Prosze o sprawdzenie loga


(Way) #1

Prosze o spr.nie jestem pewny czy wszystko jest dobrze.

Logfile of HijackThis v1.99.1

Scan saved at 09:29:15, on 2005-04-06

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

D:\kaza\aswUpdSv.exe

D:\kaza\ashServ.exe

D:\kaza\ashDisp.exe

C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe

C:\WINDOWS\System32\ctfmon.exe

C:\WINDOWS\system32\RAMASST.exe

C:\WINDOWS\System32\DVDRAMSV.exe

C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

D:\kaza\ashWebSv.exe

D:\kaza\ashMaiSv.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\marcin\Pulpit\Hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

O2 - BHO: AddressBar Class - {1474CE44-8057-4AE3-8F3E-ED37C7C63D8A} - C:\WINDOWS\system32\iasad.dll

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM..\Run: [avast!] D:\kaza\ashDisp.exe

O4 - HKLM..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM..\Run: [eydexxiplzmw] C:\WINDOWS\System32\vtvpzn.exe

O4 - HKLM..\Run: [system Terminal] \SYSTEM32\XXCZI.EXE

O4 - HKLM..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad-Aware SE Professional\Ad-Watch.exe"

O4 - HKLM..\Run: [Microsoft Update] msconfg.exe

O4 - HKLM..\Run: [sysTime] C:\WINDOWS\System32\systime.exe

O4 - HKLM..\Run: [Zone Labs Client] "C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe"

O4 - HKLM..\RunServices: [Microsoft Update] msconfg.exe

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU..\Run: [sods] C:\Documents and Settings\marcin\Dane aplikacji\rtsi.exe

O4 - HKCU..\Run: [iqawried] C:\WINDOWS\System32\r?ndll32.exe

O4 - HKCU..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU..\Run: [Microsoft Update] msconfg.exe

O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - Global Startup: RAMASST.lnk = C:\WINDOWS\system32\RAMASST.exe

O4 - Global Startup: Microsoft Office.lnk = D:\word\Office10\OSA.EXE

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\kaza\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - D:\kaza\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - D:\kaza\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - D:\kaza\ashWebSv.exe" /service (file missing)

O23 - Service: DVD-RAM_Service - Matsushita Electric Industrial Co., Ltd. - C:\WINDOWS\System32\DVDRAMSV.exe

O23 - Service: Event Log Watch (LogWatch) - Computer Associates - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe

O23 - Service: Power Manager (PowerManager) - Unknown owner - C:\WINDOWS\svchost.exe (file missing)


(Kuz5) #2

Usuń w trybie awaryjnym i wyłączonym przywracaniem systemu:

O2 - BHO: AddressBar Class - {1474CE44-8057-4AE3-8F3E-ED37C7C63D8A} - C:\WINDOWS\system32\iasad.dll

O4 - HKLM..\Run: [Microsoft Update] msconfg.exe

O4 - HKLM..\Run: [sysTime] C:\WINDOWS\System32\systime.exe

O4 - HKLM..\RunServices: [Microsoft Update] msconfg.exe

O4 - HKCU..\Run: [Microsoft Update] msconfg.exe

O4 - HKCU..\Run: [sods] C:\Documents and Settings\marcin\Dane aplikacji\rtsi.exe

O4 - HKCU..\Run: [iqawried] C:\WINDOWS\System32\r?ndll32.exe

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM..\Run: [eydexxiplzmw] C:\WINDOWS\System32\vtvpzn.exe

O4 - HKLM..\Run: [system Terminal] \SYSTEM32\XXCZI.EXE

Plik na czerwono usuń ręcznie z dysku.