- Kod: Zaznacz wszystko
StartupList report, 2005-06-14, 21:26:06
StartupList version: 1.52.2
Started from : C:\Documents and Settings\Administrator\Pulpit\HijackThis.EXE
Detected: Windows 2000 SP4 (WinNT 5.00.2195)
Detected: Internet Explorer v5.00 SP4 (5.00.2920.0000)
* Using default options
==================================================
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\LEXBCES.EXE
C:\WINNT\system32\spoolsv.exe
C:\WINNT\system32\LEXPPS.EXE
C:\WINNT\System32\svchost.exe
C:\WINNT\System32\nvsvc32.exe
C:\PROGRA~1\AGNITUM\OUTPOS~1\outpost.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\htpatch.exe
C:\WINNT\system32\RunDll32.exe
C:\WINNT\system32\internat.exe
C:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\shcu\dbbp.exe
D:\Programy\Programy 2\seti\seti.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINNT\system32\taskmgr.exe
C:\Documents and Settings\Administrator\Pulpit\HijackThis.exe
--------------------------------------------------
Listing of startup folders:
Shell folders Startup:
[C:\Documents and Settings\Administrator\Menu Start\Programy\Autostart]
Skrót do Project1.lnk = D:\Programy\Programy 2\seti\Project1.exe
--------------------------------------------------
Checking Windows NT UserInit:
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
UserInit = C:\WINNT\system32\userinit.exe,
--------------------------------------------------
Autorun entries from Registry:
HKLM\Software\Microsoft\Windows\CurrentVersion\Run
Synchronization Manager = mobsync.exe /logon
--------------------------------------------------
Autorun entries from Registry:
HKCU\Software\Microsoft\Windows\CurrentVersion\Run
internat.exe = internat.exe
Komunikator = C:\Program Files\Tlen.pl\tlen.exe
Hobl = C:\Program Files\shcu\dbbp.exe
--------------------------------------------------
Shell & screensaver key from C:\WINNT\SYSTEM.INI:
Shell=*INI section not found*
SCRNSAVE.EXE=*INI section not found*
drivers=*INI section not found*
Shell & screensaver key from Registry:
Shell=Explorer.exe
SCRNSAVE.EXE=*Registry value not found*
drivers=*Registry value not found*
Policies Shell key:
HKCU\..\Policies: Shell=*Registry key not found*
HKLM\..\Policies: Shell=*Registry value not found*
--------------------------------------------------
Enumerating Browser Helper Objects:
(no name) - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
--------------------------------------------------
Enumerating Download Program Files:
[{33564D57-0000-0010-8000-00AA00389B71}]
CODEBASE = http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
[Update Class]
InProcServer32 = C:\WINNT\System32\iuctl.dll
CODEBASE = http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38497.679212963
[ASquaredScanForm Element]
InProcServer32 = C:\WINNT\DOWNLO~1\axscan.ocx
CODEBASE = http://www.windowsecurity.com/trojanscan/axscan.cab
[Shockwave Flash Object]
InProcServer32 = C:\WINNT\System32\macromed\flash\Flash.ocx
CODEBASE = http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
[MainControl Class]
InProcServer32 = C:\WINNT\system32\SkanerOnline.dll
CODEBASE = http://skaner.mks.com.pl/SkanerOnline.cab
--------------------------------------------------
Enumerating Windows NT logon/logoff scripts:
*No scripts set to run*
Windows NT checkdisk command:
BootExecute = autocheck autochk *
Windows NT 'Wininit.ini':
PendingFileRenameOperations: C:\WINNT\system32\ide21201.vxd => C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\temp.fr3680|C:\WINNT\system32\wcpsvtr.exe => C:\DOCUME~1\ADMINI~1\USTAWI~1\Temp\temp.fr3DD4||\
--------------------------------------------------
Enumerating ShellServiceObjectDelayLoad items:
Network.ConnectionTray: C:\WINNT\system32\NETSHELL.dll
WebCheck: C:\WINNT\System32\webcheck.dll
SysTray: stobject.dll
--------------------------------------------------
End of report, 4 988 bytes
Report generated in 0,040 seconds
Command line options:
/verbose - to add additional info on each section
/complete - to include empty sections and unsuspicious data
/full - to include several rarely-important sections
/force9x - to include Win9x-only startups even if running on WinNT
/forcent - to include WinNT-only startups even if running on Win9x
/forceall - to include all Win9x and WinNT startups, regardless of platform
/history - to list version history only
Dzieki