Proszę o pomoc w lagach! :)


(Duparomana914) #1

Logfile of Trend Micro HijackThis v2.0.4

Scan saved at 22:33:34, on 2013-08-07

Platform: Windows 7 SP1 (WinNT 6.00.3505)

MSIE: Internet Explorer v10.0 (10.00.9200.16635)

FIREFOX: 23.0 (pl)

Boot mode: Normal

Running processes:

C:\Windows\system32\Dwm.exe

C:\Windows\Explorer.EXE

C:\Program Files\AVAST Software\Avast\AvastUI.exe

C:\Program Files\AVG Secure Search\vprot.exe

C:\Program Files\Ask.com\Updater\Updater.exe

C:\Windows\System32\rundll32.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Windows\system32\DllHost.exe

C:\Program Files\Windows Media Player\wmplayer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_11_7_700_224.exe

C:\Users\KORDIAN\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1373100432

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://feed.snap.do/?publisher=QuickOB& ... type=ds&q={searchTerms}&installDate=01/01/1970

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://feed.snap.do/?publisher=QuickOB& ... type=ds&q={searchTerms}&installDate=01/01/1970

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www1.delta-search.com/?babsrc=HP ... 8&tsp=4963

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.delta-homes.com/?utm_source= ... 1373100432

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.delta-homes.com/?utm_source= ... 1373100432

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,Default_Search_URL = http://feed.snap.do/?publisher=QuickOB& ... type=ds&q={searchTerms}&installDate=01/01/1970

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://feed.snap.do/?publisher=QuickOB& ... type=ds&q={searchTerms}&installDate=01/01/1970

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =

R3 - URLSearchHook: UrlSearchHook Class - {00000000-6E41-4FD3-8538-502F5495E5FC} - C:\Program Files\Ask.com\GenericAskToolbar.dll

R3 - URLSearchHook: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: CrossriderApp0035382 - {11111111-1111-1111-1111-110311531182} - C:\Program Files\hosts\hosts-bho.dll

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files\mixidj\mixidj\1.8.18.8\bh\mixidj.dll

O2 - BHO: HelloWorldBHO - {7825CFB6-490A-436B-9F26-4A7B5CFC01A9} - C:\Program Files\OApps\SelectionLinks.dll

O2 - BHO: IEExtension.VDownloaderBHO - {7b523e7c-f096-4e36-a0cb-7efeb5c675c1} - mscoree.dll (file missing)

O2 - BHO: DefaultTabBHO - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\KORDIAN\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll

O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

O2 - BHO: DealPly Shopping - {9cf699ca-2174-4ed8-bec1-ba82095edce0} - C:\Program Files\DealPly\DealPlyIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll

O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O2 - BHO: holasearch Helper Object - {DFF9B2DA-EF99-4B26-83CB-7058299999D8} - C:\Program Files\holasearch\holasearch\1.8.16.16\bh\holasearch.dll

O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files\AVG Secure Search\15.2.0.5\AVG Secure Search_toolbar.dll

O3 - Toolbar: (no name) - {ae07101b-46d4-4a98-af68-0333ea26e113} - (no file)

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Ask Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll

O3 - Toolbar: DigitalPowered Toolbar - {b317125e-2f10-4388-bf1f-2c31c6cd89ed} - C:\Program Files\DigitalPowered\tbDigi.dll

O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll

O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {ec2bae47-25af-4ce9-9e78-10627a49c9ea} - C:\PROGRA~1\MOVIES~1\Datamngr\SRTOOL~2\IE\searchresultsDx.dll

O3 - Toolbar: Holasearch Toolbar - {C510DFFB-0AFE-484C-BA40-CED5B74C4EEF} - C:\Program Files\holasearch\holasearch\1.8.16.16\holasearchTlbr.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.22.0\deltaTlbr.dll

O4 - HKLM..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM..\Run: [vProt] "C:\Program Files\AVG Secure Search\vprot.exe"

O4 - HKLM..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"

O4 - HKCU..\Run: [EA Core] "C:\Program Files\Electronic Arts\EADM\Core.exe" -silent

O4 - HKCU..\Run: [ChomikBox] C:\Program Files\ChomikBox\chomikbox.exe

O4 - HKCU..\Run: [uTorrent] "C:\Users\KORDIAN\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED

O4 - HKCU..\Run: [Tiny download manager] "C:\Users\KORDIAN\AppData\Local\DM\TinyDM.exe" /M

O4 - HKCU..\Run: [GG] "C:\Users\KORDIAN\AppData\Local\GG\Application\gghub.exe"

O4 - HKCU..\Run: [HideMyIP] C:\Program Files\Hide My IP\HideMyIP.exe

O4 - HKCU..\Run: [ares] "C:\Program Files\Ares\Ares.exe" -h

O4 - HKCU..\Run: [sDP] C:\Users\KORDIAN\AppData\Local\FilesFrog Update Checker\update_checker.exe /auto

O4 - HKCU..\Run: [NTRedirect] C:\Windows\system32\rundll32.exe "C:\Users\KORDIAN\AppData\Roaming\BabSolution\Shared\NTRedirect.dll",Run

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O9 - Extra 'Tools' menuitem: @C:\Program Files\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O10 - Unknown file in Winsock LSP: c:\program files\common files\microsoft shared\windows live\wlidnsp.dll

O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics

O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\15.4.0\ViProtocol.dll

O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

O20 - AppInit_DLLs: C:\PROGRA~2\Wincert\WIN32C~1.DLL c:\progra~2\browse~1\261519~1.190{c16c1~1\browse~1.dll

O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: BrowserDefendert - Unknown owner - C:\ProgramData\BrowserDefender\2.6.1519.190{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserDefender.exe

O23 - Service: CyberGhost VPN Client (CGVPNCliSrvc) - mobile concepts GmbH - C:\Program Files\CyberGhost VPN\CGVPNCliService.exe

O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files\Movies Toolbar\Datamngr\DatamngrCoordinator.exe

O23 - Service: UsA‚uga DealPly Live (dealplylive) (dealplylive) - DealPly Technologies Ltd - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe

O23 - Service: UsA‚uga DealPly Live (dealplylivem) (dealplylivem) - DealPly Technologies Ltd - C:\Program Files\DealPlyLive\Update\DealPlyLive.exe

O23 - Service: DefaultTabSearch - Unknown owner - C:\Program Files\DefaultTab\DefaultTabSearch.exe

O23 - Service: DefaultTabUpdate - Unknown owner - C:\Users\KORDIAN\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe

O23 - Service: eSafe Service (eSafeSvc) - eSafe Security Co., Ltd. - C:\ProgramData\eSafe\eSafeSvc.exe

O23 - Service: Usługa Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Usługa Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe

O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe

O23 - Service: Mutual Monitor - Unknown owner - C:\Program Files\mutualpublic\Monitor.exe

O23 - Service: vToolbarUpdater15.4.0 - Unknown owner - C:\Program Files\Common Files\AVG Secure Search\vToolbarUpdater\15.4.0\ToolbarUpdater.exe

O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe

Jeśli coś źle skopiowałem to proszę mówić, poprawię :slight_smile:


(Semtex) #2

Witaj, popraw proszę tytuł tematu tak aby wstępnie informował o problemie, użyj przycisku EDYTUJ , który znajdziesz w prawym górnym rogu Swojego posta. Dobrze zatytułowany temat daje szansę na szybszą pomoc. Dziękuję za uwagę.

Poza tym, wklejamy logi OTL w/g tej instrukcji: analiza-dezynfekcja-zestaw-narzedzi-nieingerencyjnych-t485632.html , proszę się zastosować, edytować post, usunąć bezużyteczny log, podać link do nowych logów.