lukasz sz utworzono 7 listopada 2007 utworzono 7 listopada 2007 próbowałem ze spyboot`em sd - nic nie dało LOG Z HIJACK`A: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 09:51:29, on 2007-11-07 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe C:\WINDOWS\system32\nvsvc32.exe C:\Program Files\Analog Devices\Core\smax4pnp.exe C:\Program Files\VDOTool\TBPanel.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\Program Files\Winamp\winampa.exe C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe C:\Program Files\Gadu-Gadu\gg.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart\ctfmon.exe C:\WINDOWS\system32\aguamwju.exe C:\WINDOWS\system32\rundll32.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe C:\Program Files\Common Files\BestsellerAntivirus\ugcw.exe C:\Program Files\Common Files\BestsellerAntivirus\bm.exe C:\Program Files\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.i.com.ua/~video/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ixdkdjbs.dll O4 - HKLM\..\Run: [soundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray O4 - HKLM\..\Run: [JMB36X IDE Setup] C:\WINDOWS\JM\JMInsIDE.exe O4 - HKLM\..\Run: [JMB36X Configure] C:\WINDOWS\system32\JMRaidSetup.exe boot O4 - HKLM\..\Run: [soundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe O4 - HKLM\..\Run: [Gainward] C:\Program Files\VDOTool\TBPanel.exe /A O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe" O4 - HKLM\..\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM\..\Run: [GhostStartTrayApp] C:\Program Files\Symantec\Norton Ghost 2003\GhostStartTrayApp.exe O4 - HKLM\..\Run: [207563a8] rundll32.exe "C:\WINDOWS\system32\rcrkliec.dll",b O4 - HKLM\..\Run: [ugcw] "C:\PROGRA~1\COMMON~1\BESTSE~1\ugcw.exe" -start O4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\BestsellerAntivirus\bm.exe" dm=http://bestsellerantivirus.com; ad=http://bestsellerantivirus.com O4 - HKLM\..\Run: [NI.UGA6P_0001_N122M2210] "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\mofugclq.exe" O4 - HKLM\..\RunOnce: [spybot - Search & Destroy] "C:\Program Files\Spybot - Search & Destroy\SpybotSD.exe" /autocheck O4 - HKLM\..\RunOnce: [spybotDeletingA7599] command /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox" O4 - HKLM\..\RunOnce: [spybotDeletingC197] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox" O4 - HKLM\..\RunOnce: [spybotDeletingA5348] command /c del "C:\WINDOWS\system32\ixdkdjbs.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingC4869] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dll_old" O4 - HKLM\..\RunOnce: [spybotDeletingA9009] command /c del "C:\WINDOWS\system32\ixdkdjbs.dll" O4 - HKLM\..\RunOnce: [freinst] "C:\Program Files\BestsellerAntivirus\pgs.exe" /empty O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe O4 - HKCU\..\RunOnce: [spybotDeletingB9979] command /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox" O4 - HKCU\..\RunOnce: [spybotDeletingD863] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox" O4 - HKCU\..\RunOnce: [spybotDeletingD3980] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dll" O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA') O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM') O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user') O4 - Startup: ctfmon.exe O4 - Startup: PPS.lnk = C:\Program Files\PPStream\PPStream.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Device Detector 3.lnk = C:\Program Files\Olympus\DeviceDetector\DevDtct2.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - C:\Program Files\BitComet\tools\BitCometBHO_1.1.9.24.dll O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O23 - Service: GhostStartService - Symantec Corporation - C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\Win32\RpcDataSrv.exe O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite XIIc\RpcSandraSrv.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe -- End of file - 6850 bytes
andrzej2442 komentarz 7 listopada 2007 komentarz 7 listopada 2007 do usunięcia (za pomocą KILLBOXA ): C:\WINDOWS\system32\aguamwju.exeC:\Program Files\Common Files\BestsellerAntivirus\C:\WINDOWS\system32\ixdkdjbs.dll zfixuj w HJT: C:\WINDOWS\system32\aguamwju.exeC:\Program Files\Common Files\BestsellerAntivirus\ugcw.exeC:\Program Files\Common Files\BestsellerAntivirus\bm.exeO3 - Toolbar: Security Toolbar - {11A69AE4-FBED-4832-A2BF-45AF82825583} - C:\WINDOWS\system32\ixdkdjbs.dllO4 - HKLM\..\Run: [207563a8] rundll32.exe "C:\WINDOWS\system32\rcrkliec.dll",bO4 - HKLM\..\Run: [ugcw] "C:\PROGRA~1\COMMON~1\BESTSE~1\ugcw.exe" -startO4 - HKLM\..\Run: [salestart] "C:\Program Files\Common Files\BestsellerAntivirus\bm.exe" dm=http://bestsellerantivirus.com; ad=http://bestsellerantivirus.comO4 - HKLM\..\Run: [NI.UGA6P_0001_N122M2210] "C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\mofugclq.exe"O4 - HKLM\..\RunOnce: [spybotDeletingA7599] command /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox"O4 - HKLM\..\RunOnce: [spybotDeletingC197] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox"O4 - HKLM\..\RunOnce: [spybotDeletingA5348] command /c del "C:\WINDOWS\system32\ixdkdjbs.dll_old"O4 - HKLM\..\RunOnce: [spybotDeletingC4869] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dll_old"O4 - HKLM\..\RunOnce: [spybotDeletingA9009] command /c del "C:\WINDOWS\system32\ixdkdjbs.dll"O4 - HKLM\..\RunOnce: [freinst] "C:\Program Files\BestsellerAntivirus\pgs.exe" /emptyO4 - HKCU\..\RunOnce: [spybotDeletingB9979] command /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox"O4 - HKCU\..\RunOnce: [spybotDeletingD863] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dllbox"O4 - HKCU\..\RunOnce: [spybotDeletingD3980] cmd /c del "C:\WINDOWS\system32\ixdkdjbs.dll"
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.