Witam.Czy mógłby mi ktoś zbadać logi z HiJacka?Czy jest coś podejrzanego?
Kod:
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:18:12, on 2016-05-06
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
CHROME: 49.0.2623.112
FIREFOX: 4.0.1 (pl)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\RTHDCPL.EXE
H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
H:\WINDOWS\system32\msiexec.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
H:\Program Files\Common Files\Java\Java Update\jusched.exe
H:\WINDOWS\V0420Mon.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\WINDOWS\Installer\{00580CE5-A1C3-5296-8E22-98176DD2441C}\syshost.exe
H:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
H:\Program Files\Skype\Phone\Skype.exe
H:\Documents and Settings\abc\Dane aplikacji\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe
H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
H:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Common Files\LightScribe\LSSrvc.exe
H:\Program Files\Sony\Shared Plug-Ins\Media Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
H:\WINDOWS\system32\msiexec.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Program Files\Common Files\Java\Java Update\jucheck.exe
J:\program files\xp-AntiSpy\xp-AntiSpy.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
H:\Documents and Settings\abc\Moje dokumenty\Downloads\HijackThis_2.0.4.exe
H:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.yahoo.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bigseekpro.com/hypercam/{DFCC545F-C246-4771-A200-503088F7124C}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - H:\PROGRA~1\MICROS~2\Office14\GROOVEEX.DLL
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - H:\Program Files\Java\jre7\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - H:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - H:\Program Files\Java\jre7\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - H:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: &Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - H:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_6_0_1.dll
O3 - Toolbar: AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - H:\Program Files\AVG Secure Search\13.2.0.4\AVG Secure Search_toolbar.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [HP Software Update] H:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [APSDaemon] "H:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [VirtualCloneDrive] "H:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s
O4 - HKLM\..\Run: [BCSSync] "H:\Program Files\Microsoft Office\Office14\BCSSync.exe" /DelayServices
O4 - HKLM\..\Run: [SunJavaUpdateSched] "H:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKLM\..\Run: [V0420Mon.exe] H:\WINDOWS\V0420Mon.exe
O4 - HKLM\..\Run: [Adobe ARM] "H:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [syshost32] H:\WINDOWS\Installer\{00580CE5-A1C3-5296-8E22-98176DD2441C}\syshost.exe
O4 - HKLM\..\Run: [DLLSuite2016] J:\program files\DLL Suite\DLLSuite.exe
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "H:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [Google Update] "H:\Documents and Settings\abc\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OfficeSyncProcess] "H:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
O4 - HKCU\..\Run: [Skype] "H:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [UFDtoGOLaunch] H:\Documents and Settings\abc\Dane aplikacji\CoSoSys\UFDtoGO\UFDtoGOLaunch.exe
O4 - HKLM\..\Policies\Explorer\Run: [274798593] "H:\Documents and Settings\All Users\msfpbsov.exe"
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: UniSpiker-2.6.lnk = H:\Program Files\ivo\UniSpiker-2.6\uni_spiker-2.6.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = H:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://H:\PROGRA~1\MICROS~2\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Wyślij &do programu OneNote - res://H:\PROGRA~1\MICROS~2\Office14\ONBttnIE.dll/105
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - H:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: &Notatki połączone programu OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - H:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: (no name) - {a9ff5a45-b433-4940-9299-de737a9c11f6} - H:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - H:\Program Files\Common Files\AVG Secure Search\ViProtocolInstaller\13.2.0\ViProtocol.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - H:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O22 - SharedTaskScheduler: Moduł wstępnego ładowania interfejsu Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - H:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Demon buforu kategorii składników - {8C7461EF-2B13-11d2-BE35-3078302C2030} - H:\WINDOWS\system32\browseui.dll
O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - H:\WINDOWS\ATKKBService.exe
O23 - Service: Zapora AVG (avgfws) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2014\avgfws.exe
O23 - Service: AVG WatchDog (avgwd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG2014\avgwdsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - H:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
--
End of file - 9835 bytes