CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Prośba o sprawdzenie loga

Prośba o sprawdzenie loga

Logfile of HijackThis v1.97.7
Scan saved at 18:35:58, on 2004–12–02
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesSymantecLiveUpdateALUNOTIFY.EXE
C:Program FilesJavaj2re1.4.2_06injusched.exe
C:Program FilesKalendarz XPKalendarz.exe
C:Program FilesInternet Exploreriexplore.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSsystem32wscntfy.exe
C:Documents and SettingsTomaszPulpitHijackThis.exe
C:WINDOWSsystem32NOTEPAD.EXE

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = proxy.satfilm.net.pl:8080
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [ALUAlert] C:Program FilesSymantecLiveUpdateALUNOTIFY.EXE
O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_06injusched.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:Program FilesGadu–Gadugg.exe" /tray
O4 – HKCU..Run: [Komunikator] C:Program FilesTlen.pl len.exe
O4 – Global Startup: Kalendarz XP.lnk = C:Program FilesKalendarz XPStart.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 – Extra button: Messenger (HKLM)
O9 – Extra 'Tools' menuitem: Windows Messenger (HKLM)

Odpowiedzi: 4

O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_01injusched.exe

To mozesz spokojnie wylaczyc i usunac RUN'a, to autoupdate Sun Javy
Panel sterowania >> Java Plug–in >> Update >> odptasz :arrow: Check for updates automatically
Bobi
Dodano
03.12.2004 16:05:44
Log ok
wins
Dodano
03.12.2004 02:55:42
Żeby nie zakładać nowego tematu, dołączam się do prośby przedmówcy.
Coś mi za duźo tam się wydaje róznych rzeczy, ale proszę mądrzejszych o radę :)

Logfile of HijackThis v1.97.7
Scan saved at 23:35:04, on 2004–12–02
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesJavaj2re1.4.2_01injusched.exe
C:PROGRA~1A4TechMouseAmoumain.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumAPVXDWIN.EXE
C:WINDOWSSystem32RunDll32.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumFirewallPavFires.exe
C:Program FilesPanda SoftwarePanda Antivirus Platinumpavsrv51.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumAVENGINE.EXE
C:Program FilesPanda SoftwarePanda Antivirus PlatinumpavProxy.exe
C:WINDOWSexplorer.exe
D:Gadu–Gadugg.exe
C:DOCUME~1X–MenUSTAWI~1Tempupdate.tmp
C:WINDOWSsystem32 undll32.exe
C:WINDOWSSystem32dwwin.exe
C:WINDOWSSystem32 undll32.exe
C:WINDOWSSystem32RUNDLL32.EXE
C:Program FilesOpera7Opera.exe
G:hijackthis1977HijackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_01injusched.exe
O4 – HKLM..Run: [WheelMouse] C:PROGRA~1A4TechMouseAmoumain.exe
O4 – HKLM..Run: [SCANINICIO] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumInicio.exe"
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumAPVXDWIN.EXE" /s
O4 – HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – HKCU..Run: [Gadu–Gadu] "D:Gadu–Gadugg.exe" /tray
O4 – HKCU..Run: [NVIEW] rundll32.exe nview.dll,nViewLoadHook
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O17 – HKLMSystemCCSServicesTcpip..{3BA413F9–A312–450E–AB07–181031AE6F44}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLMSystemCS1ServicesTcpip..{3BA413F9–A312–450E–AB07–181031AE6F44}: NameServer = 194.204.152.34 217.98.63.164


Mam podejrzenia co do:

O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_01injusched.exe

O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)

Z góry thx :)
Marycha
Dodano
03.12.2004 00:38:08
Log w porzadku
wins
Dodano
02.12.2004 20:13:56
mariusz25l
Dodano:
02.12.2004 19:38:21
Komentarzy:
4
Strona 1 / 1