Mającym chwilę czasu proszę o sprawdzenie Loga


(Baki102) #1
Logfile of HijackThis v1.99.1

Scan saved at 08:28:43, on 2005-10-11

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\CTsvcCDA.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\WINDOWS\System32\MsPMSPSv.exe

C:\WINDOWS\System32\LVCOMSX.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

C:\PROGRA~1\BillP Studios\WinPatrol\winpatrol.exe

C:\Program Files\22M WLAN Adapter\WLANMON.exe

C:\Program Files\GetRight\getright.exe

C:\Program Files\GetRight\getright.exe

C:\Program Files\foobar2000\foobar2000.exe

C:\Program Files\MSI\FuzzyLogic4\FuzzyLogic4.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Documents and Settings\Liczi\Pulpit\HijackThis.exe


O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\Spybot - Search & Destroy\SDHelper.dll

O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE

O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE /run

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe" /minimize

O4 - HKLM\..\Run: [LVCOMSX] C:\WINDOWS\System32\LVCOMSX.EXE

O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKLM\..\Run: [iKeyWorks] C:\PROGRA~1\A4Tech\Keyboard\Ikeymain.exe

O4 - HKLM\..\Run: [WinPatrol] C:\PROGRA~1\BillP Studios\WinPatrol\winpatrol.exe

O4 - Global Startup: 22M WLAN Adapter.lnk = ?

O4 - Global Startup: GetRight - Tray Icon.lnk = C:\Program Files\GetRight\getright.exe

O8 - Extra context menu item: Download with GetRight - C:\Program Files\GetRight\GRdownload.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\GetRight\GRbrowse.htm

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O16 - DPF: {1F831FAC-42FC-11D4-95A6-0080AD30DCE1} (InstaFred) - file://C:\Program Files\AutoCAD LT 2002 Plk\InstFred.ocx

O16 - DPF: {4E330863-6A11-11D0-BFD8-006097237877} (InstallFromTheWeb ActiveX Control) - http://tw.msi.com.tw/autobios/client/iftwclix.cab

O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday) - file://C:\Program Files\AutoCAD LT 2002 Plk\AcDcToday.ocx

O16 - DPF: {AE56372C-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Program Files\AutoCAD LT 2002 Plk\InstBanr.ocx

O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Program Files\AutoCAD LT 2002 Plk\AcPreview.ocx

O17 - HKLM\System\CCS\Services\Tcpip\..\{C876CD20-8ACF-4B50-A849-FCA00D58C615}: NameServer = 213.17.150.254,194.204.159.1

O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe

O23 - Service: HK - ??????????????????????????????????? - C:\DOCUME~1\Liczi\USTAWI~1\Temp\HK.exe

O23 - Service: kavsvc - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

Złączono Posta : 11.10.2005 (Wto) 11:00

Chcę tylko wiedzieć czy wszystko jest u mnie OK…


(Gutek) #2

LOG OK:

023 - Start >>> Uruchom >>> services.msc >>> zatrzymaj i wyłącz HK a w trybie awaryjnym oczyść Temp :wink:


(Baki102) #3

Ok! !!


(Gutek) #4

To KeyLoggerExp :smiley:


(Baki102) #5

Ale Beret!!!


(Gutek) #6

Pewnie http://securityresponse.symantec.com/av … erexp.html :smiley:


(Baki102) #7

Dzięki! !!