WIN DOWS\System32\svchost.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\Program Files\Common Files\Stardock\SDMCP.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Messenger Plus! 3\MsgPlus.exe C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe C:\WINDOWS\SOUNDMAN.EXE C:\W INDOWS\System32\system\dllhost.exe C:\Program Files\AVPersonal\AVGNT.EXE C:\WINDOWS\System32\CTFMON.EXE C:\Program Files\Messenger\msmsgs.exe C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller. exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Stardock\ObjectDock\ObjectDock.exe C:\WINDOWS\System32\wuauclt. exe C:\mIRC\mirc.exe C:\Program Files\Opera\opera.exe C:\Program Files\Palick Soft\HDD Temperature\HDDTsvc.exe C:\Program Files\Palick Soft\HDD Temperature\HDDTemperature.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE C:\Program Files\Microsoft Office\Office10\WINWORD.EXE C:\WINDOWS\msagent\AgentSvr.exe C:\hjtlo g.exe c:\hijackthis\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = sioytlyphpavyixzwgqptpa.com/InMMnXvihc7wVEXer55iu9q7L5YfzGp 3cZd0mBMfruA.html R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = wqrzwkjaghv.net/InMMnXvihc4IQ1cqLkmWsAeSDleFWMNVghArMJQbCUq Y3_1Hwei7cun727OhOgkK.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = N3 - Netscape 7: user_pref(“browser.search.defaultengine”, “engine://C%3A%5CPROGRA%7E1%5CNetscape%5CNetscape%5Csearchplugins %5CSBWeb_01.src” ; (C:\Documents and Settings\Prosenelis\Application Data\Mozilla\Profiles\default\muefngt4.slt\prefs.js) O2 - BHO: IE PopUp-Killer ; Neikeisoft - {49E0E0F0-5C30-11D4-945D-000000000003} - C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUp.dll O2 - BHO: (no name) - {58FE753A-AEAD-C777-F1E0-92A8C3E80A99} - C:\PROGRA~1\Tonsplan\viewinfo.exe (file missing) O2 - BHO: (no name) - {B7520E07-F0A8-EFC9-21F8-CE281E56419F} - C:\PROGRA~1\Tonsplan\viewinfo.exe (file missing) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - (no file) O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM..\Run: [nwiz] nwiz.exe /install O4 - HKLM..\Run: [MessengerPlus3] “C:\Program Files\Messenger Plus! 3\MsgPlus.exe” O4 - HKLM..\Run: [new online] C:\PROGRA~1\ItchShim\safe tool.exe O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe O4 - HKLM..\Run: [PinnacleDriverCheck] C:\WINDOWS\System32\PSDrvCheck.exe -CheckReg O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM..\Run: [SoundMan] SOUNDMAN.EXE O4 - HKLM..\Run: [WinMngn] C:\WINDOWS\System32\system\dllhost.exe O4 - HKLM..\Run: [AVGCtrl] “C:\Program Files\AVPersonal\AVGNT.EXE” /min O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU..\Run: [MessengerPlus3] “C:\Program Files\Messenger Plus! 3\MsgPlus.exe” /WinStart O4 - HKCU..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe -quiet O4 - HKCU..\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU..\Run: [Ashampoo PopUpBlocker] C:\PROGRA~1\Ashampoo\ASHAMP~1\PopUpKiller.exe O4 - HKCU..\Run: [msnmsgr] “C:\Program Files\MSN Messenger\msnmsgr.exe” /background O4 - HKCU..\Run: [Skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\Stardock\ObjectDock\ObjectDock.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll O9 - Extra button: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra ‘Tools’ menuitem: Yahoo! Messenger - {E5D12C4E-7B4F-11D3-B5C9-0050045C3C96} - C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - public.windupdates.com/get_file.php?bt=ie&p=64276fb9efc3565 fee97b287d3b2a64de55b67e90e1783d691843786455d914c50f6d13edd6d8d887beca ac6a09aa805fc5355c30eed521e15dd92da31dc:3c1049dbc81820f00dc048e710a786 31 O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - messenger.msn.com/download/MsnMessengerSetupDownloader.cab O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} - us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocompl ete.cab

44141414 · Rugsėjis 22, 2004, 12:00ryte

Akilla gauni uz trojama. ar tikrai tokio neturi. Jei sedi lane, reiskia kazkas is lano ji turi (naudoja kokius uzkrestus skriptus ar pan.)

_Joniukas1 · Rugsėjis 22, 2004, 12:00ryte

Man ta pati problema zmones is tinklo prilaiko trojanus o nukencia visi

FRYZEr · Rugsėjis 22, 2004, 12:00ryte

tavo.net o ten jau galesi prisijunkt.

Prosenelis · Rugsėjis 23, 2004, 12:00ryte

Na, manau tikrai kažkas iš lan’o, nes šiandien perkrovęs serverį naktį normaliai galėjau įeiti į IRC, o ryte kai buvau mokykloje ir kompas buvo išjungtas ir buvo gautas akillas. Tai ką daryti kad turėčiau atskirą IP adresą, ne bendrą kaip visi lane? Jei ką, pas mus lan’e DSL Takas A1.

Prosenelis · Rugsėjis 23, 2004, 12:00ryte

a?

Pinchiukas · Rugsėjis 23, 2004, 12:00ryte

gal telekomas ir parduos dar vieną ip bet tai tikrai xaliavai manau neduos… o šeip tai duok kaimynam i kupras