Help us to keep this free service online! Please give us a small donation via PayPal. |
|
|
A newer version of service pack is available. Service packs increase the safety of your system. Visit Microsoft's windowsupdate site to download the newest version of the service pack. |
|
It seems that you don't use an anti-virus scanner or your scanner is not active. Only an anti-virus scanner can protect you against new viruses. You can look here for a good anti-virus scanner. |
|
We didn't detect any active process of a firewall on your system. Reasons maybe: (1.) You are using the windows firewall or a hardware firewall. (2.) You are using a firewall of an unknown vendor. (3.) You are using a firewall, but for unknown reasons it is disabled (4.) You don't use any firewall at all. We recommend you to use a firewall. Download and install one or activate windows xp´s own one. In case you got questions or you want us to add the firewall you use to our database, contact us at our forum. |
Actions |
Entry |
Kind |
Visitor's assessment |
Information |
|
Logfile of HijackThis v1.99.1 |
| | This should be the newest version. |
|
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600) |
| | |
|
MSIE: Internet Explorer v7.00 (7.00.6000.20627) |
| | This should be the newest version. |
|
C:\WINDOWS\System32\smss.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\winlogon.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\services.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\lsass.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\nvsvc32.exe |
| | Not dangerous, but unnecessary. This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\svchost.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\System32\svchost.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\svchost.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\spoolsv.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\servises.exe |
| | Nasty (2.75 / 5.00) |
|
C:\WINDOWS\System32\reader_s.exe |
| | This is a unknown process. This entry was classified from our visitors as bad. |
|
C:\WINDOWS\system32\servises.exe |
| | Nasty (2.75 / 5.00) |
|
C:\windows\ld12.exe |
| | Nasty (2.16 / 5.00) |
|
C:\WINDOWS\system32\servises.exe |
| | Nasty (2.75 / 5.00) |
|
C:\WINDOWS\system32\servises.exe |
| | Nasty (2.75 / 5.00) |
|
C:\Documents and Settings\slawek\reader_s.exe |
| | Nasty (1.29 / 5.00) |
|
C:\WINDOWS\system32\ctfmon.exe |
| | This entry was classified from our visitors as good. |
|
C:\Program Files\Java\jre6\bin\jqs.exe |
| | Safe (4.14 / 5.00) |
|
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE |
| | Machine Debug Manager. Used by developers. |
|
C:\WINDOWS\system32\HPZipm12.exe |
| | HP Taskbar Utility |
|
C:\WINDOWS\sySTEM32\SvchoSt.ExE |
| | Systemprozess - Allgemeiner Hostprozessname für Dienste. |
|
C:\WINDOWS\system32\svchost.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\explorer.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\wbem\wmiapsrv.exe |
| | WMI Performance Adapter (WMI-Leistungsadapter-Dienst) |
|
C:\WINDOWS\system32\svchost.exe |
| | This entry was classified from our visitors as good. |
|
C:\WINDOWS\system32\2E.tmp |
| | This is a unknown process. |
|
C:\WINDOWS\system32\31.tmp |
| | This is a unknown process. |
|
C:\WINDOWS\system32\NOTEPAD.EXE |
| | This entry was classified from our visitors as good. |
|
C:\Documents and Settings\slawek\Pulpit\hijackthis_199\HijackThis.exe |
| | Remember that Hijackthis must be run in an own folder. Only if Hijackthis run in an own folder it will create backups! Tool, mit dem sie dieses Logfile erzeugt haben. Das Programm sollte so angelegt sein !
C:\Programme\HijackThis\HijackThis.exe |
|
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ |
| | This page has been identified as safe. |
|
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 |
| | This entry was classified from our visitors as good. |
|
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 |
| | This entry was classified from our visitors as good. |
|
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 |
| | This entry was classified from our visitors as good. |
|
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 |
| | This entry was classified from our visitors as good. |
|
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = |
| | This entry was classified from our visitors as good. |
|
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = |
| | This entry was classified from our visitors as good. |
|
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = |
| | This entry was classified from our visitors as good. |
|
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = |
| | This entry was classified from our visitors as good. |
|
R3 - Default URLSearchHook is missing |
| | |
|
O1 - Hosts: 92.241.176.188 advanced-virus-remover2009.com |
| | Must be fixed! |
|
O1 - Hosts: 92.241.176.188 www.advanced-virus-remover2009.com |
| | Must be fixed! |
|
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll |
| | jp2ssv.dll - Sun_Java, http://java.sun.com/javase/downloads/ind ex.jsp browser plugin |
|
O2 - BHO: kikin Plugin - {E601996F-E400-41CA-804B-CD6373A7EEE2} - C:\Program Files\kikin\ie_kikin.dll |
| | Safe (3.84 / 5.00) |
|
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll |
| | jqs_plugin.dll - Java Quick Starter, https://jdk6.dev.java.net/testQS.html |
|
O4 - HKLM\..\Run: [reader_s] C:\WINDOWS\System32\reader_s.exe |
| | Unknown application. This entry was classified from our visitors as bad. |
|
O4 - HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto |
| | This is an entry that appears when you uncheck an item in the Startup group, and will disappear if on the next reboot you select the option to not be reminded that you are running in Selective Startup mode
|
|
O4 - HKLM\..\Run: [servises] C:\WINDOWS\system32\servises.exe |
| | Nasty (1.97 / 5.00) |
|
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup |
| | Unknown application. This entry was classified from our visitors as good. |
|
O4 - HKLM\..\Run: [sysldtray] C:\windows\ld12.exe |
| | Nasty (1.59 / 5.00) |
|
O4 - HKCU\..\Run: [Nowe Gadu-Gadu] "C:\Program Files\Nowe Gadu-Gadu\gg.exe" |
| | Not dangerous, but unnecessary. Polish language Instant Messaging client
|
|
O4 - HKCU\..\Run: [servises] C:\WINDOWS\system32\servises.exe |
| | Nasty (1.97 / 5.00) |
|
O4 - HKCU\..\Run: [reader_s] C:\Documents and Settings\slawek\reader_s.exe |
| | Nasty (1.27 / 5.00) |
|
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe |
| | This entry was classified from our visitors as good. |
|
O4 - Startup: HideBUS.exe |
| | Unknown application. |
|
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000 |
| | The entry E&ksport do programu Microsoft Excel has been identified as safe. |
|
O9 - Extra button: (no name) - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll |
| | Safe (3.84 / 5.00) |
|
O9 - Extra 'Tools' menuitem: My kikin - {0F7195C2-6713-4d93-A1BC-DA5FA33F0A65} - C:\Program Files\kikin\ie_kikin.dll |
| | Safe (3.84 / 5.00) |
|
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL |
| | The entry Badanie has been identified as safe. |
|
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
| | This entry was classified from our visitors as good. |
|
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing) |
| | This entry was classified from our visitors as good. |
|
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
| | This entry was classified from our visitors as good. |
|
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe |
| | The entry Windows Messenger has been identified as safe. |
|
O11 - Options group: [INTERNATIONAL] International* |
| | |
|
O11 - Options group: [TABS] Tabbed Browsing |
| | |
|
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab |
| | This entry was classified from our visitors as good. |
|
O20 - Winlogon Notify: dimsntfy - %SystemRoot%\System32\dimsntfy.dll (file missing) |
| | Unnecessary (deactivated) entry that can be fixed. This entry was classified from our visitors as good. |
|
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\wpdshserviceobj.dll |
| | |
|
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe |
| | This service (AdskScSrv.exe) was identified as a good one. This entry was classified from our visitors as good. |
|
O23 - Service: FCI - Unknown owner - C:\WINDOWS\system32\svchost.exe:ext.exe |
| | Nasty (1.88 / 5.00) |
|
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Unknown owner - C:\Program Files\Java\jre6\bin\jqs.exe" -service -config "C:\Program Files\Java\jre6\lib\deploy\jqs\jqs.conf (file missing) |
| | Safe (4.08 / 5.00) |
|
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe |
| | This service (nvsvc32.exe) was identified as a good one. |
|
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe |
| | This service (HPZipm12.exe) was identified as a good one. This entry was classified from our visitors as good. |