HijackThis– bardzo proszę o sprawdzenie loga
Logfile of HijackThis v1.97.7
Scan saved at 09:36:50, on 2004–09–17
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32Ati2evxx.exe
C:Program FilesMcAfeeMcAfee VirusScanAvsynmgr.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe
C:Program FilesMcAfeeMcAfee VirusScanVshwin32.exe
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:Program FilesOffice Mousemoffice.exe
C:WINDOWSSystem32P2P NetworkingP2P Networking.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesMcAfeeMcAfee Shared ComponentsInstant UpdaterRuLaunch.exe
C:Program FilesOffice MouseMOUSE32A.DAT
C:PROGRA~1MCAFEE.COMPERSON~1MPFAGENT.EXE
C:Program FilesCommon FilesNetwork AssociatesMcShieldMcshield.exe
C:Program FilesMcAfeeMcAfee VirusScanAvconsol.exe
D:Downloadshijackthis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{00D6A7E7–4A97–456f–848A–3B75BF7554D7} – (no file)
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:PROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)
O2 – BHO: (no name) – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O3 – Toolbar: McAfee VirusScan – {ACB1E670–3217–45C4–A021–6B829A8A27CB} – C:Program FilesMcAfeeMcAfee VirusScanVSCShellExtension.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 – HKLM..Run: [Jet Detection] "C:Program FilesCreativeSBLivePROGRAMADGJDet.exe"
O4 – HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 – HKLM..Run: [CTStartup] C:Program FilesCreativeSplash ScreenCTEaxSpl.EXE /run
O4 – HKLM..Run: [FLMOFFICE4DMOUSE] C:Program FilesOffice Mousemoffice.exe
O4 – HKLM..Run: [P2P Networking] C:WINDOWSSystem32P2P NetworkingP2P Networking.exe /AUTOSTART
O4 – HKLM..Run: [MPFExe] C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
O4 – HKLM..Run: [VirusScanMSC] "C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe" /EMBEDDING
O4 – HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 – HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentMcAgent.exe
O4 – HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 – HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 –k
O4 – HKLM..RunServices: [RegisterDropHandler] C:Program FilesScannerPTBRIDGEBINRegisterDropHandler.exe
O4 – HKCU..Run: [skrzynka bogiego] C:Program Filesskrzynka bogiegoskrzynka.exe
O4 – HKCU..Run: [McAfee.InstantUpdate.Monitor] "C:Program FilesMcAfeeMcAfee Shared ComponentsInstant UpdaterRuLaunch.exe" /STARTMONITOR
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 – Extra button: @C:Program Files4Team CorporationFax4OutlookFax4IE.dll,–4 (HKCU)
O9 – Extra 'Tools' menuitem: Send Fax (HKCU)
O12 – Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 – DPF: {1D6711C8–7154–40BB–8380–3DEA45B69CBF} (Web P2P Installer) –
O16 – DPF: {37A49D66–2735–4BB9–8503–82BA5E2333D0} (MailCfg Control) – http://poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093940652123
O16 – DPF: {9F1C11AA–197B–4942–BA54–47A8489BB47F} – http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38154.5092476852
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
___________
Encorie–Joanna
Scan saved at 09:36:50, on 2004–09–17
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32Ati2evxx.exe
C:Program FilesMcAfeeMcAfee VirusScanAvsynmgr.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFSERVICE.exe
C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe
C:Program FilesMcAfeeMcAfee VirusScanVshwin32.exe
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:Program FilesOffice Mousemoffice.exe
C:WINDOWSSystem32P2P NetworkingP2P Networking.exe
C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:Program FilesMcAfeeMcAfee Shared ComponentsInstant UpdaterRuLaunch.exe
C:Program FilesOffice MouseMOUSE32A.DAT
C:PROGRA~1MCAFEE.COMPERSON~1MPFAGENT.EXE
C:Program FilesCommon FilesNetwork AssociatesMcShieldMcshield.exe
C:Program FilesMcAfeeMcAfee VirusScanAvconsol.exe
D:Downloadshijackthis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{00D6A7E7–4A97–456f–848A–3B75BF7554D7} – (no file)
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:PROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)
O2 – BHO: (no name) – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O3 – Toolbar: McAfee VirusScan – {ACB1E670–3217–45C4–A021–6B829A8A27CB} – C:Program FilesMcAfeeMcAfee VirusScanVSCShellExtension.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 – HKLM..Run: [Jet Detection] "C:Program FilesCreativeSBLivePROGRAMADGJDet.exe"
O4 – HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 – HKLM..Run: [CTStartup] C:Program FilesCreativeSplash ScreenCTEaxSpl.EXE /run
O4 – HKLM..Run: [FLMOFFICE4DMOUSE] C:Program FilesOffice Mousemoffice.exe
O4 – HKLM..Run: [P2P Networking] C:WINDOWSSystem32P2P NetworkingP2P Networking.exe /AUTOSTART
O4 – HKLM..Run: [MPFExe] C:PROGRA~1MCAFEE.COMPERSON~1MPFTRAY.EXE
O4 – HKLM..Run: [VirusScanMSC] "C:Program FilesMcAfeeMcAfee VirusScanVsStat.exe" /EMBEDDING
O4 – HKLM..Run: [MCUpdateExe] C:PROGRA~1mcafee.comagentMcUpdate.exe
O4 – HKLM..Run: [MCAgentExe] c:PROGRA~1mcafee.comagentMcAgent.exe
O4 – HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 – HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 –k
O4 – HKLM..RunServices: [RegisterDropHandler] C:Program FilesScannerPTBRIDGEBINRegisterDropHandler.exe
O4 – HKCU..Run: [skrzynka bogiego] C:Program Filesskrzynka bogiegoskrzynka.exe
O4 – HKCU..Run: [McAfee.InstantUpdate.Monitor] "C:Program FilesMcAfeeMcAfee Shared ComponentsInstant UpdaterRuLaunch.exe" /STARTMONITOR
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O9 – Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 – Extra button: @C:Program Files4Team CorporationFax4OutlookFax4IE.dll,–4 (HKCU)
O9 – Extra 'Tools' menuitem: Send Fax (HKCU)
O12 – Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 – DPF: {1D6711C8–7154–40BB–8380–3DEA45B69CBF} (Web P2P Installer) –
O16 – DPF: {37A49D66–2735–4BB9–8503–82BA5E2333D0} (MailCfg Control) – http://poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093940652123
O16 – DPF: {9F1C11AA–197B–4942–BA54–47A8489BB47F} – http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38154.5092476852
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
___________
Encorie–Joanna
Odpowiedzi: 1
Cos sie dzieje ?
Jesli nie wiesz co to RegisterDropHandler.exe, to sie tego pozbadz. Ponadto P2P Networking.exe a to o ile sie nie myle ladowane jest przez Kazaa przy instalacji. Nie wiem jednek czy usuniecie nie spowoduje tego, ze Kazaa nie za bardzo bedzie chciala pracowac. Niepotrzebne rowniez "dumprep" i "no file".
Jesli nie wiesz co to RegisterDropHandler.exe, to sie tego pozbadz. Ponadto P2P Networking.exe a to o ile sie nie myle ladowane jest przez Kazaa przy instalacji. Nie wiem jednek czy usuniecie nie spowoduje tego, ze Kazaa nie za bardzo bedzie chciala pracowac. Niepotrzebne rowniez "dumprep" i "no file".
Strona 1 / 1