CZESC. prosze o sprawszenie tego logo, poniewaz strasznie wolno dziala moj komputer, i strony sie laduja, a ponadto mam jekies poskuctwo na stronie startowej w ie i nie da sie tego zmienic.
Logfile of HijackThis v1.98.1
Scan saved at 16:55:48, on 2004-09-16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\rundll32.exe
C:\Program Files\Common Files\CMEII\CMESys.exe
C:\Program Files\Save\Save.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
C:\windows\system32\sp2ctr.exe
C:\windows\system32\sncntr.exe
C:\WINDOWS\system32\ossproxy.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\BullsEye Network\bin\bargains.exe
E:\Program Files\BearShare\BearShare.exe
E:\Program Files\Winamp\Winampa.exe
E:\Program Files\eDonkey2000\eDonkey2000.exe
C:\program files\micore\runc.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\mslagent\mslagent_.exe
C:\WINDOWS\System32\rundll32.exe
E:\Program Files\BearShare\BearShare.exe
c:\progra~1\intern~1\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
E:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Common Files\GMT\GMT.exe
E:\Program Files\Kalendarz XP\Kalendarz.exe
E:\Program Files\MP3Dancer\MP3Dancer.exe
E:\Program Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\System32\devldr32.exe
E:\Program Fils\iMesh\Client\iMeshClient.exe
c:\windows\system32\vnkoansd.exe
E:\Program Files\mozilla.org\Mozilla\mozilla.exe
C:\program files\micore\micore.exe
C:\Documents and Settings\Tomasz\Pulpit\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,Search = c:\searchpage.html
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = c:\searchpage.html
R1 - HKLM\Software\Microsoft\Internet Explorer,Search = c:\searchpage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\searchpage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = c:\searchpage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.discoverychannel.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = c:\searchpage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\searchpage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = c:\searchpage.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.stfkaixlraac.info/rUlOonhupR4loefNaqGINqT2mCDlGBOe7ivWE4JaSCdxQt3BhfU6ZXEdyeCogUoV.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = c:\searchpage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = c:\searchpage.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{00D6A7E7-4A97-456f-848A-3B75BF7554D7} - (no file)
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O2 - BHO: URLLink Class - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet6_38.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {ACB3E0B7-7D0C-40B7-99B3-3EEACDF86BFB} - C:\WINDOWS\mslagent\4b_1,0,1,1_mslagent.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: C:\WINDOWS\lbbho.dll - {E16A99CC-4FB6-4C83-B51D-19A6B39517DA} - C:\WINDOWS\lbbho.dll
O2 - BHO: ADP UrlCatcher Class - {F4E04583-354E-4076-BE7D-ED6A80FD66DA} - C:\WINDOWS\System32\msbe.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - E:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: My &Search Bar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\Program Files\MyWay\myBar\1.bin\MYBAR.DLL
O3 - Toolbar: ISTbar - {5F1ABCDB-A875-46c1-8345-B72A4567E486} - (no file)
O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,NewDotNetStartup -s
O4 - HKLM\..\Run: [CMESys] "C:\Program Files\Common Files\CMEII\CMESys.exe"
O4 - HKLM\..\Run: [WhenUSave] C:\Program Files\Save\Save.exe
O4 - HKLM\..\Run: [VVSN] C:\Program Files\VVSN\VVSN.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_01\bin\jusched.exe
O4 - HKLM\..\Run: [sp2ctr] c:\windows\system32\sp2ctr.exe /nocomm
O4 - HKLM\..\Run: [sncntr] c:\windows\system32\sncntr.exe /nocomm
O4 - HKLM\..\Run: [Power Scan] C:\Program Files\Power Scan\powerscan.exe
O4 - HKLM\..\Run: [OSSProxy] C:\WINDOWS\system32\ossproxy.exe -boot
O4 - HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM\..\Run: [ccRegVfy] "C:\Program Files\Common Files\Symantec Shared\ccRegVfy.exe"
O4 - HKLM\..\Run: [BullsEye Network] C:\Program Files\BullsEye Network\bin\bargains.exe
O4 - HKLM\..\Run: [buildhold] C:\PROGRA~1\DASHSE~1\Five Surf Grid.exe
O4 - HKLM\..\Run: [BearShare] "e:\Program Files\BearShare\BearShare.exe" /pause
O4 - HKLM\..\Run: [alchem] C:\WINDOWS\alchem.exe
O4 - HKLM\..\Run: [Advanced Tools Check] E:\PROGRA~1\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [16 skip tool mix] C:\Documents and Settings\All Users\Dane aplikacji\Upload creative 16 skip\mail clock.exe
O4 - HKLM\..\Run: [WinampAgent] "e:\Program Files\Winamp\Winampa.exe"
O4 - HKLM\..\Run: [eDonkey2000] e:\Program Files\eDonkey2000\eDonkey2000.exe -t
O4 - HKLM\..\Run: [VNKOANSD] c:\windows\system32\vnkoansd.exe /install
O4 - HKLM\..\RunServices: [RDLL] RunDll16.exe
O4 - HKCU\..\Run: [micore] \program files\micore\runc.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [mslagent] C:\WINDOWS\mslagent\mslagent_.exe
O4 - HKCU\..\Run: [Instant Access] rundll32.exe p2esocks_1016.dll,InstantAccess
O4 - HKCU\..\Run: [Gadu-Gadu] "E:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "e:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [Shareaza] "e:\Program Files\Shareaza\Shareaza.exe" -tray
O4 - HKCU\..\Run: [LANczat] e:\Program Files\LANczat\LANczat.exe
O4 - Startup: iMesh.lnk = E:\Program Fils\iMesh\Client\iMeshClient.exe
O4 - Startup: MP3 Dancer.lnk = E:\Program Files\MP3Dancer\MP3Dancer.exe
O4 - Global Startup: Kalendarz XP.lnk = E:\Program Files\Kalendarz XP\Start.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 - Extra context menu item: &Download by NetAnts - E:\PROGRA~1\NetAnts\NAGet.htm
O8 - Extra context menu item: Download &All by NetAnts - E:\PROGRA~1\NetAnts\NAGetAll.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no file)
O9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - E:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - E:\PROGRA~1\NetAnts\NetAnts.exe
O9 - Extra button: Microsoft® JavaScript® Console - {663F83D0-0715-4AC5-86C3-2F0C44E280E9} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {663F83D0-0715-4AC5-86C3-2F0C44E280E9} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra button: (no name) - {869EE607-5376-486d-8DAC-EDC8E239AD5F} - (no file)
O9 - Extra button: (no name) - {92D12339-56B0-4554-BBE6-8170A9F14F31} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra button: Microsoft® JavaScript® Console - {A9ED54B7-4ECC-4D86-AD79-CF9D343DC39E} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {A9ED54B7-4ECC-4D86-AD79-CF9D343DC39E} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra button: Descargas - {AF0828BC-CB46-4C8D-95B6-8A7C4988F9FF} - c:\acc-kazemule\local.htm (file missing)
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe (file missing)
O9 - Extra button: Microsoft® JavaScript® Console - {E7B3490E-D7CD-4046-AD29-82B3423F4B4D} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra 'Tools' menuitem: JavaScript Console - {E7B3490E-D7CD-4046-AD29-82B3423F4B4D} - C:\WINDOWS\System32\COMDLG32.OCX
O9 - Extra button: (no name) - {E9173ECA-1F4F-41ed-AF1F-8F723DFE3458} - (no file)
O9 - Extra button: (no name) - {869EE607-5376-486d-8DAC-EDC8E239AD5F} - (no file) (HKCU)
O9 - Extra button: Microsoft® JavaScript® Console - {A9ED54B7-4ECC-4D86-AD79-CF9D343DC39E} - C:\WINDOWS\System32\COMDLG32.OCX (HKCU)
O9 - Extra button: (no name) - {E7B3490E-D7CD-4046-AD29-82B3423F4B4D} - C:\WINDOWS\System32\COMDLG32.OCX (HKCU)
O9 - Extra button: (no name) - {E9173ECA-1F4F-41ed-AF1F-8F723DFE3458} - (no file) (HKCU)
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O12 - Plugin for .exe: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin2.dll
O12 - Plugin for .mp3: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mpeg: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll
O13 - DefaultPrefix: c:\searchpage.html?page=
O13 - WWW Prefix: c:\searchpage.html?page=
O13 - Home Prefix: c:\searchpage.html?page=
O13 - Mosaic Prefix: c:\searchpage.html?page=
O16 - DPF: {00000000-CDDC-0704-0B53-2C8830E9FAEC} (IELoaderCtl Class) - http://install.global-netcom.de/ieloader.cab
O16 - DPF: {0594AF7E-573B-40DF-8165-E47AB2EAEFE8} (EGEGAUTH Class) - http://akamai.downloadv3.com/binaries/P2EClient/EGAUTH_1016_EN_XP.cab
O16 - DPF: {14325268-79E0-4D2A-89A4-FFFC6E22741E} - http://akamai.downloadv3.com/binaries/LiveService/LiveService_3_EN_XP.cab
O16 - DPF: {469C7080-8EC8-43A6-AD97-45848113743C} - http://akamai.downloadv3.com/binaries/IA/nethv32_EN_XP.cab
O16 - DPF: {5F426A93-0821-47D2-A126-5A48A874B289} (DialerWeb Class) - http://212.145.159.194/251065/dialercab/WebRecomendada.cab
O16 - DPF: {EF86873F-04C2-4A95-A373-5703C08EFC7B} (Installer Class) - http://www.xxxtoolbar.com/ist/softwares/v3.0/0006.cab
O16 - DPF: {EFB22865-F3BC-4309-ADFA-C8E078A7F762} - http://www.sponsoradulto.com/en/SysWebTelecom.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{D7E98A69-0A83-464A-8E07-DC142473D6ED}: NameServer = 192.168.3.1,193.193.75.1
z gory dziekuje za fatyge