Dzisiaj sciagnalem bot o nazwie Tibia Auto. Po zainstalowaniu go zauwazylem, ze na pulpicie pojawil sie dziwny plik o nazwie "server*****". Zorientowalem sie, ze to plik owntibii, wiec sciagnalem "owntibia-deleter". Program wykryl owntibie, ale nie moglem jej usunac. Zajzalem do tego tematu i sciagnalem "Hijackthis!". Zrobilem skan i nie wiem ktory plik jest tym "owntibiowym.
Prosze o pomoc!
Udostepniam zapis mojego logu:
Logfile of HijackThis v1.99.1
Scan saved at 14:49:04, on 2007-06-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\Explorer*****
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
C:\=WSZYSTKIE=\Winamp\Winampa*****
C:\WINDOWS\system32\ctfmon*****
C:\Program Files\Internet Explorer\iexplore*****
C:\Documents and Settings\adrian\Pulpit\HijackThis*****
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.find.fm/?aid=95&sid=99
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {01E69986-A054-4C52-ABE8-EF63DF1C5211} - (no file)
F2 - REG:system.ini: Shell=
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.3.28.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: XBTB04482 - {D72F6457-DDC6-4bc2-9DB5-97AD696800B6} - C:\PROGRA~1\FINDFM~1\toolbar.dll (file missing)
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck*****
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [WinampAgent] "C:\=WSZYSTKIE=\Winamp\Winampa*****"
O4 - HKLM\..\Run: [WinVNC] "C:\Program Files\UltraVNC\WinVNC*****" -servicehelper
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\INTERN~2\MEDIAKEY*****
O4 - HKLM\..\Run: [CTRegRun] C:\WINDOWS\CTRegRun*****
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray*****" /s
O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon*****
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype*****" /nosplash /minimized
O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001*****"
O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam***** -silent
O4 - HKCU\..\Run: [BitTorrent] "C:\Program Files\BitTorrent\bittorrent*****" --force_start_minimized
O4 - Startup: UniSpiker-2.6.lnk = ?
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl*****
O8 - Extra context menu item: Download all links using BitComet - res://C:\Program Files\BitComet\BitComet*****/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet - res://C:\Program Files\BitComet\BitComet*****/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet - res://C:\Program Files\BitComet\BitComet*****/AddLink.htm
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsu...?1130355726364
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv*****
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ*****
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv*****" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing)
O23 - Service: NetTime (NetTimeSvc) - Unknown owner - C:\Documents and Settings\Administrator\Pulpit\NetTime\NeTmSvNT**** * (file missing)
O23 - Service: VNC Server (winvnc) - Unknown owner - C:\Program Files\UltraVNC\WinVNC*****" -service (file missing)