Od jakiegoś czasu rozsyłane są z mojej skrzynki maile, któe nie dochodzą – ja ich bynajmniej nie wysyłam. Dostaję teź maile z podejrzanymi rozszerzeniami i załącznikami. Nap oczątek proszę o sprawdzenie loga. a później się zobaczy co dalej.
dzieki z góry dobrzy ludzie

Logfile of HijackThis v1.99.1
Scan saved at 20:03:50, on 2005–11–04
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Winamp\winampa.exe
C:\temp\salm.exe
C:\Program Files\ISTsvc\istsvc.exe
C:\WINDOWS\ylowbdaq.exe
C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
C:\WINDOWS\System32\NTCommLib3.exe
C:\WINDOWS\System32\o6sdesle.exe
C:\Program Files\Internet Optimizer\optimize.exe
C:\Program Files\Nsrdt\Ppxmh.exe
C:\WINDOWS\System32\taskgmr.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Tlen.pl\tlen.exe
D:\AGNIESZKA\Programy\Gadu–Gadu\Gadu–Gadu\gg.exe
C:\hellmsn.exe
C:\WINDOWS\twain_32\A4S2600X\WATCH.exe
C:\WINDOWS\system32\cmd.exe
C:\WINDOWS\system32\ftp.exe
c:\program files\opera\opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\Ponczesa\USTAWI~1\Temp\Rar$EX02.060\HijackThis.exe

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://searchcentral.cc/search.php?v=4&aff=4522
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://searchcentral.cc/index.php?v=4&aff=4522
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://searchcentral.cc/index.php?v=4&aff=4522
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O1 – Hosts file is located at: C:\WINDOWS\nsdb\hosts
O1 – Hosts: 82.179.166.164 lender–search.com
O1 – Hosts: 82.179.166.165 hot–searches.com
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – C:\WINDOWS\nem220.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {1CDFF2B3–6007–2BDE–2973–3BB60C3CA29E} – C:\WINDOWS\System32\fgpmdhr.dll
O2 – BHO: (no name) – {359268DA–E30A–93DB–64A7–A291594F9DF7} – C:\WINDOWS\System32\elk.dll (file missing)
O2 – BHO: (no name) – {8BC27279–B594–AD44–ED5F–B9BE4C0C3797} – C:\WINDOWS\System32\fouz.dll (file missing)
O2 – BHO: WHttpHelper Class – {9896231A–C487–43A5–8369–6EC9B0A96CC0} – C:\WINDOWS\System32\WStart.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – C:\Program Files\SideFind\sfbho.dll
O2 – BHO: (no name) – {DBC05DE1–9A53–D8D1–7806–CC891F7E3B93} – C:\WINDOWS\System32\wcjaw.dll (file missing)
O2 – BHO: LBBHO – {EFD84954–6B46–42f4–81F3–94CE9A77052D} – C:\WINDOWS\lbbho.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: YourSiteBar – {86227D9C–0EFE–4f8a–AA55–30386A3F5686} – C:\Program Files\YourSiteBar\ysb.dll (file missing)
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [salm] c:\temp\salm.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [IST Service] C:\Program Files\ISTsvc\istsvc.exe
O4 – HKLM\..\Run: [Fadb] C:\WINDOWS\ylowbdaq.exe
O4 – HKLM\..\Run: [bO
Zy–ŻŚ] C:\WINDOWS\ylowbdaq.exe
O4 – HKLM\..\Run: [bO
/G%)fNbC:\Program Files\ISTsvc\istsvc.exe] C:\WINDOWS\ylowbdaq.exe
O4 – HKLM\..\Run: [Media Gateway] C:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [NTCommLib3] C:\WINDOWS\System32\NTCommLib3.exe
O4 – HKLM\..\Run: [o6sdesle] C:\WINDOWS\System32\o6sdesle.exe
O4 – HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet Optimizer\optimize.exe"
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [Jcpyzp] C:\Program Files\Nsrdt\Ppxmh.exe
O4 – HKLM\..\Run: [WINRUN] taskgmr.exe
O4 – HKLM\..\Run: [ydafyl] C:\WINDOWS\ydafyl.exe
O4 – HKLM\..\RunServices: [WINRUN] taskgmr.exe
O4 – HKLM\..\RunOnce: [tlc] C:\WINDOWS\update13.js
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – HKCU\..\Run: [WINRUN] taskgmr.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\AGNIESZKA\Programy\Gadu–Gadu\Gadu–Gadu\gg.exe" /tray
O4 – Startup: Watch.lnk = C:\WINDOWS\twain_32\A4S2600X\WATCH.exe
O4 – Global Startup: Reboot.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – C:\Program Files\SideFind\sidefind.dll (file missing)
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS\web\related.htm
O16 – DPF: {0D62A517–E7C6–4E1F–A577–07D4AC549A48} (Progetto1.int_ver32) – http://advnt01.com/dialer/int_ver32b.CAB
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – ms–its:mhtml:file://C:\foo.mht!http://82.179.170.82/e9xr2.chm::/file.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuklc.mht!http://kazaalite.pl/stats/loud.chm::/Bridge–c139.cab
O16 – DPF: {42B1C70D–9823–41F7–810A–682DA294D868} – ms–its:mhtml:file://c:\nosuxxx.mht!http://kazaalite.pl/stats/pt.chm::/toolbar.exe
O16 – DPF: {42F2C9BA–614F–47C0–B3E3–ECFD34EED658} (Installer Class) – http://www.ysbweb.com/ist/softwares/v4.0/ysb_cracks.cab
O16 – DPF: {4C39376E–FA9D–4349–BACC–D305C1750EF3} (EPUImageControl Class) – http://tools.ebayimg.com/eps/activex/EPUWALControl_v1–0–3–18.cab
O16 – DPF: {745395C8–D0E1–4227–8586–624CA9A10A8D} (AxisMediaControl Class) – http://212.244.189.193:5000/activex/AMC.cab
O16 – DPF: {7C559105–9ECF–42B8–B3F7–832E75EDD959} (Installer Class) – http://www.xxxtoolbar.com/ist/softwares/v4.0/0006_regular.cab
O16 – DPF: {99410CDE–6F16–42ce–9D49–3807F78F0287} (ClientInstaller Class) – http://www.180searchassistant.com/180saax.cab
O16 – DPF: {9EB320CE–BE1D–4304–A081–4B4665414BEF} (MediaTicketsInstaller Control) – ms–its:mhtml:file://c:\nosukmt.mht!http://kazaalite.pl/stats/mta.chm::/MediaTicketsInstaller.cab
O16 – DPF: {DB893839–10F0–4AF9–92FA–B23528F530AF} – http://212.239.40.78/cdo/pl/game.exe
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{F5D35402–FB5D–41E5–9466–687C447138EF}: NameServer = 82.160.5.100,82.160.5.50
O18 – Filter: text/html – {4F7681E5–6CAF–478D–9CB8–4CA593BEE7FB} – C:\WINDOWS\System32\xplugin.dll
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe