Dodaj do ulubionych

Sprawdzenie loga z Hijack This

IP: *.internet.radom.pl 29.05.07, 23:12
Logfile of HijackThis v1.99.1
Scan saved at 23:08:37, on 2007-05-29
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Lexmark P910 Series\ezprint.exe
C:\Program Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
C:\Program Files\Hp\HP Software Update\HPWuSchd2.exe
C:\Program Files\Folder Guard Pro\FGKey.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\PROGRA~1\HEWLET~1\PHOTOS~1\HPSHAR~1\hpgs2wnf.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\ErrorSafe Free\WASmon.exe
C:\Documents and Settings\Pawel\Pulpit\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
google.bearshare.com/pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
Internet Explorer
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM\..\Run: [lxbymon.exe] "C:\Program Files\Lexmark P910 Series\lxbymon.exe"
O4 - HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark P910 Series\ezprint.exe"
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo
Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
Files\Hewlett-Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hp\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [FG_Monitor] C:\Program Files\Folder Guard Pro\FGKey.exe /Start
O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\System32\tnggihat.dll",realset
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: SmartShopper - Compare product prices -
{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\PROGRAM
FILES\SMARTSHOPPER\BIN\2.0.20\SMRTSHPR.DLL
O9 - Extra button: SmartShopper - Compare travel rates -
{3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\PROGRAM
FILES\SMARTSHOPPER\BIN\2.0.20\SMRTSHPR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{2B266014-B6E1-4C04-A923-A441523EC815}:
NameServer = 212.244.88.3,212.244.88.24
O17 -
HKLM\System\CS1\Services\Tcpip\..\{2B266014-B6E1-4C04-A923-A441523EC815}:
NameServer = 212.244.88.3,212.244.88.24
O17 -
HKLM\System\CS2\Services\Tcpip\..\{2B266014-B6E1-4C04-A923-A441523EC815}:
NameServer = 212.244.88.3,212.244.88.24
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)

Edytor zaawansowany
  • Gość: Kolobos IP: *.escom.net.pl 30.05.07, 07:16
    Zamknij porty w wwdc.exe

    W hjt usun:
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    google.bearshare.com/pl/
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
    C:\WINDOWS\SYSTEM\blank.htm
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft
    Internet Explorer
    O4 - HKLM\..\Run: [setup] rundll32.exe "C:\WINDOWS\System32\tnggihat.dll",realset
    O9 - Extra button: SmartShopper - Compare product prices -
    {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEBF} - C:\PROGRAM
    FILES\SMARTSHOPPER\BIN\2.0.20\SMRTSHPR.DLL
    O9 - Extra button: SmartShopper - Compare travel rates -
    {3CC3D8FE-F0E0-4dd1-A69A-8C56BCC7BEC0} - C:\PROGRAM
    FILES\SMARTSHOPPER\BIN\2.0.20\SMRTSHPR.DLL <- katalog Smart... usun z dysku.
    O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
    C:\WINDOWS\web\related.htm
    O9 - Extra 'Tools' menuitem: Show &Related Links -
    {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
    O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab

    Uzyj:
    secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
    download.bleepingcomputer.com/sUBs/ComboFix.exe
    www.superantispyware.com/downloads/SUPERAntiSpyware.exe
    Na koniec wklej na wklej.org log z:
    www.techsupportforum.com/sectools/Deckard/dss.exe i daj link na forum.
  • Gość: Kolobos IP: *.escom.net.pl 30.05.07, 16:22
    Usun z dysku te pliki: C:\FOUND.009 C:\FOUND.008 C:\FOUND.007 C:\FOUND.006 C:\FOUND.005 C:\FOUND.004 C:\FOUND.003

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka