-
Logfile of Trend Micro HijackThis v2.0.2
-
Scan saved at 09:22:25, on 2008-03-04
-
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
-
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
-
Boot mode: Normal
-
Running processes:
-
D:\WINDOWS\System32\smss.exe
-
D:\WINDOWS\system32\csrss.exe
-
D:\WINDOWS\system32\winlogon.exe
-
D:\WINDOWS\system32\services.exe
-
D:\WINDOWS\system32\lsass.exe
-
D:\WINDOWS\System32\Ati2evxx.exe
-
D:\WINDOWS\system32\svchost.exe
-
D:\WINDOWS\System32\svchost.exe
-
D:\WINDOWS\System32\svchost.exe
-
D:\WINDOWS\System32\svchost.exe
-
D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
-
D:\WINDOWS\system32\spoolsv.exe
-
D:\WINDOWS\Explorer.EXE
-
D:\WINDOWS\SOUNDMAN.EXE
-
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
-
D:\Program Files\Common Files\Symantec Shared\ccApp.exe
-
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
-
D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
-
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
-
D:\Program Files\Winamp\Winampa.exe
-
D:\Program Files\QuickTime\qttask.exe
-
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
-
D:\Program Files\Spyware Doctor\pctsTray.exe
-
D:\Program Files\mks_vir_2007\bin\mksregmon.exe
-
D:\Program Files\mks_vir_2007\bin\mks_mail.exe
-
D:\Program Files\mks_vir_2007\bin\mkstray.exe
-
D:\Program Files\Messenger\msmsgs.exe
-
D:\WINDOWS\System32\alg.exe
-
D:\WINDOWS\System32\inetsrv\inetinfo.exe
-
D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
-
D:\Program Files\OczyszczaczKomputerza\GDC.exe
-
D:\Program Files\mks_vir_2007\bin\MksFwall.exe
-
D:\Program Files\mks_vir_2007\bin\MksPC.exe
-
D:\Program Files\mks_vir_2007\bin\mksupdate.exe
-
D:\Program Files\mks_vir_2007\bin\mksvirmonsvc.exe
-
D:\Program Files\Norton AntiVirus\navapsvc.exe
-
D:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
-
D:\Program Files\Spyware Doctor\pctsAuxs.exe
-
D:\Program Files\Spyware Doctor\pctsSvc.exe
-
D:\Program Files\Mozilla Firefox\firefox.exe
-
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
-
D:\Program Files\mks_vir_2007\bin\mks_scan.exe
-
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://softwarereferral.com/jump.php?wm … Ojg5&lid=2
-
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
-
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
-
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
-
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - D:\Program Files\Norton AntiVirus\NavShExt.dll
-
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
-
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - D:\Program Files\Norton AntiVirus\NavShExt.dll
-
O3 - Toolbar: ekvgsnw - {BBE2B433-33B2-4953-BC77-0669D2E9B748} - D:\WINDOWS\ekvgsnw.dll (file missing)
-
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
-
O4 - HKLM…\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
-
O4 - HKLM…\Run: [ccApp] D:\Program Files\Common Files\Symantec Shared\ccApp.exe
-
O4 - HKLM…\Run: [ccRegVfy] D:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe
-
O4 - HKLM…\Run: [Advanced Tools Check] D:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
-
O4 - HKLM…\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
-
O4 - HKLM…\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
-
O4 - HKLM…\Run: [HP Software Update] D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
-
O4 - HKLM…\Run: [DeviceDiscovery] D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
-
O4 - HKLM…\Run: [WinampAgent] “D:\Program Files\Winamp\Winampa.exe”
-
O4 - HKLM…\Run: [QuickTime Task] “D:\Program Files\QuickTime\qttask.exe” -atboottime
-
O4 - HKLM…\Run: [Tray Temperature] D:\PROGRA~1\AWS\MiniBug.exe 1
-
O4 - HKLM…\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
-
O4 - HKLM…\Run: [iSTray] “D:\Program Files\Spyware Doctor\pctsTray.exe”
-
O4 - HKLM…\Run: [MKSRegmon] D:\Program Files\mks_vir_2007\bin\mksregmon.exe
-
O4 - HKLM…\Run: [mks_mail] D:\Program Files\mks_vir_2007\bin\mks_mail.exe
-
O4 - HKLM…\Run: [mkstray] D:\Program Files\mks_vir_2007\bin\mkstray.exe
-
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
-
O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background
-
O4 - HKUS\S-1-5-21-1614895754-1336601894-725345543-1005…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background (User ‘?’)
-
O4 - S-1-5-21-1614895754-1336601894-725345543-1005 Startup: PowerReg Scheduler.exe (User ‘?’)
-
O4 - Startup: PowerReg Scheduler.exe
-
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office10\OSA.EXE
-
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
-
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
-
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
-
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
-
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
-
O10 - Unknown file in Winsock LSP: d:\program files\mks_vir_2007\bin\mkslsp.dll
-
O10 - Unknown file in Winsock LSP: d:\program files\mks_vir_2007\bin\mkslsp.dll
-
O10 - Unknown file in Winsock LSP: d:\program files\mks_vir_2007\bin\mkslsp.dll
-
O10 - Unknown file in Winsock LSP: d:\program files\mks_vir_2007\bin\mkslsp.dll
-
O18 - Protocol: CDS300 - {AD43AA67-6860-4531-AC8A-0E68F9CF023E} - G:\Player__CDS2.dll (file missing)
-
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - D:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
-
O20 - Winlogon Notify: mszsrn32 - D:\WINDOWS\system32\mszsrn32.dll
-
O21 - SSODL: alofkmn - {9E6EB395-1ECE-4BAA-8E38-943B422D91B6} - D:\WINDOWS\alofkmn.dll
-
O21 - SSODL: bxlrvps - {26097507-369E-4B00-B08E-17C36DA5E5FE} - D:\WINDOWS\bxlrvps.dll
-
O23 - Service: Ati HotKey Poller - Unknown owner - D:\WINDOWS\System32\Ati2evxx.exe
-
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
-
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
-
O23 - Service: Symantec Password Validation Service (ccPwdSvc) - Symantec Corporation - D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
-
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - D:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
-
O23 - Service: MksFwall - MKS Sp z o.o. - D:\Program Files\mks_vir_2007\bin\MksFwall.exe
-
O23 - Service: MksPC - Unknown owner - D:\Program Files\mks_vir_2007\bin\MksPC.exe
-
O23 - Service: MksUpdate - MKS Sp. z o. o. - D:\Program Files\mks_vir_2007\bin\mksupdate.exe
-
O23 - Service: mks_vir file monitor (MksVirMonSvc) - Unknown owner - D:\Program Files\mks_vir_2007\bin\mksvirmonsvc.exe
-
O23 - Service: MkS_Scan - Unknown owner - D:\Program Files\mks_vir_2007\bin\mks_scan.exe
-
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - D:\Program Files\Norton AntiVirus\navapsvc.exe
-
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - D:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
-
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - D:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
-
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - D:\Program Files\Spyware Doctor\pctsAuxs.exe
-
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - D:\Program Files\Spyware Doctor\pctsSvc.exe
-
O24 - Desktop Component 0: Privacy Protection - file:///D:\WINDOWS\privacy_danger\index.htm
-
–
-
End of file - 8127 bytes
wklejam loga z Hijacka nie za bardzo się na tym znam więc proszę o pomoc
Pozdrawiam