Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...

maciek_ · Czerwiec 2, 2007

Hmm.. przy uruchomeniu windy szybko pojawiają się 3, 4 okienka wierszu poleceń, później ostrzerzenie, że C

rogram to nie jest dobre miejsce na śmieci (tylko, że ja tego folderu nie stworzyłem -.-). Autostart czysty. wtf, zamieszczam loga.

http://cpaste.com/1032

Vandervir · Czerwiec 2, 2007

Posiadam na sowim komputerze program który wysyła e-maile z mojego komputera.
Używa on e-maili z adresem (costam)@smoke-fire.us
Zamieszczam tez log z hijackthis.

Kod:

Logfile of Trend Micro HijackThis v2.0.0 (BETA)

Scan saved at 12:21:53, on 2007-06-02

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

Boot mode: Normal



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

C:Program FilesAlwil SoftwareAvast4ashServ.exe

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSExplorer.EXE

C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe

C:Program FilesAlwil SoftwareAvast4ashWebSv.exe

C:PROGRA~1ALWILS~1Avast4ashDisp.exe

C:Program FilesMultimedia Combo SetMouseDrv.exe

C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe

C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe

C:Program FilesA4TechMouseAmoumain.exe

C:Program FilesSpybot - Search & DestroyTeaTimer.exe

D:Program FilesTlen.pltlen.exe

C:Program FilesMicrosoft OfficeOfficeOSA.EXE

C:Program FilesMozilla Firefoxfirefox.exe

D:VandervirHiJackThis_v2.exe



R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = about:blank

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O1 - Hosts: 72.14.221.104 [url]www.tibia.pl[/url]

O1 - Hosts: 72.14.221.104 tibia.pl/*

O1 - Hosts: 72.14.221.104 tibia.pl/index.php

O1 - Hosts: 72.14.221.104 gameglobin.info/g.php?wmid=bg004[UPX]

O1 - Hosts: 72.14.221.104 gameglobin.info/g.php?wmid=bg004

O1 - Hosts: 72.14.221.104 [url]www.tibia.com/index.html[/url]

O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:VandervirFlashGetjccatch.dll

O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL (file missing)

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - (no file)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:GRYPIO~1FLASHGETjccatch.dll (file missing)

O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)

O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:VandervirFlashGetgetflash.dll

O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL (file missing)

O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k

O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe

O4 - HKLM..Run: [WireLessMouse ] C:Program FilesMultimedia Combo SetMouseDrv.exe

O4 - HKLM..Run: [WireLessKeyboard ] C:Program FilesMultimedia Combo SetPS2USBKbdDrv.exe

O4 - HKLM..Run: [ATIPTA] "C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe"

O4 - HKLM..Run: [WheelMouse] C:Program FilesA4TechMouseAmoumain.exe

O4 - HKLM..Run: [QuickTime Task] "C:WINDOWSsystem32qttask.exe" -atboottime

O4 - HKCU..Run: [SpybotSD TeaTimer] C:Program FilesSpybot - Search & DestroyTeaTimer.exe

O4 - HKCU..Run: [Komunikator] D:Program FilesTlen.pltlen.exe

O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user')

O4 - Global Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA.EXE

O8 - Extra context menu item: &Convert and Open - D:VANDER~1CONVER~1ConvertIt.htm

O8 - Extra context menu item: &Download All with FlashGet - D:VandervirFlashGetjc_all.htm

O8 - Extra context menu item: &Download with FlashGet - D:VandervirFlashGetjc_link.htm

O8 - Extra context menu item: &NeoTrace It! - D:VANDER~1NEOTRA~1NTXcontext.htm

O8 - Extra context menu item: Download all links using BitComet - res://G:Program FilesBitCometBitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download link using &BitComet - res://G:Program FilesBitCometBitComet.exe/AddLink.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:Vander'VirWinHTTrackWinHTTrackIEBar.dll (file missing)

O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:Vander'VirWinHTTrackWinHTTrackIEBar.dll (file missing)

O9 - Extra button: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - D:Vander'virActive Whoisieshow.exe (file missing)

O9 - Extra 'Tools' menuitem: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - D:Vander'virActive Whoisieshow.exe (file missing)

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:VandervirFlashGetFlashGet.exe

O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:VandervirFlashGetFlashGet.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - D:VANDER~1NEOTRA~1NTXtoolbar.htm (file missing) (HKCU)

O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - [url]http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab[/url]

O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) - [url]http://www3.ca.com/securityadvisor/virusinfo/webscan.cab[/url]

O16 - DPF: {CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA} (Java Plug-in 1.5.0_11) - 

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - [url]http://www.mks.com.pl/skaner/SkanerOnline.cab[/url]

O17 - HKLMSystemCCSServicesTcpip..{BEBCB51B-9FE3-4D5F-A939-54944FDD2929}: NameServer = 80.244.140.241 80.244.128.1

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL

O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - D:Program FilesSpikurl_wpmsg.dll

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSSystem32browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSSystem32browseui.dll

O23 - Service: Abel -   - (no file)

O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe

O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe

O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe

O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe

O23 - Service: FileZilla Server FTP server (FileZilla Server) - Unknown owner - G:XAMPPxamppfilezillaftpfilezillaserver.exe (file missing)

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:WINDOWSsystem32driversKodakCCS.exe

O23 - Service: LicCtrl Service (LicCtrlService) - Unknown owner - C:WINDOWSrunservice.exe (file missing)

O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe

O23 - Service: R2d2 Kernel Authority (R2d2KernelAuthority) - Unknown owner - G:R2D2SO~1R2D2KE~1KAuthS.exe (file missing)

O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - NetGroup - Politecnico di Torino - C:Program FilesWinPcaprpcapd.exe

O23 - Service: XAMPP Service (XAMPP) - Unknown owner - G:XAMPPxamppservice.exe (file missing)



--

End of file - 8742 bytes

Kanciastoporty · Czerwiec 2, 2007

@up
O1 - Hosts: 72.14.221.104 www.tibia.pl
O1 - Hosts: 72.14.221.104 tibia.pl/*
O1 - Hosts: 72.14.221.104 tibia.pl/index.php
O1 - Hosts: 72.14.221.104 gameglobin.info/g.php?wmid=bg004[UPX]
O1 - Hosts: 72.14.221.104 gameglobin.info/g.php?wmid=bg004
O1 - Hosts: 72.14.221.104 www.tibia.com/index.html
Musisz usunac
O2 - BHO: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C

ROGRA~1MEGAUP~1MEGAUP~1.DLL (file missing)
O2 - BHO: (no name) - {85F685C3-20D9-4943-95E4-EB4224056C3F} - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:GRYPIO~1FLASHGETjccatch.dll (file missing)
O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - (no file)
O3 - Toolbar: MEGAUPLOADTOOLBAR - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C

ROGRA~1MEGAUP~1MEGAUP~1.DLL (file missing)
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:Vander'VirWinHTTrackWinHTTrackIEBar.dll (file missing)
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D6C7040} - D:Vander'VirWinHTTrackWinHTTrackIEBar.dll (file missing)
O9 - Extra button: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - D:Vander'virActive Whoisieshow.exe (file missing)
O9 - Extra 'Tools' menuitem: Active Whois - {BAB9A4F4-C201-4fcf-A5D3-BA77BC9FBEB2} - D:Vander'virActive Whoisieshow.exe (file missing)
O9 - Extra button: NeoTrace It! - {9885224C-1217-4c5f-83C2-00002E6CEF2B} - D:VANDER~1NEOTRA~1NTXtoolbar.htm (file missing) (HKCU)
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:WINDOWSSystem32browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:WINDOWSSystem32browseui.dll
O23 - Service: Abel - - (no file)
mozesz wywalic
O17 - HKLMSystemCCSServicesTcpip..{BEBCB51B-9FE3-4D5F-A939-54944FDD2929}: NameServer = 80.244.140.241 80.244.128.1
jezeli wiesz co to jest za ip, to zostaw, jezeli nie to wywal
na przyszlosc uzywaj www.hijackthis.de
===
@m4c13x
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - AutorunsDisabled - (no file)
nie wiadomo co to, reszta jest ok
na przyszlosc uzywaj www.hijackthis.de

coolo · Czerwiec 7, 2007

Logfile of HijackThis v1.99.1
Scan saved at 18:03:03, on 2007-06-07
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSSOUNDMAN.EXE
C

rogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
C

rogram FilesEsetnod32kui.exe
C

rogram FilesSunbelt SoftwarePersonal Firewallkpf4gui.exe
C

rogram FilesNetiaNetnetianet.exe
C

rogram FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:WINDOWSexplorer.exe
C

ocuments and SettingsŁętkiPulpithijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C

rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ATIPTA] "C

rogram FilesATI TechnologiesATI Control Panelatiptaxx.exe"
O4 - HKLM..Run: [WinDLL (wimimi.exe)] rundll32.exe C:WINDOWSSystem32wimimi.exe,start
O4 - HKLM..Run: [nod32kui] "C

rogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [msvccc66] svcchosst.exe
O4 - HKLM..Run: [Microsoft Directxspnew] directxnew.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "C

rogram FilesD-Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [Pas Windows Monitor] pas.exe
O4 - HKLM..Run: [melg3445] C

ocuments and SettingsŁętkowscy.KRYSTIAN4.exe
O4 - HKLM..Run: [WOOWATCH] C

ROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C

ROGRA~1NEOSTR~1GestMaj.exe TaskBarIcon.exe
O4 - HKLM..Run: [WinampAgent] C

rogram FilesWinampwinampa.exe
O4 - HKLM..RunServices: [msvccc66] svcchosst.exe
O4 - HKLM..RunServices: [Microsoft Directxspnew] directxnew.exe
O4 - HKLM..RunServices: [Pas Windows Monitor] pas.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [Microsoft Directxspnew] directxnew.exe
O4 - HKCU..Run: [Pas Windows Monitor] pas.exe
O4 - HKCU..Run: [NETIANET] C

rogram FilesNetiaNetnetianet.exe
O4 - HKCU..RunServices: [Microsoft Directxspnew] directxnew.exe
O4 - Startup: DSLMON .lnk = C

rogram FilesSAGEMSAGEM F@st 800-840dslmon.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C

rogram FilesAdobeAcrobat 7.0Readerreader_sl.exe
O17 - HKLMSystemCCSServicesTcpip..{3DFC203F-FD29-4825-A686-E58493C6BBB8}: NameServer = 213.241.79.37 83.238.255.76
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Windows Time Service (CSRRS) - Unknown owner - C:WINDOWSsystemcsrrs.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Local Service - Unknown owner - C:WINDOWSmsantis.exe
O23 - Service: msdll - Unknown owner - C:WINDOWSsystemmsdll.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C

rogram FilesEsetnod32krn.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C

rogram FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe

nie moge sie pozbyc tego syfu ;/

lade · Czerwiec 7, 2007

sprawdż sobie: http://hijackthis.de/#anl

coolo · Czerwiec 7, 2007

juz to robilem i polowa tych procesow jest podejrzanych
niestety nie moge sie ich pozbyc na dobre

lade · Czerwiec 7, 2007

jak to niemozesz, zapomoca hijcka je usun.

coolo · Czerwiec 7, 2007

ehh wciskalem fix i nadal to sie uruchamia
uzycie msconfig tez nie daje rezultatu

przy kazdym uruchamianiu systemu nod32 wyrzyca mi taki komunikat

Alert details
File:
http://sys02d.angelfire.com/ssiv.x

Threat:
a variant of Win32/TrojanDownloader.Agent.BER trojan

i zawsze biore copy to quarantine i terminate

wie ktos jak sie tego pozbyc?

Alucard · Czerwiec 8, 2007

Looknijcie na mojego loga i powiedzcie prosze jak usunąć ewentualne wirusy

C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Wintab32.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:WINDOWSsystem32RunDLL32.exe
C

rogram FilesCyberLinkPowerDVDPDVDServ.exe
C:WINDOWSsystem32rundll32.exe
C

rogram FilesJavajre1.5.0_11binjusched.exe
C:WINDOWSPowerS.exe
C

rogram FilesNetropaMultimedia KeyboardMMKeybd.exe
C

rogram FilesCommon FilesInstallShieldUpdateServiceissch.exe
C

rogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
C

rogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
C:WINDOWSsystem32ZPOINT32.exe
C

rogram FilesDAEMON Toolsdaemon.exe
C

rogram FilesUnlockerUnlockerAssistant.exe
C:WINDOWSsystem32ctfmon.exe
C

rogram FilesNetropaMultimedia KeyboardTrayMon.exe
C:WINDOWSsystem32WTabletTabUserW.exe
C

rogram FilesNetropaOnscreen DisplayOSD.exe
C

rogram FilesTClockTClock.exe
D

ROGRAMYWinZipWZQKPICK.EXE
C

rogram FilesNetropaMultimedia Keyboardnhksrv.exe
d

ROGRAMYAlwil SoftwareAvast4aswUpdSv.exe
C

rogram FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C

rogram FilesAutodesk3dsMax8mentalraysatelliteraysat_3dsmax8server.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32Tablet.exe
C

ROGRA~1MOZILL~1FIREFOX.EXE
C

rogram FilesWapSterAQQAQQ.exe
C

rogram FilesHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.toggle.com/index.php?rvs=hompag
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {CCA99AD6-256D-07E5-6CE4-5380783E0190} - C:WINDOWSsystem32pnqecuo.dll (file missing)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D

ROGRAMYAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C

rogram FilesJavajre1.5.0_11binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c

rogram filesgooglegoogletoolbar1.dll (file missing)
O2 - BHO: (no name) - {CB5990AD-784F-5497-48EF-56C0DC535398} - C:WINDOWSsystem32wnwurac.dll (file missing)
O2 - BHO: (no name) - {CCA99AD6-256D-07E5-6CE4-5380783E0190} - C:WINDOWSsystem32pnqecuo.dll (file missing)
O2 - BHO: (no name) - {D3298A57-6FB9-4339-BDA1-1784F8E04BC4} - C:WINDOWSsystem32uzgth.dll (file missing)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c

rogram filesgooglegoogletoolbar1.dll (file missing)
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM..Run: [RemoteControl] "C

rogram FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C

rogram FilesJavajre1.5.0_11binjusched.exe"
O4 - HKLM..Run: [˙_zskQJOBCK]UAVHNMU_] C:WINDOWSsystem32_zskwrkni05_UMNHVAU]KCBOJQ.exe
O4 - HKLM..Run: [avast!] d

ROGRAMYALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [PowerS] C:WINDOWSPowerS.exe
O4 - HKLM..Run: [MULTIMEDIA KEYBOARD] C

rogram FilesNetropaMultimedia KeyboardMMKeybd.exe
O4 - HKLM..Run: [ISUSPM Startup] "C

rogram FilesCommon FilesInstallShieldUpdateServiceisuspm.exe" -startup
O4 - HKLM..Run: [ISUSScheduler] "C

rogram FilesCommon FilesInstallShieldUpdateServiceissch.exe" -start
O4 - HKLM..Run: [HP Software Update] C

rogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 - HKLM..Run: [DeviceDiscovery] C

rogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 - HKLM..Run: [Acecad.Wtxpload] C:WINDOWSAcecadWtxpload.exe Acecad
O4 - HKLM..Run: [ZPOINT32] C:WINDOWSsystem32ZPOINT32.exe
O4 - HKLM..Run: [WinampAgent] C

rogram FilesWinampwinampa.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [bpk] E

Kbpk.exe
O4 - HKLM..Run: [QuickTime Task] "C

rogram FilesQuickTime Alternativeqttask.exe" -atboottime
O4 - HKLM..Run: [DAEMON Tools] "C

rogram FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [UnlockerAssistant] "C

rogram FilesUnlockerUnlockerAssistant.exe"
O4 - HKLM..Run: [kav] "C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"
O4 - HKLM..RunServices: [˙_zskQJOBCK]UAVHNMU_] C:WINDOWSsystem32_zskwrkni05_UMNHVAU]KCBOJQ.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [TClock.exe] C

rogram FilesTClocktclock_install.exe
O4 - HKCU..Run: [MSMSGS] "C

rogram FilesMessengermsmsgs.exe" /background
O4 - Startup: Adobe Gamma.lnk = C

rogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Startup: Client RAM.lnk = E:SamurizeClient.exe
O4 - Startup: PowerReg Scheduler.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = D

ROGRAMYAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Remote Controller.lnk = C

rogram FilesProlinkPlayTV ProTVRMVCR.EXE
O4 - Global Startup: TabUserW.exe.lnk = C:WINDOWSsystem32WTabletTabUserW.exe
O4 - Global Startup: TVSCHL.lnk = C

rogram FilesProlinkPlayTV ProTVSCHL.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = D

ROGRAMYWinZipWZQKPICK.EXE
O7 - HKLMSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem, DisableRegedit=1
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D

ROGRAMYMICROS~1OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0scieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D

ROGRAMYMICROS~1OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C

rogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C

rogram FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {74CD40EA-EF77-4BAD-808A-B5982DA73F20} (YazzleActiveX Control) - http://yax-download.yazzle.net/YazzleActiveX.cab?refid=1123
O20 - AppInit_DLLs: adslcomr.dll netiqosn.dll execdmco.dll acluqasf.dll
O20 - Winlogon Notify: artm_newreg - C

ocuments and SettingsAll UsersDokumentySettingsartm_new.dll (file missing)
O20 - Winlogon Notify: klogon - C:WINDOWSsystem32klogon.dll
O20 - Winlogon Notify: msjeclus - C:WINDOWSsystem32msjeclus.dll (file missing)
O21 - SSODL: DCOM Server 2236 - {2C1CD3D7-86AC-4068-93BC-A02304BB2236} - C:WINDOWSsystem322236_27.dll (file missing)
O21 - SSODL: IlmwZHDKUp - {E8BECDC6-4214-676C-7224-586CBDF569B5} - C:WINDOWSsystem32xv.dll (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C

rogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - d

ROGRAMYAlwil SoftwareAvast4aswUpdSv.exe (file missing)
O23 - Service: Autodesk Licensing Service - Autodesk - C

rogram FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 - Service: avast! Antivirus - Unknown owner - d

ROGRAMYAlwil SoftwareAvast4ashServ.exe (file missing)
O23 - Service: avast! Mail Scanner - Unknown owner - d

ROGRAMYAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - d

ROGRAMYAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r (file missing)
O23 - Service: RaySat_3dsmax8 Server (mi-raysat_3dsmax8) - Unknown owner - C

rogram FilesAutodesk3dsMax8mentalraysatelliteraysat_3dsmax8server.exe
O23 - Service: Netropa NHK Server (nhksrv) - Unknown owner - C

rogram FilesNetropaMultimedia Keyboardnhksrv.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: TabletService - Wacom Technology, Corp. - C:WINDOWSsystem32Tablet.exe
O23 - Service: Wintab32 - Unknown owner - C:WINDOWSsystem32Wintab32.exe

Maciomaniak · Czerwiec 9, 2007

Witam. Błagam, zobaczcie także i mój log i powiedzcie co mógłbym usunąć. Od jakiegoś czasu cholernie muli mi komp, mam użycie procka 100% :/

Logfile of HijackThis v1.99.1
Scan saved at 22:12:54, on 2007-06-09
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesExecutive SoftwareDiskeeperLiteDKService.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32HPZipm12.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
Crogram FilesJavajre1.6.0_01binjusched.exe
Crogram FilesHPHP Software UpdateHPWuSchd2.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesGadu-Gadugg.exe
Cocuments and SettingsAll UsersMenu StartProgramyAutostartsystem.exe
C:WINDOWSsystem32wscntfy.exe
Crogram FilesSferiaEasyWirelessNetEasyWirelessNet.exe
Crogram FilesMozilla Firefoxfirefox.exe
Crogram FilesDAEMON Toolsdaemon.exe
C:WINDOWSsystem32msiexec.exe
CROGRA~1COMMON~1INSTAL~1Driver8INTEL3~1IDriver.exe
C:WINDOWSsystem32MsiExec.exe
COCUME~1DomUSTAWI~1TempRar$EX00.235HijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_01binssv.dll
O4 - HKLM..Run: [NVMixerTray] "Crogram FilesNVIDIA CorporationNvMixerNVMixerTray.exe"
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.6.0_01binjusched.exe"
O4 - HKLM..Run: [HP Software Update] Crogram FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O4 - Global Startup: system.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_31.cab
O17 - HKLMSystemCCSServicesTcpip..{71E50245-142F-4935-94AB-B58F1888D223}: NameServer = 193.41.112.18 193.41.112.14
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Diskeeper - Executive Software International, Inc. - Crogram FilesExecutive SoftwareDiskeeperLiteDKService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe[/b]

3rr0rx · Czerwiec 9, 2007

@up
Start>Wszystkie programy>autostart>i wywal system.exe

Kod:

     C:Documents and SettingsAll UsersMenu StartProgramyAutostartsystem.exe

dioz · Czerwiec 10, 2007

Kod:

Logfile of HijackThis v1.99.1

Scan saved at 19:02:03, on 2007-06-10

Platform: Windows XP  (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32csrss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:WINDOWSexplorer.exe

C:Program FilesHewlett-PackardOrderReminderOrderReminder.exe

C:WINDOWSSOUNDMAN.EXE

C:Program FilesJavajre1.6.0_01binjusched.exe

C:Program FilesAntiVir PersonalEdition Classicavgnt.exe

C:Program FilesCyberLinkPowerDVDPDVDServ.exe

C:WINDOWSVM305_STI.EXE

C:WINDOWSSystem32ctfmon.exe

C:Program FilesMessengermsmsgs.exe

C:Program FilesSpyware Doctorswdoctor.exe

C:Program FilesGadu-Gadugg.exe

C:Program FilesBitCometBitComet.exe

C:Program FilesAntiVir PersonalEdition Classicsched.exe

C:Program FilesAntiVir PersonalEdition Classicavguard.exe

C:Program FilesGrisoftAVG Anti-Spyware 7.5guard.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe

C:WINDOWSSystem32nvsvc32.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4gui.exe

C:Program FilesSpyware Doctorsdhelp.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4gui.exe

C:WINDOWSSystem32wuauclt.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesHijackThisHijackThis.exe



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://google.bearshare.com/pl/[/url]

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

F2 - REG:system.ini: Shell=explorer.exe                                                                                                                                                          regchk.exe

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL

O4 - HKLM..Run: [OrderReminder] C:Program FilesHewlett-PackardOrderReminderOrderReminder.exe

O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [nwiz] nwiz.exe /install

O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit

O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k

O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKLM..Run: [avgnt] "C:Program FilesAntiVir PersonalEdition Classicavgnt.exe" /min

O4 - HKLM..Run: [NVRTCLK] C:WINDOWSSystem32NVRTCLKNVRTClk.exe

O4 - HKLM..Run: [PathNvidiaTV] C:Program FilesGigabyteNvidiapatchnvidiaTVout.exe

O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"

O4 - HKLM..Run: [BigDog305] C:WINDOWSVM305_STI.EXE VIMICRO USB PC Camera (ZC0305)

O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background

O4 - HKCU..Run: [Spyware Doctor] "C:Program FilesSpyware Doctorswdoctor.exe" /Q

O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicsched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicavguard.exe

O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:Program FilesGrisoftAVG Anti-Spyware 7.5guard.exe

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:Program FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe

O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd - C:Program FilesSpyware Doctorsdhelp.exe

daktyl · Czerwiec 11, 2007

Kod:

Logfile of HijackThis v1.99.1

Scan saved at 19:48:52, on 2007-06-11

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.5730.0011)



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32Ati2evxx.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe

C:WINDOWSsystem32Ati2evxx.exe

C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe

C:WINDOWSExplorer.EXE

C:WINDOWSsystem32UAService7.exe

C:WINDOWSRTHDCPL.EXE

C:Program FilesJavajre1.6.0_01binjusched.exe

C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe

C:WINDOWSsystem32ctfmon.exe

C:Program FilesRALINKCommonRaUI.exe

C:Program FilesInternet Download ManagerIEMonitor.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesiPodbiniPodService.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:Program FilesGadu-Gadugg.exe

C:Program FilesInternet Download ManagerIDMan.exe

C:Program FilesHijackThisHijackThis.exe



R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.eu.microsoft.com/poland/[/url]

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = [url]http://go.microsoft.com/fwlink/?LinkId=54896[/url]

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:Program FilesInternet Download ManagerIDMIECC.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll

O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:Program FilesBitComettoolsBitCometBHO_1.1.5.19.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MegauploadToolbarmegauploadtoolbar.dll

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dll

O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:PROGRA~1IDMQUICKF~1PlugInsIEHelp.dll

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MegauploadToolbarmegauploadtoolbar.dll

O4 - HKLM..Run: [SkyTel] SkyTel.EXE

O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"

O4 - HKLM..Run: [AVP] "C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe"

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background

O4 - HKCU..Run: [StartCCC] C:Program FilesATI TechnologiesATI.ACECore-StaticCLIStart.exe

O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE

O4 - Global Startup: Ralink Wireless Utility.lnk = C:Program FilesRALINKCommonRaUI.exe

O8 - Extra context menu item: Dodaj do blokowanych banerów - C:Program FilesKaspersky LabKaspersky Internet Security 6.0ie_banner_deny.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:Program FilesBitCometBitComet.exe/AddAllLink.htm

O8 - Extra context menu item: Download All Links with IDM - C:Program FilesInternet Download ManagerIEGetAll.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:Program FilesBitCometBitComet.exe/AddVideo.htm

O8 - Extra context menu item: Download link using &BitComet - res://C:Program FilesBitCometBitComet.exe/AddLink.htm

O8 - Extra context menu item: Download with IDM - C:Program FilesInternet Download ManagerIEExt.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dll

O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:Program FilesKaspersky LabKaspersky Internet Security 6.0scieplugin.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O11 - Options group: [INTERNATIONAL] International*

O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=39204[/url]

O16 - DPF: {5AE58FCF-6F6A-49B2-B064-02492C66E3F4} (MUCatalogWebControl Class) - [url]http://test.catalog.update.microsoft.com/v7/site/ClientControl/en/x86/MuCatalogWebControl.cab?1179840067359[/url]

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - [url]http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1181155255500[/url]

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL

O20 - AppInit_DLLs: C:PROGRA~1Kaspersky LabKaspersky Internet Security 6.0adialhk.dll

O20 - Winlogon Notify: klogon - C:WINDOWSsystem32klogon.dll

O20 - Winlogon Notify: WgaLogon - C:WINDOWS

O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe

O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Unknown owner - C:Program FilesKaspersky LabKaspersky Internet Security 6.0avp.exe" -r (file missing)

O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe (file missing)

O23 - Service: iPod Service - Apple Computer, Inc. - C:Program FilesiPodbiniPodService.exe

O23 - Service: MSCSPTISRV - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibMSCSPTISRV.exe

O23 - Service: PACSPTISVR - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibPACSPTISVR.exe

O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - Unknown owner - C:Program FilesSpyware Doctorsvcntaux.exe (file missing)

O23 - Service: Spyware Doctor Service (sdCoreService) - Unknown owner - C:Program FilesSpyware Doctorswdsvc.exe (file missing)

O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:Program FilesCommon FilesSony SharedAVLibSPTISRV.exe

O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:WINDOWSsystem32UAService7.exe

Jak na moje oko prawie czysty. ;]

Kanciastoporty · Czerwiec 11, 2007

moznaby sie bylo przyczepic tylko do
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
chyba ze wiesz co to jest

daktyl · Czerwiec 12, 2007

Wiem ;] i jest ok

sokyl · Czerwiec 14, 2007

Logfile of HijackThis v1.99.1
Scan saved at 20:45:24, on 2007-06-14
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C

rogram FilesEsetnod32krn.exe
C

rogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:WINDOWSsystemmsdll.exe
C

rogram FilesGadu-Gadugg.exe
C

ocuments and SettingskrzysiekPulpitdss.exe
C

ROGRA~1HIJACK~1krzysiek.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C

rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C

rogram FilesBitComettoolsBitCometBHO_1.1.5.19.dll
O2 - BHO: (no name) - {4A924C7C-2016-4A4E-B032-016BFA52B33A} - C:WINDOWSSystem32vtstq.dll
O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:WINDOWSSystem32mpnoheoq.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C

rogram FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {CD3447D4-CA39-4377-8084-30E86331D74C} - C:WINDOWSSystem32lpwrnmwx.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [ATIPTA] C

rogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKCU..Run: [Uniblue Registry Booster] C

rogram FilesUniblueRegistry BoosterRegistryBooster.exe /S
O8 - Extra context menu item: Download all links using BitComet - res://C

rogram FilesBitCometBitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C

rogram FilesBitCometBitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C

rogram FilesBitCometBitComet.exe/AddLink.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C

ROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O17 - HKLMSystemCCSServicesTcpip..{0EC3C9B4-C2EE-4D84-BF5C-DC8029A78BD0}: NameServer = 80.244.140.241 80.244.128.1
O20 - Winlogon Notify: vtstq - C:WINDOWSSystem32vtstq.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - C

rogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C

rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - C

rogram FilesiPodbiniPodService.exe
O23 - Service: msdll - Unknown owner - C:WINDOWSsystemmsdll.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C

rogram FilesEsetnod32krn.exe
O23 - Service: StyleXPService - Unknown owner - C

rogram FilesTGTSoftStyleXPStyleXPService.exe

interesuje mnie msdll.exe
probowalem go usunac na rozne sposoby i fizycznie go nei ma na dysku nigdzie:/ chyba jest w pamieci RAM... nie znam sie na tym zbyt dobrze ale juz kilka dni probuje go wywalic i nie moge sposobu znalezc. prosze o jakakolwiek pomoc i z gory dziekuje

lade · Czerwiec 14, 2007

heh...troche tego jest.

C:WINDOWSsystemmsdll.exe[/b]

ten proces jest wyłaczony, dobrze by było go usunać.

O2 - BHO: (no name) - {4A924C7C-2016-4A4E-B032-016BFA52B33A} - C:WINDOWSSystem32vtstq.dll[/b]

tu tak samo aplikacja wyłaczona.

O2 - BHO: (no name) - {5ADF3862-9E2E-4ad3-86F7-4510E6550CD0} - C:WINDOWSSystem32mpnoheoq.dll (file missing)[/b]

to nalezałoby FIXED ( w hijcaku)

O2 - BHO: (no name) - {CD3447D4-CA39-4377-8084-30E86331D74C} - C:WINDOWSSystem32lpwrnmwx.dll (file missing)[/b]

to tak samo fixed.

jkjkjk · Czerwiec 17, 2007

Logfile of HijackThis v1.99.1
Scan saved at 10:58:50, on 17.06.2007
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C

rogram FilesIntelWirelessBinEvtEng.exe
C

rogram FilesIntelWirelessBinS24EvMon.exe
C:WINDOWSsystem32spoolsv.exe
C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
C

rogram FilesAgnitumOutpost Firewalloutpost.exe
C

rogram FilesIntelWirelessBinOProtSvc.exe
C:WINDOWSsystem32HPZipm12.exe
C

rogram FilesIntelWirelessBinRegSrvc.exe
C

rogram FilesIntelWirelessBinZcfgSvc.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C

rogram FilesIntelWirelessBinifrmewrk.exe
C

rogram FilesIntelWirelessBinEOUWiz.exe
C:WINDOWSAGRSMMSG.exe
C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
C

rogram FilesJavajre1.6.0_01binjusched.exe
C

rogram FilesHPHP Software UpdateHPWuSchd2.exe
C

rogram FilesCommon FilesAheadLibNMBgMonitor.exe
C

rogram FilesCommon FilesAheadLibNMIndexStoreSvr.exe
C

rogram FilesRALINKCommonRaUI.exe
C

rogram FilesCommon FilesAheadLibNMIndexingService.exe
C

rogram Fileslg_swupdatetmcheck.exe
D:torentbittorrent.exe
C

rogram FilesMozilla Firefoxfirefox.exe
C

rogram FilesGadu-Gadugg.exe
C

rogram FilesWinampwinamp.exe
C

rogram FilesHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.bearshare.com/pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ??cza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C

rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C

rogram FilesJavajre1.6.0_01binssv.dll
O4 - HKLM..Run: [igfxtray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [igfxhkcmd] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [igfxpers] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [IntelZeroConfig] C

rogram FilesIntelWirelessbinZCfgSvc.exe
O4 - HKLM..Run: [IntelWireless] C

rogram FilesIntelWirelessBinifrmewrk.exe /tf Intel PROSet/Wireless
O4 - HKLM..Run: [EOUApp] C

rogram FilesIntelWirelessBinEOUWiz.exe
O4 - HKLM..Run: [LG Intelligent Update] "C

rogram Fileslg_swupdateautoupdate.exe" Gilautouc
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [AVP] "C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "C

rogram FilesJavajre1.6.0_01binjusched.exe"
O4 - HKLM..Run: [HP Software Update] C

rogram FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [Outpost Firewall] C

rogram FilesAgnitumOutpost Firewalloutpost.exe /waitservice
O4 - HKLM..Run: [OutpostFeedBack] C

rogram FilesAgnitumOutpost Firewallfeedback.exe /dump

s_startup
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C

rogram FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [BitTorrent] "D:torentbittorrent.exe" --force_start_minimized
O4 - HKCU..Run: [eyeBeam SIP Client] "C

rogram FilesCounterPathX-Litex-lite.exe"
O4 - HKCU..Run: [Gadu-Gadu] "C

rogram FilesGadu-Gadugg.exe" /tray
O4 - Global Startup: Ralink Wireless Utility.lnk = C

rogram FilesRALINKCommonRaUI.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C

rogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C

rogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C

rogram FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C

ROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll
O20 - Winlogon Notify: IntelWireless - C

rogram FilesIntelWirelessBinLgNotify.dll
O20 - Winlogon Notify: klogon - C:WINDOWSsystem32klogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C

rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r (file missing)
O23 - Service: EvtEng - Intel Corporation - C

rogram FilesIntelWirelessBinEvtEng.exe
O23 - Service: NBService - Nero AG - C

rogram FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - C

rogram FilesCommon FilesAheadLibNMIndexingService.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - C

rogram FilesAgnitumOutpost Firewalloutpost.exe
O23 - Service: OwnershipProtocol - Intel Corporation - C

rogram FilesIntelWirelessBinOProtSvc.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: RegSrvc - Intel Corporation - C

rogram FilesIntelWirelessBinRegSrvc.exe
O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - C

rogram FilesIntelWirelessBinS24EvMon.exe

chudy1993 · Czerwiec 17, 2007

Kod:

C:Program Fileslg_swupdatetmcheck.exe

Nie wiem co to jest, a tak pozatym to masz wszystko OK.

jkjkjk · Czerwiec 17, 2007

witam dzięki za pomoc

Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...

maciek_

Gość

Były Administrator

Były Moderator

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Były Moderator

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik

Użytkownik