Zawirusowany – prosze sprawdzić loga
Logfile of HijackThis v1.99.1
Scan saved at 19:29:27, on 2006–01–25
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\Program Files\ewido anti–malware\ewidoguard.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\program files\Interbase\bin\ibguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\program files\Interbase\bin\ibserver.exe
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Lavasoft\Ad–Aware SE Personal\Ad–Aware.exe
C:\Documents and Settings\dom\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 – HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk.disabled
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: ewido security suite control – ewido networks – C:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: ewido security suite guard – ewido networks – C:\Program Files\ewido anti–malware\ewidoguard.exe
O23 – Service: InterBase Guardian (InterBaseGuardian) – Inprise Corporation – C:\program files\Interbase\bin\ibguard.exe
O23 – Service: InterBase Server (InterBaseServer) – Inprise Corporation – C:\program files\Interbase\bin\ibserver.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
Jest duźy problem nie mogę się połączyć z neostradą bo zaraz wywala system. programy zabezpieczające albo nic nie znajdują albo znajdują zawsze coś nowego. Nie mogę ich ani zaktualizować ani włączyć skaner online. Nie wiem co mam robić – Pomocy[/list][/list]
Scan saved at 19:29:27, on 2006–01–25
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
d:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\Program Files\ewido anti–malware\ewidoguard.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\program files\Interbase\bin\ibguard.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\program files\Interbase\bin\ibserver.exe
C:\Program Files\Microsoft AntiSpyware\GIANTAntiSpywareMain.exe
d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
d:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\Lavasoft\Ad–Aware SE Personal\Ad–Aware.exe
C:\Documents and Settings\dom\Pulpit\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – D:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 – HKLM\..\Run: [avast!] d:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk.disabled
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – d:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – d:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: ewido security suite control – ewido networks – C:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: ewido security suite guard – ewido networks – C:\Program Files\ewido anti–malware\ewidoguard.exe
O23 – Service: InterBase Guardian (InterBaseGuardian) – Inprise Corporation – C:\program files\Interbase\bin\ibguard.exe
O23 – Service: InterBase Server (InterBaseServer) – Inprise Corporation – C:\program files\Interbase\bin\ibserver.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
Jest duźy problem nie mogę się połączyć z neostradą bo zaraz wywala system. programy zabezpieczające albo nic nie znajdują albo znajdują zawsze coś nowego. Nie mogę ich ani zaktualizować ani włączyć skaner online. Nie wiem co mam robić – Pomocy[/list][/list]
Odpowiedzi: 3
Co do neta to moze usunełeś sobie adresy serwerwerów DNS bo ich niewidze ale to neostrada moźe to to.
tu naprawde nic nie widac co mogło by powodować te problemy.
Daj jeszcze loga z Silent Runners tu masz info http://forum.centrumxp.pl/viewtopic.php?t=35349
Daj jeszcze loga z Silent Runners tu masz info http://forum.centrumxp.pl/viewtopic.php?t=35349
Jak dlanie lod jest czysty.
Czy uźywałes moźe wcześniej Hijack This???
Czy uźywałes moźe wcześniej Hijack This???