Temat: Problem z komputerem? Napisz, tutaj.
Zobacz pojedynczy post
stary 09-03-2008, 09:26   #895
Donas
Użytkownik Forum
 
Donas's Avatar
 
Data dołączenia: 09 08 2004
Lokacja: Gdańsk
Wiek: 32
Posty: 676
Stan: Na emeryturze
Domyślny
Cytuj:
Oryginalnie napisane przez Medions Pokaż post
Witam!
Mam podejrzenia że na komputerze mam keylogger'a oto skan HijackThis:

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 17:28:31, on 2008-03-08
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss*****
C:\WINDOWS\system32\winlogon*****
C:\WINDOWS\system32\services*****
C:\WINDOWS\system32\lsass*****
C:\WINDOWS\system32\Ati2evxx*****
C:\WINDOWS\system32\svchost*****
C:\WINDOWS\System32\svchost*****
C:\WINDOWS\system32\Ati2evxx*****
C:\WINDOWS\Explorer*****
C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice*****
C:\WINDOWS\system32\spoolsv*****
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp*****
C:\WINDOWS\system32\CTHELPER*****
C:\Program Files\ATI Technologies\ATI.ACE\cli*****
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor*****
C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp*****
C:\WINDOWS\system32\CTsvcCDA*****
C:\WINDOWS\system32\MsPMSPSv*****
C:\Program Files\Common Files\Ahead\Lib\NMIndexingService*****
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr*****
C:\WINDOWS\system32\wuauclt*****
C:\Program Files\Trend Micro\HijackThis\HijackThis*****

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp*****"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa*****"
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER*****
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg*****
O4 - HKLM\..\Run: [Jet Detection] "C:\Program Files\Creative\SBLive\PROGRAM\ADGJDet*****"
O4 - HKLM\..\Run: [CTStartup] C:\Program Files\Creative\Splash Screen\CTEaxSpl***** /run
O4 - HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli*****" runtime -Delay
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck*****
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl*****"
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*****" /tray
O4 - HKCU\..\Run: [Steam] "d:\adrian(dyziek)\gry\steam\steam*****" -silent
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor*****"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON*****] C:\WINDOWS\system32\CTFMON***** (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9*****
O8 - Extra context menu item: Dodaj do blokowanych banerów - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\ie_banner_deny.htm
O9 - Extra button: Statystyki ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\scieplugin.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*****
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs*****
O20 - AppInit_DLLs: C:\PROGRA~1\KASPER~1\KASPER~1.0\adialhk.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware 2007\aawservice*****
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx*****
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag*****
O23 - Service: Kaspersky Internet Security 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Internet Security 6.0\avp*****
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA*****
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService*****
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService*****

Prosze o pomoc Pozdrawiam
Na mojego oko log czysty. FindIt nic nie znalazł?
Donas jest offline   Odpowiedz z Cytatem