mam już skana, oto on :
Logfile of HijackThis v1.99.0
Scan saved at 18:46:49, on 2005-01-11
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\System32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\Tlen.pl\tlen.exe
C:\Program Files\Gadu-Gadu\gg.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\WINDOWS\System32\l?ass.exe
D:\Documents and Settings\Komp\Pulpit\hijackthis1.99\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wanadoo.fr
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.onet.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
R3 - URLSearchHook: (no name) - {CA0E28FA-1AFD-4C21-A8DC-70EB5BE2F076} - D:\Program Files\SurfSideKick 2\SskBho.dll (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - (no file)
O3 - Toolbar: IEMenuExtension toolbar - {6b95678d-30a4-4ff8-a72f-4208340c1f7f} - D:\Program Files\IEMenuExtension\tbextn.dll (file missing)
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM…\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [speedTouch USB Diagnostics] “D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon
O4 - HKLM…\Run: [rlmvzfal] D:\WINDOWS\System32\thljaky.exe
O4 - HKLM…\Run: [sais] d:\program files\180solutions\sais.exe
O4 - HKLM…\Run: [conscorr] D:\WINDOWS\conscorr.exe
O4 - HKLM…\Run: [erqjyv] D:\WINDOWS\erqjyv.exe
O4 - HKLM…\Run: [sysTime] D:\WINDOWS\System32\systime.exe
O4 - HKLM…\Run: [CashBack] D:\Program Files\CashBack\bin\cashback.exe
O4 - HKLM…\Run: [surfSideKick 2] D:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKLM…\Run: [iE Menu Extension toolbar] rundll32.exe “D:\PROGRA~1\IEMENU~1\tbextn.dll” DllShowTB
O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM…\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM…\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM…\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKCU…\Run: [Komunikator] D:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [skype] “D:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [sysTime] D:\WINDOWS\System32\systime.exe
O4 - HKCU…\Run: [surfSideKick 2] D:\Program Files\SurfSideKick 2\Ssk.exe
O4 - HKCU…\Run: [Otir] D:\Documents and Settings\Komp\Dane aplikacji\essl.exe
O4 - HKCU…\Run: [Gbvlifhi] D:\WINDOWS\System32\l?ass.exe
O4 - Startup: RollerCoaster Tycoon 3 Registration.lnk = D:\Documents and Settings\Komp\Ustawienia lokalne\Temp{AA51DA19-D2FE-4639-AA3E-14FC72711871}{907B4640-266B-4A21-92FB-CD1A86CD0F63}\ATR1.exe
O10 - Broken Internet access because of LSP provider ‘d:\windows\system32\aklsp.dll’ missing
O15 - Trusted IP range: 69.50.161.82 (HKLM)
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) - http://67.15.101.3/g_bin/pl/slots90_2_0_0_21.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v … 4809842421
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://static.topconverting.com/activex/loader2.ocx
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.3/g_bin/pl/darts_2_0_0_29.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/pl/words_2_0_0_26.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.3/g_bin/pl/wordssingle_2_0_0_30.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O17 - HKLM\System\CCS\Services\Tcpip…{BE3D2B69-D926-4B74-AAEE-4636ECD8E3E4}: NameServer = 194.204.152.34
O23 - Service: Ati HotKey Poller - Unknown - D:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: ISEXEng - Unknown - D:\WINDOWS\System32\angelex.exe (file missing)