Prosze o sprawdzenie mojego loga


(system) #1

Logfile of HijackThis v1.99.0

Scan saved at 19:48:15, on 2005-02-17

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\MKS\Bin\NetMonSV.exe

C:\Program Files\MKS\Bin\mksmonsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\tcpsvcs.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\MKS\Bin\mks_menu.exe

C:\Documents and Settings\aju\Program files\gmail\Gmail Notifier\gnotify.exe

C:\Program files\Winamp\winamp.exe

C:\WINDOWS\System32\rundll32.exe

C:\Program Files\AutoConnect\AutoConnect.exe

C:\Documents and Settings\aju\Program files\GG\Gadu-Gadu\gg.exe

C:\Program Files\MKS\Bin\mks_scan.exe

C:\Program files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\aju\Program files\HIJACK\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll

O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program files\TGTSoft\StyleXP\TGT_BHO.dll

O2 - BHO: (no name) - {E87CAB3C-F134-4671-AE50-666834B66DDD} - C:\WINDOWS\System32\mcfi.dll

O4 - HKLM..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}] C:\Documents and Settings\aju\Program files\gmail\Gmail Notifier\gnotify.exe

O4 - HKLM..\Run: [Winamp] C:\Program files\Winamp\winamp.exe

O4 - HKLM..\Run: [loaddll] loaddll.exe

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [sp] rundll32 C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll,DllInstall

O4 - HKCU..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe

O4 - HKCU..\Run: [Gadu-Gadu] "C:\Documents and Settings\aju\Program files\GG\Gadu-Gadu\gg.exe" /tray

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0\bin\npjpi150.dll

O10 - Broken Internet access because of LSP provider 'syswvnt.dll' missing

O16 - DPF: {10003000-1000-0000-1000-000000000000} -

O17 - HKLM\System\CCS\Services\Tcpip..{6E1EA994-17A6-47D8-B5E5-189E3E7481E0}: NameServer = 194.204.152.34 217.98.63.164

O18 - Filter: text/html - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

O18 - Filter: text/plain - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

O23 - Service: ArcaBit NetMonitor - ArcaBit sp. z o.o. - C:\Program Files\MKS\Bin\NetMonSV.exe

O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe

O23 - Service: MkS_Vir Monitor - Unknown - C:\Program Files\MKS\Bin\mksmonsv.exe

O23 - Service: MkS_Scan - Unknown - C:\Program Files\MKS\Bin\mks_scan.exe

O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: StyleXPService - Unknown - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe


(Jablek 88) #2

O2 - BHO: (no name) - {E87CAB3C-F134-4671-AE50-666834B66DDD} - C:\WINDOWS\System32\mcfi.dll

O10 - Broken Internet access because of LSP provider 'syswvnt.dll' missing

O16 - DPF: {10003000-1000-0000-1000-000000000000} -

O18 - Filter: text/html - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

O18 - Filter: text/plain - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

O4 - HKLM..\Run: [loaddll] loaddll.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank

O4 - HKLM..\Run: [sp] rundll32 C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll,DllInstall

kasuj

przeskanuj CWShreder

:!:


(Qbek50) #3

przydałby się SP2 8)


(boczi) #4

Do usunięcia:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

   	R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll/sp.html

O2 - BHO: (no name) - {E87CAB3C-F134-4671-AE50-666834B66DDD} - C:\WINDOWS\System32\mcfi.dll

   	O4 - HKLM\..\Run: [loaddll] loaddll.exe

   	O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\aju\USTAWI~1\Temp\se.dll,DllInstall

   	O16 - DPF: {10003000-1000-0000-1000-000000000000} -

   	O18 - Filter: text/html - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

   	O18 - Filter: text/plain - {536C0AF8-1CE2-424B-B275-6D6D54941016} - C:\WINDOWS\System32\mcfi.dll

Zainstaluj firewall oraz Service Pack 2 !!


(Dragonlnx) #5

TrojanCWS: about:blank

Trojany:

Tego nie usuwasz w HjT

Ściągasz narzędzie LSP-Fix (przyklejone tematy).

  • Dajesz listę wszystkich dll-ów które Ci wyświetlą

Do kasacji jeszcze:

1.Tryb Awaryjny + Wyłączone przywracanie systemu

2.Usuń to co Ci podałem

3.Pamiętaj o LSP-Fix

4.Przeskanuj wszystkimi skanerami (przykl. temat)

5.Daj jeszcze raz loga HijackThis