Forum Komputery Wirusy, trojany, spyware
ZMIEŃ
    Dodaj do ulubionych

    specjaliści pomocy !!! CD

    IP: *.pentex.pl 05.07.05, 20:39
    Przepraszam jeszcze logfile

    Logfile of HijackThis v1.99.1
    Scan saved at 20:34:21, on 2005-07-05
    Platform: Windows XP (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 (6.00.2600.0000)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\LEXBCES.EXE
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\LEXPPS.EXE
    C:\Program Files\AntiVirenKit\AVKService.exe
    C:\Program Files\AntiVirenKit\AVKWCtl.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
    C:\WINDOWS\System32\nvsvc32.exe
    C:\WINDOWS\Explorer.EXE
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\System32\wuauclt.exe
    C:\Program Files\Internet Explorer\iexplore.exe
    C:\PROGRA~1\FREEDO~1\fdm.exe
    C:\Documents and Settings\olo.KIDI\Pulpit\instalki\HijackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
    fastsearchweb.com/srh.php?q=%s
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
    69.50.182.88/?qq=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
    69.50.182.88/?qq=
    R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
    about:blank
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    69.50.182.88/?qq=
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    69.50.182.88/?qq=
    R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
    69.50.182.88/?qq=
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
    www.onet.pl/
    R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
    Settings,ProxyOverride = localhost
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
    R3 - URLSearchHook: (no name) - {EB267705-EAA3-04F7-D187-E4C52C39043A} -
    new32.dll (file missing)
    R3 - URLSearchHook: Search - {C48A75F5-A05A-4FB4-B52C-4FBD9275BBEF} - (no
    file)
    R3 - URLSearchHook: Search - {FF8FF5C2-BA89-4C03-967A-7DA22BEF3C0C} - (no
    file)
    R3 - URLSearchHook: Search - {6E3625DB-0E43-406F-99B3-B28D17D768B1} - (no
    file)
    R3 - URLSearchHook: Search - {35D6876E-347D-48BB-9D28-A654467682C7} - (no
    file)
    R3 - URLSearchHook: Search - {C55596FC-F385-41A1-B913-869A589245AB} - (no
    file)
    R3 - URLSearchHook: Search - {3EF695DF-E06D-4524-B104-345E645B3A46} - (no
    file)
    R3 - URLSearchHook: Search - {583433BD-AFF5-40D3-881D-5DB8D6AA2B89} - (no
    file)
    R3 - URLSearchHook: Search - {011841AA-15E9-43D8-9460-8694F8E9C3D8} - (no
    file)
    R3 - URLSearchHook: (no name) - {00000000-0000-0000-0000-000000000000} - (no
    file)
    R3 - URLSearchHook: Search - {E0CD38C7-F04F-49F7-8204-2899631D98B9} - (no
    file)
    R3 - URLSearchHook: Search - {D6C64A13-E82D-469A-8D44-B9AB521B6401} - (no
    file)
    R3 - URLSearchHook: Search - {FA0D15F0-70B1-4F6D-AD2B-39F3479A4920} - (no
    file)
    R3 - URLSearchHook: Search - {5CE3046C-5252-4E56-AFF8-AFC5470A9159} - (no
    file)
    R3 - URLSearchHook: Search - {4462D4D1-0E15-49C4-8DA7-916713395FA9} - (no
    file)
    R3 - URLSearchHook: Search - {EFEC165E-18E7-41F7-836D-67BB0E98AA0D} - (no
    file)
    R3 - URLSearchHook: Search - {6AD5CBB2-B4A7-41AD-AB91-5EE64AC77118} - (no
    file)
    R3 - URLSearchHook: Search - {D2078FCA-0144-4AF6-9DAB-DBA4C2BAB546} - (no
    file)
    R3 - URLSearchHook: Search - {78CAD66C-0FCA-479A-8A65-9B1616D29B0E} - (no
    file)
    R3 - URLSearchHook: Search - {21496AB6-9258-4145-B103-AE073489451F} - (no
    file)
    R3 - URLSearchHook: Search - {0634930C-8801-4FF1-930F-83AFC8877D99} - (no
    file)
    R3 - URLSearchHook: Search - {72B70117-6DE2-42CF-9FF2-782D676B608C} - (no
    file)
    R3 - URLSearchHook: Search - {6F186811-48DD-4729-86CB-D660B87ADAB0} - (no
    file)
    R3 - URLSearchHook: Search - {C0191E39-BA07-4D6A-B8B6-CB52AA944E6A} - (no
    file)
    R3 - URLSearchHook: Search - {F647B89C-C4DB-4FEF-8BD2-CADB64687FAB} - (no
    file)
    R3 - URLSearchHook: Search - {01CE3089-50E7-416C-B152-AAE43020E3B8} - (no
    file)
    R3 - URLSearchHook: Search - {8A623A4B-738E-4B72-824E-3014E26B5DF5} - (no
    file)
    R3 - URLSearchHook: Search - {0BED3B5D-AD25-45D9-B380-F9A40D6B2EFB} - (no
    file)
    R3 - URLSearchHook: Search - {B9258582-E6B2-41CE-90BC-D540F522C5F0} - (no
    file)
    R3 - URLSearchHook: Search - {9F238272-CEAD-463C-A5EF-D6E9A3E3E27A} - (no
    file)
    R3 - URLSearchHook: Search - {0687BBD6-A46C-4B35-B7FD-C6924CD7DF84} - (no
    file)
    R3 - URLSearchHook: Search - {7A8A6FEF-EC00-4855-B30B-A4A0C8919F81} - (no
    file)
    O8 - Extra context menu item: Download all by Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Download by Free Download Manager -
    file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Download selected by Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlselected.htm
    O8 - Extra context menu item: Download web site by Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlpage.htm
    O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
    O8 - Extra context menu item: Pobierz stronę WEB z Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlpage.htm
    O8 - Extra context menu item: Pobierz wszystko z Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlall.htm
    O8 - Extra context menu item: Pobierz z Free Download Manager -
    file://C:\Program Files\Free Download Manager\dllink.htm
    O8 - Extra context menu item: Pobierz zaznaczenie z Free Download Manager -
    file://C:\Program Files\Free Download Manager\dlselected.htm
    O9 - Extra button: Search - {00000000-0000-0000-0000-000000000000} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {00EF3495-3AEB-4F2E-A0CB-28E5B1727BA5} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {02540317-BC48-424D-B10F-E6D5B39CD980} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {03FCAB17-104B-4D86-8EC3-D3BFEA9CB4CC} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {077BDF6F-536B-4D0A-A083-DAE3D37E517C} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
    00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
    O9 - Extra button: Search - {095642A4-36C6-4562-B7D3-41892EECA930} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {0C31D129-3978-4F21-8CA3-17542DC81164} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {0F4DBD1B-159B-4CD0-9E61-A9BBD2533559} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {0FF0AC7D-3430-4A8B-83CD-CB40937BA25C} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {10729058-5EE3-44EC-896B-1AB8CE3266FF} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {17783BB4-C180-4785-8F40-FE600D1CAFC0} -
    C:\WINDOWS\System32\shdocvw.dll
    O9 - Extra button: Search - {190CDD5C-F6AC-4B2D-
    Obserwuj wątek
      • Gość: Kolobos Re: specjaliści pomocy !!! CD IP: *.warszawa.sdi.tpnet.pl 05.07.05, 20:56
        Nie masz aktualizacji co = dziurawemu jak sito systemowi jak w ogole mozesz
        czegos takiego uzywac?
        I gdzie ten log? bo to tylko jakis kawalek...

        Uzyj tego:
        download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-
        fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe <- przeskanuj i usun wszystko co
        znajdzie
        cwshredder.net/bin/CWShredder.exe <- to samo
        www.firewallleaktester.com/tools/wwdc.exe <- zamknij porty.

        W hijackthis usun wszystkie R3 i wklej nowy log tym razem najlepiej caly, a jak
        sie nie zmiesci to doklej w drugim poscie i nie zakladaj nowych watkow tylko
        pisz w jednym bo robisz straszny balagan!

        Czy to czarne to nie tapeta? Zobacz tutaj:
        www.searchengines.pl/phpbb203/index.php?showtopic=31936
      • emi71 Re: specjaliści pomocy !!! CD 05.07.05, 21:21
        Logfile of HijackThis v1.99.1
        Scan saved at 21:16:45, on 2005-07-05
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\LEXBCES.EXE
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\system32\LEXPPS.EXE
        C:\Program Files\AntiVirenKit\AVKService.exe
        C:\Program Files\AntiVirenKit\AVKWCtl.exe
        C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
        C:\WINDOWS\System32\nvsvc32.exe
        C:\WINDOWS\Explorer.EXE
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\System32\wuauclt.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Documents and Settings\olo.KIDI\Pulpit\instalki\HijackThis.exe

        R1 - HKCU\Software\Microsoft\Internet Explorer,(Default) =
        fastsearchweb.com/srh.php?q=%s
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
        69.50.182.88/?qq=
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
        69.50.182.88/?qq=
        R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL =
        about:blank
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        69.50.182.88/?qq=
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
        69.50.182.88/?qq=
        R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
        69.50.182.88/?qq=
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
        www.onet.pl/
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
        Settings,ProxyOverride = localhost
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O8 - Extra context menu item: Download all by Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlall.htm
        O8 - Extra context menu item: Download by Free Download Manager -
        file://C:\Program Files\Free Download Manager\dllink.htm
        O8 - Extra context menu item: Download selected by Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlselected.htm
        O8 - Extra context menu item: Download web site by Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlpage.htm
        O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
        res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
        O8 - Extra context menu item: Pobierz stronę WEB z Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlpage.htm
        O8 - Extra context menu item: Pobierz wszystko z Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlall.htm
        O8 - Extra context menu item: Pobierz z Free Download Manager -
        file://C:\Program Files\Free Download Manager\dllink.htm
        O8 - Extra context menu item: Pobierz zaznaczenie z Free Download Manager -
        file://C:\Program Files\Free Download Manager\dlselected.htm
        O9 - Extra button: Search - {00000000-0000-0000-0000-000000000000} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {00EF3495-3AEB-4F2E-A0CB-28E5B1727BA5} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {02540317-BC48-424D-B10F-E6D5B39CD980} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {03FCAB17-104B-4D86-8EC3-D3BFEA9CB4CC} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {077BDF6F-536B-4D0A-A083-DAE3D37E517C} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
        C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
        00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
        O9 - Extra button: Search - {095642A4-36C6-4562-B7D3-41892EECA930} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {0C31D129-3978-4F21-8CA3-17542DC81164} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {0F4DBD1B-159B-4CD0-9E61-A9BBD2533559} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {0FF0AC7D-3430-4A8B-83CD-CB40937BA25C} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {10729058-5EE3-44EC-896B-1AB8CE3266FF} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {17783BB4-C180-4785-8F40-FE600D1CAFC0} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {190CDD5C-F6AC-4B2D-90C2-8B93ADF7F97A} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {1E2D3D72-F274-41FB-829D-DEB9093C6A4F} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {1FCEDE6F-23D2-4EBD-92E2-48FBF5AE5893} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {2032104D-4186-4E25-A758-EC1754DF0E57} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {24C2AE51-6EB2-4BB5-8FDA-09BDF9C91A37} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {285510E0-2FFD-4386-A62E-ED9CDD9FDECD} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {294A2EED-CE15-4C33-B73C-2BBC03611623} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {294C23F3-3897-45F5-A814-1A19406B0B76} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {303F59FC-A6B5-462E-9016-D45AB2847875} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {3547AAAE-1AF5-48E6-9ADD-31D90E6BE276} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {3A207E34-8110-409A-8977-2793AC2151CE} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {3FA6A7D1-2F87-4F35-A8E9-BD0311163357} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {409CA466-383D-413F-90D4-CEBA49FA4723} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {422E67DC-8F6E-4E04-85AD-9240F27242F0} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {44AC6603-EF74-4F89-A2E0-A157CC82E059} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {47B55661-ABF1-43EE-A5C2-F02036F1A9AE} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {48EDD0AC-3D93-49F2-8075-E0E71D88C116} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {4E508AE0-B9C7-4FD1-843F-8FC69D424C70} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {4F378C61-3987-41FF-9561-D94DA4455F54} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {4F9FA613-8D06-4298-BF77-3B4BEF7D7B7C} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {51FEA0E3-7357-48BA-B24C-534B1C296F4C} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {57F76C78-C900-4FFE-95A3-18F217E8AF1D} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {5C323311-E2D4-42E8-AE7D-0B52C7BA2E4C} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {5C96C83E-C04F-4B78-823A-2511AFC1B376} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {5FB410B1-5853-4A40-8FC1-E5D1F5E9AAE8} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {6118C051-CD98-42CA-977E-3B028DA8B1ED} -
        C:\WINDOWS\System32\shdocvw.dll
        O9 - Extra button: Search - {6195A0C6-ABCD-4A44-9B98-BAAE96FA3259} -
        C:\WINDOWS\System32\s
        • Gość: Kolobos Re: specjaliści pomocy !!! CD IP: *.warszawa.sdi.tpnet.pl 05.07.05, 21:32
          najpierw przeskanowac tym co podalem, pozniej wkleic log!

          Mozesz napisac jak mozna zrobic taki syf?

          Usun wszystkie:
          O9 - Extra button: Search
          Moze wtedy log sie zmiesci w co i tak watpie ;-)

    Najnowsze z forum Wirusy, trojany, spyware

    Nie masz jeszcze konta? Zarejestruj się

    Nakarm Pajacyka
    Osoby zamieszczające wypowiedzi naruszające prawo lub prawem chronione dobra osób trzecich mogą ponieść z tego tytułu odpowiedzialność karną lub cywilną. Regulamin