12.03.2008, 21:32
Kod:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 21:31:35, on 2008-03-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesG DATA AntiVirus TrialAVKAVKService.exe
C:Program FilesG DATA AntiVirus TrialAVKAVKWCtl.exe
C:WINDOWSsystem32nvsvc32.exe
C:WINDOWSsystem32PnkBstrA.exe
C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
C:WINDOWSsystem32wuauclt.exe
C:PROGRA~1NEOSTR~1CnxMon.exe
C:Program FilesThomsonSpeedTouch USBDragdiag.exe
C:PROGRA~1NEOSTR~1TaskbarIcon.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesWinampwinampa.exe
C:Program FilesG DATA AntiVirus TrialAVKTrayAVKTray.exe
C:WINDOWSsystem32driverssvchost.exe
C:WINDOWSsystem32ctfmon.exe
C:WINDOWSsystem32driverssvchost.exe
C:Program FilesIncrediMailbinImApp.exe
C:PROGRA~1NEOSTR~1NeostradaTP.exe
C:PROGRA~1NEOSTR~1ComComp.exe
C:PROGRA~1NEOSTR~1Watch.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:Program FilesAnti-Trojan-55Anti-Trojan.exe
C:WINDOWSexplorer.exe
C:Program FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://mystart.incredimail.com/english
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:PROGRA~1NEOSTR~1SEARCH~1.DLL
O2 - BHO: (no name) - {6B8A2FDF-73DF-4BC3-81DA-A51070AF14BD} - C:WINDOWSsystem32jkklk.dll (file missing)
O2 - BHO: Windows Media Player - {7DEB75C2-8007-4C57-8557-7D7627A8C9E0} - C:WINDOWSwmpdxm.dll
O2 - BHO: FGCatchUrl - {B3A00219-19D4-4966-AECD-8ED34AB9EF7A} - C:WINDOWSsystem32msram.dll
O2 - BHO: e404 helper - {C03FD59D-9104-44B7-929A-9EAA0BA05211} - C:Program FilesHelper1205346922.dll
O2 - BHO: RDL Rolex - {C9101D88-5C46-4757-87FC-40CAA937F9F2} - C:WINDOWSdrnpfdxfxv.dll
O2 - BHO: e404 helper - {D4FEDE82-C500-4AA4-BB99-A4DAE5A65A46} - C:Program FilesHelper1205347372.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:PROGRA~1MEGAUP~1MEGAUP~1.DLL
O3 - Toolbar: G DATA WebFilter - {0124123D-61B4-456f-AF86-78C53A0790C5} - C:Program FilesG DATA AntiVirus TrialWebfilterAvkWebIE.dll
O3 - Toolbar: etlrlws - {CE98234D-64C9-42BE-80B9-5D9EC9E1E0A4} - C:WINDOWSetlrlws.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIcon.exe
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSsystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [AVKTray] "C:Program FilesG DATA AntiVirus TrialAVKTrayAVKTray.exe"
O4 - HKLM..Run: [runner1] C:WINDOWSmrofinu1535.exe 61A847B5BBF7281337983D466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKLM..Run: [autoload] C:Documents and SettingsSupermachoLocal SettingsApplication Datawindowsupdate.exe
O4 - HKLM..Run: [ntuser] C:WINDOWSsystem32driverssvchost.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [IncrediMail] C:Program FilesIncrediMailbinIncMail.exe /c
O4 - HKCU..Run: [autoload] C:Documents and SettingsSupermachoLocal SettingsApplication Datawindowsupdate.exe
O4 - HKCU..Run: [ntuser] C:WINDOWSsystem32driverssvchost.exe
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''SYSTEM'')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSsystem32CTFMON.EXE (User ''Default user'')
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O17 - HKLMSystemCCSServicesTcpip..{BC612878-134B-447A-9096-46FDE4303F05}: NameServer = 194.204.159.1 217.98.63.164
O20 - Winlogon Notify: urqqpqq - urqqpqq.dll (file missing)
O21 - SSODL: bokpkov - {F672479D-F694-4550-9E76-C2D7D7092881} - C:WINDOWSbokpkov.dll (file missing)
O21 - SSODL: altvxvm - {9567D936-05F7-498A-ADB9-3BD313AC0206} - C:WINDOWSaltvxvm.dll
O23 - Service: G DATA AntiVirus Proxy (AVKProxy) - G DATA Software AG - C:Program FilesCommon FilesG DATAAVKProxyAVKProxy.exe
O23 - Service: G DATA Scheduler (AVKService) - G DATA Software AG - C:Program FilesG DATA AntiVirus TrialAVKAVKService.exe
O23 - Service: Strażnik AntiVirus (AVKWCtl) - G DATA Software AG - C:Program FilesG DATA AntiVirus TrialAVKAVKWCtl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSsystem32nvsvc32.exe
O23 - Service: PnkBstrA - Unknown owner - C:WINDOWSsystem32PnkBstrA.exe
O23 - Service: Harmonogram zadań (Schedule) - Unknown owner - C:WINDOWSsystem32driverssvchost.exe
--
End of file - 6199 bytes
rogram Files
ocuments and SettingsSupermachoLocal SettingsApplication Data