
mam problem ... zainstalowaly sie jakies syfy ... a to nowy komp rodzinki wiec chce zeby byl czysty. wklejam log z hijacka... bardzo dziekuje za pomoc.
Logfile of HijackThis v1.99.1
Scan saved at 08:25:07, on 2005-09-02
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
C:\Program Files\Intel\IDU\IDUServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\ALCWZRD.EXE
C:\Program Files\Intel\IDU\iptray.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\usbn.exe
C:\Program Files\ScannerU\AM32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [Skrót do strony właściwości High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [ipTray.exe] "C:\Program Files\Intel\IDU\iptray.exe"
O4 - HKLM\..\Run: [Home Theater SchSvr] "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
O4 - HKLM\..\Run: [WINCINEMAMGR] "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [usbn] C:\WINDOWS\system32\usbn.exe -go -c30 -w
O4 - Global Startup: Action Manager 32.lnk = C:\Program Files\ScannerU\AM32.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O17 - HKLM\System\CCS\Services\Tcpip\..\{45813ECB-B4CF-4A62-9CF1-C8347D38C8DC}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{45813ECB-B4CF-4A62-9CF1-C8347D38C8DC}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Diskeeper Lite.lnk (Diskeeper) - Executive Software International, Inc. - C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
O23 - Service: Intel(R) Desktop Utilities Service (iHCService) - OSA Technologies, Inc. - C:\Program Files\Intel\IDU\IDUServ.exe
[ Dodano: Dzisiaj o 7:39 ]
tamten na gorze to byl po zeskanowaniu normalnie przez program ... a ten to startuplist..
- Kod: Zaznacz wszystko
- StartupList report, 2005-09-02, 08:36:47
 StartupList version: 1.52.2
 Started from : C:\Documents and Settings\user\Pulpit\HijackThis.EXE
 Detected: Windows XP Dodatek SP2 (WinNT 5.01.2600)
 Detected: Internet Explorer v6.00 SP2 (6.00.2900.2180)
 * Using default options
 ==================================================
 Running processes:
 C:\WINDOWS\System32\smss.exe
 C:\WINDOWS\system32\winlogon.exe
 C:\WINDOWS\system32\services.exe
 C:\WINDOWS\system32\lsass.exe
 C:\WINDOWS\system32\Ati2evxx.exe
 C:\WINDOWS\system32\svchost.exe
 C:\WINDOWS\System32\svchost.exe
 C:\WINDOWS\system32\spoolsv.exe
 C:\Program Files\Executive Software\DiskeeperLite\DkService.exe
 C:\Program Files\Intel\IDU\IDUServ.exe
 C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
 C:\WINDOWS\system32\Ati2evxx.exe
 C:\WINDOWS\Explorer.EXE
 C:\WINDOWS\SOUNDMAN.EXE
 C:\WINDOWS\ALCWZRD.EXE
 C:\Program Files\Intel\IDU\iptray.exe
 C:\WINDOWS\system32\svchost.exe
 C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe
 C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
 C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
 C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
 C:\WINDOWS\system32\usbn.exe
 C:\Program Files\ScannerU\AM32.exe
 C:\Program Files\Internet Explorer\iexplore.exe
 C:\WINDOWS\system32\wuauclt.exe
 C:\Documents and Settings\user\Pulpit\HijackThis.exe
 --------------------------------------------------
 Listing of startup folders:
 Shell folders Common Startup:
 [C:\Documents and Settings\All Users\Menu Start\Programy\Autostart]
 Action Manager 32.lnk = C:\Program Files\ScannerU\AM32.exe
 --------------------------------------------------
 Checking Windows NT UserInit:
 [HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
 UserInit = C:\WINDOWS\system32\userinit.exe,
 --------------------------------------------------
 Autorun entries from Registry:
 HKLM\Software\Microsoft\Windows\CurrentVersion\Run
 Skrót do strony właściwości High Definition Audio = HDAudPropShortcut.exe
 SoundMan = SOUNDMAN.EXE
 AlcWzrd = ALCWZRD.EXE
 Alcmtr = ALCMTR.EXE
 ipTray.exe = "C:\Program Files\Intel\IDU\iptray.exe"
 Home Theater SchSvr = "C:\Program Files\Common Files\InterVideo\SchSvr\SchSvr.exe"
 WINCINEMAMGR = "C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe"
 ATIPTA = C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
 SpeedTouch USB Diagnostics = "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
 usbn = C:\WINDOWS\system32\usbn.exe -go -c30 -w
 --------------------------------------------------
 Shell & screensaver key from C:\WINDOWS\SYSTEM.INI:
 Shell=*INI section not found*
 SCRNSAVE.EXE=*INI section not found*
 drivers=*INI section not found*
 Shell & screensaver key from Registry:
 Shell=Explorer.exe
 SCRNSAVE.EXE=C:\WINDOWS\system32\ssstars.scr
 drivers=*Registry value not found*
 Policies Shell key:
 HKCU\..\Policies: Shell=*Registry key not found*
 HKLM\..\Policies: Shell=*Registry value not found*
 --------------------------------------------------
 Enumerating Download Program Files:
 [Shockwave Flash Object]
 InProcServer32 = C:\WINDOWS\system32\macromed\flash\Flash.ocx
 CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
 --------------------------------------------------
 Enumerating ShellServiceObjectDelayLoad items:
 PostBootReminder: C:\WINDOWS\system32\SHELL32.dll
 CDBurn: C:\WINDOWS\system32\SHELL32.dll
 WebCheck: C:\WINDOWS\system32\webcheck.dll
 SysTray: C:\WINDOWS\system32\stobject.dll
 --------------------------------------------------
 End of report, 4 282 bytes
 Report generated in 0,032 seconds

 
	


 hehe;] pozdrawiam serdecznie i jeszcze raz bardzo dziekuje:)
 hehe;] pozdrawiam serdecznie i jeszcze raz bardzo dziekuje:)