Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...
- Thread starter patology
- Rozpoczęty
- Status
krzychu1991s
Użytkownik
- Dołączył
- Listopad 11, 2007
- Posty
- 26
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 21:03:28, on 2008-02-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesLavasoftAd-Aware 2007aawservice.exe
C:WINDOWSExplorer.EXE
c:windowssystem32svchost.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesATI TechnologiesATI.ACECLI.EXE
C:Program FilesJavajre1.6.0_03binjusched.exe
C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
C:Program FilesHPhpcoretechhpcmpmgr.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
C:WINDOWSsystem32ctfmon.exe
C:PROGRA~1CheckP3checkp3.exe
C:Program FilesCommon FilesAheadlibNMBgMonitor.exe
C:Program FilesSkypePhoneSkype.exe
C:PROGRA~1CACHEM~1CachemanXP.exe
C:WINDOWSsystem32PnkBstrA.exe
C:WINDOWSsystem32PnkBstrB.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:Program FilesATI TechnologiesATI.ACEcli.exe
C:WINDOWSsystem32wuauclt.exe
C:Program FilesAlwil SoftwareAvast4ashSimpl.exe
C:Program FilesMicrosoft OfficeOffice10EXCEL.EXE
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSExplorer.EXE
C:Program FilesHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32secpol.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpnyt.dll
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACECLIStart.exe"
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_03binjusched.exe"
O4 - HKLM..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [DeviceDiscovery] C:Program FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHewlett-PackardHP Software UpdateHPWuSchd.exe"
O4 - HKLM..Run: [HP Component Manager] "C:Program FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [CheckP3] C:PROGRA~1CheckP3checkp3.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:Program FilesCommon FilesAheadlibNMBgMonitor.exe"
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [amva] C:WINDOWSsystem32amvo.exe
O4 - Startup: hamachi.lnk = C:Program FilesHamachihamachi.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [url]https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab[/url]
O17 - HKLMSystemCCSServicesTcpip..{CCC5321C-DA8F-4709-92DF-18AAD420AB5B}: NameServer = 192.168.1.1
O17 - HKLMSystemCCSServicesTcpip..{D8EA8847-EB41-402D-8696-44C178391E60}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: fsmgmt - C:WINDOWSSYSTEM32fsmgmt.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWS
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:Program FilesLavasoftAd-Aware 2007aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: CachemanXP (CachemanXPService) - OuterTechnologies - C:PROGRA~1CACHEM~1CachemanXP.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: MySql - Unknown owner - c:usr/MYSQL/bin/mysqld.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - C:WINDOWSsystem32PnkBstrB.exe
O23 - Service: Armed Assault Drivers Auto Removal (pr2agmlb) (pr2agmlb) - Bohemia Interactive - C:WINDOWSsystem32pr2agmlb.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f "%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: FrontLine Drivers Auto Removal (v2) (sfrem02) - Protection Technology (StarForce) - C:WINDOWSsystem32sfrem02.exe
O23 - Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) - TuneUp Software GmbH - C:Program FilesTuneUp Utilities 2006WinStylerThemeSvc.exe
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 10:35:21, on 2008-02-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32agrsmsvc.exe
C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:Program FilesNetLimiter 2 Pronlsvc.exe
C:Program FilesOneStepSearchonestep.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesNetLimiter 2 ProNLClient.exe
C:WINDOWSExplorer.EXE
C:Program FilesLG SoftwareIP OperatorIP Operator.exe
C:WINDOWSsystem32igfxtray.exe
C:WINDOWSsystem32hkcmd.exe
C:WINDOWSsystem32igfxpers.exe
C:Program FilesJavajre1.6.0_03binjusched.exe
C:Program FilesFlashGet NetworkFlashgetFlashGet.exe
C:windowsGaduGadu.exe
C:WINDOWSsystem32igfxsrvc.exe
C:Program FilesBPKwindows32.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesPPStreamPPStream.exe
C:Program FilesOneStepSearchonestep.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:totalcmdTOTALCMD.EXE
c:Program FilesHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://google.bearshare.com/pl/[/url]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:Program FilesBPKwindows32wb.dll
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:Program FilesFlashGet NetworkFlashgetComDllsbhoCATCH.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:PROGRA~1FlashFXPIEFlash.dll
O4 - HKLM..Run: [IPO3] "C:Program FilesLG SoftwareIP OperatorIP Operator.exe" -aUtOsTaRtFrOmReG
O4 - HKLM..Run: [IgfxTray] C:WINDOWSsystem32igfxtray.exe
O4 - HKLM..Run: [HotKeysCmds] C:WINDOWSsystem32hkcmd.exe
O4 - HKLM..Run: [Persistence] C:WINDOWSsystem32igfxpers.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_03binjusched.exe"
O4 - HKLM..Run: [FlashGet] "C:Program FilesFlashGet NetworkFlashgetFlashGet.exe" /min
O4 - HKLM..Run: [GaduGadu] c:windowsGaduGadu.exe
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O4 - Startup: PPS.lnk = C:Program FilesPPStreamPPStream.exe
O8 - Extra context menu item: &ĘąÓĂżěłľ(FlashGet)ĎÂÔŘ - C:Program FilesFlashGet NetworkFlashgetComDllsBholink.htm
O8 - Extra context menu item: &ĘąÓĂżěłľ(FlashGet)ĎÂÔŘČŤ˛żÁ´˝Ó - C:Program FilesFlashGet NetworkFlashgetComDllsBhoall.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: igfxcui - C:WINDOWSSYSTEM32igfxdev.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:WINDOWSsystem32agrsmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: IviRegMgr - InterVideo - C:Program FilesCommon FilesInterVideoRegMgriviRegMgr.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - C:Program FilesNetLimiter 2 Pronlsvc.exe
O23 - Service: OneStep Search Service - Unknown owner - C:Program FilesOneStepSearchonestep.exe" "C:Program FilesOneStepSearchonestep.dll" Service (file missing)krzychu1991s:
Wywal:
Bretos:
Wywal:
(perfect keylogger)
Wywal:
(ale nie musisz)
Wywal:
Kod:
O4 - HKCU..Run: [amva] C:WINDOWSsystem32amvo.exe
Kod:
O20 - Winlogon Notify: fsmgmt - C:WINDOWSSYSTEM32fsmgmt.dllBretos:
Wywal:
(perfect keylogger)
Kod:
C:Program FilesBPKwindows32.exe
Kod:
O2 - BHO: PK IE Plugin - {1E1B2879-88FF-11D3-8D96-D7ACAC95951A} - C:Program FilesBPKwindows32wb.dllWywal:
(ale nie musisz)
Kod:
C:Program FilesOneStepSearchonestep.exe
Kod:
O23 - Service: OneStep Search Service - Unknown owner - C:Program FilesOneStepSearchonestep.exe" "C:Program FilesOneStepSearchonestep.dll" Service (file missing)Proszę o sprawdzenie mojego logu.
domyślam się, że nie wszystko jest ok bo mój komputer wariuje.
Logfile of HijackThis v1.99.1
Scan saved at 03:07, on 2008-02-12
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.exe
C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesCommon FilesLightScribeLSSrvc.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesMozilla Firefoxfirefox.exe
F:HijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.o2.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = L1cza
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%VTTray.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] Crogram FilesSpybot - Search & DestroyTeaTimer.exe
O17 - HKLMSystemCCSServicesTcpip..{669658A3-97D2-4167-AC21-3B93887D0371}: NameServer = 81.219.24.1,81.219.24.221
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - Crogram FilesCommon FilesLightScribeLSSrvc.exe
Za każdym razem przy uruchamianiu komputera wyskakuje wiadomość, że brak jest pliku VTTray.exe ale z tego co widzę to jest on w logu, chociaż i tak niepotrzebnie bo to jest chyba wirus, tak??
domyślam się, że nie wszystko jest ok bo mój komputer wariuje.
Logfile of HijackThis v1.99.1
Scan saved at 03:07, on 2008-02-12
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.exe
C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeC
rogram FilesAlwil SoftwareAvast4ashServ.exeC
ROGRA~1ALWILS~1Avast4ashDisp.exeC:WINDOWSsystem32spoolsv.exe
C
rogram FilesCommon FilesLightScribeLSSrvc.exeC
rogram FilesAlwil SoftwareAvast4ashWebSv.exeC
rogram FilesAlwil SoftwareAvast4ashMaiSv.exeC
rogram FilesMozilla Firefoxfirefox.exeF:HijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.o2.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = L1cza
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%VTTray.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dllO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [avast!] C
ROGRA~1ALWILS~1Avast4ashDisp.exeO4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] C
rogram FilesSpybot - Search & DestroyTeaTimer.exeO17 - HKLMSystemCCSServicesTcpip..{669658A3-97D2-4167-AC21-3B93887D0371}: NameServer = 81.219.24.1,81.219.24.221
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C
ROGRA~1COMMON~1SkypeSKYPE4~1.DLLO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C
rogram FilesCommon FilesLightScribeLSSrvc.exeZa każdym razem przy uruchamianiu komputera wyskakuje wiadomość, że brak jest pliku VTTray.exe ale z tego co widzę to jest on w logu, chociaż i tak niepotrzebnie bo to jest chyba wirus, tak??
YY
Chyba bedziemy zmuszeni napisać specjalną notkę ze kto z Avastem da nam loga to go nie sprawdzimy.Avast to najgorszy AV jaki może Istnieć.Też go kiedys uważałem za dobrego ale sie mylilem.Wystarczy zbindować syf z czyms i juz nie znajduje go.A Zamażesz Kod Wirusa NTkrn Protectorem to juz 100% ze nie znajdzie go.
Napewno dałeś cały Log bo troche krótki on jest.
F I X :
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%VTTray.exe
To Jest Podejrzane :
O17 - HKLMSystemCCSServicesTcpip..{669658A3-97D2-4167-AC21-3B93887D0371}: NameServer = 81.219.24.1,81.219.24.221
Połączenie z zewnętrznym Hostem ??
Daj Jeszcze Loga z ComboFixa bo Mój Mózg mówi mi ze masz więcej syfu.
Zmień Avasta na Noda albo Kaspersky
Chyba bedziemy zmuszeni napisać specjalną notkę ze kto z Avastem da nam loga to go nie sprawdzimy.Avast to najgorszy AV jaki może Istnieć.Też go kiedys uważałem za dobrego ale sie mylilem.Wystarczy zbindować syf z czyms i juz nie znajduje go.A Zamażesz Kod Wirusa NTkrn Protectorem to juz 100% ze nie znajdzie go.
Napewno dałeś cały Log bo troche krótki on jest.
F I X :
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - (no file)
F2 - REG:system.ini: Shell=Explorer.exe %WINDIR%VTTray.exe
To Jest Podejrzane :
O17 - HKLMSystemCCSServicesTcpip..{669658A3-97D2-4167-AC21-3B93887D0371}: NameServer = 81.219.24.1,81.219.24.221
Połączenie z zewnętrznym Hostem ??
Daj Jeszcze Loga z ComboFixa bo Mój Mózg mówi mi ze masz więcej syfu.
Zmień Avasta na Noda albo Kaspersky
To sprawdżcie jeszcze raz mojego loga.
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:28:55, on 2008-02-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:Program FilesWindows DefenderMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesG DATA AntiVirusAVKAVKService.exe
C:Program FilesG DATA AntiVirusAVKAVKWCtl.exe
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
C:WINDOWSExplorer.EXE
C:WINDOWSRTHDCPL.EXE
C:Program FilesJavajre1.6.0_03binjusched.exe
C:Program FilesWindows DefenderMSASCui.exe
C:Program FilesG DATA AntiVirusAVKTrayAVKTray.exe
C:Program FilesCommon FilesRealUpdate_OBrealsched.exe
E:PROGRAMYZoneAlarmzlclient.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesSferiaEasyWirelessNetEasyWirelessNet.exe
E:PROGRAMYSpybot - Search & DestroySpybotSD.exe
E:PROGRAMYGadu-Gadugg.exe
E:PROGRAMYOperaOpera.exe
E:PROGRAMYDAEMON Toolsdaemon.exe
C:PROGRA~1MOZILL~1FIREFOX.EXE
E:PROGRAMYHiJackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://go.microsoft.com/fwlink/?LinkId=69157[/url]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.yahoo.com[/url]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: G DATA WebFilter Class - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:Program FilesG DATA AntiVirusWebfilterAvkWebIE.dll
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - C:Program FilesYahoo!CompanionInstallscpn0ycomp5_6_0_1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:PROGRAMYflashgetjccatch.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - E:PROGRAMYRealPlayerrpbrowserrecordplugin.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:PROGRAMYSPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O2 - BHO: LingTools Class - {7638AB14-B003-49F2-A342-D7BD4F7FD79A} - E:PROGRAMYSLOWNI~1toolbar.dll
O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:Program FilesCommon FilesMicrosoft SharedWindows LiveWindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:Program FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O2 - BHO: ZoneAlarm Spy Blocker BHO - {F0D4B231-DA4B-4daf-81E4-DFEE4931A4AA} - C:Program FilesZoneAlarmSBbar1.binSPYBLOCK.DLL
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:PROGRAMYflashgetgetflash.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:Program FilesYahoo!CompanionInstallscpn0ycomp5_6_0_1.dll
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:Program FilesG DATA AntiVirusWebfilterAvkWebIE.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:Program FilesWindows Live Toolbarmsntb.dll
O3 - Toolbar: ZoneAlarm Spy Blocker - {F0D4B239-DA4B-4daf-81E4-DFEE4931A4AA} - C:Program FilesZoneAlarmSBbar1.binSPYBLOCK.DLL
O4 - HKLM..Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM..Run: [SkyTel] SkyTel.EXE
O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "C:Program FilesJavajre1.6.0_03binjusched.exe"
O4 - HKLM..Run: [Windows Defender] "C:Program FilesWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [LXCFCATS] rundll32 C:WINDOWSSystem32spoolDRIVERSW32X863LXCFtime.dll,_RunDLLEntry@16
O4 - HKLM..Run: [AVKTray] "C:Program FilesG DATA AntiVirusAVKTrayAVKTray.exe"
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [QuickTime Task] "E:PROGRAMYQuickTimeQTTask.exe" -atboottime
O4 - HKLM..Run: [ZoneAlarm Client] "E:PROGRAMYZoneAlarmzlclient.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "E:PROGRAMYAdobe Acrobat ReaderReaderReader_sl.exe"
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [SpybotSD TeaTimer] E:PROGRAMYSpybot - Search & DestroyTeaTimer.exe
O4 - HKCU..Run: [Gadu-Gadu] "E:PROGRAMYGadu-Gadugg.exe" /tray
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: &Windows Live Search - res://C:Program FilesWindows Live Toolbarmsntb.dll/search.htm
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - E:PROGRAMYflashgetjc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - E:PROGRAMYflashgetjc_all.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:PROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSbdoscandel.exe
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - C:WINDOWSbdoscandel.exe
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:PROGRAMYflashgetFlashGet.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:PROGRAMYflashgetFlashGet.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:PROGRAMYSPYBOT~1SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:PROGRAMYSPYBOT~1SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:WINDOWSNetwork Diagnosticxpnetdiag.exe
O16 - DPF: {0D6709DD-4ED8-40CA-B459-2757AEEF7BEE} (Dldrv2 Control) - [url]http://download.gigabyte.com.tw/object/Dldrv.ocx[/url]
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - [url]http://download.bitdefender.com/resources/scan8/oscan8.cab[/url]
O16 - DPF: {67A5F8DC-1A4B-4D66-9F24-A704AD929EEE} (System Requirements Lab) - [url]http://www.nvidia.com/content/DriverDownload/srl/2.0.0.1/sysreqlab2.cab[/url]
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - [url]http://www.update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1192476870968[/url]
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - [url]http://acs.pandasoftware.com/activescan/as5free/asinst.cab[/url]
O17 - HKLMSystemCCSServicesTcpip..{9C6E155B-872E-408F-9808-273DF2E2FE1A}: NameServer = 193.41.112.18 193.41.112.14
O20 - AppInit_DLLs: C:PROGRA~1GoogleGOOGLE~2GOEC62~1.DLL
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:Program FilesG DATA AntiVirusAVKAVKService.exe
O23 - Service: Strażnik AntiVirus (AVKWCtl) - G DATA Software AG - C:Program FilesG DATA AntiVirusAVKAVKWCtl.exe
O23 - Service: GoogleDesktopManager - Google - C:Program FilesGoogleGoogle Desktop SearchGoogleDesktop.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: lxcf_device - Unknown owner - C:WINDOWSsystem32lxcfcoms.exe
O23 - Service: NBService - Nero AG - C:Program FilesNeroNero 7Nero BackItUpNBService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
--
End of file - 10023 bytesA to coś to moje:
Z góry dzięki za pomoc
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:49:14, on 2008-02-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesDAEMON Toolsdaemon.exe
C:Program FilesSlySoftCloneCDCloneCDTray.exe
C:windowssystem32rlvknlg.exe
C:Program FilesAgnitumTauscan 1.6Taumon.exe
C:WINDOWSSystem32WScript.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesOpenOffice.org 2.3programsoffice.exe
C:Program FilesOpenOffice.org 2.3programsoffice.BIN
C:WINDOWSsystem32svhcost.exe
C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wscntfy.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Program FilesWinampwinamp.exe
C:Program FilesAdobeAcrobat 6.0 CEReaderAcroRd32.exe
C:WINDOWSsystem32wscript.exe
C:Program FilesJeticoBestCryptBCResident.exe
C:WINDOWSsystem32wscript.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.www.daemon-search.com/default[/url]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O1 - Hosts: 81.31.239.149 paypal.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_03binssv.dll
O3 - Toolbar: Steganos Internet Anonym - {00000000-5736-4205-0008-781cd0e19f00} - c:program filessteganos internet anonym pro 7siapro7iep.dll
O4 - HKLM..Run: [ATIPTA] "C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM..Run: [CloneCDTray] "C:Program FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [Microsoft] svhcost.exe
O4 - HKLM..Run: [RelevantKnowledge] C:windowssystem32rlvknlg.exe -boot
O4 - HKLM..Run: [Tau Monitor] C:Program FilesAgnitumTauscan 1.6Taumon.exe
O4 - HKLM..Run: [Item Viewer] F:Diabloitemview.exe /register
O4 - HKLM..Run: [MSRegInfo] C:WINDOWSpagefile.sys.vbs
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [uap1.4] C:Documents and SettingsZoMoPulpituap.exe task
O4 - HKLM..Run: [svchost] C:WINDOWSsvchostsvchost.exe
O4 - HKLM..Run: [BCWipeTM Startup] "C:Program FilesJeticoBestCryptBCWipeTM.exe" startup
O4 - HKLM..Run: [TSTray] "C:Program FilesG DATA SoftwareTopSecret Next GenerationTSTray.exe" /start
O4 - HKLM..RunServices: [Microsoft] svhcost.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [BitTorrent] "C:Program FilesBitTorrentbittorrent.exe" --force_start_minimized
O4 - HKCU..Run: [h0sts.exe1] C:WINDOWSh0sts.exe
O4 - HKCU..Run: [SIAPRO7] "C:Program FilesSteganos Internet Anonym Pro 7SIAPRO7.exe" -boot
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [AQQ] C:PROGRA~1WapSterAQQAQQ.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-19..RunOnce: [SIAPRO7] "C:Program FilesSteganos Internet Anonym Pro 7SIAPRO7.exe" -firstboot (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-20..RunOnce: [SIAPRO7] "C:Program FilesSteganos Internet Anonym Pro 7SIAPRO7.exe" -firstboot (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUSS-1-5-18..RunOnce: [SIAPRO7] "C:Program FilesSteganos Internet Anonym Pro 7SIAPRO7.exe" -firstboot (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user')
O4 - HKUS.DEFAULT..RunOnce: [SIAPRO7] "C:Program FilesSteganos Internet Anonym Pro 7SIAPRO7.exe" -firstboot (User 'Default user')
O4 - Startup: OpenOffice.org 2.3.lnk = C:Program FilesOpenOffice.org 2.3programquickstart.exe
O4 - Global Startup: BestCrypt Auto Open.lnk = C:Program FilesJeticoBestCryptBestCrypt.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O17 - HKLMSystemCCSServicesTcpip..{92FA0B86-4708-4E7D-B5A2-F27104E705E9}: NameServer = 194.204.159.1,194.204.152.34
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs: hplun.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:Program FilesCommon FilesAutodesk SharedServiceAdskScSrv.exe
O23 - Service: Critical System Service BootDrv (BootDrv) - Unknown owner - C:WINDOWSsystem32BootDSvc.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - C:Program FilesWinPcaprpcapd.exeLoooL
Gz loga,takiego czegos jeszcze nie widziałem :hahaha: :zdziwko: :shock:
Must Fixed !!!!!!!!! :
C:windowssystem32rlvknlg.exe
O1 - Hosts: 81.31.239.149 paypal.com <-------------- Wszystkie te do usunięcia
O4 - HKLM..Run: [RelevantKnowledge] C:windowssystem32rlvknlg.exe -boot
Unknown
O4 - HKLM..Run: [Item Viewer] Fiabloitemview.exe /register
O4 - HKLM..Run: [svchost] C:WINDOWSsvchostsvchost.exe
O4 - HKLM..RunServices: [Microsoft] svhcost.exe
O4 - HKCU..Run: [h0sts.exe1] C:WINDOWSh0sts.exe
O23 - Service: Critical System Service BootDrv (BootDrv) - Unknown owner - C:WINDOWSsystem32BootDSvc.exe
To wszystko w Awaryjnym Usuwasz.
Muuuuuuuuuuuuuusisz dać nam loga z Combofixa i przeskanować kompa nodem i Kaspersky.
Czy nie uważacie ze za te sprawdzanie powinniscie chyba jakos podziękować reputem ??
Gz loga,takiego czegos jeszcze nie widziałem :hahaha: :zdziwko: :shock:
Must Fixed !!!!!!!!! :
C:windowssystem32rlvknlg.exe
O1 - Hosts: 81.31.239.149 paypal.com <-------------- Wszystkie te do usunięcia
O4 - HKLM..Run: [RelevantKnowledge] C:windowssystem32rlvknlg.exe -boot
Unknown
O4 - HKLM..Run: [Item Viewer] F
iabloitemview.exe /registerO4 - HKLM..Run: [svchost] C:WINDOWSsvchostsvchost.exe
O4 - HKLM..RunServices: [Microsoft] svhcost.exe
O4 - HKCU..Run: [h0sts.exe1] C:WINDOWSh0sts.exe
O23 - Service: Critical System Service BootDrv (BootDrv) - Unknown owner - C:WINDOWSsystem32BootDSvc.exe
To wszystko w Awaryjnym Usuwasz.
Muuuuuuuuuuuuuusisz dać nam loga z Combofixa i przeskanować kompa nodem i Kaspersky.
Czy nie uważacie ze za te sprawdzanie powinniscie chyba jakos podziękować reputem ??
a moj?Logfile of HijackThis v1.99.1
Scan saved at 20:59:35, on 2008-02-15
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16608)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
D
C
C
D
C
C:WINDOWSsystem32RUNDLL32.EXE
D
C:WINDOWSsystem32ctfmon.exe
C
D
C
D
C
C
C:WINDOWSsystem32nvsvc32.exe
C
d
C:WINDOWSsystem32svchost.exe
C
C
C
D
D
d
C:WINDOWSsystem32cisvc.exe
C:WINDOWSsystem32cidaemon.exe
C:WINDOWSsystem32WISPTIS.EXE
C
D:HijackThis.exe
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C
O4 - HKLM..Run: [Smapp] C
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [HP Software Update] D
O4 - HKLM..Run: [NeroFilterCheck] C
O4 - HKLM..Run: [NBKeyScan] "C
O4 - HKLM..Run: [SunJavaUpdateSched] "C
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [QuickTime Task] "D
O4 - HKLM..Run: [nod32kui] "C
O4 - HKLM..Run: [cFosSpeed] D
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D
O4 - Global Startup: WlanUtility.lnk = C
O8 - Extra context menu item: &Winamp Toolbar Search - C
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLMSystemCCSServicesTcpip..{2A7BD452-A8A1-47C8-8E09-1249C939EE0B}: NameServer = 208.67.222.222,208.67.220.220
O23 - Service: cFosSpeed System Service (cFosSpeedS) - Unknown owner - D
O23 - Service: MSI_WLAN_Service - Unknown owner - C
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C
O23 - Service: NMIndexingService - Nero AG - C
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - d
To jest cały log, taki krotki. Nie da się usunąć tego
bo za każdym razem po uruchomieniu znowu sie pojawia.
Teraz doszło jeszcze to, że wyskakuje czasami okienko, że za minute wyłączy się komputer. Wiem jak zrobić żeby się nie zamknął ale nie chce żeby to w ogóle mi wyskakiwało.
A te numery hosta zewnętrznego o których mówisz to są z mojego poprzedniego połączenia z internetem.
I jeszcze jedno pytanie mam. W jaki sposób mogę usunąć Google Earth jeśli nie ma w katalogu pliku uninstal?? W dodaj/usuń programy też go nie ma.
Kod:
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)Teraz doszło jeszcze to, że wyskakuje czasami okienko, że za minute wyłączy się komputer. Wiem jak zrobić żeby się nie zamknął ale nie chce żeby to w ogóle mi wyskakiwało.
A te numery hosta zewnętrznego o których mówisz to są z mojego poprzedniego połączenia z internetem.
I jeszcze jedno pytanie mam. W jaki sposób mogę usunąć Google Earth jeśli nie ma w katalogu pliku uninstal?? W dodaj/usuń programy też go nie ma.
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 15:24:45, on 2008-02-16
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesESETESET NOD32 Antivirusekrn.exe
C:Program FilesCommon FilesLightScribeLSSrvc.exe
C:WINDOWSSystem32wuauclt.exe
F:HijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.o2.pl/[/url]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [egui] "C:Program FilesESETESET NOD32 Antivirusegui.exe" /hide /waitservice
O4 - HKCU..Run: [swg] C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O17 - HKLMSystemCCSServicesTcpip..{669658A3-97D2-4167-AC21-3B93887D0371}: NameServer = 81.219.24.1,81.219.24.221
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Client/Server Runtime Server Subsystem (CSRSS) - Unknown owner - C:WINDOWScsrss.exe (file missing)
O23 - Service: Eset HTTP Server (EhttpSrv) - Unknown owner - C:Program FilesESETESET NOD32 AntivirusEHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - C:Program FilesESETESET NOD32 Antivirusekrn.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
Kod:
ComboFix 08-02-12.3 - Dzusta 2008-02-16 15:28:48.3 - NTFSx86
Microsoft Windows XP Professional 5.1.2600.1.1250.1.1045.18.93 [GMT 1:00]
Running from: F:ComboFixComboFix.exe
[b]WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !![/b]
.
((((((((((((((((((((((((( Files Created from 2008-01-16 to 2008-02-16 )))))))))))))))))))))))))))))))
.
2008-02-15 23:17 . 2008-02-16 02:10 176,128 --a------ C:WINDOWSsystem32jxv.exe
2008-02-15 00:29 . 2008-02-15 00:29 12,288 --ah----- C:WINDOWSsystem32qtjoyuia.exe
2008-02-13 23:38 . 2008-02-13 23:38 13,147 --a------ C:WINDOWSsystem32cehoxk.exe
2008-02-12 23:32 . 2008-02-12 23:32 <DIR> d-------- C:Program FilesESET
2008-02-12 23:32 . 2008-02-12 23:32 <DIR> d-------- C:Documents and SettingsAll Users.WINDOWSDane aplikacjiESET
2008-02-12 15:51 . 2008-02-12 15:51 64 --a------ C:ComboFix.txt.bat
2008-01-27 21:05 . 2008-01-27 21:05 193,880 -rah----- C:WINDOWSsystem32cpnprt2.cid
2008-01-17 02:00 . 2008-01-17 02:00 <DIR> d-------- C:drivers
2008-01-17 01:09 . 2002-08-29 01:50 24,960 --a------ C:WINDOWSsystem32driversusbprint.sys
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2008-02-15 01:13 --------- d-----w C:Program FilesPhotoFiltre
2008-02-13 00:19 --------- d-----w C:Program FilesWinamp
2008-02-13 00:03 --------- d-----w C:Program FilesHD Tune
2008-02-13 00:02 --------- d-----w C:Program FilesGadu-Gadu
2008-02-12 23:06 --------- d-----w C:Program Files3D Flash Animator 4 Release 5
2008-02-11 16:26 --------- d-----w C:Documents and SettingsAll Users.WINDOWSDane aplikacjiSpybot - Search & Destroy
2008-02-10 20:28 --------- d-----w C:Program FilesSpybot - Search & Destroy
2008-01-17 01:11 --------- d-----w C:Program FilesSubEdit-Player
2008-01-10 22:20 --------- d-----w C:Program FilesGoogle
2008-01-10 00:31 --------- d-----w C:Program Filesmicrosoft frontpage
2008-01-10 00:31 --------- d-----w C:Documents and SettingsDzustaDane aplikacjiMicrosoft Web Folders
2008-01-10 00:28 --------- d--h--w C:Program FilesInstallShield Installation Information
2008-01-10 00:28 --------- d-----w C:Documents and SettingsAll Users.WINDOWSDane aplikacjiBVRP Software
2007-12-22 01:02 --------- d-----w C:Program FilesVisualRoute
2007-12-22 00:27 --------- d--h--w C:Program FilesCommon FilesCarlson
2007-12-22 00:08 30,601 ----a-w C:WINDOWSjavax.exe
2007-12-14 18:03 42,496 ----a-w C:WINDOWSsystem32ftp.exe
2007-12-14 18:03 16,896 ----a-w C:WINDOWSsystem32tftp.exe
2007-07-27 11:42 92,064 ----a-w C:Documents and SettingsDzustamqdmmdm.sys
2007-07-27 11:42 9,232 ----a-w C:Documents and SettingsDzustamqdmmdfl.sys
2007-07-27 11:42 79,328 ----a-w C:Documents and SettingsDzustamqdmserd.sys
2007-07-27 11:42 66,656 ----a-w C:Documents and SettingsDzustamqdmbus.sys
2007-07-27 11:42 6,208 ----a-w C:Documents and SettingsDzustamqdmcmnt.sys
2007-07-27 11:42 5,936 ----a-w C:Documents and SettingsDzustamqdmwhnt.sys
2007-07-27 11:42 4,048 ----a-w C:Documents and SettingsDzustamqdmcr.sys
2007-07-27 11:42 25,600 ----a-w C:Documents and SettingsDzustausbsermptxp.sys
2007-07-27 11:42 22,768 ----a-w C:Documents and SettingsDzustausbsermpt.sys
2007-01-21 10:58 774,144 ----a-w C:Program FilesRngInterstitial.dll
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_CURRENT_USERSOFTWAREMicrosoftWindowsCurrentVersionRun]
"swg"="C:Program FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe" [ ]
"CTFMON.EXE"="C:WINDOWSSystem32ctfmon.exe" [2002-09-20 18:05 13312]
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]
"QuickTime Task"="C:Program FilesQuickTimeqttask.exe" [ ]
"egui"="C:Program FilesESETESET NOD32 Antivirusegui.exe" [2007-11-23 21:51 1410304]
[HKEY_USERS.DEFAULTSoftwareMicrosoftWindowsCurrentVersionRun]
"CTFMON.EXE"="C:WINDOWSSystem32CTFMON.EXE" [2002-09-20 18:05 13312]
[HKEY_LOCAL_MACHINEsystemcurrentcontrolsetcontrollsa]
MSN Messenger REG_SZ C:WINDOWSlsass.exe
R1 epfwtdir;epfwtdir;C:WINDOWSSystem32DRIVERSepfwtdir.sys [2007-11-23 21:52]
S2 CSRSS;Client/Server Runtime Server Subsystem;"C:WINDOWScsrss.exe" []
.
**************************************************************************
catchme 0.3.1344 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, [url]http://www.gmer.net[/url]
Rootkit scan 2008-02-16 15:35:28
Windows 5.1.2600 Dodatek Service Pack. 1 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
Completion time: 2008-02-16 15:38:58
ComboFix-quarantined-files.txt 2008-02-16 14:38:45
ComboFix2.txt 2008-02-12 21:28:40
ComboFix3.txt 2008-02-12 15:54:56ZiemniaKos
Użytkownik
- Dołączył
- Sierpień 30, 2007
- Posty
- 35
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSexplorer.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesAviraAntiVir PersonalEdition Classicavguard.exe
C:WINDOWSSOUNDMAN.EXE
Crogram FilesSpyware DoctorSDTrayApp.exe
Crogram FilesAviraAntiVir PersonalEdition Classicavgnt.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32rundll32.exe
Crogram FilesWinampwinampa.exe
Crogram FilesAviraAntiVir PersonalEdition Classicsched.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32RUNDLL32.EXE
CROGRA~1NEOSTR~1TaskBarIcon.exe
Crogram FilesWinamp RemotebinOrbTray.exe
Crogram FilesMicrosoft SQL Server80ToolsBinnsqlmangr.exe
C:WINDOWSSystem32FTRTSVC.exe
E:MSSQLK~1MSSQLbinnsqlservr.exe
C:WINDOWSsystem32nvsvc32.exe
Crogram FilesSpyware Doctorsvcntaux.exe
Crogram FilesSpyware Doctorswdsvc.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSSystem32alg.exe
Crogram Filesneostrada tpneostradatp.exe
Crogram Filesneostrada tpComComp.exe
CROGRA~1NEOSTR~1Toaster.exe
CROGRA~1NEOSTR~1Inactivity.exe
CROGRA~1NEOSTR~1PollingModule.exe
C:WINDOWSSystem32ALERTM~1ALERTM~1.EXE
Crogram Filesneostrada tpWatch.exe
C:WINDOWSsystem32wuauclt.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesInternet Exploreriexplore.exe
Crogram FilesInternet Exploreriexplore.exe
D:Wszystko PotzrebneTOOLSHi Jack ThisHijackThis.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = neostrada tp
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - Crogram FilesWinamp Toolbarwinamptb.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar1.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - Crogram FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar1.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Crogram FilesWinamp Toolbarwinamptb.dll (file missing)
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SDTray] "Crogram FilesSpyware DoctorSDTrayApp.exe"
O4 - HKLM..Run: [ISS_SIP] Crogram FilesAnti Keylogger EliteAKE.exe
O4 - HKLM..Run: [avgnt] "Crogram FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WOOWATCH] CROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] CROGRA~1NEOSTR~1GestMaj.exe TaskBarIcon.exe
O4 - HKLM..Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM..Run: [WinampAgent] "Crogram FilesWinampwinampa.exe"
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [swg] Crogram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exe
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "Crogram FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [Orb] "Crogram FilesWinamp RemotebinOrbTray.exe" /background
O4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WINDOWSsystem32MacromedFlashFlashUtil9d.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Service Manager.lnk = Crogram FilesMicrosoft SQL Server80ToolsBinnsqlmangr.exe
O8 - Extra context menu item: &Winamp Toolbar Search - Cocuments and SettingsAll UsersDane aplikacjiWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 - Extra context menu item: Add to AMV Convert Tool... - Crogram FilesMP3 Player Utilities 3.73AMVConvertergrab.html
O8 - Extra context menu item: MediaManager tool grab multimedia file - Crogram FilesMP3 Player Utilities 3.73MediaManagergrab.html
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - Crogram FilesCommon Filesmoje.js
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLMSystemCCSServicesTcpip..{A4A8A51A-C42A-4ABC-BEC5-BECACF76E279}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAviraAntiVir PersonalEdition Classicsched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - Crogram FilesAviraAntiVir PersonalEdition Classicavguard.exe
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - Crogram FilesAreschatServer.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NMIndexingService - Unknown owner - Crogram FilesCommon FilesAheadLibNMIndexingService.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - Crogram FilesSpyware Doctorsvcntaux.exe
O23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - Crogram FilesSpyware Doctorswdsvc.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - Crogram FilesSunbelt SoftwarePersonal Firewallkpf4ss.exe
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32csrss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSexplorer.exe
C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeC
rogram FilesAlwil SoftwareAvast4ashServ.exeC:WINDOWSsystem32spoolsv.exe
C
rogram FilesAviraAntiVir PersonalEdition Classicavguard.exeC:WINDOWSSOUNDMAN.EXE
C
rogram FilesSpyware DoctorSDTrayApp.exeC
rogram FilesAviraAntiVir PersonalEdition Classicavgnt.exeC
ROGRA~1ALWILS~1Avast4ashDisp.exeC:WINDOWSsystem32rundll32.exe
C
rogram FilesWinampwinampa.exeC
rogram FilesAviraAntiVir PersonalEdition Classicsched.exeC:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32RUNDLL32.EXE
C
ROGRA~1NEOSTR~1TaskBarIcon.exeC
rogram FilesWinamp RemotebinOrbTray.exeC
rogram FilesMicrosoft SQL Server80ToolsBinnsqlmangr.exeC:WINDOWSSystem32FTRTSVC.exe
E:MSSQLK~1MSSQLbinnsqlservr.exe
C:WINDOWSsystem32nvsvc32.exe
C
rogram FilesSpyware Doctorsvcntaux.exeC
rogram FilesSpyware Doctorswdsvc.exeC:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32wdfmgr.exe
C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exeC
rogram FilesAlwil SoftwareAvast4ashWebSv.exeC:WINDOWSSystem32alg.exe
C
rogram Filesneostrada tpneostradatp.exeC
rogram Filesneostrada tpComComp.exeC
ROGRA~1NEOSTR~1Toaster.exeC
ROGRA~1NEOSTR~1Inactivity.exeC
ROGRA~1NEOSTR~1PollingModule.exeC:WINDOWSSystem32ALERTM~1ALERTM~1.EXE
C
rogram Filesneostrada tpWatch.exeC:WINDOWSsystem32wuauclt.exe
C
rogram FilesGadu-Gadugg.exeC
rogram FilesInternet Exploreriexplore.exeC
rogram FilesInternet Exploreriexplore.exeD:Wszystko PotzrebneTOOLSHi Jack ThisHijackThis.exe
C:WINDOWSsystem32wbemwmiprvse.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = neostrada tp
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLLF2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C
rogram FilesWinamp Toolbarwinamptb.dll (file missing)O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
rogram filesgooglegoogletoolbar1.dllO2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C
rogram FilesGoogleGoogleToolbarNotifier2.0.301.7164swg.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogram filesgooglegoogletoolbar1.dllO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C
rogram FilesWinamp Toolbarwinamptb.dll (file missing)O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SDTray] "C
rogram FilesSpyware DoctorSDTrayApp.exe"O4 - HKLM..Run: [ISS_SIP] C
rogram FilesAnti Keylogger EliteAKE.exeO4 - HKLM..Run: [avgnt] "C
rogram FilesAviraAntiVir PersonalEdition Classicavgnt.exe" /minO4 - HKLM..Run: [avast!] C
ROGRA~1ALWILS~1Avast4ashDisp.exeO4 - HKLM..Run: [WOOWATCH] C
ROGRA~1NEOSTR~1Watch.exeO4 - HKLM..Run: [WOOTASKBARICON] C
ROGRA~1NEOSTR~1GestMaj.exe TaskBarIcon.exeO4 - HKLM..Run: [AdslTaskBar] rundll32.exe stmctrl.dll,TaskBar
O4 - HKLM..Run: [WinampAgent] "C
rogram FilesWinampwinampa.exe"O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [swg] C
rogram FilesGoogleGoogleToolbarNotifierGoogleToolbarNotifier.exeO4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C
rogram FilesCommon FilesAheadLibNMBgMonitor.exe"O4 - HKCU..Run: [Orb] "C
rogram FilesWinamp RemotebinOrbTray.exe" /backgroundO4 - HKCU..RunOnce: [FlashPlayerUpdate] C:WINDOWSsystem32MacromedFlashFlashUtil9d.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Service Manager.lnk = C
rogram FilesMicrosoft SQL Server80ToolsBinnsqlmangr.exeO8 - Extra context menu item: &Winamp Toolbar Search - C
ocuments and SettingsAll UsersDane aplikacjiWinamp ToolbarieToolbarresourcesen-USlocalsearch.htmlO8 - Extra context menu item: Add to AMV Convert Tool... - C
rogram FilesMP3 Player Utilities 3.73AMVConvertergrab.htmlO8 - Extra context menu item: MediaManager tool grab multimedia file - C
rogram FilesMP3 Player Utilities 3.73MediaManagergrab.htmlO9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra button: Wyslij SMS'a - {215940F1-E7E0-4801-BEE3-44D045534106} - C
rogram FilesCommon Filesmoje.jsO16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O17 - HKLMSystemCCSServicesTcpip..{A4A8A51A-C42A-4ABC-BEC5-BECACF76E279}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C
rogram FilesAviraAntiVir PersonalEdition Classicsched.exeO23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C
rogram FilesAviraAntiVir PersonalEdition Classicavguard.exeO23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C
rogram FilesAreschatServer.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4ashWebSv.exeO23 - Service: France Telecom Routing Table Service (FTRTSVC) - France Telecom - C:WINDOWSSystem32FTRTSVC.exe
O23 - Service: Google Updater Service (gusvc) - Google - C
rogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: NMIndexingService - Unknown owner - C
rogram FilesCommon FilesAheadLibNMIndexingService.exe (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Spyware Doctor Auxiliary Service (sdAuxService) - PC Tools - C
rogram FilesSpyware Doctorsvcntaux.exeO23 - Service: Spyware Doctor Service (sdCoreService) - PC Tools - C
rogram FilesSpyware Doctorswdsvc.exeO23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - C
rogram FilesSunbelt SoftwarePersonal Firewallkpf4ss.exeZ tym hostem zewnętrznym to nie wiem o co chodzi tam ale te numery to są DNS z mojego połączenia internetowego które kiedyś było i zostało w katalogu połączeń sieciowych razem ze wszystkimi parametrami. Ale kabel od niego jest odłączony. Może ta firma jakoś łączy się z moim komputerem skoro mówisz że ktoś z zewnątrz chce się połączyć.
Po prostu informuję że te numery są takie same jak w tym połączeniu a czy to ma jakiś związek z tym co jest w logu to nie wiem.
A te logi są w całości skopiowane z tego co mi pokazały oba programy w notatniku. Nie da sie z tego nic wyczytać??
Po prostu informuję że te numery są takie same jak w tym połączeniu a czy to ma jakiś związek z tym co jest w logu to nie wiem.
A te logi są w całości skopiowane z tego co mi pokazały oba programy w notatniku. Nie da sie z tego nic wyczytać??
tak
Połączenia ci nie zapisały gdzies tylko nadal są ! Log combo na 100% zcięty. Hijack chyba też.niewiele z tego da rady wyczytać.
Add ##
Zwracam honor,pomylilem cię z użytkownikiem bonito.
ziemniakos
fix :
O8 - Extra context menu item: &Winamp Toolbar Search - Cocuments and SettingsAll UsersDane aplikacjiWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Crogram FilesWinamp Toolbarwinamptb.dll (file missing)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - Crogram FilesWinamp Toolbarwinamptb.dll (file missing)
Usuń spyware Doctora i avasta bo to shit jakich mało. zainstaluj Nod32
Połączenia ci nie zapisały gdzies tylko nadal są ! Log combo na 100% zcięty. Hijack chyba też.niewiele z tego da rady wyczytać.
Add ##
Zwracam honor,pomylilem cię z użytkownikiem bonito.
ziemniakos
fix :
O8 - Extra context menu item: &Winamp Toolbar Search - C
ocuments and SettingsAll UsersDane aplikacjiWinamp ToolbarieToolbarresourcesen-USlocalsearch.htmlO3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C
rogram FilesWinamp Toolbarwinamptb.dll (file missing)O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C
rogram FilesWinamp Toolbarwinamptb.dll (file missing)Usuń spyware Doctora i avasta bo to shit jakich mało. zainstaluj Nod32
Originally posted by Alliata
O8 - Extra context menu item: &Winamp Toolbar Search - C
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C
Po co ma to usuwać? To nawet syf nie jest..
- Status