Gość: hugo
IP: 80.51.23.*
29.01.05, 22:50
przeskanowałem moj komputer za pomocą Hijack This i otrzymałem taka listę:
Logfile of HijackThis v1.99.0
Scan saved at 22:19:32, on 2005-01-29
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.ex e
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.ex e
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.ex e
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\drivers\cra uto.exe
C:\WINDOWS\System32\drivers\IMo untSRV.exe
C:\WINDOWS\system32\drivers\Kod akCCS.exe
C:\WINDOWS\System32\ScsiAccess. EXE
C:\WINDOWS\d3bj32.exe
C:\WINDOWS\winst.exe
C:\Program Files\Winamp\Winampa.exe
C:\WINDOWS\system32\addmf32.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\1\Pulpit\HijackThis.ex e
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Search Bar =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Search Page =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
about:blank
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Search_UR L =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Search Bar =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Search Page =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKCU\Software\Microsoft\Interne t Explorer\Search,SearchAssistant =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R0 - HKLM\Software\Microsoft\Interne t Explorer\Search,SearchAssistant =
res://C:\WINDOWS\cecgn.dll/sp.h tml#24098
R1 - HKCU\Software\Microsoft\Interne t Connection Wizard,ShellNext =
windowsupdate.microsoft.com/
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
R3 - Default URLSearchHook is missing
F3 - REG:win.ini: run=C:\WINDOWS\winst.exe
O2 - BHO: (no name) - {83F201E9-1F75-B6CA-F4E3-1CC677 2CE64F} -
C:\WINDOWS\system32\javaad.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck. exe
O4 - HKLM\..\Run: [addmf32.exe] C:\WINDOWS\system32\addmf32.exe
O4 - HKLM\..\Run: [User Manager] C:\WINDOWS\System32\umgmt.exe
O4 - HKLM\..\RunOnce: [d3bj32.exe] C:\WINDOWS\d3bj32.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Spyware Begone] c:\freescan\freescan.exe -FastScan
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0 318AFE} -
C:\WINDOWS\System32\Shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F 795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .mid: C:\Program Files\Internet
Explorer\PLUGINS\npqtplugin2.dl l
O15 - Trusted Zone: *.05p.com
O15 - Trusted Zone: *.awmdabest.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.frame.crazywinnings.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.scoobidoo.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.static.topconverting.com
O15 - Trusted Zone: *.05p.com (HKLM)
O15 - Trusted Zone: *.awmdabest.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.scoobidoo.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.static.topconverting.com (HKLM)
O15 - Trusted IP range: 206.161.125.149
O15 - Trusted IP range: 206.161.125.149 (HKLM)
O16 - DPF: ING Bank Online -
ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8 E6BAD6} -
public.windupdates.com/get_file.php?bt=ie&p=dbf3472ebe52c322f709187adb80b40d48bffc78c796bad16c7c82d5a9c77210514bb8
20cefbf3ddf3bb414b740a1f16814ff 152:4f7cc82533abb5d1b5cf6fb3c08 9a566
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA 18DE71} (RdxIE Class) -
software-dl.real.com/157fdfb1eaf0f4452616/netzip/RdxIE601.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF3 3E833C} (WUWebControl Class) -
v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098017455312
O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994B A2CEBE} (Installer Class) -
www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F2 9E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.ex e
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.ex e
O23 - Service: crauto - Unknown - C:\WINDOWS\System32\drivers\cra uto.exe
O23 - Service: IMountSRV - Unknown - C:\WINDOWS\System32\drivers\IMo untSRV.exe
O23 - Service: Kodak Camera Connection Software - Eastman Kodak Company -
C:\WINDOWS\system32\drivers\Kod akCCS.exe
O23 - Service: PMounter - Unknown - C:\WINDOWS\system32\PMounter.ex e
O23 - Service: ScsiAccess - Unknown - C:\WINDOWS\System32\ScsiAccess. EXE
O23 - Service: ZESOFT - Unknown - C:\WINDOWS\zeta.exe (file missing)
O23 - Service: Network Security Service (NSS) - Unknown - C:\WINDOWS\system32
\winpe.exe (file missing)
co usunąć i jak.
program oper.win xp