|
Notki |
Poradniki Poradniki napisane przez użytkowników forum. Podfora : Wasze propozycje poradników ; Poradniki archwialne; Poradniki nie związane z Tibią |
|
Opcje tematu |
13-10-2008, 20:53 | #282 |
Użytkownik forum
Data dołączenia: 07 10 2008
Posty: 7
|
Help!
Jezu pomocy mam kl na kompie services a nie chce się usunąć pl pomocy tu daje loga
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 19:22:28, on 2008-10-13 Platform: Windows XP SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16705) Podejżewam że jest to ten proces C:\WINDOWS\system32\drivers\services***** ale jak to usunąć jak chce to usunąć to mi pojawia się okno w którym mam podać hasło pls Help Boot mode: Normal Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\Ati2evxx***** C:\WINDOWS\system32\svchost***** C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51***** C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE***** C:\WINDOWS\system32\svchost***** C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv***** C:\WINDOWS\system32\spoolsv***** C:\WINDOWS\system32\Ati2evxx***** C:\WINDOWS\Explorer***** C:\WINDOWS\ehome\ehtray***** C:\WINDOWS\SOUNDMAN***** C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN***** C:\Program Files\Java\jre1.6.0_02\bin\jusched***** C:\Program Files\Lexmark 1400 Series\lxdjamon***** C:\WINDOWS\system32\ctfmon***** C:\WINDOWS\eHome\ehmsas***** C:\WINDOWS\eHome\ehRecvr***** C:\WINDOWS\eHome\ehSched***** C:\WINDOWS\system32\lxdjcoms***** C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls***** C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr***** C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv***** C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc***** C:\WINDOWS\system32\PnkBstrA***** c:\program files\panda software\panda internet security 2007\firewall\PSHOST***** C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc***** C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD***** C:\WINDOWS\system32\dllhost***** C:\Program Files\Panda Software\Panda Internet Security 2007\WebProxy***** C:\WINDOWS\System32\svchost***** C:\Program Files\Panda Software\Panda Internet Security 2007\PavBckPT***** C:\WINDOWS\system32\svchost***** C:\Program Files\Windows Media Player\wmplayer***** C:\Program Files\Gadu-Gadu\gg***** C:\Program Files\Mozilla Firefox\firefox***** C:\WINDOWS\system32\drivers\services***** C:\totalcmd\TOTALCMD***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file) O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file) O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray***** O4 - HKLM\..\Run: [SoundMan] SOUNDMAN***** O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Internet Security 2007\APVXDWIN*****" /s O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Software\Panda Internet Security 2007\Inicio*****" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_02\bin\jusched*****" O4 - HKLM\..\Run: [lxdjamon] "C:\Program Files\Lexmark 1400 Series\lxdjamon*****" O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl*****" O4 - HKLM\..\Run: [msm] C:\WINDOWS\system32\drivers\services***** O4 - HKCU\..\Run: [ctfmon*****] C:\WINDOWS\system32\ctfmon***** O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user') O4 - Startup: Yahoo! Desktop Search.lnk = C:\Program Files\Yahoo!\Yahoo! Desktop Search\YahooDesktopSearch***** O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL*****/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\ProgramFiles\Messenger\msmsgs***** O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {48884C41-EFAC-433D-958A-9FADAC41408E} (EGamesPlugin Class) - https://www.e-games.com.my/com/EGamesPlugin.cab O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsof...?1168567993609 O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) - http://cdn1.acclaimdownloads.com/solidstateion.cab O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx***** O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag***** O23 - Service: Google Updater Service (gusvc) - Unknown owner - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** (file missing) O23 - Service: lxdj_device - - C:\WINDOWS\system32\lxdjcoms***** O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PsCtrls***** O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr***** O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv***** O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51***** O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc***** O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA***** O23 - Service: Panda Host Service (PSHost) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PSHOST***** O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\psimsvc***** O23 - Service: Panda TPSrv (TPSrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\TPSrv***** -- End of file - 8026 bytes |
14-10-2008, 08:04 | #283 |
Użytkownik forum
Data dołączenia: 07 10 2008
Posty: 7
|
Czy ktoś mi pomoże ????
|
14-10-2008, 10:26 | #284 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
W hijacku usuwasz wpis :
Kod:
O4 - HKLM\..\Run: [msm] C:\WINDOWS\system32\drivers\services***** Kod:
C:\WINDOWS\system32\drivers\services*****
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
20-10-2008, 15:32 | #285 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
Hej, ściągnąłem kiedyś bota, którego mi antyvir nie wykrył, JEDNAK po zakupie tego samego antywirusa (tylko z Ameryki) nagle mi się pojawił keylogger w bocie ; o czy to że usunąłem bota i jakiś tam text przy nim(też z keyem) to już wszystko czy musze jeszcze hijack pobrać i zeskanować?
//Edit Btw. Ludzie, czy wy nie potraficie ruszyć mózgiem i cofnąć pare stron w tył ? po c*uj wklejacie całe logi ;o ? ===================================== Gdzie ta owntibia może siedzieć ? Wszędzie ? Czy w określonym "dziale"? Ostatnio edytowany przez --Ogorek-- - 20-10-2008 o 18:20. |
21-10-2008, 15:08 | #286 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
refresz
/Edit Btw. Wie ktoś co to jest ? Pojawia mi się podczas odpalania systemu ; o Jak nawet jeszcze mi sie nic nie odpaliło i jak sie system zamyka to też cos jest tam napisane ale nie zrobiłem screena Wie ktoś jak to usunąć? ? Ostatnio edytowany przez --Ogorek-- - 21-10-2008 o 20:34. |
22-10-2008, 16:53 | #287 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
refresz x
|
24-10-2008, 15:26 | #288 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
To jakiś keylogger o którym nawet w googlu nie ma info, wiec dawaj loga.
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
24-10-2008, 18:25 | #290 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:14:18, on 2008-10-24 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** C:\WINDOWS\Explorer***** C:\WINDOWS\system32\spoolsv***** C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc***** C:\WINDOWS\system32\nvsvc32***** C:\Program Files\Java\jre1.6.0_03\bin\jusched***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\system32\UAService7***** C:\Program Files\Analog Devices\Core\smax4pnp***** C:\Program Files\Analog Devices\SoundMAX\Smax4***** C:\Program Files\CyberLink\PowerDVD\PDVDServ***** C:\WINDOWS\system32\RUNDLL32***** C:\Program Files\Common Files\InstallShield\UpdateService\issch***** C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy***** C:\Program Files\Thomson\SpeedTouch USB\Dragdiag***** C:\Program Files\USB Disk Win98 Driver\Res***** C:\Program Files\Canon\CAL\CALMAIN***** C:\WINDOWS\system32\game01***** C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** C:\Program Files\HP\HP Software Update\HPWuSchd2***** C:\WINDOWS\system32\ctfmon***** C:\Program Files\Messenger\msmsgs***** C:\Program Files\DAEMON Tools Lite\daemon***** C:\Program Files\HP\Digital Imaging\bin\hpqtra08***** C:\Program Files\HP\Digital Imaging\bin\hpqSTE08***** C:\WINDOWS\System32\svchost***** C:\WINDOWS\system32\wuauclt***** C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc***** C:\Program Files\Gadu-Gadu\gg***** C:\Program Files\Garena\Garena***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/webhp?sourceid=navclient&ie=UTF-8 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\coIEPlg.dll O2 - BHO: Symantec Intrusion Prevention - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\PROGRA~1\COMMON~1\SYMANT~1\IDS\IPSBHO.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.0.1225.9868\s wg.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\PROGRA~1\ICQTOO~1\toolbaru.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files\Common Files\Symantec Shared\coShared\Browser\2.6\CoIEPlg.dll O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_03\bin\jusched*****" O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut***** O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp***** O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4*****" /tray O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz***** /install O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ*****" O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck***** O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32***** C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM***** -startup O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch*****" -start O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy*****" O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag*****" /icon O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask*****" -atboottime O4 - HKLM\..\Run: [USB Storage Toolbox] C:\Program Files\USB Disk Win98 Driver\Res***** O4 - HKLM\..\Run: [killer213] C:\WINDOWS\system32\game01***** O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare*****" /pause O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp*****" O4 - HKLM\..\Run: [osCheck] "C:\Program Files\Norton 360\osCheck*****" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2***** O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon***** O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs*****" /background O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\Program Files\Odkurzacz\odk_mcd***** O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\daemon*****" -autorun O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user') O4 - S-1-5-18 Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM***** (User 'SYSTEM') O4 - .DEFAULT Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM***** (User 'Default user') O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM***** O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl***** O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08***** O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL*****/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll O9 - Extra button: Add to VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra 'Tools' menuitem: Add to &VideoGet - {88CFA58B-A63F-4A94-9C54-0C7A58E3333E} - C:\PROGRA~1\NUCLEA~1\VideoGet\Plugins\VIDEOG~1.DLL O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\WINDOWS\system32\shdocvw.dll O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra button: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ***** O9 - Extra 'Tools' menuitem: ICQ6 - {E59EB121-F339-4851-A3BA-FE49C35617C2} - C:\Program Files\ICQ6\ICQ***** O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O14 - IERESET.INF: START_PAGE_URL=http://www.vobis.pl/ O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) - http://67.15.101.3/g_bin/pl/boards_2_0_0_32.cab O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1157540633109 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/micr...?1191756889125 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://fpdownload.macromedia.com/ge...sh/swflash.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_30.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_34.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{5AEC851B-D517-4E53-9555-C062EA12FCF4}: NameServer = 194.204.159.1 217.98.63.164 O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\AluSchedulerSvc***** O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN***** O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\VAScanner\comHost***** O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc***** O23 - Service: Kodak Camera Connection Software (KodakCCS) - Unknown owner - C:\WINDOWS\system32\drivers\KodakCCS***** (file missing) O23 - Service: LiveUpdate - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\LuComServer_3_4***** O23 - Service: LiveUpdate Notice - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSvcHst***** O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32***** O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12***** O23 - Service: Symantec Core LC - Unknown owner - C:\PROGRA~1\COMMON~1\SYMANT~1\CCPD-LC\symlcsvc***** O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:\WINDOWS\system32\UAService7***** |
24-10-2008, 18:57 | #291 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
Kod:
C:\WINDOWS\system32\game01***** O4 - HKLM\..\Run: [killer213] C:\WINDOWS\system32\game01*****
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
24-10-2008, 19:26 | #292 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
...
/edit ok już to wywaliłem i co teraz ? Ostatnio edytowany przez --Ogorek-- - 24-10-2008 o 19:36. |
24-10-2008, 19:43 | #293 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
Jak usunąłeś, to sprawdź, czy dalej wyświetla się komunikat keyloggera.
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
24-10-2008, 21:27 | #294 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
no ok tylko to może mi się wyświetlić za tydzień albo za 1 min ZAWSZE po uruchomienu komputera(tylko nie wiadomo za którym)
|
24-10-2008, 22:55 | #295 |
Guest
Posty: n/a
|
bardzo dobry poradnik... w końcu skończą się tematy:
"mam owntibię co mam zrobić" itd. |
25-10-2008, 16:11 | #296 |
Użytkownik Forum
Data dołączenia: 05 12 2006
Posty: 235
Stan: Aktywny Gracz
|
;)
Blokowanie owntibia.com chyba troche mija sie z celem..
Zablokuj www.owntibia.com Wpisz owntibia.com strona sie wyswietli.. Zablokuj opcje up wpisz y.owntibia.com strona sie wyswietli. Zablokuj opcje up wpisz x.owntibia.com strona sie wyswietli itd.. W link nie klikac ;d Ostatnio edytowany przez ^Trial^ - 25-10-2008 o 16:12. |
09-11-2008, 15:27 | #297 |
Użytkownik Forum
Data dołączenia: 20 06 2008
Posty: 612
Imię: Gooua Stopka
Profesja: Master Sorcerer
Gildia: Festina Lente
Świat: Berylia <333
Poziom: 45~
Poziom mag.: 43
|
teraz wklejam scana kolegi :
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 15:12:59, on 2008-11-09 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\Ati2evxx***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\WINDOWS\system32\Ati2evxx***** C:\WINDOWS\Explorer***** C:\WINDOWS\system32\spoolsv***** C:\Program Files\ESET\ESET NOD32 Antivirus\egui***** C:\Program Files\VIA\RAID\raid_tool***** C:\WINDOWS\SOUNDMAN***** C:\Program Files\ATI Technologies\ATI.ACE\cli***** C:\Program Files\D-Tools\daemon***** C:\WINDOWS\system32\ctfmon***** C:\Program Files\Skype\Phone\Skype***** C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** C:\Program Files\Picasa2\PicasaMediaDetector***** C:\Program Files\ATI Technologies\ATI.ACE\CLI***** C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn***** C:\WINDOWS\system32\svchost***** C:\Program Files\Tibia\Tibia***** C:\Program Files\Mozilla Firefox\firefox***** C:\Program Files\Trend Micro\HijackThis\HijackThis***** C:\Program Files\Nowe Gadu-Gadu\gg***** R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\ Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\egui*****" /hide /waitservice O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck***** O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool***** O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM\..\Run: [SoundMan] SOUNDMAN***** O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx***** O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli*****" runtime O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon*****" -lang 1033 O4 - HKLM\..\Run: [Spik] C:\Program Files\Spik\Spik***** -autostart O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon***** O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype*****" /nosplash /minimized O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** O4 - HKCU\..\Run: [Picasa Media Detector] C:\Program Files\Picasa2\PicasaMediaDetector***** O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*****" /tray O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg*****" O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user') O4 - Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI***** O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL*****/3000 O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag***** O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-945 LEchu3 15:13:35 8-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\Program Files\Spik\url_wpmsg.dll O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx***** O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag***** O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv***** O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn***** O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** -- End of file - 6158 bytes |
11-11-2008, 08:40 | #298 |
Użytkownik Forum
Data dołączenia: 19 05 2006
Lokacja: Za górami, za lasami....
Wpisy bloga: 1
Posty: 1,388
Stan: Na Emeryturze
Profesja: Rookstayer
|
Twój kumpel ma MyGlobalSearch, taki tam raczej niegroźny syf, ale jbc to tu info na temat usunięcia : ( http://www.spywareremove.com/removeMyGlobalSearch.html)
__________________
*** † Jarosław Krasuski (1974-2007) *** Może wstawisz mi notkę ? *** Masz problem z keyloggerem ? Nie jesteś pewien co do swojego bezpieczeństwa ? Chętnie ci pomogę |
12-11-2008, 14:19 | #299 |
Użytkownik forum
Data dołączenia: 12 11 2008
Posty: 6
|
dzieki pomogło
|
13-11-2008, 20:46 | #300 |
Użytkownik forum
Data dołączenia: 25 08 2008
Posty: 7
Stan: Aktywny Gracz
Imię: Konstel Zibi
Profesja: Knight
Świat: Honera
Poziom: 22+
Skille: 50/49
Poziom mag.: 3
|
SPRAWDZ BŁAGAM !!!!!!!
Logfile of HijackThis v1.99.1 Scan saved at 20:15:55, on 2008-11-13 Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16735) Running processes: C:\WINDOWS\System32\smss***** C:\WINDOWS\system32\winlogon***** C:\WINDOWS\system32\services***** C:\WINDOWS\system32\lsass***** C:\WINDOWS\system32\svchost***** C:\WINDOWS\System32\svchost***** C:\Program Files\Alwil Software\Avast4\aswUpdSv***** C:\Program Files\Alwil Software\Avast4\ashServ***** C:\WINDOWS\explorer***** C:\WINDOWS\system32\spoolsv***** C:\WINDOWS\RTHDCPL***** C:\Program Files\Winamp\winampa***** C:\WINDOWS\system32\RUNDLL32***** C:\PROGRA~1\ALWILS~1\Avast4\ashDisp***** C:\Program Files\Java\jre6\bin\jusched***** C:\WINDOWS\system32\ctfmon***** C:\Program Files\Messenger\msmsgs***** C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** C:\Program Files\IPLA\IPLA***** C:\Program Files\BitComet\BitComet***** C:\Program Files\OpenOffice.org 2.3\program\soffice***** C:\Program Files\OpenOffice.org 2.3\program\soffice.BIN C:\Program Files\Java\jre6\bin\jqs***** C:\WINDOWS\System32\nvsvc32***** C:\WINDOWS\system32\PnkBstrA***** C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE***** C:\Program Files\Alwil Software\Avast4\ashMaiSv***** C:\Program Files\Alwil Software\Avast4\ashWebSv***** C:\WINDOWS\System32\wbem\wmiapsrv***** C:\Program Files\Internet Explorer\iexplore***** C:\WINDOWS\system32\wuauclt***** C:\Program Files\Opera\opera***** C:\Program Files\WinRAR\WinRAR***** C:\DOCUME~1\dom\USTAWI~1\Temp\Rar$EX00.094\HijackT his***** R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll F2 - REG:system.ini: Shell=explorer***** C:\RECYCLER\services***** O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll O2 - BHO: Nasdaq Toolbar - {4E7BD74F-2B8D-469E-C3FF-FB7FB59BFA7D} - C:\PROGRA~1\nasdaq\nasdaq.dll O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\3.1.807.1746\sw g.dll O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O2 - BHO: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll O3 - Toolbar: free-downloads.net Toolbar - {ecdee021-0d17-467f-a1ff-c7a115230949} - C:\Program Files\free-downloads.net\tbfree.dll O3 - Toolbar: Nasdaq Toolbar - {4E7BD74F-2B8D-469E-C3FF-FB7FB59BFA7D} - C:\PROGRA~1\nasdaq\nasdaq.dll O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL***** O4 - HKLM\..\Run: [Alcmtr] ALCMTR***** O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz***** /install O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa***** O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32***** C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [amd_dc_opt] "F:\bot\amd_dc_opt*****" O4 - HKLM\..\Run: [win.sys] C:\Hack.bat O4 - HKLM\..\Run: [serwer] C:\Windows\system32\system010***** O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp***** O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl*****" O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched*****" O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon***** O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs*****" /background O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier***** O4 - HKCU\..\Run: [IPLA!] C:\Program Files\IPLA\IPLA***** /autorun O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program Files\Alcohol Soft\Alcohol 52\axcmd*****" /automount O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet*****" /tray O4 - Startup: OpenOffice.org 2.3.lnk = C:\Program Files\OpenOffice.org 2.3\program\quickstart***** O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet*****/AddAllLink.htm O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll/206 (file missing) O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag***** (file missing) O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag***** (file missing) O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs***** O11 - Options group: [INTERNATIONAL] International* O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/wind...?1202764506046 O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) - http://download.divx.com/player/DivXBrowserPlugin.cab O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://dl8-cdn-03.sun.com/s/ESD5/JSC...ws-i586-jc.cab O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv***** O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ***** O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv*****" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService***** O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs*****" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32***** O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA***** O23 - Service: StarWind AE Service (StarWindServiceAE) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindServiceAE***** Ostatnio edytowany przez kulkaa - 13-11-2008 o 20:47. |