Gość: Edward
IP: *.chello.pl
11.02.05, 12:21
Logfile of HijackThis v1.99.0
Scan saved at 12:08:14, on 2005-02-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\MKS\Bin\NetMonSV.exe
C:\Program Files\MKS\Bin\mksmonsv.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Panda Software\Panda Antivirus Titanium\Pavsrv51.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Panda Software\Panda Antivirus Titanium\APVXDWIN.EXE
C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE
C:\Program Files\Panda Software\Panda Antivirus Titanium\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Creative\Shared Files\CAMTRAY.EXE
C:\Program Files\Admanager Controller\AdManCtl.exe
C:\Program Files\MKS\Bin\mks_menu.exe
C:\Program Files\MKS\Bin\ABregmon.exe
C:\Program Files\Admanager Controller\AdManKeep.exe
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRA~1\EYEBALL\EYEBAL~1\EyeballChat.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINDOWS\twain_32\CIS600X\WATCH.exe
C:\Program Files\Panda Software\Panda Antivirus Titanium\pavProxy.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\MKS\Bin\mks_scan.exe
C:\DOCUME~1\Dom\USTAWI~1\Temp\Katalog tymczasowy 1 dla
hijackthis[1].zip\HijackThis.exe
C:\Documents and Settings\Dom\Moje dokumenty\My Skype Received
Files\HijackThis exe.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sb/*http://www.yahoo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
red.clientapps.yahoo.com/customize/ycomp_wave/defaults/sp/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} -
C:\PROGRA~1\SEARCH~1\SEARCH~2.DLL (file missing)
O4 - HKLM\..\Run: [websx] C:\Program Files\websx\int164815.exe -auto
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Antivirus
Titanium\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [InstantAccess] C:\PROGRA~1\TEXTBR~1.0\Bin\INSTAN~1.EXE /h
O4 - HKLM\..\Run: [RegisterDropHandler] C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKLM\..\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared
Files\CAMTRAY.EXE
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Admanager Controller] C:\Program Files\Admanager
Controller\AdManCtl.exe
O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM\..\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe
O4 - HKLM\..\Run: [jkh] C:\WINDOWS\jkh.exe
O4 - HKLM\..\Run: [SAHAgent] C:\WINDOWS\system32\SahAgent.exe
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [HPDJ Taskbar Utility]
C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\RunServices: [RegisterDropHandler]
C:\PROGRA~1\TEXTBR~1.0\Bin\REGIST~1.EXE
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Yahoo! Pager] C:\Program Files\Yahoo!\Messenger\ypager.exe
-quiet
O4 - HKCU\..\Run: [Eyeball Chat]
"C:\PROGRA~1\EYEBALL\EYEBAL~1\EyeballChat.exe" -min
O4 - HKCU\..\Run: [EdHTML] C:\Program Files\Binboy\EdHTMLv5.0\EdHTML.exe /none
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash
/minimized
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Watch.lnk = C:\WINDOWS\twain_32\CIS600X\WATCH.exe
O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Program
Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
static.windupdates.com/cab/CDTInc/ie/bridge-c282.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment
1.4.0) -
O16 - DPF: {ADB6CCF9-8853-4431-82A0-B7494DED18C3} (WcnfGrpCtl Class) -
download.paltalk.com/webconftest/WcnfGroupControl.cab
O16 - DPF: {B9191F79-5613-4C76-AA2A-398534BB8999} -
us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/autocomplete.cab
O16 - DPF: {CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA} (Java Runtime Environment
1.4.0) -
O17 -
HKLM\System\CCS\Services\Tcpip\..\{1CD0D105-0596-4EB2-8810-F807BD780D5A}:
NameServer = 213.25.86.253
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program
Files\HP\hpcoretech\comp\hpuiprot.dll
O23 - Service: ArcaBit NetMonitor - ArcaBit sp. z o.o. - C:\Program
Files\MKS\Bin\NetMonSV.exe
O23 - Service: Ati HotKey Poller - Unknown - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: hpdj - HP - C:\DOCUME~1\Dom\USTAWI~1\Temp\hpdj.exe
O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program
Files\MKS\bin\MkSUpdateInt.exe
O23 - Service: MkS_Vir Monitor - Unknown - C:\Program Files\MKS\Bin\mksmonsv.exe
O23 - Service: MkS_Scan - Unknown - C:\Program Files\MKS\Bin\mks_scan.exe
O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda
Software\Panda Antivirus Titanium\Pavsrv51.exe
Dzięki za zainteresowanie . Pozdrawiam .