prosze o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 15:59:19, on 2005–11–23
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\pestpatrol\ppRemoteService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Anti–Spyware Blocker\Anti–Virus.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WLAN\WConfig\WConfig.exe
C:\Program Files\Anti–Spyware Blocker\Anti–Virus.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hitman Pro\hitmanpro2.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\sysclean.com
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\sysclean.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\VSCANTM.BIN
C:\Documents and Settings\Edyta\Pulpit\hijack\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 – HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender8\bdoesrv.exe"
O4 – HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: HP Image Zone – szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 – Global Startup: WConfig.lnk = ?
O9 – Extra button: (no name) – {2D663D1A–8670–49D9–A1A5–4C56B4E14E84} – (no file)
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1A781DED–C22D–4153–3213–A3211E29DF13} (GameDesire Card Games) – http://67.15.101.3/g_bin/pl/cards_2_0_0_65.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C1} (GameDesire Pool 8) – http://67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab
O20 – AppInit_DLLs: sockspy.dll sockspy.dll
O20 – Winlogon Notify: nuclabdll – nuclabdll.dll (file missing)
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: CA License Client (CA_LIC_CLNT) – Computer Associates International Inc. – C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 – Service: Event Log Watch (LogWatch) – Computer Associates – C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 – Service: PestPatrol Remote – Computer Associates International, Inc. – C:\Program Files\Common Files\pestpatrol\ppRemoteService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Webroot Spy Sweeper Engine (svcWRSSSDK) – Webroot Software, Inc. – C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
rozumiem źe dla kogos kto sie na tym zna jest nudne i monotonne sprawdzanie komuś loga ale okaźcie wiecej cierpliwości głupiej blondynce czy ktoś moźe mi wytłumaczyć jak tworzy sie plik naprawczy o którym jest mowa na stronie www.searchengines.pl/phpbb203/ind ex.php?showtopic=
Scan saved at 15:59:19, on 2005–11–23
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\Ati2evxx.exe
C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
C:\Program Files\Common Files\pestpatrol\ppRemoteService.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\System32\RunDll32.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdnagent.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Anti–Spyware Blocker\Anti–Virus.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\WLAN\WConfig\WConfig.exe
C:\Program Files\Anti–Spyware Blocker\Anti–Virus.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hitman Pro\hitmanpro2.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
c:\program files\softwin\bitdefender8\bdmcon.exe
C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\sysclean.com
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\sysclean.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\HP\Digital Imaging\bin\hpqgalry.exe
C:\DOCUME~1\Edyta\USTAWI~1\Temp\Sysclean\VSCANTM.BIN
C:\Documents and Settings\Edyta\Pulpit\hijack\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [HP Software Update] "C:\Program Files\HP\HP Software Update\HPWuSchd2.exe"
O4 – HKLM\..\Run: [HP Component Manager] "C:\Program Files\HP\hpcoretech\hpcmpmgr.exe"
O4 – HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender8\bdmcon.exe"
O4 – HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender8\bdoesrv.exe"
O4 – HKLM\..\Run: [BDNewsAgent] "C:\Program Files\Softwin\BitDefender8\bdnagent.exe"
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: HP Image Zone – szybkie uruchamianie.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O4 – Global Startup: WConfig.lnk = ?
O9 – Extra button: (no name) – {2D663D1A–8670–49D9–A1A5–4C56B4E14E84} – (no file)
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1A781DED–C22D–4153–3213–A3211E29DF13} (GameDesire Card Games) – http://67.15.101.3/g_bin/pl/cards_2_0_0_65.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C1} (GameDesire Pool 8) – http://67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab
O20 – AppInit_DLLs: sockspy.dll sockspy.dll
O20 – Winlogon Notify: nuclabdll – nuclabdll.dll (file missing)
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: CA License Client (CA_LIC_CLNT) – Computer Associates International Inc. – C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 – Service: Event Log Watch (LogWatch) – Computer Associates – C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 – Service: PestPatrol Remote – Computer Associates International, Inc. – C:\Program Files\Common Files\pestpatrol\ppRemoteService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Webroot Spy Sweeper Engine (svcWRSSSDK) – Webroot Software, Inc. – C:\Program Files\Webroot\Spy Sweeper\WRSSSDK.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
rozumiem źe dla kogos kto sie na tym zna jest nudne i monotonne sprawdzanie komuś loga ale okaźcie wiecej cierpliwości głupiej blondynce czy ktoś moźe mi wytłumaczyć jak tworzy sie plik naprawczy o którym jest mowa na stronie www.searchengines.pl/phpbb203/ind ex.php?showtopic=
Odpowiedzi: 1
http://forum.centrumxp.pl/viewtopic.php?t=37513
Strona 1 / 1