Proszę o sprawdzenie loga
Net zaczął zwalniać.Podejrzewam źe coś jest nie tak:
Logfile of HijackThis v1.99.1
Scan saved at 10:39:39, on 2006–03–04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\Program Files\ewido anti–malware\ewidoguard.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
C:\Program Files\Registry Defragmentation\RegManServ.exe
F:\TATA\PROGRAMY [instalki]\Alcochol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\PS Tray Factory\PSTrayFactory.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Beniamin\tguard.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
C:\Program Files\Spy Emergency 2005\SpyEmergency.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\Program Files\Lavasoft\Ad–Aware SE Professional\Ad–Watch.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
F:\TATA\PROGRAMY [instalki]\DC++\DCPlusPlus.exe
C:\Program Files\Tlen.pl\tlen.exe
F:\TATA\PROGRAMY [instalki]\uTorrent\utorrent.exe
F:\TATA\PROGRAMY [instalki]\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eu.microsoft.com/poland/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsof
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 – HKLM\..\Run: [tguard] C:\Program Files\Beniamin\tguard.exe
O4 – HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\AGNITUM\OUTPOS~1\feedback.exe /dump:os_startup
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [FinePrint Dyspozytor v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLM
O4 – HKLM\..\Run: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.EXE /silent
O4 – HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 – HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal Pro\kav.exe" /minimize
O4 – HKLM\..\Run: [PestPatrol Control Center] C:\PROGRA~1\PESTPA~1\PPControl.exe
O4 – HKLM\..\Run: [PPMemCheck] C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 – HKLM\..\Run: [CookiePatrol] C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 – HKLM\..\Run: [Tau Monitor] C:\Program Files\Agnitum\Tauscan 1.7\Taumon.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\RunOnce: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 – HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 – HKCU\..\Run: [SkinClock] C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
O4 – HKCU\..\Run: [SpyEmergency] "C:\Program Files\Spy Emergency 2005\SpyEmergency.exe"
O4 – HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad–Aware SE Professional\Ad–Watch.exe"
O4 – Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 – Startup: UniSpiker–2.6.lnk = C:\Program Files\ivo\UniSpiker–2.6\uni_spiker–2.6.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: &Add animation to IncrediMail Style Box – C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://F:\TATA\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro – {44627E97–789B–40d4–B5C2–58BD171129A1} – C:\PROGRA~1\AGNITUM\OUTPOS~1\Plugins\BrowserBar\ie_bar.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – F:\TATA\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{830D5614–FB07–463F–BFF2–E168D9824D93}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CS1\Services\Tcpip\..\{830D5614–FB07–463F–BFF2–E168D9824D93}: NameServer = 194.204.152.34 217.98.63.164
O20 – AppInit_DLLs: C:\PROGRA~1\AGNITUM\OUTPOS~1\wl_hook.dll
O20 – Winlogon Notify: WgaLogon – WgaLogon.dll (file missing)
O23 – Service: cFosSpeed System Service (cFosSpeedS) – Unknown owner – C:\Program Files\cFosSpeed\spd.exe" –service (file missing)
O23 – Service: ewido security suite control – ewido networks – C:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: ewido security suite guard – ewido networks – C:\Program Files\ewido anti–malware\ewidoguard.exe
O23 – Service: GhostStartService – Symantec Corporation – C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 – Service: kavsvc – Kaspersky Lab – C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal Pro\kavsvc.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: Outpost Firewall Service (OutpostFirewall) – Agnitum Ltd. – C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
O23 – Service: Registry Management Service (RegManServ) – Unknown owner – C:\Program Files\Registry Defragmentation\RegManServ.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – F:\TATA\PROGRAMY [instalki]\Alcochol\Alcohol 120\StarWind\StarWindService.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
Odpowiedzi: 4
Wcale sie nie dziwie widzac caly ten zestaw:JARO33:
Net zaczął zwalniać.
Ewido
Outpost
PestPatrol
Tauscan
Spy Emergency 2005
Ad–aware
SpyBot
Kaspersky Anti–Virus
...i chyba systemowa zapora.
020 to pozostałość po Windows Genuine Advantage od M$ sprawdzającego legalność systemu.
Jeszcze jeden log.
Chodzi mi o pozycje:
Chodzi mi o pozycje:
O20 – Winlogon Notify: WgaLogon – WgaLogon.dll (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 13:41:35, on 2006–03–05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\Program Files\ewido anti–malware\ewidoguard.exe
C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Registry Defragmentation\RegManServ.exe
F:\TATA\PROGRAMY [instalki]\Alcochol\Alcohol 120\StarWind\StarWindService.exe
C:\WINDOWS\system32\wdfmgr.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe
C:\Program Files\PS Tray Factory\PSTrayFactory.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Beniamin\tguard.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\PROGRA~1\PESTPA~1\PPControl.exe
C:\PROGRA~1\PESTPA~1\PPMemCheck.exe
C:\PROGRA~1\PESTPA~1\CookiePatrol.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
C:\Program Files\Lavasoft\Ad–Aware SE Professional\Ad–Watch.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Rainlendar\Rainlendar.exe
C:\PROGRA~1\INCRED~1\bin\IMAPP.EXE
C:\WINDOWS\System32\alg.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Spybot – Search & Destroy\SpybotSD.exe
F:\TATA\PROGRAMY [instalki]\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.eu.microsoft.com/poland/
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsof
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: bho2gr Class – {31FF080D–12A3–439A–A2EF–4BA95A3148E8} – C:\Program Files\GetRight\xx2gr.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\Program Files\Spybot – Search & Destroy\SDHelper.dll
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Outpost Firewall] C:\Program Files\Agnitum\Outpost Firewall\outpost.exe /waitservice
O4 – HKLM\..\Run: [tguard] C:\Program Files\Beniamin\tguard.exe
O4 – HKLM\..\Run: [OutpostFeedBack] C:\PROGRA~1\AGNITUM\OUTPOS~1\feedback.exe /dump:os_startup
O4 – HKLM\..\Run: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.EXE /silent
O4 – HKLM\..\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 – HKLM\..\Run: [KAVPersonal50] "C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal Pro\kav.exe" /minimize
O4 – HKLM\..\Run: [PestPatrol Control Center] c:\PROGRA~1\PESTPA~1\PPControl.exe
O4 – HKLM\..\Run: [PPMemCheck] c:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 – HKLM\..\Run: [CookiePatrol] c:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\RunOnce: [TrayFactory] C:\Program Files\PS Tray Factory\PSTrayFactory.exe /start
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 – HKCU\..\Run: [IncrediMail] C:\Program Files\IncrediMail\bin\IncMail.exe /c
O4 – HKCU\..\Run: [SkinClock] C:\Program Files\Clock Tray Skins\ClockTraySkins.exe
O4 – HKCU\..\Run: [AWMON] "C:\Program Files\Lavasoft\Ad–Aware SE Professional\Ad–Watch.exe"
O4 – Startup: Rainlendar.lnk = C:\Program Files\Rainlendar\Rainlendar.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O6 – HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 – Extra context menu item: &Add animation to IncrediMail Style Box – C:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://F:\TATA\PROGRA~2\MICROS~1\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro – {44627E97–789B–40d4–B5C2–58BD171129A1} – C:\PROGRA~1\AGNITUM\OUTPOS~1\Plugins\BrowserBar\ie_bar.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – F:\TATA\PROGRA~2\MICROS~1\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{830D5614–FB07–463F–BFF2–E168D9824D93}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLM\System\CS1\Services\Tcpip\..\{830D5614–FB07–463F–BFF2–E168D9824D93}: NameServer = 194.204.152.34 217.98.63.164
O20 – Winlogon Notify: WgaLogon – WgaLogon.dll (file missing)
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: cFosSpeed System Service (cFosSpeedS) – Unknown owner – C:\Program Files\cFosSpeed\spd.exe" –service (file missing)
O23 – Service: ewido security suite control – ewido networks – C:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: ewido security suite guard – ewido networks – C:\Program Files\ewido anti–malware\ewidoguard.exe
O23 – Service: GhostStartService – Symantec Corporation – C:\Program Files\Symantec\Norton Ghost 2003\GhostStartService.exe
O23 – Service: kavsvc – Kaspersky Lab – C:\Program Files\Kaspersky Lab\Kaspersky Anti–Virus Personal Pro\kavsvc.exe
O23 – Service: BitDefender Desktop Update Service (LIVESRV) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe" /service (file missing)
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: Outpost Firewall Service (OutpostFirewall) – Agnitum Ltd. – C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
O23 – Service: Registry Management Service (RegManServ) – Unknown owner – C:\Program Files\Registry Defragmentation\RegManServ.exe
O23 – Service: StarWind iSCSI Service (StarWindService) – Rocket Division Software – F:\TATA\PROGRAMY [instalki]\Alcochol\Alcohol 120\StarWind\StarWindService.exe
O23 – Service: TuneUp WinStyler Theme Service (TUWinStylerThemeSvc) – TuneUp Software GmbH – C:\Program Files\TuneUp Utilities 2006\WinStylerThemeSvc.exe
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
O4 – HKCU\..\Run: [SpyEmergency] "C:\Program Files\Spy Emergency 2005\SpyEmergency.exe"
Radze odinstalować ten program, jest on wątpliwej reputacji :roll:
Start>>>uruchom>>msconfig>>zakładka uruchamianie
Odptaszkuj zbędne programy uruchamiające się przy starcie
Net zaczął zwalniać.Podejrzewam źe coś jest nie tak
Być moźe to wina Outposta, wyłącz go na moment i sprawdź.
Strona 1 / 1