Dodaj do ulubionych

sprawdźcie mi loga - proszę :D

IP: *.chello.pl 20.03.07, 21:44
Ostatnio miałam straszne problemy z laptopem,zawieszał się tak, że musiałam
czekać na rozładowanie baterii żeby móc cokolwiek zrobić. teraz już jest
lepiej ale prosze o sprawdzenie loga bo czasami jest tak że nie można
uruchomić nawet internetu i korzystam teraz z okazji kiedy udało mi się go
włączyć.

Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 21:26:18, on 2007-03-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avast4\aswUpdSv.exe
C:\Program Files\Avast4\ashServ.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
C:\WINDOWS\System32\PAStiSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Avast4\ashMaiSv.exe
C:\Program Files\Avast4\ashWebSv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\ehome\ehtray.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\LGDMEBTN.exe
C:\PROGRA~1\Avast4\ashDisp.exe
C:\Program Files\LG Software\IP Operator 2005\IP Operator.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\regscan.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\utils\HiJackThis_v2.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
C:\Program Files\ICQToolbar\toolbaru.dll
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program
Files\ICQToolbar\toolbaru.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
Files\Spybot - Search & Destroy\SDHelper.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
C:\Program Files\ICQToolbar\toolbaru.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage
Manager\iaanotif.exe
O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen
Display\HotKey.exe"
O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe
bthprops.cpl,,BluetoothAuthenticationAgent
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery
Miser\batterymiser.exe"
O4 - HKLM\..\Run: [LG Direct Media Button Service] LGDMEBTN.exe
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI
Technologies\ATI.ACE\cli.exe" runtime -Delay
O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Lexmark_X79-55] C:\WINDOWS\system32\lsasss.exe
O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP
Operator.exe" -aUtOsTaRtFrOmReG
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1
\ISUSPM.exe -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKCU\..\Run: [SRSTrayApp] C:\Program Files\SRS Labs\WOWXT and TSXT
Driver\SRSTrayApp.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\system32\regscan.exe
O4 - HKCU\..\Run: [Brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe
O4 - HKUS\S-1-5-21-50309352-356996541-2736649231-1006\..\Run: [SRSTrayApp]
C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRSTrayApp.exe (User 'Guest1')
O4 - HKUS\S-1-5-21-50309352-356996541-2736649231-1006\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe (User 'Guest1')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
(User 'Default user')
O4 - Global Startup: Bluetooth Manager.lnk = ?
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-
A2CD196348E9} - C:\Program Files\ICQLite\ICQLite.exe
O20 - AppInit_DLLs:
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-
00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-
11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32
\Ati2evxx.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Avast4
\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Avast4
\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Avast4
\ashWebSv.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel
Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32
\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: ProtexisLicensing - Unknown owner - C:\Program Files\Common
Files\Protexis\License Service\PSIService.exe
O23 - Service: SRS PostInstaller Service (SRS_PostInstaller) - SRS Labs,
Inc. - C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
O23 - Service: STI Simulator - Unknown owner - C:\WINDOWS\System32
\PAStiSvc.exe

--
End of file - 6763 bytes

Obserwuj wątek
    • Gość: Kolobos Re: sprawdźcie mi loga - proszę :D IP: *.escom.net.pl 20.03.07, 22:09
      Zmien przegladarke na Opere, nie sciagaj trojanow i nie instaluj spyware'u, nie otwieraj zalacznik z trojanami w poczcie.

      Uzyj: siri.urz.free.fr/Fix/SmitfraudFix_En.php zrob to co masz
      opisane pod "Clean" po uzyciu utworzy sie log, ktory wklej na forum.

      W menadzerze zadan zakoncz:
      C:\WINDOWS\system32\regscan.exe

      W hjt usun:
      O4 - HKLM\..\Run: [Lexmark_X79-55] C:\WINDOWS\system32\lsasss.exe <- plik usun z dysku.
      O4 - HKCU\..\Run: [Regscan] C:\WINDOWS\system32\regscan.exe <- i ten
      O4 - HKCU\..\Run: [Brave-Sentry] C:\Program Files\BraveSentry\BraveSentry.exe <- katalog BraveSentry usun z dysku.
      O20 - AppInit_DLLs:

      Przeskanuj tez system tym:
      www.pandasoftware.com/activescan/pol/activescan_principal.htm
      www.spywareinfo.com/xscan.php
      www.bitdefender.com/scan8/ie.html
      • Gość: anilama Re: sprawdźcie mi loga - proszę :D IP: *.chello.pl 21.03.07, 00:39
        Dzięki Kolobos!

        SmitFraudFix v2.151

        Scan done at 0:28:23,76, 2007-03-21
        Run from C:\utils\SmitfraudFix
        OS: Microsoft Windows XP [Wersja 5.1.2600] - Windows_NT
        The filesystem type is NTFS
        Fix run in normal mode

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler Before SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll

        »»»»»»»»»»»»»»»»»»»»»»»» Killing process


        »»»»»»»»»»»»»»»»»»»»»»»» hosts


        127.0.0.1 localhost

        »»»»»»»»»»»»»»»»»»»»»»»» Generic Renos Fix

        GenericRenosFix by S!Ri


        »»»»»»»»»»»»»»»»»»»»»»»» Deleting infected files


        »»»»»»»»»»»»»»»»»»»»»»»» Deleting Temp Files


        »»»»»»»»»»»»»»»»»»»»»»»» Winlogon.System
        !!!Attention, following keys are not inevitably infected!!!

        [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon]
        "System"=""


        »»»»»»»»»»»»»»»»»»»»»»»» Registry Cleaning

        Registry Cleaning done.

        »»»»»»»»»»»»»»»»»»»»»»»» SharedTaskScheduler After SmitFraudFix
        !!!Attention, following keys are not inevitably infected!!!

        SrchSTS.exe by S!Ri
        Search SharedTaskScheduler's .dll


        »»»»»»»»»»»»»»»»»»»»»»»» End


        Nowy log z HJT:

        Logfile of Trend Micro HijackThis v2.0.0 (BETA)
        Scan saved at 00:35:24, on 2007-03-21
        Platform: Windows XP SP2 (WinNT 5.01.2600)
        Boot mode: Normal

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\WINDOWS\system32\Ati2evxx.exe
        C:\WINDOWS\ehome\ehtray.exe
        C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
        C:\WINDOWS\AGRSMMSG.exe
        C:\WINDOWS\system32\rundll32.exe
        C:\WINDOWS\RTHDCPL.EXE
        C:\WINDOWS\system32\LGDMEBTN.exe
        C:\PROGRA~1\Avast4\ashDisp.exe
        C:\Program Files\LG Software\IP Operator 2005\IP Operator.exe
        C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
        C:\WINDOWS\system32\ctfmon.exe
        C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exe
        C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exe
        C:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exe
        C:\Program Files\Avast4\aswUpdSv.exe
        C:\Program Files\Avast4\ashServ.exe
        C:\WINDOWS\eHome\ehRecvr.exe
        C:\WINDOWS\eHome\ehSched.exe
        C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
        C:\Program Files\Common Files\Protexis\License Service\PSIService.exe
        C:\Program Files\SRS Labs\WOWXT and TSXT Driver\SRS_PostInstaller.exe
        C:\WINDOWS\System32\PAStiSvc.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\system32\dllhost.exe
        C:\Program Files\Avast4\ashMaiSv.exe
        C:\Program Files\Avast4\ashWebSv.exe
        C:\WINDOWS\eHome\ehmsas.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\WINDOWS\explorer.exe
        C:\WINDOWS\NOTEPAD.EXE
        C:\utils\HiJackThis_v2.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE

        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
        R3 - URLSearchHook: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} -
        C:\Program Files\ICQToolbar\toolbaru.dll
        O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} -
        C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O2 - BHO: XTTBPos00 - {055FD26D-3A88-4e15-963D-DC8493744B1D} - C:\Program
        Files\ICQToolbar\toolbaru.dll
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
        C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program
        Files\Spybot - Search & Destroy\SDHelper.dll
        O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
        C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
        O3 - Toolbar: ICQ Toolbar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program
        Files\ICQToolbar\toolbaru.dll
        O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
        O4 - HKLM\..\Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
        O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
        O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage
        Manager\iaanotif.exe
        O4 - HKLM\..\Run: [KeybdUtility] "C:\Program Files\LG Software\On Screen
        Display\HotKey.exe"
        O4 - HKLM\..\Run: [AGRSMMSG] AGRSMMSG.exe
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32
        \NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet
        O4 - HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe
        bthprops.cpl,,BluetoothAuthenticationAgent
        O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
        O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
        O4 - HKLM\..\Run: [batterymiser] "C:\Program Files\LG Software\Battery
        Miser\batterymiser.exe"
        O4 - HKLM\..\Run: [LG Direct Media Button Service] LGDMEBTN.exe
        O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe"
        runtime -Delay
        O4 - HKLM\..\Run: [BigDogPath] C:\WINDOWS\VM_STI.EXE VIMICRO USB PC Camera
        O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast4\ashDisp.exe
        O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
        O4 - HKLM\..\Run: [IPO3] "C:\Program Files\LG Software\IP Operator 2005\IP
        Operator.exe" -aUtOsTaRtFrOmReG
        O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1
        \ISUSPM.exe -startup
        O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common
        Files\InstallShield\UpdateService\issch.exe" -start
        O4 - HKCU\..\Run: [SRSTrayApp] C:\Program Files\SRS Labs\WOWXT and TSXT
        Driver\SRSTrayApp.exe
        O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
        O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
        (User 'SYSTEM')
        O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE
        (User 'Default user')
        O4 - Global Startup: Bluetooth Manager.lnk = ?
        O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
        C:\Program Files\ICQLite\ICQLite.exe
        O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
        C:\Program Files\ICQLite\ICQLite.exe
        O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-
        00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
        O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-
        11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
        O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
        C:\Program Files\Avast4\aswUpdSv.exe
        O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDO

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka