Logfile of HijackThis v1.99.1
Scan saved at 00:07:41, on 2005-05-16
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\csrss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\WINNT\System32\WBEM\WinMgmt.exe
C:\WINNT\Explorer.EXE
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Program\Spyware Doctor\swdoctor.exe
C:\Documents and Settings\norcik\Skrivbord\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Länkar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\Program\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: PCTools Browser Monitor - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - C:\Program\SPYWAR~1\tools\iesdpb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program\Norton AntiVirus\NavShExt.dll
O2 - BHO: (no name) - {E4179C70-5BCC-0363-B7D1-56C0CC955AC6} - C:\WINNT\system32\sxaz.dll (file missing)
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program\Delade filer\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [Advanced Tools Check] C:\Program\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [GSICONEXE] GSICON.EXE
O4 - HKLM\..\Run: [DSLAGENTEXE] dslagent.exe USB
O4 - HKLM\..\Run: [RegShave] C:\Progra~1\REGSHAVE\REGSHAVE.EXE /autorun
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe
O4 - HKLM\..\Run: [vuhmr] C:\WINNT\vuhmr.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program\Delade filer\Symantec Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\Program\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Windows System Configuration] C:\WINNT\SYSCFG16.EXE
O4 - HKLM\..\Run: [Widnows Xp Web scan] xpscan.exe
O4 - HKLM\..\Run: [Dll loader Windows] C:\WINNT\SYSCFG16.EXE
O4 - HKLM\..\Run: [Compaq Service Drivers] compq.exe
O4 - HKLM\..\Run: [Antivirus Update Check] windos.exe
O4 - HKLM\..\Run: [Windows Service Footer] winsvc.exe
O4 - HKLM\..\Run: [MSLog] MicrosoftLog.exe
O4 - HKLM\..\Run: [Servicing] hostd.exe
O4 - HKLM\..\Run: [MSFireLog.exe] MSLog
O4 - HKLM\..\Run: [Microsoft Bool Value] MV2.exe
O4 - HKLM\..\Run: [Microsoft Web Device] wdevice.exe
O4 - HKLM\..\Run: [ejskp] C:\WINNT\system32\kmojvnu\ejskp.exe
O4 - HKLM\..\Run: [Microsoft Puf Kont] oli.exe
O4 - HKLM\..\Run: [CSCRS Value Check] MsPMSPSd.exe
O4 - HKLM\..\Run: [Registry Value Name Start] MsPMSPSa.exe
O4 - HKLM\..\Run: [Microsoft checker] MsPMSPTv.exe
O4 - HKLM\..\Run: [Opel Corsa] sysfix.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\jre1.5.0_01\bin\jusched.exe
O4 - HKLM\..\RunServices: [Widnows Xp Web scan] xpscan.exe
O4 - HKLM\..\RunServices: [Compaq Service Drivers] compq.exe
O4 - HKLM\..\RunServices: [Antivirus Update Check] windos.exe
O4 - HKLM\..\RunServices: [Windows Service Footer] winsvc.exe
O4 - HKLM\..\RunServices: [Servicing] hostd.exe
O4 - HKLM\..\RunServices: [Opel Corsa] sysfix.exe
O4 - HKLM\..\RunServices: [Microsoft Bool Value] MV2.exe
O4 - HKLM\..\RunServices: [Microsoft Web Device] wdevice.exe
O4 - HKLM\..\RunServices: [Microsoft Puf Kont] oli.exe
O4 - HKLM\..\RunServices: [CSCRS Value Check] MsPMSPSd.exe
O4 - HKLM\..\RunServices: [Registry Value Name Start] MsPMSPSa.exe
O4 - HKLM\..\RunServices: [Microsoft checker] MsPMSPTv.exe
O4 - HKCU\..\Run: [internat.exe] internat.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Widnows Xp Web scan] xpscan.exe
O4 - HKCU\..\Run: [Compaq Service Drivers] compq.exe
O4 - HKCU\..\Run: [Antivirus Update Check] windos.exe
O4 - HKCU\..\Run: [MSLog] MicrosoftLog.exe
O4 - HKCU\..\Run: [Servicing] hostd.exe
O4 - HKCU\..\Run: [Opel Corsa] sysfix.exe
O4 - HKCU\..\Run: [MSFireLog.exe] MSLog
O4 - HKCU\..\Run: [Uzrtjiy] C:\WINNT\system32\??plorer.exe
O4 - HKCU\..\Run: [Microsoft Web Device] wdevice.exe
O4 - HKCU\..\Run: [Microsoft Puf Kont] oli.exe
O4 - HKCU\..\Run: [CSCRS Value Check] MsPMSPSd.exe
O4 - HKCU\..\RunServices: [Compaq Service Drivers] compq.exe
O4 - HKCU\..\RunServices: [Antivirus Update Check] windos.exe
O4 - HKCU\..\RunServices: [Microsoft Web Device] wdevice.exe
O4 - HKCU\..\RunServices: [CSCRS Value Check] MsPMSPSd.exe
O4 - Global Startup: Image Transfer.lnk = C:\Program\Sony Corporation\Image Transfer\SonyTray.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program\Microsoft Office\Office\OSA9.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} - C:\Program\SPYWAR~1\tools\iesdpb.dll
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c9.cab
O16 - DPF: {5F874A6F-8B34-433D-BA4B-47AC91C0567F} (MailCfg Control) - https://poczta.wp.pl/autoryzacja/mailcfg2.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/msnmessengersetupdownloader.cab
O23 - Service: FireDaemon Service: binconf (binconf) - Unknown owner - C:\WINNT\system32\directx\asp\mech\FireDaemon.EXE
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto Protect Service (navapsvc) - Symantec Corporation - C:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection (NProtectService) - Symantec Corporation - C:\Program\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\Program\DELADE~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
Wiem, ze mam wirusy w komputerze i walcze na wszystkie sposoby, a one znow wracaja. Jak widac, nie znam sie na tym za bardzo, wiec mam nadzieje, ze kots mi pomoze. Z gory dzieki