Forum Tibia.pl - Zobacz pojedynczy post

gruszeczek · 19-07-2007, 20:39

PHP Kod:


			
Logfile of HijackThis v1.99.1

Scan saved at 19:29:13, on 2007-07-19

Platform: Unknown Windows (WinNT 6.00.1904)

MSIE: Internet Explorer v7.00 (7.00.6000.16386)



Running processes:

C:Windowssystem32Dwm*****

C:Windowssystem32taskeng*****

C:WindowsExplorer*****

C:Program FilesWindows DefenderMSASCui*****

C:Program FilesMotorolaSMSERIALsm56hlpr*****

C:Program FilesAntiVir PersonalEdition Classicavgnt*****

C:WindowsRtHDVCpl*****

C:Program FilesWinampwinampa*****

C:Program FilesATI TechnologiesATI.ACECLI*****

C:Program FilesGoogleGoogle Talkgoogletalk*****

C:Program FilesGadu-Gadugg*****

C:Program FilesWindows Media Playerwmpnscfg*****

C:Program FilesWinampwinamp*****

C:Program FilesATI TechnologiesATI.ACECLI*****

C:Program FilesATI TechnologiesATI.ACECLI*****

C:Program FilesAvant Browseravant*****

C:wampwampmanager*****

C:UsersPatrykDesktopHijackThis*****



R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = 

R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = 

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = 

O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll

O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui***** -hide

O4 - HKLM..Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart*****"

O4 - HKLM..Run: [SMSERIAL] C:Program FilesMotorolaSMSERIALsm56hlpr*****

O4 - HKLM..Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt*****" /min

O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl*****

O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa*****

O4 - HKLM..Run: [orcToByloLatwe] C:WINDOWSwinlogon*****

O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck*****

O4 - HKLM..Run: [Windows] C:WINDOWSsvchost*****

O4 - HKLM..Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask*****" -atboottime

O4 - HKLM..Run: [googletalk] C:Program FilesGoogleGoogle Talkgoogletalk***** /autostart

O4 - HKCU..Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*****" /tray

O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG*****

O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl*****

O10 - Unknown file in Winsock LSP: c:windowssystem32nlaapi.dll

O10 - Unknown file in Winsock LSP: c:windowssystem32napinsp.dll

O11 - Options group: [INTERNATIONAL] International*

O13 - Gopher Prefix: 

O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_46.cab

O16 - DPF: {881290B9-F53C-4676-8DAF-3DBEFC297308} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/makao_2_0_0_23.cab

O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_35.cab

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicsched*****

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicavguard*****

O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx*****

O23 - Service: @%SystemRoot%ehomeehstart.dll,-101 (ehstart) - Unknown owner - %windir%system32svchost***** (file missing)

O23 - Service: MySql - Unknown owner - c:usr/MYSQL/bin/mysqld***** (file missing)

O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:Windowssystem32o2flash*****

O23 - Service: @%SystemRoot%system32qwave.dll,-1 (QWAVE) - Unknown owner - %windir%system32svchost***** (file missing)

O23 - Service: @%SystemRoot%system32seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%system32svchost***** (file missing)

O23 - Service: wampapache - Unknown owner - c:wampapache2binhttpd*****" -k runservice (file missing)

O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt*****

O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk*****,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk***** (file missing)

Czy to jest czysta bo niepokoi mnie to:
O4 - HKLM\..\Run: [orcToByloLatwe] C:\WINDOWS\winlogon*****

19-07-2007, 20:39	#133
gruszeczek Użytkownik Forum Data dołączenia: 02 02 2005 Posty: 74 Stan: Aktywny Gracz Imię: Querentos Profesja: Royal Paladin Gildia: Resurrected Świat: Secura Poziom: 117 Skille: 91/68 Poziom mag.: 20	Czy w tym może być key bo mi się zdaję PHP Kod: Logfile of HijackThis v1.99.1 Scan saved at 19:29:13, on 2007-07-19 Platform: Unknown Windows (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16386) Running processes: C:Windowssystem32Dwm*** C:Windowssystem32taskeng* C:WindowsExplorer* C:Program FilesWindows DefenderMSASCui* C:Program FilesMotorolaSMSERIALsm56hlpr* C:Program FilesAntiVir PersonalEdition Classicavgnt* C:WindowsRtHDVCpl* C:Program FilesWinampwinampa* C:Program FilesATI TechnologiesATI.ACECLI* C:Program FilesGoogleGoogle Talkgoogletalk* C:Program FilesGadu-Gadugg* C:Program FilesWindows Media Playerwmpnscfg* C:Program FilesWinampwinamp* C:Program FilesATI TechnologiesATI.ACECLI* C:Program FilesATI TechnologiesATI.ACECLI* C:Program FilesAvant Browseravant* C:wampwampmanager* C:UsersPatrykDesktopHijackThis* R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.pl/ R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch = R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll O4 - HKLM..Run: [Windows Defender] %ProgramFiles%Windows DefenderMSASCui* -hide O4 - HKLM..Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\CLIStart*" O4 - HKLM..Run: [SMSERIAL] C:Program FilesMotorolaSMSERIALsm56hlpr* O4 - HKLM..Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt*" /min O4 - HKLM..Run: [RtHDVCpl] RtHDVCpl* O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa* O4 - HKLM..Run: [orcToByloLatwe] C:WINDOWSwinlogon* O4 - HKLM..Run: [NeroFilterCheck] C:Program FilesCommon FilesAheadLibNeroCheck* O4 - HKLM..Run: [Windows] C:WINDOWSsvchost* O4 - HKLM..Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask*" -atboottime O4 - HKLM..Run: [googletalk] C:Program FilesGoogleGoogle Talkgoogletalk* /autostart O4 - HKCU..Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*" /tray O4 - HKCU..Run: [WMPNSCFG] C:Program FilesWindows Media PlayerWMPNSCFG* O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Readerreader_sl*** O10 - Unknown file in Winsock LSP: c:windowssystem32nlaapi.dll O10 - Unknown file in Winsock LSP: c:windowssystem32napinsp.dll O11 - Options group: [INTERNATIONAL] International* O13 - Gopher Prefix: O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_46.cab O16 - DPF: {881290B9-F53C-4676-8DAF-3DBEFC297308} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/makao_2_0_0_23.cab O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_35.cab O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicsched*** O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - Avira GmbH - C:Program FilesAntiVir PersonalEdition Classicavguard* O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:Windowssystem32Ati2evxx* O23 - Service: @%SystemRoot%ehomeehstart.dll,-101 (ehstart) - Unknown owner - %windir%system32svchost* (file missing) O23 - Service: MySql - Unknown owner - c:usr/MYSQL/bin/mysqld* (file missing) O23 - Service: O2Micro Flash Memory (O2Flash) - O2Micro International - C:Windowssystem32o2flash* O23 - Service: @%SystemRoot%system32qwave.dll,-1 (QWAVE) - Unknown owner - %windir%system32svchost* (file missing) O23 - Service: @%SystemRoot%system32seclogon.dll,-7001 (seclogon) - Unknown owner - %windir%system32svchost* (file missing) O23 - Service: wampapache - Unknown owner - c:wampapache2binhttpd*" -k runservice (file missing) O23 - Service: wampmysqld - Unknown owner - c:\wamp\mysql\bin\mysqld-nt* O23 - Service: @%ProgramFiles%\Windows Media Player\wmpnetwk*,-101 (WMPNetworkSvc) - Unknown owner - %ProgramFiles%\Windows Media Player\wmpnetwk* (file missing) Czy to jest czysta bo niepokoi mnie to: O4 - HKLM\..\Run: [orcToByloLatwe] C:\WINDOWS\winlogon***