dobreprogramy - forum

GosiaczekGda · 11 Lipiec 2005 11:14

Czy cos jest nie tak??

Logfile of HijackThis v1.99.1

Scan saved at 13:16:59, on 2005-07-11

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\AVIRA Desktop\AVESVC.EXE

C:\Program Files\AVIRA Desktop\AVGUARD.EXE

C:\Program Files\AVIRA Desktop\AVWUPSRV.EXE

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\AVIRA Desktop\AVMAILC.EXE

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

C:\WINDOWS\htpatch.exe

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\WINDOWS\System32\RunDll32.exe

C:\progra~1\softwin\bitdef~1\bdmcon.exe

C:\PROGRA~1\PESTPA~1\PPControl.exe

C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE

C:\PROGRA~1\NEOSTR~2\CnxMon.exe

C:\PROGRA~1\NEOSTR~2\taskbaricon.exe

D:\Program Files\Programy\Tlen.pl\tlen.exe

C:\WINDOWS\System32\rundll32.exe

D:\Program Files\Programy\Gadu-Gadu\gg.exe

D:\Program Files\Programy\eMule.de\eMule\emule.exe

C:\WINDOWS\System32\wuauclt.exe

D:\Program Files\Programy\Opera\Opera.exe

C:\Program Files\Neostrada TP\NeostradaTP.exe

C:\Program Files\Neostrada TP\ComComp.exe

C:\Program Files\Neostrada TP\Watch.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Documents and Settings\Gośka\Pulpit\Skanery, antywirusy\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

F2 - REG:system.ini: Shell=explorer.exe

O2 - BHO: (no name) - {02DCA195-602B-4B1F-83FF-381B7E804BDB} - C:\WINDOWS\system32\HDBHO.dll

O4 - HKLM…\Run: [HTpatch] C:\WINDOWS\htpatch.exe

O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon

O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM…\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM…\Run: [bDMCon] c:\progra~1\softwin\bitdef~1\bdmcon.exe

O4 - HKLM…\Run: [bDNewsAgent] c:\progra~1\softwin\bitdef~1\bdnagent.exe

O4 - HKLM…\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe

O4 - HKLM…\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe

O4 - HKLM…\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe

O4 - HKLM…\Run: [EPSON Stylus C43 Series (Kopia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 “EPSON Stylus C43 Series (Kopia 1)” /O5 “LPT1:” /M “Stylus C43”

O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~2\CnxMon.exe

O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~2\Watch.exe

O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~2\taskbaricon.exe

O4 - HKLM…\Run: [AVGCtrl] “C:\Program Files\AVIRA Desktop\AVGNT.EXE” /min

O4 - HKLM…\Run: [AVWUpd32] “C:\PROGRA~1\AVIRAD~1\Avwupd32.EXE” /min

O4 - HKCU…\Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook

O4 - HKCU…\Run: [EPSON Stylus C43 Series (Kopia 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P33 “EPSON Stylus C43 Series (Kopia 1)” /M “Stylus C43”

O4 - HKCU…\Run: [Komunikator] D:\Program Files\Programy\Tlen.pl\tlen.exe

O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Programy\Gadu-Gadu\gg.exe” /tray

O4 - HKCU…\Run: [eMuleAutoStart] D:\Program Files\Programy\eMule.de\eMule\emule.exe -AutoStart

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar1.dll/cmcache.html

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet’a - D:\Program Files\Programy\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet’a - D:\Program Files\Programy\FlashGet\jc_all.htm

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Programy\FlashGet\flashget.exe

O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\Programy\FlashGet\flashget.exe

O10 - Broken Internet access because of LSP provider ‘avsda.dll’ missing

O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab

O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://67.15.101.3/g_bin/pl/demon_2_0_0_18.cab

O16 - DPF: {B942A249-D1E7-4C11-98AE-FCB76B08747F} (RealArcadeRdxIE Class) - http://games-dl.real.com/gameconsole/Bu … eRdxIE.cab

O16 - DPF: {D719897A-B07A-4C0C-AEA9-9B663A28DFCB} (iTunesDetector Class) - http://ax.phobos.apple.com.edgesuite.ne … tector.cab

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab

O17 - HKLM\System\CCS\Services\Tcpip…{DFBF8A1F-B617-46CE-BAC8-A4415B094670}: NameServer = 194.204.152.34 217.98.63.164

O23 - Service: AVE Service (AVEService) - AVIRA GmbH - C:\Program Files\AVIRA Desktop\AVESVC.EXE

O23 - Service: AVIRA Mail Security Service (AVIRAMailService) - AVIRA GmbH - C:\Program Files\AVIRA Desktop\AVMAILC.EXE

O23 - Service: AVIRA Service (AVIRAService) - AVIRA GmbH - C:\Program Files\AVIRA Desktop\AVGUARD.EXE

O23 - Service: AVIRA Update (AVWUpSrv) - AVIRA GmbH - C:\Program Files\AVIRA Desktop\AVWUPSRV.EXE

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

kuz5 · 11 Lipiec 2005 11:21

Ciachnij:

Ten wpis z kreseczką “_” usuniesz edytorem rejestru Registrar Lite

Uruchom edytor w pole Address wklej ścieżke

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks i kliknij Go poczym zostaniesz przeniesiony do tego klucza. Po prawej stronie będzie widoczny wpis _{08C06D61-F1F3-4799-86F8-BE1A89362C85} wszystkie inne wpisy z taką samą kreseczką także kasujesz i z prawokliku kasujesz wpisy.

GosiaczekGda · 11 Lipiec 2005 11:57

Nie wiem czy mi sie to udalo :oops: