Dodaj do ulubionych

Prosze o sprawdzenie Loga

22.03.05, 12:02
Logfile of HijackThis v1.99.1
Scan saved at 12:01:24, on 2005-03-22
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ntddetect.exe
C:\WINDOWS\System32\Gvi.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wuauclt.exe
G:\uruchom.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\HijackThis\HijackThis.exe

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no
file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1
\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
O4 - HKLM\..\Run: [Klg] C:\WINDOWS\System32\Gvi.exe
O4 - HKLM\..\Run: [Ikl] C:\WINDOWS\Bel.exe
O4 - HKLM\..\Run: [Set] C:\WINDOWS\System32\Pha.exe
O4 - HKLM\..\Run: [Lim] C:\WINDOWS\Ime.exe
O4 - HKLM\..\Run: [Thg] C:\WINDOWS\System32\Otb.exe
O4 - HKLM\..\Run: [Tnd] C:\WINDOWS\System32\Anp.exe
O4 - HKLM\..\Run: [Prl] C:\WINDOWS\System32\Cfa.exe
O4 - HKLM\..\Run: [Beq] C:\WINDOWS\Qhn.exe
O4 - HKLM\..\Run: [Jjo] C:\WINDOWS\System32\Jdq.exe
O4 - HKLM\..\Run: [Pnv] C:\WINDOWS\Kja.exe
O4 - HKLM\..\RunServices: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
O4 - HKCU\..\Run: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
O4 - HKCU\..\Run: [Klg] C:\WINDOWS\System32\Gvi.exe
O4 - HKCU\..\Run: [Ikl] C:\WINDOWS\Bel.exe
O4 - HKCU\..\Run: [Set] C:\WINDOWS\System32\Pha.exe
O4 - HKCU\..\Run: [Lim] C:\WINDOWS\Ime.exe
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search &
Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [Thg] C:\WINDOWS\System32\Otb.exe
O4 - HKCU\..\Run: [Tnd] C:\WINDOWS\System32\Anp.exe
O4 - HKCU\..\Run: [Prl] C:\WINDOWS\System32\Cfa.exe
O4 - HKCU\..\Run: [Beq] C:\WINDOWS\Qhn.exe
O4 - HKCU\..\Run: [Jjo] C:\WINDOWS\System32\Jdq.exe
O4 - HKCU\..\Run: [Pnv] C:\WINDOWS\Kja.exe
O4 - Global Startup: Action Manager 32.lnk = C:\Program
Files\ScannerU\AM32.exe
O15 - Trusted Zone: *.iframedollars.biz (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted IP range: 213.159.117.202
O20 - Winlogon Notify: draw32 - draw32.dll (file missing)
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: InCD File System Service (InCDsrv) - Unknown owner -
C:\Program Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec
Corporation - C:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) -
Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe
Obserwuj wątek
    • sopel90 Re: Prosze o sprawdzenie Loga 22.03.05, 12:14
      Mam problem z czerwono-czarną tapetą z napisem Danger: spyware. Nie działa mi
      także prawy przecisk myszy co jest utrudnieniem(działa tylko w menu start).
      Prosze o pomoc w pozbyciu się tej tapety i w uaktywnieniu prawego przycisku
      myszy.
    • Gość: Kolobos Re: Prosze o sprawdzenie Loga IP: *.warszawa.sdi.tpnet.pl 22.03.05, 15:23
      Usun te wpisy:

      > R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - (no
      > file)
      > O4 - HKLM\..\Run: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
      > O4 - HKLM\..\Run: [Klg] C:\WINDOWS\System32\Gvi.exe
      > O4 - HKLM\..\Run: [Ikl] C:\WINDOWS\Bel.exe
      > O4 - HKLM\..\Run: [Set] C:\WINDOWS\System32\Pha.exe
      > O4 - HKLM\..\Run: [Lim] C:\WINDOWS\Ime.exe
      > O4 - HKLM\..\Run: [Thg] C:\WINDOWS\System32\Otb.exe
      > O4 - HKLM\..\Run: [Tnd] C:\WINDOWS\System32\Anp.exe
      > O4 - HKLM\..\Run: [Prl] C:\WINDOWS\System32\Cfa.exe
      > O4 - HKLM\..\Run: [Beq] C:\WINDOWS\Qhn.exe
      > O4 - HKLM\..\Run: [Jjo] C:\WINDOWS\System32\Jdq.exe
      > O4 - HKLM\..\Run: [Pnv] C:\WINDOWS\Kja.exe
      > O4 - HKLM\..\RunServices: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
      > O4 - HKCU\..\Run: [ntddetect] C:\WINDOWS\System32\ntddetect.exe
      > O4 - HKCU\..\Run: [Klg] C:\WINDOWS\System32\Gvi.exe
      > O4 - HKCU\..\Run: [Ikl] C:\WINDOWS\Bel.exe
      > O4 - HKCU\..\Run: [Set] C:\WINDOWS\System32\Pha.exe
      > O4 - HKCU\..\Run: [Lim] C:\WINDOWS\Ime.exe
      > O4 - HKCU\..\Run: [Thg] C:\WINDOWS\System32\Otb.exe
      > O4 - HKCU\..\Run: [Tnd] C:\WINDOWS\System32\Anp.exe
      > O4 - HKCU\..\Run: [Prl] C:\WINDOWS\System32\Cfa.exe
      > O4 - HKCU\..\Run: [Beq] C:\WINDOWS\Qhn.exe
      > O4 - HKCU\..\Run: [Jjo] C:\WINDOWS\System32\Jdq.exe
      > O4 - HKCU\..\Run: [Pnv] C:\WINDOWS\Kja.exe
      > O15 - Trusted Zone: *.iframedollars.biz (HKLM)
      > O15 - Trusted Zone: *.skoobidoo.com (HKLM)
      > O15 - Trusted Zone: *.slotchbar.com (HKLM)
      > O15 - Trusted Zone: *.windupdates.com (HKLM)
      > O15 - Trusted IP range: 213.159.117.202
      > O20 - Winlogon Notify: draw32 - draw32.dll (file missing)

      Jakby jakies wpisy wrocily po resecie to usun pliki killbox'em:
      www.downloads.subratam.org/KillBox.zip

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka