Witam. mam problem z VIRUS ALERT! na pasku zadań…
Nie mam zielonego pojęcia o komputerach…
Oto mój log z HijackThis. z góry wielkie dzięki za pomoc!
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:11: VIRUS ALERT!, on 2008-09-27
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\hkcmd.exe
C:\WINDOWS\System32\igfxpers.exe
C:\Program Files\Razer\Habu\razerhid.exe
C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
C:\Program Files\MicroAV\MicroAV.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
C:\Program Files\Razer\Habu\razerofa.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\swider\Pulpit\hijack\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wm … Ojg5lid=2
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O2 - BHO: QXK Olive - {9FA70636-4CFB-4CAE-85FF-D836C1783BC7} - C:\WINDOWS\dfmlxbpkqfv.dll
O3 - Toolbar: Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL
O3 - Toolbar: peltodgx - {326E1D30-5343-4B85-8BD5-DF6852DAA6F3} - C:\WINDOWS\peltodgx.dll
O4 - HKLM…\Run: [igfxtray] C:\WINDOWS\System32\igfxtray.exe
O4 - HKLM…\Run: [igfxhkcmd] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM…\Run: [igfxpers] C:\WINDOWS\System32\igfxpers.exe
O4 - HKLM…\Run: [Habu] C:\Program Files\Razer\Habu\razerhid.exe
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [MyWebSearch Plugin] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\M3PLUGIN.DLL,UPF
O4 - HKLM…\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S
O4 - HKLM…\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKLM…\Run: [QCIF Agent] C:\WINDOWS\System32\28463\QCIF.exe
O4 - HKLM…\Run: [!xSpeed] c:!xSpeedPro!xSpeedPro.exe reg
O4 - HKLM…\Run: [\YUR456.exe] C:\Windows\system32\YUR456.exe
O4 - HKLM…\Run: [\YUR457.exe] C:\Windows\system32\YUR457.exe
O4 - HKLM…\Run: [\YUR458.exe] C:\Windows\system32\YUR458.exe
O4 - HKLM…\Run: [\YUR459.exe] C:\Windows\system32\YUR459.exe
O4 - HKLM…\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
O4 - HKLM…\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKLM…\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKLM…\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKLM…\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKLM…\Run: [AVP] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe”
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon.exe
O4 - HKCU…\Run: [GoD] “C:\Documents and Settings\swider\Moje dokumenty\GoD\GoD.exe” /tray
O4 - HKCU…\Run: [\YUR456.exe] C:\Windows\system32\YUR456.exe
O4 - HKCU…\Run: [\YUR457.exe] C:\Windows\system32\YUR457.exe
O4 - HKCU…\Run: [\YUR458.exe] C:\Windows\system32\YUR458.exe
O4 - HKCU…\Run: [\YUR459.exe] C:\Windows\system32\YUR459.exe
O4 - HKCU…\Run: [ANTIVIRUS] C:\Program Files\MicroAV\MicroAV.exe
O4 - HKCU…\Run: [\YUR1.exe] C:\Windows\system32\YUR1.exe
O4 - HKCU…\Run: [\YUR2.exe] C:\Windows\system32\YUR2.exe
O4 - HKCU…\Run: [\YUR3.exe] C:\Windows\system32\YUR3.exe
O4 - HKCU…\Run: [\YUR4.exe] C:\Windows\system32\YUR4.exe
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\System32\CTFMON.EXE (User ‘Default user’)
O4 - Global Startup: Belkin Wireless Client Utility.lnk = C:\Program Files\Belkin\F5D9050\Belkinwcui.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O7 - HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O7 - HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System, DisableRegedit=1
O8 - Extra context menu item: Search - http://edits.mywebsearch.com/toolbaredi … p=ZRfox000
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\SCIEPlgn.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O21 - SSODL: rwlfsdmk - {A95BC992-834E-4CEF-B223-96AED0D3E9CE} - C:\WINDOWS\rwlfsdmk.dll
O21 - SSODL: onfwbsak - {695AA4E7-3B55-4C54-8FB4-81D0F0BD5AE8} - C:\WINDOWS\onfwbsak.dll
O23 - Service: Kaspersky Anti-Virus 7.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 7.0\avp.exe
O23 - Service: My Web Search Service (MyWebSearchService) - MyWebSearch.com - C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwssvc.exe
–
End of file - 6325 bytes