Komp wiesza się


(system) #1

Witam

Mam Windows Millenium 4.90.3000 oraz IE 6.0.2800.1106.

Komp bardzo źle chodzi. Przeglądarka wiesza się podczas otwierania stron, czasami znikają wiadomości z poczty. Podejrzewam szodliwe oprogamowanie, ale niestety sam sobie z tym nie poradzę. Załączam loga HijacThis i proszę o pomoc.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 12:44:10, on 2007-12-19

Platform: Windows ME (Win9x 4.90.3000)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Boot mode: Normal


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\SPOOL32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\PROGRAM FILES\LOGMEIN\X86\LOGMEIN.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\VIA\RAID\RAID_TOOL.EXE

C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4PNP.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\WINDOWS\SYSTEM\VTTIMER.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\QTTASK.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\LOGMEIN\LOGMEINSYSTRAY.EXE

C:\WINDOWS\RunDLL.exe

C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\TREND MICRO\HIJACKTHIS\HIJACKTHIS.EXE

C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL (file missing)

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [internat.exe] internat.exe

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [RaidTool] C:\Program Files\VIA\RAID\raid_tool.exe

O4 - HKLM\..\Run: [SoundMAXPnP] C:\Program Files\Analog Devices\SoundMAX\SMax4PNP.exe

O4 - HKLM\..\Run: [SoundMax] "C:\PROGRAM FILES\ANALOG DEVICES\SOUNDMAX\SMAX4.EXE" /tray

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [VTTrayp] VTtrayp.exe

O4 - HKLM\..\Run: [VTTimer] VTTimer.exe

O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize

O4 - HKLM\..\Run: [nwiz] nwiz.exe /install

O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime

O4 - HKLM\..\Run: [LogMeIn GUI] "C:\PROGRAM FILES\LOGMEIN\LogMeInSystray.exe"

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKLM\..\RunServices: [LogMeIn] "C:\PROGRAM FILES\LOGMEIN\x86\LogMeIn.exe"

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU\..\Run: [Odkurzacz-MCD] C:\PROGRAM FILES\ODKURZACZ\odk_mcd.exe

O4 - HKUS\.DEFAULT\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY (User 'Default user')

O4 - HKUS\.DEFAULT\..\Run: [Odkurzacz-MCD] C:\PROGRAM FILES\ODKURZACZ\odk_mcd.exe (User 'Default user')

O4 - .DEFAULT Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE (User 'Default user')

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE

O16 - DPF: {CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA} (Java Runtime Environment 1.3.1_12) - https://www.otsa.centertel.pl/plugin/j2re-1_3_1_12-windows-i586-i.exe

O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) - 

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_28.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_28.cab

O16 - DPF: {A6916797-7ABD-4F07-93AE-098B6F543129} (CO2Player Class) - http://lemontv.pl/lmctrlp.cab

O16 - DPF: {5DA9D8E0-5A57-11CF-9E36-00C0930198C0} (Pegasus ImagN' 32-bit (Windowed) ActiveX Control v4.00) - http://83.15.247.122/LNetCam.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://80.245.179.170/activex/AxisCamControl.cab

O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://195.140.237.243/activex/AMC.cab

O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1

O24 - Desktop Component 0: (no name) - file:///C:/WINDOWS/TEMP/msohtml1/01/clip_image002.jpg

O24 - Desktop Component 1: (no name) - http://mail10.tlen.pl/?cmd=getpart&link=01nyHgFkkonFpMzB01QAlZSjkkfEQ8QAwkAAlFWbpDSZjGGcUDAAkkFSltTTkbDO2KlSlrAA


--

End of file - 5247 bytes

(Gutek) #2

możesz usunąć wpisy HJT

Optymalizacja Windows Me: http://www.searchengines.pl/phpbb203/in ... topic=4617