Proszę o sprawdzenie loga>>>> dziękuję


(kris) #1
Logfile of HijackThis v1.99.0

Scan saved at 23:29:34, on 2005-01-13

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

C:\WINDOWS\system32\Oplmsb01.exe

C:\Program Files\Common Files\Real\Update_OB\realsched.exe

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\WINDOWS\system32\MMTrayLSI.exe

C:\WINDOWS\system32\MMTray2k.exe

C:\WINDOWS\system32\MMTray.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\MyPortal\Akuku\Akuku.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\DC++\DCPlusPlus.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\WinRAR\WinRAR.exe

C:\DOCUME~1\SZEFER~2.SZE\USTAWI~1\Temp\Rar$EX00.000\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\fgiebar.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll

O3 - Toolbar: Clusty - {5538fb62-f725-4433-a965-91314e8d8e4d} - C:\Program Files\Clusty Toolbar\toolbar1.dll

O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll

O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM\..\Run: [LanguageMonitor] C:\WINDOWS\system32\Oplmsb01.exe OKI B4100

O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe

O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe

O4 - HKLM\..\Run: [MMTray] MMTray.exe

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU\..\Run: [AQQ] C:\Program Files\MyPortal\Akuku\Akuku.exe

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1045\OLFSNT40.EXE

O8 - Extra context menu item: &Clusty meta-search - res://C:\Program Files\Clusty Toolbar\toolbar1.dll/SEARCH.HTML

O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html

O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab

O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pl/big/1.1.62-big/GoogleNav.cab

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{4029A882-34BE-415D-B7C0-33FE85716375}: NameServer = 194.204.152.34,194.204.159.1

O17 - HKLM\System\CCS\Services\Tcpip\..\{DD01E4DE-4F4D-4F59-A1BA-651C1757A7B3}: NameServer = 194.204.152.34,194.204.159.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{4029A882-34BE-415D-B7C0-33FE85716375}: NameServer = 194.204.152.34,194.204.159.1

O23 - Service: avast! iAVS4 Control Service - Unknown - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe

O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe

O23 - Service: SoundMAX Agent Service - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

(adpawl) #2

Tak poza tym wygląda czysto...


(Existence) #3

Usun :

O4 - HKLM..\Run: [MMTrayLSI] MMTrayLSI.exe

O4 - HKLM..\Run: [MMTray2K] MMTray2k.exe

O4 - HKLM..\Run: [MMTray] MMTray.exe

Smieci:

O8 - Extra context menu item: &Clusty meta-search - res://C:\Program Files\Clusty Toolbar\toolbar1.dll/SEARCH.HTML

O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html

Niepotrzebne:

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

Start - uruchom - msconfig [wylacz]

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

O4 - HKLM..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE


(Xiao19) #4

zadne smieci :smiley: :smiley: tylko pasek narzedzi IE Google_Toolbar

O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html

O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html

O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html

O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html

  • prawidlowe

zostawiasz

O4 - HKLM..\Run: [sunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe

[update javy]

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

[autostart Microsoft Office]

kasujesz tak - /normal tryb/

O8 - Extra context menu item: &Clusty meta-search - res://C:\Program Files\Clusty Toolbar\toolbar1.dll/SEARCH.HTML

[hijacker HTML - podszycie pod Google_Toolbar]

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\system32\msjava.dll

[pusty dubel]

O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} - C:\Program Files\IrfanView\Ebay\Ebay.htm

[hijacker HTM]

1.)

sciagasz PestPatrol

http://download.zonelabs.com/bin/free/p ... olHome.exe

INFO:

skanujesz partycje systemowa

(Opis+instruk.)

http://www.searchengines.pl/phpbb203/in ... entry72774

dzialasz potem tym

ETD Security Scanner 3.0

http://www.searchengines.pl/phpbb203/in ... entry72774

2.)

skan skanerami AV

--F-Secure--

http://support.f-secure.com/enu/home/ols.shtml

--GeCAD (RAV)--

http://www.ravantivirus.com/scan/

lub

--Softwin (BitDefender)--

http://www.bitdefender.com/scan/licence.php

na koniec skan Ad-aware SE

http://dobreprogramy.pl/index.php?dz=2&t=55&id=107


(kris) #5

chodziło Ci chyba o ten link ETD Security Scanner 3.0

http://www.download.com/ETD-Security-Sc ... 29424.html

Dzięki za pomoc.


(Existence) #6

no to 'przecie' mowie, ze smieci :smiley:

po co :!: tylko spowalnia :?