Proszę o sprawdzenie loga z HijackThis

IP: 83.2.10.* 19.10.06, 23:02
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Multimedia Combo Set\MouseDrv.exe
C:\Program Files\Multimedia Combo Set\PS2USBKbdDrv.exe
C:\WINDOWS\system32\HBO ScreenSaver.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\ipwins\ipwins.exe
C:\Program Files\Common Files\{ACFCEBC0-0A6B-1045-0804-040406090030}
\Update.exe
C:\Program Files\Ares\Ares.exe
C:\Program Files\Bright Bug Software\Shared\Screen Savers\BBDTMngr.exe
C:\WINDOWS\system32\wscntfy.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Tomek\Pulpit\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
google.bearshare.com/pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} -
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program
Files\Common Files\{3CFCEBC0-0A6B-1045-0804-040406090030}\MyToolBar.dll
O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} -
C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} -
C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} -
C:\Program Files\Common Files\{3CFCEBC0-0A6B-1045-0804-040406090030}
\MyToolBar.dll
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI
Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [Skrót do strony właściwości High Definition Audio]
HDAShCut.exe
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [WireLessMouse ] C:\Program Files\Multimedia Combo
Set\MouseDrv.exe
O4 - HKLM\..\Run: [WireLessKeyboard ] C:\Program Files\Multimedia Combo
Set\PS2USBKbdDrv.exe
O4 - HKLM\..\Run: [HBOScreensaver] "C:\WINDOWS\system32\HBO
ScreenSaver.exe" /sch
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [BearFlix] "C:\Program Files\BearFlix\BearFlix.exe" /pause
O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
O4 - HKCU\..\Run: [Dzieńdobry!] C:\Documents and Settings\Tomek\Moje
dokumenty\Dzieńdobry!\dziendobry.exe /auto
O4 - HKCU\..\Run: [Etop] "C:\WINDOWS\system32\MBOLS~1\tracert.exe" -vt yazb
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Run BBDTMngr.exe.lnk = C:\Program Files\Bright Bug
Software\Shared\Screen Savers\BBDTMngr.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) -
67.15.101.3/g_bin/pl/cards_2_0_0_71.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) -
67.15.101.3/g_bin/pl/boards_2_0_0_30.cab
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) -
67.15.101.3/g_bin/pl/slots90_2_0_0_30.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) -
67.15.101.3/g_bin/pl/navy_2_0_0_23.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
67.15.101.3/g_bin/pl/slots70_2_0_0_30.cab
O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) -
83.18.237.172/plugin/h263ctrl.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) -
67.15.101.3/g_bin/pl/words_2_0_0_46.cab
O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) -
67.15.101.3/g_bin/pl/slots80_2_0_0_30.cab
O20 - Winlogon Notify: wintfj32 - C:\WINDOWS\SYSTEM32\wintfj32.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32
\Ati2evxx.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program
Files\Eset\nod32krn.exe
    • Gość: Kolobos Re: Proszę o sprawdzenie loga z HijackThis IP: *.escom.net.pl 20.10.06, 08:19
      Dlaczego zakladasz nowy watek? Zasmiecasz tylko forum.

      Zamknij porty przy pomocy wwdc.

      W menadzerze zadan zakoncz:
      C:\Program Files\ipwins\ipwins.exe <- katalog ipwins usun z dysku.
      C:\Program Files\Common Files\{ACFCEBC0-0A6B-1045-0804-040406090030}
      \Update.exe

      W hjt usun:
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
      google.bearshare.com/pl/
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll <- klik na olowek na pasku yahoo i uninstall.
      O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} -
      C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL <- katalog MyGlo... usun z dysku.
      O2 - BHO: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} - C:\Program
      Files\Common Files\{3CFCEBC0-0A6B-1045-0804-040406090030}\MyToolBar.dll <- katalog {3C... usun z dysku.
      O2 - BHO: PrintViewBHO Class - {D4E0C464-30CE-4075-9A10-71FD106C2847} -
      C:\PROGRA~1\PRINTV~1\PRINTH~1.DLL <- katalog Printv~1 usun z dysku.
      O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} -
      C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL
      O3 - Toolbar: ToolBar888 - {C004DEC2-2623-438e-9CA2-C9043AB28508} -
      C:\Program Files\Common Files\{3CFCEBC0-0A6B-1045-0804-040406090030}
      \MyToolBar.dll
      O4 - HKLM\..\Run: [IpWins] C:\Program Files\ipwins\ipwins.exe
      O4 - HKLM\..\Run: [PVModule] C:\PROGRA~1\PRINTV~1\pvmodule.exe
      O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h
      O4 - HKCU\..\Run: [Etop] "C:\WINDOWS\system32\MBOLS~1\tracert.exe" -vt yazb <- plik usun z dysku.
      O16 - DPF: {A93B47FD-9BF6-4DA8-97FC-9270B9D64A6C} (VaPgCtrl Class) -
      83.18.237.172/plugin/h263ctrl.cab
      O20 - Winlogon Notify: wintfj32 - C:\WINDOWS\SYSTEM32\wintfj32.dll <- plik usun z dysku.

      Do tego przeskanuj przy pomocy ewido.
Pełna wersja