kebislaw
(Kebi8)
25 Sierpień 2007 09:46
#1
Witam wszystkich mam taki problem a raczej pytanie. Czy moze mi ktos sprawdzic moje logi z HIJACK THIS. Chce poprostu wiedziec czy sa tam jakies procesy ktorych nie powinno byc oraz ewentualnie jakich procesow ,wpisow moge sie pozbyc aby przyspieszyc dzialanie kompa.
Oto logi:
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 11:45:35, on 2007-08-25 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v7.00 (7.00.6000.16512) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe F:\Antywirus\AntiVir PersonalEdition Classic\avguard.exe F:\Antywirus\AntiVir PersonalEdition Classic\sched.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe F:\Firewall\Kerio\Personal Firewall 4\kpf4ss.exe F:\Programy\Norton Ghost\Agent\VProSvc.exe F:\Firewall\Kerio\Personal Firewall 4\kpf4gui.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\oodag.exe C:\Program Files\Cyberlink\Shared files\RichVideo.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\Explorer.EXE F:\Firewall\Kerio\Personal Firewall 4\kpf4gui.exe F:\Antywirus\AntiVir PersonalEdition Classic\avgnt.exe C:\Program Files\Analog Devices\SoundMAX\SMTray.exe F:\Programy\DAP\DAP.EXE F:\Programy\Java\jre1.6.0_02\bin\jusched.exe F:\Programy\Norton Ghost\Agent\VProTray.exe F:\Programy\CyberLink\PowerDVD\PDVDServ.exe C:\WINDOWS\system32\RUNDLL32.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE F:\Programy\MICROS~1\Office12\OUTLOOK.EXE C:\Program Files\Internet Explorer\IEXPLORE.EXE F:\Programy\Trend Micro\HijackThis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O1 - Hosts: 66.98.148.65 auto.search.msn.com O1 - Hosts: 66.98.148.65 auto.search.msn.es O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - F:\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - F:\Programy\Java\jre1.6.0_02\bin\ssv.dll O4 - HKLM…\Run: [avgnt] “F:\Antywirus\AntiVir PersonalEdition Classic\avgnt.exe” /min O4 - HKLM…\Run: [smapp] C:\Program Files\Analog Devices\SoundMAX\SMTray.exe O4 - HKLM…\Run: [DownloadAccelerator] “F:\Programy\DAP\DAP.EXE” /STARTUP O4 - HKLM…\Run: [sunJavaUpdateSched] “F:\Programy\Java\jre1.6.0_02\bin\jusched.exe” O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe O4 - HKLM…\Run: [Windows Defender] “F:\Programy\Windows Defender\MSASCui.exe” -hide O4 - HKLM…\Run: [Norton Ghost 12.0] “F:\Programy\Norton Ghost\Agent\VProTray.exe” O4 - HKLM…\Run: [RemoteControl] F:\Programy\CyberLink\PowerDVD\PDVDServ.exe O4 - HKLM…\Run: [LanguageShortcut] F:\Programy\CyberLink\PowerDVD\Language\Language.exe O4 - HKLM…\Run: [OODefragTray] C:\WINDOWS\system32\oodtray.exe O4 - HKLM…\Run: [QuickTime Task] “F:\Programy\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’) O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’) O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’) O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’) O4 - Global Startup: Adobe Reader Speed Launch.lnk = F:\Programy\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = F:\Programy\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: EPSON Status Monitor 3 Environment Check 2.lnk = C:\WINDOWS\system32\spool\drivers\w32x86\3\E_SRCV02.EXE O8 - Extra context menu item: &Clean Traces - F:\Programy\DAP\Privacy Package\dapcleanerie.htm O8 - Extra context menu item: &D&ownload &with BitComet - res://F:\Programy\BitComet\BitComet.exe/AddLink.htm O8 - Extra context menu item: &D&ownload all video with BitComet - res://F:\Programy\BitComet\BitComet.exe/AddVideo.htm O8 - Extra context menu item: &D&ownload all with BitComet - res://F:\Programy\BitComet\BitComet.exe/AddAllLink.htm O8 - Extra context menu item: &Download with &DAP - F:\Programy\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - F:\Programy\DAP\dapextie2.htm O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\Programy\MICROS~1\Office12\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programy\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Programy\Java\jre1.6.0_02\bin\ssv.dll O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programy\MICROS~1\Office12\ONBttnIE.dll O9 - Extra ‘Tools’ menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - F:\Programy\MICROS~1\Office12\ONBttnIE.dll O9 - Extra button: BitComet Search - {461CC20B-FB6E-4f16-8FE8-C29359DB100E} - F:\Programy\BitComet\tools\BitCometBHO_1.1.7.4.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - F:\Programy\MICROS~1\Office12\REFIEBAR.DLL O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll ,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso … 5260841546 O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s … wflash.cab O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - F:\Antywirus\AntiVir PersonalEdition Classic\sched.exe O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - F:\Antywirus\AntiVir PersonalEdition Classic\avguard.exe O23 - Service: ##Id_String1 .6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - F:\Firewall\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: NBService - Nero AG - F:\Programy\Nero 7\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe O23 - Service: Norton Ghost - Symantec Corporation - F:\Programy\Norton Ghost\Agent\VProSvc.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
–
End of file - 9370 bytes
Z gory dziekuje!
squeet
(squeet)
25 Sierpień 2007 11:44
#3
kebislaw witaj na Forum. Proszę o lekturę poniższych tematów:
http://forum.dobreprogramy.pl/viewtopic.php?t=36654
http://forum.dobreprogramy.pl/viewtopic.php?t=66889
Logi wstawiamy w tagach quote . Powyższe już sformatowałem, następne wklejaj już poprawnie.
kebislaw
(Kebi8)
25 Sierpień 2007 12:14
#4
mam rozumiec ze poza tymi dwoma wpisami jest wszystko OK
boczi
(boczi)
25 Sierpień 2007 12:17
#5
kebislaw proszę zastosować się do poleceń Moderatora.