Proszę o pomoc!
Logfile of HijackThis v1.99.1
Scan saved at 17:53:29, on 2005–11–23
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Documents and Settings\Beatka\Pulpit\HijackThis.exe
po wlaczaeniu kompa wlacza sie komunikat:
nie znaleziono pliku ibm00001.exe!
obecnie winxp wcale sie nie uruchamia tylko w pewnym momencie uruchamiania się
zawiesza..
Proszę o pomoc!
log
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = /4.3.10
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400011&utm_content=leftnav&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
www.accoona.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400011&utm_content=leftnav&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
www.accoona.com/search?q=%s
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = /4.3.10
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common
Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} –
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: LinkTracker Class – {85A77577–A8CA–41b7–AA1E–DDAD4C0B12B1} –
C:\WINDOWS\System32\hlwin.dll (file missing)
O2 – BHO: (no name) – {944864A5–3916–46E2–96A9–A2E84F3F1208} – (no file)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} –
C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility]
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP
Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SysMemory manager] c:\windows\system32\mdms.exe
O4 – HKLM\..\Run: [SiS Mpc Service] C:\WINDOWS\System32\mpcsvc.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00001.exe"
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 – Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 – Extra context menu item: &Add animation to IncrediMail Style Box –
C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} –
C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console –
{08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program
Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) –
update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126113955352
O16 – DPF: {F00F4763–7355–4725–82F7–0DA94A256D46} (IncrediMail) –
www5.incredimail.com/contents/setup/downloader/imloader.cab
O16 – DPF: {FE0BD779–44EE–4A4B–AA2E–743C63F2E5E6} (IWinAmpActiveX Class) –
pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 – Winlogon Notify: avpe32 – C:\WINDOWS\SYSTEM32\avpe32.dll
O20 – Winlogon Notify: chk – C:\WINDOWS\
O20 – Winlogon Notify: msctl32.dll – C:\WINDOWS\system32\msctl32.dll
O21 – SSODL: ws_32 – {7C28FE46–5373–4A1F–BBAB–05B6FCB28B53} – ws_32.dll (file
missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner –
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: PCTEL Speaker Phone (Pctspk) – PCtel, Inc. –
C:\WINDOWS\system32\pctspk.exe
Scan saved at 17:53:29, on 2005–11–23
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\PROGRA~1\INCRED~1\bin\ImApp.exe
C:\Documents and Settings\Beatka\Pulpit\HijackThis.exe
po wlaczaeniu kompa wlacza sie komunikat:
nie znaleziono pliku ibm00001.exe!
obecnie winxp wcale sie nie uruchamia tylko w pewnym momencie uruchamiania się
zawiesza..
Proszę o pomoc!
log
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = /4.3.10
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400011&utm_content=leftnav&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
www.accoona.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
www.accoona.com/search_assistant/accoona_search_assistant.jsp?&utm_id=400011&utm_content=leftnav&utm_source=wdz1&utm_medium=bund&utm_campaign=wdz0605a
R1 – HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
www.accoona.com/search?q=%s
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = /4.3.10
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = /4.3.10
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common
Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} –
C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: LinkTracker Class – {85A77577–A8CA–41b7–AA1E–DDAD4C0B12B1} –
C:\WINDOWS\System32\hlwin.dll (file missing)
O2 – BHO: (no name) – {944864A5–3916–46E2–96A9–A2E84F3F1208} – (no file)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} –
C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program
Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility]
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb10.exe
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP
Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [SysMemory manager] c:\windows\system32\mdms.exe
O4 – HKLM\..\Run: [SiS Mpc Service] C:\WINDOWS\System32\mpcsvc.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00001.exe"
O4 – Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 – Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O8 – Extra context menu item: &Add animation to IncrediMail Style Box –
C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} –
C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console –
{08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program
Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) –
update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1126113955352
O16 – DPF: {F00F4763–7355–4725–82F7–0DA94A256D46} (IncrediMail) –
www5.incredimail.com/contents/setup/downloader/imloader.cab
O16 – DPF: {FE0BD779–44EE–4A4B–AA2E–743C63F2E5E6} (IWinAmpActiveX Class) –
pdl.stream.aol.com/downloads/aol/unagi/ampx_en_dl.cab
O20 – Winlogon Notify: avpe32 – C:\WINDOWS\SYSTEM32\avpe32.dll
O20 – Winlogon Notify: chk – C:\WINDOWS\
O20 – Winlogon Notify: msctl32.dll – C:\WINDOWS\system32\msctl32.dll
O21 – SSODL: ws_32 – {7C28FE46–5373–4A1F–BBAB–05B6FCB28B53} – ws_32.dll (file
missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner –
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: PCTEL Speaker Phone (Pctspk) – PCtel, Inc. –
C:\WINDOWS\system32\pctspk.exe
Odpowiedzi: 0
Strona 0 / 0