Chcesz sprawdzić swój log z Hijackthisa? Wklej go tutaj...
- Thread starter patology
- Rozpoczęty
- Status
to jest mój log z hijackthis
Logfile of HijackThis v1.99.1
Scan saved at 16:16:09, on 2007-03-12
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesAheadInCDInCDsrv.exe
Crogram FilesInternet Exploreriexplore.exe
Crogram FilesInternet Exploreriexplore.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSSYSTEM32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSMixer.exe
Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
Crogram FilesAheadInCDInCD.exe
Crogram FilesQuickTimeqttask.exe
Crogram FilesDAEMON Toolsdaemon.exe
Crogram FilesZTE CorporationZXDSL852CnxDslTb.exe
Crogram FilesZone LabsZoneAlarmzlclient.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesIVT CorporationBlueSoleilBlueSoleil.exe
Crogram FilesLavasoftAd-Aware SE ProfessionalAd-Watch.exe
Crogram FilesinstalWinampwinamp.exe
C:WINDOWSSystem32MsPMSPSv.exe
Crogram FilesMozilla Firefoxfirefox.exe
Cocuments and SettingsredPulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - Crogram FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_06binssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM..Run: [ATIPTA] Crogram FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [InCD] Crogram FilesAheadInCDInCD.exe
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [DAEMON Tools] "Crogram FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [CnxDslTaskBar] "Crogram FilesZTE CorporationZXDSL852CnxDslTb.exe" "ZTE CorporationZXDSL852"
O4 - HKLM..Run: [System] C:WINDOWSSystem32kernels8.exe
O4 - HKLM..Run: [Zone Labs Client] Crogram FilesZone LabsZoneAlarmzlclient.exe
O4 - HKLM..RunServices: [SystemTools] C:WINDOWSSystem32kernels8.exe
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Windows update loader] C:Windowsxpupdate.exe
O4 - Startup: Ad-Watch SE Professional.lnk = Crogram FilesLavasoftAd-Aware SE ProfessionalAd-Watch.exe
O4 - Startup: winamp.lnk = Crogram FilesinstalWinampwinamp.exe
O4 - Startup: Zone Labs Security.lnk = Crogram FilesZone LabsZoneAlarmzlclient.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)
O12 - Plugin for .spop: Crogram FilesInternet ExplorerPluginsNPDocBox.dll
O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLMSystemCCSServicesTcpip..{F1E331A7-4088-4DCA-8EAB-B30ECD1E2517}: NameServer = 194.204.152.34 217.98.63.164
O20 - Winlogon Notify: artm_newreg - Cocuments and SettingsAll UsersDokumentySettingsartm_new.dll
O20 - Winlogon Notify: WBSrv - CROGRA~1StardockOBJECT~1WINDOW~1wbsrv.dll
O20 - Winlogon Notify: winsys2freg - Cocuments and SettingsAll UsersDokumentySettingswinsys2f.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - Crogram FilesAheadInCDInCDsrv.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
czekam na odpowiedzi
Logfile of HijackThis v1.99.1
Scan saved at 16:16:09, on 2007-03-12
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesAheadInCDInCDsrv.exeC
rogram FilesInternet Exploreriexplore.exeC
rogram FilesInternet Exploreriexplore.exeC:WINDOWSsystem32spoolsv.exe
C
rogram FilesIVT CorporationBlueSoleilBTNtService.exeC:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSSYSTEM32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSMixer.exe
C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeC
rogram FilesAheadInCDInCD.exeC
rogram FilesQuickTimeqttask.exeC
rogram FilesDAEMON Toolsdaemon.exeC
rogram FilesZTE CorporationZXDSL852CnxDslTb.exeC
rogram FilesZone LabsZoneAlarmzlclient.exeC
rogram FilesGadu-Gadugg.exeC
rogram FilesIVT CorporationBlueSoleilBlueSoleil.exeC
rogram FilesLavasoftAd-Aware SE ProfessionalAd-Watch.exeC
rogram FilesinstalWinampwinamp.exeC:WINDOWSSystem32MsPMSPSv.exe
C
rogram FilesMozilla Firefoxfirefox.exeC
ocuments and SettingsredPulpitHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocxO2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C
rogram FilesSpybot - Search & DestroySDHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_06binssv.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM..Run: [ATIPTA] C
rogram FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [InCD] C
rogram FilesAheadInCDInCD.exeO4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [DAEMON Tools] "C
rogram FilesDAEMON Toolsdaemon.exe" -lang 1033O4 - HKLM..Run: [CnxDslTaskBar] "C
rogram FilesZTE CorporationZXDSL852CnxDslTb.exe" "ZTE CorporationZXDSL852"O4 - HKLM..Run: [System] C:WINDOWSSystem32kernels8.exe
O4 - HKLM..Run: [Zone Labs Client] C
rogram FilesZone LabsZoneAlarmzlclient.exeO4 - HKLM..RunServices: [SystemTools] C:WINDOWSSystem32kernels8.exe
O4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadugg.exe" /trayO4 - HKCU..Run: [Windows update loader] C:Windowsxpupdate.exe
O4 - Startup: Ad-Watch SE Professional.lnk = C
rogram FilesLavasoftAd-Aware SE ProfessionalAd-Watch.exeO4 - Startup: winamp.lnk = C
rogram FilesinstalWinampwinamp.exeO4 - Startup: Zone Labs Security.lnk = C
rogram FilesZone LabsZoneAlarmzlclient.exeO4 - Global Startup: BlueSoleil.lnk = ?
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_06binssv.dllO9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 - {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%bdoscandel.exe (file missing)
O12 - Plugin for .spop: C
rogram FilesInternet ExplorerPluginsNPDocBox.dllO16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resources/scan8/oscan8.cab
O17 - HKLMSystemCCSServicesTcpip..{F1E331A7-4088-4DCA-8EAB-B30ECD1E2517}: NameServer = 194.204.152.34 217.98.63.164
O20 - Winlogon Notify: artm_newreg - C
ocuments and SettingsAll UsersDokumentySettingsartm_new.dllO20 - Winlogon Notify: WBSrv - C
ROGRA~1StardockOBJECT~1WINDOW~1wbsrv.dllO20 - Winlogon Notify: winsys2freg - C
ocuments and SettingsAll UsersDokumentySettingswinsys2f.dllO23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C
rogram FilesIVT CorporationBlueSoleilBTNtService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C
rogram FilesAheadInCDInCDsrv.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
czekam na odpowiedzi
Do usuniecia:
O20 - Winlogon Notify: winsys2freg - C
O20 - Winlogon Notify: artm_newreg - C
O4 - HKCU..Run: [Windows update loader] C:Windowsxpupdate.exe
O4 - HKLM..RunServices: [SystemTools] C:WINDOWSSystem32kernels8.exe
O4 - HKLM..Run: [System] C:WINDOWSSystem32kernels8.exe[/b]
Logfile of HijackThis v1.99.1
Scan saved at 20:30:01, on 2007-03-18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
CROGRA~1NEOSTR~1TaskbarIcon.exe
Crogram FilesJavajre1.5.0_09binjusched.exe
C:WINDOWSSOUNDMAN.EXE
Crogram FilesWinampwinampa.exe
C:WINDOWSSystem32RUNDLL32.EXE
CROGRA~1ALWILS~1Avast4ashDisp.exe
CROGRA~1A4TechMouseAmoumain.exe
C:WINDOWSSystem32ctfmon.exe
Crogram FilesSkypePhoneSkype.exe
Crogram FilesInterVideoCommonBinWinCinemaMgr.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
C:WINDOWSSystem32nod32m2.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesiPodbiniPodService.exe
Crogram FilesNeostrada TPNeostradaTP.exe
Crogram FilesNeostrada TPComComp.exe
Crogram FilesNeostrada TPWatch.exe
C:WINDOWSSystem32wuauclt.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesMozilla Firefoxfirefox.exe
Crogram FilesWapsterAQQAQQ.exe
Crogram FilesAlwil SoftwareAvast4ashSimpl.exe
Crogram FilesZone LabsZoneAlarmzlclient.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
Crogram FilesGadu-Gadugg.exe
Crogram FilesWinRARWinRAR.exe
COCUME~1JacekUSTAWI~1TempRar$EX00.891HijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_09binssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [CnxDslTaskBar] "crogram fileszte corporationzxdsl852CnxDslTb.exe" "ZTE CorporationZXDSL852"
O4 - HKLM..Run: [WOOWATCH] CROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] CROGRA~1NEOSTR~1TaskbarIcon.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_09binjusched.exe"
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [WinampAgent] Crogram FilesWinampwinampa.exe
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSystem32spooldriversw32x863hpztsb05.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Nod32CC] "C:WINDOWSSystem32nod32cc.exe" -DONTSHOW
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "Crogram FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [WheelMouse] CROGRA~1A4TechMouseAmoumain.exe
O4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSSystem32PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [ZoneAlarm Client] "Crogram FilesZone LabsZoneAlarmzlclient.exe"
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [Skype] "Crogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [Gadu-Gadu] "Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Konnekt] "Crogram FilesKonnektkonnekt.exe" /autostart
O4 - HKCU..Run: [VoipStunt] "Crogram FilesVoipStunt.comVoipStuntVoipStunt.exe" -nosplash -minimized
O4 - Startup: Adobe Gamma.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = Crogram FilesInterVideoCommonBinWinCinemaMgr.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_09binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O17 - HKLMSystemCCSServicesTcpip..{8915651F-49BB-44F3-B545-33270409013C}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: Adobe LM Service - Adobe Systems - Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: BlueSoleil Hid Service - Unknown owner - Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
O23 - Service: iPod Service - Apple Computer, Inc. - Crogram FilesiPodbiniPodService.exe
O23 - Service: NOD32 Control Center Service (NOD32ControlCenter) - Unknown owner - C:WINDOWSSystem32nod32cc.exe" -service (file missing)
O23 - Service: NOD32 Service (NOD32Service) - Unknown owner - C:WINDOWSSystem32nod32m2.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
Scan saved at 20:30:01, on 2007-03-18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C
ROGRA~1NEOSTR~1TaskbarIcon.exeC
rogram FilesJavajre1.5.0_09binjusched.exeC:WINDOWSSOUNDMAN.EXE
C
rogram FilesWinampwinampa.exeC:WINDOWSSystem32RUNDLL32.EXE
C
ROGRA~1ALWILS~1Avast4ashDisp.exeC
ROGRA~1A4TechMouseAmoumain.exeC:WINDOWSSystem32ctfmon.exe
C
rogram FilesSkypePhoneSkype.exeC
rogram FilesInterVideoCommonBinWinCinemaMgr.exeC:WINDOWSsystem32spoolsv.exe
C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeC
rogram FilesAlwil SoftwareAvast4ashServ.exeC
rogram FilesIVT CorporationBlueSoleilBTNtService.exeC:WINDOWSSystem32nod32m2.exe
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesiPodbiniPodService.exeC
rogram FilesNeostrada TPNeostradaTP.exeC
rogram FilesNeostrada TPComComp.exeC
rogram FilesNeostrada TPWatch.exeC:WINDOWSSystem32wuauclt.exe
C
rogram FilesGadu-Gadugg.exeC
rogram FilesMozilla Firefoxfirefox.exeC
rogram FilesWapsterAQQAQQ.exeC
rogram FilesAlwil SoftwareAvast4ashSimpl.exeC
rogram FilesZone LabsZoneAlarmzlclient.exeC:WINDOWSsystem32ZoneLabsvsmon.exe
C
rogram FilesGadu-Gadugg.exeC
rogram FilesWinRARWinRAR.exeC
OCUME~1JacekUSTAWI~1TempRar$EX00.891HijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLLO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_09binssv.dllO3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [CnxDslTaskBar] "c
rogram fileszte corporationzxdsl852CnxDslTb.exe" "ZTE CorporationZXDSL852"O4 - HKLM..Run: [WOOWATCH] C
ROGRA~1NEOSTR~1Watch.exeO4 - HKLM..Run: [WOOTASKBARICON] C
ROGRA~1NEOSTR~1TaskbarIcon.exeO4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_09binjusched.exe"O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [WinampAgent] C
rogram FilesWinampwinampa.exeO4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSystem32spooldriversw32x863hpztsb05.exe
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [Nod32CC] "C:WINDOWSSystem32nod32cc.exe" -DONTSHOW
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [iTunesHelper] "C
rogram FilesiTunesiTunesHelper.exe"O4 - HKLM..Run: [avast!] C
ROGRA~1ALWILS~1Avast4ashDisp.exeO4 - HKLM..Run: [WheelMouse] C
ROGRA~1A4TechMouseAmoumain.exeO4 - HKLM..Run: [PinnacleDriverCheck] C:WINDOWSSystem32PSDrvCheck.exe -CheckReg
O4 - HKLM..Run: [ZoneAlarm Client] "C
rogram FilesZone LabsZoneAlarmzlclient.exe"O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [Skype] "C
rogram FilesSkypePhoneSkype.exe" /nosplash /minimizedO4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadugg.exe" /trayO4 - HKCU..Run: [Konnekt] "C
rogram FilesKonnektkonnekt.exe" /autostartO4 - HKCU..Run: [VoipStunt] "C
rogram FilesVoipStunt.comVoipStuntVoipStunt.exe" -nosplash -minimizedO4 - Startup: Adobe Gamma.lnk = C
rogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeO4 - Global Startup: BlueSoleil.lnk = ?
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C
rogram FilesInterVideoCommonBinWinCinemaMgr.exeO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
ROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_09binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_09binssv.dllO9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~2OFFICE11REFIEBAR.DLLO9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebrelated.htm
O17 - HKLMSystemCCSServicesTcpip..{8915651F-49BB-44F3-B545-33270409013C}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: Adobe LM Service - Adobe Systems - C
rogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeO23 - Service: avast! Antivirus - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)O23 - Service: BlueSoleil Hid Service - Unknown owner - C
rogram FilesIVT CorporationBlueSoleilBTNtService.exeO23 - Service: iPod Service - Apple Computer, Inc. - C
rogram FilesiPodbiniPodService.exeO23 - Service: NOD32 Control Center Service (NOD32ControlCenter) - Unknown owner - C:WINDOWSSystem32nod32cc.exe" -service (file missing)
O23 - Service: NOD32 Service (NOD32Service) - Unknown owner - C:WINDOWSSystem32nod32m2.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
Logfile of HijackThis v1.99.1
Scan saved at 17:49:24, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesCommon FilesSymantec SharedccSvcHst.exe
Crogram FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
CrogramyDAEMON Toolsdaemon.exe
Crogram FilesMicrosoft OfficeOffice12GrooveMonitor.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
Crogram FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
Crogram FilesHPhpcoretechhpcmpmgr.exe
Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe
C:WINDOWSsystem32hphmon05.exe
C:WINDOWSsystem32RUNDLL32.EXE
Crogram FilesJavajre1.5.0_11binjusched.exe
CrogramyComodoFirewallCPF.exe
C:WINDOWSsystem32ctfmon.exe
CrogramyComodoFirewallcmdagent.exe
Crogram FilesSymantecLiveUpdateALUSchedulerSvc.exe
C:WINDOWSsvchost.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32HPZipm12.exe
C:GryCSSourceSteam.exe
c:grycssourcesteamappsakhavcounter-strike sourcehl2.exe
CrogramyOperaOpera.exe
Cocuments and SettingsMój KomputerPulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - CrogramyFlashGetjccatch.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - CROGRA~1MICROS~2Office12GRA8E1~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_11binssv.dll
O2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - CrogramyFlashGetgetflash.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - CrogramyFlashGetfgiebar.dll
O4 - HKLM..Run: [DAEMON Tools] "CrogramyDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [GrooveMonitor] "Crogram FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ccApp] "Crogram FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [osCheck] "Crogram FilesNorton AntiVirusosCheck.exe"
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [HPHUPD05] Crogram FilesHewlett-Packard{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}hphupd05.exe
O4 - HKLM..Run: [HP Component Manager] "Crogram FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [HP Software Update] "Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HPHmon05] C:WINDOWSsystem32hphmon05.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_11binjusched.exe"
O4 - HKLM..Run: [COMODO Firewall Pro] "CrogramyComodoFirewallCPF.exe" /background
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ccleaner] "CrogramyCCleanerccleaner.exe" /AUTO
O4 - HKCU..Run: [Steam] "c:grycssourcesteam.exe" -silent
O4 - Startup: Microsoft Office.lnk = C:WINDOWSsvchost.exe
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = Crogram FilesMicrosoft OfficeOffice12ONENOTEM.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = CrogramyAdobe Reader 8.0Readerreader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = CrogramyAdobe Reader 8.0ReaderAdobeCollabSync.exe
O8 - Extra context menu item: Download All by FlashGet - CrogramyFlashGetjc_all.htm
O8 - Extra context menu item: Download using FlashGet - CrogramyFlashGetjc_link.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://CROGRA~1MICROS~2Office12EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~2Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2Office12REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - CrogramyFlashGetflashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - CrogramyFlashGetflashget.exe
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O17 - HKLMSystemCCSServicesTcpip..{3D405E99-EB29-426F-A679-99DA8E74AB19}: NameServer = 10.0.0.1 81.15.159.200
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - CROGRA~1MICROS~2Office12GR99D3~1.DLL
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - Crogram FilesCommon FilesMicrosoft SharedHelphxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - CROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLL
O20 - Winlogon Notify: WgaLogon - C:WINDOWS
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - Crogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - Crogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - Crogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - CrogramyComodoFirewallcmdagent.exe
O23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - Crogram FilesSymantecLiveUpdateALUSchedulerSvc.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - Crogram FilesNorton AntiVirusisPwdSvc.exe
O23 - Service: LiveUpdate - Symantec Corporation - CROGRA~1SymantecLIVEUP~1LUCOMS~1.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - Crogram FilesCommon FilesSymantec SharedAppCoreAppSvc32.exe
Scan saved at 17:49:24, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesCommon FilesSymantec SharedccSvcHst.exeC
rogram FilesCommon FilesSymantec SharedAppCoreAppSvc32.exeC:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
rogramyDAEMON Toolsdaemon.exeC
rogram FilesMicrosoft OfficeOffice12GrooveMonitor.exeC:WINDOWSSOUNDMAN.EXE
C:WINDOWSALCWZRD.EXE
C
rogram FilesCommon FilesSymantec SharedccApp.exeC:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
C
rogram FilesHPhpcoretechhpcmpmgr.exeC
rogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exeC:WINDOWSsystem32hphmon05.exe
C:WINDOWSsystem32RUNDLL32.EXE
C
rogram FilesJavajre1.5.0_11binjusched.exeC
rogramyComodoFirewallCPF.exeC:WINDOWSsystem32ctfmon.exe
C
rogramyComodoFirewallcmdagent.exeC
rogram FilesSymantecLiveUpdateALUSchedulerSvc.exeC:WINDOWSsvchost.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32HPZipm12.exe
C:GryCSSourceSteam.exe
c:grycssourcesteamappsakhavcounter-strike sourcehl2.exe
C
rogramyOperaOpera.exeC
ocuments and SettingsMój KomputerPulpitHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dllO2 - BHO: IeCatch5 Class - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C
rogramyFlashGetjccatch.dllO2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C
ROGRA~1MICROS~2Office12GRA8E1~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_11binssv.dllO2 - BHO: gFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - C
rogramyFlashGetgetflash.dllO3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C
rogramyFlashGetfgiebar.dllO4 - HKLM..Run: [DAEMON Tools] "C
rogramyDAEMON Toolsdaemon.exe" -lang 1033O4 - HKLM..Run: [GrooveMonitor] "C
rogram FilesMicrosoft OfficeOffice12GrooveMonitor.exe"O4 - HKLM..Run: [High Definition Audio Property Page Shortcut] HDAShCut.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM..Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM..Run: [ccApp] "C
rogram FilesCommon FilesSymantec SharedccApp.exe"O4 - HKLM..Run: [osCheck] "C
rogram FilesNorton AntiVirusosCheck.exe"O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb09.exe
O4 - HKLM..Run: [HPHUPD05] C
rogram FilesHewlett-Packard{5372B9A6-6E51-4f90-9B40-E0A3B8475C4E}hphupd05.exeO4 - HKLM..Run: [HP Component Manager] "C
rogram FilesHPhpcoretechhpcmpmgr.exe"O4 - HKLM..Run: [HP Software Update] "C
rogram FilesHewlett-PackardHP Software UpdateHPWuSchd2.exe"O4 - HKLM..Run: [HPHmon05] C:WINDOWSsystem32hphmon05.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_11binjusched.exe"O4 - HKLM..Run: [COMODO Firewall Pro] "C
rogramyComodoFirewallCPF.exe" /backgroundO4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [ccleaner] "C
rogramyCCleanerccleaner.exe" /AUTOO4 - HKCU..Run: [Steam] "c:grycssourcesteam.exe" -silent
O4 - Startup: Microsoft Office.lnk = C:WINDOWSsvchost.exe
O4 - Startup: Tworzenie wycinków ekranu i uruchamianie programu OneNote 2007.lnk = C
rogram FilesMicrosoft OfficeOffice12ONENOTEM.EXEO4 - Global Startup: Adobe Reader Speed Launch.lnk = C
rogramyAdobe Reader 8.0Readerreader_sl.exeO4 - Global Startup: Adobe Reader Synchronizer.lnk = C
rogramyAdobe Reader 8.0ReaderAdobeCollabSync.exeO8 - Extra context menu item: Download All by FlashGet - C
rogramyFlashGetjc_all.htmO8 - Extra context menu item: Download using FlashGet - C
rogramyFlashGetjc_link.htmO8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C
ROGRA~1MICROS~2Office12EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C
ROGRA~1MICROS~2Office12ONBttnIE.dllO9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C
ROGRA~1MICROS~2Office12ONBttnIE.dllO9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~2Office12REFIEBAR.DLLO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C
rogramyFlashGetflashget.exeO9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C
rogramyFlashGetflashget.exeO16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A} (GameLauncher Control) - http://www.acclaim.com/cabs/acclaim_v5.cab
O17 - HKLMSystemCCSServicesTcpip..{3D405E99-EB29-426F-A679-99DA8E74AB19}: NameServer = 10.0.0.1 81.15.159.200
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C
ROGRA~1MICROS~2Office12GR99D3~1.DLLO18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - C
rogram FilesCommon FilesMicrosoft SharedHelphxds.dllO18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - C
ROGRA~1COMMON~1MICROS~1OFFICE12MSOXMLMF.DLLO20 - Winlogon Notify: WgaLogon - C:WINDOWS
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C
rogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner - C
rogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C
rogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)O23 - Service: Comodo Application Agent (CmdAgent) - COMODO - C
rogramyComodoFirewallcmdagent.exeO23 - Service: Harmonogram automatycznej usługi LiveUpdate - Symantec Corporation - C
rogram FilesSymantecLiveUpdateALUSchedulerSvc.exeO23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation - C
rogram FilesNorton AntiVirusisPwdSvc.exeO23 - Service: LiveUpdate - Symantec Corporation - C
ROGRA~1SymantecLIVEUP~1LUCOMS~1.EXEO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedCCPD-LCsymlcsvc.exeO23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - C
rogram FilesCommon FilesSymantec SharedAppCoreAppSvc32.exeMam problemik. Gram w Civ 4 i inne gry i po jakiś 10 min komp mi się wyłącza. Ne wiem co jest grane, potem nie mogę go normalnie włączyć tylko muszę wyłączyć z zasilania i od nowa włączyć. Co mogę zrobić? Oto mój log.
Logfile of HijackThis v1.99.1
Scan saved at 19:41:51, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesEsetnod32krn.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWShtpatch.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
Crogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
Crogram FilesJavajre1.5.0_10binjusched.exe
Crogram FilesEsetnod32kui.exe
Crogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
Crogram FilesMozilla Firefoxfirefox.exe
Drogram FilesGadu-GaduGadu-Gadu.exe
Cocuments and SettingsFilipPulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - EROGRA~1FlashGetjccatch.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - CROGRA~1MEGAUP~1MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_10binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar2.dll
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - Erogram FilesFlashGetgetflash.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - CROGRA~1MEGAUP~1MEGAUP~1.DLL
O3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - Erogram FilesFlashGetfgiebar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [Gainward] C:WINDOWSTBPanel.exe /A
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [HTpatch] C:WINDOWShtpatch.exe
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 - HKLM..Run: [HP Software Update] Crogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exe
O4 - HKLM..Run: [DeviceDiscovery] Crogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exe
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_10binjusched.exe"
O4 - HKLM..Run: [AVKTray] "Crogram FilesG DATAAntiVirus 2007AVKTrayAVKTray.exe"
O4 - HKLM..Run: [Flashget] EROGRA~1FlashGetFlashget.exe /min
O4 - HKLM..Run: [nod32kui] "Crogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [SCDEmuApp.exe] Drogram FilesPowerISOSCDEmuApp.exe
O4 - HKCU..Run: [Spyware Doctor] "Drogram FilesSpyware Doctorswdoctor.exe" /Q
O4 - HKCU..Run: [swg] Crogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = Crogram FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = Erogram FilesMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - EROGRA~1FlashGetjc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - EROGRA~1FlashGetjc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_10binssv.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - EROGRA~1FlashGetflashget.exe
O9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - EROGRA~1FlashGetflashget.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O17 - HKLMSystemCCSServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O17 - HKLMSystemCS1ServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O17 - HKLMSystemCS2ServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: AVKProxy - Unknown owner - Crogram FilesCommon FilesG DATAAVKProxyAVKProxy.exe (file missing)
O23 - Service: AVK Service (AVKService) - Unknown owner - Crogram FilesG DATAAntiVirus 2007AVKAVKService.exe (file missing)
O23 - Service: Strażnik AVK (AVKWCtl) - Unknown owner - Crogram FilesG DATAAntiVirus 2007AVKAVKWCtl.exe (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - Crogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - Crogram FilesEsetnod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
Logfile of HijackThis v1.99.1
Scan saved at 19:41:51, on 2007-04-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesEsetnod32krn.exeC:WINDOWSsystem32nvsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWShtpatch.exe
C:WINDOWSsystem32RunDll32.exe
C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
C
rogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exeC
rogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exeC
rogram FilesJavajre1.5.0_10binjusched.exeC
rogram FilesEsetnod32kui.exeC
rogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exeC
rogram FilesMozilla Firefoxfirefox.exeD
rogram FilesGadu-GaduGadu-Gadu.exeC
ocuments and SettingsFilipPulpitHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dllO2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E
ROGRA~1FlashGetjccatch.dllO2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C
ROGRA~1MEGAUP~1MEGAUP~1.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_10binssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
rogram filesgooglegoogletoolbar2.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E
rogram FilesFlashGetgetflash.dllO3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C
ROGRA~1MEGAUP~1MEGAUP~1.DLLO3 - Toolbar: FlashGet - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E
rogram FilesFlashGetfgiebar.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogram filesgooglegoogletoolbar2.dllO4 - HKLM..Run: [Gainward] C:WINDOWSTBPanel.exe /A
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [HTpatch] C:WINDOWShtpatch.exe
O4 - HKLM..Run: [SiSUSBRG] C:WINDOWSSiSUSBrg.exe
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb08.exe
O4 - HKLM..Run: [HP Software Update] C
rogram FilesHewlett-PackardHP Software UpdateHPWuSchd.exeO4 - HKLM..Run: [DeviceDiscovery] C
rogram FilesHewlett-PackardDigital Imagingbinhpotdd01.exeO4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_10binjusched.exe"O4 - HKLM..Run: [AVKTray] "C
rogram FilesG DATAAntiVirus 2007AVKTrayAVKTray.exe"O4 - HKLM..Run: [Flashget] E
ROGRA~1FlashGetFlashget.exe /minO4 - HKLM..Run: [nod32kui] "C
rogram FilesEsetnod32kui.exe" /WAITSERVICEO4 - HKLM..Run: [SCDEmuApp.exe] D
rogram FilesPowerISOSCDEmuApp.exeO4 - HKCU..Run: [Spyware Doctor] "D
rogram FilesSpyware Doctorswdoctor.exe" /QO4 - HKCU..Run: [swg] C
rogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exeO4 - Global Startup: Adobe Reader Speed Launch.lnk = C
rogram FilesAdobeAcrobat 7.0Readerreader_sl.exeO4 - Global Startup: Microsoft Office.lnk = E
rogram FilesMicrosoft OfficeOfficeOSA9.EXEO8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - E
ROGRA~1FlashGetjc_link.htmO8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - E
ROGRA~1FlashGetjc_all.htmO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_10binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_10binssv.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E
ROGRA~1FlashGetflashget.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E
ROGRA~1FlashGetflashget.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO17 - HKLMSystemCCSServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O17 - HKLMSystemCS1ServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O17 - HKLMSystemCS2ServicesTcpip..{7BC232A2-3DF6-4A3A-B637-8DEA700534AC}: NameServer = 192.168.1.1
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C
ROGRA~1COMMON~1SkypeSKYPE4~1.DLLO23 - Service: AVKProxy - Unknown owner - C
rogram FilesCommon FilesG DATAAVKProxyAVKProxy.exe (file missing)O23 - Service: AVK Service (AVKService) - Unknown owner - C
rogram FilesG DATAAntiVirus 2007AVKAVKService.exe (file missing)O23 - Service: Strażnik AVK (AVKWCtl) - Unknown owner - C
rogram FilesG DATAAntiVirus 2007AVKAVKWCtl.exe (file missing)O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C
rogram FilesCommon FilesSymantec SharedccSvcHst.exe" /h ccCommon (file missing)O23 - Service: Google Updater Service (gusvc) - Google - C
rogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exeO23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C
rogram FilesEsetnod32krn.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
Prosze sprawdzcie mi tez login strasznie mi internet zacina i niemoge w cs'a pograc bo ping wielki z gory dzieki
Logfile of HijackThis v1.99.1
Scan saved at 13:21:47, on 2007-04-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWS1System32smss.exe
C:WINDOWS1SYSTEM32winlogon.exe
C:WINDOWS1system32services.exe
C:WINDOWS1system32lsass.exe
C:WINDOWS1system32svchost.exe
C:WINDOWS1System32svchost.exe
C:WINDOWS1system32spoolsv.exe
C:WINDOWS1system32nvsvc32.exe
C:WINDOWS1system32svchost.exe
Crogram FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
C:WINDOWS1Explorer.EXE
Crogram FilesSteamSteam.exe
crogram filessteamsteamappsbryan134counter-strikehl.exe
C:WINDOWS1system32RaConfig.exe
Crogram FilesVentriloVentrilo.exe
Crogram FilesRivChat2RivChat.exe
Cocuments and SettingsMarcinekPulpitaLL pIERDOLY aLL z pULPITUhijackthisHijackThis.exe
Crogram FilesMozilla Firefoxfirefox.exe
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS1system32NvCpl.dll,NvStartup
O4 - HKLM..Run: [UVS10 Preload] Crogram FilesUlead SystemsUlead VideoStudio 10uvPL.exe
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKCU..Run: [Gadu-Gadu] "Erogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Steam] "Crogram FilesSteamSteam.exe" -silent
O4 - Startup: Adobe Gamma.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 - Extra context menu item: &Download all by WellGet - Crogram FilesWellGetnxall.htm
O8 - Extra context menu item: Download by &WellGet - Crogram FilesWellGetnxcatch.htm
O17 - HKLMSystemCCSServicesTcpip..{DA7A42E3-2EF7-4629-AB3A-14DEB549C504}: NameServer = 192.168.0.1,194.204.159.1
O23 - Service: Adobe LM Service - Adobe Systems - Crogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWS1system32nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - Crogram FilesCommon FilesUlead SystemsDVDULCDRSvr.exe
Logfile of HijackThis v1.99.1
Scan saved at 13:21:47, on 2007-04-10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWS1System32smss.exe
C:WINDOWS1SYSTEM32winlogon.exe
C:WINDOWS1system32services.exe
C:WINDOWS1system32lsass.exe
C:WINDOWS1system32svchost.exe
C:WINDOWS1System32svchost.exe
C:WINDOWS1system32spoolsv.exe
C:WINDOWS1system32nvsvc32.exe
C:WINDOWS1system32svchost.exe
C
rogram FilesCommon FilesUlead SystemsDVDULCDRSvr.exeC:WINDOWS1Explorer.EXE
C
rogram FilesSteamSteam.exec
rogram filessteamsteamappsbryan134counter-strikehl.exeC:WINDOWS1system32RaConfig.exe
C
rogram FilesVentriloVentrilo.exeC
rogram FilesRivChat2RivChat.exeC
ocuments and SettingsMarcinekPulpitaLL pIERDOLY aLL z pULPITUhijackthisHijackThis.exeC
rogram FilesMozilla Firefoxfirefox.exeO4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWS1system32NvCpl.dll,NvStartup
O4 - HKLM..Run: [UVS10 Preload] C
rogram FilesUlead SystemsUlead VideoStudio 10uvPL.exeO4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKCU..Run: [Gadu-Gadu] "E
rogram FilesGadu-Gadugg.exe" /trayO4 - HKCU..Run: [Steam] "C
rogram FilesSteamSteam.exe" -silentO4 - Startup: Adobe Gamma.lnk = C
rogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeO8 - Extra context menu item: &Download all by WellGet - C
rogram FilesWellGetnxall.htmO8 - Extra context menu item: Download by &WellGet - C
rogram FilesWellGetnxcatch.htmO17 - HKLMSystemCCSServicesTcpip..{DA7A42E3-2EF7-4629-AB3A-14DEB549C504}: NameServer = 192.168.0.1,194.204.159.1
O23 - Service: Adobe LM Service - Adobe Systems - C
rogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C
rogram FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWS1system32nvsvc32.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - C
rogram FilesCommon FilesUlead SystemsDVDULCDRSvr.exeKanciastoporty
Były Moderator
- Dołączył
- Grudzień 19, 2006
- Posty
- 1137
wklejcie swoje logi tutaj http://hijackthis.de/index.php?langselect=english
Apeluje do moderatorow o zamkniecie tego tematu z przyczyn oczywistych
Apeluje do moderatorow o zamkniecie tego tematu z przyczyn oczywistych
Logfile of HijackThis v1.99.1
Scan saved at 21:36:35, on 2007-04-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32HPZipm12.exe
Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe
CROGRA~1NEOSTR~1CnxMon.exe
CROGRA~1NEOSTR~1TaskbarIcon.exe
Crogram FilesZone LabsZoneAlarmzlclient.exe
Crogram FilesJavajre1.5.0_11binjusched.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesSAGEMSAGEM F@st 800-840dslmon.exe
CROGRA~1NEOSTR~1NeostradaTP.exe
CROGRA~1NEOSTR~1ComComp.exe
Crogram FilesOperaOpera.exe
Crogram FilesGadu-Gadugg.exe
Cocuments and SettingsrootPulpitHijackthisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_11binssv.dll
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [AVP] "Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"
O4 - HKLM..Run: [WooCnxMon] CROGRA~1NEOSTR~1CnxMon.exe
O4 - HKLM..Run: [WOOWATCH] CROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] CROGRA~1NEOSTR~1TaskbarIcon.exe
O4 - HKLM..Run: [ZoneAlarm Client] "Crogram FilesZone LabsZoneAlarmzlclient.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_11binjusched.exe"
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: DSLMON.lnk = Crogram FilesSAGEMSAGEM F@st 800-840dslmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1175784249437
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cab
O17 - HKLMSystemCCSServicesTcpip..{A7F53F98-33BE-4E0C-9A54-1CC65AA97D7F}: NameServer = 194.204.159.1 217.98.63.164
O20 - Winlogon Notify: klogon - C:WINDOWSsystem32klogon.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - Crogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
jeszcze jedno... ZA wykrywa podejrzana aplikacje w watch.exe i przy wlaczeniu systemu wyskakuje blad o zlym zainicjowaniu watch.exe
Scan saved at 21:36:35, on 2007-04-18
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ZoneLabsvsmon.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C
rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exeC:WINDOWSsystem32nvsvc32.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32HPZipm12.exe
C
rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exeC
ROGRA~1NEOSTR~1CnxMon.exeC
ROGRA~1NEOSTR~1TaskbarIcon.exeC
rogram FilesZone LabsZoneAlarmzlclient.exeC
rogram FilesJavajre1.5.0_11binjusched.exeC:WINDOWSsystem32ctfmon.exe
C
rogram FilesSAGEMSAGEM F@st 800-840dslmon.exeC
ROGRA~1NEOSTR~1NeostradaTP.exeC
ROGRA~1NEOSTR~1ComComp.exeC
rogram FilesOperaOpera.exeC
rogram FilesGadu-Gadugg.exeC
ocuments and SettingsrootPulpitHijackthisHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.neostrada.pl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLLO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_11binssv.dllO4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [AVP] "C
rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe"O4 - HKLM..Run: [WooCnxMon] C
ROGRA~1NEOSTR~1CnxMon.exeO4 - HKLM..Run: [WOOWATCH] C
ROGRA~1NEOSTR~1Watch.exeO4 - HKLM..Run: [WOOTASKBARICON] C
ROGRA~1NEOSTR~1TaskbarIcon.exeO4 - HKLM..Run: [ZoneAlarm Client] "C
rogram FilesZone LabsZoneAlarmzlclient.exe"O4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_11binjusched.exe"O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - Global Startup: DSLMON.lnk = C
rogram FilesSAGEMSAGEM F@st 800-840dslmon.exeO9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/...b?1175784249437
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/jin...indows-i586.cab
O17 - HKLMSystemCCSServicesTcpip..{A7F53F98-33BE-4E0C-9A54-1CC65AA97D7F}: NameServer = 194.204.159.1 217.98.63.164
O20 - Winlogon Notify: klogon - C:WINDOWSsystem32klogon.dll
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Unknown owner - C
rogram FilesKaspersky LabKaspersky Anti-Virus 6.0avp.exe" -r (file missing)O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:WINDOWSsystem32HPZipm12.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe
jeszcze jedno... ZA wykrywa podejrzana aplikacje w watch.exe i przy wlaczeniu systemu wyskakuje blad o zlym zainicjowaniu watch.exe
Kanciastoporty
Były Moderator
- Dołączył
- Grudzień 19, 2006
- Posty
- 1137
nic podejrzanego, a watch.exe wydaje sie byc od neostrady
[FAQ Beta ;]] Hijackthis Co i jak !?
1.Wchodzimy na strone:
i ściągamy ze strony hijackthis'a [download prawy górny róg]
2.Wypakowywujemy ściągnięty program i uruchamiamy go.
3.Klikamy na button "Do a system scan and save a logfile" i czekamy chwilke.
4.Po skanie w otworzy nam się notatnik wraz z logiem z hijackthis'a [jest on również zapisany w folderze w którym program został wypakowany]
5.Następnie wchodzimy na stronke:
na której wklejamy Log z hijackthis'a [W białe puste pole xD] który został wcześniej zapisany w notatniku. Można również wskazać plik tekstowy z logiem który znajduje się na naszym dysku. Po wykonaniu w/w czynności klikamy przycisk "ANALYZE"
6. Analizujemy nasz log sugerując się znakami.
LEGENDA
Program bezpieczny.
Program Windowsowski
Program podejrzany!
Program groźny !
Cos co bylo w sysemie lecz juz tego nie ma
Program antywirusowy
Firewall
Prosciej tego opisać nie umiem xD mam nadzieje że każdy zrozumie o co chodzi ;]
1.Wchodzimy na strone:
Kod:
http://www.hijackthis.de/2.Wypakowywujemy ściągnięty program i uruchamiamy go.
3.Klikamy na button "Do a system scan and save a logfile" i czekamy chwilke.
4.Po skanie w otworzy nam się notatnik wraz z logiem z hijackthis'a [jest on również zapisany w folderze w którym program został wypakowany]
5.Następnie wchodzimy na stronke:
Kod:
http://hijackthis.de/index.php?langselect=english6. Analizujemy nasz log sugerując się znakami.
LEGENDA
Prosciej tego opisać nie umiem xD mam nadzieje że każdy zrozumie o co chodzi ;]
Logfile of HijackThis v1.99.1
Scan saved at 19:20:52, on 2007-05-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesNeroNero 7InCDInCDsrv.exe
Crogram FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
Crogram FilesThomsonSpeedTouch USBDragdiag.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
CROGRA~1TEXTBR~1.0BinINSTAN~1.EXE
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
Crogram FilesAQQAQQ.exe
Crogram FilesMozilla Firefoxfirefox.exe
Cocuments and SettingsTomMoje dokumentyHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - CROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_11binssv.dll
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "Crogram FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [avast!] CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb05.exe
O4 - HKLM..Run: [InstantAccess] CROGRA~1TEXTBR~1.0BinINSTAN~1.EXE /h
O4 - HKLM..Run: [RegisterDropHandler] CROGRA~1TEXTBR~1.0BinREGIST~1.EXE
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [LWBMOUSE] Crogram FilesPERFECT SERIESMULTI-DIRECTION OPTICAL MOUSE1.4MOUSE32A.EXE
O4 - HKLM..Run: [et3] et4
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_11binjusched.exe"
O4 - HKLM..Run: [QuickTime Task] "Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [iTunesHelper] "Crogram FilesiTunesiTunesHelper.exe"
O4 - HKLM..Run: [KonektorTP] "crogram fileskonektortpkonektortp.exe" tray
O4 - HKLM..Run: [Onet.pl AutoUpdate] Crogram FilesCommon FilesOnet.plAutoUpdate.exe /tsr
O4 - HKLM..Run: [PFG Agent] C:WINDOWSsystem32spooltnosmopPFGPFG.exe
O4 - HKLM..Run: [NeroFilterCheck] Crogram FilesCommon FilesAheadLibNeroCheck.exe
O4 - HKLM..Run: [InCD] Crogram FilesNeroNero 7InCDInCD.exe
O4 - HKLM..RunServices: [RegisterDropHandler] CROGRA~1TEXTBR~1.0BinREGIST~1.EXE
O4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O4 - HKCU..Run: [mxClock] F:CHIPSoftwaremxClock 1.1.4mxClock.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://CROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_11binssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seekmo/ie/...c482626e79f8d4e
O17 - HKLMSystemCCSServicesTcpip..{8AF8752A-CB6F-46DF-A9F9-4A530A1709DA}: NameServer = 83.238.255.76 213.241.79.37
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - Crogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - Crogram FilesNeroNero 7InCDInCDsrv.exe
O23 - Service: PDEngine - Raxco Software, Inc. - Crogram FilesRaxcoPerfectDiskPDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - Crogram FilesRaxcoPerfectDiskPDSched.exe
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - Crogram FilesSiSoftwareSiSoftware Sandra Lite XI.SP1Win32RpcDataSrv.exe
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - Crogram FilesSiSoftwareSiSoftware Sandra Lite XI.SP1RpcSandraSrv.exe
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:WINDOWSsystem32sfrem01.exe
Scan saved at 19:20:52, on 2007-05-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeC
rogram FilesAlwil SoftwareAvast4ashServ.exeC:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32svchost.exe
C
rogram FilesNeroNero 7InCDInCDsrv.exeC
rogram FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXEC:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
C
rogram FilesThomsonSpeedTouch USBDragdiag.exeC
ROGRA~1ALWILS~1Avast4ashDisp.exeC
ROGRA~1TEXTBR~1.0BinINSTAN~1.EXEC
rogram FilesAlwil SoftwareAvast4ashMaiSv.exeC
rogram FilesAlwil SoftwareAvast4ashWebSv.exeC
rogram FilesAQQAQQ.exeC
rogram FilesMozilla Firefoxfirefox.exeC
ocuments and SettingsTomMoje dokumentyHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_11binssv.dllO4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C
rogram FilesThomsonSpeedTouch USBDragdiag.exe" /iconO4 - HKLM..Run: [avast!] C
ROGRA~1ALWILS~1Avast4ashDisp.exeO4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb05.exe
O4 - HKLM..Run: [InstantAccess] C
ROGRA~1TEXTBR~1.0BinINSTAN~1.EXE /hO4 - HKLM..Run: [RegisterDropHandler] C
ROGRA~1TEXTBR~1.0BinREGIST~1.EXEO4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [LWBMOUSE] C
rogram FilesPERFECT SERIESMULTI-DIRECTION OPTICAL MOUSE1.4MOUSE32A.EXEO4 - HKLM..Run: [et3] et4
O4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_11binjusched.exe"O4 - HKLM..Run: [QuickTime Task] "C
rogram FilesQuickTimeqttask.exe" -atboottimeO4 - HKLM..Run: [iTunesHelper] "C
rogram FilesiTunesiTunesHelper.exe"O4 - HKLM..Run: [KonektorTP] "c
rogram fileskonektortpkonektortp.exe" trayO4 - HKLM..Run: [Onet.pl AutoUpdate] C
rogram FilesCommon FilesOnet.plAutoUpdate.exe /tsrO4 - HKLM..Run: [PFG Agent] C:WINDOWSsystem32spooltnosmopPFGPFG.exe
O4 - HKLM..Run: [NeroFilterCheck] C
rogram FilesCommon FilesAheadLibNeroCheck.exeO4 - HKLM..Run: [InCD] C
rogram FilesNeroNero 7InCDInCD.exeO4 - HKLM..RunServices: [RegisterDropHandler] C
ROGRA~1TEXTBR~1.0BinREGIST~1.EXEO4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O4 - HKCU..Run: [mxClock] F:CHIPSoftwaremxClock 1.1.4mxClock.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
ROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_11binssv.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seekmo/ie/...c482626e79f8d4e
O17 - HKLMSystemCCSServicesTcpip..{8AF8752A-CB6F-46DF-A9F9-4A530A1709DA}: NameServer = 83.238.255.76 213.241.79.37
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C
rogram FilesAlwil SoftwareAvast4ashServ.exeO23 - Service: avast! Mail Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)O23 - Service: avast! Web Scanner - Unknown owner - C
rogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)O23 - Service: Google Updater Service (gusvc) - Google - C
rogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: InCD Helper (InCDsrv) - Nero AG - C
rogram FilesNeroNero 7InCDInCDsrv.exeO23 - Service: PDEngine - Raxco Software, Inc. - C
rogram FilesRaxcoPerfectDiskPDEngine.exeO23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C
rogram FilesRaxcoPerfectDiskPDSched.exeO23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C
rogram FilesSiSoftwareSiSoftware Sandra Lite XI.SP1Win32RpcDataSrv.exeO23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C
rogram FilesSiSoftwareSiSoftware Sandra Lite XI.SP1RpcSandraSrv.exeO23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:WINDOWSsystem32sfrem01.exe
Originally posted by TOM-12
Logfile of HijackThis v1.99.1
Scan saved at 19:20:52, on 2007-05-03
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C
C
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32svchost.exe
C
C
C:WINDOWSsystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wscntfy.exe
C
C
C
C
C
C
C
C
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C
O4 - HKLM..Run: [avast!] C
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSsystem32spooldriversw32x863hpztsb05.exe
O4 - HKLM..Run: [InstantAccess] C
O4 - HKLM..Run: [RegisterDropHandler] C
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [LWBMOUSE] C
O4 - HKLM..Run: [et3] et4
O4 - HKLM..Run: [SunJavaUpdateSched] "C
O4 - HKLM..Run: [QuickTime Task] "C
O4 - HKLM..Run: [iTunesHelper] "C
O4 - HKLM..Run: [KonektorTP] "c
O4 - HKLM..Run: [Onet.pl AutoUpdate] C
O4 - HKLM..Run: [PFG Agent] C:WINDOWSsystem32spooltnosmopPFGPFG.exe
O4 - HKLM..Run: [NeroFilterCheck] C
O4 - HKLM..Run: [InCD] C
O4 - HKLM..RunServices: [RegisterDropHandler] C
O4 - HKCU..Run: [shost32.exe] C:WINDOWSshost32.exe
O4 - HKCU..Run: [mxClock] F:CHIPSoftwaremxClock 1.1.4mxClock.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility Class) - http://security.symantec.com/sscv6/SharedC...n/bin/cabsa.cab
O16 - DPF: {DECEAAA2-370A-49BB-9362-68C3A58DDC62} (SAIX) - http://static.zangocash.com/cab/Seekmo/ie/...c482626e79f8d4e
O17 - HKLMSystemCCSServicesTcpip..{8AF8752A-CB6F-46DF-A9F9-4A530A1709DA}: NameServer = 83.238.255.76 213.241.79.37
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C
O23 - Service: avast! Antivirus - ALWIL Software - C
O23 - Service: avast! Mail Scanner - Unknown owner - C
O23 - Service: avast! Web Scanner - Unknown owner - C
O23 - Service: Google Updater Service (gusvc) - Google - C
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C
O23 - Service: PDEngine - Raxco Software, Inc. - C
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C
O23 - Service: SiSoftware Database Agent Service (SandraDataSrv) - SiSoftware - C
O23 - Service: SiSoftware Sandra Agent Service (SandraTheSrv) - SiSoftware - C
O23 - Service: SF FrontLine Drivers Auto Removal (v1) (sfrem01) - Protection Technology (StarForce) - C:WINDOWSsystem32sfrem01.exe
http://www.haker.com.pl/forum/viewtopic.php?t=27449
LySyJaJcUn
Użytkownik
- Dołączył
- Maj 4, 2007
- Posty
- 1
Logfile of HijackThis v1.99.1
Scan saved at 08:38:02, on 2007-05-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
Crogram FilesJavajre1.5.0_10binjusched.exe
C:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSsystem32nvsvc32.exe
ErogramyGadu-Gadugg.exe
C:WINDOWSsystem32CROSOF~1iexplore.exe
Crogram Filess?curity??rss.exe
C:WINDOWSsystem32wscntfy.exe
Crogram FilesMozilla Firefoxfirefox.exe
Erogram FilesHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {1DE7AE41-4589-3A0F-AB3A-69E33E93FFCA} - C:WINDOWSsystem32efdqv.dll (file missing)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - Crogram FilesMyGlobalSearchbar1.binMGSBAR.DLL
O2 - BHO: (no name) - {384a91d7-df9d-48f4-b259-80796f8e0fae} - C:WINDOWSsystem32comext.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - Erogram FilesBitComettoolsBitCometBHO_1.1.3.28.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_10binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - crogram filesgooglegoogletoolbar2.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - crogram filesgooglegoogletoolbar2.dll
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - Crogram FilesMyGlobalSearchbar1.binMGSBAR.DLL
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SunJavaUpdateSched] "Crogram FilesJavajre1.5.0_10binjusched.exe"
O4 - HKLM..Run: [BearShare] "Erogram FilesBearShareBearShare.exe" /pause
O4 - HKLM..Run: [WinampAgent] Erogram FilesWinampwinampa.exe
O4 - HKLM..Run: [Sony Ericsson PC Suite] "E:TelefonApplication LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [Lexmark_X79-55] C:WINDOWSsystem32lsasss.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "Erogram FilesD-Toolsdaemon.exe" -lang 1033
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [MSMSGS] "Crogram FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [swg] Crogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [Gadu-Gadu] "ErogramyGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Tsee] "C:WINDOWSsystem32CROSOF~1iexplore.exe" -vt yazb
O4 - HKCU..Run: [Laogz] "Crogram Filess?curity??rss.exe"
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_10binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_10binssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: comext - C:WINDOWSSYSTEM32comext.dll
O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
Przy okazji (jestem n00bem w tych sprawach) ale jak sie kasuje te pliki ?? i jeszcze jedno, jak wlaczam system to zawsze wyskakuje mi RUNDLL ze nie moze znalesc jakiegos pliki, oraz jak chce zrobic skrot lub chce wejsc w "Dodaj usun programy" to taksamo wyskakuje ze niemoze znalesc pliku i jest to "wyjatek" :/, i niestety trpsze zaczol mi sie przycinac ://
EDIT: aaa i jak wlanczam IE to mi tak muli musze czekac 5 - 10 min zeby sie wlaczylo IE :/ a to jest wkurzajace bo jak chce np. zrobic skan MKS'em... i nie wiem czy to wina juz tych syfow, ale cos przy starcie systemu sie dzieje tzn. jak jest liczenie pamieci to robia sie takie dziwne krechy pionowe ://
Scan saved at 08:38:02, on 2007-05-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C
rogram FilesJavajre1.5.0_10binjusched.exeC:WINDOWSsystem32RUNDLL32.EXE
C:WINDOWSsystem32nvsvc32.exe
E
rogramyGadu-Gadugg.exeC:WINDOWSsystem32CROSOF~1iexplore.exe
C
rogram Filess?curity??rss.exeC:WINDOWSsystem32wscntfy.exe
C
rogram FilesMozilla Firefoxfirefox.exeE
rogram FilesHijackThisHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {1DE7AE41-4589-3A0F-AB3A-69E33E93FFCA} - C:WINDOWSsystem32efdqv.dll (file missing)
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C
rogram FilesMyGlobalSearchbar1.binMGSBAR.DLLO2 - BHO: (no name) - {384a91d7-df9d-48f4-b259-80796f8e0fae} - C:WINDOWSsystem32comext.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - E
rogram FilesBitComettoolsBitCometBHO_1.1.3.28.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.5.0_10binssv.dllO2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c
rogram filesgooglegoogletoolbar2.dllO3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c
rogram filesgooglegoogletoolbar2.dllO3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C
rogram FilesMyGlobalSearchbar1.binMGSBAR.DLLO4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [SunJavaUpdateSched] "C
rogram FilesJavajre1.5.0_10binjusched.exe"O4 - HKLM..Run: [BearShare] "E
rogram FilesBearShareBearShare.exe" /pauseO4 - HKLM..Run: [WinampAgent] E
rogram FilesWinampwinampa.exeO4 - HKLM..Run: [Sony Ericsson PC Suite] "E:TelefonApplication LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [Lexmark_X79-55] C:WINDOWSsystem32lsasss.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "E
rogram FilesD-Toolsdaemon.exe" -lang 1033O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU..Run: [MSMSGS] "C
rogram FilesMessengermsmsgs.exe" /backgroundO4 - HKCU..Run: [swg] C
rogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exeO4 - HKCU..Run: [Gadu-Gadu] "E
rogramyGadu-Gadugg.exe" /trayO4 - HKCU..Run: [Tsee] "C:WINDOWSsystem32CROSOF~1iexplore.exe" -vt yazb
O4 - HKCU..Run: [Laogz] "C
rogram Filess?curity??rss.exe"O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_10binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.5.0_10binssv.dllO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O20 - AppInit_DLLs:
O20 - Winlogon Notify: comext - C:WINDOWSSYSTEM32comext.dll
O20 - Winlogon Notify: winemx32 - winemx32.dll (file missing)
O23 - Service: Google Updater Service (gusvc) - Google - C
rogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
Przy okazji (jestem n00bem w tych sprawach) ale jak sie kasuje te pliki ?? i jeszcze jedno, jak wlaczam system to zawsze wyskakuje mi RUNDLL ze nie moze znalesc jakiegos pliki, oraz jak chce zrobic skrot lub chce wejsc w "Dodaj usun programy" to taksamo wyskakuje ze niemoze znalesc pliku i jest to "wyjatek" :/, i niestety trpsze zaczol mi sie przycinac ://
EDIT: aaa i jak wlanczam IE to mi tak muli musze czekac 5 - 10 min zeby sie wlaczylo IE :/ a to jest wkurzajace bo jak chce np. zrobic skan MKS'em... i nie wiem czy to wina juz tych syfow, ale cos przy starcie systemu sie dzieje tzn. jak jest liczenie pamieci to robia sie takie dziwne krechy pionowe ://
Macie FAQ! wszystko jest dokładnie i zrozumiale przedstawione.
http://www.haker.com.pl/forum/viewtopic.php?p=152813
http://www.haker.com.pl/forum/viewtopic.php?p=152813
- Status