proszę o sprawdzenie loga

Logfile of HijackThis v1.99.1
Scan saved at 16:04:00, on 2005–04–29
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\D–Tools\daemon.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\AVPersonal\AVGNT.EXE
E:\Program Files\triki_pliki\svhosts.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
c:\usr\MYSQL\bin\mysqld.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\WINDOWS\winsys32.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\FlashGet\flashget.exe
C:\totalcmd\TOTALCMD.EXE
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Krzysiek\USTAWI~1\Temp\Rar$EX00.875\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.affiliscout.com/network/action.php3?pid=999537472&sid=1887440965&bid=10930
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://de.geocities.com/cashlinkcash/diebesten1.htm
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Dzięgielewski Internet
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1

R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
F2 – REG:system.ini: Shell=Explorer.exe winsys32.exe
F3 – REG:win.ini: run=winsys32.exe
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: (no name) – {21C9BE8A–7620–1018–CB86–F15974F37180} – C:\WINDOWS\system32\odlpifuy.dll (file missing)
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – C:\PROGRA~1\FlashGet\jccatch.dll
O2 – BHO: (no name) – {F8A7A81A–5BC2–9426–B94F–E57507206D79} – C:\WINDOWS\system32\gztsokao.dll (file missing)
O2 – BHO: (no name) – {F9229643–F028–DB0A–5AF9–D2AF72307A03} – C:\WINDOWS\system32\lavqliem.dll (file missing)
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [DAEMON Tools–1033] "C:\Program Files\D–Tools\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [Admilli Service] C:\Program Files\Admilli Service\AdmilliServ.exe
O4 – HKLM\..\Run: [WebServ] C:\WebServ\WebServ.exe –winstart
O4 – HKLM\..\Run: [iTunesHelper] C:\Program Files\iTunes\iTunesHelper.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe" /updateexetsr
O4 – HKLM\..\Run: [pwdir] C:\Program Files\PasswordDirector\PasswordDirector.exe /autorun
O4 – HKLM\..\Run: [systemdll.dll] winsys32.exe
O4 – HKLM\..\Run: [AVGCtrl] "C:\Program Files\AVPersonal\AVGNT.EXE" /min
O4 – HKLM\..\Run: [msservice] E:\Program Files\triki_pliki\svhosts.exe
O4 – HKLM\..\RunServices: [systemdll.dll] winsys32.exe
O4 – HKLM\..\RunServices: [] winsys32.exe
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – HKCU\..\Run: [STYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – Startup: OpenOffice.org 1.1.0.lnk = C:\Program Files\OpenOffice.org1.1.0\program\quickstart.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: + Offline &Explorer: Download the link – file://C:\Program Files\Offline Explorer Enterprise\Add_UrlO.htm
O8 – Extra context menu item: + Offline E&xplorer: Download the current page – file://C:\Program Files\Offline Explorer Enterprise\Add_AllO.htm
O8 – Extra context menu item: E&xport to Microsoft Excel – res://D:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Pobierz z &BitSpirit – C:\Program Files\BitSpirit\bsurl.htm
O8 – Extra context menu item: Sothink SWF Catcher – C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – C:\Program Files\FlashGet\jc_all.htm
O16 – DPF: komentator – http://sport.onet.pl/komentator.cab
O16 – DPF: {166B1BCA–3F9C–11CF–8075–444553540000} (Shockwave ActiveX Control) – http://www.puzzle.net.pl/install/sw.cab
O16 – DPF: {1D6711C8–7154–40BB–8380–3DEA45B69CBF} (Web P2P Installer) –
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O23 – Service: AntiVir Service (AntiVirService) – H+BEDV Datentechnik GmbH – C:\Program Files\AVPersonal\AVGUARD.EXE
O23 – Service: Autodesk Licensing Service – Unknown owner – C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 – Service: AntiVir Update (AVWUpSrv) – H+BEDV Datentechnik GmbH, Germany – C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 – Service: vfyferzwbmcg (cbkvtqno6) – Unknown owner – C:\WINDOWS\system32\hkjtbrdb6.exe (file missing)
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Macromedia Licensing Service – Macromedia – C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 – Service: MySql – Unknown owner – c:\usr/MYSQL/bin/mysqld.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: StyleXPService – Unknown owner – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe

Odpowiedzi: 0

mksdziegiel
Dodano:
29.04.2005 18:05:31
Komentarzy:
0
Strona 0 / 0