PSWTool.Win32.Hooker.a

Maciaswawa · 30 Marzec 2007 13:41

Komp mi sie zawiesza, i wolno chodzi. Zrobiłem skan wykryło PSWTool.Win32.Hooker.a ale w akcji jest pominięty ręcznie chciałem usunąc ale nie znajduje folderu System Volume Information… Jak to usunąc?? Jak to coś da to daje logi z Hijack’a

Logfile of HijackThis v1.99.1 Scan saved at 15:41:08, on 2007-03-30 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\SYSTEM32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\AVENGINE.EXE C:\WINDOWS\system32\svchost.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\WgaTray.exe C:\WINDOWS\explorer.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE C:\Program Files\QuickTime\qttask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\CursorXP\CursorXP.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Kalendarz XP\Kalendarz.exe C:\Program Files\Logitech\iTouch\iTouch.exe C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe C:\Program Files\ZyXEL\G-302v3\G-302v3.exe c:\program files\panda software\panda antivirus + firewall 2007\WebProxy.exe C:\Program Files\Logitech\MouseWare\System\Em_exec.exe C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe C:\Program Files\Avant Browser\avant.exe C:\Program Files\ESTsoft\ALZip\ALZip.exe C:\Documents and Settings\Maciek\Ustawienia lokalne\Temp_AZTMP7_\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.yoby.net/sb/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\windows\blank.htm F2 - REG:system.ini: Shell=explorer.exe O2 - BHO: Flashget Catch Url Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe” O4 - HKLM…\Run: [!AVG Anti-Spyware] “C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe” /minimized O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_11\bin\jusched.exe” O4 - HKLM…\Run: [APVXDWIN] “C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\APVXDWIN.EXE” /s O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [CursorXP] C:\Program Files\CursorXP\CursorXP.exe O4 - Startup: Gadu-Gadu.lnk = C:\Program Files\Gadu-Gadu\gg.exe O4 - Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz.exe O4 - Startup: Skype.lnk = C:\Program Files\Skype\Phone\Skype.exe O4 - Startup: Yahoo! Widget Engine.lnk = C:\Program Files\Yahoo!\Widgets\YahooWidgetEngine.exe O4 - Startup: ZyXEL G-302 v3 Utility.lnk = C:\Program Files\ZyXEL\G-302v3\G-302v3.exe O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet’a - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet’a - C:\Program Files\FlashGet\jc_all.htm O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - C:\Program Files\Avant Browser\AddAllToADBlackList.htm O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program Files\Avant Browser\AddToADBlackList.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000 O8 - Extra context menu item: Otwórz w nowym Avant Browser - C:\Program Files\Avant Browser\OpenInNewBrowser.htm O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony… - C:\Program Files\Avant Browser\OpenAllLinks.htm O8 - Extra context menu item: Podświetl - C:\Program Files\Avant Browser\Highlight.htm O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virus … nicode.cab O16 - DPF: {3D2CB570-D425-11D5-ABD0-00008369C46F} (CSMenu Class) - http://netbank.danskebank.dk/html/activex/DB/Menu.cab O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) - http://67.15.101.3/g_bin/pl/slots90_2_0_0_30.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {D8575CE3-3432-4540-88A9-85A1325D3375} (e-Safekey) - https://netbank.danskebank.dk/html/acti … afekey.cab O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) - http://67.15.101.3/g_bin/pl/slots80_2_0_0_30.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_30.cab O18 - Protocol: bwf0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwf0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\GAPlugProtocol-8876480.dll O18 - Protocol: bwg0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwg0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwh0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwi0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwj0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwk0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwl0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwm0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwn0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwo0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwp0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwq0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwr0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bws0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwt0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwu0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwv0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bww0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwx0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwy0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0 - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: bwz0s - {90785786-8F1B-452B-9D0A-2AFF7E1F4BFC} - C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BWPlugProtocol-8876480.dll O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DLL O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PavFnSvr.exe O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\pavsrv51.exe O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda antivirus + firewall 2007\firewall\PNMSRV.EXE O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\PsImSvc.exe O23 - Service: Panda TPSrv (TPSrv) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus + Firewall 2007\TPSrv.exe O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Unknown owner - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe (file missing)

adam9870 · 30 Marzec 2007 15:02

Usuń wpisy HJT.

Przejrzyj XP - Optymalizacja, odchudzanie dla trochę bardziej zaawansowanych. Lub Optymalizacja i odchudzanie Windowsa XP dla trochę mniej zaawansowanych.

Zajrzyj tutaj:

http://forum.dobreprogramy.pl/viewtopic.php?t=143739

Maciaswawa · 30 Marzec 2007 15:39

Robię wszystko co jest tu

i nie ma folderu System Volume Information. Są wszystkie uryte pliki i foldery, a nie ma tego… To gdzie on jest ?? :? :?

Złączono Posta : 30.03.2007 (Pią) 17:45

Dobra juz poszukałem na stronie microstftu i już mam …