bardzo proszę o sprawdzenie loga
Bardzo proszę napiszcie co mam usunąć
Logfile of HijackThis v1.99.1
Scan saved at 15:48:08, on 2005–11–15
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\FSGK32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F–Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F–Secure Internet Security\Common\FCH32.EXE
C:\Program Files\F–Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsqh.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsrw.exe
C:\Program Files\F–Secure Internet Security\FSPC\fspc.exe
C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsav32.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\F–SECU~1\ANTI–S~1\fsaw.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\F–Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC07.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\lucyna.KAJA–Y08QTYE80X\Ustawienia lokalne\Temp\Katalog tymczasowy 3 dla hijackthis.zip\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\bdswitch.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 – HKLM\..\Run: [F–Secure Manager] "C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE" /splash
O4 – HKLM\..\Run: [F–Secure TNB] "C:\Program Files\F–Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 – HKLM\..\Run: [F–Secure Startup Wizard] "C:\Program Files\F–Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: F–Secure 2006.lnk = C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
O4 – Global Startup: hp psc 1000 series.lnk = ?
O4 – Global Startup: hpoddt01.exe.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Zablokuj to okienko – C:\Program Files\F–Secure Internet Security\Anti–Spyware\blockpopups.htm
O8 – Extra context menu item: Add selected links to Link Container – C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\System\Scripts\off_collector_sel.htm
O8 – Extra context menu item: Show domain links – C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\System\Scripts\off_domain_links.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra button: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: (no name) – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra 'Tools' menuitem: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: Osłona programu IE – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra 'Tools' menuitem: Osłona programu IE... – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O10 – Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 – Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {B1953AD6–C50E–11D3–B020–00A0C9251384} (O2C–Player (ELECO Software GmbH)) – http://www.o2c.de/download/O2CPlayer_147.cab
O23 – Service: F–Secure 2006 (BackWeb Plug–in – 4476822) – F–Secure Internet Security 2005 – C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 – Service: FSGKHS (F–Secure Gatekeeper Handler Starter) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
O23 – Service: fsbwsys – F–Secure Corp. – C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 – Service: F–Secure Anti–Virus Firewall Daemon (FSDFWD) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
O23 – Service: F–Secure HTTP Server (fshttps) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 – Service: F–Secure Management Agent (FSMA) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: BitDefender Communicator (XCOMM) – Softwin – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
dziękuję
Logfile of HijackThis v1.99.1
Scan saved at 15:48:08, on 2005–11–15
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\FSGK32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fssm32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
C:\Program Files\F–Secure Internet Security\Common\FSMB32.EXE
C:\Program Files\F–Secure Internet Security\Common\FCH32.EXE
C:\Program Files\F–Secure Internet Security\Common\FAMEH32.EXE
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsqh.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsrw.exe
C:\Program Files\F–Secure Internet Security\FSPC\fspc.exe
C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
C:\Program Files\F–Secure Internet Security\Anti–Virus\fsav32.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\Mixer.exe
C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\PROGRA~1\F–SECU~1\ANTI–S~1\fsaw.exe
C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\F–Secure Internet Security\FSGUI\fsguidll.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\HPZSTC07.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\lucyna.KAJA–Y08QTYE80X\Ustawienia lokalne\Temp\Katalog tymczasowy 3 dla hijackthis.zip\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [BDMCon] C:\Program Files\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDOESRV] C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\bdswitch.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_05\bin\jusched.exe
O4 – HKLM\..\Run: [F–Secure Manager] "C:\Program Files\F–Secure Internet Security\Common\FSM32.EXE" /splash
O4 – HKLM\..\Run: [F–Secure TNB] "C:\Program Files\F–Secure Internet Security\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 – HKLM\..\Run: [F–Secure Startup Wizard] "C:\Program Files\F–Secure Internet Security\FSGUI\FSSW.EXE" /reboot
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: F–Secure 2006.lnk = C:\Program Files\F–Secure Internet Security\backweb\4476822\Program\fspex.exe
O4 – Global Startup: hp psc 1000 series.lnk = ?
O4 – Global Startup: hpoddt01.exe.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Zablokuj to okienko – C:\Program Files\F–Secure Internet Security\Anti–Spyware\blockpopups.htm
O8 – Extra context menu item: Add selected links to Link Container – C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\System\Scripts\off_collector_sel.htm
O8 – Extra context menu item: Show domain links – C:\PROGRA~1\GDATA~1\ANTIVI~1\WEBFIL~1\System\Scripts\off_domain_links.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 – Extra button: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: (no name) – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra 'Tools' menuitem: Filtr sieci Web – {200DB664–75B5–47c0–8B45–A44ACCF73F01} – C:\Program Files\F–Secure Internet Security\FSPC\fspcmsie.dll
O9 – Extra button: Osłona programu IE – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O9 – Extra 'Tools' menuitem: Osłona programu IE... – {300DB664–75B5–47c0–8B45–A44ACCF73C00} – C:\Program Files\F–Secure Internet Security\Anti–Spyware\ieshield.dll
O10 – Broken Internet access because of LSP provider 'winsflt.dll' missing
O12 – Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {B1953AD6–C50E–11D3–B020–00A0C9251384} (O2C–Player (ELECO Software GmbH)) – http://www.o2c.de/download/O2CPlayer_147.cab
O23 – Service: F–Secure 2006 (BackWeb Plug–in – 4476822) – F–Secure Internet Security 2005 – C:\PROGRA~1\F–SECU~1\backweb\4476822\Program\SERVIC~1.EXE
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
O23 – Service: FSGKHS (F–Secure Gatekeeper Handler Starter) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Anti–Virus\fsgk32st.exe
O23 – Service: fsbwsys – F–Secure Corp. – C:\Program Files\F–Secure Internet Security\backweb\4476822\program\fsbwsys.exe
O23 – Service: F–Secure Anti–Virus Firewall Daemon (FSDFWD) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FWES\Program\fsdfwd.exe
O23 – Service: F–Secure HTTP Server (fshttps) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\FSPC\fshttps\fshttps.exe
O23 – Service: F–Secure Management Agent (FSMA) – F–Secure Corporation – C:\Program Files\F–Secure Internet Security\Common\FSMA32.EXE
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: BitDefender Communicator (XCOMM) – Softwin – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
dziękuję
Odpowiedzi: 1
lucyna:
Bardzo proszę napiszcie co mam usunąć
Nic, F–Secure r00x.
Strona 1 / 1