

Szkoda ze zaczynam od problemow, a wiec tak juz od dluzszego czasu (ok 2 tygodnie) mam wrazenie ze cos nie tak dzieje sie z moim kompem - podejrzewam ze przez to ze nie mialem czasu uaktualnic antivirusa

Podejrzewam ze to haker albo jakis szpieg bo ten algorytm jak slyszalem stosuje sie do przechwytywania hasel.
Ponadto antivirus wykryl wirusa i duzo trojanow na kompie oraz elementow szpiegujacych no i sie pogubilem nie jestem az tak zaawansowany wiec prosze Was o pomoc.
Oto log:
Logfile of HijackThis v1.99.1
Scan saved at 23:32:20, on 2005-11-11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRAMY\Ochrona\Anti-virus\aswUpdSv.exe
C:\PROGRAMY\Ochrona\Anti-virus\ashServ.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\PROGRAMY\Ochrona\Firewall\Keiro Firewall\persfw.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\PowerS.exe
C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\PROGRAMY\Ochrona\ANTI-V~1\ashDisp.exe
C:\Program Files\Neostrada TP\NeostradaTP.exe
C:\MULTIMEDIA\Internetowe\Gadu-Gadu\gg.exe
C:\MULTIMEDIA\Internetowe\Skype\Phone\Skype.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
C:\PROGRAMY\Internetowe\UD Agent\UD.EXE
C:\Program Files\Neostrada TP\ComComp.exe
C:\PROGRAMY\Internetowe\UD Agent\ud_7657531.exe
C:\PROGRAMY\Ochrona\Anti-virus\ashMaiSv.exe
C:\PROGRAMY\Ochrona\Anti-virus\ashWebSv.exe
C:\Program Files\Neostrada TP\Watch.exe
C:\PROGRAMY\Internetowe\UD Agent\ud_7657531_0.dir\WCGrid_Rosetta.exe
C:\PROGRAMY\Internetowe\Oprea 8.1\Opera.exe
C:\Documents and Settings\PSmillodon\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.amnezja.org/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{00A6FAF6-072E-44cf-8957-5838F569A31D} - (no file)
R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\MULTIMEDIA\Internetowe\Shareaza\Shareaza\Plugins\RazaWebHook.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRAMY\Ochrona\ANTYSP~1\Spybot\SPYBOT~1\SDHelper.dll
O2 - BHO: wb - {55BE9F0D-6CAF-4c3e-B125-5A13A8C9D0EC} - C:\WINDOWS\system32\nsxA9B.dll
O2 - BHO: TalMgr Class - {70230839-555C-4862-8D42-BB1E2352502C} - C:\WINDOWS\system32\italpfau.dll
O2 - BHO: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.1\HbtHostIE.dll (file missing)
O3 - Toolbar: H&otbar - {74CC49F7-EB32-4A08-B204-948962A6E3DB} - C:\Program Files\HbTools\Bin\4.6.4.1\HbtHostIE.dll (file missing)
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [PowerS] C:\WINDOWS\PowerS.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [HbTools] C:\Program Files\HbTools\Bin\4.6.4.1\HbtOEAddOn.exe
O4 - HKLM\..\Run: [WeatherOnTray] C:\Program Files\HbTools\Bin\4.6.4.1\HbtWeatherOnTray.exe
O4 - HKLM\..\Run: [nlxsifjt] C:\WINDOWS\system32\qcixoufm.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [SurfAccuracy] C:\Program Files\SurfAccuracy\SAcc.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRAMY\Ochrona\ANTI-V~1\ashDisp.exe
O4 - HKLM\..\Run: [WOOKIT] C:\Program Files\Neostrada TP\NeostradaTP.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\MULTIMEDIA\Internetowe\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\MULTIMEDIA\Internetowe\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [ichckupd] C:\WINDOWS\system32\ichckupd.exe
O4 - Startup: UD Agent.lnk = C:\PROGRAMY\Internetowe\UD Agent\UD.EXE
O4 - Global Startup: Remote Controller.lnk = C:\Program Files\Prolink\PlayTV Pro\TVRMVCR.EXE
O8 - Extra context menu item: &Search - http://bar.mywebsearch.com/menusearch.html?p=ZN
O8 - Extra context menu item: Download with &Shareaza - res://C:\MULTIMEDIA\Internetowe\Shareaza\Shareaza\Plugins\RazaWebHook.dll/3000
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: Pobierz używając Download &Express'a - C:\MULTIMEDIA\Internetowe\Download Express\Add_Url.htm
O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O14 - IERESET.INF: START_PAGE_URL=http://www.amnezja.org/
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1121553044804
O17 - HKLM\System\CCS\Services\Tcpip\..\{0C8D2A53-C8BF-44C7-9E8A-56FAA66623FC}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLM\System\CS2\Services\Tcpip\..\{0C8D2A53-C8BF-44C7-9E8A-56FAA66623FC}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\PROGRAMY\Ochrona\Anti-virus\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\PROGRAMY\Ochrona\Anti-virus\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\PROGRAMY\Ochrona\Anti-virus\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\PROGRAMY\Ochrona\Anti-virus\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Kerio Personal Firewall (PersFw) - Kerio Technologies - C:\PROGRAMY\Ochrona\Firewall\Keiro Firewall\persfw.exe
A i jeszcze gdy wlaczam skanowanie dyskow antivirusem to gdy skan dojdzie do zainfekowanego obiektu i pyta sie co robic w krotce potem (ok 30 min) komputer zawiesza sie muli i mozna do aplikacji dostac sie tylko z Menedżera zadan.
Jeszcze raz baedzo prosze o pomoc z góry dzieki. :|