Błagam o pomoc......pomóźcie mi top zanalizowac!!!
Temat jest chyba znany.WinFixer!!!! Moźe ktoś zerknie na tego loga i powie mi co jest nie tak.......
Logfile of HijackThis v1.99.1
Scan saved at 15:31:17, on 2005–11–26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Gigabyte\ET5\et5tray.exe
C:\WINDOWS\Dit.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\D–Tools\daemon.exe
C:\WINDOWS\xload.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WinFixer_2005\uwfx5.exe
C:\Program Files\LightSurf\Common\IconMgr.exe
C:\Program Files\LightSurf\Colorific\hgcctl95.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\LightSurf\Color Indicator\TICIcon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\KAZIMI~1\USTAWI~1\Temp\Rar$EX00.500\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.vobis.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 – BHO: Yahoo! Companion BHO – {02478D38–C3F9–4efb–9B51–7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 – HKLM\..\Run: [DTemp] C:\SysPrep\Test\DTemp\DTemp.exe
O4 – HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\et5tray.exe
O4 – HKLM\..\Run: [Dit] Dit.exe
O4 – HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe –CheckReg
O4 – HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [shell32] C:\WINDOWS\system32\wuauclt10.exe
O4 – HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe
O4 – HKLM\..\Run: [Windows update] C:\WINDOWS\system32\wudupdate.exe
O4 – HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\NBA Live 2006 _ 06 crack.exe
O4 – HKLM\..\Run: [NI.UWFX5_0001_LP1014] "C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe"
O4 – HKLM\..\Run: [NI.UWAS5_0001_LP51] "C:\WINDOWS\Downloaded Program Files\UWAS5_0001_LP51NetInstaller.exe" –nag
O4 – HKLM\..\Run: [xload] "C:\WINDOWS\xload.exe"
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Steam] E:\Gry\Steam.exe –silent
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 – HKCU\..\Run: [WinFixer_2005] C:\Program Files\WinFixer_2005\uwfx5.exe /scan
O4 – HKCU\..\RunOnce: [Web Offer] C:\WINDOWS\system32\smmss.exe
O4 – Global Startup: Lightsurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 – Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 – IERESET.INF: START_PAGE_URL=http://www.vobis.pl/
O15 – Trusted Zone: *.sxload.com
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – mk:@MSITStore:C:\WINDOWS\sec.chm::/xload.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – mk:@MSITStore:C:\WINDOWS\lca.chm::/bridge–c18.cab
O16 – DPF: {7149E79C–DC19–4C5E–A53C–A54DDF75EEE9} (IObjSafety.DemoCtl) – mk:@MSITStore:C:\WINDOWS\mma.chm::/joysaver.cab
O20 – AppInit_DLLs: 8119nc3k3lhzfu.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Creative Service for CDROM Access – Creative Technology Ltd – C:\WINDOWS\system32\CTsvcCDA.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 15:31:17, on 2005–11–26
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\CTsvcCDA.EXE
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Gigabyte\ET5\et5tray.exe
C:\WINDOWS\Dit.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
C:\Program Files\D–Tools\daemon.exe
C:\WINDOWS\xload.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\WinFixer_2005\uwfx5.exe
C:\Program Files\LightSurf\Common\IconMgr.exe
C:\Program Files\LightSurf\Colorific\hgcctl95.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\LightSurf\Color Indicator\TICIcon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\KAZIMI~1\USTAWI~1\Temp\Rar$EX00.500\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.vobis.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 – BHO: Yahoo! Companion BHO – {02478D38–C3F9–4efb–9B51–7695ECA05670} – C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O3 – Toolbar: Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
O4 – HKLM\..\Run: [DTemp] C:\SysPrep\Test\DTemp\DTemp.exe
O4 – HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAudPropShortcut.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 – HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 – HKLM\..\Run: [EasyTuneV] C:\Program Files\Gigabyte\ET5\et5tray.exe
O4 – HKLM\..\Run: [Dit] Dit.exe
O4 – HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [PinnacleDriverCheck] C:\WINDOWS\system32\PSDrvCheck.exe –CheckReg
O4 – HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [WinFast Schedule] C:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [shell32] C:\WINDOWS\system32\wuauclt10.exe
O4 – HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe
O4 – HKLM\..\Run: [Windows update] C:\WINDOWS\system32\wudupdate.exe
O4 – HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\NBA Live 2006 _ 06 crack.exe
O4 – HKLM\..\Run: [NI.UWFX5_0001_LP1014] "C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe"
O4 – HKLM\..\Run: [NI.UWAS5_0001_LP51] "C:\WINDOWS\Downloaded Program Files\UWAS5_0001_LP51NetInstaller.exe" –nag
O4 – HKLM\..\Run: [xload] "C:\WINDOWS\xload.exe"
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Steam] E:\Gry\Steam.exe –silent
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [WinFixer2005] "C:\Program Files\WinFixer_2005\uwfx5.exe" /min
O4 – HKCU\..\Run: [WinFixer_2005] C:\Program Files\WinFixer_2005\uwfx5.exe /scan
O4 – HKCU\..\RunOnce: [Web Offer] C:\WINDOWS\system32\smmss.exe
O4 – Global Startup: Lightsurf.lnk = C:\Program Files\LightSurf\Common\IconMgr.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – –{FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_05\bin\npjpi142_05.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O10 – Broken Internet access because of LSP provider 'xfire_lsp.dll' missing
O12 – Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O14 – IERESET.INF: START_PAGE_URL=http://www.vobis.pl/
O15 – Trusted Zone: *.sxload.com
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – mk:@MSITStore:C:\WINDOWS\sec.chm::/xload.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – mk:@MSITStore:C:\WINDOWS\lca.chm::/bridge–c18.cab
O16 – DPF: {7149E79C–DC19–4C5E–A53C–A54DDF75EEE9} (IObjSafety.DemoCtl) – mk:@MSITStore:C:\WINDOWS\mma.chm::/joysaver.cab
O20 – AppInit_DLLs: 8119nc3k3lhzfu.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Creative Service for CDROM Access – Creative Technology Ltd – C:\WINDOWS\system32\CTsvcCDA.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
Odpowiedzi: 5
Peter, przeczytaj/doczytaj moze cale archiwum, a dopiero pozniej pisz czy jest potrzebny i czy jest "missing", czy tez nie. Moze nieskromnie napisze, ale ja wiem co usunac i wiem po kim nie ma potrzeby poprawiac. Ty natomiast, podobnie jak i inni, piszecie co slina na jezyk przyniesie. Taka pomoc mozna w buty wlozyc.
Dobra ten wpis z RUN wylatuje teź.
A co do Avast doczytaj do końca. Tam jest file missing niepotrzebny.
Aha juź bym zapomniał – deinstalacja WinFixera
A co do Avast doczytaj do końca. Tam jest file missing niepotrzebny.
Aha juź bym zapomniał – deinstalacja WinFixera
A wuauclt10.exe ? A inne pliki z RUN ? Po co usuwac avasta z O23 ?Peter_l:
...
Moze dasz sobie spokoj ? Po lebkach kazdy kurna potrafi, ale szkody narobic to nie sztuka.
zfixowałem w hijack`u wskazane wiersze i jest oki.....Sorka źe nie wklejam powtórnego loga ale skończyło się połączenie z netem na tamtym komputerze,a teraz nadaję ze swego :) jednak dzięki bardzo za wskazówki.....
O4 – HKLM\..\Run: [Client Server Runtime Process] C:\WINDOWS\system32\smmss.exe
O4 – HKLM\..\Run: [Windows update] C:\WINDOWS\system32\wudupdate.exe
O4 – HKLM\..\Run: [I downloaded pirated Software from P2P and now I post my Hijack log whining] C:\WINDOWS\system32\NBA Live 2006 _ 06 crack.exe
O4 – HKLM\..\Run: [NI.UWFX5_0001_LP1014] "C:\WINDOWS\Downloaded Program Files\UWFX5_0001_LP1014NetInstaller.exe"
O4 – HKLM\..\Run: [NI.UWAS5_0001_LP51] "C:\WINDOWS\Downloaded Program Files\UWAS5_0001_LP51NetInstaller.exe" –nag
O4 – HKCU\..\RunOnce: [Web Offer] C:\WINDOWS\system32\smmss.exe
O14 – IERESET.INF: START_PAGE_URL=http://www.vobis.pl/
O15 – Trusted Zone: *.sxload.com
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – mk:@MSITStore:C:\WINDOWS\sec.chm::/xload.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – mk:@MSITStore:C:\WINDOWS\lca.chm::/bridge–c18.cab
O16 – DPF: {7149E79C–DC19–4C5E–A53C–A54DDF75EEE9} (IObjSafety.DemoCtl) – mk:@MSITStore:C:\WINDOWS\mma.chm::/joysaver.cab
O20 – AppInit_DLLs: 8119nc3k3lhzfu.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll.dll
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
Deinstalacja XLoad przez dodaj/usuń, zastosowanie LSP–fixa do resztek z Xfire
Strona 1 / 1