26.08.2006, 21:05
AntiVir wykrył a ja wywaliłem cztery trojany i kilka robaków, przeskanowałem dodatkowo dyski Ad-awere, Spybotem i AntiVirem. Nic nie znalazły, ale daję loga do sprawdzenia, dla pewności
Kod:
Logfile of HijackThis v1.99.1
Scan saved at 21:57:24, on 2006-08-26
Platform: Windows XP(WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesMicrosoft SharedVS7DEBUGMDM.EXE
C:WINDOWSSystem32nvsvc32.exe
C:WINDOWSExplorer.EXE
C:WINDOWSSystem32spooldriversw32x863hpztsb08.exe
C:Program FilesD-Toolsdaemon.exe
C:Program FilesD-LinkAirPlus XtremeGAirPlusCFG.exe
C:Program FilesANIANIWZCS2 ServiceWZCSLDR2.exe
C:Program FilesJavajre1.5.0_06binjusched.exe
C:WINDOWSSystem32ctfmon.exe
C:WINDOWSSystem32RUNDLL32.EXE
D:AntiVir PersonalEdition Classicavguard.exe
D:AntiVir PersonalEdition Classicavgnt.exe
D:AntiVir PersonalEdition Classicsched.exe
C:Program FilesMozilla Firefoxfirefox.exe
C:HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL = aboutblank
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.interia.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page = aboutblank
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Ĺącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1SPYBOT~1SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06binssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O4 - HKLM..Run: [HPDJ Taskbar Utility] C:WINDOWSSystem32spooldriversw32x863hpztsb08.exe
O4 - HKLM..Run: [DAEMON Tools-1033] "C:Program FilesD-Toolsdaemon.exe" -lang 1045
O4 - HKLM..Run: [D-Link AirPlus XtremeG] C:Program FilesD-LinkAirPlus XtremeGAirPlusCFG.exe
O4 - HKLM..Run: [ANIWZCS2Service] C:Program FilesANIANIWZCS2 ServiceWZCSLDR2.exe
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06binjusched.exe
O4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -k
O4 - HKLM..Run: [avgnt] "D:AntiVir PersonalEdition Classicavgnt.exe" /min
O4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM..Run: [AudioDeck] C:Program FilesVIAudioiSBADeckADeck.exe 1
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {90F7E144-984F-4FA6-83A7-C9C8DCB9974C} (RSActiveXObj Control) - http://www.radarsync.com/RSActiveX.ocx
O20 - Winlogon Notify: ComPlusSetup - C:WINDOWSSystem32catsrvut.dll
O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:Program FilesANIANIWZCS2 ServiceANIWZCSdS.exe
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - D:AntiVir PersonalEdition Classicsched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - D:AntiVir PersonalEdition Classicavguard.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
