Forum: HiJackThis - pomoc w diagnozie loga

HiJackThis - pomoc w diagnozie loga

Witam,

wykonałem wlasnie okresowy skan kompa, ogólnie żadnych niepokojących objawów nie mam, ale zwróciłem uwage na pewne wpisy, które są pogrubioną czcionką. Czy to coś niebezpiecznego? Malwarebytes, Ad-Aware, kaspersky i SpyBot niczego nie wykryły.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 15:07:17, on 04/03/2012
Platform: Windows Vista SP2 (WinNT 6.00.1906)
MSIE: Internet Explorer v9.00 (9.00.8112.16421)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
G:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe
C:\Program Files\amBX\Effects\amBX Event Manager.exe
C:\Program Files (x86)\amBX\Illuminate\Illuminate.exe
C:\Program Files\amBX\Gaming FXGen\win32\amBXFxGen.exe
C:\Program Files (x86)\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
O1 - Hosts: ::1 localhost
O1 - Hosts: 67.215.245.19 www.google-analytics.com.
O1 - Hosts: 67.215.245.19 ad-emea.doubleclick.net.
O1 - Hosts: 67.215.245.19 www.statcounter.com.
O1 - Hosts: 108.163.215.51 www.google-analytics.com.
O1 - Hosts: 108.163.215.51 ad-emea.doubleclick.net.
O1 - Hosts: 108.163.215.51 www.statcounter.com.
O2 - BHO: Pomocnik logowania za pomoc1 identyfikatora Windows Live - ‹9030D464-4C02-4ABF-8ECC-5164760863C6› - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: URLRedirectionBHO - ‹B4F3A835-0E21-4959-BA22-42B3008E02FF› - C:\PROGRA~2\Microsoft Office\Office14\URLREDIR.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - ‹DBC80044-A445-435b-BC74-9C25C1C588A9› - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O2 - BHO: IplexToALLPlayer - ‹DF925EF3-7A87-44E4-9CAF-8D7B280BF616› - C:\PROGRA~2\ALLPLA~1\Iplex\IPLEXT~1.DLL
O4 - HKCU\..\Run: [DAEMON Tools Lite] "G:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - Global Startup: amBX Effects.lnk = C:\Program Files\amBX\Effects\amBX Event Manager.exe
O4 - Global Startup: amBX Illuminate.lnk = C:\Program Files (x86)\amBX\Illuminate\Illuminate.exe
O4 - Global Startup: WD Quick View.lnk = C:\Program Files\Western Digital\WD SmartWare\WDDMStatus.exe
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\wpclsp.dll
O16 - DPF: ‹1E54D648-B804-468d-BC78-4AFFED8E262F› (System Requirements Lab) - http://www.nvidia.com/content/DriverDownload/srl/3.0.0.4/srl_bin/sysreqlab_nvd.cab
O16 - DPF: ‹39B0684F-D7BF-4743-B050-FDC3F48F7E3B› - http://www.fileplanet.com/fpdlmgr/cabs/FPDC_2.3.10.115.cab
O16 - DPF: ‹68282C51-9459-467B-95BF-3C0E89627E55› (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: ‹6C269571-C6D7-4818-BCA4-32A035E8C884› (Creative Software AutoUpdate) - http://ccfiles.creative.com/Web/softwareupdate/su/ocx/15101/CTSUEng.cab
O16 - DPF: ‹7530BFB8-7293-4D34-9923-61A11451AFC5› - http://download.eset.com/special/eos/OnlineScanner.cab
O16 - DPF: ‹CF84DAC5-A4F5-419E-A0BA-C01FFD71112F› - http://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.4.24.0.cab
O16 - DPF: ‹D4B68B83-8710-488B-A692-D74B50BA558E› (Creative Software AutoUpdate Support Package 2) - http://ccfiles.creative.com/Web/softwareupdate/ocx/15113/CTPIDPDE.cab
O16 - DPF: ‹DE625294-70E6-45ED-B895-CFFA13AEB044› - http://195.74.79.83:31/activex/AMC.cab
O16 - DPF: ‹E2883E8F-472F-4FB0-9522-AC9BF37916A7› - http://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
O16 - DPF: ‹E705A591-DA3C-4228-B0D5-A356DBA42FBF› - http://ccfiles.creative.com/Web/softwareupdate/su2/ocx/20015/CTSUEng.cab
O16 - DPF: ‹F6ACF75C-C32C-447B-9BEF-46B766368D29› - http://ccfiles.creative.com/Web/softwareupdate/ocx/15118/CTPID.cab
O18 - Filter hijack: text/xml - ‹807573E5-5146-11D5-A672-00B0D022E945› - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files (x86)\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Us3uga Acronis Nonstop Backup (afcdpsrv) - Acronis - C:\Program Files (x86)\Common Files\Acronis\CDP\afcdpsrv.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: amBX Service - amBX - C:\Program Files (x86)\amBX\System\amBX_Service.exe
O23 - Service: Indexing Service (CISVC) - Unknown owner - C:\Windows\system32\CISVC.EXE (file missing)
O23 - Service: Creative ALchemy AL6 Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe
O23 - Service: Creative Audio Engine Licensing Service - Creative Labs - C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe
O23 - Service: Creative Audio Service (CTAudSvcService) - Creative Technology Ltd - C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe
O23 - Service: @dfsrres.dll,-101 (DFSR) - Unknown owner - C:\Windows\system32\DFSR.exe (file missing)
O23 - Service: FLEXnet Licensing Service - Acresso Software Inc. - C:\Program Files (x86)\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Futuremark SystemInfo Service - Futuremark Corporation - C:\Program Files (x86)\Common Files\Futuremark Shared\Futuremark SystemInfo\FMSISvc.exe
O23 - Service: GEST Service for program management. (GEST Service) - Unknown owner - C:\Program Files (x86)\GIGABYTE\EnergySaver\GSvr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (nvsvc) - Unknown owner - C:\Windows\system32\nvvsvc.exe (file missing)
O23 - Service: NVIDIA Update Service Daemon (nvUpdatusService) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
O23 - Service: Philips amBX USB HAL - Philips - C:\Program Files (x86)\amBX\Device Drivers\Philips USB\Philips_amBX_USB_HAL.exe
O23 - Service: Philips HAL Starter - Unknown owner - C:\Program Files (x86)\amBX\Device Drivers\Philips USB\Philips_HAL_Starter.exe
O23 - Service: PMBDeviceInfoProvider - Unknown owner - H:\Program Files (x86)\Sony\PMB\PMBDeviceInfoProvider.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SLsvc.exe,-101 (slsvc) - Unknown owner - C:\Windows\system32\SLsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: NVIDIA Stereoscopic 3D Driver Service (Stereo Service) - NVIDIA Corporation - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
O23 - Service: TurboBoost - Intel(R) Corporation - C:\Program Files\Intel\TurboBoost\TurboBoost.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)

--
End of file - 9305 bytes

Ok dzięki za pomoc, zaraz wszystko wypróbuje.

log możesz też wkleić w okienko na tej stronie:

http://www.hijackthis.de/

i naciśnij analiza. Wartości które będą miały X, zaznacz w tym programiku który Ci wygenerował ten log i naciśnij Fix.

http://www.jak-to-zrobic.pl/index.php/a/3/b/7/c/38/d/107/id/283