Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...

[Kct1]

i moj log:

Logfile of HijackThis v1.99.1

Scan saved at 10:25:37, on 2006-10-22

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:Program FilesCommon FilesSymantec SharedccSvcHst.exe

C:WINDOWSExplorer.EXE

C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe

C:Program FilesCommon FilesSymantec SharedccProxy.exe

C:Program FilesNorton Personal FirewallISSVC.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

C:Program FilesAlwil SoftwareAvast4ashServ.exe

C:WINDOWSsystem32nvsvc32.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe

C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe

C:Program FilesAlwil SoftwareAvast4ashWebSv.exe

C:Program FilesF-Secure Internet SecurityCommonFSM32.EXE

C:Program FilesCommon FilesSymantec SharedccApp.exe

C:PROGRA~1ALWILS~1Avast4ashDisp.exe

C:WINDOWSsystem32ctfmon.exe

D:Różne programyGadu Gadugg.exe

C:Program FilesOperaOpera.exe

C:Documents and SettingsadminPulpithijackthisHijackThis.exe



R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 10.1.0.1:8080

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O2 - BHO: (no name) - AutorunsDisabled - (no file)

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll

O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll

O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - (no file)

O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:Program FilesCommon FilesSymantec SharedAdBlockingNISShExt.dll

O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup

O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit

O4 - HKLM..Run: [F-Secure Manager] "C:Program FilesF-Secure Internet SecurityCommonFSM32.EXE" /splash

O4 - HKLM..Run: [F-Secure TNB] "C:Program FilesF-Secure Internet SecurityTNBTNBUtil.exe" /CHECKALL /WAITFORSW

O4 - HKLM..Run: [F-Secure Startup Wizard] "C:Program FilesF-Secure Internet SecurityFSGUIFSSW.EXE" /reboot

O4 - HKLM..Run: [BearShare] "C:Program FilesBearShareBearShare.exe" /pause

O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"

O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe

O4 - HKLM..Run: [osCheck] "C:Program FilesNorton AntiVirusosCheck.exe"

O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe

O8 - Extra context menu item: &Zablokuj to okienko - C:Program FilesF-Secure Internet SecurityAnti-Spywareblockpopups.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll

O9 - Extra button: Osłona programu IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:Program FilesF-Secure Internet SecurityAnti-Spywareieshield.dll

O9 - Extra 'Tools' menuitem: Osłona programu IE... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:Program FilesF-Secure Internet SecurityAnti-Spywareieshield.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL

O15 - Trusted Zone: [url]http://www.mks.com.pl[/url]

O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - [url]http://mks.com.pl/skaner/SkanerOnline.cab[/url]

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://acs.pandasoftware.com/activescan/as5free/asinst.cab[/url]

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe

O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:Program FilesSymantecLiveUpdateALUSchedulerSvc.exe

O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)

O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccProxy.exe

O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:Program FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)

O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C:Program FilesNorton AntiVirusisPwdSvc.exe

O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:Program FilesNorton Personal FirewallISSVC.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:PROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE

O23 - Service: Machine Debug Manager (MDM) - Unknown owner - C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe

O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe

O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe

Bardzo prosze o sprawdzenie

 

[Szalony Kojot]

@Edit by AziX 4 grudnia 2006
@Edit 18 Luty 2007

Logfile of HijackThis v1.99.1

Scan saved at 10:47:34, on 2007-02-18

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16414)



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesWindows DefenderMsMpEng.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe

C:Program FilesEsetnod32krn.exe

C:WINDOWSsystem32svchost.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4gui.exe

C:Program FilesSunbelt SoftwarePersonal Firewallkpf4gui.exe

C:WINDOWSsystem32devldr32.exe

C:Program FilesEsetnod32kui.exe

C:WINDOWSsystem32ctfmon.exe

C:WINDOWSexplorer.exe

G:Program FilesPcMedikPcMedik.exe

C:PROGRA~1MOZILL~1FIREFOX.EXE

G:CCleanerccleaner.exe

F:AziXhijackthisHijackThis.exe



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = AziX Przegladarka

O4 - HKLM..Run: [nod32kui] "C:Program FilesEsetnod32kui.exe" /WAITSERVICE

O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe

O4 - HKCU..Run: [HijackThis startup scan] F:AziXhijackthisHijackThis.exe /startupscan

O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll

O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - C:Program FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe

O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset  - C:Program FilesEsetnod32krn.exe

 

[kigi]

moj log :

Logfile of HijackThis v1.99.1

Scan saved at 20:46:27, on 06-12-03

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v5.00 (5.00.2919.6304)



Running processes:

C:WINDOWSSYSTEMKERNEL32.DLL

C:WINDOWSSYSTEMMSGSRV32.EXE

C:WINDOWSSYSTEMMPREXE.EXE

D:PANDA SOFTWAREPANDA ANTIVIRUS 2007PSIMSVC.EXE

C:WINDOWSSYSTEMmmtask.tsk

C:WINDOWSEXPLORER.EXE

C:WINDOWSTASKMON.EXE

C:PROGRAM FILESDIAMONDSONIC IMPACT A3DVRTXCTRL.EXE

C:PROGRAM FILESTHOMSONSPEEDTOUCH USBDRAGDIAG.EXE

C:WINDOWSSYSTEMDDHELP.EXE

C:WINDOWSSYSTEMSYSTRAY.EXE

C:WINDOWSSYSTEMIRMON.EXE

D:PROGRAM FILESD-TOOLSDAEMON.EXE

C:WINDOWSSYSTEMLEXBCES.EXE

D:PANDA SOFTWAREPANDA ANTIVIRUS 2007APVXDWIN.EXE

C:WINDOWSRunDLL.exe

C:WINDOWSSYSTEMRPCSS.EXE

C:WINDOWSSYSTEMWMIEXE.EXE

C:WINDOWSSYSTEMLEXPPS.EXE

D:PANDA SOFTWAREPANDA ANTIVIRUS 2007WEBPROXY.EXE

C:WINDOWSSYSTEMRNAAPP.EXE

C:WINDOWSSYSTEMTAPISRV.EXE

C:PROGRAM FILESGADU-GADUGG.EXE

C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE

C:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXE



R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://tibia.erig.net/Main_Page[/url]

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = [url]http://www.eu.microsoft.com/poland/[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX

O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun

O4 - HKLM..Run: [TaskMonitor] C:WINDOWStaskmon.exe

O4 - HKLM..Run: [SystemTray] SysTray.Exe

O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM..Run: [SONICA3DCONTROL] C:Program FilesDiamondSONIC IMPACT A3DVRTXCTRL.EXE

O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon

O4 - HKLM..Run: [LexStart] Lexstart.exe

O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe

O4 - HKLM..Run: [IrMon] IrMon.exe

O4 - HKLM..Run: [DAEMON Tools-1033] "D:Program FilesD-Toolsdaemon.exe"  -lang 1033

O4 - HKLM..Run: [LanzarL2007] "C:WINDOWSTEMP{4C208A81-82C9-11DB-AF27-0060520B3DE0}{D1DA2BA7-2592-4036-9BB2-DCCABDE8DC1A}....L2007tmpSetup.exe" /SETUP:"/l0x0015"

O4 - HKLM..Run: [APVXDWIN] "D:Panda SoftwarePanda Antivirus 2007APVXDWIN.EXE" /s

O4 - HKLM..RunServices: [TVWatch] C:WINDOWSSYSTEMTVWatch.exe

O4 - HKLM..RunServices: [PSIMSVC] "D:Panda SoftwarePanda Antivirus 2007PSIMSVC.exe"

O4 - HKCU..Run: [WindowFX] C:PROGRA~1WINDOWFXwfxload.exe

O4 - HKCU..Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU..Run: [AQQ] D:PROGRA~1WAPSTERAQQAQQ.EXE

O4 - Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe

O8 - Extra context menu item: Download link using &BitComet - res://C:PROGRAM FILESBITCOMETBITCOMET.EXE/AddLink.htm

O8 - Extra context menu item: Download all links using BitComet - res://C:PROGRAM FILESBITCOMETBITCOMET.EXE/AddAllLink.htm

O8 - Extra context menu item: Download all videos using BitComet - res://C:PROGRAM FILESBITCOMETBITCOMET.EXE/AddVideo.htm

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm

O12 - Plugin for .png: C:PROGRA~1INTERN~1PLUGINSnpqtplugin6.dll

O12 - Plugin for .mp3: C:PROGRA~1INTERN~1PLUGINSnpqtplugin4.dll

O12 - Plugin for .amr: C:PROGRA~1INTERN~1PLUGINSnpqtplugin3.dll

O14 - IERESET.INF: SEARCH_PAGE_URL=

O14 - IERESET.INF: START_PAGE_URL=

jesli ktos cos znajdzie prosiłbym o kontakt na pw

 

[razorpl]

mój log prosze o sprawdzenie
Logfile of HijackThis v1.99.1
Scan saved at 15:34:32, on 2006-12-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32RaConfig.exe
Crogram FilesXfireXfire.exe
Crogram FilesInternet Exploreriexplore.exe
D:drivers 3.51 dzwienkówkawdmSoundMan.exe
Crogram FilesFlashGetflashget.exe
Cocuments and SettingsŁukaszPulpithijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - (no file)
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - CROGRA~1FlashGetjccatch.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - CROGRA~1FlashGetgetflash.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - Startup: Xfire.lnk = Crogram FilesXfireXfire.exe
O4 - Global Startup: Microsoft Office.lnk = Crogram FilesMicrosoft OfficeOfficeOSA9.EXE
O4 - Global Startup: RaConfig.lnk = C:WINDOWSsystem32RaConfig.exe
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - Crogram FilesFlashGetjc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - Crogram FilesFlashGetjc_all.htm
O17 - HKLMSystemCCSServicesTcpip..{2B2B0FDC-E12B-47E2-8017-67B8C24B60BB}: NameServer = 194.204.159.1,194.204.152.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe

 

[Crims_]

a co nas obchodza wasze logi ?
nie mozecie ich wrzucic gdzies indziej na forum ktore rezrwuje dzialy na takie tematy ?
proponuje poszukac w google.pl

 

[D0han]

@Crims_
A nie widzisz nazwy tego tematu?

Kto jest chętny ten sprawdza logi i doradza, więc skoro nie masz chęci to się nie odzywaj.

 

[neOh]

;]

Logfile of HijackThis v1.99.1
Scan saved at 02:24:12, on 2006-12-09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32FTRTSVC.exe
Crogram FilesEsetnod32krn.exe
CROGRA~1OrangeBsTaskbarIcon.exe
Crogram FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
Crogram FilesEsetnod32kui.exe
CROGRA~1OrangeBsBusinessEverywhere.exe
C:WINDOWSSystem32ctfmon.exe
Crogram FilesMessengermsmsgs.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesGoogleGoogleToolbarNotifier1.2.908.5008GoogleToolbarNotifier.exe
Crogram FilesPeerGuardian2pg2.exe
Crogram FilesWinZipWZQKPICK.EXE
Crogram FilesGoogleGoogle Desktop SearchGoogleDesktopIndex.exe
CROGRA~1OrangeBsComComp.exe
Crogram FilesGoogleGoogle Desktop SearchGoogleDesktopDisplay.exe
Crogram FilesGoogleGoogle Desktop SearchGoogleDesktopCrawl.exe
CROGRA~1OrangeBsWatch.exe
C:WINDOWSsystem32FTCOMM~1FTCOMM~1.EXE
CROGRA~1MOZILL~1FIREFOX.EXE
Cocuments and SettingsneOhPulpitHijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar2.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - CROGRA~1BEARSH~1BEARSH~2MediaBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar2.dll
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - Crogram FilesBearShare applicationsBearShare MediaBarMediaBar.dll
O4 - HKLM..Run: [OBSWATCH] CROGRA~1OrangeBsWatch.exe
O4 - HKLM..Run: [OBSKIT] CROGRA~1OrangeBsTaskbarIcon.exe
O4 - HKLM..Run: [Google Desktop Search] "Crogram FilesGoogleGoogle Desktop SearchGoogleDesktop.exe" /startup
O4 - HKLM..Run: [nod32kui] "Crogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [swg] Crogram FilesGoogleGoogleToolbarNotifier1.2.908.5008GoogleToolbarNotifier.exe
O4 - HKCU..Run: [PeerGuardian] Crogram FilesPeerGuardian2pg2.exe
O4 - HKCU..Run: [SYSXP] C:WINDOWSSystem32sysxp.exe
O4 - HKCU..Run: [ares] "Crogram FilesAresAres.exe" -h
O4 - Global Startup: WinZip Quick Pick.lnk = Crogram FilesWinZipWZQKPICK.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O17 - HKLMSystemCCSServicesTcpip..{FEAA0DEA-1196-4A1B-80DB-A1EC79E37219}: NameServer = 194.9.223.79 217.17.34.10
O20 - AppInit_DLLs: CROGRA~1GoogleGOOGLE~1GOEC62~1.DLL
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: GoogleDesktopManager - Google - Crogram FilesGoogleGoogle Desktop SearchGoogleDesktopManager.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - Crogram FilesEsetnod32krn.exe

 

[D0han]

Wklejajcie swoje logi na http://www.hijackthis.de/ bo widze że tutaj nikt już nie ma czasu/ochoty analizować tego.

 

[Amix]

Logfile of HijackThis v1.99.1
Scan saved at 19:53:48, on 2006-12-10
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesAntiVir PersonalEdition Classicsched.exe
Crogram FilesAntiVir PersonalEdition Classicavguard.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32WgaTray.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32taskmgr.exe
Cocuments and SettingsSYCZEKPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.bearshare.com/pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - CROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - Crogram FilesDealiokb100Dealio.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_09binssv.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - CROGRA~1BEARSH~2MediaBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSsystem32msdxm.ocx
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - Crogram FilesBearShare MediaBarMediaBar.dll
O3 - Toolbar: Dealio - {E67C74F4-A00A-4F2C-9FEC-FD9DC004A67F} - Crogram FilesDealiokb100Dealio.dll (file missing)
O3 - Toolbar: Protection Bar - {5d4831e0-5a7c-4a46-afd5-a79ab8ce36c2} - Crogram FilesVideo ActiveX Objectiesplugin.dll (file missing)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O8 - Extra context menu item: Compare Prices with &Dealio - Crogram FilesDealiokb100resDealioSearch.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - Crogram FilesDealiokb100Dealio.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengerMSMSGS.EXE
O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - C:WINDOWSSystem32vcehaeb.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Classicsched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - Crogram FilesAntiVir PersonalEdition Classicavguard.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe

 

[asa]

Logfile of HijackThis v1.99.1

Scan saved at 12:15:29, on 2007-01-01

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)



Running processes:

C:WINDOWSSystem32smss.exe

C:WINDOWSsystem32winlogon.exe

C:WINDOWSsystem32services.exe

C:WINDOWSsystem32lsass.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSSystem32svchost.exe

C:WINDOWSsystem32spoolsv.exe

C:Program FilesAntiVir PersonalEdition Classicsched.exe

C:Program FilesAntiVir PersonalEdition Classicavguard.exe

C:WINDOWSExplorer.EXE

C:Program FilesAntiVir PersonalEdition Classicavgnt.exe

C:Program FilesAshampooAshampoo FireWallFireWall.exe

C:Program FilesUnlockerUnlockerAssistant.exe

C:Program FilesSlySoftCloneCDCloneCDTray.exe

C:Program FilesGadu-Gadugg.exe

C:Program FilesNeostrada TPNeostradaTP.exe

C:Program FilesNeostrada TPComComp.exe

C:Program FilesNeostrada TPWatch.exe

C:Program FileseMuleemule.exe

C:Program FilesMozilla Firefoxfirefox.exe

C:WINDOWSsystem32svchost.exe

C:WINDOWSsystem32wuauclt.exe

D:MojePliki ściągniętehijackthis.com



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.neostrada.pl[/url]

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = [url]http://search.bearshare.com/sidebar.html?src=ssb[/url]

R1 - HKCUSoftwareMicrosoftInternet ExplorerSearchURL,(Default) = [url]http://red.clientapps.yahoo.com/customize/ycomp/defaults/su/*http://www.yahoo.com[/url]

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = 

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLL

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL

O2 - BHO: (no name) - {67982BB7-0F95-44C5-92DC-E3AF3DC19D6D} - (no file)

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FlashGetjccatch.dll

O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FlashGetfgiebar.dll

O3 - Toolbar: Protection Bar - {0D045BAA-4BD3-4C94-BE8B-21536BD6BD9F} - C:Program FilesVideo ActiveX Objectiesplugin.dll (file missing)

O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL

O4 - HKLM..Run: [avgnt] "C:Program FilesAntiVir PersonalEdition Classicavgnt.exe" /min

O4 - HKLM..Run: [Ashampoo FireWall] "C:Program FilesAshampooAshampoo FireWallFireWall.exe" -TRAY

O4 - HKLM..Run: [UnlockerAssistant] "C:Program FilesUnlockerUnlockerAssistant.exe" -H

O4 - HKLM..Run: [CloneCDTray] "C:Program FilesSlySoftCloneCDCloneCDTray.exe" /s

O4 - HKCU..Run: [ccleaner] "C:Program FilesCCleanerccleaner.exe" /AUTO

O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm

O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FlashGetflashget.exe

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll

O17 - HKLMSystemCCSServicesTcpip..{6A474E25-49D4-459E-8E0F-CE0C35294A51}: NameServer = 194.204.152.34 217.98.63.164

O17 - HKLMSystemCS1ServicesTcpip..{6A474E25-49D4-459E-8E0F-CE0C35294A51}: NameServer = 194.204.152.34 217.98.63.164

O21 - SSODL: buprestidae - {b59f3ba4-98da-4b5f-8a2d-7b56fb11140b} - C:WINDOWSsystem32cthkpcv.dll

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicsched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:Program FilesAntiVir PersonalEdition Classicavguard.exe

To i ja poprosze bo mam problem chyba jakis ze services nie wiem co zrobic z tym

 

[WhyWantYouKnow?]

Logfile of HijackThis v1.99.1
Scan saved at 13:41:15, on 2007-01-01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32spooldriversw32x863hpztsb09.exe
Crogram FilesATI TechnologiesATI.ACEcli.exe
Crogram FilesHPhpcoretechhpcmpmgr.exe
Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe
C:WINDOWSSystem32hphmon05.exe
C:WINDOWSSOUNDMAN.EXE
Crogram FilesEsetnod32kui.exe
Crogram FilesATI TechnologiesATI.ACECLI.exe
Drogram filesKalendarz XPKalendarz.exe
Crogram FilesEsetnod32krn.exe
Crogram FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSsystem32wscntfy.exe
C:WINDOWSSystem32HPZipm12.exe
Cocuments and SettingsNieWażneDlaWasPulpitHijackThis_v1.99.1.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: GigagetIEHelper - {111CAA23-6F4F-42AC-8555-B48C1D87BBAB} - C:WINDOWSsystem32gigagetbho_v10.dll
O4 - HKLM..Run: [ATIPTA] Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [ATICCC] "Crogram FilesATI TechnologiesATI.ACEcli.exe" runtime
O4 - HKLM..Run: [HPHUPD05] Crogram FilesHewlett-Packard{D946675D-1D6C-4dc8-9E0D-B4B8EAA30EAA}hphupd05.exe
O4 - HKLM..Run: [HP Component Manager] "Crogram FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HP Software Update] "Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HPHmon05] C:WINDOWSSystem32hphmon05.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [nod32kui] "Crogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Outpost Firewall] "Drogram FilesAgnitumOutpost Firewalloutpost.exe" /waitservice
O4 - HKLM..Run: [OutpostFeedBack] Drogram FilesAgnitumOutpost Firewallfeedback.exe /dumps_startup
O4 - HKLM..Run: [Gigaget] "Drogram FilesGiganologyGigagetGigagetShell.exe" /s
O4 - HKCU..Run: [dlmMgr] "Crogram FilesCommon FilesAdobeESDAdobeDownloadManager.exe" restart=1
O4 - Global Startup: ATI CATALYST System Tray.lnk = Crogram FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Kalendarz XP.lnk = Drogram filesKalendarz XPKalendarz.exe
O8 - Extra context menu item: &Download All by Gigaget - Drogram FilesGiganologyGigagetgetallurl.htm
O8 - Extra context menu item: &Download by Gigaget - Drogram FilesGiganologyGigagetgeturl.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - Crogram FilesEsetnod32krn.exe
O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. - Drogram FilesAgnitumOutpost Firewalloutpost.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSSystem32HPZipm12.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - Crogram FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe[/b]

 

[rafal]

Zainstlauj SpyBot'a bo w sumie na 1 moment rzuca sie 1 rzecz, ale akurat nei wiem czy specjalnei to zainstawoles tj : GigagetIEHelper i wszystkie pochodne Gigaget

 

[WhyWantYouKnow?]

Gigaget to dobry program do ściągania różnych plików...nie torrentów coś jak flashget tylko szybszy moim zdaniem i lepszy :] robiłem sobie ghosta wczoraj :F

 

[rafal]

Nom to raczej jest czysto przy starcie, mozesz sprawdzic czy nei masz jakis rootkitow. Co do tego Gigaget'a to troche lipny bo mase wpisow dodaje, gdzie inne sie ograniczaja do min. tj. FlashGet.

 

[Amix]

Logfile of HijackThis v1.99.1
Scan saved at 14:38:59, on 2007-01-03
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
C:WINDOWSSystem32nvsvc32.exe
Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesMozilla Firefoxfirefox.exe
Cocuments and SettingsSYCZEKPulpitHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.bearshare.com/pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - CROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: DealioBHO Class - {6A87B991-A31F-4130-AE72-6D0C294BF082} - Crogram FilesDealiokb100Dealio.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_09binssv.dll
O2 - BHO: XBTP01621 - {9EBBE90B-282E-4c39-8A7E-120749169F0F} - CROGRA~1BEARSH~2MediaBar.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSsystem32msdxm.ocx
O3 - Toolbar: BearShare MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - Crogram FilesBearShare MediaBarMediaBar.dll (file missing)
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [kav] "Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O8 - Extra context menu item: Compare Prices with &Dealio - Crogram FilesDealiokb100resDealioSearch.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0scieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Dealio - {E908B145-C847-4e85-B315-07E2E70DECF8} - Crogram FilesDealiokb100Dealio.dll (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengerMSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengerMSMSGS.EXE
O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab
O20 - Winlogon Notify: klogon - C:WINDOWSSystem32klogon.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWS
O21 - SSODL: flammei - {9d635a36-6b3c-4146-8625-f3aaf507bbf8} - (no file)
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - Crogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe


czy mam jakies virusy? prosze o szybka odpowiedz! LUB CO USUNAC ?

 

[mobi11]

a oto moje logi:



Logfile of HijackThis v1.99.1
Scan saved at 21:23:43, on 2007-01-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5296.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32RUNDLL32.EXE
Crogram FilesGadu-Gadugg.exe
Crogram FilesMozilla Firefoxfirefox.exe
COCUME~1ADMINI~1USTAWI~1TempRar$EX00.694HijackThis.exe

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=54729
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=552...cid={SUB_CLCID}
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O11 - Options group: [INTERNATIONAL] International*
O11 - Options group: [TABS] Tabbed Browsing
O17 - HKLMSystemCCSServicesTcpip..{CDB37CA0-19E3-4937-A9AC-A5987FCBAE1F}: NameServer = 194.204.152.1,194.204.152.34
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe

 

[rafal]

nim wystawicie logi uzyjcie SpyBot : Search & Destroy ;-)

 

[pablossoyos]

Logfile of HijackThis v1.99.1
Scan saved at 16:13:44, on 2007-01-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32Ati2evxx.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:WINDOWSsystem32spoolsv.exe
D:WINDOWSsystem32Ati2evxx.exe
D:WINDOWSExplorer.EXE
D:WINDOWSsystem32RunDll32.exe
Drogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
Drogram FilesHPhpcoretechhpcmpmgr.exe
D:WINDOWSsystem32spooldriversw32x863hpztsb10.exe
Drogram FilesCommon FilesRealUpdate_OBrealsched.exe
Drogram FilesMessengermsmsgs.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSsystem32wscntfy.exe
Drogram FilesGadu-Gadugg.exe
D:WINDOWSSystem32svchost.exe
Drogram FilesWinampWinamp.exe
Drogram FilesMozilla Firefoxfirefox.exe
D:WINDOWSsystem32ntvdm.exe
Drogram FilesLavasoftAd-Aware SE PersonalAd-Aware.exe
Documents and SettingsPawelPulpitHijackThis.exe

O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [ATIPTA] Drogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [HP Component Manager] "Drogram FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility] D:WINDOWSsystem32spooldriversw32x863hpztsb10.exe
O4 - HKLM..Run: [YeppStudioAgent] Drogram FilesSamsungSamsungMediaStudio4.1SamsungMediaStudioAgent.exe
O4 - HKLM..Run: [TkBellExe] "Drogram FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [MSMSGS] "Drogram FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "Drogram FilesCommon FilesAheadlibNMBgMonitor.exe"
O4 - HKCU..Run: [BitComet] "F:BitCometBitComet.exe"
O20 - Winlogon Notify: WgaLogon - D:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - D:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:WINDOWSsystem32ati2sgag.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Drogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe

 

[mar86]

Logfile of HijackThis v1.99.1
Scan saved at 23:43:17, on 2007-01-14
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesWinampwinamp.exe
Crogram FilesMozilla Firefoxfirefox.exe
COCUME~1MISIAC~1USTAWI~1TempRar$EX00.421HijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - CROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_09binssv.dll
O4 - HKLM..Run: [PathNvidiaTV] Crogram FilesGigabyteNvidiapatchnvidiaTVout.exe
O4 - HKLM..Run: [kis] "Crogram FilesKaspersky LabKaspersky Internet Security 6.0avp.exe"
O4 - HKLM..Run: [CorelDRAW Graphics Suite 11b] Crogram FilesCorelCorel Graphics 12LanguagesENProgramsRegistration.exe /title="CorelDRAW Graphics Suite 12" /date=012807 serial=DR12WEX-1504397-KTY lang=EN
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Komunikator] Crogram FilesTlen.pltlen.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: Dodaj do Kaspersky Anti-Banner - Crogram FilesKaspersky LabKaspersky Internet Security 6.0ie_banner_deny.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Ochrona WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Crogram FilesKaspersky LabKaspersky Internet Security 6.0scieplugin.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O17 - HKLMSystemCCSServicesTcpip..{BB367A12-FBCE-41D3-BD66-9DF46AE06461}: NameServer = 194.204.152.34 194.204.159.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: CROGRA~1KASPER~1KASPER~1.0adialhk.dll
O20 - Winlogon Notify: klogon - C:WINDOWSSystem32klogon.dll
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - Crogram FilesKaspersky LabKaspersky Internet Security 6.0avp.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe

 

[world-sport]

Wszystko ok?



Logfile of HijackThis v1.99.1
Scan saved at 5:15:35 AM, on 1/20/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
CROGRA~1ntlBROADB~1SMARTB~1MotiveSB.exe
Crogram FilesJavajre1.5.0_09binjusched.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
Crogram FilesCommon FilesLenovoSchedulerscheduler_proxy.exe
C:WINDOWSAGRSMMSG.exe
Crogram FilesWinampwinampa.exe
Crogram FilesAntiVir PersonalEdition Classicavgnt.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesMessengermsmsgs.exe
Crogram Filesntlbroadband medicbinmpbtn.exe
Crogram FilesAntiVir PersonalEdition Classicsched.exe
Crogram FilesAntiVir PersonalEdition Classicavguard.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32cisvc.exe
Crogram FilesLenovoSystem UpdateSUService.exe
Crogram FilesCommon FilesLenovoSchedulertvtsched.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSsystem32cidaemon.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesGadu-Gadugg.exe
C:WINDOWSsystem32taskmgr.exe
C:WINDOWSexplorer.exe
C:WINDOWSsystem32igfxsrvc.exe
Crogram FilesMozilla Firefoxfirefox.exe
COCUME~1MARCIN~1LOCALS~1TempTemporary Directory 1 for hijackthis.zipHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.webpomocnik.net/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_09binssv.dll
O4 - HKLM..Run: [Motive SmartBridge] CROGRA~1ntlBROADB~1SMARTB~1MotiveSB.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_09binjusched.exe"
O4 - HKLM..Run: [Windows Defender] "Crogram FilesWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: [igfxtray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [igfxhkcmd] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [igfxpers] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [TVT Scheduler Proxy] Crogram FilesCommon FilesLenovoSchedulerscheduler_proxy.exe
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM..Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [WinampAgent] Crogram FilesWinampwinampa.exe
O4 - HKLM..Run: [avgnt] "Crogram FilesAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKCU..Run: [BitTorrent] "Crogram FilesBitTorrentbittorrent.exe" --force_start_minimized
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O4 - Global Startup: Adobe Reader Speed Launch.lnk = Crogram FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: broadband medic.lnk = Crogram Filesntlbroadband medicbinmatcli.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - Cocuments and Settingsmarcinowiec1985Start MenuProgramsAbsolute PokerAbsolute Poker.lnk
O9 - Extra 'Tools' menuitem: Absolute Poker - {13C1DBF6-7535-495c-91F6-8C13714ED485} - Cocuments and Settingsmarcinowiec1985Start MenuProgramsAbsolute PokerAbsolute Poker.lnk
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - Crogram FilesSkypePlugin ManagerSkype4COM.dll (file missing)
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: Adobe LM Service - Adobe Systems - Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAntiVir PersonalEdition Classicsched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - Crogram FilesAntiVir PersonalEdition Classicavguard.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: IBM PSA Access Driver Control (PsaSrv) - Unknown owner - C:WINDOWSsystem32PsaSrv.exe
O23 - Service: System Update (SUService) - - Crogram FilesLenovoSystem UpdateSUService.exe
O23 - Service: TVT Scheduler - Lenovo Group Limited - Crogram FilesCommon FilesLenovoSchedulertvtsched.exe