|
Notki |
Poradniki Poradniki napisane przez użytkowników forum. Podfora : Wasze propozycje poradników ; Poradniki archwialne; Poradniki nie związane z Tibią |
|
Opcje tematu |
24-07-2008, 22:18 | #262 | |
Użytkownik Forum
|
Usunąłem plik isass czy jak mu tam z pliku system ale hijackthis ciagle go wykrywa a gdy próbuje zamknac proces isass to pisze że nie znaleziono
Nadal mam keya? A tak btw to owntibia wyłapuje passy tylko z tibi czy też z innych gier? Cytuj:
__________________
W psychologii prowokacja jest świadomym wymuszeniem określonych zachowań, reakcji lub działań, często agresywnych i nagłych, poprzez oddziaływanie na psychikę, niekoniecznie zgodne z ideologiami lub obranymi przez daną osobę zasadami. Ostatnio edytowany przez P$ychop@ta - 24-07-2008 o 22:21. |
|
29-07-2008, 09:34 | #263 | |
Visca El Barca
Data dołączenia: 04 06 2006
Lokacja: Żory
Wiek: 33
Posty: 329
Stan: Niegrający
Profesja: Royal Paladin
|
Cytuj:
Czyli odpowiedź brzmi- tylko z Tibii! |
|
29-07-2008, 13:54 | #264 |
Użytkownik forum
Data dołączenia: 03 07 2008
Lokacja: Lubartów
Posty: 9
Stan: Na Emeryturze
Imię: Noorberto
Profesja: Paladin
Świat: Calmera
Poziom: 21
Skille: 60+/45+
Poziom mag.: 6+
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:39:53, on 2008-07-29 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss*** C:\WINDOWS\system32\winlogon*** C:\WINDOWS\system32\services*** C:\WINDOWS\system32\lsass*** C:\WINDOWS\System32\Ati2evxx*** C:\WINDOWS\system32\svchost*** C:\WINDOWS\System32\svchost*** C:\Program Files\Ahead\InCD\InCDsrv*** C:\WINDOWS\system32\spoolsv*** C:\WINDOWS\system32\Ati2evxx*** C:\WINDOWS\Explorer*** C:\Program Files\Analog Devices\SoundMAX\SMTray*** C:\Program Files\ATI Technologies\ATI.ACE\cli*** C:\Program Files\Eset\nod32kui*** C:\Program Files\Java\jre1.6.0_01\bin\jusched*** C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication*** C:\Program Files\Microsoft Office\Office12\GrooveMonitor*** C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ*** C:\Program Files\Ahead\InCD\InCD*** C:\Windows\system32\sys32*** C:\WINDOWS\system32\ctfmon*** C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480*** C:\Program Files\Skype\Phone\Skype*** C:\Program Files\Messenger\msmsgs*** C:\Program Files\Gadu-Gadu\gg*** C:\Program Files\IPLA\IPLA*** C:\Program Files\ATI Technologies\ATI.ACE\CLI*** C:\Program Files\Kalendarz XP\Kalendarz*** C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig*** C:\Program Files\802.11g Wireless LAN\Monitor*** C:\Program Files\Skype\Plugin Manager\skypePM*** C:\Documents and Settings\All Users\Dane aplikacji\Skype\Plugins\Plugins\E12C95FCBD1240FEAE 314D89676CA6F8\LieDetector*** C:\Program Files\Eset\nod32krn*** C:\Program Files\Analog Devices\SoundMAX\SMAgent*** C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE*** C:\WINDOWS\System32\svchost*** C:\Program Files\PC Connectivity Solution\ServiceLayer*** C:\Program Files\Mozilla Firefox\firefox*** C:\WINDOWS\system32\wuauclt*** C:\Program Files\Java\jre1.6.0_01\bin\jucheck*** C:\Program Files\Trend Micro\HijackThis\HijackThis*** R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyServer = 83.142.126.1:3128 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Int ernet Settings,ProxyOverride = localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {140BD8E3-C167-11D4-B4A3-080000180323} - (no file) O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O2 - BHO: Alcohol Toolbar Helper - {8126A4A5-BFD3-46FE-BBDF-BFB5CF78E489} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Alcohol Toolbar - {ED4BD629-C1B6-4399-8A34-02CCAA921DC9} - C:\Program Files\Alcohol Toolbar\v3.2.0.0\Alcohol_Toolbar.dll O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O4 - HKLM\..\Run: [Smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray*** O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx*** O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli***" runtime O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui***" /WAITSERVICE O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched***" O4 - HKLM\..\Run: [PCSuiteTrayApplication] C:\Program Files\Nokia\Nokia PC Suite 6\LaunchApplication*** -startup O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor***" O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ***" O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD*** O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck*** O4 - HKLM\..\Run: [sys32] C:\Windows\system32\sys32*** O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon*** O4 - HKCU\..\Run: [LDM] C:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480*** O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype***" /nosplash /minimized O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs***" /background O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 120\axcmd***" /automount O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg***" /tray O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\CCleaner***" /AUTO O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ***" O4 - HKCU\..\Run: [IPLA!] C:\Program Files\IPLA\IPLA*** /autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON***] C:\WINDOWS\System32\CTFMON***** (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON***] C:\WINDOWS\System32\CTFMON***** (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON***] C:\WINDOWS\System32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON***] C:\WINDOWS\System32\CTFMON***** (User 'Default user') O4 - Startup: Monitor.lnk = C:\Program Files\802.11g Wireless LAN\Monitor*** O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI*** O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Kalendarz XP\Kalendarz*** O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf***** O4 - Global Startup: Raconfig.lnk = C:\Program Files\RALINK\RT2400 Wireless LAN Card\Installer\WINXP\RaConfig*** O8 - Extra context menu item: &Winamp Toolbar Search - C:\Documents and Settings\All Users\Dane aplikacji\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL*****/3000 O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*** O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*** O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://bezpieczenstwo.onet.pl/skaner/ArcaOnline.cab O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\System32\Ati2evxx*** O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag*** O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService*** (file missing) O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program Files\Ahead\InCD\InCDsrv*** O23 - Service: InstallShield Licensing Service - Macrovision - C:\Program Files\Common Files\InstallShield Shared\Service\InstallShield Licensing Service*** O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn***** O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer*** O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent*** O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE*** -- End of file - 9001 bytes Sa jakies keylogery? |
09-08-2008, 23:20 | #265 |
Guest
Posty: n/a
|
Running processes:
C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\Ati2evxx***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\Program Files\Alwil Software\Avast4\aswUpdSv***** C:\Program Files\Alwil Software\Avast4\ashServ***** C:\WINDOWS\system32\spoolsv***** C:\WINDOWS\system32\cisvc***** C:\WINDOWS\system32\PnkBstrA***** C:\WINDOWS\system32\PnkBstrB***** C:\WINDOWS\system32\Ati2evxx***** C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE***** C:\WINDOWS\Explorer***** C:\WINDOWS\System32\PAStiSvc***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\SOUNDMAN***** C:\PROGRA~1\ALWILS~1\Avast4\ashDisp***** C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon***** D:\GG 7.6\Gadu-Gadu\gg***** C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon***** C:\Program Files\Alwil Software\Avast4\ashMaiSv***** C:\Program Files\Alwil Software\Avast4\ashWebSv***** C:\Program Files\Neostrada TP\NeostradaTP***** C:\Program Files\Neostrada TP\ComComp***** C:\WINDOWS\System32\svchost***** C:\Program Files\Neostrada TP\Watch***** C:\Program Files\Mozilla Firefox\firefox***** C:\WINDOWS\system32\cidaemon***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/pl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: My Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfre1.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O4 - HKLM\..\Run: [SoundMan] SOUNDMAN***** O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch***** O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx***** O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp***** O4 - HKLM\..\Run: [My Web Search Bar] rundll32 C:\PROGRA~1\MYWEBS~1\bar\1.bin\MWSBAR.DLL,S O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\bar\1.bin\mwsoemon***** O4 - HKCU\..\Run: [Gadu-Gadu] "D:\GG 7.6\Gadu-Gadu\gg*****" /tray O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user') O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon***** O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbar...tml?p=ZNfox000 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL*****/3000 O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** (file missing) O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** (file missing) O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\WINDOWS\system32\shdocvw.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O17 - HKLM\System\CCS\Services\Tcpip\..\{8F71D285-8088-43A1-B49D-F20420E0613F}: NameServer = 194.204.159.1 217.98.63.164 O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv***** O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx***** O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag***** O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ***** O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv***** O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv***** O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA***** O23 - Service: PnkBstrB - Unknown owner - C:\WINDOWS\system32\PnkBstrB***** O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE***** O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc***** -- End of file - 6404 bytes powie mi ktos czy cos mam ;] ? |
10-08-2008, 00:33 | #266 | |
Użytkownik Forum
Data dołączenia: 24 10 2007
Lokacja: T-G
Posty: 17
Stan: Na Emeryturze
Profesja: Elder Druid
Świat: Menera
|
Witam, nie wiem czy nie groźne są te pliki:
Cytuj:
Aha i 2 sprawa czy przekierowania pliku HOSTS O1 mam też usuwać? |
|
22-08-2008, 14:41 | #267 |
Użytkownik Forum
Data dołączenia: 16 01 2008
Lokacja: Jaworzno
Posty: 172
Stan: Aktywny Gracz
Imię: Wahu Pall
Profesja: Paladin
Świat: Honera
|
Logfile of HijackThis v1.99.1
Scan saved at 14:28:38, on 2008-08-22 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Running processes: C:\Windows\system32\Dwm***** C:\Windows\Explorer***** C:\Program Files\Windows Defender\MSASCui***** C:\Windows\RtHDVCpl***** C:\Program Files\Nero\Nero 7\InCD\NBHGui***** C:\Program Files\Nero\Nero 7\InCD\InCD***** C:\Windows\System32\rundll32***** C:\Program Files\HP\HP Software Update\hpwuSchd2***** C:\Windows\USB Vibration\7906\USB Gamepad***** C:\Program Files\Java\jre1.6.0_06\bin\jusched***** C:\Program Files\Alwil Software\Avast4\ashDisp***** C:\Program Files\Windows Sidebar\sidebar***** C:\Windows\System32\rundll32***** C:\Program Files\Skype\Phone\Skype***** C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier***** C:\Program Files\IPLA\IPLA***** C:\Windows\system32\taskeng***** C:\Program Files\HP\Digital Imaging\bin\hpqtra08***** C:\Program Files\Skype\Plugin Manager\skypePM***** C:\Program Files\HP\Digital Imaging\bin\hpqSTE08***** D:\Tibia\Tibia***** C:\Program Files\Internet Explorer\ieuser***** C:\PROGRA~1\ALWILS~1\Avast4\ashQuick***** C:\Program Files\Mozilla Firefox\firefox***** C:\Users\Magda\Desktop\HijackThis***** R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.bearshare.com/pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = R3 - URLSearchHook: Winamp Search Class - {57BCA5FA-5DBB-45a2-B558-1755C3F6253B} - C:\Program Files\Winamp Toolbar\winamptb.dll O1 - Hosts: ::1 localhost O2 - BHO: btorbit.com - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: Winamp Toolbar Loader - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - C:\Program Files\Winamp Toolbar\winamptb.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Pomocnik rejestracji usługi Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll O2 - BHO: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.37.0\HostIE.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - C:\Program Files\Winamp Toolbar\winamptb.dll O3 - Toolbar: Zango - {90B8B761-DF2B-48AC-BBE0-BCC03A819B3B} - C:\Program Files\Zango\bin\10.3.37.0\HostIE.dll (file missing) O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui***** -hide O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel***** /A O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl***** O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck***** O4 - HKLM\..\Run: [SecurDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui***** O4 - HKLM\..\Run: [InCD] C:\Program Files\Nero\Nero 7\InCD\InCD***** O4 - HKLM\..\Run: [Skytel] Skytel***** O4 - HKLM\..\Run: [NvSvc] RUNDLL32***** C:\Windows\system32\nvsvc.dll,nvsvcStart O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\Windows\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32***** C:\Windows\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl*****" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2***** O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa*****" O4 - HKLM\..\Run: [USB Gamepad] C:\Windows\USB Vibration\7906\USB Gamepad***** -boot O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_06\bin\jusched*****" O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp***** O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar***** /autoRun O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*****" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype*****" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\G oogleToolbarNotifier***** O4 - HKCU\..\Run: [ares] "C:\Program Files\Ares\Ares*****" -h O4 - HKCU\..\Run: [Orb] "C:\Program Files\Winamp Remote\bin\OrbTray*****" /background O4 - HKCU\..\Run: [AdobeUpdater] C:\Program Files\Common Files\Adobe\Updater5\AdobeUpdater***** O4 - HKCU\..\Run: [Steam] C:\Program Files\Steam\Steam***** -silent O4 - HKCU\..\Run: [IPLA!] C:\Program Files\IPLA\IPLA***** /autorun O4 - HKCU\..\Run: [lsass*****] C:\Windows\lsass***** O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08***** O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA***** O8 - Extra context menu item: &Download by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/201 O8 - Extra context menu item: &Grab video by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/204 O8 - Extra context menu item: &Winamp Search - C:\ProgramData\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm O8 - Extra context menu item: Do&wnload selected by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/203 O8 - Extra context menu item: Down&load all by Orbit - res://C:\Program Files\Orbitdownloader\orbitmxt.dll/202 O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office10\EXCEL*****/3000 O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL*****/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_06\bin\ssv.dll O9 - Extra button: Wpis w blogu - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra 'Tools' menuitem: &Wpis w blogu w Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL O10 - Unknown file in Winsock LSP: c:\windows\system32\nlaapi.dll O10 - Unknown file in Winsock LSP: c:\windows\system32\napinsp.dll O11 - Options group: [INTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D} (HpProductDetection Class) - http://h20270.www2.hp.com/ediags/gmn...tDetection.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F58AD480-AE42-44B5-BA7D-23C352FB1370}: NameServer = 83.238.255.76 213.241.79.37 O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\WI1F86~1\MESSEN~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wlmailhtml - {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C:\PROGRA~1\COMMON~1\MICROS~1\OFFICE12\MSOXMLMF.DL L O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:\Program Files\Ares\chatServer***** O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv***** O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ***** O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv*****" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing) O23 - Service: @%SystemRoot%\ehome\ehstart.dll,-101 (ehstart) - Unknown owner - %windir%\system32\svchost***** (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT***** O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv***** O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService***** O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService***** O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA***** O23 - Service: @%SystemRoot%\system32\qwave.dll,-1 (QWAVE) - Unknown owner - %windir%\system32\svchost***** (file missing) O23 - Service: @%SystemRoot%\system32\seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%\system32\svchost***** (file missing) O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService***** O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk*****,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk***** (file missing) CO MAM Z TEGO USUNAC BO JA JEsTEM TEPY?
__________________
22:21 Wahuraydd Xafen [77]: kto cie robil homer? 22:22 Franio Of Homera [16]: kolega ------------------------------------ 12:00 Anumisek [82]: dalbys murzynowi dupy za talerz zupy ? 12:01 Zwidek [175]: nie ? 12:01 Anumisek [82]: a za co bys dal ? 12:01 Zwidek [175]: lol.. za nic 12:01 Anumisek [82]: hehe dobry jestes xD za darmo dajesz |
23-08-2008, 01:14 | #268 |
Użytkownik forum
Data dołączenia: 09 07 2008
Lokacja: Zabrze
Posty: 14
Stan: Aktywny Gracz
Imię: Pider The Palladin
Profesja: Paladin
Świat: Empera
Poziom: 38
Skille: 76/59
Poziom mag.: 13
|
spoko poradnik najlepsy jaki widzialem o tego typu tematach
|
28-09-2008, 01:37 | #269 |
Użytkownik forum
Data dołączenia: 25 09 2008
Lokacja: Radom
Posty: 9
Stan: Początkujący
Imię: Koniczynkowa
Profesja: Knight
Świat: Shivera
Poziom: 30
Skille: 66/66
Poziom mag.: 4
|
Dobry poradnik.
Chciałabym się dowiedzieć, czy jeżeli otwieram ten plik HOSTS za pomocą Worda, dodaję te adresy, to mogę zapisać w formacie DOC? A jeżeli nie, to jak mam to zmienić? |
28-09-2008, 08:33 | #270 | |
Użytkownik Forum
Data dołączenia: 16 06 2007
Lokacja: Białystok
Wiek: 17
Posty: 214
Stan: Aktywny Gracz
Imię: Tocallo Herodes
Profesja: Rookstayer
Świat: Zanera
Poziom: 62
|
mam pytanie.
Czy ten projekt owntibia jest rozwijany dalej?
__________________
Cytuj:
WYCIEK DOTYCZĄCY NASTĘPNEGO UPDATE
|
|
07-10-2008, 18:20 | #271 |
Użytkownik forum
Data dołączenia: 07 10 2008
Posty: 7
|
Help!
Ej ludzie pomóżcie mam problem z hijackthis wklejam loga bo mam podejrzenia że mam kl lub jakiś inny shit Proszę o pomoc a nawet napisanie mi na maila
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 17:36:44, on 2008-10-07 Platform: Windows Vista SP1 (WinNT 6.00.1905) MSIE: Internet Explorer v7.00 (7.00.6001.18000) Boot mode: Normal Running processes: C:\Windows\system32\Dwm***** C:\Windows\Explorer***** C:\Windows\system32\taskeng***** C:\Program Files\Java\jre1.6.0_07\bin\jusched***** C:\Windows\System32\igfxtray***** C:\Windows\System32\hkcmd***** C:\Windows\System32\igfxpers***** C:\PROGRA~1\McAfee.com\Agent\mcagent***** C:\Windows\RtHDVCpl***** C:\Windows\system32\igfxsrvc***** C:\Program Files\Synaptics\SynTP\SynTPEnh***** C:\Program Files\TOSHIBA\ConfigFree\NDSTray***** C:\Program Files\Google\Google Desktop Search\GoogleDesktop***** C:\Program Files\Camera Assistant Software for Toshiba\traybar***** C:\Program Files\TOSHIBA\Power Saver\TPwrMain***** C:\Program Files\TOSHIBA\SmoothView\SmoothView***** C:\Program Files\TOSHIBA\FlashCards\TCrdMain***** C:\Program Files\Windows Sidebar\sidebar***** C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD***** C:\Program Files\PDFCreator\PDFCreator***** C:\Program Files\Camera Assistant Software for Toshiba\CEC_MAIN***** C:\Program Files\Google\Google Desktop Search\GoogleDesktop***** C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr***** C:\Program Files\Synaptics\SynTP\SynTPHelper***** C:\Program Files\Gadu-Gadu\gg***** C:\Windows\system32\taskeng***** C:\Program Files\Mozilla Firefox\firefox***** C:\Users\Jola\Desktop\KeyFinder***** C:\Windows\system32\SearchFilterHost***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: McAntiPhishingBHO - {377C180E-6F0E-4D4C-980F-F45BD3D40CF4} - c:\PROGRA~1\mcafee\msk\mcapbho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll O2 - BHO: scriptproxy - {7DB2D5A0-7241-4E79-B68D-6309F01C5231} - C:\Program Files\McAfee\VirusScan\scriptsn.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll O4 - HKLM\..\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui***** -hide O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_07\bin\jusched*****" O4 - HKLM\..\Run: [IgfxTray] C:\Windows\system32\igfxtray***** O4 - HKLM\..\Run: [HotKeysCmds] C:\Windows\system32\hkcmd***** O4 - HKLM\..\Run: [Persistence] C:\Windows\system32\igfxpers***** O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl***** O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh***** O4 - HKLM\..\Run: [NDSTray*****] NDSTray***** O4 - HKLM\..\Run: [mcagent_exe] C:\Program Files\McAfee.com\Agent\mcagent***** /runkey O4 - HKLM\..\Run: [Google Desktop Search] "C:\Program Files\Google\Google Desktop Search\GoogleDesktop*****" /startup O4 - HKLM\..\Run: [Camera Assistant Software] "C:\Program Files\Camera Assistant Software for Toshiba\traybar*****" /start O4 - HKLM\..\Run: [TPwrMain] %ProgramFiles%\TOSHIBA\Power Saver\TPwrMain***** O4 - HKLM\..\Run: [SmoothView] %ProgramFiles%\Toshiba\SmoothView\SmoothView***** O4 - HKLM\..\Run: [00TCrdMain] %ProgramFiles%\TOSHIBA\FlashCards\TCrdMain***** O4 - HKLM\..\Run: [Toshiba Registration] C:\Program Files\Toshiba\Registration\ToshibaRegistration**** * O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl*****" O4 - HKLM\..\Run: [Skytel] Skytel***** O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar***** O4 - HKCU\..\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD***** O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar***** /detectMem (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32***** oobefldr.dll,ShowWelcomeCenter (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar***** /detectMem (User 'USŁUGA SIECIOWA') O4 - .DEFAULT User Startup: TRDCReminder.lnk = C:\Program Files\TOSHIBA\TRDCReminder\TRDCReminder***** (User 'Default user') O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM***** O4 - Global Startup: PDFCreator.lnk = C:\Program Files\PDFCreator\PDFCreator***** O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL*****/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\PROGRA~1\Java\JRE16~2.0_0\bin\ssv.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: eBay - {76577871-04EC-495E-A12B-91F7C3600AFA} - http://rover.ebay.com/rover/1/4908-44618-9400-3/4 (file missing) O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-B562-5C1519E434CE} - http://www.amazon.co.uk/exec/obidos/...k-21&site=home (file missing) O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~3\GOEC62~1.DLL O23 - Service: ConfigFree Service - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs***** O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop***** O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** O23 - Service: McAfee Services (mcmscsvc) - McAfee, Inc. - C:\PROGRA~1\McAfee\MSC\mcmscsvc***** O23 - Service: McAfee Network Agent (McNASvc) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mna\mcnasvc***** O23 - Service: McAfee Scanner (McODS) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcods***** O23 - Service: McAfee Proxy Service (McProxy) - McAfee, Inc. - c:\PROGRA~1\COMMON~1\mcafee\mcproxy\mcproxy***** O23 - Service: McAfee Real-time Scanner (McShield) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcshield***** O23 - Service: McAfee SystemGuards (McSysmon) - McAfee, Inc. - C:\PROGRA~1\McAfee\VIRUSS~1\mcsysmon***** O23 - Service: McAfee Personal Firewall Service (MpfService) - McAfee, Inc. - C:\Program Files\McAfee\MPF\MPFSrv***** O23 - Service: McAfee Anti-Spam Service (MSK80Service) - McAfee, Inc. - C:\Program Files\McAfee\MSK\MskSrver***** O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) - TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA DVD PLAYER\TNaviSrv***** O23 - Service: TOSHIBA Optical Disc Drive Service (TODDSrv) - TOSHIBA Corporation - C:\Windows\system32\TODDSrv***** O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA Corporation - c:\Program Files\TOSHIBA\Power Saver\TosCoSrv***** O23 - Service: TOSHIBA SMART Log Service - TOSHIBA Corporation - c:\Program Files\TOSHIBA\SMARTLogService\TosIPCSrv***** O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr***** O23 - Service: XAudioService - Conexant Systems, Inc. - C:\Windows\system32\DRIVERS\xaudio***** -- End of file - 8838 bytes Błagam o pomoc Ostatnio edytowany przez Kubaplik - 07-10-2008 o 18:22. |
07-10-2008, 19:00 | #272 |
Użytkownik Forum
Data dołączenia: 13 02 2007
Posty: 374
|
Delete. Okay?
Ostatnio edytowany przez laxiu - 08-10-2008 o 16:37. |
07-10-2008, 20:20 | #273 |
Użytkownik forum
Data dołączenia: 07 10 2008
Posty: 7
|
To jak pomoże mi ktoś ?
Proszę o pomoc kogoś doświadczonego w tej dziedzinie Pozdrawiam |
07-10-2008, 22:30 | #274 |
Użytkownik Forum
Data dołączenia: 11 06 2007
Lokacja: ustka
Posty: 644
Stan: Niegrający
|
polam swoja plyte z windowsem i usun go u siebie
@Kubaplik raczej nic nie masz z typu tibijskich malware
__________________
W blasku mojej zajebistości można piec ciasteczka. |
07-10-2008, 23:59 | #275 |
Użytkownik Forum
Data dołączenia: 14 07 2007
Lokacja: Trzcianka k/Piły
Posty: 48
Stan: Niegrający
|
mozecie looknac to bo na forum arcabit spia:
Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\WINDOWS\system32\spoolsv***** C:\WINDOWS\Explorer***** C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\system32\wilpmove***** C:\Program Files\Java\jre1.6.0_05\bin\jusched***** C:\WINDOWS\system32\igfxtray***** C:\WINDOWS\system32\hkcmd***** C:\WINDOWS\sm56hlpr***** C:\Program Files\Synaptics\SynTP\SynTPLpr***** C:\Program Files\Synaptics\SynTP\SynTPEnh***** C:\PROGRA~1\NEOSTR~1\CnxMon***** C:\PROGRA~1\NEOSTR~1\TaskbarIcon***** C:\Program Files\Winamp\Winampa***** C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp***** C:\WINDOWS\system32\ctfmon***** C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon***** C:\Program Files\Microsoft Office\Office\1045\OLFSNT40***** C:\Program Files\Corel\Graphics9\Register\Remind32***** C:\Program Files\Mozilla Firefox\firefox***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** |
08-10-2008, 15:05 | #276 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
@Kubaplik
Już wyjaśnione na PW ;] @Xelu Daj cały log.
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
08-10-2008, 16:34 | #277 |
Użytkownik Forum
Data dołączenia: 13 02 2007
Posty: 374
|
Delete. Okay?
Ostatnio edytowany przez laxiu - 08-10-2008 o 16:36. |
08-10-2008, 19:26 | #278 |
Użytkownik Forum
Data dołączenia: 14 07 2007
Lokacja: Trzcianka k/Piły
Posty: 48
Stan: Niegrający
|
@uther92
bitte: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:15:43, on 2008-10-08 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\WINDOWS\system32\spoolsv***** C:\WINDOWS\Explorer***** C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\system32\wilpmove***** C:\Program Files\Java\jre1.6.0_05\bin\jusched***** C:\WINDOWS\system32\igfxtray***** C:\WINDOWS\system32\hkcmd***** C:\WINDOWS\sm56hlpr***** C:\Program Files\Synaptics\SynTP\SynTPLpr***** C:\Program Files\Synaptics\SynTP\SynTPEnh***** C:\PROGRA~1\NEOSTR~1\CnxMon***** C:\PROGRA~1\NEOSTR~1\TaskbarIcon***** C:\Program Files\Winamp\Winampa***** C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp***** C:\WINDOWS\system32\ctfmon***** C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon***** C:\Program Files\Microsoft Office\Office\1045\OLFSNT40***** C:\Program Files\Corel\Graphics9\Register\Remind32***** C:\Program Files\Mozilla Firefox\firefox***** C:\Program Files\Gadu-Gadu\gg***** C:\WINDOWS\system32\wuauclt***** C:\Program Files\Ahead\Nero StartSmart\NeroStartSmart***** C:\Program Files\Ahead\nero\nero***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSour...ctid=CT1098640 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll O2 - BHO: IEVkbdBHO - {59273AB4-E7D3-40F9-A1A8-6FA9CCA1862C} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ievkbd.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:\Program Files\Canon\Easy-WebPrint\Toolband.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O4 - HKLM\..\Run: [Skrót do strony właściwości High Definition Audio] HDAShCut***** O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_05\bin\jusched*****" O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray***** O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd***** O4 - HKLM\..\Run: [SMSERIAL] sm56hlpr***** O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr***** O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh***** O4 - HKLM\..\Run: [Easy-PrintToolBox] C:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN***** /logon O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck***** O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon***** O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch***** O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon***** O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa*****" O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask*****" -atboottime O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp*****" O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon***** O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user') O4 - Startup: Neostrada PL.lnk = ? O4 - Startup: Rejestrowanie produktów Corela.lnk = C:\Program Files\Corel\Graphics9\Register\Remind32***** O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl***** O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon***** O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9***** O4 - Global Startup: Przyspieszenie uruchomienia programu AutoCAD.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16***** O4 - Global Startup: Symantec Fax Starter Edition Port.lnk = C:\Program Files\Microsoft Office\Office\1045\OLFSNT40***** O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddAllLink.htm O8 - Extra context menu item: Dodaj do listy blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\ie_banner_deny.htm O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_AddToList.html O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_HSPrint.html O8 - Extra context menu item: Easy-WebPrint Preview - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Preview.html O8 - Extra context menu item: Easy-WebPrint Print - res://C:\Program Files\Canon\Easy-WebPrint\Resource.dll/RC_Print.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\SCIEPlgn.dll O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.1.2.dll/206 (file missing) O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} (OnlineScanner Control) - http://www.eset.eu/***us/docs/OnlineScanner.cab O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/S.../bin/cabsa.cab O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{E8E6BB89-C530-4400-A83A-5FC1F8E55225}: NameServer = 194.204.159.1 217.98.63.164 O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1\mzvkbd.dll,C:\PROGRA ~1\KASPER~1\KASPER~1\adialhk.dll,C:\PROGRA~1\KASPE R~1\KASPER~1\kloehk.dll O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv***** O23 - Service: Kaspersky Internet Security (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 2009\avp***** O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** O23 - Service: ServiceLayer - Nokia. - C:\Program Files\PC Connectivity Solution\ServiceLayer***** O23 - Service: Unimessage Printer Tracking Service (wilusbmonitor) - Wordcraft International Limited - C:\WINDOWS\system32\wilpmove***** -- End of file - 8841 bytes |
08-10-2008, 20:51 | #279 |
Użytkownik Forum
Data dołączenia: 11 06 2007
Lokacja: ustka
Posty: 644
Stan: Niegrający
|
nic raczej
www.hijackthis.de/en tam sobie powklejajcie, niescislosci i watpilwosci tutaj
__________________
W blasku mojej zajebistości można piec ciasteczka. |
11-10-2008, 00:27 | #280 |
Użytkownik forum
Data dołączenia: 20 08 2008
Lokacja: Braniewo
Posty: 7
Stan: Aktywny Gracz
|
|