Dodaj do ulubionych

Prosze o sprawdzenie loga

IP: *.adsl.alicedsl.de 30.06.06, 13:06
Logfile of HijackThis v1.99.1
Scan saved at 13:05:44, on 30.06.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\Skype\Phone\Skype.exe
C:\WINDOWS\system32\svchost.exe
C:\Programme\HP\digital imaging\bin\hpqtra08.exe
K:\TestW.exe
K:\TestW.exe
C:\Programme\Microsoft ActiveSync\wcescomm.exe
C:\PROGRA~1\MICROS~2\rapimgr.exe
C:\WINDOWS\system32\atmclk.exe
C:\WINDOWS\system32\dcomcfg.exe
K:\TestW.exe
C:\Programme\ewido anti-malware\ewidoguard.exe
C:\Programme\ewido anti-malware\ewidoctrl.exe
C:\Programme\Internet Explorer\IEXPLORE.EXE
F:\Programy\HijackThis.exe

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Nothing - {5f4c3d09-b3b9-4f88-aa82-31332fee1c08} -
C:\WINDOWS\system32\hp100.tmp
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition
Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [HP Software Update] "C:\Programme\HP\HP Software
Update\HPWuSchd2.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [H/PC Connection Agent] "C:\Programme\Microsoft
ActiveSync\wcescomm.exe"
O4 - Global Startup: Adobe Reader - Schnellstart.lnk =
C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Programme\HP\Digital
Imaging\bin\hpqtra08.exe
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-
00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} -
C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra 'Tools' menuitem: Mobilen Favoriten erstellen... - {2EAF5BB2-070F-
11D3-9307-00C04FAE2D4F} - C:\PROGRA~1\MICROS~2\INetRepl.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - yax-
download.yazzle.net/YazzleActiveX.cab?refid=1123
O17 - HKLM\System\CCS\Services\Tcpip\..\{76085637-D3D4-4904-AEF5-
5E0544003090}: NameServer = 213.191.74.18 213.191.92.86
O20 - AppInit_DLLs:
O20 - Winlogon Notify: winvtv32 - C:\WINDOWS\SYSTEM32\winvtv32.dll
O20 - Winlogon Notify: wvuvwxv - C:\WINDOWS\SYSTEM32\wvuvwxv.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) -
Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA
GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: ewido security suite control - ewido networks -
C:\Programme\ewido anti-malware\ewidoctrl.exe
O23 - Service: ewido security suite guard - ewido networks -
C:\Programme\ewido anti-malware\ewidoguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Edytor zaawansowany
  • Gość: k IP: *.warszawa.sdi.tpnet.pl 30.06.06, 16:42
    Uzyj:
    siri.urz.free.fr/Fix/SmitfraudFix_En.php
    Log z usuwania wklej na forum.

    W hjt usun:
    O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} - yax-
    download.yazzle.net/YazzleActiveX.cab?refid=1123
    O20 - AppInit_DLLs:
    O20 - Winlogon Notify: winvtv32 - C:\WINDOWS\SYSTEM32\winvtv32.dll <- plik usun
    z dysku.
    O20 - Winlogon Notify: wvuvwxv - C:\WINDOWS\SYSTEM32\wvuvwxv.dll <- plik usun z
    dysku, w razie problemow uzyj killbox lub wyrejestruj plik o tak:
    Start->Uruchom->regsvr32.exe /u C:\WINDOWS\SYSTEM32\wvuvwxv.dll
    to samo z winvtv32.dll nastepnie usun pliki.

    Do tego nie zaszkodzi skan przy pomocy ewido (link z przyklejonym lub na
    google).

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka