prosze o sprawdzenie loga
prosze o sprawdzenie loga bo mam watpliwosci do jego "czystosci" :)
Logfile of HijackThis v1.99.1
Scan saved at 16:23:13, on 2006–02–11
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\explorer.exe
D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Program Files\Ahead\InCD\InCD.exe
D:\HP\HP Software Update\HPWuSchd.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Firebird\Firebird_1_5\Bin\fbguard.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\Bin\fbserver.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Gadu–Gadu\gg.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\FlashGet\flashget.exe
D:\DOCUME~1\GRZE~1\USTAWI~1\Temp\Rar$EX00.752\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gta.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
F2 – REG:system.ini: Shell=explorer.exe "D:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – D:\WINDOWS\nem220.dll (file missing)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – D:\PROGRA~1\FlashGet\jccatch.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SoundMan] soundman.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe"
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [Media Gateway] D:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 – HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe \RESET
O4 – HKLM\..\Run: [HP Software Update] "D:\HP\HP Software Update\HPWuSchd.exe"
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = D:\HP\Digital Imaging\bin\hpqtra08.exe
O8 – Extra context menu item: Download All by FlashGet – D:\PROGRA~1\FlashGet\jc_all.htm
O8 – Extra context menu item: Download using FlashGet – D:\PROGRA~1\FlashGet\jc_link.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – D:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – D:\WINDOWS\web\related.htm
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FlashGet\flashget.exe
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/180solutions/ie/bridge–c574.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Firebird Guardian – DefaultInstance (FirebirdGuardianDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\Bin\fbguard.exe
O23 – Service: Firebird Server – DefaultInstance (FirebirdServerDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\Bin\fbserver.exe
O23 – Service: InCD Helper (InCDsrv) – Nero AG – D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 16:23:13, on 2006–02–11
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Ahead\InCD\InCDsrv.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\explorer.exe
D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
D:\Program Files\Ahead\InCD\InCD.exe
D:\HP\HP Software Update\HPWuSchd.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Firebird\Firebird_1_5\Bin\fbguard.exe
D:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
C:\Program Files\Firebird\Firebird_1_5\Bin\fbserver.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Gadu–Gadu\gg.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\PROGRA~1\FlashGet\flashget.exe
D:\DOCUME~1\GRZE~1\USTAWI~1\Temp\Rar$EX00.752\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gta.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchbar.findthewebsiteyouneed.com
R0 – HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://searchbar.findthewebsiteyouneed.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
F2 – REG:system.ini: Shell=explorer.exe "D:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe"
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – D:\WINDOWS\nem220.dll (file missing)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – D:\PROGRA~1\FlashGet\jccatch.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SoundMan] soundman.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [RemoteControl] "D:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [InCD] D:\Program Files\Ahead\InCD\InCD.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [LGODDFU] "D:\Program Files\lg_fwupdate\fwupdate.exe"
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [Media Gateway] D:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 – HKLM\..\Run: [zzzHPSETUP] E:\Setup.exe \RESET
O4 – HKLM\..\Run: [HP Software Update] "D:\HP\HP Software Update\HPWuSchd.exe"
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: HP Digital Imaging Monitor.lnk = D:\HP\Digital Imaging\bin\hpqtra08.exe
O8 – Extra context menu item: Download All by FlashGet – D:\PROGRA~1\FlashGet\jc_all.htm
O8 – Extra context menu item: Download using FlashGet – D:\PROGRA~1\FlashGet\jc_link.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – D:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – D:\WINDOWS\web\related.htm
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FlashGet\flashget.exe
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/180solutions/ie/bridge–c574.cab
O16 – DPF: {B38870E4–7ECB–40DA–8C6A–595F0A5519FF} (MsnMessengerSetupDownloadControl Class) – http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "D:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: Firebird Guardian – DefaultInstance (FirebirdGuardianDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\Bin\fbguard.exe
O23 – Service: Firebird Server – DefaultInstance (FirebirdServerDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\Bin\fbserver.exe
O23 – Service: InCD Helper (InCDsrv) – Nero AG – D:\Program Files\Ahead\InCD\InCDsrv.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
Odpowiedzi: 2
Jest tego trochę – od F2, po R3 i Alexę. Specjalnie dalej się nie przypatrywałem, gdyź... istnieje temat, który wyjasnia jak sprawdzać logi Hijackthis. Autorstwa EL NINO w tym dziale. Zapoznaj się z nim.
Jest tego trochę – od F2, po R3 i Alexę. Specjalnie dalej się nie przypatrywałem, gdyź... istnieje temat, który wyjasnia jak sprawdzać logi Hijackthis. Autorstwa EL NINO w tym dziale. Zapoznaj się z nim.
Strona 1 / 1