Proszę o sprawdzenie loga


(M A G D A99) #1
Running processes: 

C:\WINDOWS\System32\smss.exe 

C:\WINDOWS\SYSTEM32\winlogon.exe 

C:\WINDOWS\system32\services.exe 

C:\WINDOWS\system32\lsass.exe 

C:\WINDOWS\system32\svchost.exe 

C:\WINDOWS\System32\svchost.exe 

C:\WINDOWS\system32\spoolsv.exe 

C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe 

C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe 

C:\WINDOWS\System32\svchost.exe 

C:\WINDOWS\explorer.exe 

C:\Program Files\Panda Software\Panda Antivirus Platinum\apvxdwin.exe 

C:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe 

C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 

C:\Program Files\HP\hpcoretech\hpcmpmgr.exe 

C:\WINDOWS\System32\ctfmon.exe 

C:\winstall.exe 

C:\Program Files\Gadu-Gadu\gg.exe 

C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 

C:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE 

C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe 

C:\Program Files\HP\hpcoretech\comp\hptskmgr.exe 

C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe 

C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe 

C:\Program Files\Internet Explorer\iexplore.exe 

C:\Program Files\WinRAR\WinRAR.exe 

C:\DOCUME~1\Madzia\USTAWI~1\Temp\Rar$EX01.248\HijackThis.exe 


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/ 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza 

F2 - REG:system.ini: Shell=explorer.exe "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" 

F3 - REG:win.ini: run=C:\WINDOWS\inet20003\services.exe 

O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\wsem303.dll (file missing) 

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx 

O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe 

O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20003\services.exe 

O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe 

O4 - HKLM\..\Run: [adtech2005] c:\windows\adtech2005.exe 

O4 - HKLM\..\Run: [SiSSoundMan] C:\WINDOWS\System32\SoundMan.exe 

O4 - HKLM\..\Run: [SiSSetCDfmt] C:\WINDOWS\System32\SetCDfmt.exe 

O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe 

O4 - HKLM\..\Run: [Generic Host Process for Win32 Services] C:\WINDOWS\System32\Drivers\svchost.exe 

O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe" 

O4 - HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe 

O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe 

O4 - HKLM\..\Run: [Hlevkr] C:\Program Files\Gfavua\Hetgck.exe 

O4 - HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe" 

O4 - HKLM\..\Run: [KonektorTP] "c:\program files\konektortp\konektortp.exe" tray 

O4 - HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe 

O4 - HKLM\..\Run: [SpIDerMail] "D:\spiderml.exe" 

O4 - HKLM\..\Run: [DrWebScheduler] "D:\drwebscd.exe" 

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s 

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe 

O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe 

O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe 

O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20003\services.exe 

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray 

O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized 

O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe 

O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe 

O4 - HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe" 

O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe 

O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe 

O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe 

O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE 

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll 

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll 

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll 

O10 - Unknown file in Winsock LSP: c:\windows\system32\drwebsp.dll 

O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://arcaonline.arcabit.com/ArcaOnline.cab 

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab 

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab 

O18 - Protocol: Festoon - (no CLSID) - (no file) 

O18 - Protocol: vskype - (no CLSID) - (no file) 

O20 - Winlogon Notify: policies - C:\WINDOWS\system32\kldcz2.dll (file missing) 

O21 - SSODL: SysTray.Exbr - {6368D1FC-6F5C-4f1b-B164-E67214F678E9} - C:\WINDOWS\System32\apglbpcn.dll (file missing) 

O21 - SSODL: SysTray.Exmr - {73F8D5FF-6F5C-4f5b-B964-E6F214F6F852} - C:\WINDOWS\System32\opncmkdf.dll (file missing) 

O23 - Service: Command Service (cmdService) - Unknown owner - C:\WINDOWS\TWFkemlh\command.exe (file missing) 

O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe 

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing) 

O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - C:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe

Złączono Posta : 03.03.2006 (Pią) 21:03

Czy nikt nie moze mi sprawdzic loga... ? Luuudzie. :shock:


(Igorenek) #2

Po pierwsze: logi zamieszczamy w dziale bezpieczeństwo

Po drugie: gdzie nagłówek? :twisted: