Odp:
Oto moje logi z Hijacka, ktoś mi moźe pomóc co usunąć .... ?
Dziękuję !
Logfile of HijackThis v1.98.0
Scan saved at 11:01:15, on 2004–07–15
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WindowsSystem32smss.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32spoolsv.exe
C:WindowsExplorer.EXE
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:Program FilesCOMPAQEasy Access Button SupportStartEAK.exe
C:Program FilesAnalog DevicesSoundMAXSmtray.exe
C:Program FilesAnalog DevicesSoundMAXDrvLsnr.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCompaqEasy Access Button SupportCPQEAKSYSTEMTRAY.EXE
C:Program FilesCompaqEasy Access Button SupportCPQEADM.EXE
C:CompaqEAKDRVEAUSBKBD.EXE
C:PROGRA~1CompaqEASYAC~1BttnServ.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:WindowsSystem32NMSSvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:WindowsSystem32svchost.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsAdministratorMy DocumentsPliki instalacyjneHijackthisHijackThis.exe
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 – HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=runonce&pver=6.0&plcid=0x0415
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 213.76.152.186:8080
O2 – BHO: (no name) – {35F656CD–7283–46E3–9CC0–35489E3FD76C} – (no file)
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O4 – HKLM..Run: [IgfxTray] C:WindowsSystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe
O4 – HKLM..Run: [CPQEASYACC] C:Program FilesCOMPAQEasy Access Button SupportStartEAK.exe
O4 – HKLM..Run: [Smapp] C:Program FilesAnalog DevicesSoundMAXSmtray.exe
O4 – HKLM..Run: [DrvLsnr] C:Program FilesAnalog DevicesSoundMAXDrvLsnr.exe
O4 – HKLM..Run: [WCOLOREAL] "C:Program FilesCOMPAQColorealcoloreal.exe"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" –osboot
O4 – HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" –atboottime
O4 – HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O8 – Extra context menu item: Download All by FlashGet – C:Program FilesFlashGetjc_all.htm
O8 – Extra context menu item: Download using FlashGet – C:Program FilesFlashGetjc_link.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O16 – DPF: {92ECE6FA–AC2E–4042–BFAE–0C8608E52A43} (SignActivX Control) – https://www.bph.pl/pi/components/SignActivX.cab
Dziękuję !
Logfile of HijackThis v1.98.0
Scan saved at 11:01:15, on 2004–07–15
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WindowsSystem32smss.exe
C:Windowssystem32winlogon.exe
C:Windowssystem32services.exe
C:Windowssystem32lsass.exe
C:Windowssystem32svchost.exe
C:WindowsSystem32svchost.exe
C:Windowssystem32spoolsv.exe
C:WindowsExplorer.EXE
C:WindowsSystem32igfxtray.exe
C:WindowsSystem32hkcmd.exe
C:Program FilesCOMPAQEasy Access Button SupportStartEAK.exe
C:Program FilesAnalog DevicesSoundMAXSmtray.exe
C:Program FilesAnalog DevicesSoundMAXDrvLsnr.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:Program FilesQuickTimeqttask.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesCompaqEasy Access Button SupportCPQEAKSYSTEMTRAY.EXE
C:Program FilesCompaqEasy Access Button SupportCPQEADM.EXE
C:CompaqEAKDRVEAUSBKBD.EXE
C:PROGRA~1CompaqEASYAC~1BttnServ.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:WindowsSystem32NMSSvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:Program FilesAnalog DevicesSoundMAXSMAgent.exe
C:WindowsSystem32svchost.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesOutlook Expressmsimn.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsAdministratorMy DocumentsPliki instalacyjneHijackthisHijackThis.exe
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 – HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=runonce&pver=6.0&plcid=0x0415
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 213.76.152.186:8080
O2 – BHO: (no name) – {35F656CD–7283–46E3–9CC0–35489E3FD76C} – (no file)
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O4 – HKLM..Run: [IgfxTray] C:WindowsSystem32igfxtray.exe
O4 – HKLM..Run: [HotKeysCmds] C:WindowsSystem32hkcmd.exe
O4 – HKLM..Run: [CPQEASYACC] C:Program FilesCOMPAQEasy Access Button SupportStartEAK.exe
O4 – HKLM..Run: [Smapp] C:Program FilesAnalog DevicesSoundMAXSmtray.exe
O4 – HKLM..Run: [DrvLsnr] C:Program FilesAnalog DevicesSoundMAXDrvLsnr.exe
O4 – HKLM..Run: [WCOLOREAL] "C:Program FilesCOMPAQColorealcoloreal.exe"
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" –osboot
O4 – HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" –atboottime
O4 – HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O8 – Extra context menu item: Download All by FlashGet – C:Program FilesFlashGetjc_all.htm
O8 – Extra context menu item: Download using FlashGet – C:Program FilesFlashGetjc_link.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O16 – DPF: {92ECE6FA–AC2E–4042–BFAE–0C8608E52A43} (SignActivX Control) – https://www.bph.pl/pi/components/SignActivX.cab
Odpowiedzi: 1
Ale o co chodzi ? Bo nic w tym logu nie ma. Strone startowa jaka chcesz ustawisz w opcjach przegladarki i to wszystko.
Sposrod tych wpisow ponizej, usunalbym tylko te dwa ostatnie, ale oczywiscie mozesz usunac wsio.
Sposrod tych wpisow ponizej, usunalbym tylko te dwa ostatnie, ale oczywiscie mozesz usunac wsio.
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
R1 – HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=runonce&pver=6.0&plcid=0x0415
O2 – BHO: (no name) – {35F656CD–7283–46E3–9CC0–35489E3FD76C} – (no file)
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
Strona 1 / 1