CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Proszę o pilne sprawdzenie loga z Hijackthis!!!!

Proszę o pilne sprawdzenie loga z Hijackthis!!!!

Niby wszystko jest OK, ale strasznie coś mi źre procesor!
A oto log:

Logfile of HijackThis v1.99.1
Scan saved at 16:42:54, on 2005–12–28
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\HP\HP Software Update\HPWuSchd.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
C:\Program Files\BearShare\BearShare.exe
C:\Program Files\Winamp\Winampa.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\taskmgr.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Paweł.PAWEL\Pulpit\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://searchbar.findthewebsiteyouneed.com
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchbar.findthewebsiteyouneed.com
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
F2 – REG:system.ini: Shell=
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd.exe"
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 – HKLM\..\Run: [SysMemory manager] c:\windows\system32\mdms.exe
O4 – HKLM\..\Run: [MouseDrv] C:\DOCUME~1\PAWE~1.PAW\USTAWI~1\Temp\link.txt
O4 – HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 – HKLM\..\Run: [LTMb62Y] C:\WINDOWS\duqygdvx.exe
O4 – HKLM\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKLM\..\Run: [] {5E2121EE–0300–11D4–8D3B–444553540000}
O4 – HKLM\..\Run: [c:\windows\system32\mdms.exe] c:\windows\system32\mdms.exe:*:Enabled:mdm_sysag
O4 – HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\Winampa.exe"
O4 – HKLM\..\Run: [timessquare] C:\windows\timessquare.exe
O4 – HKLM\..\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O4 – HKLM\..\Run: [adtech2006] C:\windows\adtech2006.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\RunServices: [microsft Updates] msupdate32.exe
O4 – HKLM\..\RunServices: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 – HKCU\..\Run: [SNInstall] C:\WINDOWS\tool2.exe
O4 – HKCU\..\Run: [MouseDrv] C:\DOCUME~1\PAWE~1.PAW\USTAWI~1\Temp\link.txt
O4 – HKCU\..\Run: [leeman] C:\WINDOWS\System32\leeman.exe
O4 – HKCU\..\Run: [Shell] "C:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O4 – HKCU\..\Run: [bxproxy] C:\WINDOWS\bxproxy.exe
O4 – HKCU\..\Run: [miqr] c:\stub_113_4_0_4_0.exe
O4 – HKCU\..\Run: [WhenUSave] "C:\Program Files\Save\Save.exe"
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} –
O17 – HKLM\System\CCS\Services\Tcpip\..\{6126C7B6–9DE2–4691–B830–F9F09784D61D}: NameServer = 194.204.152.34 217.98.63.164
O21 – SSODL: SystemCheck2 – {54645654–2225–4455–44A1–9F4543D34546} – C:\WINDOWS\System32\vbsys2.dll (file missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Trend NT Realtime Service (Tmntsrv) – Unknown owner – C:\Program Files\Trend Micro\PC–cillin 2000\Tmntsrv.exe (file missing)

Odpowiedzi: 1

Masz racje – niby. Pełno syfu się po systemie wala, przerzuć toto najpierw przez analizator: http://forum.centrumxp.pl/viewtopic.php?t=37513

Bobi

Dodano: 28.12.2005 19:40:11

zientmen

Dodano:: 28.12.2005 19:22:52
Komentarzy:: 1

Strona 1 / 1