Gość: Ewa
IP: *.acn.waw.pl
27.01.05, 22:22
bARDZO PROSZE O SPRAWDZENIE MEGO hIJACJA:
Logfile of HijackThis v1.97.7
Scan saved at 22:21:22, on 2005-01-27
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.ex e
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.ex e
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\system32\Ati2evxx.ex e
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Real\Update_OB\realsched. exe
C:\Program Files\Java\j2re1.4.2_06\bin\jus ched.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\?ttrib.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Microsoft Office\Office\1045\msoffice.exe
C:\Documents and Settings\rodzik\Pulpit\HijackTh is.exe
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Search Page =
www.buldog-search.com/
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.wp.pl/
R0 - HKLM\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.search-control.com/search.cgi?id=270
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF1057 7473F7} - c:\program
files\google\googletoolbar2.dll
O2 - BHO: (no name) - {CF021F40-3E14-23A5-CBA2-717370 6D1316} -
C:\WINDOWS\System32\spm1316.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027 A5CD4F} - c:\program
files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [Microsoft Update Time] wuam.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck. exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched. exe" -osboot
O4 - HKLM\..\Run: [dllhostxp.exe] dllhostxp.exe
O4 - HKLM\..\Run: [clfmon.exe] clfmon.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06
\bin\jusched.exe
O4 - HKLM\..\Run: [lczhjgzdlmfux] C:\WINDOWS\System32\rnjrhc.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Nqg] C:\WINDOWS\System32\?ttrib.exe
O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU\..\Run: [Skype] "C:\Program
Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O8 - Extra context menu item: &Google Search - res://c:\program
files\google\GoogleToolbar2.dll /cmsearch.html
O8 - Extra context menu item: Backward Links - res://c:\program
files\google\GoogleToolbar2.dll /cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program
files\google\GoogleToolbar2.dll /cmcache.html
O8 - Extra context menu item: Similar Pages - res://c:\program
files\google\GoogleToolbar2.dll /cmsimilar.html
O8 - Extra context menu item: Translate into English - res://c:\program
files\google\GoogleToolbar2.dll /cmtrans.html
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: eBay - Homepage (HKLM)
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O15 - Trusted Zone: www.kb24.pl
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553 540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A3 2FA6C5} (GameDesire Snooker) -
67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
DZIEKUJE eWA