Gość: szczepcio25
IP: *.clubnet.pl
29.09.07, 11:05
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:56:41, on 2007-09-29
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\TRIXX\TRIXX.exe
E:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
E:\Program Files\Java\jre1.5.0_07\bin\jusched.exe
E:\Program Files\QuickTime\qttask.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Gadu-Gadu\gg.exe
E:\Program Files\WinZip\WZQKPICK.EXE
E:\WINDOWS\System32\wuauclt.exe
E:\Program Files\Java\jre1.5.0_07\bin\jucheck.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\LimeWire\LimeWire.exe
E:\WINDOWS\explorer.exe
E:\PROGRA~1\MOZILL~1\FIREFOX.EXE
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [TRIXX] "E:\Program Files\TRIXX\TRIXX.exe" -s
O4 - HKLM\..\Run: [ATIPTA] E:\Program Files\ATI Technologies\ATI Control
Panel\atiptaxx.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] E:\Program
Files\Java\jre1.5.0_07\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe"
-atboottime
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [NAV CfgWiz] "E:\Program Files\Common Files\Symantec
Shared\OPC\{31011D49-D90C-4da0-878B-78D28AD507AF}\CfgWiz.exe" /GUID
{BC8D3EAF-F864-4d4b-AB4D-B3D0C32E2840} /MODE CfgWiz /CMDLINE "REBOOT"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [WeatherCast] E:\Program Files\WeatherCast\Weather.exe /q
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "E:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User
'USŁUGA LOKALNA')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User
'USŁUGA SIECIOWA')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User
'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\CTFMON.EXE (User
'Default user')
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\Program Files\WinZip\WZQKPICK.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
E:\Program Files\Java\jre1.5.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program
Files\Java\jre1.5.0_07\bin\ssv.dll
O10 - Unknown file in Winsock LSP: e:\windows\system32\nwprovau.dll
O12 - Plugin for .pdf: E:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O17 -
HKLM\System\CCS\Services\Tcpip\..\{8EDAE0C4-0AFF-4D31-86DF-C6EBF1D07F5E}:
NameServer = 192.168.3.1
O17 -
HKLM\System\CCS\Services\Tcpip\..\{97ADD6B1-5188-4C6F-BB04-BFC43BF87863}:
NameServer = 192.168.3.1
O17 -
HKLM\System\CS1\Services\Tcpip\..\{8EDAE0C4-0AFF-4D31-86DF-C6EBF1D07F5E}:
NameServer = 192.168.3.1
O17 -
HKLM\System\CS2\Services\Tcpip\..\{8EDAE0C4-0AFF-4D31-86DF-C6EBF1D07F5E}:
NameServer = 192.168.3.1
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common
Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
E:\Program Files\Alwil Software\Avast4\aswUpdSv.exe (file missing)
O23 - Service: Ati HotKey Poller - Unknown owner -
E:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec
Corporation - E:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
--
End of file - 4864 bytes