CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Proszę o sprawdzenie mego LOGA

Proszę o sprawdzenie mego LOGA

a wiec wrzucam i tak prosze pisać jasno co mam zrobić np jak usunąć etc pozdro

Logfile of HijackThis v1.99.1
Scan saved at 00:37:33, on 2003–07–15
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\D–Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programy\Kaspersky\avpcc.exe
C:\Programy\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Realtek\Rtl8180\RtlWake.exe
C:\Programy\Kaspersky\avpcc.exe
C:\Programy\Kaspersky\avpm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Programy\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Programy\Peer2Mail\P2M.exe
C:\PROGRAMY\DAP\DAP.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Coach\Pulpit\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=217.17.41.72:80
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: FlashFXP Helper for Internet Explorer – {E5A1691B–D188–4419–AD02–90002030B8EE} – C:\Programy\FlashFXP\IEFlash.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Programy\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [THGuard] "C:\Programy\TrojanHunter 4.2\THGuard.exe"
O4 – HKLM\..\Run: [OfficeGuard RegChecker] C:\Programy\Kaspersky\ogrc.exe
O4 – HKLM\..\Run: [AVPCC] C:\Programy\Kaspersky\avpcc.exe /wait
O4 – HKLM\..\Run: [WinampAgent] C:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRAMY\DAP\DAP.EXE /STARTUP
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: RtlWake.lnk = ?
O8 – Extra context menu item: &Download with &DAP – C:\PROGRAMY\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRAMY\DAP\dapextie2.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRAMY\DAP\DAP.EXE
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O16 – DPF: {15AD6789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge–c18.cab
O16 – DPF: {42F2C9BA–614F–47C0–B3E3–ECFD34EED658} – http://www.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_22.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: AVP Control Centre Service (AVPCC) – Kaspersky Labs. – C:\Programy\Kaspersky\avpcc.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: KAV Monitor Service (KAVMonitorService) – Kaspersky Labs. – C:\Programy\Kaspersky\avpm.exe

Odpowiedzi: 4

coach14:
czy7 teraz ten log jest dobry??


Tak dobry.
Bobi
Dodano
13.07.2005 15:20:51
czy7 teraz ten log jest dobry??

Logfile of HijackThis v1.99.1
Scan saved at 13:18:01, on 2003–07–15
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\SYSTEM32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Programy\D–Tools\daemon.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\Programy\Kaspersky\avpcc.exe
C:\Programy\Winamp\winampa.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\PROGRAMY\DAP\DAP.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Realtek\Rtl8180\RtlWake.exe
C:\Programy\Kaspersky\avpcc.exe
C:\Programy\Kaspersky\avpm.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Programy\Gadu–Gadu\gg.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\Coach\Pulpit\HijackThis.exe

R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=217.17.41.72:80
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: FlashFXP Helper for Internet Explorer – {E5A1691B–D188–4419–AD02–90002030B8EE} – C:\Programy\FlashFXP\IEFlash.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Programy\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [THGuard] "C:\Programy\TrojanHunter 4.2\THGuard.exe"
O4 – HKLM\..\Run: [OfficeGuard RegChecker] C:\Programy\Kaspersky\ogrc.exe
O4 – HKLM\..\Run: [AVPCC] C:\Programy\Kaspersky\avpcc.exe /wait
O4 – HKLM\..\Run: [WinampAgent] C:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRAMY\DAP\DAP.EXE /STARTUP
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: RtlWake.lnk = ?
O8 – Extra context menu item: &Download with &DAP – C:\PROGRAMY\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRAMY\DAP\dapextie2.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRAMY\DAP\DAP.EXE
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_22.cab
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: AVP Control Centre Service (AVPCC) – Kaspersky Labs. – C:\Programy\Kaspersky\avpcc.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: KAV Monitor Service (KAVMonitorService) – Kaspersky Labs. – C:\Programy\Kaspersky\avpm.exe
coach14
Dodano
13.07.2005 15:18:40
dzięki wszytsko usuniete
coach14
Dodano
13.07.2005 13:35:58
Zaznaczasz w HJT i usuwasz, nie musisz kosić źadnych plików, usług więc to nic skomplikowanego

O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O16 – DPF: {15AD6789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge–c18.cab
O16 – DPF: {42F2C9BA–614F–47C0–B3E3–ECFD34EED658} – http://www.ysbweb.com/ist/softwares/v4.0/ysb_mp3.cab
Bobi
Dodano
13.07.2005 11:39:55
coach14
Dodano:
13.07.2005 02:40:03
Komentarzy:
4
Strona 1 / 1