Temat: Wirus Adware
Zobacz pojedynczy post
stary 20-07-2007, 13:21   #6
Athun
Użytkownik Forum
 
Athun's Avatar
 
Data dołączenia: 05 11 2006
Posty: 369
Domyślny
Logfile of HijackThis v1.99.1
Scan saved at 12:08:28, on 2007-07-20
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss*****
C:\WINDOWS\system32\winlogon*****
C:\WINDOWS\system32\services*****
C:\WINDOWS\system32\lsass*****
C:\WINDOWS\system32\svchost*****
C:\WINDOWS\System32\svchost*****
C:\Program Files\Alwil Software\Avast4\aswUpdSv*****
C:\Program Files\Alwil Software\Avast4\ashServ*****
C:\WINDOWS\Explorer*****
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD*****
C:\Program Files\PWN\Definicje\Bin\Starter*****
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\pl-pl\msnappau*****
D:\piotr-1\WINAMP\winampa*****
C:\WINDOWS\System32\ctfmon*****
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier*****
D:\piotr-1\Skype\Phone\Skype*****
D:\office 97'\Office\OSA*****
D:\office 97'\Office\MSOFFICE*****
C:\WINDOWS\system32\spoolsv*****
C:\WINDOWS\System32\nvsvc32*****
C:\Program Files\Internet Explorer\iexplore*****
C:\Program Files\Alwil Software\Avast4\ashWebSv*****
C:\Program Files\Alwil Software\Avast4\ashMaiSv*****
C:\WINDOWS\System32\wuauclt*****
C:\Program Files\Internet Explorer\iexplore*****
C:\WINDOWS\System32\msiexec*****
C:\WINDOWS\System32\wuauclt*****
D:\piotr-1\hijackthis\HijackThis*****

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\sw g.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\pl-pl\msntb.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.5000.1021\pl-pl\msntb.dll
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
O4 - HKLM\..\Run: [AdaptecDirectCD] "C:\Program Files\Adaptec\Easy CD Creator 5\DirectCD\DirectCD*****"
O4 - HKLM\..\Run: [Realtime Audio Engine] mmrtkrnl*****
O4 - HKLM\..\Run: [DemonStarter] C:\Program Files\PWN\Definicje\Bin\Starter*****
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\pl-pl\msnappau*****"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz***** /install
O4 - HKLM\..\Run: [WinampAgent] D:\piotr-1\WINAMP\winampa*****
O4 - HKLM\..\RunOnce: [avp6_post_install] msiexec***** /i"C:\DOCUME~1\MIROSŁ~1\USTAWI~1\Temp\Active Virus Shield v.25\avs.msi"
O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\System32\ctfmon*****
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier*****
O4 - HKCU\..\Run: [Skype] "D:\piotr-1\Skype\Phone\Skype*****" /nosplash /minimized
O4 - HKCU\..\Run: [updateMgr] C:\Program Files\Adobe\Acrobat 7.0\Reader\AdobeUpdateManager***** AcRdB7_0_5
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl*****
O4 - Global Startup: Uruchamianie pakietu Office.lnk = D:\office 97'\Office\OSA*****
O4 - Global Startup: Pasek skrótów Microsoft Office.lnk = D:\office 97'\Office\MSOFFICE*****
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) - http://nati0228.spaces.live.com/Phot...cab?10,0,912,0
O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv*****
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ*****
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv*****" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService*****
O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Roxio Inc. - C:\WINDOWS\System32\ImapiRox*****
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32*****

O to log z hijackthis...
__________________
Athun jest offline   Odpowiedz z Cytatem