Pytanie dotyczące logu

Dla specjalistów Bezpieczeństwo
#1

Po przeczytaniu optymalizacji Xp postanowiłem czegoś się trochę nauczyć i (wcześniej tego nie robiłem)spróbować zinterpretować samemu log.Z tego co widać to chyba jest wporządku ale ciekawi mnie info (file missing).Co z tym należałoby zrobić?Jednak prosiłbym o sprawdzenie…

Logfile of HijackThis v1.99.1

Scan saved at 01:41:11, on 2006-02-05

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\ewido anti-malware\ewidoctrl.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\ewido anti-malware\ewidoguard.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

C:\program files\softwin\bitdefender9\bdnagent.exe

C:\Program Files\Raxco\PerfectDisk\PDSched.exe

C:\program files\softwin\bitdefender9\bdswitch.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Softwin\BitDefender9\bdoesrv.exe

D:\PROGRAMY\Tlen\tlen.exe

C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Softwin\BitDefender9\vsserv.exe

c:\program files\softwin\bitdefender9\bdmcon.exe

D:\PROGRAMY\Firefox\firefox.exe

D:\PROGRAMY\totalcmd\TOTALCMD.EXE

D:\PROGRAMY\HiJackThis\HijackThis.exe


O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D:\PROGRAMY\SPYBOT~1\SDHelper.dll

O4 - HKLM\..\Run: [BDMCon] "C:\Program Files\Softwin\BitDefender9\bdmcon.exe"

O4 - HKLM\..\Run: [BDNewsAgent] "c:\program files\softwin\bitdefender9\bdnagent.exe"

O4 - HKLM\..\Run: [BDSwitchAgent] "c:\program files\softwin\bitdefender9\bdswitch.exe"

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [BDOESRV] "C:\Program Files\Softwin\BitDefender9\bdoesrv.exe"

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1136368075500

O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) - http://www.windowsecurity.com/trojanscan/axscan.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{361B657E-E3EC-44F8-8B59-5E51D9067BEB}: NameServer = 194.204.159.1

O17 - HKLM\System\CS1\Services\Tcpip\..\{361B657E-E3EC-44F8-8B59-5E51D9067BEB}: NameServer = 194.204.159.1

O17 - HKLM\System\CS2\Services\Tcpip\..\{361B657E-E3EC-44F8-8B59-5E51D9067BEB}: NameServer = 194.204.159.1

O20 - Winlogon Notify: WRNotifier - WRLogonNTF.dll (file missing)

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)

O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe

O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe

O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido anti-malware\ewidoctrl.exe

O23 - Service: ewido security suite guard - ewido networks - C:\Program Files\ewido anti-malware\ewidoguard.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)

O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe

O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - Unknown owner - C:\Program Files\Softwin\BitDefender9\vsserv.exe" /service (file missing)

O23 - Service: BitDefender Communicator (XCOMM) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
  • [list=]
#2

No jest Ok co do file missing większości wpisy O23 pliki są to błąd hijacka, inne trzeba sprawdzic czy program jest nie odinstalowany :wink:

SpySweeper masz jeszcze?

#3

Mam…doczegoś by tu się przydał?

#4

To Ok wszystko :wink: