witam oto nowy log hijacka - niepokoi mnie wpis w HKCU [KernelFaultCheck]:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:16, on 2008-05-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32WLTRYSVC.EXE
C:WINDOWSSystem32bcmwltry.exe
D
rogram FilesAlwil SoftwareAvast4aswUpdSv.exe
D
rogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32WLTRAY.exe
C
rogram FilesDAEMON Toolsdaemon.exe
D
ROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32ctfmon.exe
C
rogram FilesGadu-Gadugg.exe
C
rogram FilesSkypePhoneSkype.exe
C
rogram FilesIPMsgipmsg.exe
C
rogram FilesLast.fmLastFMHelper.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32inetsrvinetinfo.exe
C
rogram FilesCommon FilesMicrosoft SharedVS7Debugmdm.exe
C:WINDOWSsystem32svchost.exe
C
rogram FilesSkypePlugin ManagerskypePM.exe
C
rogram FilesCanonCALCALMAIN.exe
D
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe
D
rogram FilesAlwil SoftwareAvast4ashWebSv.exe
D
rogram FilesTrend MicroHijackThisHijackThis.exe
D
rogram FilesAlwil SoftwareAvast4setupavast.setup
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = w3cache.sgh.waw.pl:8080
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: IE 4.x-6.x BHO for Download Master - {9961627E-4059-41B4-8E0E-A7D6B3854ADF} - C
ROGRA~1DOWNLO~1dmiehlp.dll
O4 - HKLM..Run: [Broadcom Wireless Manager UI]C:WINDOWSsystem32WLTRAY.exe
O4 - HKLM..Run: [NeroFilterCheck]C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [DAEMON Tools]"C
rogram FilesDAEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [avast!]D
ROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [SDFix]D:SDFixRunThis.bat /second
O4 - HKLM..Run: [KernelFaultCheck]%systemroot%system32dumprep 0 -k
O4 - HKCU..Run: [CTFMON.EXE]C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [Gadu-Gadu]"C
rogram FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Skype]"C
rogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [NBJ]"C
rogram FilesAheadNero BackItUpNBJ.exe"
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - Startup: IPMSG for Win32.lnk = C
rogram FilesIPMsgipmsg.exe
O4 - Startup: Last.fm Helper.lnk = C
rogram FilesLast.fmLastFMHelper.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
[Aby zobaczyć linki, zarejestruj się tutaj]
O8 - Extra context menu item: Çŕęŕ÷ŕňü ÂŃĹ ďđč ďîěîůč Download Master - C
rogram FilesDownload Masterdmieall.htm
O8 - Extra context menu item: Çŕęŕ÷ŕňü ďđč ďîěîůč Download Master - C
rogram FilesDownload Masterdmie.htm
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C
rogram FilesSkypeToolbarsInternet ExplorerSkypeIEPlugin.dll (file missing)
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C
ROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C
rogram FilesICQLiteICQLite.exe
O9 - Extra ''Tools'' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - C
rogram FilesICQLiteICQLite.exe
O10 - Unknown file in Winsock LSP: c:windowssystem32nwprovau.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C
ROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O23 - Service: Adobe LM Service - Adobe Systems - C
rogram FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D
rogram FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - D
rogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D
rogram FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D
rogram FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: Canon Camera Access Library 8 (CCALib8) - Canon Inc. - C
rogram FilesCanonCALCALMAIN.exe
O23 - Service: PsExec (PSEXESVC) - Sysinternals - C:WINDOWSPSEXESVC.EXE
O23 - Service: Dell Wireless WLAN Tray Service (wltrysvc) - Unknown owner - C:WINDOWSSystem32WLTRYSVC.EXE
--
End of file - 5044 bytes
z ComboFixa i SDFixa logow nie wysylam, bo usunal je ten ostatni program, poczym usunal sie skutecznie sam - to byl efekt zamierzony?????