Witam,
Od pewnego czasu internet strasznie wolno chodzi, komp też muli, wcześniej mnie to nie interesowało, ale sytuacja się zminiła i muszę coś z tym zrobić ,tylko nie wiem od czego zacząć .
Nie chcę robić formata ponieważ mam sporo ważnych danych na kompie.
Oto log z Hijackthis:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:38:55, on 2010-11-15
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Unable to get Internet Explorer version!
Boot mode: Normal
Running processes:
C:\WINDOWS.0\System32\smss.exe
C:\WINDOWS.0\system32\winlogon.exe
C:\WINDOWS.0\system32\services.exe
C:\WINDOWS.0\system32\lsass.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\system32\svchost.exe
C:\WINDOWS.0\System32\svchost.exe
C:\WINDOWS.0\system32\spoolsv.exe
C:\WINDOWS.0\system32\Ati2evxx.exe
C:\WINDOWS.0\Explorer.EXE
C:\WINDOWS.0\System32\svchost.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\windows.0\system32\wuaucldt.exe
C:\WINDOWS.0\system32\svchost.exe
C:\Documents and Settings\Administrator.XVIIIPC\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator.XVIIIPC\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\Documents and Settings\Administrator.XVIIIPC\Ustawienia lokalne\Dane aplikacji\Google\Chrome\Application\chrome.exe
C:\WINDOWS.0\system32\msiexec.exe
C:\Program Files\Opera\opera.exe
C:\Documents and Settings\Administrator.XVIIIPC\Pulpit\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = “C:\Program Files\Outlook Express\msimn.exe” //mailurl:mailto:trust@888holdings.com?subject=User Complaint for 888casino
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: 64.79.73.154 drghwaweg45j4i6u3q32fg2h.com
O1 - Hosts: 122.224.6.164 cao.iwillhavebigdick.com
O1 - Hosts: 122.224.6.48 3b.iwillhavebigdick.com
O1 - Hosts: 122.224.6.48 sb.iwillhavebigdick.com
O2 - BHO: RedTube To ALLPlayer - {41F21158-4211-4D32-9E02-D57B19661561} - C:\PROGRA~1\ALLPLA~1\REDTUB~1.DLL
O2 - BHO: CacherBHO - {9B4DF450-DCC7-4B07-935D-0CD757A64583} - C:\Program Files\Moyea\YouTube FLV Downloader\MoyeaCatcher.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: SMTTB2009 - {FCBCCB87-9224-4B8D-B117-F56D924BEB18} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O3 - Toolbar: HyperCam Toolbar - {338B4DFE-2E2C-4338-9E41-E176D497299E} - C:\Program Files\HyperCam Toolbar\tbcore3.dll
O4 - HKLM…\Run: [Regedit32] C:\WINDOWS.0\system32\regedit.exe
O4 - HKLM…\Run: [wuaucldt] c:\windows.0\system32\wuaucldt.exe
O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot
O4 - HKLM…\Run: [guyik45hbh] C:\WINDOWS.0\system32\guyik45hbh.exe
O4 - HKLM…\Run: [guyik45hbhx] C:\WINDOWS.0\system32\guyik45hbhx.exe
O4 - HKCU…\Run: [wuaucldt] c:\documents and settings\administrator.xviiipc\wuaucldt.exe
O4 - HKCU…\Run: [uTorrent] “C:\Documents and Settings\Administrator.XVIIIPC\Pulpit\utorrent.exe”
O4 - HKCU…\Run: [NetLog2] C:\WINDOWS.0\svc2.exe
O4 - HKCU…\Run: [NetLog3] C:\WINDOWS.0\svc3.exe
O4 - HKCU…\Run: [cdoosoft] C:\WINDOWS.0\system32\olhrwef.exe
O4 - HKCU…\Run: [Google Update] “C:\Documents and Settings\Administrator.XVIIIPC\Ustawienia lokalne\Dane aplikacji\Google\Update\GoogleUpdate.exe” /c
O4 - HKLM…\Policies\Explorer\Run: [e8in1] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\fdq3zs.exe
O4 - HKLM…\Policies\Explorer\Run: [apps] C:\WINDOWS.0\fonts\services.exe
O4 - HKLM…\Policies\Explorer\Run: [k3wly] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\l831vv.exe
O4 - HKLM…\Policies\Explorer\Run: [sp6li7] C:\WINDOWS.0\TEMP\kkcw0y.exe
O4 - HKLM…\Policies\Explorer\Run: [yo12] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\uqqo.exe
O4 - HKLM…\Policies\Explorer\Run: [um3tvz] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\mh94dq.exe
O4 - HKLM…\Policies\Explorer\Run: [zz7kc] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\ow8ezp.exe
O4 - HKLM…\Policies\Explorer\Run: [mc3t] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\idse.exe
O4 - HKLM…\Policies\Explorer\Run: [bpf1l] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\cumgj3.exe
O4 - HKLM…\Policies\Explorer\Run: [attygq] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\sn605.exe
O4 - HKLM…\Policies\Explorer\Run: [xfo23b] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\pauel2.exe
O4 - HKLM…\Policies\Explorer\Run: [ccemf] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\egl1ds.exe
O4 - HKLM…\Policies\Explorer\Run: [85gblp] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\qytda.exe
O4 - HKLM…\Policies\Explorer\Run: [xal6whv] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\11np.exe
O4 - HKLM…\Policies\Explorer\Run: [3tulha] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\vo0xz1.exe
O4 - HKLM…\Policies\Explorer\Run: [1y8bc] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\dvam.exe
O4 - HKLM…\Policies\Explorer\Run: [m4b0m] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\n8jgk2.exe
O4 - HKLM…\Policies\Explorer\Run: [huqu3] C:\DOCUME~1\ADMINI~1.XVI\USTAWI~1\Temp\6rrnqr.exe
O4 - HKLM…\Policies\Explorer\Run: [3n7qd] C:\WINDOWS.0\TEMP\sk8k0wm.exe
O4 - HKUS\S-1-5-19…\Run: [TransBar] C:\WINDOWS.0\TransBar.exe /s (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-19…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [TransBar] C:\WINDOWS.0\TransBar.exe /s (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-20…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [TransBar] C:\WINDOWS.0\TransBar.exe /s (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [TransBar] C:\WINDOWS.0\TransBar.exe /s (User ‘Default user’)
O4 - HKUS.DEFAULT…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘Default user’)
O9 - Extra button: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra ‘Tools’ menuitem: Skype add-on for Internet Explorer - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS.0\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O17 - HKLM\System\CCS\Services\Tcpip…{C93B9301-DD29-462B-894A-8509871BBA96}: NameServer = 192.168.7.254,213.172.186.5
O17 - HKLM\System\CS1\Services\Tcpip…{C93B9301-DD29-462B-894A-8509871BBA96}: NameServer = 192.168.7.254,213.172.186.5
O17 - HKLM\System\CS2\Services\Tcpip…{C93B9301-DD29-462B-894A-8509871BBA96}: NameServer = 192.168.7.254,213.172.186.5
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS.0\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS.0\system32\ati2sgag.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\WINDOWS.0\system32\GameMon.des.exe (file missing)
–
End of file - 8405 bytes
Wiem, że sytuacja wygląda tragicznie, i to właśnie was proszę o pomoc