Cytat: Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 14:30:45, on 2008-04-20
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesWindows DefenderMsMpEng.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32spoolsv.exe
Crogram FilesAviraAvira Premium Security Suitesched.exe
Crogram FilesAviraAvira Premium Security Suiteavguard.exe
Crogram FilesAviraAvira Premium Security Suiteavesvc.exe
Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
C:WINDOWSExplorer.EXE
Crogram FilesMagicTune PremiumMagicTuneEngine.exe
Crogram FilesCommon FilesMicrosoft SharedVS7DEBUGmdm.exe
Crogram FilesGoogleGmail Notifiergnotify.exe
Crogram FilesMicrosoft OfficeOffice12GrooveMonitor.exe
Crogram FilesNeroNero8Nero BackItUpNBService.exe
Crogram FilesWindows DefenderMSASCui.exe
Crogram FilesJavajre1.6.0_05binjusched.exe
Crogram FilesWinampwinampa.exe
C:WINDOWSSOUNDMAN.EXE
Crogram FilesRaxcoPerfectDisk2008PD91Agent.exe
C:WINDOWSsystem32IoctlSvc.exe
Crogram FilesCyberLinkShared filesRichVideo.exe
Crogram FilesPcBoostPcBoost.exe
Crogram FilesAviraAvira Premium Security Suiteavmailc.exe
Crogram FilesAviraAvira Premium Security SuiteAVWEBGRD.EXE
C:WINDOWSsystem32ctfmon.exe
Crogram FilesWinamp RemotebinOrbTray.exe
Crogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe
CROGRA~1MyPortalSpeed-XSpeedX.exe
Crogram FilesDAEMON Tools Litedaemon.exe
Crogram FilesIVT CorporationBlueSoleilBlueSoleil.exe
Crogram FilesWinamp RemotebinOrb.exe
Crogram FilesMagicTune PremiumGammaTray.exe
Crogram FilesSECNatural Color ProNCProTray.exe
Crogram FilesuTorrentuTorrent.exe
Crogram FilesMagicTune PremiumMagicTune.exe
Crogram FilesCommon FilesNeroLibNMIndexingService.exe
Crogram FilesCommon FilesTeleca SharedGeneric.exe
Crogram FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
Crogram FilesTlen.pltlen.exe
Crogram FilesGadu-Gadugg.exe
CROGRA~1FOXITS~1FOXITR~1FOXITR~1.EXE
Crogram FilesInternet Exploreriexplore.exe
Crogram FilesMozilla Firefoxfirefox.exe
C:WINDOWSsystem32wscript.exe
C:WINDOWSsystem32wscript.exe
C:WINDOWSsystem32wscript.exe
Crogram FilesOperaOpera.exe
Crogram FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = [Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = [Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL = [Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = [Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page = [Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *.local
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Winamp Toolbar BHO - {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} - Crogram FilesWinamp Toolbarwinamptb.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - Crogram FilesMicrosoft OfficeOffice12GrooveShellExtensions.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_05binssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar2.dll
O3 - Toolbar: Winamp Toolbar - {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} - Crogram FilesWinamp Toolbarwinamptb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar2.dll
O4 - HKLM..Run: [{0228e555-4f9c-4e35-a3ec-b109a192b4c2}]Crogram FilesGoogleGmail Notifiergnotify.exe
O4 - HKLM..Run: [GrooveMonitor]"Crogram FilesMicrosoft OfficeOffice12GrooveMonitor.exe"
O4 - HKLM..Run: [Windows Defender]"Crogram FilesWindows DefenderMSASCui.exe" -hide
O4 - HKLM..Run: [SunJavaUpdateSched]"Crogram FilesJavajre1.6.0_05binjusched.exe"
O4 - HKLM..Run: [WinampAgent]"Crogram FilesWinampwinampa.exe"
O4 - HKLM..Run: [NBKeyScan]"Crogram FilesNeroNero8Nero BackItUpNBKeyScan.exe"
O4 - HKLM..Run: [Sony Ericsson PC Suite]"Crogram FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [SoundMan]SOUNDMAN.EXE
O4 - HKLM..Run: [NeroFilterCheck]Crogram FilesCommon FilesNeroLibNeroCheck.exe
O4 - HKLM..Run: [KernelFaultCheck]%systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [AVP]"Crogram FilesKaspersky LabKaspersky Internet Security 7.0avp.exe"
O4 - HKLM..Run: [avgnt]"Crogram FilesAviraAvira Premium Security Suiteavgnt.exe" /min
O4 - HKLM..Run: [QuickTime Task]"Crogram FilesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [TrojanScanner]Crogram FilesTrojan RemoverTrjscan.exe
O4 - HKLM..Run: [PcBoost]"Crogram FilesPcBoostPcBoost.exe" /start
O4 - HKLM..Run: [MSRegInfo]C:WINDOWSpagefile.sys.vbs
O4 - HKCU..Run: [CTFMON.EXE]C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Orb]"Crogram FilesWinamp RemotebinOrbTray.exe" /background
O4 - HKCU..Run: [swg]Crogram FilesGoogleGoogleToolbarNotifier1.2.1128.5462GoogleToolbarNotifier.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]"Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKCU..Run: [Gadu-Gadu]"Crogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [SpeedX]CROGRA~1MyPortalSpeed-XSpeedX.exe
O4 - HKCU..Run: [DAEMON Tools Lite]"Crogram FilesDAEMON Tools Litedaemon.exe" -autorun
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''SYSTEM'')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''Default user'')
O4 - Startup: µTorrent.lnk = Crogram FilesuTorrentuTorrent.exe
O4 - Global Startup: BlueSoleil.lnk = Crogram FilesIVT CorporationBlueSoleilBlueSoleil.exe
O4 - Global Startup: GammaTray.lnk = ?
O4 - Global Startup: NCProTray.lnk = ?
O8 - Extra context menu item: &Winamp Toolbar Search - Cocuments and SettingsAll UsersDane aplikacjiWinamp ToolbarieToolbarresourcesen-USlocalsearch.html
O8 - Extra context menu item: Dodaj do blokowanych banerów - Crogram FilesKaspersky LabKaspersky Internet Security 7.0ie_banner_deny.htm
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - [Aby zobaczyć linki, zarejestruj się tutaj]
O9 - Extra button: Statystyki dla ochrony WWW - {1F460357-8A94-4D71-9CA3-AA4ACF32ED8E} - Crogram FilesKaspersky LabKaspersky Internet Security 7.0SCIEPlgn.dll
O15 - Trusted Zone: [Aby zobaczyć linki, zarejestruj się tutaj]
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - [Aby zobaczyć linki, zarejestruj się tutaj]
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (Installation Support) - Crogram FilesYahoo!CommonYinsthelper.dll
O16 - DPF: {3D8700FB-86A4-4CB4-B738-6F0FC016AC7D} (MainControl Class) - [Aby zobaczyć linki, zarejestruj się tutaj]
O16 - DPF: {BDBDE413-7B1C-4C68-A8FF-C5B2B4090876} (F-Secure Online Scanner 3.3) - [Aby zobaczyć linki, zarejestruj się tutaj]
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - [Aby zobaczyć linki, zarejestruj się tutaj]
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - Crogram FilesMicrosoft OfficeOffice12GrooveSystemServices.dll
O20 - AppInit_DLLs: CROGRA~1KASPER~1KASPER~1.0adialhk.dll
O23 - Service: Avira Premium Security Suite Firewall (AntiVirFirewallService) - Avira GmbH - Crogram FilesAviraAvira Premium Security Suiteavfwsvc.exe
O23 - Service: Avira Premium Security Suite MailGuard (AntiVirMailService) - Avira GmbH - Crogram FilesAviraAvira Premium Security Suiteavmailc.exe
O23 - Service: Avira Premium Security Suite Scheduler (AntiVirScheduler) - Avira GmbH - Crogram FilesAviraAvira Premium Security Suitesched.exe
O23 - Service: Avira Premium Security Suite Guard (AntiVirService) - Avira GmbH - Crogram FilesAviraAvira Premium Security Suiteavguard.exe
O23 - Service: Avira Premium Security Suite WebGuard (antivirwebservice) - Avira GmbH - Crogram FilesAviraAvira Premium Security SuiteAVWEBGRD.EXE
O23 - Service: BugSoft AnyTrial (AnyTrial) - Avira GmbH - (no file)
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: Avira Premium Security Suite MailGuard helper service (AVEService) - Avira GmbH - Crogram FilesAviraAvira Premium Security Suiteavesvc.exe
O23 - Service: Kaspersky Internet Security 7.0 (AVP) - Kaspersky Lab - Crogram FilesKaspersky LabKaspersky Internet Security 7.0avp.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - Crogram FilesIVT CorporationBlueSoleilBTNtService.exe
O23 - Service: Google Updater Service (gusvc) - Google - Crogram FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: MagicTuneEngine - Unknown owner - Crogram FilesMagicTune PremiumMagicTuneEngine.exe
O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - Crogram FilesNeroNero8Nero BackItUpNBService.exe
O23 - Service: NMIndexingService - Nero AG - Crogram FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: PD91Agent - Raxco Software, Inc. - Crogram FilesRaxcoPerfectDisk2008PD91Agent.exe
O23 - Service: PD91Engine - Raxco Software, Inc. - Crogram FilesRaxcoPerfectDisk2008PD91Engine.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:WINDOWSsystem32IoctlSvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - Crogram FilesCyberLinkShared filesRichVideo.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - C:WINDOWSSystem32TuneUpDefragService.exe
--
End of file - 11096 bytes