prosze o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 12:49:08, on 2005–07–22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
E:\program files\Gadu–Gadu\Gadu–Gadu\gg.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
D:\WINDOWS\System32\wuauclt.exe
E:\software\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tlen.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.100:3128
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – e:\program files\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – d:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – d:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [MsgCenterExe] "D:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" –osboot
O4 – HKLM\..\Run: [WinampAgent] E:\program files\Winamp\winampa.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\program files\Gadu–Gadu\Gadu–Gadu\gg.exe" /tray
O8 – Extra context menu item: &Google Search – res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://d:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://d:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://d:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – D:\Program Files\IrfanView\Ebay\Ebay.htm
O12 – Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
Scan saved at 12:49:08, on 2005–07–22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\SYSTEM32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE
E:\program files\Gadu–Gadu\Gadu–Gadu\gg.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe
D:\WINDOWS\System32\wuauclt.exe
E:\software\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.tlen.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.1.100:3128
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – e:\program files\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – d:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – d:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [MsgCenterExe] "D:\Program Files\Common Files\Real\Update_OB\RealOneMessageCenter.exe" –osboot
O4 – HKLM\..\Run: [WinampAgent] E:\program files\Winamp\winampa.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\program files\Gadu–Gadu\Gadu–Gadu\gg.exe" /tray
O8 – Extra context menu item: &Google Search – res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://d:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://d:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://d:\program files\google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – D:\Program Files\IrfanView\Ebay\Ebay.htm
O12 – Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Panda Process Protection Service (PavPrSrv) – Panda Software – D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Panda anti–virus service (PAVSRV) – Panda Software – D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe
O23 – Service: Panda IManager Service (PSIMSVC) – Panda Software Internacional – D:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe
Odpowiedzi: 1
Jeśli proxy sam ustawialeś to w logu nie ma niczego podejrzanego.
Nie wiem natomist dlaczego tego loga wstawiasz, jeśli cos sie dzieje to wyadałoby to zaznaczyć, domyślac się nie będę.
Jeśli tylko profilaktycznie to trzeba o tym na samiuśkim początku napisać.
Nie wiem natomist dlaczego tego loga wstawiasz, jeśli cos sie dzieje to wyadałoby to zaznaczyć, domyślac się nie będę.
Jeśli tylko profilaktycznie to trzeba o tym na samiuśkim początku napisać.
Strona 1 / 1