Log
Prosze o sprawdzenie loga. Moja siostra pod moja dluga nieobecnosc niezle namieszlala w kompie...
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\slssystem.exe
C:\WINDOWS\System32\mspatch32.exe
C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\winsvc.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Wapster\AQQ\AQQ.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\??pPatch\msdtc.exe
C:\WINDOWS\smss.exe
D:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\XemiComputers\Audio Notes Recorder\ANR.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb–7288971.exe
C:\Program Files\ICQLite\X_icq_4.14_build_1839_pl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Nowy folder (2)\Nowy folder\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [msoft–updater23] slssystem.exe
O4 – HKLM\..\Run: [WindowsUpdate] "C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\winsvc.exe"
O4 – HKLM\..\Run: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKLM\..\RunServices: [msoft–updater23] slssystem.exe
O4 – HKLM\..\RunServices: [MS–patch] mspatch32.exe
O4 – HKLM\..\RunOnce: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
O4 – HKCU\..\Run: [Wjxtnpwa] C:\WINDOWS\System32\??pPatch\msdtc.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [ANR] C:\Program Files\XemiComputers\Audio Notes Recorder\ANR.exe
O4 – HKCU\..\Run: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKCU\..\RunOnce: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – Startup: Spolszczenie – Auto Update.lnk = C:\Program Files\ICQLite\icq_4.14_build_1839_pl.exe
O4 – Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 – Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb–7288971.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: ICQ Lite – {B863453A–26C3–4e1f–A54D–A2CD196348E9} – C:\Program Files\ICQLite\ICQLite.exe
O9 – Extra 'Tools' menuitem: ICQ Lite – {B863453A–26C3–4e1f–A54D–A2CD196348E9} – C:\Program Files\ICQLite\ICQLite.exe
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: Kodak Camera Connection Software – Eastman Kodak Company – C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: ScsiAccess – Unknown – C:\WINDOWS\System32\ScsiAccess.EXE
O23 – Service: Sony SPTI Service – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\System32\ScsiAccess.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\slssystem.exe
C:\WINDOWS\System32\mspatch32.exe
C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\winsvc.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\PROGRA~1\Wapster\AQQ\AQQ.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\??pPatch\msdtc.exe
C:\WINDOWS\smss.exe
D:\Program Files\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\XemiComputers\Audio Notes Recorder\ANR.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb–7288971.exe
C:\Program Files\ICQLite\X_icq_4.14_build_1839_pl.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Nowy folder (2)\Nowy folder\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [msoft–updater23] slssystem.exe
O4 – HKLM\..\Run: [WindowsUpdate] "C:\DOCUME~1\Rodzinka\USTAWI~1\Temp\winsvc.exe"
O4 – HKLM\..\Run: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKLM\..\RunServices: [msoft–updater23] slssystem.exe
O4 – HKLM\..\RunServices: [MS–patch] mspatch32.exe
O4 – HKLM\..\RunOnce: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
O4 – HKCU\..\Run: [Wjxtnpwa] C:\WINDOWS\System32\??pPatch\msdtc.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [ANR] C:\Program Files\XemiComputers\Audio Notes Recorder\ANR.exe
O4 – HKCU\..\Run: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – HKCU\..\RunOnce: [ms_anti_spywarebxp] C:\WINDOWS\mwfibpx.exe
O4 – Startup: Spolszczenie – Auto Update.lnk = C:\Program Files\ICQLite\icq_4.14_build_1839_pl.exe
O4 – Global Startup: Kodak EasyShare software.lnk = C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 – Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\backWeb–7288971.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: ICQ Lite – {B863453A–26C3–4e1f–A54D–A2CD196348E9} – C:\Program Files\ICQLite\ICQLite.exe
O9 – Extra 'Tools' menuitem: ICQ Lite – {B863453A–26C3–4e1f–A54D–A2CD196348E9} – C:\Program Files\ICQLite\ICQLite.exe
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: Kodak Camera Connection Software – Eastman Kodak Company – C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: ScsiAccess – Unknown – C:\WINDOWS\System32\ScsiAccess.EXE
O23 – Service: Sony SPTI Service – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Odpowiedzi: 1
loga sprawdzisz tutaj http://forum.centrumxp.pl/viewtopic.php?t=37513
Strona 1 / 1