Gość: madzia
IP: *.wroclaw.mm.pl
18.01.05, 17:53
Logfile of HijackThis v1.98.2
Scan saved at 17:50:56, on 2005-01-18
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
C:\WINDOWS\System32\CTHELPER.EX E
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Documents and Settings\Dom\Dane aplikacji\SysDown\sys00376.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\webx1.exe
D:\MAGDZIE\HijackThis19802.exe
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
horseserver.net/redir.html
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.web--search.com
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
horseserver.net/redir.html
R0 - HKLM\Software\Microsoft\Interne t Explorer\Main,Start Page =
horseserver.net/redir.html
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,First Home Page =
horseserver.net/redir.html
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Local Page =
horseserver.net/redir.html
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,First Home Page =
horseserver.net/redir.html
R0 - HKLM\Software\Microsoft\Interne t Explorer\Main,Local Page =
horseserver.net/redir.html
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e =
R3 - URLSearchHook: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD3 9AC959} -
C:\WINDOWS\system32\webdlg32.dl l
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper .ocx
O2 - BHO: StartBHO Class - {30192F8D-0958-44E6-B54D-331FD3 9AC959} -
C:\WINDOWS\system32\webdlg32.dl l
O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC 94A183} - C:\PROGRA~1
\COMMON~1\WinTools\WToolsB.dll (file missing)
O2 - BHO: Explorer Class - {962F12AE-2773-4BEB-99EA-B5C3AB 9A6606} -
C:\WINDOWS\System32\DSMANA~1.DL L
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} -
D:\PROGRA~1\FlashGet\jccatch.dl l
O2 - BHO: Pop Class - {A9AEE0DD-89E1-40EE-8749-A18650 CC2175} -
C:\WINDOWS\winsx.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
D:\PROGRA~1\FlashGet\fgiebar.dl l
O3 - Toolbar: Search Bar - {0E1230F8-EA50-42A9-983C-D22ABC 2EED3B} -
C:\WINDOWS\system32\webdlg32.dl l
O4 - HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\j2re1.4.2_05
\bin\jusched.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [Jet Detection] "C:\Program
Files\Creative\SBLive\PROGRAM\A DGJDet.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
\spool\drivers\w32x86\3\hpztsb0 4.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.e xe
O4 - Startup: winupdate64685865[1].exe
O8 - Extra context menu item: Download All by FlashGet - D:\PROGRA~1
\FlashGet\jc_all.htm
O8 - Extra context menu item: Download using FlashGet - D:\PROGRA~1
\FlashGet\jc_link.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://D:\PROGRA~1\MICROS~1\OFFI CE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C57 1A8263} -
D:\PROGRA~1\MICROS~1\OFFICE11\R EFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa00 3c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA 6940E3} -
D:\PROGRA~1\FlashGet\flashget.e xe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - D:\PROGRA~1\FlashGet\flashget.e xe
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O17 - HKLM\System\CCS\Services\Tcpip\ ..\{C2C00A51-1323-4C37-A023-
02CF15124577}: NameServer = 192.168.111.100