Gość: KOles
IP: *.jgora.dialog.net.pl
08.09.05, 23:07
Logfile of HijackThis v1.99.1
Scan saved at 22:56:08, on 2005-09-08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\ArcaVir\Bin\NetMonSv.exe
C:\Program Files\ArcaVir\Bin\avmonsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\ArcaVir\Bin\arcascan.exe
C:\Program Files\Ahead\InCD\InCD.exe
C:\WINDOWS\System32\RUNDLL32.EXE
F:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\windows\system32\mdms.exe
C:\Program Files\ArcaVir\Bin\ABmenu.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\n?tdde.exe
C:\Program Files\colu\tuno.exe
F:\Program Files\Avant Browser\avant.exe
C:\WINDOWS\System32\msiexec.exe
C:\Documents and Settings\BZ\Pulpit\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.pl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = 84.40.177.181:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - F:\Program
Files\GetRight\xx2gr.dll
O2 - BHO: (no name) - {C482EE5F-25B2-0C46-B35A-2A17274A23BD} -
C:\WINDOWS\System32\dymmkf.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Ad-watch] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-
watch.exe"
O4 - HKLM\..\Run: [Ad-aware] "C:\Program Files\Lavasoft\Ad-aware 6\Ad-
aware.exe" +c
O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [iTunesHelper] "F:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [AdTools Service] C:\Program Files\AdTools
Service\AdTools.exe
O4 - HKLM\..\Run: [SysMemory manager] c:\windows\system32\mdms.exe
O4 - HKLM\..\Run: [ABmenu] C:\Program Files\ArcaVir\Bin\ABmenu.exe
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
AntiSpyware\gcasServ.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [NTSF MICROSOFT SYSTEM] marya.exe
O4 - HKCU\..\Run: [yahoo inc.] ypages.exe
O4 - HKCU\..\Run: [Tpbs] C:\Program Files\colu\tuno.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: GetRight - Tray Icon.lnk = F:\Program
Files\GetRight\getright.exe
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera -
F:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam - F:\Program
Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Download with GetRight - F:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - F:\Program
Files\GetRight\GRbrowse.htm
O8 - Extra context menu item: Otwórz w nowym Avant Browser - F:\Program
Files\Avant Browser\OpenInNewBrowser.htm
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... -
F:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podświetl - F:\Program Files\Avant
Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - F:\Program Files\Avant
Browser\Search.htm
O12 - Plugin for .spop: C:\Program Files\Internet
Explorer\Plugins\NPDocBox.dll
O16 - DPF: kbutils - www.kb24.pl/ikd/kbutils.cab
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-
its:mhtml:file://c:\adsuntdt.mht!http://adextension.com/ext2/lca.chm::/Bridge-
c139.cab
O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) -
www.180searchassistant.com/180saax.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
Control) - ms-its:mhtml:file://c:\adsuntdt.mht!
adextension.com/ext2/mta.chm::/MediaTicketsInstaller.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{DCBD4F28-2536-443A-814F-
E84D58280836}: NameServer = 217.30.129.149,217.30.137.200
O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. -
C:\Program Files\ArcaVir\Bin\NetMonSv.exe
O23 - Service: ArcaVir Monitor (ArcaMonSvc) - Unknown owner - C:\Program
Files\ArcaVir\Bin\avmonsv.exe
O23 - Service: ArcaScan - ArcaBit - C:\Program Files\ArcaVir\Bin\arcascan.exe
O23 - Service: arcaserv - ArcaBit Sp. z o. o. - C:\Program
Files\ArcaVir\bin\arcaserv.exe
O23 - Service: iPod Service (iPodService) - Apple Computer, Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
Podziwiam ludzi którzy chociaż trochę to rozumieją i proszę o pomoc
