CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Coś zwalnia ?–Log

Coś zwalnia ?–Log

Cześć.W ostatnich dniach mam problemy z otwieraniem stron www, w związku z tym prośba o sprawdzenie loga :
Logfile of HijackThis v1.99.0
Scan saved at 19:56:10, on 2005–02–05
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashserv.exe
C:WINDOWSsystem32oneLabsvsmon.exe
C:Program FilesAlwil SoftwareAvast4ashDisp.exe
C:WINDOWSSOUNDMAN.EXE
C:PROGRA~1NEOSTR~1CnxMon.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:PROGRA~1NEOSTR~1TaskbarIcon.exe
C:Program Filesone LabsoneAlarmzlclient.exe
C:Program FilesSamsungSamsung Optical Wheel Mousegnetmous.exe
C:WINDOWSmediakbd.exe
C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:Program FilesWinampwinampa.exe
D:Program FilesSpywareGuardsgmain.exe
D:Program FilesSpywareGuardsgbhp.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesNeostrada TPNeostradaTP.exe
C:Program FilesNeostrada TPComComp.exe
C:Program FilesNeostrada TPWatch.exe
C:Program FilesInternet Exploreriexplore.exe
D:hijackthisHijackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl/
R0 – HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – C:PROGRA~1NEOSTR~1SEARCH~1.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 – BHO: SpywareGuard Download Protection – {4A368E80–174F–4872–96B5–0B27DDD11DB2} – D:Program FilesSpywareGuarddlprotect.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – D:PROGRA~1SPYBOT~1SDHelper.dll
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:PROGRA~1FlashGetjccatch.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:program filesgooglegoogletoolbar1.dll
O3 – Toolbar: Easy–WebPrint – {327C2873–E90D–4c37–AA9D–10AC9BABA46C} – C:Program FilesCanonEasy–WebPrintToolband.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:program filesgooglegoogletoolbar1.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – C:PROGRA~1FlashGetfgiebar.dll
O4 – HKLM..Run: [avast!] C:Program FilesAlwil SoftwareAvast4ashDisp.exe
O4 – HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe
O4 – HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 – HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exe
O4 – HKLM..Run: [Zone Labs Client] "C:Program Filesone LabsoneAlarmzlclient.exe"
O4 – HKLM..Run: [Gnetmous] C:Program FilesSamsungSamsung Optical Wheel Mousegnetmous.exe
O4 – HKLM..Run: [zSPGuard] d:program filespjwspguardspguard.exe /s /r
O4 – HKLM..Run: [MediaKeybd] C:WINDOWSmediakbd.exe
O4 – HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" –osboot
O4 – HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 – HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKCU..Run: [Komunikator] D:Program FilesTlen.pl len.exe
O4 – Startup: SpywareGuard.lnk = D:Program FilesSpywareGuardsgmain.exe
O8 – Extra context menu item: &Google Search – res://C:Program FilesGoogleGoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward &Links – res://C:Program FilesGoogleGoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:Program FilesGoogleGoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Si&milar Pages – res://C:Program FilesGoogleGoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://C:Program FilesGoogleGoogleToolbar1.dll/cmtrans.html
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:Program FilesFlashGetjc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:Program FilesFlashGetjc_all.htm
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – C:PROGRA~1FlashGetflashget.exe
O16 – DPF: ppctlcab – http://ppupdates.ca.com/downloads/scanner/ppctlcab.cab
O16 – DPF: {2BC66F54–93A8–11D3–BEB6–00105AA9B6AE} (Symantec AntiVirus scanner) – http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 – DPF: {2FC9A21E–2069–4E47–8235–36318989DB13} (PPSDKActiveXScanner.MainScreen) – http://ppupdates.ca.com/downloads/scanner/axscanner.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1103466249106
O16 – DPF: {644E432F–49D3–41A1–8DD5–E099162EEEC5} (Symantec RuFSI Utility Class) – http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 – DPF: {8EB3FF4E–86A1–4717–884D–7BA2D38272CB} (F–Secure Online Scanner) – http://support.f–secure.com/ols/fscax.cab
O16 – DPF: {917623D1–D8E5–11D2–BE8B–00104B06BDE3} (CamImage Class) – http://217.113.232.11/activex/AxisCamControl.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLMSystemCCSServicesTcpip..{42D46B54–C46C–4FA0–9C11–800905D7273F}: NameServer = 194.204.152.34 217.98.63.164
O17 – HKLMSystemCS1ServicesTcpip..{42D46B54–C46C–4FA0–9C11–800905D7273F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: avast! iAVS4 Control Service – Unknown – C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown – C:Program FilesAlwil SoftwareAvast4ashserv.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 – Service: TrueVector Internet Monitor – Zone Labs Inc. – C:WINDOWSsystem32oneLabsvsmon.exe

Odpowiedzi: 1

W zasadzie jest czysto poza tym :

C:WINDOWSmediakbd.exe
O4 – HKLM..Run: [MediaKeybd] C:WINDOWSmediakbd.exe

Nie wiadomo co to jest.
Niby wygląda na jakąś klawiaturę multimedialną ale raczej to jakiś śmieć.
Jeźeli teź nie wiesz wywal.
Moźesz teź pozbyć się toolbarów Google ale to twój wybór.

MarcinX

Dodano: 05.02.2005 21:20:00

krzychu.46

Dodano:: 05.02.2005 21:01:42
Komentarzy:: 1

Strona 1 / 1