Re: Suletejo www narsymas ( Win Xp Sp2 + Mozilla FF ) [vitalis @ 2008-09-07 18:33:11]

Tema: Re: Suletejo www narsymas ( Win Xp Sp2 + Mozilla FF )
Autorius: vitalis
Data: 2008-09-07 18:33:11
Avg - atjunginejau, nieko :(


"Sapnai" <%%sapnai@aktv.lt> wrote in message 
news:ga0r8f$4br$1@trimpas.omnitel.net...
> Kaip su antivirusu? Laikinai atjunk, paziurek efekta.
>
> "vitalis" <vitaliukas83@draugas.lt> wrote in message 
> news:ga0qj0$3pq$1@trimpas.omnitel.net...
>> Taigi,
>> [b]Problema[/b]:
>> google.lt atidaro per ~10s, nekalbant jau apie "sunkesnius" puslapius. 
>> Keisciausiai, jog ijungus narsykle namu puslapi pradeda krauti greit, 
>> uzkrauna puse puslapio, sustoja ir puskuodama is leto atidarineja ilgai 
>> ilgai..Kai kuriu puslapiu is vis neuzkrauna, raso done, bet nieko nerodo. 
>> Atidarinejant viena puslapi, atidarius nauja tab'a narsykle keliom 
>> sekundem pakimba.
>> [b]Atlikti veiksmai[/b]:
>> perinstaliavau FF - nepadejo.
>> Perkrovinejau modema keliskart - nieko, torrentai siunciasi kaip ir 
>> anksciau, skype vaizdu netrukineja.
>> Bandziau kitas narsykles - nuo IE iki g.chrome - nulis pokycio.(tik IE 
>> atidare visus psl, kuriu neatidare FF )
>> C: disko defragmentacija, isvalymas nepadejo. Win katalogai atsidarineja 
>> super greit.
>> Kaitaliojau Ram'us (turiu tris: 1x1GB, 2X256 MB) - nusivylimas, bet tas 
>> pats.
>> Gal yra minciu?
>> Pridedu HijackThis loga:
>> C:\WINDOWS\System32\smss.exe
>> C:\WINDOWS\system32\winlogon.exe
>> C:\WINDOWS\system32\services.exe
>> C:\WINDOWS\system32\lsass.exe
>> C:\WINDOWS\system32\Ati2evxx.exe
>> C:\WINDOWS\system32\svchost.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\WINDOWS\system32\svchost.exe
>> C:\WINDOWS\system32\Ati2evxx.exe
>> C:\WINDOWS\Explorer.EXE
>> C:\WINDOWS\system32\spoolsv.exe
>> C:\WINDOWS\mHotkey.exe
>> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
>> C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\_avgas.exe
>> C:\Program Files\DAEMON Tools\daemon.exe
>> C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
>> C:\Program Files\Java\jre1.6.0_07\bin\jusched.exe
>> C:\WINDOWS\SOUNDMAN.EXE
>> C:\WINDOWS\system32\ctfmon.exe
>> C:\WINDOWS\System32\svchost.exe
>> C:\Program Files\Mozilla Firefox\firefox.exe
>> C:\Program Files\Internet Explorer\Iexplore.exe
>> E:\Software\Security & Privacy\hijack this\HijackThis.exe
>>
>> R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = 
>> http://www.frype.lt/
>> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = 
>> http://go.microsoft.com/fwlink/?LinkId=69157
>> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = 
>> http://go.microsoft.com/fwlink/?LinkId=54896
>> R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = 
>> http://go.microsoft.com/fwlink/?LinkId=54896
>> R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 
>> http://go.microsoft.com/fwlink/?LinkId=69157
>> R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet 
>> Settings,ProxyOverride = *.local
>> O1 - Hosts: 81.16.232.110 www.delfi.lt
>> O2 - BHO: Adobe PDF Reader Link Helper - 
>> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common 
>> Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
>> O2 - BHO: Skype add-on (mastermind) - 
>> {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program 
>> Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
>> O2 - BHO: Groove GFS Browser Helper - 
>> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - 
>> C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
>> O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - 
>> C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
>> O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no 
>> file)
>> O4 - HKLM\..\Run: [CHotkey] mHotkey.exe
>> O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG 
>> Anti-Spyware 7.5\_avgas.exe" /minimized
>> O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON 
>> Tools\daemon.exe" -lang 1033
>> O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft 
>> Office\Office12\GrooveMonitor.exe"
>> O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
>> O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program 
>> Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
>> O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program 
>> Files\Java\jre1.6.0_07\bin\jusched.exe"
>> O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
>> O4 - HKLM\..\Run: [QuickTime Task] "C:\Program 
>> Files\QuickTime\qttask.exe" -atboottime
>> O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
>> O4 - HKCU\..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver 
>> Updater Pro\DriverUpdaterPro.exe -t
>> O8 - Extra context menu item: E&xport to Microsoft Excel - 
>> res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
>> O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - 
>> C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
>> O9 - Extra 'Tools' menuitem: Sun Java Console - 
>> {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program 
>> Files\Java\jre1.6.0_07\bin\ssv.dll
>> O9 - Extra button: Send to OneNote - 
>> {2670000A-7350-4f3c-8081-5663EE0C6C49} - 
>> C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
>> O9 - Extra 'Tools' menuitem: S&end to OneNote - 
>> {2670000A-7350-4f3c-8081-5663EE0C6C49} - 
>> C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
>> O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - 
>> C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
>> O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - 
>> C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
>> O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - 
>> %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
>> O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - 
>> {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network 
>> Diagnostic\xpnetdiag.exe (file missing)
>> O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - 
>> C:\Program Files\Messenger\msmsgs.exe
>> O9 - Extra 'Tools' menuitem: Windows Messenger - 
>> {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program 
>> Files\Messenger\msmsgs.exe
>> O11 - Options group: [INTERNATIONAL] International*
>> O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Plugin 
>> Control) - 
>> http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab
>> O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation 
>> Support) - C:\Program Files\Yahoo!\Common\Yinsthelper.dll
>> O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - 
>> http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1193944319312
>> O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - 
>> C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
>> O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - 
>> C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
>> O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - 
>> C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
>> O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - 
>> C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL
>> O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
>> O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - 
>> C:\WINDOWS\system32\WPDShServiceObj.dll
>> O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - 
>> C:\WINDOWS\system32\Ati2evxx.exe
>> O23 - Service: ATI Smart - Unknown owner - 
>> C:\WINDOWS\system32\ati2sgag.exe
>> O23 - Service: AVG Anti-Spyware Guard - GRISOFT s.r.o. - C:\Program 
>> Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
>> O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity 
>> Solution\ServiceLayer.exe
>>
>>
>>
>>
>
>