Forum Tibia.pl - Zobacz pojedynczy post

Matth'ew · 20-08-2007, 01:34

Cytuj:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:23:30, on 2007-08-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss*****
C:\WINDOWS\system32\winlogon*****
C:\WINDOWS\system32\services*****
C:\WINDOWS\system32\lsass*****
C:\WINDOWS\system32\svchost*****
C:\WINDOWS\System32\svchost*****
C:\Program Files\Ahead\InCD\InCDsrv*****
c:\program files\panda software\panda internet security 2007\firewall\PNMSRV*****
C:\WINDOWS\system32\spoolsv*****
C:\Program Files\Bonjour\mDNSResponder*****
C:\WINDOWS\System32\CTsvcCDA*****
C:\WINDOWS\System32\nvsvc32*****
C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr*****
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv*****
C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51*****
C:\Program Files\Panda Software\Panda Internet Security 2007\AVENGINE*****
C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc*****
C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc*****
C:\WINDOWS\System32\svchost*****
C:\Program Files\Canon\CAL\CALMAIN*****
C:\Program Files\Panda Software\Panda Internet Security 2007\SRVLOAD*****
C:\WINDOWS\explorer*****
C:\WINDOWS\system32\devldr32*****
C:\Program Files\Konnekt\konnekt*****
C:\WINDOWS\system32\wscntfy*****
C:\Program Files\Neostrada TP\NeostradaTP*****
C:\Program Files\Neostrada TP\ComComp*****
C:\Program Files\Neostrada TP\Watch*****
C:\Program Files\Opera\Opera*****
C:\Program Files\Winamp\winamp*****
C:\Program Files\Trend Micro\HijackThis\HijackThis*****

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
F2 - REG:system.ini: Shell=explorer***** C:/windows/services*****
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag*****" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb0 6*****
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa*****
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ*****"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32***** C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz***** /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32***** C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [ISUSPM Startup] C:\PROGRA~1\COMMON~1\INSTAL~1\UPDATE~1\ISUSPM***** -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch*****" -start
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy*****"
O4 - HKCU\..\Run: [CTFMON*****] C:\WINDOWS\system32\ctfmon*****
O4 - HKCU\..\Run: [Creative Detector] C:\Program Files\Creative\MediaSource\Detector\CTDetect***** /R
O4 - HKCU\..\Run: [Konnekt] "C:\Program Files\Konnekt\konnekt*****" /autostart
O4 - HKCU\..\Run: [Dtth] "C:\PROGRA~1\COMMON~1\CROSOF~1.NET\spoolsv**** *" -vt yazb
O4 - HKCU\..\Run: [Umfexvi] "C:\Program Files\Common Files\?icrosoft.NET\w?aclt*****"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\System32\CTFMON***** (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\System32\CTFMON***** (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\System32\CTFMON***** (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\System32\CTFMON***** (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader*****
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl*****
O4 - Global Startup: NkbMonitor*****.lnk = C:\Program Files\Nikon\PictureProject\NkbMonitor*****
O8 - Extra context menu item: &Search - http://kn.bar.need2find.com/KN/menusearch.html?p=KN
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL*****/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*****
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*****
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsu...?1151070849883
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/actives...ree/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6064AA82-2B70-4206-8D36-4A0223D7D02B}: NameServer = 194.204.159.1 217.98.63.164
O18 - Filter hijack: text/html - (no CLSID) - (no file)
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc*****
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762# # (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder*****
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C:\Program Files\Canon\CAL\CALMAIN*****
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA*****
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService*****
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService*****
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT*****
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Ahead\InCD\InCDsrv*****
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32*****
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\PavFnSvr*****
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv*****
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\pavsrv51*****
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Software\Panda Internet Security 2007\AntiSpam\pskmssvc*****
O23 - Service: Panda Network Manager (PNMSRV) - Panda Software International - c:\program files\panda software\panda internet security 2007\firewall\PNMSRV*****
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software - C:\Program Files\Panda Software\Panda Internet Security 2007\PsImSvc*****
O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\Win32\RpcDataSrv*****
O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2007\RpcSandraSrv*****

--
End of file - 8100 bytes

Z góry dz