Sprawdzenie loga


(Midgard6) #1

Był długi start systemu i przeglądarki (dzisiaj jest lepiej)

Logfile of Trend Micro HijackThis v2.0.5

Scan saved at 10:35:43, on 2013-08-06

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

CHROME: 24.0.1312.57

FIREFOX: 22.0 (pl)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\ibmpmsvc.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\Ati2evxx.exe

C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe

C:\Program Files\Java\jre7\bin\jqs.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

C:\Program Files\Motorola\MotoHelper\MotoHelperAgent.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\Program Files\Alwil Software\Avast5\avastUI.exe

C:\Program Files\Outlook Express\msimn.exe

C:\Program Files\Common Files\Java\Java Update\jusched.exe

C:\PROGRA~1\HDTUNE~1\HDTune.exe

C:\Program Files\Messenger\msmsgs.exe

D:\MyHeritage\Bin\FTBCheckUpdates.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe

C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

C:\Program Files\PC Connectivity Solution\Transports\NclUSBSrv.exe

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Program Files\Internet Explorer\IEXPLORE.EXE

C:\Documents and Settings\XP\Ustawienia lokalne\Temporary Internet Files\Content.IE5\A36KETI5\HijackThis[1].exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.gazeta.pl/0,0.html?p=128

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = fastun.com:7000

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 192.168.*.*;

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.0.318\McAfeeMSS_IE.dll

O2 - BHO: mixidj Helper Object - {4D6A9BBF-402C-4301-B1EF-28D04F71D761} - C:\Program Files\mixidj\mixidj\1.8.18.8\bh\mixidj.dll (file missing)

O2 - BHO: Lyrmix - {5AF86092-4118-405C-AA1B-3CE1324F051A} - C:\Program Files\Lyrmix\125.dll (file missing)

O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll

O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - (no file)

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.8313.1002\swg.dll

O2 - BHO: delta Helper Object - {C1AF5FA5-852C-4C90-812E-A7F75E011D87} - C:\Program Files\Delta\delta\1.8.22.0\bh\delta.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\XP\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll

O2 - BHO: SimpleAdblock Class - {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Common Files\Simple Adblock\SimpleAdblock.dll

O3 - Toolbar: (no name) - {5911488E-9D1E-40ec-8CBB-06B231CC153F} - (no file)

O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll

O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll

O3 - Toolbar: Delta Toolbar - {82E1477C-B154-48D3-9891-33D83C26BCD3} - C:\Program Files\Delta\delta\1.8.22.0\deltaTlbr.dll (file missing)

O3 - Toolbar: MixiDJ Toolbar - {CA9B9C89-4662-4ADC-9C23-A452BECD5D19} - C:\Program Files\mixidj\mixidj\1.8.18.8\mixidjTlbr.dll (file missing)

O4 - HKLM..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui

O4 - HKLM..\Run: [TrackPointSrv] C:\Program Files\Lenovo\TrackPoint\tp4serv.exe

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"

O4 - HKLM..\Run: [HD Tune] C:\PROGRA~1\HDTUNE~1\HDTune.exe

O4 - HKLM..\Run: [Family Tree Builder Update] D:\MyHeritage\Bin\FTBCheckUpdates.exe

O4 - HKLM..\Run: [ATIModeChange] Ati2mdxx.exe

O4 - HKCU..\Run: [swg] "C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe"

O4 - HKCU..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [RDReminder] C:\Program Files\RegClean Pro\RegCleanPro.exe -rem

O4 - HKCU..\Run: [NTRedirect] C:\WINDOWS\system32\rundll32.exe "C:\Documents and Settings\XP\Dane aplikacji\BabSolution\Shared\NTRedirect.dll",Run

O4 - HKCU..\Run: [NokiaSuite.exe] C:\Program Files\Nokia\Nokia Suite\NokiaSuite.exe -tray

O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKUS\S-1-5-19..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.0.318\SSScheduler.exe

O9 - Extra button: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra 'Tools' menuitem: Skype Plug-In - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\WINDOWS\system32\shdocvw.dll

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra button: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: Tłumacz na angielski - {CCCE5D70-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra button: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: Tłumacz na polski - {CCCE5D71-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra button: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: Zachowaj przetłumaczoną stronę - {CCCE5D72-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra button: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O9 - Extra 'Tools' menuitem: Opcje - {CCCE5D73-9AA2-40F1-9C6B-12A255F08500} - C:\WINDOWS\system32\shdocvw.dll (HKCU)

O15 - Trusted Zone: http://www.mks.com.pl

O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} - http://appldnld.apple.com.edgesuite.net ... plugin.cab

O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} - http://www.caminova.net/ja/downloads/ge ... px?lang=pl

O16 - DPF: {2DAD3559-2923-4935-AD49-B673D2539944} (IASRunner Class) - http://www-307.ibm.com/pc/support/acpir.cab

O16 - DPF: {30A3CCA5-F34C-4E87-BB57-5A2F2C935E14} (AMI DicomDir TreeView Control 2.0) - file:///E:/CDVIEWER/CdViewer.cab

O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.1.cab

O16 - DPF: {6218F7B5-0D3A-48BA-AE4C-49DCFA63D400} (CSEQueryObject Object) - http://www.myheritage.pl/Genoogle/Compo ... eQuery.dll

O16 - DPF: {74FFE28D-2378-11D5-990C-006094235084} (IBM Access Support) - https://www-307.ibm.com/pc/support/IbmEgath.cab

O16 - DPF: {76B8A0E5-2705-46E2-8793-7BF7B2E3BDA2} (EpuapSignAX Control) - https://hetman.epuap.gov.pl/DracoEngine ... apSign.cab

O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B06BDE3} (CamImage Class) - http://blue.net.pl/kamery/activex/AxisCamControl.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s ... wflash.cab

O16 - DPF: {EF58E341-49C3-4156-A3C4-5FFCA7C1EAB7} (EURAS_Portal.Gateway) - http://www.euras.com/euras/EIS/plugin/euras.cab

O16 - DPF: {FAA26872-BB40-4AB2-8A6D-A49183581AAA} (TSBnwCam Control) - http://78.133.244.19:84/user/TSBnwCam.CAB

O18 - Protocol: jpip - {B92DD248-E3D5-4A92-B311-C9B841681455} - (no file)

O18 - Protocol: sidlet - {B92DD248-E3D5-4A92-B311-C9B841681455} - (no file)

O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - (no file)

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\Skype4COM.dll

O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll

O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll

O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe

O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe

O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe

O23 - Service: DeviceMonitorService - Nero AG - C:\Program Files\Motorola Media Link\Lite\NServiceEntry.exe

O23 - Service: IBM PM Service (IBMPMSVC) - Unknown owner - C:\WINDOWS\system32\ibmpmsvc.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Oracle Corporation - C:\Program Files\Java\jre7\bin\jqs.exe

O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.0.318\McCHSvc.exe

O23 - Service: MotoHelper Service (MotoHelper) - Unknown owner - C:\Program Files\Motorola\MotoHelper\MotoHelperService.exe

O23 - Service: VuuPC RemoteEngine Service (RemoteEngineService) - Unknown owner - C:\Program Files\VuuPC\remoteengine.exe (file missing)

O23 - Service: ServiceLayer - Nokia - C:\Program Files\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe

O23 - Service: Updater Service for StartNow Toolbar - Unknown owner - C:\Program Files\StartNow Toolbar\ToolbarUpdaterService.exe

O23 - Service: VuuPC Connectivity (VuuPCConnectivity) - Unknown owner - C:\Program Files\VuuPC\Connectivity.exe (file missing)

--

End of file - 12490 bytes


(Semtex) #2

Proszę zamieścić prawidłowe logi, HjT to za mało, Logi wklejamy na wklej.org na forum dajemy link, proszę też poprawić tytuł na mówiący wstępnie o problemie.

analiza-dezynfekcja-zestaw-narzedzi-nieingerencyjnych-t485632.html