Kolejny log


(Kefas) #1

Proszę o sprawdzenie loga:

Logfile of HijackThis v1.99.0

Scan saved at 17:21:51, on 2005-04-09

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\ctfmon.exe

D:\Agnitum\OUTPOS~1.0\outpost.exe

C:\WINDOWS\system32\SLEE401.exe

C:\WINDOWS\system32\svchost.exe

D:\Opera\Opera.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\pchealth\helpctr\binaries\HelpCtr.exe

C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpSvc.exe

C:\WINDOWS\PCHealth\HelpCtr\Binaries\HelpHost.exe

D:\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\GetRight\xx2gr.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\SPYBOT~1\SDHelper.dll

O4 - HKLM..\Run: [KAVPersonal50] d:\Kaspersky Lab\Kaspersky Anti-Virus Home Edition\kav.exe /minimize

O4 - HKLM..\Run: [Outpost Firewall] D:\Agnitum\OUTPOS~1.0\outpost.exe /waitservice

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O8 - Extra context menu item: Download with GetRight - D:\GetRight\GRdownload.htm

O8 - Extra context menu item: Open with GetRight Browser - D:\GetRight\GRbrowse.htm

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_06\bin\npjpi142_06.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab

O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/Shar ... /cabsa.cab

O16 - DPF: {80DD2229-B8E4-4C77-B72F-F22972D723EA} (AvxScanOnline Control) - http://www.bitdefender.com/scan/Msie/bitdefender.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: CA License Client - Unknown - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe (file missing)

O23 - Service: kavsvc - Kaspersky Lab - d:\Kaspersky Lab\Kaspersky Anti-Virus Home Edition\kavsvc.exe

O23 - Service: Event Log Watch - Unknown - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe (file missing)

O23 - Service: O&O Defrag 2000 - O&O Software GmbH - C:\WINDOWS\system32\OOD2000.exe

O23 - Service: Outpost Firewall Service - Agnitum - D:\Agnitum\OUTPOS~1.0\outpost.exe

O23 - Service: PestPatrol Remote - Unknown - C:\Program Files\Common Files\PestPatrol\ppRemoteService.exe (file missing)

O23 - Service: Sandra Data Service - SiSoftware - d:\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcDataSrv.exe

O23 - Service: Sandra Service - SiSoftware - d:\SiSoftware\SiSoftware Sandra Lite 2005.SR1\RpcSandraSrv.exe

O23 - Service: Steganos Live Encryption Engine (Version 401) [service] - Unknown - C:\WINDOWS\system32\SLEE401.exe


(boczi) #2

Czysty.

Jeśli nie używasz MSN Messenger, usuń go TYM.

Jeśli wywaliłeś PestPatrol, to skasuj i to:

O23 - Service: PestPatrol Remote - Unknown - C:\Program Files\Common Files\PestPatrol\ppRemoteService.exe (file missing)

To możesz też ciachnąć - jakieś pozostałości po CA:

O23 - Service: CA License Client - Unknown - C:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe (file missing)

O23 - Service: Event Log Watch - Unknown - C:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe (file missing)

Możesz wyłączyć CTFMON.EXE: Panel sterowania => Opcje regionalne=> Języki => Szczegóły => Zaawansowane => zaznaczasz wyłącz zaawansowane usługi tekstowe

To wszystko.

Pozdr.


(Musg) #3

kosmetycznie mozesz jeszcze to skosic :slight_smile:


(Kefas) #4

Dziekuję za pomoc .

Pozdrawiam :slight_smile: