Microsoft Security Adviser

Odnośniki

• Microsoft Access baza danych
• Microsoft Combat Flight Simulator 2
• Microsoft Combat Flight Simulator 2 download
• Microsoft Combat Flight Simulator II
• Microsoft Common Dialog Control 6.0
• Microsoft Exchange Server 2003
• Microsoft Flight Simulator X accereration
• Microsoft Flight Simulator X Spolszczenie
• Microsoft Internet Information Server
• Microsoft Jet 4.0 Service Pack
• zanotowane.pl
• doc.pisz.pl
• pdf.pisz.pl
• motyleczeq.pev.pl

Oglądasz wypowiedzi znalezione dla frazy: Microsoft Security Adviser

---

Temat: sprawdzenie loga z hijackthis- prosze o pomoc
sprawdzenie loga z hijackthis- prosze o pomoc
Logfile of HijackThis v1.99.1
Scan saved at 17:19:55, on 2007-07-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesVideo ActiveX Accessiesmn.exe
C:Program FilesVideo ActiveX Accessimsmain.exe
C:WINDOWSsystem32kernels88.exe
C:Program FilesMicrosoft Security Advisermssadv.exe
C:Program FilesMicrosoft Security Advisermsctrl.exe
C:Program FilesMicrosoft Security Advisermsavsc.exe
C:Program FilesMicrosoft Security Advisermsscan.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesMicrosoft Security Advisermsiemon.exe
C:Program FilesMicrosoft Security Advisermsfw.exe
C:DOCUME~1UserUSTAWI~1Temp mp2.tmp.exe
C:DOCUME~1UserUSTAWI~1Temp mp1.tmp.exe
C:Windowsxpupdate.exe
C:Program FilesVideo ActiveX Accessimsmn.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesVideo ActiveX Accessiesmin.exe
C:Program FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32dlh9jkd1q6.exe
C:WINDOWSsystem32dlh9jkd1q7.exe
C:Program FilesGadu-Gadugg.exe
C:Documents and SettingsUserPulpithijackthishijackthis.exe

O2 - BHO: (no name) - {184746EC-9E9D-4C7D-B9E7-9039EBD801A9} - C:Program
FilesVideo ActiveX Accessiesplg.dll
O2 - BHO: (no name) - {1F6581D5-AA53-4b73-A6F9-41420C6B61F1} -
C:WINDOWSsystem32 mp9.tmp.dll
O2 - BHO: (no name) - {81f62d93-1275-453f-bdf3-bf1735279402} -
C:WINDOWSsystem32ieakcnv.dll
O3 - Toolbar: Protection Bar - {29C5A3B6-9A8D-4FA0-B5AD-3E20F4AA5C00} -
C:Program FilesVideo ActiveX Accessiesbpl.dll
O4 - HKLM..Run: [Lexmark_X79-55] C:WINDOWSsystem32lsasss.exe
O4 - HKLM..Run: [System] C:WINDOWSsystem32kernels88.exe
O4 - HKLM..Run: [SpyLocked 4.3] "C:Program FilesSpyLocked 4.3SpyLocked
4.3.exe" /h
O4 - HKLM..Run: [Microsoft security adviser] C:Program FilesMicrosoft
Security Advisermssadv.exe
O4 - HKLM..Run: [msctrl.exe] C:Program FilesMicrosoft Security
Advisermsctrl.exe
O4 - HKLM..Run: [msavsc.exe] C:Program FilesMicrosoft Security
Advisermsavsc.exe
O4 - HKLM..Run: [msscan.exe] C:Program FilesMicrosoft Security
Advisermsscan.exe
O4 - HKLM..Run: [msiemon.exe] C:Program FilesMicrosoft Security
Advisermsiemon.exe
O4 - HKLM..Run: [msfw.exe] C:Program FilesMicrosoft Security
Advisermsfw.exe
O4 - HKLM..Run: [winehq.org] rundll32.exe "C:WINDOWSiiheda.dll",realset
O4 - HKLM..RunServices: [SystemTools] C:WINDOWSsystem32kernels88.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [SysRestore] "C:DOCUME~1UserUSTAWI~1Temp mp1.tmp.exe"
O4 - HKCU..Run: [Windows update loader] C:Windowsxpupdate.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Microsoft security adviser] C:Program FilesMicrosoft
Security Advisermssadv.exe
O4 - HKCU..Run: [msctrl.exe] C:Program FilesMicrosoft Security
Advisermsctrl.exe
O4 - HKCU..Run: [msavsc.exe] C:Program FilesMicrosoft Security
Advisermsavsc.exe
O4 - HKCU..Run: [msscan.exe] C:Program FilesMicrosoft Security
Advisermsscan.exe
O4 - HKCU..Run: [msiemon.exe] C:Program FilesMicrosoft Security
Advisermsiemon.exe
O4 - HKCU..Run: [msfw.exe] C:Program FilesMicrosoft Security
Advisermsfw.exe
O20 - AppInit_DLLs:
O20 - Winlogon Notify: ieakcnv - C:WINDOWSSYSTEM32ieakcnv.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: DomainService - - C:DOCUME~1UserUSTAWI~1Temp mp2.tmp.exe

Przeczytaj wszystkie posty z tego wątku

---

Temat: sprawdzenie loga z hijackthis- prosze o pomoc
Na poczatek kasacja uslug:
Start->Uruchom->cmd
wpisz tam:
sc stop LEGACY_DOMAINSERVICE
sc delete LEGACY_DOMAINSERVICE
sc stop DomainService
sc delete DomainService

Wklej do notatnika to:

File::
C:WINDOWSsystem32qwerty12.exe
C: mp2.tmp.exe
C:WINDOWSantyvirk.exe
C:WINDOWSmssadv.dll
C:WINDOWSmsscan.dll
C:WINDOWSmsiemon.dll
C:WINDOWSmsfw.dll
C:WINDOWSmsctrl.dll
C:WINDOWSmsavsc.dll
C: mp1.tmp.exe
C:WINDOWSsystem32ieakcnv.dll

Folder::
C:Program FilesMicrosoft Security Adviser

Registry::
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"Microsoft security adviser"=-
"msctrl.exe"=-
"msavsc.exe"=-
"msscan.exe"=-
"msiemon.exe"=-
"msfw.exe"=-
"mssadv.exe"=-

[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"Microsoft security adviser"=-
"msctrl.exe"=-
"msavsc.exe"=-
"msscan.exe"=-
"msiemon.exe"=-
"msfw.exe"=-
"mssadv.exe"=-

[HKEY_CURRENT_USERsoftwaremicrosoftwindowscurrentversionpoliciessystem]
"DisableTaskMgr"=-

Zapisz plik w katalogu z combofix pod nazwa ComboFix-Do (ComboFix-Do.txt), nastepnie przeciagnij ten plik na ikonke combofix.exe tak jak to masz pokazane np. tutaj: cybertrash.pl/images/tata/Combo-Do.gif

W hjt usun:
O2 - BHO: (no name) - {81f62d93-1275-453f-bdf3-bf1735279402} - C:WINDOWSsystem32ieakcnv.dll
O4 - HKLM..Run: [Microsoft security adviser] C:Program FilesMicrosoft Security Advisermssadv.exe
O4 - HKLM..Run: [msctrl.exe] C:Program FilesMicrosoft Security Advisermsctrl.exe
O4 - HKLM..Run: [msavsc.exe] C:Program FilesMicrosoft Security Advisermsavsc.exe
O4 - HKLM..Run: [msscan.exe] C:Program FilesMicrosoft Security Advisermsscan.exe
O4 - HKLM..Run: [msiemon.exe] C:Program FilesMicrosoft Security Advisermsiemon.exe
O4 - HKCU..Run: [Microsoft security adviser] C:Program FilesMicrosoft Security Advisermssadv.exe
O4 - HKCU..Run: [msctrl.exe] C:Program FilesMicrosoft Security Advisermsctrl.exe
O4 - HKCU..Run: [msavsc.exe] C:Program FilesMicrosoft Security Advisermsavsc.exe
O4 - HKCU..Run: [msscan.exe] C:Program FilesMicrosoft Security Advisermsscan.exe
O4 - HKCU..Run: [msiemon.exe] C:Program FilesMicrosoft Security Advisermsiemon.exe
O4 - HKCU..Run: [msfw.exe] C:Program FilesMicrosoft Security Advisermsfw.exe
O20 - AppInit_DLLs:
O20 - Winlogon Notify: ieakcnv - C:WINDOWSSYSTEM32ieakcnv.dll
(jak czegos nie bedzie to nie kasujesz).

Nastepnie daj linka do nowego log'a z hijackthis (koniecznie z nowej wersji 2.0.2) + nowy log z combofix. Odinstaluj Avast i zainstaluj AntiVir PE.
Nie zaszkodzi tez zrobic skan przy pomocy: download.ewido.net/ewido_micro.exe Przeczytaj wszystkie posty z tego wątku

---

Temat: sprawdzenie loga z hijackthis- prosze o pomoc
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:57, on 2007-07-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesMicrosoft Security Advisermssadv.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesSUPERAntiSpywareSUPERAntiSpyware.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSsystem32wuauclt.exe
C:Program Filesinternet exploreriexplore.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.wp.pl/
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank
O4 - HKLM..Run: [Microsoft security adviser] C:Program FilesMicrosoft
Security Advisermssadv.exe
O4 - HKLM..Run: [msctrl.exe] C:Program FilesMicrosoft Security
Advisermsctrl.exe
O4 - HKLM..Run: [msavsc.exe] C:Program FilesMicrosoft Security
Advisermsavsc.exe
O4 - HKLM..Run: [msscan.exe] C:Program FilesMicrosoft Security
Advisermsscan.exe
O4 - HKLM..Run: [msiemon.exe] C:Program FilesMicrosoft Security
Advisermsiemon.exe
O4 - HKLM..Run: [msfw.exe] C:Program FilesMicrosoft Security
Advisermsfw.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Microsoft security adviser] C:Program FilesMicrosoft
Security Advisermssadv.exe
O4 - HKCU..Run: [SUPERAntiSpyware] C:Program
FilesSUPERAntiSpywareSUPERAntiSpyware.exe
O4 - HKCU..Run: [msctrl.exe] C:Program FilesMicrosoft Security
Advisermsctrl.exe
O4 - HKCU..Run: [msavsc.exe] C:Program FilesMicrosoft Security
Advisermsavsc.exe
O4 - HKCU..Run: [msscan.exe] C:Program FilesMicrosoft Security
Advisermsscan.exe
O4 - HKCU..Run: [msiemon.exe] C:Program FilesMicrosoft Security
Advisermsiemon.exe
O4 - HKCU..Run: [msfw.exe] C:Program FilesMicrosoft Security
Advisermsfw.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
(User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
(User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE
(User 'Default user')
O20 - AppInit_DLLs:
O20 - Winlogon Notify: !SASWinLogon - C:Program
FilesSUPERAntiSpywareSASWINLO.dll

Przeczytaj wszystkie posty z tego wątku

zanotowane.pl

doc.pisz.pl

pdf.pisz.pl

erfly06132.opx.pl