CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Kto sprawdzi log

Kto sprawdzi log

Logfile of HijackThis v1.99.0
Scan saved at 11:39:18, on 05–02–24
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESMKSBINNETMONSV.EXE
C:WINDOWSAGRSMMSG.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:PROGRAM FILESMKSBINMKS_MENU.EXE
C:WINDOWSMIXER.EXE
C:PROGRAM FILESMKSBINMKS_MON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESMKSBINNETSVST.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800–840DSLMON.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESGADU–GADUGG.EXE
C:PROGRAM FILESSKYPEPHONESKYPE.EXE
C:PROGRAM FILESBITCOMETBITCOMET.EXE
C:PROGRAM FILESMKSBINMKS_SCAN.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:PROGRAM FILESPCI AUDIO APPLICATIONSBINWDMNOSPDIFMP3 PLAYER.EXE
C:PROGRAM FILESPCI AUDIO APPLICATIONSBINWDMVCD DISPLAY WINDOW.EXE
C:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXE

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/
R0 – HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLL
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – (no file)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSYSTEMMSDXM.OCX
O4 – HKLM..Run: [MKS_MENU] C:Program FilesMKSBinmks_menu.exe
O4 – HKLM..Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM..Run: [MKS_MON] C:Program FilesMKSBinmks_mon.exe
O4 – HKLM..Run: [autoclk] autoclk.exe
O4 – HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 – HKLM..RunServices: [MksMailService] C:PROGRAM FILESMKSBINNETMONSV.EXE
O4 – HKCU..Run: [NetMonSVStat] C:Program FilesMKSBin etsvst.exe
O4 – Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel present
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSYSTEMMSJAVA.DLL
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSYSTEMMSJAVA.DLL
O18 – Filter: text/html – {CF7AAF33–DB39–4EFA–B8A0–9FF32B0001D5} – C:WINDOWSSEARCHREPC4TB.DLL



Z podziekowaniem

Odpowiedzi: 3

Ten pliczek autoclk.exe + wpis z Hijack This to zupełnie zbedny składnik softu od Sagema


O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – (no file)
Wpis od zapewne odinstalowanego SpyBota wiec do tego utłucz jeszcze:
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerRestrictions present
O6 – HKCUSoftwarePoliciesMicrosoftInternet ExplorerControl Panel presen


Natomiast:
O18 – Filter: text/html – {CF7AAF33–DB39–4EFA–B8A0–9FF32B0001D5} – C:WINDOWSSEARCHREPC4TB.DLL
Bezwzgladnie do wywalenia, tzn plik do kosza, wpis FIX
Bobi
Dodano
24.02.2005 16:12:11
SEARCHREPC4TB.DLL

I ten plik do usuniecia ?
I w rejestrze tez jest pare wpisów tez do wywalenia??
Arias
Dodano
24.02.2005 15:25:49

O18 – Filter: text/html – {CF7AAF33–DB39–4EFA–B8A0–9FF32B0001D5} – C:WINDOWSSEARCHREPC4TB.DLL
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – (no file)

reszta chyba wporząsiu
WaGonik
Dodano
24.02.2005 15:11:05
Arias
Dodano:
24.02.2005 12:40:58
Komentarzy:
3
Strona 1 / 1