Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...
- Thread starter patology
- Rozpoczęty
- Status
Testowany plik: csrss.exe
Rozmiar testowanego pliku: 104.5 kB
Typ testowanego pliku: application/octet-stream
Do testu wykorzystano rozszerzone antywirusowe bazy danych z dnia 15-05-2006, wykrywające 193932 szkodników (wirusów, trojanów, programów spyware itp.).
csrss.exe - ZAINFEKOWANY
Wykryte wirusy:
Trojan-PSW.Win32.Tibia.u
Teraz jest taki problem nie chce sie to usunoć!! Ale jakoś go załatwie.
Rozmiar testowanego pliku: 104.5 kB
Typ testowanego pliku: application/octet-stream
Do testu wykorzystano rozszerzone antywirusowe bazy danych z dnia 15-05-2006, wykrywające 193932 szkodników (wirusów, trojanów, programów spyware itp.).
csrss.exe - ZAINFEKOWANY
Wykryte wirusy:
Trojan-PSW.Win32.Tibia.u
Teraz jest taki problem nie chce sie to usunoć!! Ale jakoś go załatwie.
heh... co racja to racja, ale... drugi link z googli:
http://www.neuber.com/taskmanager/process/csrss.exe.html
taki tylko moj comment, wlasciwie do mojego posta
http://www.neuber.com/taskmanager/process/csrss.exe.html
taki tylko moj comment, wlasciwie do mojego posta
O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C
rogram FilesSpikurl_wpmsg.dll
O17 - HKLMSystemCS1ServicesTcpip..{6C80199F-5FA8-4CC5-949D-4DDDD81C8638}: NameServer = 194.72.0.98,194.72.9.38
O17 - HKLMSystemCCSServicesTcpip..{6C80199F-5FA8-4CC5-949D-4DDDD81C8638}: NameServer = 194.72.0.98,194.72.9.38
Dj Max moim zdaniem to są te podejrzane pliki. Lepiej usuń bądź co bądź uważaj na nie, Przeskanuj je tu Link
rogram FilesSpikurl_wpmsg.dll O17 - HKLMSystemCS1ServicesTcpip..{6C80199F-5FA8-4CC5-949D-4DDDD81C8638}: NameServer = 194.72.0.98,194.72.9.38
O17 - HKLMSystemCCSServicesTcpip..{6C80199F-5FA8-4CC5-949D-4DDDD81C8638}: NameServer = 194.72.0.98,194.72.9.38
Dj Max moim zdaniem to są te podejrzane pliki. Lepiej usuń bądź co bądź uważaj na nie, Przeskanuj je tu Link
Siema od pewnego czasu mam problemy z PC niewiem czy mam jakiegos wira oto moje logi, jakby ktos mial chwile czasu to prosze je przejzec. dziekuje
Logfile of HijackThis v1.99.1
Scan saved at 10:17:25, on 2006-05-16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
Crogram FilesWinampwinampa.exe
Crogram FilesiTunesiTunesHelper.exe
Crogram FilesQuickTimeqttask.exe
Crogram FilesJavajre1.5.0_06binjusched.exe
Crogram FilesBPKd1337.exe
Crogram FilesCommon FilesAheadLibNMBgMonitor.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
Crogram FilesKerioPersonal Firewall 4kpf4ss.exe
Crogram FilesKerioPersonal Firewall 4kpf4gui.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
Crogram FilesKerioPersonal Firewall 4kpf4gui.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesiPodbiniPodService.exe
C:WINDOWSSystem32wuauclt.exe
Crogram FilesMozilla Firefoxfirefox.exe
C:WINDOWSSystem32svchost.exe
COCUME~1AdminUSTAWI~1TempRar$EX00.562HijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_06binssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - CROGRA~1FLASHGETjccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ATIPTA] Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WinampAgent] Crogram FilesWinampwinampa.exe
O4 - HKLM..Run: [iTunesHelper] "Crogram FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] Crogram FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [CloneCDTray] "Crogram FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 - HKLM..Run: [NeroFilterCheck] Crogram FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [d1337] Crogram FilesBPKd1337.exe
O4 - HKCU..Run: [MsnMsgr] "Crogram FilesMSN MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "Crogram FilesCommon FilesAheadLibNMBgMonitor.exe"
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - Global Startup: Microsoft Office.lnk = Crogram FilesMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: Download All by FlashGet - Crogram FilesFlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - Crogram FilesFlashGetjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - CROGRA~1FLASHGETflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - CROGRA~1FLASHGETflashget.exe
O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "CROGRA~1MSNMES~1msgrapp.dll" (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - Crogram FilesiPodbiniPodService.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - Crogram FilesKerioPersonal Firewall 4kpf4ss.exe
Logfile of HijackThis v1.99.1
Scan saved at 10:17:25, on 2006-05-16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeC
ROGRA~1ALWILS~1Avast4ashDisp.exeC
rogram FilesWinampwinampa.exeC
rogram FilesiTunesiTunesHelper.exeC
rogram FilesQuickTimeqttask.exeC
rogram FilesJavajre1.5.0_06binjusched.exeC
rogram FilesBPKd1337.exeC
rogram FilesCommon FilesAheadLibNMBgMonitor.exeC
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeC
rogram FilesAlwil SoftwareAvast4ashServ.exeC
rogram FilesKerioPersonal Firewall 4kpf4ss.exeC
rogram FilesKerioPersonal Firewall 4kpf4gui.exeC
rogram FilesAlwil SoftwareAvast4ashWebSv.exeC
rogram FilesKerioPersonal Firewall 4kpf4gui.exeC
rogram FilesAlwil SoftwareAvast4ashMaiSv.exeC
rogram FilesiPodbiniPodService.exeC:WINDOWSSystem32wuauclt.exe
C
rogram FilesMozilla Firefoxfirefox.exeC:WINDOWSSystem32svchost.exe
C
OCUME~1AdminUSTAWI~1TempRar$EX00.562HijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_06binssv.dllO2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C
ROGRA~1FLASHGETjccatch.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [ATIPTA] C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [avast!] C
ROGRA~1ALWILS~1Avast4ashDisp.exeO4 - HKLM..Run: [WinampAgent] C
rogram FilesWinampwinampa.exeO4 - HKLM..Run: [iTunesHelper] "C
rogram FilesiTunesiTunesHelper.exe"O4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [SunJavaUpdateSched] C
rogram FilesJavajre1.5.0_06binjusched.exeO4 - HKLM..Run: [CloneCDTray] "C
rogram FilesSlySoftCloneCDCloneCDTray.exe" /sO4 - HKLM..Run: [NeroFilterCheck] C
rogram FilesCommon FilesAheadLibNeroCheck.exeO4 - HKLM..Run: [d1337] C
rogram FilesBPKd1337.exeO4 - HKCU..Run: [MsnMsgr] "C
rogram FilesMSN MessengerMsnMsgr.Exe" /backgroundO4 - HKCU..Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C
rogram FilesCommon FilesAheadLibNMBgMonitor.exe"O4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadugg.exe" /trayO4 - Global Startup: Microsoft Office.lnk = C
rogram FilesMicrosoft OfficeOfficeOSA9.EXEO8 - Extra context menu item: Download All by FlashGet - C
rogram FilesFlashGetjc_all.htmO8 - Extra context menu item: Download using FlashGet - C
rogram FilesFlashGetjc_link.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C
ROGRA~1FLASHGETflashget.exeO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C
ROGRA~1FLASHGETflashget.exeO18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - "C
ROGRA~1MSNMES~1msgrapp.dll" (file missing)O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: avast! Antivirus - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C
rogram FilesiPodbiniPodService.exeO23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C
rogram FilesKerioPersonal Firewall 4kpf4ss.exe
Ja bym na twoim miejscu, usunal ten wpis, ale najpierw po skonfigurowaniu BPK usunal bym klienta, zostawil tylko serwer. Po co zasmiecac sobie kompa klientami?Originally posted by YRS
ten pliczek jest akurat mój
nieuruchamiany
wpis mozesz usunac.
X
xanusek
Gość
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 17:08:50, on 2006-05-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSOUNDMAN.EXE
C:Program FilesABITABITEQabiteq.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:WINDOWSsystem32ctfmon.exe
C:Program FilesLogitechSetPointSetPoint.exe
C:Program FilesCommon FilesLogitechKHALKHALMNPR.EXE
C:WINDOWSsystem32nvsvc32.exe
C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exe
C:WINDOWSsystem32WgaTray.exe
C:WINDOWSsystem32wuauclt.exe
C:PROGRA~1MOZILL~1FIREFOX.EXE
C:Documents and Settings1PulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [url]http://www.google.pl/[/url]
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Microsoft Internet Explorer
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM..Run: [ABITEQ] C:Program FilesABITABITEQabiteq.exe -M
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [KAVPersonal50] "C:Program FilesKaspersky LabKaspersky Anti-Virus Personal Prokav.exe" /minimize
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramLogitechDesktopMessenger.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk = C:Program FilesLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: Logitech SetPoint.lnk = C:Program FilesLogitechSetPointSetPoint.exe
O8 - Extra context menu item: &Google Search - res://c:program filesgoogleGoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:program filesgoogleGoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Similar Pages - res://c:program filesgoogleGoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://c:program filesgoogleGoogleToolbar2.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [url]http://go.microsoft.com/fwlink/?linkid=48835[/url]
O17 - HKLMSystemCCSServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O17 - HKLMSystemCS1ServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O17 - HKLMSystemCS2ServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O18 - Protocol: bw+0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw+0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw-0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw00s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw10s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw20s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw30s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw40s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw50s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw60s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw70s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw80s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bw90s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwa0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwb0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwc0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwd0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwe0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwf0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C:Program FilesLogitechDesktop Messenger8876480ProgramGAPlugProtocol-8876480.dll
O18 - Protocol: bwg0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwg0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwh0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwi0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwj0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwk0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwl0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwm0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwn0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwo0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwp0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwq0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwr0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bws0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwt0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwu0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwv0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bww0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwx0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwy0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: bwz0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O18 - Protocol: offline-8876480 - {CD04836C-06C7-48F1-891D-70155438A90E} - C:Program FilesLogitechDesktop Messenger8876480ProgramBWPlugProtocol-8876480.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: kavsvc - Kaspersky Lab - C:Program FilesKaspersky LabKaspersky Anti-Virus Personal Prokavsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f "%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:Program FilesAlcohol SoftAlcohol 120StarWindStarWindService.exeUsuń.O17 - HKLMSystemCCSServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O17 - HKLMSystemCS1ServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O17 - HKLMSystemCS2ServicesTcpip..{22179916-3DF0-4CCB-BCA0-A50F2AE9C617}: NameServer = 10.0.0.2
O18 - Protocol: bw+0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw+0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw-0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw-0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw00 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw00s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw10 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw10s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw20 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw20s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw30 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw30s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw40 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw40s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw50 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw50s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw60 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw60s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw70 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw70s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw80 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw80s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw90 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bw90s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwa0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwa0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwb0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwb0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwc0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwc0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwd0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwd0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwe0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwe0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwf0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwf0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - C
O18 - Protocol: bwg0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwg0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwh0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwh0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwi0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwi0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwj0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwj0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwk0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwk0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwl0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwl0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwm0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwm0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwn0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwn0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwo0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwo0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwp0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwp0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwq0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwq0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwr0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwr0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bws0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bws0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwt0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwt0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwu0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwu0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwv0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwv0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bww0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bww0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwx0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwx0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwy0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwy0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwz0 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: bwz0s - {CD04836C-06C7-48F1-891D-70155438A90E} - C
O18 - Protocol: offline-8876480 - {CD04836C-06C7-48F1-891D-70155438A90E} - C
Logfile of HijackThis v1.99.1
Scan saved at 18:58:47, on 2006-05-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesCommon FilesSymantec SharedccSetMgr.exe
Crogram FilesCommon FilesSymantec SharedccEvtMgr.exe
Crogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:WINDOWSsystem32CTsvcCDA.exe
Crogram FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
Crogram FilesNorton AntiVirusnavapsvc.exe
Crogram FilesNorton AntiVirusIWPNPFMntor.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32WgaTray.exe
C:WINDOWSsystem32CTHELPER.EXE
Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
Crogram FilesCreativeSBLiveAudioHQAHQTBU.EXE
Crogram FilesHPHP Software UpdateHPWuSchd2.exe
Crogram FilesiTunesiTunesHelper.exe
Crogram FilesJavajre1.5.0_06binjusched.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32LVCOMSX.EXE
Crogram FilesLogitechVideoLogiTray.exe
Crogram FilesiPodbiniPodService.exe
Crogram FilesCommon FilesSymantec SharedccApp.exe
Crogram FilesCommon FilesRealUpdate_OBrealsched.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesSkypePhoneSkype.exe
Crogram FilesRSSoftRSEDNClient.exe
Crogram FilesSteamSteam.exe
C:Windowsctfmon.exe
Crogram FilesHPDigital Imagingbinhpqtra08.exe
Crogram FilesLogitechVideoFxSvr2.exe
Crogram FilesHPDigital Imagingbinhpqimzone.exe
Crogram FilesHPDigital ImagingbinhpqSTE08.exe
Crogram FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE
Crogram FilesHPDigital ImagingProduct Assistantbinhprblog.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesInternet ExplorerIEXPLORE.EXE
COCUME~1abcUSTAWI~1TempRar$EX00.609HijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - Crogram FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - Crogram FilesGetRightxx2gr.dll
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - CROGRA~1RXTOOL~1sfcont.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_06binssv.dll
O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - Crogram FilesNorton AntiVirusNavShExt.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar1.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - Crogram FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - Crogram FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [Jet Detection] "Crogram FilesCreativeSBLivePROGRAMADGJDet.exe"
O4 - HKLM..Run: [ATIPTA] Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [AudioHQU] Crogram FilesCreativeSBLiveAudioHQAHQTBU.EXE
O4 - HKLM..Run: [HP Software Update] Crogram FilesHPHP Software UpdateHPWuSchd2.exe
O4 - HKLM..Run: [iTunesHelper] "Crogram FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [SunJavaUpdateSched] Crogram FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] Crogram FilesLogitechVideoISStart.exe
O4 - HKLM..Run: [LogitechVideoTray] Crogram FilesLogitechVideoLogiTray.exe
O4 - HKLM..Run: [Adobe Photo Downloader] "Crogram FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [ccApp] "Crogram FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [WinampAgent] Crogram FilesWinampwinampa.exe
O4 - HKLM..Run: [TkBellExe] "Crogram FilesCommon FilesRealUpdate_OBrealsched.exe" -osboot
O4 - HKLM..Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Skype] "Crogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [LogitechSoftwareUpdate] "Crogram FilesLogitechVideoManifestEngine.exe" boot
O4 - HKCU..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [Red Swoosh EDN Client] Crogram FilesRSSoftRSEDNClient.exe
O4 - HKCU..Run: [Steam] "Crogram FilesSteamSteam.exe" -silent
O4 - HKCU..Run: [ctfmon] C:Windowsctfmon.exe
O4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = Crogram FilesGetRightgetright.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = Crogram FilesHPDigital Imagingbinhpqtra08.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = Crogram FilesHPDigital Imagingbinhpqthb08.exe
O8 - Extra context menu item: &Google Search - res://crogram filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O8 - Extra context menu item: &Translate English Word - res://crogram filesgoogleGoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://crogram filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://crogram filesgoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Download with GetRight - Crogram FilesGetRightGRdownload.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Konwertuj do Adobe PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://Crogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Open with GetRight Browser - Crogram FilesGetRightGRbrowse.htm
O8 - Extra context menu item: Similar Pages - res://crogram filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://crogram filesgoogleGoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) - http://poczta.wp.pl/d606/mailcfg.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - CROGRA~1RXTOOL~1sfcont.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - Crogram FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedccSetMgr.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: iPodService - Apple Computer, Inc. - Crogram FilesiPodbiniPodService.exe
O23 - Service: LiveUpdate - Symantec Corporation - CROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - Crogram FilesNorton AntiVirusnavapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - Crogram FilesNorton AntiVirusIWPNPFMntor.exe
O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXE
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - Crogram FilesNorton AntiVirusSAVScan.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: SPBBCSvc - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
Prosze o pomoc ;]
Scan saved at 18:58:47, on 2006-05-19
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesCommon FilesSymantec SharedccSetMgr.exeC
rogram FilesCommon FilesSymantec SharedccEvtMgr.exeC
rogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exeC:WINDOWSsystem32spoolsv.exe
C
rogram FilesSymantecLiveUpdateALUSchedulerSvc.exeC:WINDOWSsystem32CTsvcCDA.exe
C
rogram FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXEC
rogram FilesNorton AntiVirusnavapsvc.exeC
rogram FilesNorton AntiVirusIWPNPFMntor.exeC:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32WgaTray.exe
C:WINDOWSsystem32CTHELPER.EXE
C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeC
rogram FilesCreativeSBLiveAudioHQAHQTBU.EXEC
rogram FilesHPHP Software UpdateHPWuSchd2.exeC
rogram FilesiTunesiTunesHelper.exeC
rogram FilesJavajre1.5.0_06binjusched.exeC:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32LVCOMSX.EXE
C
rogram FilesLogitechVideoLogiTray.exeC
rogram FilesiPodbiniPodService.exeC
rogram FilesCommon FilesSymantec SharedccApp.exeC
rogram FilesCommon FilesRealUpdate_OBrealsched.exeC:WINDOWSsystem32ctfmon.exe
C
rogram FilesSkypePhoneSkype.exeC
rogram FilesRSSoftRSEDNClient.exeC
rogram FilesSteamSteam.exeC:Windowsctfmon.exe
C
rogram FilesHPDigital Imagingbinhpqtra08.exeC
rogram FilesLogitechVideoFxSvr2.exeC
rogram FilesHPDigital Imagingbinhpqimzone.exeC
rogram FilesHPDigital ImagingbinhpqSTE08.exeC
rogram FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXEC
rogram FilesHPDigital ImagingProduct Assistantbinhprblog.exeC
rogram FilesGadu-Gadugg.exeC
rogram FilesInternet ExplorerIEXPLORE.EXEC
OCUME~1abcUSTAWI~1TempRar$EX00.609HijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C
rogram FilesYahoo!CompanionInstallscpnyt.dllO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dllO2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C
rogram FilesGetRightxx2gr.dllO2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C
ROGRA~1RXTOOL~1sfcont.dll (file missing)O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_06binssv.dllO2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C
rogram FilesNorton AntiVirusNavShExt.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
rogram filesgooglegoogletoolbar1.dllO3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C
rogram FilesYahoo!CompanionInstallscpnyt.dllO3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C
rogram FilesNorton AntiVirusNavShExt.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogram filesgooglegoogletoolbar1.dllO4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [CTHelper] CTHELPER.EXE
O4 - HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE
O4 - HKLM..Run: [Jet Detection] "C
rogram FilesCreativeSBLivePROGRAMADGJDet.exe"O4 - HKLM..Run: [ATIPTA] C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [AudioHQU] C
rogram FilesCreativeSBLiveAudioHQAHQTBU.EXEO4 - HKLM..Run: [HP Software Update] C
rogram FilesHPHP Software UpdateHPWuSchd2.exeO4 - HKLM..Run: [iTunesHelper] "C
rogram FilesiTunesiTunesHelper.exe"O4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [SunJavaUpdateSched] C
rogram FilesJavajre1.5.0_06binjusched.exeO4 - HKLM..Run: [LVCOMSX] C:WINDOWSsystem32LVCOMSX.EXE
O4 - HKLM..Run: [LogitechVideoRepair] C
rogram FilesLogitechVideoISStart.exe O4 - HKLM..Run: [LogitechVideoTray] C
rogram FilesLogitechVideoLogiTray.exeO4 - HKLM..Run: [Adobe Photo Downloader] "C
rogram FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"O4 - HKLM..Run: [ccApp] "C
rogram FilesCommon FilesSymantec SharedccApp.exe"O4 - HKLM..Run: [WinampAgent] C
rogram FilesWinampwinampa.exeO4 - HKLM..Run: [TkBellExe] "C
rogram FilesCommon FilesRealUpdate_OBrealsched.exe" -osbootO4 - HKLM..Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadugg.exe" /trayO4 - HKCU..Run: [Skype] "C
rogram FilesSkypePhoneSkype.exe" /nosplash /minimizedO4 - HKCU..Run: [LogitechSoftwareUpdate] "C
rogram FilesLogitechVideoManifestEngine.exe" bootO4 - HKCU..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKCU..Run: [Red Swoosh EDN Client] C
rogram FilesRSSoftRSEDNClient.exeO4 - HKCU..Run: [Steam] "C
rogram FilesSteamSteam.exe" -silentO4 - HKCU..Run: [ctfmon] C:Windowsctfmon.exe
O4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = C
rogram FilesGetRightgetright.exeO4 - Global Startup: HP Digital Imaging Monitor.lnk = C
rogram FilesHPDigital Imagingbinhpqtra08.exeO4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C
rogram FilesHPDigital Imagingbinhpqthb08.exeO8 - Extra context menu item: &Google Search - res://c
rogram filesgoogleGoogleToolbar1.dll/cmsearch.htmlO8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O8 - Extra context menu item: &Translate English Word - res://c
rogram filesgoogleGoogleToolbar1.dll/cmwordtrans.htmlO8 - Extra context menu item: Backward Links - res://c
rogram filesgoogleGoogleToolbar1.dll/cmbacklinks.htmlO8 - Extra context menu item: Cached Snapshot of Page - res://c
rogram filesgoogleGoogleToolbar1.dll/cmcache.htmlO8 - Extra context menu item: Download with GetRight - C
rogram FilesGetRightGRdownload.htmO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
ROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000O8 - Extra context menu item: Konwertuj do Adobe PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECaptureSelLinks.htmlO8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIECapture.htmlO8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://C
rogram FilesAdobeAcrobat 7.0AcrobatAcroIEFavClient.dll/AcroIEAppend.htmlO8 - Extra context menu item: Open with GetRight Browser - C
rogram FilesGetRightGRbrowse.htmO8 - Extra context menu item: Similar Pages - res://c
rogram filesgoogleGoogleToolbar1.dll/cmsimilar.htmlO8 - Extra context menu item: Translate Page into English - res://c
rogram filesgoogleGoogleToolbar1.dll/cmtrans.htmlO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~2OFFICE11REFIEBAR.DLLO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) - http://poczta.wp.pl/d606/mailcfg.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C
ROGRA~1RXTOOL~1sfcont.dllO20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C
rogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C
rogram FilesSymantecLiveUpdateALUSchedulerSvc.exeO23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exeO23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccSetMgr.exeO23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:WINDOWSsystem32CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: iPodService - Apple Computer, Inc. - C
rogram FilesiPodbiniPodService.exeO23 - Service: LiveUpdate - Symantec Corporation - C
ROGRA~1SymantecLIVEUP~1LUCOMS~1.EXEO23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C
rogram FilesNorton AntiVirusnavapsvc.exeO23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C
rogram FilesNorton AntiVirusIWPNPFMntor.exeO23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSecurity ConsoleNSCSRVCE.EXEO23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C
rogram FilesNorton AntiVirusSAVScan.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSNDSrvc.exeO23 - Service: SPBBCSvc - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSPBBCSPBBCSvc.exeO23 - Service: Symantec Core LC - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exeO23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exeProsze o pomoc ;]
Te procesy są niepotrzebne ;]Originally posted by puchacz47
C:WINDOWSsystem32Ati2evxx.exe
C
C:WINDOWSsystem32CTsvcCDA.exe
C
C:WINDOWSsystem32MsPMSPSv.exe
C:WINDOWSsystem32WgaTray.exe
C:WINDOWSsystem32CTHELPER.EXE
C
C
C
C:WINDOWSsystem32LVCOMSX.EXE
C
C
C
C:Windowsctfmon.exe
C
Usuwasz TO:
C
R3 - Default URLSearchHook is missing
O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C
O4 - HKCU..Run: [Red Swoosh EDN Client] C
O4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O8 - Extra context menu item: &Search - http://kn.bar.need2find.c...earch.html?p=KN
O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C
btw. masz trojana :
Usuwasz wpis, nastepnie plik, podszywajacy sie pod aplikacje z c:windowssystem32
damianciech
Użytkownik
- Dołączył
- Kwiecień 12, 2006
- Posty
- 1
Logfile of HijackThis v1.99.1
Scan saved at 16:33:27, on 2006-05-20
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesCommon FilesSymantec SharedccEvtMgr.exe
Crogram FilesnortonNISUM.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesnortonccPxySvc.exe
Crogram FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32UAService7.exe
C:WINDOWSSystem32ctfmon.exe
Crogram FilesVIARAIDraid_tool.exe
Crogram FilesNeostrada TPNeostradaTP.exe
Crogram FilesNeostrada TPComComp.exe
Crogram FilesNeostrada TPWatch.exe
Crogram FilesInternet Exploreriexplore.exe
C:WINDOWSSystem32wuauclt.exe
Cocuments and SettingsDamianUstawienia lokalneTempKatalog tymczasowy 1 dla hijackthis.zipHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - DROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - Drogram FilesNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - Drogram FilesNavShExt.dll
O4 - HKLM..Run: [Symantec NetDriver Monitor] CROGRA~1SYMNET~1SNDMon.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = Crogram FilesATI TechnologiesATI.ACECLI.exe
O4 - Global Startup: Microsoft Office.lnk = Crogram FilesMicrosoft OfficeOffice10OSA.EXE
O4 - Global Startup: VIA RAID TOOL.lnk = Crogram FilesVIARAIDraid_tool.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2Office10EXCEL.EXE/3000
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0159868ccde6b9...ip/RdxIE601.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase7617.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145395741388
O17 - HKLMSystemCCSServicesTcpip..{0B65F64E-774F-4645-A231-840EFFF38EC8}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLMSystemCS1ServicesTcpip..{0B65F64E-774F-4645-A231-840EFFF38EC8}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - Crogram FilesnortonccPxySvc.exe
O23 - Service: Usługa Auto-Protect w programie Norton AntiVirus (navapsvc) - Symantec Corporation - Drogram Filesnavapsvc.exe
O23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - Crogram FilesnortonNISUM.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - CROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:WINDOWSSystem32UAService7.exe
proszę o sprawdzenie loga.
Scan saved at 16:33:27, on 2006-05-20
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exeC
rogram FilesnortonNISUM.EXEC:WINDOWSsystem32spoolsv.exe
C
rogram FilesnortonccPxySvc.exeC
rogram FilesCommon FilesMicrosoft SharedVS7Debugmdm.exeC:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32UAService7.exe
C:WINDOWSSystem32ctfmon.exe
C
rogram FilesVIARAIDraid_tool.exeC
rogram FilesNeostrada TPNeostradaTP.exeC
rogram FilesNeostrada TPComComp.exeC
rogram FilesNeostrada TPWatch.exeC
rogram FilesInternet Exploreriexplore.exeC:WINDOWSSystem32wuauclt.exe
C
ocuments and SettingsDamianUstawienia lokalneTempKatalog tymczasowy 1 dla hijackthis.zipHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://szukaj.wp.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLLO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocxO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - D
ROGRA~1SPYBOT~1SDHelper.dllO2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D
rogram FilesNavShExt.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D
rogram FilesNavShExt.dllO4 - HKLM..Run: [Symantec NetDriver Monitor] C
ROGRA~1SYMNET~1SNDMon.exeO4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - Global Startup: ATI CATALYST System Tray.lnk = C
rogram FilesATI TechnologiesATI.ACECLI.exeO4 - Global Startup: Microsoft Office.lnk = C
rogram FilesMicrosoft OfficeOffice10OSA.EXEO4 - Global Startup: VIA RAID TOOL.lnk = C
rogram FilesVIARAIDraid_tool.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
ROGRA~1MICROS~2Office10EXCEL.EXE/3000O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) - http://software-dl.real.com/0159868ccde6b9...ip/RdxIE601.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166} (Windows Live Safety Center Base Module) - http://scan.safety.live.com/resource/downl...lscbase7617.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1145395741388
O17 - HKLMSystemCCSServicesTcpip..{0B65F64E-774F-4645-A231-840EFFF38EC8}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLMSystemCS1ServicesTcpip..{0B65F64E-774F-4645-A231-840EFFF38EC8}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccEvtMgr.exeO23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedccPwdSvc.exeO23 - Service: Symantec Proxy Service (ccPxySvc) - Symantec Corporation - C
rogram FilesnortonccPxySvc.exeO23 - Service: Usługa Auto-Protect w programie Norton AntiVirus (navapsvc) - Symantec Corporation - D
rogram Filesnavapsvc.exeO23 - Service: Norton Internet Security Accounts Manager (NISUM) - Symantec Corporation - C
rogram FilesnortonNISUM.EXEO23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C
ROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exeO23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedSNDSrvc.exeO23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Sony DADC Austria AG. - C:WINDOWSSystem32UAService7.exe
proszę o sprawdzenie loga.
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 11:10:40, on 2006-05-21
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesEsetnod32krn.exe
C:Program FilesVMwareVMware Workstationvmware-authd.exe
C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
C:WINDOWSSystem32vmnat.exe
C:WINDOWSSystem32vmnetdhcp.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesVIARAIDraid_tool.exe
C:Program FilesNetLimiterNetLimiter.exe
C:Program FilesEsetnod32kui.exe
C:WINDOWSSystem32RunDll32.exe
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:PROGRA~1A4TechMouseAmoumain.exe
C:Program FilesD-Toolsdaemon.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesLavasoftAd-aware 6Ad-aware.exe
C:Program FilestotalcmdTOTALCMD.EXE
c:DownloadshijackthisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FLASHGETjccatch.dll
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - C:PROGRA~1FlashFXPIEFlash.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FLASHGETfgiebar.dll
O4 - HKLM..Run: [RaidTool] C:Program FilesVIARAIDraid_tool.exe
O4 - HKLM..Run: [NetLimiter] C:Program FilesNetLimiterNetLimiter.exe /s
O4 - HKLM..Run: [nod32kui] "C:Program FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [ATIPTA] "C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [WheelMouse] C:PROGRA~1A4TechMouseAmoumain.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1033
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O8 - Extra context menu item: Download All by FlashGet - C:PROGRA~1FLASHGETjc_all.htm
O8 - Extra context menu item: Download using FlashGet - C:PROGRA~1FLASHGETjc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FLASHGETflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:PROGRA~1FLASHGETflashget.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:Program FilesEsetnod32krn.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - C:Program FilesVMwareVMware Workstationvmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - C:WINDOWSSystem32vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - C:Program FilesCommon FilesVMwareVMware Virtual Image Editingvmount2.exe
O23 - Service: VMware NAT Service - VMware, Inc. - C:WINDOWSSystem32vmnat.exemoglibyscie sprawdzic ? :/ bo ostatnio mysle ze cos sie dzieje
Logfile of HijackThis v1.99.1
Scan saved at 17:13:21, on 2006-05-23
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
C:WINDOWSExplorer.EXE
C
C:WINDOWSsystem32spoolsv.exe
C
C
C
C:WINDOWSsoundman.exe
C
C
C
C:WINDOWSsystem32ctfmon.exe
C
C
C
C:WINDOWSsystem32wscntfy.exe
C
C
C
C
C
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
O4 - HKLM..Run: [SunJavaUpdateSched] C
O4 - HKLM..Run: [SoundMan] soundman.exe
O4 - HKLM..Run: [WinampAgent] "C
O4 - HKLM..Run: [ccApp] "C
O4 - HKLM..Run: [Microsoft Windows Update] mswins.exe
O4 - HKLM..Run: [VVSN] C
O4 - HKLM..Run: [DAEMON Tools] "C
O4 - HKLM..Run: [avast!] C
O4 - HKLM..RunServices: [Microsoft Windows Update] mswins.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C
O4 - HKCU..Run: [VoipBuster] "C
O4 - HKCU..Run: [Skype] "C
O4 - HKCU..Run: [EdHTML] C
O4 - HKCU..Run: [VoipStunt] "C
O4 - HKCU..Run: [Komunikator] "C
O4 - Global Startup: Adobe Gamma Loader.lnk = C
O8 - Extra context menu item: &Google Search - res://c
O8 - Extra context menu item: &Translate English Word - res://c
O8 - Extra context menu item: Backward Links - res://c
O8 - Extra context menu item: Cached Snapshot of Page - res://c
O8 - Extra context menu item: Similar Pages - res://c
O8 - Extra context menu item: Translate Page into English - res://c
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C
O23 - Service: avast! Antivirus - Unknown owner - C
O23 - Service: avast! Mail Scanner - Unknown owner - C
O23 - Service: avast! Web Scanner - Unknown owner - C
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C
O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - Unknown owner - %ProgramFiles%WinPcaprpcapd.exe" -d -f "%ProgramFiles%WinPcaprpcapd.ini (file missing)
O23 - Service: Symantec Core LC - Symantec Corporation - C
sprawdzcie...
- Status