CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo sprawdzenie loga

sprawdzenie loga

hej, mam problem moj komp ciagle sie wiesza, wyskakuja jakies przerozne bledy ( lacznie z niebieskim ekranem). Mozecie powiedziec mi czy cos tutaj jest nie tak (sprawdzilem automatem na http://www.hijackthis.de i nie bylo wlasciwie zadnych niepokojacych informacji):
Logfile of HijackThis v1.99.0
Scan saved at 13:03:52, on 2004–12–28
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:WINDOWSExplorer.EXE
D:WINDOWSsystem32spoolsv.exe
D:Program FilesAVPersonalAVGUARD.EXE
D:Program FilesAVPersonalAVWUPSRV.EXE
D:WINDOWSSystem32 vsvc32.exe
D:WINDOWSSOUNDMAN.EXE
D:Program FilesJavaj2re1.4.2_05injusched.exe
D:PROGRA~2A4TechMouseAmoumain.exe
D:WINDOWSPowerS.exe
D:Program FilesAVPersonalAVGNT.EXE
D:WINDOWSsystem32RUNDLL32.EXE
D:Program FilesWyvernWorksFirewall 2004Firewall 2004.exe
D:Program FilesGetRightGETRIGHT.EXE
D:WINDOWSsystem32 tvdm.exe
D:Program FilesInternet Exploreriexplore.exe
D:WINDOWSsystem32wuauclt.exe
M:Tempdo nagraniahijackthisHijackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – {CFBFAEA6–B9D4–11D0–9C78–00C04FD64497} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE D:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM..Run: [SunJavaUpdateSched] D:Program FilesJavaj2re1.4.2_05injusched.exe
O4 – HKLM..Run: [NeroCheck] D:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [WyvernWorks Firewall] D:Program FilesWyvernWorksFirewall 2004Firewall.exe
O4 – HKLM..Run: [WheelMouse] D:PROGRA~2A4TechMouseAmoumain.exe
O4 – HKLM..Run: [PowerS] D:WINDOWSPowerS.exe
O4 – HKLM..Run: [AVGCtrl] "D:Program FilesAVPersonalAVGNT.EXE" /min
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE D:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 – Startup: Firewall 2004.lnk = D:Program FilesWyvernWorksFirewall 2004Firewall 2004.exe
O8 – Extra context menu item: Download with GetRight – D:Program FilesGetRightGRdownload.htm
O8 – Extra context menu item: Open with GetRight Browser – D:Program FilesGetRightGRbrowse.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:WINDOWSSystem32msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:WINDOWSSystem32msjava.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – D:Program FilesMessengermsmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – D:Program FilesMessengermsmsgs.exe
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O10 – Unknown file in Winsock LSP: d:program fileswyvernworksfirewall 2004apptoport.dll
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1096288520738
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: AntiVir Service – H+BEDV Datentechnik GmbH – D:Program FilesAVPersonalAVGUARD.EXE
O23 – Service: AntiVir Update – H+BEDV Datentechnik GmbH, Germany – D:Program FilesAVPersonalAVWUPSRV.EXE
O23 – Service: NVIDIA Driver Helper Service – NVIDIA Corporation – D:WINDOWSSystem32 vsvc32.exe

Odpowiedzi: 6

heh lepiej na zimne dmuchać ;p ostatnio troche badziewia instalowałem + wiele antivirów testowałem i mogło coś zostać.Mimo wszystko dzięki :] Pozdrawiam.
Pawko
Dodano
28.12.2004 17:00:19
Widze ze Pawko stały bywalec o sprawdzenie logu zabiega :wink:
Czysto
Bobi
Dodano
28.12.2004 16:26:28
szkoda nowego tematu więc podłącze się tu.prosze o sprawdzenie loga

Logfile of HijackThis v1.97.7
Scan saved at 15:18:05, on 04–12–28
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESPANDA SOFTWAREPANDA ANTIVIRUS PLATINUMFIREWALLPAVFIRES.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESPANDA SOFTWAREPANDA ANTIVIRUS PLATINUMAPVXDWIN.EXE
C:WINDOWSRUNDLL32.EXE
C:PROGRAM FILESGADU–GADUGG.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESPANDA SOFTWAREPANDA ANTIVIRUS PLATINUMPAVPROXY.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
E:INSTALKIANTIVIRYHIJACKTHIS.EXE

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R1 – HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://www.eu.microsoft.com/poland/
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = 127.0.0.1
localhost
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRAM FILESFLASHGETJCCATCH.DLL
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSYSTEMMSDXM.OCX
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRAM FILESFLASHGETFGIEBAR.DLL
O4 – HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 – HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 – HKLM..Run: [internat.exe] internat.exe
O4 – HKLM..Run: [SystemTray] SysTray.Exe
O4 – HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM..Run: [SoundMan] soundman.exe
O4 – HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSYSTEMNvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [QuickTime Task] "C:WINDOWSSYSTEMQTTASK.EXE" –atboottime
O4 – HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 – HKLM..Run: [SCANINICIO] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumInicio.exe"
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumAPVXDWIN.EXE" /s
O4 – HKLM..RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM..RunServices: [SchedulingAgent] C:WINDOWSSYSTEMmstask.exe
O4 – HKLM..RunServices: [PANDASCHEDULER] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumPavsched.exe"
O4 – HKLM..RunServices: [PAVFIRES] C:Program FilesPanda SoftwarePanda Antivirus PlatinumFirewallPavFires.exe
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSYSTEMNVMCTRAY.DLL,NvTaskbarInit
O4 – HKCU..Run: [Gadu–Gadu] "C:PROGRAM FILESGADU–GADUGG.EXE" /tray
O4 – Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:PROGRAM FILESFLASHGETjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:PROGRAM FILESFLASHGETjc_all.htm
O9 – Extra button: Related (HKLM)
O9 – Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 – Extra button: FlashGet (HKLM)
O9 – Extra 'Tools' menuitem: &FlashGet (HKLM)
O14 – IERESET.INF: SEARCH_PAGE_URL=
O14 – IERESET.INF: START_PAGE_URL=
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C1} (GameDesire Pool 8) – http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab
O16 – DPF: komentator – http://sport.onet.pl/komentator.cab
O16 – DPF: {9085316E–42BA–11D4–BAA3–0080C8D7ED4A} (GameDesire JungleHunter) – http://67.15.101.3/g_bin/pl/hunter_2_0_0_16.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O16 – DPF: {18506D80–9B80–11D4–82C2–0080C8D7ED4A} (GameDesire Roulette) – http://67.15.101.3/g_bin/pl/roulette_2_0_0_15.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C4} (GameDesire Pool Training) – http://67.15.101.3/g_bin/pl/billardt_2_0_0_21.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O16 – DPF: {33564D57–0000–0010–8000–00AA00389B71} – http://download.microsoft.com/download/F/6/E/F6E491A6–77E1–4E20–9F5F–94901338C922/wmv9VCM.CAB

Pawko
Dodano
28.12.2004 16:20:10
Masz zeskanowac tym programem zznaczyć to co ci napisał przedmówca i kliknąć fix.
Dix
Dodano
28.12.2004 15:09:28
'Ptaszek' przy pozycji i >> fix checked

Spisz sygnatury bledow (na BSODach/'tych innych')
Bobi
Dodano
28.12.2004 15:00:23
wins:
Kosmetycznie tylko to

R3 – URLSearchHook: (no name) – {CFBFAEA6–B9D4–11D0–9C78–00C04FD64497} – (no file)


No dobra a moglbys mi tak dokladniej napisac co ja mam z tym zrobic? bo ja nie za bardzo kumam:(
grzechura
Dodano
28.12.2004 14:43:36
grzechura
Dodano:
28.12.2004 14:24:22
Komentarzy:
6
Strona 1 / 1