proszę o sprawdzenie loga

IP: *.internetdsl.tpnet.pl 02.05.07, 22:02
jw;)
Logfile of HijackThis v1.99.1
Scan saved at 20:45:32, on 2006-05-02
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINXPNEW\System32\smss.exe
E:\WINXPNEW\system32\winlogon.exe
E:\WINXPNEW\system32\services.exe
E:\WINXPNEW\system32\lsass.exe
E:\WINXPNEW\system32\svchost.exe
E:\WINXPNEW\System32\svchost.exe
E:\WINXPNEW\system32\spoolsv.exe
E:\WINXPNEW\Explorer.EXE
E:\Program Files\Common Files\Real\Update_OB\realsched.exe
E:\Program Files\spim\SpeedSim_v0.9.4.2b\SpeedSim.exe
E:\Program Files\HP\HP Software Update\HPWuSchd2.exe
E:\iTunesHelper.exe
E:\torrenty2\BitSpirit\BitSpirit.exe
E:\Program Files\GG\Gadu-Gadu\gg.exe
E:\Program Files\Messenger\msmsgs.exe
E:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
E:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
E:\WinZip 9.0\WZQKPICK.EXE
E:\Program Files\HP\Digital Imaging\bin\hpqimzone.exe
E:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
E:\WINXPNEW\System32\nvsvc32.exe
D:\alkohol\Alcohol 120\StarWind\StarWindService.exe
E:\WINXPNEW\System32\svchost.exe
E:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
E:\Program Files\iPod\bin\iPodService.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\qw\Moje dokumenty\ll\HijackThis.exe
E:\Program Files\Symantec\LiveUpdate\AUpdate.exe
E:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE
E:\Program Files\Symantec\LiveUpdate\LuCallbackProxy.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.gazeta.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - E:\Program

Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: Alcohol Toolbar Helper - {0ACF00E0-C1E4-4F6B-B290-10AC7505C47A} -
E:\Program Files\Alcohol

Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} -
E:\flashget\FlashGet\jccatch.dll
O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
E:\Program Files\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
E:\Program Files\Norton

AntiVirus\NavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} -
E:\flashget\FlashGet\fgiebar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
E:\WINXPNEW\System32\msdxm.ocx
O3 - Toolbar: Alcohol Toolbar - {DC59A0D4-0ED6-4A73-B356-1B977F2A7725} -
E:\Program Files\Alcohol

Toolbar\v3.0.0.0\AudioGizmo_Toolbar.dll
O4 - HKLM\..\Run: [TkBellExe] "E:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpeedSim] E:\Program
Files\spim\SpeedSim_v0.9.4.2b\SpeedSim.exe
O4 - HKLM\..\Run: [HP Software Update] E:\Program Files\HP\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [iTunesHelper] "E:\iTunesHelper.exe"
O4 - HKLM\..\Run: [Outpost Firewall] E:\Program Files\Agnitum\Outpost
Firewall\outpost.exe /waitservice
O4 - HKLM\..\Run: [OutpostFeedBack] E:\Program Files\Agnitum\Outpost
Firewall\feedback.exe

/dump:os_startup
O4 - HKLM\..\Run: [CBitSpirit] "E:\torrenty2\BitSpirit\BitSpirit.exe" /start
O4 - HKCU\..\Run: [Gadu-Gadu] "E:\Program Files\GG\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Komunikator] E:\Tlen\tlen.exe
O4 - HKCU\..\Run: [Yahoo! Pager] E:\Yahoo!\MESSEN~1\ypager.exe -quiet
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Free Download Manager] E:\Program Files\Free Download
Manager\fdm.exe -autorun
O4 - HKCU\..\Run: [BitComet] "E:\torrenty2\BitComet\BitComet.exe"
O4 - HKCU\..\Run: [RealPlayer] "E:\Program
Files\Real\RealPlayer\realplay.exe"

/RunUPGToolCommandReBoot
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common
Files\Adobe\Calibration\Adobe

Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Program
Files\Adobe\Acrobat

7.0\Reader\reader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = E:\Program
Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = E:\Program
Files\HP\Digital

Imaging\bin\hpqthb08.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Office\Office10\OSA.EXE
O4 - Global Startup: WinZip Quick Pick.lnk = E:\WinZip 9.0\WZQKPICK.EXE
O8 - Extra context menu item: &Google Search - res://e:\program

files\google\GoogleToolbar2.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://e:\program

files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://e:\program

files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://e:\program

files\google\GoogleToolbar2.dll/cmcache.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -

res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: E&xport to Microsoft Excel - res://D:\o\OFFICE11
\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - E:\torrenty2
\BitSpirit\bsurl.htm
O8 - Extra context menu item: Similar Pages - res://e:\program
files\google\GoogleToolbar2.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://e:\program

files\google\GoogleToolbar2.dll/cmtrans.html
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a -
E:\flashget\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a -
E:\flashget\FlashGet\jc_all.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
E:\Program

Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - E:\Program

Files\Java\jre1.5.0\bin\npjpi150.dll
O9 - Extra button: Szybkie dostosowywanie programu Outpost Firewall Pro -

{44627E97-789B-40d4-B5C2-58BD171129A1} - E:\Program Files\Agnitum\Outpost

Firewall\Plugins\BrowserBar\ie_bar.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
E:\flashget\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} -

E:\flashget\FlashGet\flashget.exe
O16 - DPF: {0E8D0700-75DF-11D3-8B4A-0008C7450C4A} (DjVuCtl Class) -

www.lizardtech.com/download/files/win/djvuplugin/pl_PL/DjVuControl_pl_PL.cab
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) -

67.15.101.3/g_bin/pl/roulette_2_0_0_17.cab
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) -

67.15.101.3/g_bin/pl/cards_2_0_0_66.cab
O16 - DPF: {41ACD49D-1974-791A-0981-AA9872721044} (Ganymede Board Games) -

67.15.101.3/g_bin/pl/boards_2_0_0_30.cab
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) -

67.15.101.3/g_bin/pl/slots90_2_0_0_26.cab
O16 - DPF: {49232000-16E4-426C-A231-62846947304B} (SysData Class) -

ipgweb.cce.hp.com/rdqemea/pl/downloads/sysinfo.cab
O16 - DPF: {4B4513E2-4E57-43DF-9496-FCD37E9DFA64} (GameDesire Sea Battle) -

67.15.101.3/g_bin/pl/navy_2_0_0_20.cab
O
    • Gość: mc dalszy ciąg IP: *.internetdsl.tpnet.pl 02.05.07, 22:04
      O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -

      software-dl.real.com/14246df86b7359edb805/netzip/RdxIE601.cab
      O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) -

      mks.com.pl/skaner/SkanerOnline.cab
      O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MainControl Class) -

      www.mks.com.pl/skaner/SkanerOnline.cab
      O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) -

      67.15.101.3/g_bin/pl/poker_2_0_0_46.cab
      O16 - DPF: {9085316E-42BA-11D4-BAA3-0080C8D7ED4A} (GameDesire JungleHunter) -

      67.15.101.3/g_bin/pl/hunter_2_0_0_19.cab
      O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -


      acs.pandasoftware.com/activescan/as5free/asinst.cab
      O16 - DPF: {A7196C8E-35A5-4FF0-9E46-E28918B5CAF6} (GameDesire Domino) -

      67.15.101.3/g_bin/pl/domino_2_0_0_25.cab
      O16 - DPF: {A9ED6AA2-D9D4-4D71-9586-E293E2E3580B} (GameDesire
      Marbles&Diamonds&Runes) -

      67.15.101.3/g_bin/pl/marbles_2_0_0_23.cab
      O16 - DPF: {AD7013FF-1D9A-4F36-94A6-3CD408A663F9} (GameDesire BreakOut) -

      67.15.101.3/g_bin/pl/breakout_2_0_0_21.cab
      O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) -

      67.15.101.3/g_bin/pl/words_2_0_0_38.cab
      O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) -

      67.15.101.3/g_bin/pl/mahjong_2_0_0_28.cab
      O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -

      skaner.mks.com.pl/SkanerOnline.cab
      O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GameDesire Soccer) -

      67.15.101.3/g_bin/pl/soccer_2_0_0_10.cab
      O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) -

      67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
      O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C3} (GameDesire Pool 14) -

      67.15.101.3/g_bin/pl/billard14_2_0_0_23.cab
      O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) -

      67.15.101.3/g_bin/pl/snooker_2_0_0_24.cab
      O17 - HKLM\System\CCS\Services\Tcpip\..\{6881D2D8-3379-4B78-BB07-7DC0BACC9C0A}:
      NameServer =

      194.204.152.34,194.204.159.1
      O20 - AppInit_DLLs: e:\progra~1\google\google~1\goec62~1.dll

      E:\PROGRA~1\Agnitum\OUTPOS~1\wl_hook.dll
      O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation -
      E:\Program

      Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
      O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. -
      E:\Program Files\Grisoft\AVG

      Anti-Spyware 7.5\guard.exe
      O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
      Corporation - E:\Program Files\Common

      Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
      O23 - Service: iPod Service - Apple Computer, Inc. - E:\Program
      Files\iPod\bin\iPodService.exe
      O23 - Service: LiveUpdate - Symantec Corporation - E:\PROGRA~1\Symantec\LIVEUP~1
      \LUCOMS~1.EXE
      O23 - Service: Macromedia Licensing Service - Unknown owner - E:\Program
      Files\Common Files\Macromedia

      Shared\Service\Macromedia Licensing.exe
      O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec
      Corporation - E:\Program

      Files\Norton AntiVirus\navapsvc.exe
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -

      E:\WINXPNEW\System32\nvsvc32.exe
      O23 - Service: Outpost Firewall Service (OutpostFirewall) - Agnitum Ltd. -
      E:\Program Files\Agnitum\Outpost

      Firewall\outpost.exe
      O23 - Service: Pml Driver HPZ12 - HP - E:\WINXPNEW\System32\HPZipm12.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -

      E:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
      Corporation - E:\Program

      Files\Common Files\Symantec Shared\SNDSrvc.exe
      O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division
      Software - D:\alkohol\Alcohol

      120\StarWind\StarWindService.exe
      O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - E:\Program
      Files\Common

      Files\Symantec Shared\Security Center\SymWSC.exe

      • Gość: Kolobos Re: dalszy ciąg IP: *.escom.net.pl 02.05.07, 22:31
        Jak juz cos wklejasz to bez zwijania wierszy, do tego log mozesz sprawdzic na www.hijackthis.de
Pełna wersja