Proszę o sprawdzenie loga


(Mazi87) #1

Witam mam prośbę o sprawdzenie loga mojego kolegi. Komp mu sie strasznie muli i nie wie co może byc tego przyczyną. Oprocz zainstalowania SP2 i zmienienia przeglondarki moja pomoc się skonczyła :stuck_out_tongue: .

O to ten log:

Logfile of HijackThis v1.99.1

Scan saved at 18:01:58, on 2006-02-10

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)


Running processes:

F:\WINDOWS\System32\smss.exe

F:\WINDOWS\system32\winlogon.exe

F:\WINDOWS\system32\services.exe

F:\WINDOWS\system32\lsass.exe

F:\WINDOWS\System32\Ati2evxx.exe

F:\WINDOWS\system32\svchost.exe

F:\WINDOWS\System32\svchost.exe

F:\Program Files\Ahead\InCD\InCDsrv.exe

F:\WINDOWS\system32\spoolsv.exe

F:\WINDOWS\system32\Ati2evxx.exe

F:\WINDOWS\Explorer.EXE

F:\Program Files\Analog Devices\SoundMAX\SMTray.exe

F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe

F:\Program Files\USB Disk Tool\USNDISKT.EXE

F:\Program Files\Ahead\InCD\InCD.exe

F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Winamp\winampa.exe

F:\WINDOWS\System32\kernel32.dlI

F:\WINDOWS\System32\ctfmon.exe

F:\Program Files\AVACS\PC-TV FM\RemoteCtl.exe

F:\Program Files\AVPersonal\AVGUARD.EXE

F:\Program Files\AVPersonal\AVWUPSRV.EXE

F:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

F:\gadu\gg.exe

F:\Documents and Settings\damian\Pulpit\hijackthis\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - F:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - F:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [Smapp] F:\Program Files\Analog Devices\SoundMAX\SMTray.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_02\bin\jusched.exe

O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033

O4 - HKLM\..\Run: [USB Disk Tool] F:\Program Files\USB Disk Tool\USNDISKT.EXE

O4 - HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM\..\Run: [InCD] F:\Program Files\Ahead\InCD\InCD.exe

O4 - HKLM\..\Run: [RemoteControl] "F:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM\..\Run: [WinampAgent] c:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [kernel32] F:\WINDOWS\System32\kernel32.dlI

O4 - HKLM\..\Run: [AVGCtrl] "F:\Program Files\AVPersonal\AVGNT.EXE" /min

O4 - HKCU\..\Run: [CTFMON.EXE] F:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "F:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [Gadu-Gadu] "F:\gadu\gg.exe" /tray

O4 - HKCU\..\Run: [Skype] "c:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU\..\Run: [WhenUSave] "F:\Program Files\Save\Save.exe"

O4 - Global Startup: PC-TV FM Remote Control.lnk = F:\Program Files\AVACS\PC-TV FM\RemoteCtl.exe

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://F:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O12 - Plugin for .spop: F:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027438003} (Persits Software XUpload) - http://www.dobrebopolskie.com/dirUser/upload/XUpload.ocx

O23 - Service: AntiVir Service (AntiVirService) - H+BEDV Datentechnik GmbH - F:\Program Files\AVPersonal\AVGUARD.EXE

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - F:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - F:\WINDOWS\system32\ati2sgag.exe

O23 - Service: AntiVir Update (AVWUpSrv) - H+BEDV Datentechnik GmbH, Germany - F:\Program Files\AVPersonal\AVWUPSRV.EXE

O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - F:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: InCD Helper (read only) (InCDsrvR) - Ahead Software AG - F:\Program Files\Ahead\InCD\InCDsrv.exe

O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - F:\Program Files\Analog Devices\SoundMAX\SMAgent.exe

(Gutek) #2

folder i plik ręcznie usun w trybie awaryjnym :wink: