Gość: Aga
IP: 195.94.216.*
02.09.04, 14:10
Mógłby ktoś, kto sie na tym zna przejzec mojego loga...
z góry dzięki
Logfile of HijackThis v1.98.2
Scan saved at 12:49:02, on 2004-09-02
Platform: Windows 2000 SP3 (WinNT 5.00.2195)
MSIE: Internet Explorer v5.00 SP3 (5.00.2920.0000)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpm.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINNT\System32\nvsvc32.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\Explorer.EXE
C:\WINNT\Mixer.exe
C:\WINNT\System32\rundll32.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus for Workstation\avpcc.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\WINNT\System32\ctfmon.exe
C:\Program Files\Hewlett-Packard\LaserJet All-in-one\hppdirector.exe
C:\Program Files\SpamBayes\bin\sb_tray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Program Files\Crazy Browser\Crazy Browser.exe
C:\Program Files\Microsoft Office\Office10\WINWORD.EXE
C:\Program Files\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\kuczkowskaa\Pulpit\hijackthis1982.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
searchcentrix.com/sidecat.jsp?p=98578&appid=21&id=085249192168146
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
searchcentrix.com/sidecat.jsp?p=98578&appid=21&id=085249192168146
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: PrimeSoft - {00000000-0000-0000-0000-000000000001} -
C:\WINNT\System32\SafeSearch.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
¦C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx (file
missing)
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} -
¦C:\Program Files\NewDotNet\newdotnet4_80.dll (file missing)
O2 - BHO: IFSOMATIC - {4E7BD74F-2B8D-469E-98F7-EB6DB99AA93B} -
¦C:\WINNT\System32\ifsomatic.dll (file missing)
O2 - BHO: IFHELPER - {4E7BD74F-2B8D-469E-C0FB-EF60B19DBC34} -
¦C:\WINNT\System32\ifhelper.dll (file missing)
O2 - BHO: MediaLoads Enhanced - {85A702BA-EA8F-4B83-AA07-07A5186ACD7E} -
¦C:\Program Files\MediaLoads Enhanced\ME2.DLL (file missing)
O2 - BHO: BarBHO.Class1 - {CD2A865B-6C0F-44F9-BAA1-7CDB31E04BC8} -
¦C:\WINNT\System32\BarBHO.dll (file missing)
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:\WINNT\System32\msdxm.ocx
O3 - Toolbar: IFSOMATIC - {4E7BD74F-2B8D-469E-98F7-EB6DB99AA93B} -
¦C:\WINNT\System32\ifsomatic.dll (file missing)
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\System32\NeroCheck.exe
O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM\..\Run: [HP SchedIndexer] C:\Program Files\Hewlett-Packard\LaserJet
All-in-one\hppschedindexer.exe
O4 - HKLM\..\Run: [HP AutoIndexer] C:\Program Files\Hewlett-Packard\LaserJet
All-in-one\hppautoindexer.exe
O4 - HKLM\..\Run: [MediaLoads Installer] "C:\Program
Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [DownloadWare] "C:\Program Files\DownloadWare\dw.exe" /H
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1
\NEWDOT~2.DLL,NewDotNetStartup
O4 - HKLM\..\Run: [xxxCam] C:\Program
Files\ComSoft\Dialers\xxxCam\xxxCam.exe /dontdial
O4 - HKLM\..\Run: [Mscnt] c:\winnt\system32\mscnt.exe /noconnect
O4 - HKLM\..\Run: [EasyDates] C:\Program
Files\GMSoft\Dialers\EasyDates\EasyDates.exe /dontdial
O4 - HKLM\..\Run: [SafeSearch] c:\program
files\primesoft\safesearch\safesearch.exe /install
O4 - HKLM\..\Run: [sncntr] c:\winnt\system32\sncntr.exe /nocomm
O4 - HKLM\..\Run: [AVPCC] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-
Virus for Workstation\avpcc.exe" /wait
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Global Startup: HP LaserJet Director.lnk = C:\Program Files\Hewlett-
Packard\LaserJet All-in-one\hppdirector.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINNT\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINNT\web\related.htm
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{2257F5E8-69F7-440D-BAF7-
14327FAE1660}: NameServer = 192.168.1.2,212.244.82.66
O17 - HKLM\System\CS1\Services\Tcpip\..\{2257F5E8-69F7-440D-BAF7-
14327FAE1660}: NameServer = 192.168.1.2,212.244.82.66
O17 - HKLM\System\CS2\Services\Tcpip\..\{2257F5E8-69F7-440D-BAF7-
14327FAE1660}: NameServer = 192.168.1.2,212.244.82.66
