maxx9 utworzono 30 maja 2009 utworzono 30 maja 2009 Logfile of Trend Micro HijackThis v2.0.2Scan saved at 22:01:56, on 2009-05-30Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)Boot mode: NormalRunning processes:C:\WINDOWS\System32\smss.exeC:\WINDOWS\system32\winlogon.exeC:\WINDOWS\system32\services.exeC:\WINDOWS\system32\lsass.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Windows Defender\MsMpEng.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Intel\Wireless\Bin\EvtEng.exeC:\Program Files\Intel\Wireless\Bin\S24EvMon.exeC:\Program Files\Alwil Software\Avast4\aswUpdSv.exeC:\Program Files\Alwil Software\Avast4\ashServ.exeC:\WINDOWS\Explorer.EXEC:\WINDOWS\ATK0100\HControl.exeC:\WINDOWS\sm56hlpr.exeC:\Program Files\Synaptics\SynTP\SynTPEnh.exeC:\WINDOWS\system32\spoolsv.exeC:\Program Files\Wireless Console 2\wcourier.exeC:\Program Files\Intel\Wireless\bin\ZCfgSvc.exeC:\Program Files\Intel\Wireless\Bin\ifrmewrk.exeC:\Program Files\Intel\Wireless\Bin\EOUWiz.exeC:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exeC:\Program Files\Windows Defender\MSASCui.exeC:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exeC:\WINDOWS\RTHDCPL.EXEC:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeC:\WINDOWS\system32\ctfmon.exeC:\Program Files\Messenger\msmsgs.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtMng.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosA2dp.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHid.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\TosBtHsp.exeC:\WINDOWS\ATK0100\ATKOSD.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosOBEX.exeC:\Program Files\Common Files\LightScribe\LSSrvc.exeC:\WINDOWS\system32\nvsvc32.exeC:\Program Files\Intel\Wireless\Bin\RegSrvc.exeC:\Program Files\Toshiba\Bluetooth Toshiba Stack\tosBtProc.exeC:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exeC:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exeC:\WINDOWS\system32\svchost.exeC:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exeC:\Program Files\Alwil Software\Avast4\ashMaiSv.exeC:\Program Files\Alwil Software\Avast4\ashWebSv.exeC:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exeC:\WINDOWS\System32\svchost.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Internet Explorer\iexplore.exeC:\Program Files\Trend Micro\HijackThis\HijackThis.exeC:\Program Files\Internet Explorer\iexplore.exeR0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://go.microsoft.com/fwlink/?LinkId=74005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = ŁączaO2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dllO2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dllO2 - BHO: PlusIEEventHelper Class - {551A852F-39A6-44A7-9C13-AFBEC9185A9D} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dllO2 - BHO: ZeonIEEventHelper Class - {DA986D7D-CCAF-47B2-84FE-BFA1549BEBF9} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dllO3 - Toolbar: DocuCom PDF - {E3286BF1-E654-42FF-B4A6-5E111731DF6B} - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dllO4 - HKLM\..\Run: [HControl] C:\WINDOWS\ATK0100\HControl.exeO4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartupO4 - HKLM\..\Run: [nwiz] nwiz.exe /installO4 - HKLM\..\Run: [skrót do strony właściwości High Definition Audio] HDAShCut.exeO4 - HKLM\..\Run: [sMSERIAL] sm56hlpr.exeO4 - HKLM\..\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exeO4 - HKLM\..\Run: [Wireless Console 2] C:\Program Files\Wireless Console 2\wcourier.exeO4 - HKLM\..\Run: [intelZeroConfig] "C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe"O4 - HKLM\..\Run: [intelWireless] "C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel PROSet/WirelessO4 - HKLM\..\Run: [EOUApp] "C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe"O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exeO4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\ASUSTek\ASUSDVD\PDVDServ.exe"O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hideO4 - HKLM\..\Run: [FinePrint Dispatcher v5] "C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\fpdisp5a.exe" /source=HKLMO4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXEO4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXEO4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exeO4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exeO4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /backgroundO4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')O4 - Global Startup: Bluetooth Manager.lnk = ?O8 - Extra context menu item: Open PDF in DocuCom PDF Plus - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\PlusIEContextMenu.dll/PlusIEContextMenu.htmO8 - Extra context menu item: Zeon Append to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTMLO8 - Extra context menu item: Zeon Convert link target to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTMLO8 - Extra context menu item: Zeon Convert link target to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppend.HTMLO8 - Extra context menu item: Zeon Convert selected links to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECaptureSelLinks.HTMLO8 - Extra context menu item: Zeon Convert selected links to existing PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIEAppendSelLinks.HTMLO8 - Extra context menu item: Zeon Convert to DocuCom PDF - res://C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZeonIEFavClient.dll/ZeonIECapture.HTMLO9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exeO16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cabO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shoc...ash/swflash.cabO17 - HKLM\System\CCS\Services\Tcpip\..\{2BED28F9-EE47-496F-AD45-A2DC66DF5FE2}: NameServer = 10.128.101.2,217.17.34.10O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exeO23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exeO23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exeO23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exeO23 - Service: Intel? PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exeO23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exeO23 - Service: Intel? PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exeO23 - Service: Intel? PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exeO23 - Service: Sentinel Keys Server (SentinelKeysServer) - SafeNet, Inc. - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exeO23 - Service: Sentinel Protection Server (SentinelProtectionServer) - SafeNet, Inc - C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Protection Server\WinNT\spnsrvnt.exeO23 - Service: Zeon License Service (ZNLSvc) - Unknown owner - C:\Program Files\Zeon\DocuCom\PDF Gold 9\Bin\ZNLSvc.exe--End of file - 9169 bytes
Gość komentarz 31 maja 2009 komentarz 31 maja 2009 O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file) Fix. Daj log z ComboFixa. .
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.