Ogłoszenie !

Zapraszamy na nasz kanał! IRC

dziwny incydent:<

Masz jakiś problem z wirusami na komputerze? Tutaj Ci pomożemy :)
Odpowiedz

dziwny incydent:<

Postprzez Czesuaf » 2009-12-27, 13:26

Dzisiaj mialem dziwny incydent, gram sobie , nagle wylacza mi tibie i firefoxa ok mysle jakis blad, potem wlaczam obydwa, wyskakuje "VIRUS FOUND" "VIRUS FOUND" takie 4 okienka, zazwyczaj wyskakuje okienko AVG a to taki pusty error... no ok mysle what the fuck, po czym cos mi blokuje myszke i probuje wylaczyc tibie... (nie da sie jej wylaczyc bo trzeba pierw logout) ... Czy to moze byc jakis keylogger czy cos w tym stylu co chce mi uwalić konto? Tyle ze nigdy nie wchodzilem na tym kompie na strony z bottami, kasą itp....



ahh dodam ze wylaczylem jakis proces httpd ktory byl 2 razy ale to chyba blednie bo to od localhost serva jest


log:
Kod: Zaznacz cały
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:23:56, on 2009-12-27
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Creative\Shared Files\CTAudSvc.exe
C:\Program Files\Google\Update\1.2.183.13\GoogleCrashHandler.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ATKKBService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\system32\dlg.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\AppServ\MySQL\bin\mysqld-nt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\AVG\AVG8\avgcsrvx.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\Program Files\Analog Devices\Core\smax4pnp.exe
C:\Program Files\Analog Devices\SoundMAX\Smax4.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\fpplock.exe
C:\Program Files\WinFax\winfax.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe
C:\Program Files\Labtec\WebCam10\WebCam10.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Vista Drive Icon\DrvIcon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\LClock\lclock.exe
C:\Program Files\Common Files\LogiShrd\LComMgr\LVComSX.exe
C:\Program Files\Wakoopa\Wakoopa.exe
C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
C:\WINDOWS\system32\Cerberus\windows.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Your Product\cftmonaa.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Java\jre6\bin\jucheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Tibia\Tibia.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - (no file)
O2 - BHO: (no name) - {2B0B59B4-55A3-4737-9FD5-B93C6430BF75} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll (file missing)
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll (file missing)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL
O2 - BHO: (no name) - {729730BD-FFB9-4E4F-9FF1-C54F572A2A7F} - (no file)
O2 - BHO: (no name) - {8DCC7C66-522C-4C96-8FD1-7542885A2D29} - (no file)
O2 - BHO: Easy Gif Animator Toolbar Helper - {96372AB6-15EB-4316-B497-71C741BC548C} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
O2 - BHO: (no name) - {B0CB1A5B-404C-4C49-9B8A-8DA627EBE067} - (no file)
O2 - BHO: (no name) - {B3ADDB7B-3DF5-4672-82DD-775FFF180134} - (no file)
O2 - BHO: (no name) - {B8B8A778-7DDC-44D3-983A-7C3CE40AC120} - (no file)
O2 - BHO: MegaIEMn - {bf00e119-21a3-4fd1-b178-3b8537e75c92} - (no file)
O2 - BHO: Google Dictionary Compression sdch - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: (no name) - {CAF38D4E-239D-4493-8C1A-65F432DD6D5A} - (no file)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: Google Gears Helper - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: (no name) - {F50B3F5E-856E-4757-9BB1-B35D46CA7719} - (no file)
O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\Czesuaf\Dane aplikacji\Nowe Gadu-Gadu\_userdata\ggbho.1.dll
O3 - Toolbar: (no name) - {9FB3908C-6565-4CB0-95F8-E9F85258723C} - (no file)
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - (no file)
O3 - Toolbar: Easy Gif Animator Toolbar - {35065594-9169-4A34-B167-FC4865038E53} - C:\Program Files\Easy Gif Animator Extension\v3.3.0.1\EasyGifAnimator_Toolbar.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\Core\smax4pnp.exe
O4 - HKLM\..\Run: [SoundMAX] "C:\Program Files\Analog Devices\SoundMAX\Smax4.exe" /tray
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [Warning: do not remove it!] fpplock.exe
O4 - HKLM\..\Run: [winfax] C:\Program Files\WinFax\winfax.exe
O4 - HKLM\..\Run: [LogitechCommunicationsManager] "C:\Program Files\Common Files\LogiShrd\LComMgr\Communications_Helper.exe"
O4 - HKLM\..\Run: [LogitechQuickCamRibbon] "C:\Program Files\Labtec\WebCam10\WebCam10.exe" /hide
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 - HKLM\..\Run: [LogonStudio] "C:\Program Files\WinCustomize\LogonStudio\logonstudio.exe" /RANDOM
O4 - HKLM\..\Run: [DrvIcon] C:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM\..\Run: [vilaunch] C:\WINDOWS\system32\vilaunch.exe
O4 - HKLM\..\Run: [kQyGYRxF] C:\WINDOWS\system32\1P322.exe
O4 - HKLM\..\Run: [l0ekMwu07F] C:\WINDOWS\system32\5DZnx.exe
O4 - HKLM\..\Run: [winsys32] C:\WINDOWS\system32\winsys32\winsys32.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [LClock] C:\Program Files\LClock\lclock.exe
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [NBJ] "C:\Program Files\Ahead\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Google Update] "C:\Documents and Settings\Czesuaf\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [Monopod] C:\DOCUME~1\Czesuaf\USTAWI~1\Temp\b.exe
O4 - HKCU\..\Run: [Wakoopa] C:\Program Files\Wakoopa\Wakoopa.exe
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\WapSter\WAPSTE~1\AQQ.exe
O4 - HKCU\..\Run: [7ihKv1QxOhsDx] C:\WINDOWS\system32\1P322.exe
O4 - HKCU\..\Run: [zB5qHr] C:\WINDOWS\system32\5DZnx.exe
O4 - HKCU\..\Run: [winsys32] C:\WINDOWS\system32\winsys32\winsys32.exe
O4 - HKLM\..\Policies\Explorer\Run: [winsys32] C:\WINDOWS\system32\winsys32\winsys32.exe
O4 - HKCU\..\Policies\Explorer\Run: [winsys32] C:\WINDOWS\system32\winsys32\winsys32.exe
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: cftmonaa.lnk = C:\Program Files\Your Product\cftmonaa.exe
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &D&ownload &with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: &D&ownload all video with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: &D&ownload all with BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: &Download All by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bhoall.htm
O8 - Extra context menu item: &Download by FlashGet - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\Bholink.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra 'Tools' menuitem: Ustawienia wtyczki &Gears - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.33.0\gears.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4723200F-7E63-423B-8FE3-6969DCEDC2D0} (EcodInitializerControl.EcodInitCtl) - https://www.ecod.pl/webapp/EcodInit.cab
O16 - DPF: {56762DEC-6B0D-4AB4-A8AD-989993B5D08B} - http://www.eset.eu/buxus/docs/OnlineScanner.cab
O16 - DPF: {A7E929B7-AE94-4C38-9BD2-FF77237BCA97} (ECODFakturaCtl.ECODFaktura) - https://www.ecod.pl/webapp/ecodfaktura.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll
O20 - Winlogon Notify: jkkiige - jkkiige.dll (file missing)
O20 - Winlogon Notify: opnmLdEu - opnmLdEu.dll (file missing)
O23 - Service: Ad-Aware 2007 Service (aawservice) - Unknown owner - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe (file missing)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache2.2 - Apache Software Foundation - C:\AppServ\Apache2.2\bin\httpd.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Capture Device Service - InterVideo Inc. - C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files\Creative\Shared Files\CTAudSvc.exe
O23 - Service: dlgx1 - Unknown owner - C:\WINDOWS\system32\dlg.exe
O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic133.exe (file missing)
O23 - Service: Usługa Google Update (gupdate1c99763143ff6a4) (gupdate1c99763143ff6a4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: LVSrvLauncher - Labtec Inc. - C:\Program Files\Common Files\LogiShrd\SrvLnch\SrvLnch.exe
O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS\system32\GameMon.des.exe (file missing)
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32\PAStiSvc.exe
O23 - Service: Klient śledzenia łączy rozproszonych TrkWksJavaQuickStarterService (TrkWksJavaQuickStarterService) - Unknown owner - C:\WINDOWS\system32\adsnts.exe (file missing)
O24 - Desktop Component 1: (no name) - http://gblack.org/

--
End of file - 15258 bytes
Avatar użytkownika
Czesuaf
GoldUser!
GoldUser!
 
Posty: 2523
Dołączył(a): 2007-02-26, 19:34
Lokalizacja: index.php
Pochwały: 14
Gadu-Gadu: 5863676
Skype: czesuaf0
Góra

dziwny incydent:<

Postprzez Nataniel » 2009-12-27, 14:56

Tyle ze nigdy nie wchodzilem na tym kompie na strony z bottami, kasą itp....

Ostatnio modne jest przenoszenie wirusów na pendrivie (autorun), co prawda vista i 7 są już na to odporne, ale XP jeśli sam nie zadbasz to nie.
  ▲
▲ ▲
Avatar użytkownika
Nataniel
SuperUser
SuperUser
 
Posty: 1759
Dołączył(a): 2007-02-19, 16:34
Pochwały: 27
Góra

dziwny incydent:<

Postprzez sкошяoла » 2009-12-27, 15:23

ładnie syfu masz
C:\Program Files\WinFax\winfax.exe
C:\WINDOWS\system32\Cerberus\windows.exe
C:\Program Files\Your Product\cftmonaa.exe
O2 - BHO: Media Holding Enterprises, LLC - {0D39A900-0F3A-4C29-A254-3E65244FDC34} - (no file)
O2 - BHO: flashget2 urlcatch - {1F364306-AA45-47B5-9F9D-39A8B94E7EF1} - C:\Program Files\FlashGet Network\FlashGet universal\ComDlls\bhoCATCH.dll (file missing)
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - (no file)
O2 - BHO: (no name) - {2B0B59B4-55A3-4737-9FD5-B93C6430BF75} - (no file)
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.2.8.7.dll (file missing)
O2 - BHO: XML module - {500BCA15-57A7-4eaf-8143-8C619470B13D} - C:\WINDOWS\system32\msxml71.dll (file missing)
O2 - BHO: (no name) - {729730BD-FFB9-4E4F-9FF1-C54F572A2A7F} - (no file)
O2 - BHO: (no name) - {8DCC7C66-522C-4C96-8FD1-7542885A2D29} - (no file)
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll (file missing)
O4 - HKLM\..\Run: [winsys32] C:\WINDOWS\system32\winsys32\winsys32.exe
O4 - HKCU\..\Run: [Monopod] C:\DOCUME~1\Czesuaf\USTAWI~1\Temp\b.exe
O23 - Service: Findbasic Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\Findbasic\findbasic133.exe (file missing)
O23 - Service: Us&#322;uga Google Update (gupdate1c99763143ff6a4) (gupdate1c99763143ff6a4) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
Analyzerdetails
O24 - Desktop Component 1: (no name) - http://gblack.org/


Podane wpisy usuń według instrukcji viewtopic.php?f=35&t=133 pogrubione usuwasz ręcznie z dysku w trybie awaryjnym


Potem nowy log z OTL: http://oldtimer.geekstogo.com/OTL.exe
Po ściągnięci zaznaczasz haczykiem opcje USE COMPANY NAME WHITELIST klikasz run scan i dajesz go tutaj
I co teraz zrobisz? Spuścisz psy? Albo pszczoły? Albo psy z pszczołami w ustach, tak że kiedy szczekają, strzelają nimi w ciebie?
Avatar użytkownika
sкошяoла
Moderator
Moderator
 
Posty: 2077
Dołączył(a): 2006-12-13, 16:09
Lokalizacja: Gniezno
Pochwały: 47
Góra

dziwny incydent:<

Postprzez Czesuaf » 2009-12-27, 20:07

ok zrobione, dzieki. Mam nadzieje ze to nie byl hack ; p
Avatar użytkownika
Czesuaf
GoldUser!
GoldUser!
 
Posty: 2523
Dołączył(a): 2007-02-26, 19:34
Lokalizacja: index.php
Pochwały: 14
Gadu-Gadu: 5863676
Skype: czesuaf0
Góra

dziwny incydent:<

Postprzez sкошяoла » 2009-12-27, 20:10

Czesuaf napisał(a):ok zrobione, dzieki. Mam nadzieje ze to nie byl hack ; p

daj logi jeszcze z
sкошяoла napisał(a):Potem nowy log z OTL: http://oldtimer.geekstogo.com/OTL.exe
Po ściągnięci zaznaczasz haczykiem opcje USE COMPANY NAME WHITELIST klikasz run scan i dajesz go tutaj
I co teraz zrobisz? Spuścisz psy? Albo pszczoły? Albo psy z pszczołami w ustach, tak że kiedy szczekają, strzelają nimi w ciebie?
Avatar użytkownika
sкошяoла
Moderator
Moderator
 
Posty: 2077
Dołączył(a): 2006-12-13, 16:09
Lokalizacja: Gniezno
Pochwały: 47
Góra

dziwny incydent:<

Postprzez Czesuaf » 2009-12-27, 20:39

usunalem tyle ile zdolalem bo niektorych nie bylo huh, a tego z google wolalem nie usuwac ; p

lap
http://www.elczesuaf.pl/OTL.txt
bylo za dlugie zeby dac do tematu
Avatar użytkownika
Czesuaf
GoldUser!
GoldUser!
 
Posty: 2523
Dołączył(a): 2007-02-26, 19:34
Lokalizacja: index.php
Pochwały: 14
Gadu-Gadu: 5863676
Skype: czesuaf0
Góra
Odpowiedz

Powrót do Logi HijackThis

Kto przegląda forum

Użytkownicy przeglądający ten dział: Brak zalogowanych użytkowników i 1 gość

Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
Nasze serwisy internetowe Programy i gry do pobrania