Log po usunięciu wirusów

Ford · 2 Październik 2006 06:41

Witam, ostatnio pełno syfu sie zagnieździło ;/ Przeskanowałem Windows Defenderem, SpyBot’em, Kasperksym, każdy coś usunął. Oczywiście najnowsze bazy wirusów itp.

Log:

Logfile of HijackThis v1.99.1 Scan saved at 08:42:19, on 2006-10-02 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe J:\Windows Defender\MsMpEng.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\Explorer.EXE J:\Unlocker\UnlockerAssistant.exe J:\Windows Defender\MSASCui.exe J:\Kaspersky\avp.exe C:\Program Files\Messenger\msmsgs.exe C:\WINDOWS\system32\ctfmon.exe C:\AppServ\Apache2.2\bin\httpd.exe J:\Kaspersky\avp.exe J:\Kerio\Personal Firewall 4\kpf4ss.exe C:\AppServ\Apache2.2\bin\httpd.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE j:\SQLSER~1\MSSQL\binn\sqlservr.exe J:\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\HPZipm12.exe C:\WINDOWS\system32\svchost.exe J:\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Mozilla Firefox 2 Beta 2\firefox.exe J:\SongBird\xulrunner\xulrunner.exe C:\Documents and Settings\Ford\Pulpit\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.bearshare.com/pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.pcf.pl/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = ftp://ftp.pcf.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - J:\SpyBot S&D\SDHelper.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O4 - HKLM…\Run: [unlockerAssistant] “J:\Unlocker\UnlockerAssistant.exe” -H O4 - HKLM…\Run: [Windows Defender] “J:\Windows Defender\MSASCui.exe” -hide O4 - HKLM…\Run: [kav] “J:\Kaspersky\avp.exe” O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O8 - Extra context menu item: &Clean Traces - J:\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &Download with &DAP - J:\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - J:\DAP\dapextie2.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://J:\MICROS~1\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_07\bin\ssv.dll O9 - Extra button: Web Anti-Virus - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - J:\Kaspersky\scieplugin.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - J:\MICROS~1\OFFICE11\REFIEBAR.DLL O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O14 - IERESET.INF: START_PAGE_URL=http://www.pcf.pl/ O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda … 3831112468 O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup … 9161089843 O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O23 - Service: Apache - Unknown owner - C:\AppServ\Apache\Apache.exe" --ntservice (file missing) O23 - Service: Apache2.2 - Unknown owner - C:\AppServ\Apache2.2\bin\httpd.exe" -k runservice (file missing) O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - J:\Kaspersky\avp.exe O23 - Service: Sunbelt Kerio Personal Firewall 4 (KPF4) - Sunbelt Software - J:\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: mysql - Unknown owner - C:\AppServ\MySQL\bin\mysqld-nt.exe (file missing) O23 - Service: NOD32 Kernel Service (nod32krn) - Unknown owner - J:\NOD32\nod32krn.exe (file missing) O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

Bieniol · 2 Październik 2006 12:06

Czysto

Przeczyść rejestr (polecam do tego jv16 PowerTools 2006 1.5.2.344), zrób defragmentację, oraz przejrzyj: Optymalizacja XP

Wejdź: Start --> uruchom --> msconfig i w zakładce uruchamianie odznacz (według Ciebie) niepotrzbne przy autostarcie programy