Log :(

Dla specjalistów Bezpieczeństwo
#1

Witam prosze o sprawdzenie loga ;( caly czas mam problemy z roznymi programami szpiegowskimi system strasznie wolno chodzi pomocy

Logfile of HijackThis v1.99.1

Scan saved at 14:27:23, on 2007-01-27

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\Ahead\InCD\InCDsrv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

C:\WINDOWS\htpatch.exe

D:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\Common Files\SmartCom\RTEGPRS.exe

D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpohmr08.exe

D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe

d:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpoevm08.exe

C:\Program Files\Common Files\LightScribe\LSSrvc.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\Program Files\MySQL\MySQL Server 5.0\bin\mysqld-nt.exe

C:\WINDOWS\system32\svchost.exe

D:\Program Files\Hewlett-Packard\Digital Imaging\Bin\hpoSTS08.exe

D:\Program Files\Opera\Opera.exe

D:\Program Files\Tlen.pl\tlen.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Documents and Settings\Fefka86\Pulpit\hijackthis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - d:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe

O4 - HKLM…\Run: [HTpatch] C:\WINDOWS\htpatch.exe

O4 - HKLM…\Run: [siSUSBRG] C:\WINDOWS\SiSUSBrg.exe

O4 - HKLM…\Run: [Ad-aware] “D:\Program Files\Lavasoft\Ad-aware 6\Ad-aware.exe” +c

O4 - HKLM…\Run: [Ad-watch] “D:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe”

O4 - HKLM…\Run: [KAVPersonal50] “d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kav.exe” /minimize

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [RTEGPRS] “C:\Program Files\Common Files\SmartCom\RTEGPRS.exe” tray

O4 - Global Startup: hp psc 1000 series.lnk = ?

O4 - Global Startup: hpoddt01.exe.lnk = ?

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://D:\Program Files\AutoCAD LT 2002 Plk\InstFred.ocx

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday) - file://D:\Program Files\AutoCAD LT 2002 Plk\AcDcToday.ocx

O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://D:\Program Files\AutoCAD LT 2002 Plk\InstBanr.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://D:\Program Files\AutoCAD LT 2002 Plk\AcPreview.ocx

O17 - HKLM\System\CCS\Services\Tcpip…{192FC146-3ACA-4072-B13E-2FF3512C8698}: NameServer = 194.204.159.1,194.204.157.34

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BlueSoleil Hid Service - Unknown owner - d:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: kavsvc - Kaspersky Lab - d:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal\kavsvc.exe

O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe

O23 - Service: MySQL - Unknown owner - C:\Program.exe (file missing)

O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe

#2

Misiol > 1 wpis ok, drugi też ok, to jest pomyłka HJT, wskazująca na brak pliku usługi.

Log ok. Skan AVG AntySpyware 7.5 po update, wklej raport.

UPDATE: przeskanuj ten plik:

na stronie http://virusscan.jotti.org/ i podaj wynik.

#3

Misiol nie wiesz -> nie piszesz. KOSZ

Złączono Posty : 27 Styczeń 2007, 20:52:35

fefka86 proszę poprawić temat na konkretny, obrazujący problem oraz objąć log w tagi - używając opcji Zmień

Pomoc http://forum.dobreprogramy.pl/viewtopic.php?t=36654