Hijack logo
Cześć chłopaki, rzućcie okiem na logo:
dzięki z góry 8)
Logfile of HijackThis v1.99.1
Scan saved at 18:09:32, on 2005–05–04
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Programy\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\QuickTime\qttask.exe
D:\Dani\Programy\Souls31\slsk.exe
C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
C:\Programy\Alwil Software\Avast4\ashServ.exe
H:\programy\WS_FTP\ftpsched.exe
C:\WINDOWS\System32\gearsec.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Trend Micro\PC–cillin 2002\Tmntsrv.exe
C:\Program Files\Trend Micro\PC–cillin 2002\PCCPFW.exe
C:\Programy\Alwil Software\Avast4\ashMaiSv.exe
C:\Programy\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programy\Gadu–Gadu\gg.exe
C:\PROGRAMY\DAP\DAP.EXE
H:\programy\Winamp\Winamp.exe
C:\Programy\Alwil Software\Avast4\ashSimpl.exe
D:\Rózne\hijackthis\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 192.168.21.4
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: DAPHelper Class – {0000CC75–ACF3–4cac–A0A9–DD3868E06852} – C:\Programy\DAP\DAPBHO.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: Miniclip – {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} – C:\WINDOWS\DOWNLO~1\MINICL~1.DLL
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Programy\DAP\DAPIEBar.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: DashBar Toolbar – {CC90CDA0–74A0–45b4–80EF–D89CA8C249B8} – C:\Program Files\DashBar\DashBar15.dll
O3 – Toolbar: Miniclip – {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} – C:\WINDOWS\DOWNLO~1\MINICL~1.DLL
O4 – HKLM\..\Run: [avast!] C:\Programy\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – Startup: Skrót do slsk.lnk = D:\Dani\Programy\Souls31\slsk.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRAMY\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRAMY\DAP\dapextie2.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRAMY\DAP\DAP.EXE
O16 – DPF: {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} (Miniclip) – http://www.miniclip.com/toolbar/minicliptoolbar.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Programy\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Programy\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Programy\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Programy\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Ipswitch WS_FTP Queue (ftpqueue) – Ipswitch, Inc., 81 Hartwell Ave, Lexington MA 02421 – H:\programy\WS_FTP\ftpsched.exe
O23 – Service: Gear Security Service (GEARSecurity) – GEAR Software – C:\WINDOWS\System32\gearsec.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: PC–cillin PersonalFirewall (PCCPFW) – Trend Micro Inc. – C:\Program Files\Trend Micro\PC–cillin 2002\PCCPFW.exe
O23 – Service: Trend NT Realtime Service (Tmntsrv) – Trend Micro Inc. – C:\Program Files\Trend Micro\PC–cillin 2002\Tmntsrv.exe
dzięki z góry 8)
Odpowiedzi: 2
z tym logiem to w zasadzie literówka...
kaczors:
rzućcie okiem na logo
Tak w ramach dodatkowego doedukowania :wink:
Log to log a logo to logo. Dwa róźne rzeczowniki.
Sam instalowałeś Miniclipa oraz Yahoo ??
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
O2 – BHO: Miniclip – {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} – C:\WINDOWS\DOWNLO~1\MINICL~1.DLL
O3 – Toolbar: Miniclip – {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} – C:\WINDOWS\DOWNLO~1\MINICL~1.DLL
O16 – DPF: {4E7BD74F–2B8D–469E–89B3–BE29F5D3E32D} (Miniclip) – http://www.miniclip.com/toolbar/minicliptoolbar.cab
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/bejeweled2/popcaploader_v6.cab
FIX:
O3 – Toolbar: DashBar Toolbar – {CC90CDA0–74A0–45b4–80EF–D89CA8C249B8} – C:\Program Files\DashBar\DashBar15.dll
Katalog C:\Program Files\DashBar usuwasz.
Strona 1 / 1