prośba o sprawdzenie loga

29.06.05, 14:40
Logfile of HijackThis v1.99.1
Scan saved at 14:39:03, on 2005-06-29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\system32\rundll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\windows\system32\rlvknlg.exe
C:\Program Files\Tweak-XP Pro 3\transtask.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\FinePixViewer\QuickDCF.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software
Updater.exe
C:\Program Files\Sony\OpenMG Jukebox\Omgtray.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\drivers\KodakCCS.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\ScsiAccess.EXE
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Documents and Settings\Moniczka\Pulpit\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [CloneCDTray] "C:\Program
Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [BearShare] "C:\Program
Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA
Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2
\printray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01
\bin\jusched.exe
O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1
\BO1HEL~1.EXE /partner BO1
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [OSS] C:\windows\system32\rlvknlg.exe -boot
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1
\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 3\transtask.exe"
O4 - HKCU\..\Run: [WeatherCast] "C:\Program Files\WeatherCast\Weather.exe" /q
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Skype] "C:\Program
Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Exif Launcher.lnk = ?
O4 - Global Startup: hp psc 1000 series.lnk = ?
O4 - Global Startup: hpoddt01.exe.lnk = ?
O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program
Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
O4 - Global Startup: Kodak software updater.lnk = C:\Program
Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software Updater.exe
O4 - Global Startup: OpenMG Jukebox Startup.lnk = C:\Program
Files\Sony\OpenMG Jukebox\Omgtray.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-
49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0
\ShprRprt.dll
O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
\ShprRprt.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F98} (CR64Loader Object) -
www.miniclip.com/puzzlepirates/miniclipGameLoader.dll
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) -
www.bph.pl/pi/components/SignActivX.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{F1D7FBFB-685E-4BE8-BCE9-
71F4641E2157}: NameServer = 192.168.17.1,194.204.152.34
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak
Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program
Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
    • Gość: Kolobos Re: prośba o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 29.06.05, 15:13
      Odinstaluj:
      Butterfly_Oasis
      New.Net
      WeatherCast

      I nie instaluj sobie wiecej tych adwareow i trojanow...

      Przeskanuj tym:
      download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
      Usun wszystko co znajdzie.Nastepnie usun przy pomocy tego:
      www.cexx.org/LSPFix.exe
      New.Net ale nic wiecej tam nie kasuj bo zepsujesz!

      W hijackthis usun:

      O4 - HKLM\..\Run: [BO1HelperStartUp] C:\PROGRA~1\BUTTER~1
      \BO1HEL~1.EXE /partner BO1
      O4 - HKLM\..\Run: [OSS] C:\windows\system32\rlvknlg.exe -boot
      O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1
      \NEWDOT~2.DLL,NewDotNetStartup -s
      O4 - HKCU\..\Run: [WeatherCast] "C:\Program Files\WeatherCast\Weather.exe" /q
      O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-
      49c8-9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0
      \ShprRprt.dll
      O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
      4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
      \ShprRprt.dll

      Po resecie usun z dysku:

      C:\PROGRA~1\BUTTER~1\
      C:\windows\system32\rlvknlg.exe
      C:\PROGRA~1\NEWDOT~1\
      C:\Program Files\WeatherCast\
      C:\Program Files\ShopperReports\

      Nie zaszkodzi przeskanowac tym:
      housecall.trendmicro.com/housecall/start_corp.asp
      www.windowsecurity.com/trojanscan/
      www.pandasoftware.com/activescan/pol/activescan_principal.htm
    • sunrise79 ponowne sprawdzenie 29.06.05, 18:36

      Logfile of HijackThis v1.99.1
      Scan saved at 18:32:14, on 2005-06-29
      Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\Explorer.EXE
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
      C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
      C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
      C:\Program Files\QuickTime\qttask.exe
      C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
      C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
      C:\Program Files\Tweak-XP Pro 3\transtask.exe
      C:\WINDOWS\system32\ctfmon.exe
      C:\Program Files\Gadu-Gadu\gg.exe
      C:\Program Files\FinePixViewer\QuickDCF.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
      C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software
      Updater.exe
      C:\Program Files\Sony\OpenMG Jukebox\Omgtray.exe
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      C:\Program Files\Alwil Software\Avast4\ashServ.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
      C:\WINDOWS\system32\drivers\KodakCCS.exe
      C:\WINDOWS\system32\nvsvc32.exe
      C:\WINDOWS\system32\ScsiAccess.EXE
      C:\WINDOWS\system32\svchost.exe
      C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
      C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
      C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
      C:\Program Files\Internet Explorer\IEXPLORE.EXE
      C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
      C:\Documents and Settings\Moniczka\Pulpit\hijackthis\HijackThis.exe

      R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
      C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
      O4 - HKLM\..\Run: [RemoteControl] "C:\Program
      Files\CyberLink\PowerDVD\PDVDServ.exe"
      O4 - HKLM\..\Run: [CloneCDTray] "C:\Program
      Files\SlySoft\CloneCD\CloneCDTray.exe" /s
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
      \NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
      \NvMcTray.dll,NvTaskbarInit
      O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA
      Corporation\NvMixer\NVMixerTray.exe"
      O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
      O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
      atboottime
      O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
      O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2
      \printray.exe
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01
      \bin\jusched.exe
      O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
      O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
      AntiSpyware\gcasServ.exe"
      O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 3\transtask.exe"
      O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
      Messenger\MsnMsgr.Exe" /background
      O4 - HKCU\..\Run: [Skype] "C:\Program
      Files\Skype\Phone\Skype.exe" /nosplash /minimized
      O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
      O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
      O4 - Global Startup: Exif Launcher.lnk = ?
      O4 - Global Startup: hp psc 1000 series.lnk = ?
      O4 - Global Startup: hpoddt01.exe.lnk = ?
      O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program
      Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
      O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK
      Software Updater\7288971\Program\Kodak Software Updater.exe
      O4 - Global Startup: OpenMG Jukebox Startup.lnk = C:\Program Files\Sony\OpenMG
      Jukebox\Omgtray.exe
      O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
      res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
      C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
      00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
      O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
      C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-
      9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
      O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
      4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
      \ShprRprt.dll
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
      C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
      00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
      a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
      O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) -
      www.bph.pl/pi/components/SignActivX.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{F1D7FBFB-685E-4BE8-BCE9-71F4641E2157}:
      NameServer = 192.168.17.1,194.204.152.34
      O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
      C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
      O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
      Software\Avast4\ashServ.exe
      O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
      Software\Avast4\ashMaiSv.exe" /service (file missing)
      O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
      Software\Avast4\ashWebSv.exe" /service (file missing)
      O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak
      Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
      O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
      C:\WINDOWS\system32\nvsvc32.exe
      O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
      O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
      O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program
      Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
      • Gość: Kolobos Re: ponowne sprawdzenie IP: *.warszawa.sdi.tpnet.pl 29.06.05, 18:59
        Z tego co widze to zostalo tylko to:
        O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-
        9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
        O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
        4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
        \ShprRprt.dll

        www.downloads.subratam.org/KillBox.zip
        Rozpakuj, zaznacz Delete file on reboot wklej sciezke do pliku i nacisnij
        czerwony przycisk:
        C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll

        Po resecie usun caly katalog:
        C:\Program Files\ShopperReports\
        • sunrise79 Re: ponowne sprawdzenie cz.2 29.06.05, 21:13
          Logfile of HijackThis v1.99.1
          Scan saved at 21:12:25, on 2005-06-29
          Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
          MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

          Running processes:
          C:\WINDOWS\System32\smss.exe
          C:\WINDOWS\system32\winlogon.exe
          C:\WINDOWS\system32\services.exe
          C:\WINDOWS\system32\lsass.exe
          C:\WINDOWS\system32\svchost.exe
          C:\WINDOWS\System32\svchost.exe
          C:\WINDOWS\system32\spoolsv.exe
          C:\WINDOWS\Explorer.EXE
          C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe
          C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
          C:\Program Files\BearShare\BearShare.exe
          C:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
          C:\Program Files\QuickTime\qttask.exe
          C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
          C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
          C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
          C:\Program Files\Tweak-XP Pro 3\transtask.exe
          C:\WINDOWS\system32\ctfmon.exe
          C:\Program Files\BearShare\BearShare.exe
          C:\Program Files\Gadu-Gadu\gg.exe
          C:\Program Files\FinePixViewer\QuickDCF.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
          C:\Program Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
          C:\Program Files\Kodak\KODAK Software Updater\7288971\Program\Kodak Software
          Updater.exe
          C:\Program Files\Sony\OpenMG Jukebox\Omgtray.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe
          C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
          C:\Program Files\Alwil Software\Avast4\ashServ.exe
          C:\WINDOWS\system32\drivers\KodakCCS.exe
          C:\WINDOWS\system32\nvsvc32.exe
          C:\WINDOWS\system32\ScsiAccess.EXE
          C:\WINDOWS\system32\svchost.exe
          C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
          C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
          C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
          C:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe
          C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
          C:\Program Files\Internet Explorer\IEXPLORE.EXE
          C:\WINDOWS\system32\wuauclt.exe
          C:\Documents and Settings\Moniczka\Pulpit\hijackthis\HijackThis.exe

          R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
          R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
          O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
          C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
          O4 - HKLM\..\Run: [RemoteControl] "C:\Program
          Files\CyberLink\PowerDVD\PDVDServ.exe"
          O4 - HKLM\..\Run: [CloneCDTray] "C:\Program
          Files\SlySoft\CloneCD\CloneCDTray.exe" /s
          O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
          O4 - HKLM\..\Run: [BearShare] "C:\Program Files\BearShare\BearShare.exe" /pause
          O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
          \NvCpl.dll,NvStartup
          O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
          O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32
          \NvMcTray.dll,NvTaskbarInit
          O4 - HKLM\..\Run: [NVMixerTray] "C:\Program Files\NVIDIA
          Corporation\NvMixer\NVMixerTray.exe"
          O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
          O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
          atboottime
          O4 - HKLM\..\Run: [REGSHAVE] C:\Program Files\REGSHAVE\REGSHAVE.EXE /AUTORUN
          O4 - HKLM\..\Run: [PrinTray] C:\WINDOWS\System32\spool\DRIVERS\W32X86\2
          \printray.exe
          O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01
          \bin\jusched.exe
          O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
          O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
          AntiSpyware\gcasServ.exe"
          O4 - HKCU\..\Run: [TransTask] "C:\Program Files\Tweak-XP Pro 3\transtask.exe"
          O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN
          Messenger\MsnMsgr.Exe" /background
          O4 - HKCU\..\Run: [Skype] "C:\Program
          Files\Skype\Phone\Skype.exe" /nosplash /minimized
          O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
          O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
          O4 - Global Startup: Exif Launcher.lnk = ?
          O4 - Global Startup: hp psc 1000 series.lnk = ?
          O4 - Global Startup: hpoddt01.exe.lnk = ?
          O4 - Global Startup: Kodak EasyShare software.lnk = C:\Program
          Files\Kodak\Kodak EasyShare software\bin\EasyShare.exe
          O4 - Global Startup: Kodak software updater.lnk = C:\Program Files\Kodak\KODAK
          Software Updater\7288971\Program\Kodak Software Updater.exe
          O4 - Global Startup: OpenMG Jukebox Startup.lnk = C:\Program Files\Sony\OpenMG
          Jukebox\Omgtray.exe
          O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
          res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
          O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
          C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
          O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
          00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
          O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
          C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
          O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-
          9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
          (file missing)
          O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
          4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
          \ShprRprt.dll (file missing)
          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
          C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
          00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
          a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
          O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) -
          www.bph.pl/pi/components/SignActivX.cab
          O17 - HKLM\System\CCS\Services\Tcpip\..\{F1D7FBFB-685E-4BE8-BCE9-71F4641E2157}:
          NameServer = 192.168.17.1,194.204.152.34
          O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
          C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
          O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
          Software\Avast4\ashServ.exe
          O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
          Software\Avast4\ashMaiSv.exe" /service (file missing)
          O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
          Software\Avast4\ashWebSv.exe" /service (file missing)
          O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak
          Company - C:\WINDOWS\system32\drivers\KodakCCS.exe
          O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
          C:\WINDOWS\system32\nvsvc32.exe
          O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
          O23 - Service: ScsiAccess - Unknown owner - C:\WINDOWS\system32\ScsiAccess.EXE
          O23 - Service: Sony SPTI Service (SPTISRV) - Sony Corporation - C:\Program
          Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
          • Gość: Kolobos Re: ponowne sprawdzenie cz.2 IP: *.warszawa.sdi.tpnet.pl 29.06.05, 21:30
            To mialobyc skasowane:
            O9 - Extra button: ShopperReports - Compare travel rates - {946B3E9E-E21A-49c8-
            9F63-900533FAFE14} - C:\Program Files\ShopperReports\Bin\1.0.4.0\ShprRprt.dll
            (file missing)
            O9 - Extra button: ShopperReports - Compare product prices - {E77EDA01-3C56-
            4a96-8D08-02B42891C169} - C:\Program Files\ShopperReports\Bin\1.0.4.0
            \ShprRprt.dll (file missing)

            Wiec po co mi wklejasz log skoro dalej jest? Zreszta po co log skoro tylko to
            zostalo, chyba mozesz zobaczyc czy dalej jest czy nie? Nie trzeba co chwile
            wklejac.
            • sunrise79 Re: ponowne sprawdzenie cz.2 30.06.05, 08:01
              kasowałam,widocznie cos nie wyszło ;-) zaraz jeszcze nad tym popracuje
              dzięki wielkie
Pełna wersja