Dodaj do ulubionych

prosze o sprawdzenie loga z hijackThis

IP: *.dip.t-dialin.net 10.02.07, 11:47
Logfile of HijackThis v1.99.1
Scan saved at 11:42:07, on 10.02.2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0011)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Programme\AntiVir PersonalEdition Classic\sched.exe
C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
C:\WINDOWS\System32\DVDRAMSV.exe
C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Programme\iPod\bin\iPodService.exe
C:\Programme\B54 Wireless Monitor\WLService.exe
C:\Programme\B54 Wireless Monitor\WLanCfgG.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Programme\Intel\NCS\PROSet\PRONoMgr.exe
C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programme\Logitech\iTouch\iTouch.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
C:\Programme\QuickTime\qttask.exe
C:\Programme\iTunes\iTunesHelper.exe
C:\Programme\Messenger\msmsgs.exe
C:\Programme\Skype\Phone\Skype.exe
C:\Programme\Logitech\MouseWare\system\em_exec.exe
C:\WINDOWS\system32\RAMASST.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\ATI Technologies\ATI.ACE\cli.exe
C:\Programme\Internet Explorer\iexplore.exe
C:\Dokumente und

Einstellungen\Administrator\Desktop\hijackthis\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =

search.bearshare.com/sidebar.html?src=ssb
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =

search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =

www.t-online.de/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =

go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =

go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =

go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =

go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

search.bearshare.com/sidebar.html?src=ssb
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -

C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper -

{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat

7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -

c:\programme\google\googletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} -

C:\Programme\Canon\Easy-WebPrint\Toolband.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -

C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -

c:\programme\google\googletoolbar1.dll
O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programme\Intel\NCS\PROSet\PRONoMgr.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control

Panel\atiptaxx.exe
O4 - HKLM\..\Run: [zBrowser Launcher]

C:\Programme\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Easy-PrintToolBox]

C:\Programme\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe"

runtime -Delay
O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition

Classic\avgnt.exe" /min
O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe"

-atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash

/minimized
O4 - HKCU\..\Run: [ADS] C:\Windows\ADS.exe
O4 - Global Startup: Adobe Reader - Schnellstart.lnk =

C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
O8 - Extra context menu item: Easy-WebPrint - Drucken -

res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
O8 - Extra context menu item: Easy-WebPrint - Schnelldruck -

res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint - Vorschau -

res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen -

res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
O8 - Extra context menu item: Nach Microsoft &Excel exportieren -

res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} -

%windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network

Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -

C:\Programme\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -

{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Programme\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - file://C:\install.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) -

Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) -

AVIRA GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -

C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: CAILI - Unknown owner - C:\WINDOWS\System32\caili.exe
O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. -

C:\WINDOWS\System32\DVDRAMSV.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision

Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel

32\IDriverT.exe
O23 - Service: iPod Service - Apple Computer, Inc. -

C:\Programme\iPod\bin\iPodService.exe
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -

C:\Programme\Intel\NCS\Sync\NetSvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -

C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programme\B54

Wireless Monitor\WLService.exe

Obserwuj wątek
    • Gość: 2.raz Re: prosze o sprawdzenie loga z hijackThis IP: *.dip.t-dialin.net 10.02.07, 19:21
      Logfile of HijackThis v1.99.1
      Scan saved at 11:42:07, on 10.02.2007
      Platform: Windows XP SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v7.00 (7.00.5730.0011)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Programme\AntiVir PersonalEdition Classic\sched.exe
      C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
      C:\WINDOWS\System32\DVDRAMSV.exe
      C:\Programme\Gemeinsame Dateien\Microsoft Shared\VS7DEBUG\MDM.EXE
      C:\Programme\iPod\bin\iPodService.exe
      C:\Programme\B54 Wireless Monitor\WLService.exe
      C:\Programme\B54 Wireless Monitor\WLanCfgG.exe
      C:\WINDOWS\system32\Ati2evxx.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\ctfmon.exe
      C:\Programme\Intel\NCS\PROSet\PRONoMgr.exe
      C:\Programme\ATI Technologies\ATI Control Panel\atiptaxx.exe
      C:\Programme\Logitech\iTouch\iTouch.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Programme\ATI Technologies\ATI.ACE\cli.exe
      C:\Programme\AntiVir PersonalEdition Classic\avgnt.exe
      C:\Programme\QuickTime\qttask.exe
      C:\Programme\iTunes\iTunesHelper.exe
      C:\Programme\Messenger\msmsgs.exe
      C:\Programme\Skype\Phone\Skype.exe
      C:\Programme\Logitech\MouseWare\system\em_exec.exe
      C:\WINDOWS\system32\RAMASST.exe
      C:\Programme\ATI Technologies\ATI.ACE\cli.exe
      C:\Programme\ATI Technologies\ATI.ACE\cli.exe
      C:\Programme\Internet Explorer\iexplore.exe
      C:\Dokumente und Einstellungen\Administrator\Desktop\hijackthis\hijackthis.exe

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
      search.bearshare.com/sidebar.html?src=ssb
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
      search.bearshare.com/sidebar.html?src=ssb
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.t-
      online.de/
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      go.microsoft.com/fwlink/?LinkId=69157
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
      go.microsoft.com/fwlink/?LinkId=54896
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
      go.microsoft.com/fwlink/?LinkId=54896
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
      go.microsoft.com/fwlink/?LinkId=69157
      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      search.bearshare.com/sidebar.html?src=ssb
      O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
      C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
      O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
      784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
      c:\programme\google\googletoolbar1.dll
      O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} -
      C:\Programme\Canon\Easy-WebPrint\Toolband.dll
      O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
      C:\Programme\Yahoo!\Companion\Installs\cpn\yt.dll
      O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
      c:\programme\google\googletoolbar1.dll
      O4 - HKLM\..\Run: [PRONoMgr.exe] C:\Programme\Intel\NCS\PROSet\PRONoMgr.exe
      O4 - HKLM\..\Run: [ATIPTA] C:\Programme\ATI Technologies\ATI Control
      Panel\atiptaxx.exe
      O4 - HKLM\..\Run: [zBrowser Launcher] C:\Programme\Logitech\iTouch\iTouch.exe
      O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Programme\Canon\Easy-
      PrintToolBox\BJPSMAIN.EXE /logon
      O4 - HKLM\..\Run: [ATICCC] "C:\Programme\ATI Technologies\ATI.ACE\cli.exe"
      runtime -Delay
      O4 - HKLM\..\Run: [avgnt] "C:\Programme\AntiVir PersonalEdition
      Classic\avgnt.exe" /min
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Programme\QuickTime\qttask.exe" -
      atboottime
      O4 - HKLM\..\Run: [iTunesHelper] "C:\Programme\iTunes\iTunesHelper.exe"
      O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Programme\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run:
      [Skype] "C:\Programme\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [ADS] C:\Windows\ADS.exe
      O4 - Global Startup: Adobe Reader - Schnellstart.lnk =
      C:\Programme\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe
      O8 - Extra context menu item: Easy-WebPrint - Drucken -
      res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Print.html
      O8 - Extra context menu item: Easy-WebPrint - Schnelldruck -
      res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html
      O8 - Extra context menu item: Easy-WebPrint - Vorschau -
      res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html
      O8 - Extra context menu item: Easy-WebPrint - Zu Druckliste hinzufügen -
      res://C:\Programme\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html
      O8 - Extra context menu item: Nach Microsoft &Excel exportieren -
      res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Recherchieren - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
      C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%
      \Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-
      f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
      C:\Programme\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
      00C04F795683} - C:\Programme\Messenger\msmsgs.exe
      O11 - Options group: [INTERNATIONAL] International*
      O16 - DPF: {1C78AB3F-A857-482E-80C0-3A1E5238A565} - file://C:\install.cab
      O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
      O23 - Service: AntiVir PersonalEdition Classic Planer (AntiVirScheduler) -
      Avira GmbH - C:\Programme\AntiVir PersonalEdition Classic\sched.exe
      O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA
      GmbH - C:\Programme\AntiVir PersonalEdition Classic\avguard.exe
      O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32
      \Ati2evxx.exe
      O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
      O23 - Service: CAILI - Unknown owner - C:\WINDOWS\System32\caili.exe
      O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. -
      C:\WINDOWS\System32\DVDRAMSV.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
      Corporation - C:\Programme\Gemeinsame Dateien\InstallShield\Driver\11\Intel 32
      \IDriverT.exe
      O23 - Service: iPod Service - Apple Computer, Inc. -
      C:\Programme\iPod\bin\iPodService.exe
      O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation -
      C:\Programme\Intel\NCS\Sync\NetSvc.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation -
      C:\Programme\Gemeinsame Dateien\Symantec Shared\Security Center\SymWSC.exe
      O23 - Service: WLB54 Service (WLB54) - Unknown owner - C:\Programme\B54
      Wireless Monitor\WLService.exe

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka