prosze o sprawdzenie logow plisss:(((
"Logfile of HijackThis v1.99.0
Scan saved at 18:43:09, on 2005–05–08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\smas\USTAWI~1\Temp\Rar$EX00.906\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: BTTray.lnk = ?
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra button: Utwórz Ulubione dla urządzenia przenośnego – {2EAF5BB1–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: (no name) – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1112880977435
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {B1953AD6–C50E–11D3–B020–00A0C9251384} (O2C–Player (ELECO Software GmbH)) – http://www.o2c.de/download/o2cplayer.cab
O16 – DPF: {CAFEEFAC–0013–0001–0003–ABCDEFFEDCBA} –
O16 – DPF: {E23FABEE–12E3–33DA–DA12–195DAC123984} (GameDesire Mahjong) – http://67.15.101.3/g_bin/pl/mahjong_2_0_0_17.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C2} (GameDesire Pool 9) – http://67.15.101.3/g_bin/pl/billard9_2_0_0_22.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{00810D02–7AC6–4124–A8B1–A1549213A373}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CCS\Services\Tcpip\..\{3139D1ED–E610–44A9–B18C–120966948EE1}: NameServer = 194.204.159.1,194.204.152.34
O17 – HKLM\System\CS1\Services\Tcpip\..\{00810D02–7AC6–4124–A8B1–A1549213A373}: NameServer = 194.204.152.34 217.98.63.164
O18 – Protocol: widimg – {EE7C2AFF–5742–44FF–BD0E–E521B0D3C3BA} – C:\WINDOWS\System32\btxppanel.dll
O23 – Service: avast! iAVS4 Control Service – Unknown – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Bluetooth Service – Broadcom Corporation – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
O23 – Service: NVIDIA Display Driver Service – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe"
"Logfile of HijackThis v1.99.0
Scan saved at 19:14:07, on 2005–05–09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\BTTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\BILLIO~1\OPROGR~1\BTSTAC~1.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\sol.exe
D:\HijackThis.exe
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{D535C5CF–2AA7–405F–9948–E1D24294CC68}\SECURITY.EXE
O4 – Global Startup: BTTray.lnk = ?
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: Utwórz Ulubione dla urządzenia przenośnego – {2EAF5BB1–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: (no name) – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O18 – Protocol: widimg – {EE7C2AFF–5742–44FF–BD0E–E521B0D3C3BA} – C:\WINDOWS\System32\btxppanel.dll
O23 – Service: avast! iAVS4 Control Service – Unknown – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Bluetooth Service – Broadcom Corporation – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe"
Scan saved at 18:43:09, on 2005–05–08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\smas\USTAWI~1\Temp\Rar$EX00.906\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\WINDOWS\PCHEALTH\HELPCTR\System\panels\blank.htm
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_04\bin\jusched.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: BTTray.lnk = ?
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\WINDOWS\System32\msjava.dll
O9 – Extra button: Utwórz Ulubione dla urządzenia przenośnego – {2EAF5BB1–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: (no name) – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1112880977435
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {B1953AD6–C50E–11D3–B020–00A0C9251384} (O2C–Player (ELECO Software GmbH)) – http://www.o2c.de/download/o2cplayer.cab
O16 – DPF: {CAFEEFAC–0013–0001–0003–ABCDEFFEDCBA} –
O16 – DPF: {E23FABEE–12E3–33DA–DA12–195DAC123984} (GameDesire Mahjong) – http://67.15.101.3/g_bin/pl/mahjong_2_0_0_17.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C2} (GameDesire Pool 9) – http://67.15.101.3/g_bin/pl/billard9_2_0_0_22.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{00810D02–7AC6–4124–A8B1–A1549213A373}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CCS\Services\Tcpip\..\{3139D1ED–E610–44A9–B18C–120966948EE1}: NameServer = 194.204.159.1,194.204.152.34
O17 – HKLM\System\CS1\Services\Tcpip\..\{00810D02–7AC6–4124–A8B1–A1549213A373}: NameServer = 194.204.152.34 217.98.63.164
O18 – Protocol: widimg – {EE7C2AFF–5742–44FF–BD0E–E521B0D3C3BA} – C:\WINDOWS\System32\btxppanel.dll
O23 – Service: avast! iAVS4 Control Service – Unknown – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Bluetooth Service – Broadcom Corporation – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
O23 – Service: NVIDIA Display Driver Service – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe"
"Logfile of HijackThis v1.99.0
Scan saved at 19:14:07, on 2005–05–09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\BTTray.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\PROGRA~1\BILLIO~1\OPROGR~1\BTSTAC~1.EXE
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Winamp\winamp.exe
C:\WINDOWS\system32\sol.exe
D:\HijackThis.exe
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{D535C5CF–2AA7–405F–9948–E1D24294CC68}\SECURITY.EXE
O4 – Global Startup: BTTray.lnk = ?
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: Utwórz Ulubione dla urządzenia przenośnego – {2EAF5BB1–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: (no name) – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra 'Tools' menuitem: Utwórz Ulubione dla urządzenia przenośnego... – {2EAF5BB2–070F–11D3–9307–00C04FAE2D4F} – C:\Program Files\Microsoft ActiveSync\inetrepl.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O18 – Protocol: widimg – {EE7C2AFF–5742–44FF–BD0E–E521B0D3C3BA} – C:\WINDOWS\System32\btxppanel.dll
O23 – Service: avast! iAVS4 Control Service – Unknown – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Bluetooth Service – Broadcom Corporation – C:\Program Files\Billionton\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe"
Odpowiedzi: 1
W pierwszym usun:
W drugim:
O16 – DPF: {CAFEEFAC–0013–0001–0003–ABCDEFFEDCBA} –
W drugim:
O4 – HKLM\..\Run: [Disk Keeper] C:\WINDOWS\System32\Services\{D535C5CF–2AA7–405F–9948–E1D24294CC68}\SECURITY.EXE
Strona 1 / 1