Gość: Marotka
IP: *.internetdsl.tpnet.pl
06.12.05, 15:45
Logfile of HijackThis v1.99.1
Scan saved at 15:54:47, on 2005-12-06
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavProt.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PaSSrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Firewall\PavFires.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavFnSvr.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Pavkre.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\pavsrv51.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\AVENGINE.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\prevsrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PsImSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\WINDOWS\System32\RunDll32.exe
E:\Program Files\QuickTime\qttask.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\APVXDWIN.EXE
E:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\SRVLOAD.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\WebProxy.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\Marzenka i Darek\Ustawienia lokalne\Temporary
Internet Files\Content.IE5\EOTS04I8\HijackThis[1].exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe
O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda
Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Platinum
2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "E:\Program
Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00001.exe"
O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe
O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
E:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - E:\WINDOWS\web\related.htm
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O20 - Winlogon Notify: Control Panel - E:\WINDOWS\system32\en4ol1h31.dll
(file missing)
O20 - Winlogon Notify: msupdate - E:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: Run - E:\WINDOWS\system32\enjul1191.dll (file missing)
O20 - Winlogon Notify: Setup - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: SMDEn - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
O20 - Winlogon Notify: StillImage - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: Syncmgr - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: Telephony - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: ThemeManager - E:\WINDOWS\system32\n62ulgf9162.dll
(file missing)
O20 - Winlogon Notify: Themes - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: URL - E:\WINDOWS\system32\hrp6057se.dll (file missing)
O21 - SSODL: SysTray.Exiv - {2963ECFC-4E5C-2f3b-B334-D67434FC72E0} -
E:\WINDOWS\System32\hhgjgcdm.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: MkSUpdateInt - Unknown owner - E:\Program
Files\MKS\bin\MkSUpdateInt.exe (file missing)
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - E:\Program
Files\MKS\Bin\mksmonsv.exe (file missing)
O23 - Service: MkS_Scan - Unknown owner - E:\Program
Files\MKS\Bin\mks_scan.exe (file missing)
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program
Fil