PROSBA o sprawdzenie loga


(Bartek107) #1

Dzieki z g贸ry dla zyczliwych za pomoc :slight_smile:

Logfile of HijackThis v1.99.1

Scan saved at 00:04:07, on 2005-05-10

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

G:\bhp\Avast\aswUpdSv.exe

G:\bhp\Avast\ashServ.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

G:\bhp\Avast\ashWebSv.exe

G:\bhp\Avast\ashMaiSv.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\System32\RunDll32.exe

G:\bhp\ZoneAlarm\zlclient.exe

G:\rozne ciekawe\keyboardEx 215\keyboardex_tray.exe

G:\bhp\Avast\ashDisp.exe

G:\bhp\WINPAT~1\winpatrol.exe

G:\Program Files\java\bin\jusched.exe

G:\komunikacja\Phone\Skype.exe

G:\komunikacja\gg\gg.exe

G:\internetowe\GetRight\getright.exe

G:\internetowe\GetRight\getright.exe

G:\bhp\hijack\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 艁膮cza

F2 - REG:system.ini: Shell=explorer.exe 

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - G:\internetowe\GetRight\xx2gr.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Zone Labs Client] "G:\bhp\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [KeyboardEx] G:\rozne ciekawe\keyboardEx 215\keyboardex_tray.exe

O4 - HKLM\..\Run: [avast!] G:\bhp\Avast\ashDisp.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [WinPatrol] g:\bhp\WINPAT~1\winpatrol.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\java\bin\jusched.exe

O4 - HKCU\..\Run: [Skype] "G:\komunikacja\Phone\Skype.exe" /

(Gutek) #2

To na pewno ca艂y LOG???

Usun hijackiem

Nie korzystatsz z netu???(dlaczego pytam bez zabezpiecze艅 SP nie za艂apa艂e艣 艣win艅stwa) 呕adnego antywirusa ani firewalla nie widz臋?


(Bartek107) #3

Przepraszam cosmusialemw trakcie kopiowania chrzanic traz juz pelny log, jeszcze raz duze tH zapomoc i uwage!

Logfile of HijackThis v1.99.1

Scan saved at 00:45:38, on 2005-05-10

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

G:\bhp\Avast\aswUpdSv.exe

G:\bhp\Avast\ashServ.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\system32\ZoneLabs\vsmon.exe

G:\bhp\Avast\ashWebSv.exe

G:\bhp\Avast\ashMaiSv.exe

C:\WINDOWS\explorer.exe

C:\WINDOWS\System32\RunDll32.exe

G:\bhp\ZoneAlarm\zlclient.exe

G:\rozne ciekawe\keyboardEx 215\keyboardex_tray.exe

G:\bhp\Avast\ashDisp.exe

G:\bhp\WINPAT~1\winpatrol.exe

G:\Program Files\java\bin\jusched.exe

G:\komunikacja\Phone\Skype.exe

G:\komunikacja\gg\gg.exe

G:\internetowe\GetRight\getright.exe

G:\internetowe\GetRight\getright.exe

C:\DOCUME~1\Bartek\USTAWI~1\Temp\update.tmp

G:\internetowe\Slimbrowser\sbrowser.exe

C:\Documents and Settings\Bartek\Ustawienia lokalne\Temp\Katalog tymczasowy 3 dla Spyware_Doctor_v3.0.0.288.zip\Spyware.Doctor.v3.0.0.288.WinALL.CRACKED-LUCiD\Crack\swdoctor.exe

G:\bhp\hijack\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 艁膮cza

F2 - REG:system.ini: Shell=explorer.exe 

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - G:\internetowe\GetRight\xx2gr.dll

O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - G:\bhp\SPYWAR~1\tools\iesdsg.dll

O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - G:\bhp\SPYWAR~1\tools\iesdpb.dll

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [Zone Labs Client] "G:\bhp\ZoneAlarm\zlclient.exe"

O4 - HKLM\..\Run: [KeyboardEx] G:\rozne ciekawe\keyboardEx 215\keyboardex_tray.exe

O4 - HKLM\..\Run: [avast!] G:\bhp\Avast\ashDisp.exe

O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe

O4 - HKLM\..\Run: [WinPatrol] g:\bhp\WINPAT~1\winpatrol.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] G:\Program Files\java\bin\jusched.exe

O4 - HKCU\..\Run: [Skype] "G:\komunikacja\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [Gadu-Gadu] "G:\komunikacja\gg\gg.exe" /tray

O4 - HKCU\..\Run: [Komunikator] G:\komunikacja\tlen\tlen.exe

O4 - HKCU\..\Run: [EdHTML] g:\program files\edHTML 5.0\EdHTML.exe /none

O4 - Global Startup: GetRight - Tray Icon.lnk = G:\internetowe\GetRight\getright.exe

O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Office\Office\OSA9.EXE

O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera - G:\internetowe\AvantBrowser\AddAllToADBlackList.htm

O8 - Extra context menu item: Dodaj do listy blokowanych reklam - G:\internetowe\AvantBrowser\AddToADBlackList.htm

O8 - Extra context menu item: Download with GetRight - G:\internetowe\GetRight\GRdownload.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://G:\PROGRA~1\Office\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - G:\internetowe\GetRight\GRbrowse.htm

O8 - Extra context menu item: Otw贸rz wszystkie adresy z tej strony... - G:\internetowe\AvantBrowser\OpenAllLinks.htm

O8 - Extra context menu item: Pod艣wietl - G:\internetowe\AvantBrowser\Highlight.htm

O8 - Extra context menu item: Szukaj - G:\internetowe\AvantBrowser\Search.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\java\bin\npjpi150_01.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - G:\Program Files\java\bin\npjpi150_01.dll

O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - G:\bhp\SPYWAR~1\tools\iesdpb.dll

O16 - DPF: {9B03C5F1-F5AB-47EE-937D-A8EDA626F876} (Anonymizer Anti-Spyware Scanner) - http://download.zonelabs.com/bin/promotions/spywaredetector/WebAAS.cab

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - G:\bhp\Avast\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - G:\bhp\Avast\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - G:\bhp\Avast\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - G:\bhp\Avast\ashWebSv.exe" /service (file missing)

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - C:\WINDOWS\system32\ZoneLabs\vsmon.exe

(Gutek) #4

LOG OK :stuck_out_tongue:


(boczi) #5

Log OK, z autostartu ( start -> uruchom -> msconfig ) mo偶esz odznaczy膰:

NeroCheck.exe - zb臋dny proces Nero,

jusched.exe - zb臋dny aktualizator javy.

Warto zainstalowa膰 SP2.