Forum Komputery Wirusy, trojany, spyware
ZMIEŃ
    Dodaj do ulubionych

    Proszę o sprawdzenie loga

    IP: *.internetdsl.tpnet.pl 18.04.07, 17:30
    Logfile of HijackThis v1.99.1
    Scan saved at 17:29:37, on 2007-04-18
    Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

    Running processes:
    C:\WINDOWS\System32\smss.exe
    C:\WINDOWS\system32\winlogon.exe
    C:\WINDOWS\system32\services.exe
    C:\WINDOWS\system32\lsass.exe
    C:\WINDOWS\System32\Ati2evxx.exe
    C:\WINDOWS\system32\svchost.exe
    C:\WINDOWS\System32\svchost.exe
    C:\WINDOWS\system32\spoolsv.exe
    C:\WINDOWS\system32\Ati2evxx.exe
    C:\WINDOWS\Explorer.EXE
    C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
    C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
    C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
    C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
    C:\Program Files\DAEMON Tools\daemon.exe
    C:\WINDOWS\system32\ctfmon.exe
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    C:\PROGRA~1\Wapster\AQQ\AQQ.exe
    C:\Program Files\Alwil Software\Avast4\ashServ.exe
    C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
    C:\WINDOWS\system32\PnkBstrA.exe
    C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
    C:\PROGRA~1\INCRED~1\bin\IMApp.exe
    C:\WINDOWS\System32\svchost.exe
    C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    C:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe
    C:\Program Files\DScaler\DScaler.exe
    C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
    C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
    C:\WINDOWS\system32\wuauclt.exe
    C:\Program Files\Mozilla Firefox\firefox.exe
    C:\Documents and Settings\Młody\Pulpit\hijackthis_199\HijackThis.exe

    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
    www.toggle.com/index.php?rvs=hompag
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
    O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} -
    C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
    C:\PROGRA~1\FlashGet\fgiebar.dll
    O3 - Toolbar: TextAloud - {F053C368-5458-45B2-9B4D-D8914BDDDBFF} -
    C:\PROGRA~1\TEXTAL~1\TAForIE.dll
    O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"
    runtime
    O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program
    Files\Java\jre1.5.0_04\bin\jusched.exe
    O4 - HKLM\..\Run: [WinDVR SchSvr] "C:\Program Files\Common
    Files\InterVideo\SchSvr\SchSvr.exe"
    O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software
    Update\HPWuSchd2.exe"
    O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
    Files\HP\hpcoretech\hpcmpmgr.exe"
    O4 - HKLM\..\Run: [DAEMON Tools] "C:\Program Files\DAEMON Tools\daemon.exe"
    -lang 1033
    O4 - HKLM\..\Run: [SoundService] rundll32.exe
    "C:\WINDOWS\system32\axbmraen.dll",setvm
    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
    O4 - HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
    O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
    O4 - HKCU\..\Run: [Expressivo] "C:\Program Files\ivo\Expressivo\expressivo.exe" -t
    O4 - Startup: UniSpiker-2.6.lnk = ?
    O4 - Global Startup: ATI CATALYST – pasek zadań.lnk = C:\Program Files\ATI
    Technologies\ATI.ACE\CLI.exe
    O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqtra08.exe
    O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:\Program
    Files\HP\Digital Imaging\bin\hpqthb08.exe
    O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program
    Files\InterVideo\Common\Bin\WinCinemaMgr.exe
    O8 - Extra context menu item: Download All by FlashGet -
    C:\PROGRA~1\FlashGet\jc_all.htm
    O8 - Extra context menu item: Download using FlashGet -
    C:\PROGRA~1\FlashGet\jc_link.htm
    O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
    O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel -
    res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
    O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
    C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra 'Tools' menuitem: Sun Java Console -
    {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
    Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
    O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
    C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
    C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra 'Tools' menuitem: &FlashGet -
    {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe
    O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
    C:\Program Files\Messenger\msmsgs.exe
    O9 - Extra 'Tools' menuitem: Windows Messenger -
    {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
    O15 - Trusted Zone: mks.com.pl
    O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common
    Files\Adobe Systems Shared\Service\Adobelmsvc.exe
    O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
    C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
    O23 - Service: Ati HotKey Poller - ATI Technologies Inc. -
    C:\WINDOWS\System32\Ati2evxx.exe
    O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
    O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
    Software\Avast4\ashServ.exe
    O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
    Software\Avast4\ashMaiSv.exe" /service (file missing)
    O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
    Software\Avast4\ashWebSv.exe" /service (file missing)
    O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
    O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
    O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB.exe
    O23 - Service: SRS Labs License Service - SRS Labs - C:\Program Files\Common
    Files\SRS Labs Shared\Service\srslabslicenseservice.exe

    Obserwuj wątek
      • Gość: Kolobos Re: Proszę o sprawdzenie loga IP: *.escom.net.pl 18.04.07, 18:01
        W hjt usun:
        O4 - HKLM\..\Run: [SoundService] rundll32.exe
        "C:\WINDOWS\system32\axbmraen.dll",setvm

        Uzyj:
        securityresponse.symantec.com/avcenter/FixVundo.exe
        www.atribune.org/ccount/click.php?id=4
        secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
        Na koniec wyslij mi na maila log z comboscan (kolobos (at) gazeta.pl).

    Najnowsze z forum Wirusy, trojany, spyware

    Nie masz jeszcze konta? Zarejestruj się

    Nakarm Pajacyka
    Osoby zamieszczające wypowiedzi naruszające prawo lub prawem chronione dobra osób trzecich mogą ponieść z tego tytułu odpowiedzialność karną lub cywilną. Regulamin