Skan z HajackThis


(Maczo0111) #1

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:32:06, on 2012-01-19

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\AVAST Software\Avast\AvastSvc.exe

C:\WINDOWS\system32\RunDLL32.exe

C:\Program Files\AVAST Software\Avast\avastUI.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\WINDOWS\system32\ctfmon.exe

D:\Programy\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

C:\Program Files\McAfee Security Scan\2.0.181\SSScheduler.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\system32\wuauclt.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Program Files\Mozilla Firefox\plugin-container.exe

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/vlt/vlt_1326520735_849674

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/vlt/vlt_1326520735_849674

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.v9.com/vlt/vlt_1326520735_849674

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.v9.com/vlt/vlt_1326520735_849674

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,First Home Page = http://ie8.gazeta.pl/internet_explorer_8/0,0.html?ie=1

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Windows Internet Explorer dostarczony przez Gazeta.pl

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O3 - Toolbar: avast! WebRep - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui

O4 - HKLM..\Run: [Adobe Reader Speed Launcher] "D:\Programy\AdbeRdr\Reader\Reader_sl.exe"

O4 - HKLM..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [Creative Live! Cam Manager] "D:\Programy\Creative Live! Cam\Live! Cam Manager\CTLCMgr.exe"

O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU..\Run: [FreeRAM XP] "C:\Program Files\YourWare Solutions\FreeRAM XP Pro\FreeRAM XP Pro.exe" -win

O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe

O4 - Global Startup: McAfee Security Scan Plus.lnk = ?

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\Programy\OFFICE~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\Programy\OFFICE~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O17 - HKLM\System\CCS\Services\Tcpip..{0C29BE56-82B0-4BAE-8FAB-25DD0E347FB5}: NameServer = 62.233.233.233 87.204.204.204

O17 - HKLM\System\CS1\Services\Tcpip..{0C29BE56-82B0-4BAE-8FAB-25DD0E347FB5}: NameServer = 62.233.233.233 87.204.204.204

O17 - HKLM\System\CS2\Services\Tcpip..{0C29BE56-82B0-4BAE-8FAB-25DD0E347FB5}: NameServer = 62.233.233.233 87.204.204.204

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\2.0.181\McCHSvc.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe

--

End of file - 6101 bytes


(system) #2

zrób skanowanie

http://www.dobreprogramy.pl/Comodo-Clea ... 29620.html

podaj logi tak jak tutaj opisane

otl-gmer-rsit-dss-inne-instrukcje-t370405.html


(Agatonster) #3

maczo02 ,

Proszę zapoznać się z tematem i poprawić tytuł na konkretny, mówiący o problemie, w poście dokładnie opisać problem. W celu dokonania zaleconej korekty proszę użyć przycisku Edytuj przy poście otwierającym ten temat.

Wklejanie logów na forum - przeczytaj i zastosuj się do Tematu

Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.