prosze o sprawdzenie loga

05.11.06, 23:36
Logfile of HijackThis v1.99.1
Scan saved at 23:28:39, on 2006-11-05
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\explorer.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
C:\windows\system\scvhost.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Opera\Opera.exe
C:\Documents and Settings\bob\Pulpit\hijackthis\HijackThis.exe
C:\WINDOWS\system32\NOTEPAD.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tsi.tychy.pl:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
O4 - HKLM\..\RunOnce: [System Mechanic Cache Cleanup] C:\Program Files\iolo\System Mechanic 5\SysMech5.exe /COMPLETECACHE
O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB
O4 - HKCU\..\Run: [scvhost] c:\windows\system\scvhost.exe
O4 - HKCU\..\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} - mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
O17 - HKLM\System\CS1\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
O17 - HKLM\System\CS2\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

    • Gość: Kolobos Re: prosze o sprawdzenie loga IP: *.escom.net.pl 06.11.06, 11:54
      Zamknij porty przy pomocy wwdc.exe + skan ewido.

      W menadzerze zadan zakoncz:
      C:\windows\system\scvhost.exe
      Plik usun z dysku.

      W hjt usun:
      F2 - REG:system.ini: Shell=explorer.exe
      O4 - HKCU\..\Run: [scvhost] c:\windows\system\scvhost.exe
      O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)
      • jzdybek Re: prosze o sprawdzenie loga 06.11.06, 13:54
        Dzieki wielkie.Tak wyglada moj log po zastosowaniu sie do twoich wskazowek


        Logfile of HijackThis v1.99.1
        Scan saved at 13:49:58, on 2006-11-06
        Platform: Windows XP (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 (6.00.2600.0000)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\System32\Ati2evxx.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        C:\Program Files\Alwil Software\Avast4\ashServ.exe
        C:\WINDOWS\System32\CTsvcCDA.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\System32\MsPMSPSv.exe
        C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
        C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\Explorer.EXE
        C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
        C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe
        C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
        C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe
        C:\Program Files\Gadu-Gadu\gg.exe
        C:\Program Files\Opera\Opera.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
        C:\Documents and Settings\bob\Pulpit\hijackthis\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
        R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.tsi.tychy.pl:8080
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
        O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
        O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [CTSysVol] "C:\Program Files\Creative\SB Live! 24-bit\Surround Mixer\CTSysVol.exe" /r
        O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe"
        O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
        O4 - HKCU\..\Run: [Creative MediaSource Go] C:\Program Files\Creative\MediaSource\Go\CTCMSGo.exe /SCB
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
        O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
        O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - download.bitdefender.com/resources/scan8/oscan8.cab
        O17 - HKLM\System\CCS\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
        O17 - HKLM\System\CS1\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
        O17 - HKLM\System\CS2\Services\Tcpip\..\{1E102D45-4211-4315-A54F-11BD19AA30B2}: NameServer = 83.142.120.242
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
        O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
        O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
        O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
        O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
        O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
        O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
        O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

        • Gość: Kolobos Re: prosze o sprawdzenie loga IP: *.escom.net.pl 06.11.06, 14:21
          Nowy log nie jest potrzebny, jezeli tego co podalem nie ma to jest ok.
Pełna wersja