wyskakujace reklamy ! pomocy
mam jakies trojany ktore nie chca sie usunac. skanowalam komputer juz niejednokrotnie i dalej nic oto log z hijack'a:
Logfile of Browser Hijack Recover(BHR) v2.3
http://www.browser–hijack.com/
Log created on 2005–11–13 16:41:09
Microsoft Windows XP Home Edition Dodatek Service Pack 2 (Build 2600)
Internet Explorer v6.0.2900.2180 Update Versions: ;SP2;
[Process Manager] – [Process]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\windows\system32\mdms.exe
C:\windows\system32\rldsregn.exe
C:\windows\adtech2005.exe
C:\Program Files\AntiVirenKit\AVKPOP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\AntiVirenKit\AVKService.exe
C:\Program Files\AntiVirenKit\AVKWCtl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INSERTGT\Binn\sqlservr.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Browser Hijack Recover\bhr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\imapi.exe
[IE Options] – [Normal]
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title =
[IE Options] – [IE Menu]
[IE Options] – [Internet Options]
[IE Options] – [IE Search Hooks]
[IE Add–Ons] – [Toolbars]
[IE Add–Ons] – [Explorer Bars]
[IE Add–Ons] – [Context Menu]
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
[IE Add–Ons] – [BHOs]
[IE Add–Ons] – [Tools Menu]
O9 – Extra "Tool" Menu Item: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
[IE Add–Ons] – [Tools Button]
O9 – Extra Button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 – Extra Button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
[System Options]
[StartUp]
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run MSMSGS = C:\Program Files\Messenger\msmsgs.exe" /background
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run NBJ = C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Gadu–Gadu = C:\Program Files\Gadu–Gadu\gg.exe" /tray
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run WinampAgent = C:\Program Files\Winamp\winampa.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Software Update = C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Component Manager = C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run DeviceDiscovery = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run AVK Mail Checker = C:\Program Files\AntiVirenKit\AVKPOP.EXE
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run gcasServ = C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run SysMemory manager = c:\windows\system32\mdms.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Zeno.lnk = C:\WINDOWS\system32\lwinmsaz.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
Logfile of Browser Hijack Recover(BHR) v2.3
http://www.browser–hijack.com/
Log created on 2005–11–13 16:41:09
Microsoft Windows XP Home Edition Dodatek Service Pack 2 (Build 2600)
Internet Explorer v6.0.2900.2180 Update Versions: ;SP2;
[Process Manager] – [Process]
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
C:\windows\system32\mdms.exe
C:\windows\system32\rldsregn.exe
C:\windows\adtech2005.exe
C:\Program Files\AntiVirenKit\AVKPOP.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\AntiVirenKit\AVKService.exe
C:\Program Files\AntiVirenKit\AVKWCtl.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Microsoft SQL Server\MSSQL$INSERTGT\Binn\sqlservr.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Browser Hijack Recover\bhr.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\system32\imapi.exe
[IE Options] – [Normal]
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome
R0 – HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main,Window Title =
[IE Options] – [IE Menu]
[IE Options] – [Internet Options]
[IE Options] – [IE Search Hooks]
[IE Add–Ons] – [Toolbars]
[IE Add–Ons] – [Explorer Bars]
[IE Add–Ons] – [Context Menu]
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~3\OFFICE11\EXCEL.EXE/3000
[IE Add–Ons] – [BHOs]
[IE Add–Ons] – [Tools Menu]
O9 – Extra "Tool" Menu Item: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
[IE Add–Ons] – [Tools Button]
O9 – Extra Button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~3\OFFICE11\REFIEBAR.DLL
O9 – Extra Button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
[System Options]
[StartUp]
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run MSMSGS = C:\Program Files\Messenger\msmsgs.exe" /background
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run NBJ = C:\Program Files\Ahead\Nero BackItUp\NBJ.exe
04 – HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run Gadu–Gadu = C:\Program Files\Gadu–Gadu\gg.exe" /tray
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run NeroFilterCheck = C:\WINDOWS\system32\NeroCheck.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run WinampAgent = C:\Program Files\Winamp\winampa.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Software Update = C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run HP Component Manager = C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run DeviceDiscovery = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpotdd01.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run AVK Mail Checker = C:\Program Files\AntiVirenKit\AVKPOP.EXE
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run gcasServ = C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run SysMemory manager = c:\windows\system32\mdms.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Zeno.lnk = C:\WINDOWS\system32\lwinmsaz.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
Odpowiedzi: 5
EL NINO:
Oczywiscie taka mala istotna roznica dotyczaca tego, ze jest to inny program, nie jest istotna ?http://forum.centrumxp.pl/viewtopic.php?t=19974
Browser Hijack Recover to to samo co HiJack This ?
Miałem nadzieję, źe są choc troszkę podobne. A tu jednak ZONK :oops:
Oczywiscie taka mala istotna roznica dotyczaca tego, ze jest to inny program, nie jest istotna ?http://forum.centrumxp.pl/viewtopic.php?t=19974
Browser Hijack Recover to to samo co HiJack This ?
http://forum.centrumxp.pl/viewtopic.php?t=19974
wiem ze to moze zabrzmi smiesznie ale jak mam to usunac:> (blond wlosy:P)
wywalasz:
C:\windows\system32\mdms.exe
C:\windows\system32\rldsregn.exe
04 – HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run SysMemory manager = c:\windows\system32\mdms.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Zeno.lnk = C:\WINDOWS\system32\lwinmsaz.exe
O4 – C:\Documents and Settings\OPTIMUS\Menu Start\Programy\Autostart\Z_Start.lnk = C:\WINDOWS\system32\dwdsregt.exe
To chyba teź.C:\windows\adtech2005.exe
Strona 1 / 1