Witam,
czytalem na forum o podobnym problemie…ale wpisy stanowaia dla mnie czarna magie…zwracam sie z prosba o pomoc…
jedna z “samoczynnie” ladujacyuch sie stronek sa niejakie dominatory… ale spodziewam sie wiecej szkodnikow :lol:
dzieki
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 23:44:50, on 2009-02-22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\EXPLORER.EXE
D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
D:\WINDOWS\system32\drivers\CDAC11BA.EXE
D:\Program Files\Creative\Shared Files\CTDevSrv.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
D:\WINDOWS\system32\tcpsvcs.exe
D:\WINDOWS\System32\snmp.exe
D:\WINDOWS\system32\svchost.exe
C:\Program Files\Gadu-Gadu\gg.exe
D:\WINDOWS\system32\devldr32.exe
D:\WINDOWS\system32\ctfmon.exe
D:\WINDOWS\system32\wscntfy.exe
C:\Program Files\Mozilla Firefox\firefox.exe
D:\PROGRA~1\NEOSTR~1\NeostradaTP.exe
D:\PROGRA~1\NEOSTR~1\ComComp.exe
D:\PROGRA~1\NEOSTR~1\Watch.exe
D:\Documents and Settings\Neo\Pulpit\cureit.exe
D:\DOCUME~1\Neo\USTAWI~1\Temp\RarSFX0\_start.exe
D:\DOCUME~1\Neo\USTAWI~1\Temp\RarSFX0\setup.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe
D:\WINDOWS\EXPLORER.EXE
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
F2 - REG:system.ini: UserInit=userinit.exe,EXPLORER.EXE
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - D:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll
O2 - BHO: HelloWorldBHO - {D88E1558-7C2D-407A-953A-C044F5607CEA} - (no file)
O4 - HKLM\..\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [lxccmon.exe] "D:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [LXCCCATS] rundll32 D:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [egui] "D:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [avgnt] "D:\Program Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [wsctf.exe] wsctf.exe
O4 - HKCU\..\Run: [EXPLORER.EXE] EXPLORER.EXE
O4 - HKCU\..\Run: [ctfmon.exe] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cogad] "D:\Documents and Settings\Neo\Dane aplikacji\cogad\cogad.exe" 61A847B5BBF728133B993F466188719AB689201522886B092CBD44BD8689220221DD3257
O4 - HKCU\..\Run: [GetModule37] D:\Program Files\GetModule\GetModule37.exe
O4 - HKUS\S-1-5-21-448539723-2111687655-839522115-500\..\Run: [CTFMON.EXE] D:\WINDOWS\system32\CTFMON.EXE (User 'Administrator')
O4 - HKUS\S-1-5-21-448539723-2111687655-839522115-500\..\Run: [kamsoft] D:\WINDOWS\system32\ckvo.exe (User 'Administrator')
O4 - HKUS\S-1-5-21-448539723-2111687655-839522115-500\..\RunOnce: [NeroHomeFirstStart] "D:\Program Files\Common Files\Ahead\Lib\NMFirstStart.exe" (User 'Administrator')
O16 - DPF: {FC11A119-C2F7-46F4-9E32-937ABA26816E} (AMI DicomDir TreeView Control 2.1) - file://I:\RA\CdViewer.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C0BF2A31-02FA-48FB-A433-41613E6DB0D9}: NameServer = 194.204.159.1 217.98.63.164
O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - D:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - D:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: C-DillaCdaC11BA - Macrovision - D:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 - Service: CT Device Query service (CTDevice_Srv) - Creative Technology Ltd - D:\Program Files\Creative\Shared Files\CTDevSrv.exe
O23 - Service: Eset HTTP Server (EhttpSrv) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\EHttpSrv.exe
O23 - Service: Eset Service (ekrn) - ESET - D:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
O23 - Service: lxcc_device - Lexmark International, Inc. - D:\WINDOWS\system32\lxcccoms.exe
--
End of file - 5417 bytes