Gość: zabol
IP: *.echostar.pl
28.10.04, 12:57
O co tu biega??Logfile of HijackThis v1.98.2
Scan saved at 12:50:31, on 2004-10-28
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\System32\carpserv.exe
D:\qttask.exe
C:\WINDOWS\System32\P2P Networking\P2P Networking.exe
C:\PROGRA~1\Aquatica\AQ3HEL~1.EXE
C:\Program Files\AVPersonal\AVGNT.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
D:\datray.exe
C:\WINDOWS\System32\rundll32.exe
D:\Mistrz Klawiatury 1.0\program\soffice.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
\spool\drivers\w32x86\3\hpztsb09.exe
O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
Software Update\HPWuSchd.exe"
O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
Files\HP\hpcoretech\hpcmpmgr.exe"
O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [CARPService] carpserv.exe
O4 - HKLM\..\Run: [AntyDialerTP] "c:\program files\antydialer
tp\antydialertp.exe" tray
O4 - HKLM\..\Run: [QuickTime Task] "D:\qttask.exe" -atboottime
O4 - HKLM\..\Run: [P2P Networking] C:\WINDOWS\System32\P2P Networking\P2P
Networking.exe /AUTOSTART
O4 - HKLM\..\Run: [AQ3HelperStartUp] C:\PROGRA~1
\Aquatica\AQ3HEL~1.EXE /partner AQ3
O4 - HKLM\..\Run: [EMACSJZF] c:\windows\system32\emacsjzf.exe /install
O4 - HKLM\..\Run: [AVGCtrl] C:\Program Files\AVPersonal\AVGNT.EXE /min
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [rundisclog] C:\WINDOWS\System32\diagspool.exe
O4 - HKCU\..\Run: [Desktop Architect] "D:\datray.exe" -S
O4 - HKCU\..\Run: [Instant Access] rundll32.exe
p2esocks_1021.dll,InstantAccess
O4 - Startup: OpenOffice.org 1.1.0.lnk = D:\Mistrz Klawiatury 1.0
\program\quickstart.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
D:\PROGRA~1\INCRED~1\bin\resources\WebMenuImg.htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} -
akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1021_EN_XP.cab
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
ak.imgfarm.com/images/nocache/funwebproducts/ei/PopularScreenSaversInitialSetup1.0.0.8.cab
O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} (Web P2P Installer) -
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
www.cult3d.com/download/cult.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} -
akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {50AD557E-3426-41FD-AFDD-2AF39BB1C387} -
akamai.downloadv3.com/binaries/LiveService/LiveService_5_EN_XP.cab
O16 - DPF: {8626DFA9-2BAC-4BDA-8663-8DAA0F942C0D} -
megapanel.gem.pl/temp/netp/9379/2012/5202/7200/5_9379201252027200.ocx
O16 - DPF: {91433D86-9F27-402C-B5E3-DEBDD122C339} -
www.netvenda.com/sites/games-intl/pl/games4.cab
O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A256D46} (IMDownloader Class) -
www2.incredimail.com/contents/setup/downloader/imloader.cab
O16 - DPF: {F72BC3F0-6C20-4793-9DDA-258589D8A907} -
akamai.downloadv3.com/binaries/IA/netslv32_EN_XP.cab
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program
Files\HP\hpcoretech\comp\hpuiprot.dll
O18 - Filter: text/html - {087218A2-EEB8-4DC9-8129-F9ECF2F6632F} -
C:\Documents and Settings\Administrator\Ustawienia lokalne\Dane
aplikacji\microsoft\internet explorer\V0.26.dat