Log do sprawdzenia


(Marekbarczewski) #1

witam, siedzi mi cos w kompie i prosilbym o instrukcje jak pozbyc sie tego wira.

Log :

Logfile of Browser Hijack Recover(BHR) v2.2

http://www.browser-hijack.com/

Log created on 2008-11-22 09:46:42

Microsoft Windows XP Professional Dodatek Service Pack 2 (Build 2600)

Internet Explorer v6.0.2900.2180 Update Versions: ;SP2;


[Process Manager] - [Process]

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe

C:\WINDOWS\system32\cisvc.exe

C:\WINDOWS\system32\CTsvcCDA.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe

C:\WINDOWS\system32\MsPMSPSv.exe

C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WLService.exe

C:\Program Files\Compact Wireless-G USB Adapter Wireless Network Monitor\WUSB54GC.exe

C:\WINDOWS\System32\alg.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Beniamin\tguard.exe

C:\Program Files\iTunes\iTunesHelper.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe

C:\Program Files\NETGEAR\WPN111\wpn111.exe

C:\Program Files\Xfire\xfire.exe

C:\Program Files\iPod\bin\iPodService.exe

C:\WINDOWS\system32\cidaemon.exe

C:\Program Files\Opera\opera.exe

C:\Program Files\Gadu-Gadu\gg.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Browser Hijack Recover\bhr.exe

C:\Program Files\Browser Hijack Recover\bhr.exe


[IE Options] - [Normal]

R0 - HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/windows/ie_intl/en/start/

R0 - HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title = 


[IE Options] - [IE Menu]


[IE Options] - [Internet Options]


[IE Options] - [IE Search Hooks]

R3 - URLSearchHook: Microsoft Url Search Hook - {CFBFAE00-17A6-11D0-99CB-00C04FD64497} - C:\WINDOWS\system32\shdocvw.dll


[IE Add-Ons] - [Toolbars]

O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.5\UIBHO.dll


[IE Add-Ons] - [Explorer Bars]


[IE Add-Ons] - [Context Menu]


[IE Add-Ons] - [BHOs]

O2 - BHO: (No Name) - {538F7163-B874-46AB-87C7-8039C53EC55B} - C:\WINDOWS\system32\byXNfeEx.dll

O2 - BHO: CUNta - {933ED98E-57E9-11DD-BF82-A36255D89593} - C:\WINDOWS\system32\cunta.dll

O2 - BHO: (No Name) - {E9681C1C-C1DF-4970-97BB-86C3E716AFA3} - C:\WINDOWS\system32\fccaaaXp.dll


[IE Add-Ons] - [Tools Menu]

O9 - Extra "Tool" Menu Item: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


[IE Add-Ons] - [Tools Button]

O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe


[System Options]


[StartUp]

04 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Gadu-Gadu = C:\Program Files\Gadu-Gadu\gg.exe" /tray

04 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run MSMSGS = C:\Program Files\Messenger\msmsgs.exe" /background

04 - HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Creative MediaSource Go = C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run ccApp = C:\Program Files\Common Files\Symantec Shared\ccApp.exe

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run nwiz = nwiz.exe /install

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run NvMediaCenter = RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run BearShare = C:\Program Files\BearShare\BearShare.exe" /pause

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run bpk = C:\Program Files\BPK\bpk.exe

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run QuickTime Task = C:\Program Files\QuickTime\QTTask.exe" -atboottime

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run iTunesHelper = C:\Program Files\iTunes\iTunesHelper.exe

04 - HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run UpdReg = C:\WINDOWS\UpdReg.EXE

O4 - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\Vista sidebar.lnk = C:\Program Files\Vista Sidebar\sidebar.exe

O4 - C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\Xfire.lnk = C:\PROGRA~1\Xfire\xfire.exe

Pozdrawiam


(huber2t) #2

Podaj log z Combofix


(Gutek) #3

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ

Pozdrawiam Gutek2222

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052