http://www.wklej.org/own
– Dodane 22.04.2009 (Śr) 21:59 –
{\rtf1\ansi\ansicpg1250\deff0\deflang1045{\fonttbl{\f0\fswiss\fcharset238{*\fname Arial;}Arial CE;}}
{*\generator Msftedit 5.41.15.1515;}\viewkind4\uc1\pard\f0\fs20 Logfile of Trend Micro HijackThis v2.0.2\par
Scan saved at 20:56:28, on 2009-04-20\par
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)\par
MSIE: Internet Explorer v7.00 (7.00.5730.0013)\par
Boot mode: Normal\par
\par
Running processes:\par
C:\WINDOWS\System32\smss.exe\par
C:\WINDOWS\system32\winlogon.exe\par
C:\WINDOWS\system32\services.exe\par
C:\WINDOWS\system32\lsass.exe\par
C:\WINDOWS\system32\svchost.exe\par
C:\WINDOWS\System32\svchost.exe\par
C:\WINDOWS\Explorer.EXE\par
C:\WINDOWS\system32\spoolsv.exe\par
C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe\par
C:\Program Files\Analog Devices\SoundMAX\smax4.exe\par
C:\WINDOWS\system32\ctfmon.exe\par
C:\Program Files\Messenger\msmsgs.exe\par
C:\Program Files\Nowe Gadu-Gadu\gg.exe\par
C:\Program Files\AVerTV\QuickTV.exe\par
C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe\par
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe\par
C:\Program Files\Java\jre6\bin\jqs.exe\par
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe\par
C:\Program Files\Nowe Gadu-Gadu\spellchecker_gg.exe\par
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe\par
C:\WINDOWS\system32\nvsvc32.exe\par
C:\WINDOWS\system32\HPZipm12.exe\par
C:\WINDOWS\system32\svchost.exe\par
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe\par
C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe\par
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe\par
\par
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/\par
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157\par
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896\par
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896\par
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157\par
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = 'a3’b9cza\par
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx\par
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll\par
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll\par
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll\par
O4 - HKLM\…\Run: [soundMax] “C:\Program Files\Analog Devices\SoundMAX\smax4.exe” /tray\par
O4 - HKLM\…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup\par
O4 - HKCU\…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe\par
O4 - HKCU\…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background\par
O4 - HKCU\…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized\par
O4 - HKCU\…\Run: [Nowe Gadu-Gadu] “C:\Program Files\Nowe Gadu-Gadu\gg.exe”\par
O4 - HKUS\S-1-5-19\…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘US’a3UGA LOKALNA’)\par
O4 - HKUS\S-1-5-20\…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘US’a3UGA SIECIOWA’)\par
O4 - HKUS\S-1-5-18\…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)\par
O4 - HKUS\.DEFAULT\…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)\par
O4 - Global Startup: QuickTV.lnk = C:\Program Files\AVerTV\QuickTV.exe\par
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll\par
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll\par
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe\par
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe\par
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe\par
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe\par
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll\par
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup … 6962002515\par
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s … wflash.cab\par
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL\par
O23 - Service: Avira AntiVir Personal - Free Antivirus Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\sched.exe\par
O23 - Service: Avira AntiVir Personal - Free Antivirus Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir PersonalEdition Classic\avguard.exe\par
O23 - Service: ForceWare Intelligent Application Manager (IAM) - Unknown owner - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe\par
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Apache Software Foundation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe\par
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe\par
O23 - Service: ForceWare IP service (nSvcIp) - NVIDIA Corporation - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcIp.exe\par
O23 - Service: ForceWare user log service (nSvcLog) - NVIDIA - C:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe\par
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe\par
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe\par
\par
–\par
End of file - 6092 bytes\par
}
– Dodane 22.04.2009 (Śr) 22:01 –
http://www.wklej.org/id/81708/
– Dodane 22.04.2009 (Śr) 22:03 –
proszę o info, czy mam jakis problem i co z nim zrobić
– Dodane 22.04.2009 (Śr) 22:14 –
http://www.wklej.org/id/81718/