Logfile of HijackThis v1.98.2
Scan saved at 17:47:08, on 2005-01-08
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
E:\Program Files\CPUCooL\CooLSrv.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\svchost.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
E:\Program Files\Logitech\iTouch\iTouch.exe
D:\WINDOWS\system32\usbn.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\PROGRA~1\GADU-G~1\gg.exe
D:\Program Files\Tlen.pl\tlen.exe
E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
D:\WINDOWS\System32\devldr32.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
D:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
D:\DOCUME~1\Tomek\USTAWI~1\Temp\Rar$EX00.813\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - D:\PROGRA~1\FLASHGET\jccatch.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\fgiebar.dll
O4 - HKLM…\Run: [iMJPMIG8.1] D:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 - HKLM…\Run: [PHIME2002ASync] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM…\Run: [PHIME2002A] D:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM…\Run: [Easy-PrintToolBox] D:\Program Files\Canon\Easy-PrintToolBox\BJPSMAIN.EXE /logon
O4 - HKLM…\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM…\Run: [HPDJ Taskbar Utility] D:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb04.exe
O4 - HKLM…\Run: [zBrowser Launcher] E:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM…\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\backWeb-8876480.exe
O4 - HKLM…\Run: [usbn] D:\WINDOWS\system32\usbn.exe -go -c28 -w
O4 - HKCU…\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [Gadu-Gadu] “D:\PROGRA~1\GADU-G~1\gg.exe” /tray
O4 - HKCU…\Run: [Komunikator] D:\Program Files\Tlen.pl\tlen.exe
O4 - HKCU…\Run: [skype] “D:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [LDM] E:\Program Files\Logitech\Desktop Messenger\8876480\Program\BackWeb-8876480.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet’a - D:\Program Files\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet’a - D:\Program Files\FlashGet\jc_all.htm
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:\PROGRA~1\FLASHGET\flashget.exe
O12 - Plugin for .spop: D:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {11111111-1111-1111-1111-111191113457} - file://c:\ied_s7.cab
O16 - DPF: {11111111-1111-1111-1111-511111193457} - file://c:\x.cab
O16 - DPF: {11111111-1111-1111-1111-511111193458} - file://c:\x.cab
O17 - HKLM\System\CCS\Services\Tcpip…{8CE78BAB-52B2-430D-9EA1-6CC635BBE123}: NameServer = 194.204.159.1 194.204.152.34
O21 - SSODL: SystemCheck2 - {54645654-2225-4455-44A1-9F4543D34545} - D:\WINDOWS\System32\vbsys2.dll
To mój log sprawdzcie go PLEASE!