Sprawdzisz mi loga?


(Baddogs) #1

Witam mam problem z wyskakującym okienkiem przy włączaniu firefoxa, miga mi tylko więc nie mogę zobaczyć co to jest, dla tego proszę o sprawdzenie, czy jest coś niepokojącego. dziękuję.

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 11:17:30, on 2009-01-05

Platform: Windows 2003 SP2 (WinNT 5.02.3790)

MSIE: Internet Explorer v7.00 (7.00.6000.16762)

Boot mode: Normal

Running processes:

C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe

C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_64server.exe

C:\WINDOWS\SysWOW64\ctfmon.exe

C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe

C:\Program Files\Logitech\SetPoint\x86\SetPoint32.exe

C:\Program Files (x86)\Last.fm\LastFM.exe

C:\Program Files (x86)\Gadu-Gadu\gg.exe

C:\Program Files (x86)\AIMP2\AIMP2.exe

C:\Program Files (x86)\Mozilla Firefox 3.1 Beta 2\firefox.exe

C:\Documents and Settings\Administrator\Desktop\HiJackThis\HijackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

F2 - REG:system.ini: UserInit=userinit

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll

O4 - HKLM..\Run: [soundMAXPnP] C:\Program Files (x86)\Analog Devices\Core\smax4pnp.exe

O4 - HKLM..\Run: [soundMAX] "C:\Program Files (x86)\Analog Devices\SoundMAX\Smax4.exe" /tray

O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files (x86)\AMD\Dual-Core Optimizer\amd_dc_opt.exe

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [ALLUpdate] "C:\Program Files (x86)\ALLPlayer\ALLUpdate.exe" "sleep"

O4 - HKUS\S-1-5-19..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')

O4 - HKUS\S-1-5-20..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')

O4 - HKUS\S-1-5-18..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')

O4 - HKUS\S-1-5-18..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')

O4 - HKUS.DEFAULT..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')

O4 - HKUS.DEFAULT..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')

O4 - Global Startup: AVerQuick.lnk = C:\Program Files (x86)\Common Files\AVerMedia\AVerQuick\AVerQuick.exe

O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\SetPoint.exe

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files (x86)\Java\jre1.6.0_07\bin\ssv.dll

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - (no file)

O15 - ESC Trusted Zone: http://runonce.msn.com

O17 - HKLM\System\CCS\Services\Tcpip..{136D71C1-529A-4FB2-9353-7CD599FD52C0}: NameServer = 10.1.0.11,10.1.0.32

O17 - HKLM\System\CS1\Services\Tcpip..{136D71C1-529A-4FB2-9353-7CD599FD52C0}: NameServer = 10.1.0.11,10.1.0.32

O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files (x86)\Common Files\Autodesk Shared\Service\AdskScSrv.exe

O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe (file missing)

O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe

O23 - Service: Eset Service (ekrn) - ESET - C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe

O23 - Service: Event Log (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)

O23 - Service: HTTP SSL (HTTPFilter) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)

O23 - Service: IMAPI CD-Burning COM Service (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe (file missing)

O23 - Service: mental ray 3.6 Satellite for Autodesk 3ds Max 2008 64-bit 64-bit (mi-raysat_3dsMax2008_64) - Unknown owner - C:\Program Files\Autodesk\3ds Max 2008\mentalray\satellite\raysat_3dsMax2008_64server.exe

O23 - Service: Distributed Transaction Coordinator (MSDTC) - Unknown owner - C:\WINDOWS\system32\msdtc.exe (file missing)

O23 - Service: Net Logon (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NT LM Security Support Provider (NtLmSsp) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: NVIDIA Display Driver Service (NVSvc) - Unknown owner - C:\WINDOWS\system32\nvsvc64.exe (file missing)

O23 - Service: Plug and Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe (file missing)

O23 - Service: IPSEC Services (PolicyAgent) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Protected Storage (ProtectedStorage) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: Security Accounts Manager (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)

O23 - Service: ServiceLayer - Nokia. - C:\Program Files (x86)\PC Connectivity Solution\ServiceLayer.exe

O23 - Service: Virtual Disk Service (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)

O23 - Service: Volume Shadow Copy (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe (file missing)

O23 - Service: WMI Performance Adapter (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe (file missing)

--

End of file - 6118 bytes


(Spandau) #2

Usuń te wpisy w HJT

Uruchom HijackThis - Do a system scan only - w oknie programu pokaże się log - zaznacz kratki przy podanych wpisach - klikasz Fix checked

Pobierz Combofix przeskanuj system i daj log na forum.

Loga wklej na www.wklejto.pl lub http://www.wklej.org/ a w poście daj tylko linka


(Agatonster) #3

baddog

Proszę zapoznać się z tematem Ważny komunikat dotyczący tytułowania tematów i poprawić tytuł na konkretny, mówiący o problemie. W celu dokonania zaleconej korekty - proszę użyć przycisku ac7a4cd89050aa6e.gif

Zignorowanie zalecenia będzie skutkowało usunięciem tematu do Kosza.

W związku ze zmianą, jaka obowiązuje przy wklejaniu logów w tym dziale, przeczytaj i zastosuj się do Tematu