stały klient;0 prosze o sprawdzenie hijacka this
komp chodzi szybko ale pulpit jest zmieniony
mam jeszcze wkleic z drugiego programu?
Logfile of HijackThis v1.99.1
Scan saved at 16:17:55, on 2005–12–18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\D–Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
E:\Programy\Winamp\Winampa.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
D:\ANTYWI~1\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
C:\Program Files\Messenger\msmsgs.exe
D:\antywirus\aswUpdSv.exe
D:\antywirus\ashServ.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
D:\antywirus\ashMaiSv.exe
D:\antywirus\ashWebSv.exe
E:\Programy\Winamp\winamp.exe
C:\WINDOWS\System32\msiexec.exe
E:\Programy\anti\gcasDtServ.exe
E:\Programy\anti\gcasServ.exe
E:\Programy\opera\Opera.exe
C:\Program Files\7–Zip\7zFMn.exe
C:\DOCUME~1\Edek\USTAWI~1\Temp\7zO1FE.tmp\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: Easy–WebPrint – {327C2873–E90D–4c37–AA9D–10AC9BABA46C} – C:\Program Files\Canon\Easy–WebPrint\Toolband.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 – HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 – HKLM\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 – HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe" /S
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1045
O4 – HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43"
O4 – HKLM\..\Run: [WinampAgent] "E:\Programy\Winamp\Winampa.exe"
O4 – HKLM\..\Run: [Easy–PrintToolBox] C:\Program Files\Canon\Easy–PrintToolBox\BJPSMAIN.EXE /logon
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [timessquare] C:\windows\timessquare.exe
O4 – HKLM\..\Run: [avast!] D:\ANTYWI~1\ashDisp.exe
O4 – HKLM\..\Run: [gcasServ] "E:\Programy\anti\gcasServ.exe"
O4 – HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] E:\Programy\anti\gcASCleaner.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [SpeedswitchXP] C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
O4 – HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – Global Startup: E_SPSU01.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SPSU01.EXE
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Easy–WebPrint Add To Print List – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_AddToList.html
O8 – Extra context menu item: Easy–WebPrint High Speed Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_HSPrint.html
O8 – Extra context menu item: Easy–WebPrint Preview – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Preview.html
O8 – Extra context menu item: Easy–WebPrint Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Print.html
O8 – Extra context menu item: Similar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\antywirus\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\antywirus\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – D:\antywirus\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – D:\antywirus\ashWebSv.exe" /service (file missing)
O23 – Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) – SEIKO EPSON CORPORATION – C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 – Service: PDEngine – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 – Service: PDScheduler (PDSched) – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDSched.exe
pozd. kamil
mam jeszcze wkleic z drugiego programu?
Logfile of HijackThis v1.99.1
Scan saved at 16:17:55, on 2005–12–18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\SpeedFan\speedfan.exe
C:\Program Files\D–Tools\daemon.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
E:\Programy\Winamp\Winampa.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
D:\ANTYWI~1\ashDisp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
C:\Program Files\Messenger\msmsgs.exe
D:\antywirus\aswUpdSv.exe
D:\antywirus\ashServ.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\svchost.exe
D:\antywirus\ashMaiSv.exe
D:\antywirus\ashWebSv.exe
E:\Programy\Winamp\winamp.exe
C:\WINDOWS\System32\msiexec.exe
E:\Programy\anti\gcasDtServ.exe
E:\Programy\anti\gcasServ.exe
E:\Programy\opera\Opera.exe
C:\Program Files\7–Zip\7zFMn.exe
C:\DOCUME~1\Edek\USTAWI~1\Temp\7zO1FE.tmp\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)
F2 – REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: Easy–WebPrint – {327C2873–E90D–4c37–AA9D–10AC9BABA46C} – C:\Program Files\Canon\Easy–WebPrint\Toolband.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 – HKLM\..\Run: [Resume copy] copyfstq.exe /startup
O4 – HKLM\..\Run: [speedfan] C:\Program Files\SpeedFan\speedfan.exe
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 – HKLM\..\Run: [RivaTunerStartupDaemon] "C:\Program Files\RivaTuner v2.0 RC 15.3 New Year Edition\RivaTuner.exe" /S
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1045
O4 – HKLM\..\Run: [EPSON Stylus C43 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C43 Series" /O5 "LPT1:" /M "Stylus C43"
O4 – HKLM\..\Run: [WinampAgent] "E:\Programy\Winamp\Winampa.exe"
O4 – HKLM\..\Run: [Easy–PrintToolBox] C:\Program Files\Canon\Easy–PrintToolBox\BJPSMAIN.EXE /logon
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [timessquare] C:\windows\timessquare.exe
O4 – HKLM\..\Run: [avast!] D:\ANTYWI~1\ashDisp.exe
O4 – HKLM\..\Run: [gcasServ] "E:\Programy\anti\gcasServ.exe"
O4 – HKLM\..\RunOnce: [MicrosoftAntiSpywareCleaner] E:\Programy\anti\gcASCleaner.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [SpeedswitchXP] C:\Program Files\SpeedswitchXP\SpeedswitchXP.exe
O4 – HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – Global Startup: E_SPSU01.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SPSU01.EXE
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Easy–WebPrint Add To Print List – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_AddToList.html
O8 – Extra context menu item: Easy–WebPrint High Speed Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_HSPrint.html
O8 – Extra context menu item: Easy–WebPrint Preview – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Preview.html
O8 – Extra context menu item: Easy–WebPrint Print – res://C:\Program Files\Canon\Easy–WebPrint\Resource.dll/RC_Print.html
O8 – Extra context menu item: Similar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\antywirus\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\antywirus\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – D:\antywirus\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – D:\antywirus\ashWebSv.exe" /service (file missing)
O23 – Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) – SEIKO EPSON CORPORATION – C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
O23 – Service: PDEngine – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 – Service: PDScheduler (PDSched) – Raxco Software, Inc. – C:\Program Files\Raxco\PerfectDisk\PDSched.exe
pozd. kamil
Odpowiedzi: 2
Był i wyparował. Moźe sobie dasz spokój z takim sprawdzaniem po łebkach i na odczepnego? Albo się postaraj albo siądź na tyłku i siedź.
Więcej poźniej jest poprawiania po Tobie niź to wszystko warte.
Więcej poźniej jest poprawiania po Tobie niź to wszystko warte.
Napisałem co masz zrobić ale niema tego posta co jest?????
Strona 1 / 1