Co to znaczy, czy wogóle to cos znaczy ?
Logfile of HijackThis v1.99.1
Scan saved at 12:49:27, on 2005-05-16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Palick Soft\HDD Temperature\HDDTsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
C:\WINDOWS\system32\ZONELABS\vsmon.exe
C:\Program Files\Fellowes\MediaFACE 4.0\SetHook.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
D:\Dialer Killer\DiaKill.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\QuickTime\qttask.exe
D:\Winamp\winampa.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Tweak-XP\blads.exe
D:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
D:\calendar\birthen.exe
C:\Program Files\AntyDialer\AntyDialer.exe
C:\Program Files\Microsoft Office\Office\WINWORD.EXE
C:\WINDOWS\msagent\AgentSvr.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\HijackThis\hijackthis.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://red.clientapps.yahoo.com/customi … /www.yahoo.
com/ext/search/search.html
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
http://red.clientapps.yahoo.com/customi … /www.yahoo.
com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
Łącza
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: TChkBHO Class - {4DA7A3F6-BDCE-4ADC-8945-116EE144E343}
- C:\WINDOWS\system32\shpiipe.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no
file)
O4 - HKLM…\Run: [sysR] C:\WINDOWS\sysmd.exe m
O4 - HKLM…\Run: [MediaFace Integration] C:\Program
Files\Fellowes\MediaFACE 4.0\SetHook.exe
O4 - HKLM…\Run: [HPDJ Taskbar Utility]
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe
O4 - HKLM…\Run: [DialerKiller] D:\Dialer Killer\DiaKill.exe -h
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [New.net Startup] rundll32
C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe”
-atboottime
O4 - HKLM…\Run: [WinampAgent] D:\Winamp\winampa.exe
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe”
/background
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [blockAds] C:\Program Files\Tweak-XP\blads.exe
O4 - HKCU…\Run: [Yahoo! Pager] D:\Program
Files\Yahoo!\Messenger\ypager.exe -quiet
O4 - HKCU…\Run: [Morpheus] “D:\StreamCast\Morpheus\Morpheus.exe” -min
O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - Startup: BIRTHDAY! millennium.lnk = D:\calendar\birthen.exe
O4 - Startup: AntyDialer.lnk = C:\Program Files\AntyDialer\AntyDialer.exe
O4 - Startup: Pandion.lnk = D:\Program Files\Pandion\Pandion.exe
O4 - Global Startup: ZoneAlarm.lnk = C:\Program Files\Zone
Labs\ZoneAlarm\zonealarm.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: Yahoo! Dictionary - file:///C:\Program
Files\Yahoo!\Common/ycdict.htm
O8 - Extra context menu item: Yahoo! Search - file:///C:\Program
Files\Yahoo!\Common/ycsrch.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra button: (no name) - {26835CE1-D5EC-11d5-AF6E-00C06D0086BF} -
(no file)
O9 - Extra button: (no name) - {6A0426D1-0FF2-49a0-ABC2-05B67826C727} -
(no file)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra ‘Tools’ menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\MSMSGS.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) -
http://poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 - DPF: {70AA7362-0A16-11D4-877B-008048C4AC6F} (MainControl
Class) - http://download.mks.com.pl/files/webscan/WebScan.cab
O16 - DPF: {88D8E8B7-A33B-4417-A385-8373484D43ED} (InstallHelper
Class) - file://C:\DOCUME~1\z\USTAWI~1\Temp\ThereInstallHelper.dll
O16 - DPF: {8B486EF6-6B2A-4A1E-BB0D-236CB2DBB8D2} (There Voice
Trainer) - file://C:\Program Files\There\ThereClient\ThereVoiceTrainer.dll
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan
Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {AAF421E6-7914-430A-9981-72B31AFF3BF4} (There Launcher) -
file://C:\Program Files\There\ThereClient\ThereLauncher.dll
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl
Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O17 -
HKLM\System\CCS\Services\Tcpip…{C4A4B59C-F1CE-4945-83C8-3308B452
503E}: NameServer = 217.30.137.200 217.30.129.149
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program
Files\Palick Soft\HDD Temperature\HDDTsvc.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program
Files\MKS\Bin\mksmonsv.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Securom User Access for Windows 2000 and Windows XP a
technology by Sony DADC (UserAccess) - Unknown owner - C:\Program
Files\Common Files\YDP\UserAccessManager\useraccess.exe
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs Inc. -
C:\WINDOWS\system32\ZONELABS\vsmon.exe