Gość: olga
IP: *.cache.iB1.rudanet.com / *.rudanet.pl
10.12.04, 22:02
Mam świadomość że jest tego dużo. Co robić?
Jeśli to możliwe, proszę o pomoc:
Logfile of HijackThis v1.98.2
Scan saved at 21:50:15, on 2004-12-09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\ATI Technologies\Panel sterowania ATI\atiptaxx.exe
D:\Program Files\Winamp\winampa.exe
D:\WINDOWS\System32\CTHELPER.EXE
D:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe
D:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
D:\WINDOWS\System32\msnmsng.exe
D:\Program Files\Windows TaskAd\WinTaskAd.exe
D:\Program Files\Java\j2re1.4.2_05\bin\jusched.exe
D:\programy\ANTYWI~1\ashDisp.exe
D:\WINDOWS\pwkrnqnn.exe
D:\Program Files\Windows AdService\WinAdServ.exe
D:\Program Files\ISTsvc\istsvc.exe
D:\Program Files\Internet Optimizer\optimize.exe
D:\program files\180solutions\sais.exe
D:\Program Files\Windows TaskAd\WinSched.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\programy\gadulec\Gadu-Gadu\gg.exe
D:\WINDOWS\System32\msnmsng.exe
D:\Program Files\Windows AdService\WinAdSlave.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Corel\Graphics9\Register\Remind32.exe
D:\programy\ANTYWIRUS\aswUpdSv.exe
D:\programy\ANTYWIRUS\ashServ.exe
D:\WINDOWS\System32\CTsvcCDA.exe
D:\WINDOWS\System32\MsPMSPSv.exe
D:\programy\ANTYWIRUS\ashMaiSv.exe
D:\programy\Avant Browser\avant.exe
D:\WINDOWS\System32\wuauclt.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\DOCUME~1\basteb\USTAWI~1\Temp\Rar$EX02.773\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.slotch.com/?&account_id=152854
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.couldnotfind.com/search_page.html?&account_id=152854
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak =
http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
O1 - Hosts: 255.255.255.255 www.casinoxo.com
O1 - Hosts: 255.255.255.255 www.theblackjacktable.com
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} -
D:\WINDOWS\nem220.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B877923E1} -
D:\PROGRA~1\SEARCH~1\SEARCH~1.DLL
O2 - BHO: BAHelper Class - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} -
D:\Program
Files\SideFind\sfbho.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} -
D:\WINDOWS\System32\msbe.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - D:\PROGRA~1
\ISTbar\istbar.dll
O4 - HKLM\..\Run: [ATIPTA] atiptaxx.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] D:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] D:\Program
Files\Creative\SBLive\PROGRAM\ADGJDet.exe
O4 - HKLM\..\Run: [CTStartup] D:\Program Files\Creative\Splash
Screen\CTEaxSpl.EXE /run
O4 - HKLM\..\Run: [CTRegRun] D:\WINDOWS\CTRegRun.EXE
O4 - HKLM\..\Run: [HP Software Update] D:\Program Files\Hewlett-Packard\HP
Software Update\HPWuSchd.exe
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32
\spool\drivers\w32x86\3\hpztsb08.exe
O4 - HKLM\..\Run: [DeviceDiscovery] D:\Program Files\Hewlett-Packard\Digital
Imaging\bin\hpotdd01.exe
O4 - HKLM\..\Run: [MSN Messanger] msnmsng.exe
O4 - HKLM\..\Run: [Windows TaskAd] D:\Program Files\Windows
TaskAd\WinTaskAd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_05
\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] D:\programy\ANTYWI~1\ashDisp.exe
O4 - HKLM\..\Run: [AJ6w] D:\WINDOWS\pwkrnqnn.exe
O4 - HKLM\..\Run: [Windows AdService] D:\Program Files\Windows
AdService\WinAdServ.exe
O4 - HKLM\..\Run: [˘‰¸44‘ŮX.¦Á„î'UD:\Program Files\ISTsvc\istsvc.exe]
D:\WINDOWS\pwkrnqnn.exe
O4 - HKLM\..\Run: [˘‰¸44‘ŮX.¦Á„îé±”D:\Program Files\ISTsvc\istsvc.exe]
D:\WINDOWS\pwkrnqnn.exe
O4 - HKLM\..\Run: [IST Service] D:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "D:\Program Files\Internet
Optimizer\optimize.exe"
O4 - HKLM\..\Run: [sais] d:\program files\180solutions\sais.exe
O4 - HKLM\..\Run: [Power Scan] D:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "D:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\programy\gadulec\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [MSN Messanger] msnmsng.exe
O4 - HKCU\..\Run: [Skype] "D:\Program
Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\RunServices: [MSN Messanger] msnmsng.exe
O4 - Startup: Rejestrowanie produktów Corela.lnk = D:\Program
Files\Corel\Graphics9\Register\Remind32.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera -
D:\programy\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam -
D:\programy\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... -
D:\programy\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podświetl - D:\programy\Avant
Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - D:\programy\Avant Browser\Search.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no
file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - (no file)
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} -
D:\Program Files\SideFind\sidefind.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
D:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89F1AC7A} -
C:\PROGRAM IRFAN Z INTERNETU\Ebay\Ebay.htm
O12 - Plugin for .spop: D:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
http://static.windupdates.com/cab/ClickYesToContinue/ie/Bridge-c139.cab
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} (Installer Class) -
http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuwe
b_
site.cab?1101588291072
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
http://skaner.mks.com.pl/SkanerOnline.cab