Zeskanowałem i to muj log prosze przeglądniicie i informujcie czy jest Keylogger czy inny virek
PHP Kod:
Logfile of HijackThis v1.99.1
Scan saved at 20:47:18, on 2007-11-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Running processes:
C:WINDOWSSystem32smss*****
C:WINDOWSsystem32winlogon*****
C:WINDOWSsystem32services*****
C:WINDOWSsystem32lsass*****
C:WINDOWSSystem32Ati2evxx*****
C:WINDOWSsystem32svchost*****
C:WINDOWSSystem32svchost*****
C:Program FilesAlwil SoftwareAvast4aswUpdSv*****
C:Program FilesAlwil SoftwareAvast4ashServ*****
C:WINDOWSsystem32LEXBCES*****
C:WINDOWSsystem32spoolsv*****
C:WINDOWSsystem32LEXPPS*****
C:WINDOWSsystem32Ati2evxx*****
C:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm*****
C:WINDOWSsystem32PSIService*****
C:Program FilesCommon FilesSymantec SharedSNDSrvc*****
C:WINDOWSSystem32svchost*****
C:Program FilesAlwil SoftwareAvast4ashMaiSv*****
C:Program FilesAlwil SoftwareAvast4ashWebSv*****
C:WINDOWSsystem32winlogon*****
C:WINDOWSsystem32Ati2evxx*****
C:WINDOWSExplorer*****
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd*****
C:WINDOWSsystem32LXSUPMON*****
C:PROGRA~1NEOSTR~1CnxMon*****
C:Program FilesThomsonSpeedTouch USBDragdiag*****
C:Program FilesAshampooAshampoo FireWallFireWall*****
C:PROGRA~1ALWILS~1Avast4ashDisp*****
C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnf*****
C:WINDOWSservices*****
C:WINDOWSsystem32ctfmon*****
D:Program FilesAutoConnectAutoConnect*****
D:TibiaTibia*****
C:Program FilesInternet ExplorerIEXPLORE*****
D:gg 77Gadu-Gadugg*****
D:OperaOpera*****
C:Documents and SettingsNanekPulpitHijackThis*****
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.imesh.com/sidebar.html?src=ssb
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.imesh.com/sidebar.html?src=ssb
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:Program FilesAdobeAcrobat 5.0 CEReaderActiveXAcroIEHelper.ocx
O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O3 - Toolbar: (no name) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll
O3 - Toolbar: iMesh MediaBar - {B7D3E479-CC68-42B5-A338-938ECE35F419} - (no file)
O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck*****
O4 - HKLM..Run: [Share-to-Web Namespace Daemon] C:Program FilesHewlett-PackardHP Share-to-Webhpgs2wnd*****
O4 - HKLM..Run: [LXSUPMON] C:WINDOWSsystem32LXSUPMON***** RUN
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon*****
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag*****" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch*****
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon*****
O4 - HKLM..Run: [Easy-PrintToolBox] C:Program FilesCanonEasy-PrintToolBoxBJPSMAIN***** /logon
O4 - HKLM..Run: [Ashampoo FireWall] "C:\Program Files\Ashampoo\Ashampoo FireWall\FireWall*****" -TRAY
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp*****
O4 - HKLM..Run: [UINotify] C:Documents and SettingsRODZINAUstawienia lokalneDane aplikacjiUINotify*****
O4 - HKLM..Run: [Windows] C:WINDOWSservices*****
O4 - HKLM..Run: [services] C:Documents and SettingsNanekPulpitServisePack_4*****
O4 - HKLM..RunServices: [UINotify] C:Documents and SettingsRODZINAUstawienia lokalneDane aplikacjiUINotify*****
O4 - HKCU..Run: [Gadu-Gadu] "D:\gg 77\Gadu-Gadu\gg*****" /tray
O4 - HKCU..Run: [UINotify] C:Documents and SettingsNanekUstawienia lokalneDane aplikacjiUINotify*****
O4 - HKCU..Run: [ctfmon*****] C:WINDOWSsystem32ctfmon*****
O4 - HKCU..Run: [ares] "D:\Program Files\Ares\Ares*****" -h
O4 - HKCU..Run: [AutoConnect] D:Program FilesAutoConnectAutoConnect*****
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA*****
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs*****
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs*****
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: c:program filesashampooashampoo firewallspi.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.pl/resources/virusscanner/kavwebscan_unicode.cab
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - http://slimak.onet.pl/_m/wirusy/ArcaOnline.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1164261359416
O17 - HKLMSystemCCSServicesTcpip..{524BE7F1-2906-4CBB-8D8B-637B22679960}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O18 - Filter: text/html - (no CLSID) - (no file)
O20 - Winlogon Notify: WgaLogon - C:WINDOWSSYSTEM32WgaLogon.dll
O23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc*****
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - D:Program FilesAreschatServer*****
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:Program FilesAlwil SoftwareAvast4aswUpdSv*****
O23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSSystem32Ati2evxx*****
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag*****
O23 - Service: avast! Antivirus - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashServ*****
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv*****" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing)
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES*****
O23 - Service: ProtexisLicensing - Unknown owner - C:WINDOWSsystem32PSIService*****
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:Program FilesCommon FilesSymantec SharedSNDSrvc*****