agnulek
25.02.05, 10:11
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Documents and Settings\kkonofal\Dane aplikacji\asam.exe
C:\WINDOWS\System32\??rss.exe
C:\Program Files\Microsoft Firewall Client\ISATRAY.EXE
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\kkonofal\Ustawienia lokalne\Temp\Katalog tymczasowy
2 dla hijackthis.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\DOCUME~1\kkonofal\USTAWI~1\Temp\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\DOCUME~1\kkonofal\USTAWI~1\Temp\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: (no name) - {B3FC9389-ADA6-441A-824E-0B41FF6B154A} -
C:\WINDOWS\System32\ijpi.dll (file missing)
O2 - BHO: (no name) - {E5134857-A29F-B64B-B468-FE7A97B75199} -
C:\WINDOWS\System32\ivqn.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [sp] rundll32 C:\DOCUME~1\kkonofal\USTAWI~1
\Temp\se.dll,DllInstall
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Butb] C:\Documents and Settings\kkonofal\Dane
aplikacji\asam.exe
O4 - HKCU\..\Run: [Jzhr] C:\WINDOWS\System32\??rss.exe
O4 - Global Startup: Firewall Client Connectivity Monitor.LNK = C:\Program
Files\Microsoft Firewall Client\ISATRAY.EXE
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O15 - Trusted Zone: *.iframedollars.biz
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.iframedollars.biz (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted IP range: 213.159.117.202
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} -
iframedollars.biz/tb/loader2.ocx
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = men.edu.pl
O17 - HKLM\Software\..\Telephony: DomainName = men.edu.pl
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = men.edu.pl
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = men.edu.pl
O18 - Filter: text/html - {4D9EE280-93EC-49CF-9680-3D629AC265F6} -
C:\WINDOWS\System32\ijpi.dll
O18 - Filter: text/plain - {4D9EE280-93EC-49CF-9680-3D629AC265F6} -
C:\WINDOWS\System32\ijpi.dll