Prosze o sprawdzenie loga

IP: *.neoplus.adsl.tpnet.pl 02.03.07, 22:15
Wyskakują strony z "paniami"

Logfile of HijackThis v1.99.1
Scan saved at 22:13:35, on 2007-03-02
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Beniamin\tguard.exe
E:\Program Files\Pogoda\pogoda.exe
C:\Program Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\svchost.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\system32\drwtsn32.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Winamp\winamp.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\Jarecki\Pulpit\hijackthis\hijackthis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-
5c19516be1a8} - C:\Program Files\Share_Accelerator\tbShar.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-
5c19516be1a8} - C:\Program Files\Share_Accelerator\tbShar.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AtiPTA] C:\WINDOWS\SYSTEM32\ATIPTAXX.EXE
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [tguard] C:\Program Files\Beniamin\tguard.exe
O4 - HKLM\..\Run: [Samsung Common
SM] "C:\WINDOWS\Samsung\ComSMMgr\ssmmgr.exe" /autorun
O4 - HKLM\..\Run: [amenlicensecopyglobal] C:\Documents and Settings\All
Users\Dane aplikacji\open bash amen license\MESS PROGRAM.exe
O4 - HKCU\..\Run: [VoipDiscount] "C:\Program
Files\VoipDiscount.com\VoipDiscount\VoipDiscount.exe" -nosplash -minimized
O4 - HKCU\..\Run: [tray] E:\Program Files\Pogoda\pogoda.exe /tray
O4 - HKCU\..\Run: [eMuleAutoStart] E:\Program Files\eMule\emule.exe -AutoStart
O4 - HKCU\..\Run: [Dash Mix] C:\DOCUME~1\Jarecki\DANEAP~1\LONGCI~1\Bait
Army.exe
O8 - Extra context menu item: Add to AMV Convert Tool... - C:\Program
Files\MP3 Player Utilities 3.76\AMVConverter\grab.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: MediaManager tool grab multimedia file -
C:\Program Files\MP3 Player Utilities 3.76\MediaManager\grab.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\bnmndrv.dll
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) -
download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) -
game05.zylom.com/activex/zylomgamesplayer.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32
\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32
\IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe

    • Gość: Kolobos Re: Prosze o sprawdzenie loga IP: *.escom.net.pl 02.03.07, 23:26
      W hjt usun:
      R3 - URLSearchHook: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-
      5c19516be1a8} - C:\Program Files\Share_Accelerator\tbShar.dll <- katalog Share... usun z dysku.
      O3 - Toolbar: Share Accelerator Toolbar - {f5c93451-2609-4723-a053-
      5c19516be1a8} - C:\Program Files\Share_Accelerator\tbShar.dll
      O4 - HKLM\..\Run: [amenlicensecopyglobal] C:\Documents and Settings\All
      Users\Dane aplikacji\open bash amen license\MESS PROGRAM.exe <- katalog open... usun z dysku.
      O4 - HKCU\..\Run: [Dash Mix] C:\DOCUME~1\Jarecki\DANEAP~1\LONGCI~1\Bait
      Army.exe <- katalog LONG... usun z dysku.

      Usun tez pliki z C:\Windows\Tasks
      Przeskanuj tez system przy pomocy ewido.
      • Gość: magda Re: Prosze o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 02.03.07, 23:50
        O4 - HKLM\..\Run: [amenlicensecopyglobal] C:\Documents and Settings\All
        Users\Dane aplikacji\open bash amen license\MESS PROGRAM.exe <- katalog open...
        usun z dysku.

        Nie można tego usunąc i nie mam pojęcia który proces wyłącząć. Reszty już nie
        ma.
        • Gość: Kolobos Re: Prosze o sprawdzenie loga IP: *.escom.net.pl 03.03.07, 01:19
          Uzyj killbox'a.
Pełna wersja