Oglądasz wypowiedzi znalezione dla frazy: Microsoft AntiSpyware




Temat: Prosze sprawdzcie loga?
Prosze sprawdzcie loga?
i powiedzcie co dalej robic!

Logfile of HijackThis v1.97.7
Scan saved at 21:12:20, on 2005-05-01
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESMEDIA PASSMEDIAPASS.EXE
C:WINDOWSSYSTEMGAH95ON6.EXE
C:PROGRAM FILESSFMEYHRZCTU.EXE
C:WINDOWSRUNDLL32.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WP.EXE
C:PROGRAM FILESKAZAA LITE K++KAZAALITE.KPP
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESMEDIA PASSMEDIAPASSK.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/spage.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/spage.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
www.microsoft.com/isapi/redir.dll?prd=ie&pver=5.5&ar=msnhome
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,Shellnext = iexplore
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAM
FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER.OCX
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program
FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: (no name) - {DBFDDD26-5531-4AA9-B72F-BB7F8636CE36} -
C:WINDOWSSYSTEMEOJA.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [Windows Millennium Edition Intro Video] C:WINDOWSApplic~1
Micros~1Introcontent.hta
O4 - HKLM..Run: [SelfHostUtil] C:WINDOWSselfhost.exe /L
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [PCHealth] C:WINDOWSPCHealthSupportPCHSchd.exe -s
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [Media Pass] C:Program FilesMedia PassMediaPass.exe
O4 - HKLM..Run: [gah95on6] C:WINDOWSSYSTEMgah95on6.exe
O4 - HKLM..Run: [Akrnznz] C:PROGRAM FILESSFMEYHRZCTU.EXE
O4 - HKLM..Run: [KAZAA] "C:PROGRAM FILESKAZAA LITE
K++KPP.EXE" "C:PROGRAM FILESKAZAA LITE K++KAZAALITE.KPP" /SYSTRAY
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [sp] rundll32 C:WINDOWSTEMPSE.DLL,DllInstall
O4 - HKLM..Run: [Security iGuard] C:Program FilesSecurity iGuardSecurity
iGuard.exe
O4 - HKLM..RunServices: [HiberMonitor] C:WINDOWSHCount.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [*StateMgr] C:WINDOWSSystemRestoreStateMgr.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA9.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O9 - Extra button: Microsoft AntiSpyware helper (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper (HKCU)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {3334504D-9980-0010-8000-00AA00389B71} -
download.microsoft.com/download/0/C/8/0C8EDFAB-30BC-4792-898E-2DABE27B2C4D/mp43dmo.CAB
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38469.0611226852
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-
its:mhtml:file://C:foo.mht!http://dl.ad-
ware.cc/WDrrzKQJpBxQAYEudaGb.chm::/on-line.exe
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
Przeczytaj wszystkie posty z tego wątku


Temat: proszę o pomoc !!!!!
proszę o pomoc !!!!!
proszę o pomoc:


Logfile of HijackThis v1.99.1
Scan saved at 19:58:59, on 2005-05-04
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesMKSBinNetMonSV.exe
C:PROGRA~1CompaqCOMPAQ~1hibserv.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:Program FilesMKSBinmksmonsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesMicrosoft ActiveSyncWCESCOMM.EXE
C:Program FilesMKSBinmks_scan.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:PROGRA~1WINZIPwinzip32.exe
C:Documents and Settings obasUstawienia lokalneTempHijackThis.exe
C:Program FilesAheadNero ero.exe
C:Program FilesOutlook Expressmsimn.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.newgenlook.info/ad/ad0278/
O1 - Hosts file is located at: C:WINDOWS sdbhosts
O1 - Hosts: 81.211.105.69 lender-search.com
O1 - Hosts: 81.211.105.68 hot-searches.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: CATLEvents Object - {13589181-4F0D-4553-B9F8-B4B72172C139} -
C:DOCUME~1 obasUSTAWI~1Temp iwvrs.dat
O2 - BHO: CATLEvents Object - {68132581-10F2-416E-B188-4E648075325A} -
C:DOCUME~1 obasUSTAWI~1Tempcptf.dat (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PORZĄDKIFLASHGETjccatch.dll
O2 - BHO: CATLEvents Object - {BB54DE33-E539-4749-BFAC-CC49617E8F2A} -
C:DOCUME~1 obasUSTAWI~1Temppxe.dat
O2 - BHO: CATLEvents Object - {D487068E-9B04-4FE5-8A83-08344F800BF5} -
C:DOCUME~1 obasUSTAWI~1Templmxdvd.dat (file missing)
O2 - BHO: BHObj Class - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} -
C:WINDOWS em214.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PORZĄDKIFLASHGETfgiebar.dll (file missing)
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download All by FlashGet -
C:PORZĄDKIFLASHGETjc_all.htm
O8 - Extra context menu item: Download using FlashGet -
C:PORZĄDKIFLASHGETjc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-
00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-
9307-00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PORZĄDKIFLASHGETflashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - C:PORZĄDKIFLASHGETflashget.exe (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D30879C6-38DA-4816-92D7-
CA0002611AE5} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D30879C6-38DA-
4816-92D7-CA0002611AE5} - (no file) (HKCU)
O16 - DPF: ING Bank Online -
ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) -
www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} -
C:WINDOWSSystem32xplugin.dll
O20 - Winlogon Notify: baksvc - C:DOCUME~1 obasUSTAWI~1Tempcvskab.dat
(file missing)
O20 - Winlogon Notify: exp - C:DOCUME~1 obasUSTAWI~1Temppxe.dat
O20 - Winlogon Notify: srvwin - C:DOCUME~1 obasUSTAWI~1Temp iwvrs.dat
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32
Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Hibernation - Unknown owner - C:PROGRA~1CompaqCOMPAQ~1
hibserv.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:Program
FilesMKSinMkSUpdateInt.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:Program
FilesMKSBinmksmonsv.exe
O23 - Service: MkS_Scan - Unknown owner - C:Program
FilesMKSBinmks_scan.exe

Przeczytaj wszystkie posty z tego wątku


Temat: Bardzo prosze o sprawdzenie loga hijackthis
Bardzo prosze o sprawdzenie loga hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 19:58:59, on 2005-05-04
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesMKSBinNetMonSV.exe
C:PROGRA~1CompaqCOMPAQ~1hibserv.exe
C:Program FilesNetwork AssociatesCommon FrameworkFrameworkService.exe
C:Program FilesNetwork AssociatesVirusScanMcshield.exe
C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
C:Program FilesMKSBinmksmonsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32svchost.exe
C:Program FilesMicrosoft ActiveSyncWCESCOMM.EXE
C:Program FilesMKSBinmks_scan.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:PROGRA~1WINZIPwinzip32.exe
C:Documents and Settings obasUstawienia lokalneTempHijackThis.exe
C:Program FilesAheadNero ero.exe
C:Program FilesOutlook Expressmsimn.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.newgenlook.info/ad/ad0278/
O1 - Hosts file is located at: C:WINDOWS sdbhosts
O1 - Hosts: 81.211.105.69 lender-search.com
O1 - Hosts: 81.211.105.68 hot-searches.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: CATLEvents Object - {13589181-4F0D-4553-B9F8-B4B72172C139} -
C:DOCUME~1 obasUSTAWI~1Temp iwvrs.dat
O2 - BHO: CATLEvents Object - {68132581-10F2-416E-B188-4E648075325A} -
C:DOCUME~1 obasUSTAWI~1Tempcptf.dat (file missing)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PORZĄDKIFLASHGETjccatch.dll
O2 - BHO: CATLEvents Object - {BB54DE33-E539-4749-BFAC-CC49617E8F2A} -
C:DOCUME~1 obasUSTAWI~1Temppxe.dat
O2 - BHO: CATLEvents Object - {D487068E-9B04-4FE5-8A83-08344F800BF5} -
C:DOCUME~1 obasUSTAWI~1Templmxdvd.dat (file missing)
O2 - BHO: BHObj Class - {F7F808F0-6F7D-442C-93E3-4A4827C2E4C8} -
C:WINDOWS em214.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PORZĄDKIFLASHGETfgiebar.dll (file missing)
O4 - HKLM..Run: [MSConfig]
C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKCU..Run: [H/PC Connection Agent] "C:Program FilesMicrosoft
ActiveSyncWCESCOMM.EXE"
O4 - Global Startup: BTTray.lnk = ?
O8 - Extra context menu item: Download All by FlashGet -
C:PORZĄDKIFLASHGETjc_all.htm
O8 - Extra context menu item: Download using FlashGet -
C:PORZĄDKIFLASHGETjc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-
00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-
9307-00C04FAE2D4F} - C:Program FilesMicrosoft ActiveSyncINETREPL.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PORZĄDKIFLASHGETflashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - C:PORZĄDKIFLASHGETflashget.exe (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {D30879C6-38DA-4816-92D7-
CA0002611AE5} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {D30879C6-38DA-
4816-92D7-CA0002611AE5} - (no file) (HKCU)
O16 - DPF: ING Bank Online -
ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) -
www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O18 - Filter: text/html - {4F7681E5-6CAF-478D-9CB8-4CA593BEE7FB} -
C:WINDOWSSystem32xplugin.dll
O20 - Winlogon Notify: baksvc - C:DOCUME~1 obasUSTAWI~1Tempcvskab.dat
(file missing)
O20 - Winlogon Notify: exp - C:DOCUME~1 obasUSTAWI~1Temppxe.dat
O20 - Winlogon Notify: srvwin - C:DOCUME~1 obasUSTAWI~1Temp iwvrs.dat
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32
Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Hibernation - Unknown owner - C:PROGRA~1CompaqCOMPAQ~1
hibserv.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesCommon
FrameworkFrameworkService.exe
O23 - Service: Network Associates McShield (McShield) - Network Associates,
Inc. - C:Program FilesNetwork AssociatesVirusScanMcshield.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network
Associates, Inc. - C:Program FilesNetwork AssociatesVirusScanVsTskMgr.exe
O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:Program
FilesMKSinMkSUpdateInt.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:Program
FilesMKSBinmksmonsv.exe
O23 - Service: MkS_Scan - Unknown owner - C:Program
FilesMKSBinmks_scan.exe

Przeczytaj wszystkie posty z tego wątku


Temat: Ludzie co mi się dzieje chyba z 20 wirów na raz!!!
jestem Ci dłużny
Chyba wszystko działa, ogromne dzieki. Nawet niewiesz ile było moich nieudolnych
prób naprawienia problemu. Jestem zobowiązany. Wklejam loga. Sorry ze tak długo,
ale starałm sie robic dokladnie a w dodatku, wciaz mi wyskakiwała ta strona w
firefoxie

Logfile of HijackThis v1.99.1
Scan saved at 22:11:00, on 2005-05-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE
C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:PROGRA~1COMMON~1PCSuiteServicesSERVIC~1.EXE
C:WINDOWSsystem32ctfmon.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
C:Program FilesAdobeAcrobat 6.0 CEDistillracrotray.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopIndex.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopCrawl.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashserv.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesGoogleGoogle Desktop SearchGoogleDesktopOE.exe
C:Documents and SettingsjaPulpitHijackThis.exe

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = www.google.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:Program FilesAdobeAcrobat 6.0 CEAcrobatActiveXAcroIEHelper.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
C:PROGRA~1FlashGetjccatch.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} -
C:Program FilesAdobeAcrobat 6.0 CEAcrobatAcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetfgiebar.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:Program
FilesAdobeAcrobat 6.0 CEAcrobatAcroIEFavClient.dll
O4 - HKLM..Run: [avast!] C:Program FilesAlwil SoftwareAvast4ashDisp.exe
O4 - HKLM..Run: [DataLayer] C:PROGRA~1COMMON~1PCSuiteDATALA~1DATALA~1.EXE
O4 - HKLM..Run: [PCSuiteTrayApplication] C:PROGRA~1NokiaNOKIAP~1TRAYAP~1.EXE
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [AVShell] C:WINDOWSsystem32loader.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Google Desktop Search] "C:Program FilesGoogleGoogle
Desktop SearchGoogleDesktop.exe" /startup
O4 - Global Startup: Acrobat Assistant.lnk = C:Program FilesAdobeAcrobat 6.0
CEDistillracrotray.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
OfficeOffice10OSA.EXE
O8 - Extra context menu item: Download All by FlashGet - C:Program
FilesFlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:Program
FilesFlashGetjc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:PROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3}
- C:PROGRA~1FlashGetflashget.exe
O9 - Extra button: Microsoft AntiSpyware helper -
{E5B4AD08-B87B-4A98-BDC5-E52FDB4BACCD} - C:WINDOWSsystem32wldr.dll (file missing)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{E5B4AD08-B87B-4A98-BDC5-E52FDB4BACCD} - C:WINDOWSsystem32wldr.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra button: Microsoft AntiSpyware helper -
{E5B4AD08-B87B-4A98-BDC5-E52FDB4BACCD} - C:WINDOWSsystem32wldr.dll (file
missing) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
{E5B4AD08-B87B-4A98-BDC5-E52FDB4BACCD} - C:WINDOWSsystem32wldr.dll (file
missing) (HKCU)
O16 - DPF: Dialpad Webphone - www.dialpad.com/md/update/cham.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashserv.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil
SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:Program
FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exe

Przeczytaj wszystkie posty z tego wątku


Temat: Kolejny log hijacks do sprawdzenia
neder napisała:

> Log mie zmieścił się cały.
>
>
> Start do trybu awaryjnego:
>
> usuwasz (poprzez dodaj/usun programy)
> - 180 SearchAssistant
> - BULLSEYE NETWORK
> - SearchAccelerator
> - CXTPLS
> - SECURITY IGUARD

Pierwszego usunąłem, podczas usuwania drugiego wystąpił błąd deindtalacji (nie
można usunąć pliku). Ostatnich dwóch u mnie nie było.


>
>
> potem szukasz i usuwasz:
> > IENUTILW.EXE -> z C:WINDOWSSYSTEM
> > ENUBG.EXE -> z C:WINDOWSSYSTEM
> > paytime.exe -> z C:WINDOWSSYSTEM
> ap9h4qmo.exe -> z C:WINDOWSSYSTEM


Pierwsze dwa usunąłem, następnych dwóch nie było.

>
> uruchamiasz HJ wybierasz "do a system scan only" i zaznaczasz
> > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
> > 81.222.131.49/index.php
> > R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) =
> > keyword.netscape.com/keyword/%s
> > R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
> > 81.222.131.49/index.php
> > R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
> > 81.222.131.49/index.php
> > O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} -
> > C:WINDOWSNEM220.DLL (file missing)
> > O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} -
> > C:WINDOWSDREXINIT.DLL
> > O2 - BHO: (no name) - {016235BE-59D4-4CEB-ADD5-E2378282A1D9} - C:PROGRAM
> > FILESCXTPLSCXTPLS.DLL
> > O2 - BHO: (no name) - {9414B321-799B-2366-E1D8-52C0CE965D93} -
> > C:WINDOWSSYSTEMUUVDR.DLL
> > O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio -
> > {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
> > O3 - Toolbar: UCmore XP - The Search Accelerator -
> > {44BE0690-5429-47f0-85BB-3FFD8020233E} - C:PROGRAM
> > FILESTHESEARCHACCELERATORUCMTSAIE.DLL
> > O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
> > FilesRealUpdate_OB ealsched.exe" -osboot
> > O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" -atboot
> time
> > O4 - HKLM..Run: [sac] c:program files180searchassistantsac.exe
> > O4 - HKLM..Run: [BullsEye Network] C:Program FilesBullsEye
> > Networkinargains.exe
> > O4 - HKLM..Run: [op8g36j] IENUTILW.EXE
> > O4 - HKLM..Run: [AutoLoaderEnvoloAutoUpdater]
> > "C:WINDOWSTEMP~COMPOUNDINST0AUTO_UPDATE_LOADER.EXE" /HideUninstall
> > /HideDir /PC=CP.AMS /ShowLegalNote=nonbranded
> > O4 - HKLM..Run: [Security iGuard] C:PROGRAM FILESSECURITY IGUARDSECU
> RITY
> > IGUARD.EXE
> > O4 - HKLM..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
> > > O4 - HKLM..Run: [Service Host]
> > C:WINDOWSSYSTEMServices{8756B060-BF4E-11D9-A139-00111E0010F3}SVCHOST
> .EXE
> > O4 - HKLM..Run: [ap9h4qmo] C:WINDOWSSYSTEMap9h4qmo.exe
> > O4 - HKLM..Run: [AutoUpdater] "c:Program FilesAutoUpdateAutoUpdate.e
> xe"
> > O4 - HKCU..Run: [ZErmRWHnj] ENUBG.EXE
> > O4 - HKCU..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
> > O4 - Startup: Microsoft Office.lnk = C:Program FilesMicrosoft
> > OfficeOfficeOSA9.EXE -> nieszkodliwe ale zbedne
> > O4 - Startup: Watch.lnk = C:WINDOWSTWAIN_32a4s2_600watch.exe
> > > O9 - Extra 'Tools' menuitem: Show &Related Links -
> > {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm
> > O9 - Extra button: Microsoft AntiSpyware helper -
> > {B90977A0-BF4E-11D9-A139-00111E0010F3} - (no file) (HKCU)
> > O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper -
> > {B90977A0-BF4E-11D9-A139-00111E0010F3} - (no file) (HKCU)
> > > O15 - Trusted Zone: *.windupdates.com
> > O15 - Trusted Zone: *.searchmiracle.com
> > O15 - Trusted Zone: *.my-internet.info
> > O15 - Trusted Zone: *.flingstone.com
> > O15 - Trusted Zone: *.blazefind.com
> > O15 - Trusted Zone: *.clickspring.net
> > O15 - Trusted Zone: *.ysbweb.com
> > O15 - Trusted Zone: *.slotchbar.com
> > O15 - Trusted Zone: *.windupdates.com (HKLM)
> > O15 - Trusted Zone: *.searchbarcash.com (HKLM)
> > O15 - Trusted Zone: *.searchmiracle.com (HKLM)
> > O15 - Trusted Zone: *.skoobidoo.com (HKLM)
> > O15 - Trusted Zone: *.my-internet.info (HKLM)
> > O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
> > O15 - Trusted Zone: *.slotch.com (HKLM)
> > O15 - Trusted Zone: *.flingstone.com (HKLM)
> > O15 - Trusted Zone: *.mt-download.com (HKLM)
> > O15 - Trusted Zone: *.blazefind.com (HKLM)
> > O15 - Trusted IP range: 81.222.131.59
> > O15 - Trusted IP range: 81.222.131.59 (HKLM)
>
> i Fix Checked. restart i wklej nowy log.

Zrobione (jakiś krótki ten log!)
Logfile of HijackThis v1.99.1
Scan saved at 00:30:55, on 05-05-10
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v5.00 SP2 (5.00.3314.2100)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXE

O15 - Trusted IP range: 81.222.131.59
O15 - Trusted IP range: 81.222.131.59 (HKLM)
Przeczytaj wszystkie posty z tego wątku
  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • erfly06132.opx.pl


    • Strona 4 z 4 • Zostało wyszukane 210 wypowiedzi • 1, 2, 3, 4

    © 2009 Najlepszy miesiąc kawalerski w Polsce !!! - Ceske - Sjezdovky .cz. Design downloaded from free website templates