Welcome, guest! Login / Register - Why register?
Psst.. new poll here.
[email protected] webmail now available. Want one? Go here.
Cannot use outlook/hotmail/live here to register as they blocking our mail servers. #microsoftdeez
Obey the Epel!

Paste

Pasted as Plain Text by qbala ( 15 years ago )
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:39:24, on 2009-01-26
Platform: Windows XP  (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Boot mode: Normal

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
D:Program FilesAvastaswUpdSv.exe
D:Program FilesAvastashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32crypserv.exe
C:WINDOWSSystem32
vsvc32.exe
C:Program FilesCyberLinkShared FilesRichVideo.exe
C:WINDOWSSystem32svchost.exe
D:program filesQuickTimeqttask.exe
C:Program FilesHewlett-PackardHP Deskjet 9800 SeriesToolboxHPWQTBX.exe
D:PROGRA~1AvastashDisp.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program Fileslg_fwupdatefwupdate.exe
C:WINDOWSSystem32sstray.exe
D:Program FilesAvastashMaiSv.exe
D:Program FilesAvastashWebSv.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesSkypePhoneSkype.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
C:Program FilesSkypePlugin ManagerskypePM.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
D:Program FilesTotal	otalcmdTOTALCMD.EXE
C:Program FilesTrend MicroHijackThisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = "C:Program FilesOutlook Expressmsimn.exe"
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = neostrada tp
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesCommon FilesAdobeAcrobatActiveXAcroIEHelper.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - C:Program FilesPDFCreator Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - C:Program FilesPDFCreator Toolbarv3.0.0.0PDFCreator_Toolbar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [NeroCheck] C:WINDOWSSystem32\NeroCheck.exe
O4 - HKLM..Run: [QuickTime Task] "D:program filesQuickTimeqttask.exe" -atboottime
O4 - HKLM..Run: [HPWQTOOLBOX] C:Program FilesHewlett-PackardHP Deskjet 9800 SeriesToolboxHPWQTBX.exe "-i"
O4 - HKLM..Run: [avast!] D:PROGRA~1AvastashDisp.exe
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [LanguageShortcut] "C:Program FilesCyberLinkPowerDVDLanguageLanguage.exe"
O4 - HKLM..Run: [LGODDFU] "C:Program Fileslg_fwupdatefwupdate.exe" blrun
O4 - HKLM..Run: [WinampAgent] "C:Program FilesWinampwinampa.exe"
O4 - HKLM..Run: [Adobe Reader Speed Launcher] "C:Program FilesAdobeReader 8.0ReaderReader_sl.exe"
O4 - HKLM..Run: [nForce Tray Options] sstray.exe /r
O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user')
O4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O4 - Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840dslmon.exe
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:Program FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebelated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSwebelated.htm
O17 - HKLMSystemCCSServicesTcpip..{C0B6427E-A501-45F9-9BAD-256E33D3A132}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:Program FilesAvastaswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:Program FilesAvastashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:Program FilesAvastashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:Program FilesAvastashWebSv.exe
O23 - Service: Crypkey License - Kenonic Controls Ltd. - C:WINDOWSSYSTEM32crypserv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:Program FilesGoogleCommonGoogle UpdaterGoogleUpdaterService.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32
vsvc32.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:Program FilesCyberLinkShared FilesRichVideo.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - D:Program FilesFirewall_Sunbeltkpf4ss.exe

--
End of file - 5965 bytes

 

Revise this Paste

Your Name: Code Language: