proszę o sprawdzenie

13.03.07, 11:27
Logfile of HijackThis v1.99.1
Scan saved at 11:24:10, on 2007-03-13
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\NARZĘDZIA\DU Meter\DUMeter.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\PWN\Definicje\Bin\Starter.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe
C:\Program Files\AutoConnect\AutoConnect.exe
E:\NARZDZ~1\Speed-X\SpeedX.exe
C:\Ashampoo AntiSpyWare\AntiSpyWareControl.exe
I:\odtwarzacze\ALLPlayer\UniSpiker-2.6\uni_spiker-2.6.exe
E:\NARZĘDZIA\DISKEEPER PROFESSIONAL\DkService.exe
C:\PROGRA~1\INCRED~1\bin\IMApp.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\WINDOWS\System32\alg.exe
E:\BitComet\BitComet.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\Tlen.pl\tlen.exe
I:\internet\HijackThis.exe
I:\internet\HijackThis.exe

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O2 - BHO: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - E:\NARZĘDZIA\Expressivo Demo\IH_iexplore.dll
O3 - Toolbar: Expressivo - {85F685C3-20D9-4943-95E4-EB4224056C3F} - E:\NARZĘDZIA\Expressivo Demo\IH_iexplore.dll
O4 - HKLM\..\Run: [DU Meter] E:\NARZĘDZIA\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [DemonStarter] "C:\Program Files\PWN\Definicje\Bin\Starter.exe"
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DiskeeperSystray] "E:\NARZĘDZIA\DISKEEPER PROFESSIONAL\DkIcon.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_09\bin\jusched.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [Ashampoo AntiSpyWare Guard] C:\Ashampoo AntiSpyWare\AntiSpyWareGuard.exe
O4 - HKCU\..\Run: [IncrediMail] "C:\PROGRA~1\INCRED~1\bin\IncMail.exe" /c
O4 - HKCU\..\Run: [AutoConnect] "C:\Program Files\AutoConnect\AutoConnect.exe"
O4 - HKCU\..\Run: [SpeedX] E:\NARZDZ~1\Speed-X\SpeedX.exe
O4 - HKCU\..\Run: [Ashampoo AntiSpyWare Taskplaner] "C:\Ashampoo AntiSpyWare\AntiSpyWareControl.exe" -TRAY
O4 - Startup: UniSpiker-2.6.lnk = ?
O8 - Extra context menu item: &Add animation to IncrediMail Style Box - C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://d:\EDUKACJA\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_09\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\EDUKACJA\MICROS~1\OFFICE11\REFIEBAR.DLL
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - 67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{4C67F116-F63E-4F9F-82AF-86FC73DA966B}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{4C67F116-F63E-4F9F-82AF-86FC73DA966B}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Diskeeper - Diskeeper Corporation - E:\NARZĘDZIA\DISKEEPER PROFESSIONAL\DkService.exe
O23 - Service: hpdj - Unknown owner - C:\DOCUME~1\WADEK~1\USTAWI~1\Temp\hpdj.exe (file missing)
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe

    • Gość: Kolobos Re: proszę o sprawdzenie IP: *.escom.net.pl 13.03.07, 13:13
      Znowu atakujesz? Zastanow sie troche nad soba! Co chwile wklejasz log, ktory byl juz sprawdzany pare razy wiec chyba potrafisz sam porownac nowy log ze starym? Do tego masz jeszcze www.hijackthis.de wiec nie pisz tu wiecej.
Pełna wersja