Logfile of HijackThis v1.99.0
Scan saved at 19:32:00, on 05-04-23
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\EZAUDIO\EZAUDIO.EXE
C:\WINDOWS\SYSTEM\FMCTRL.EXE
C:\WINDOWS\SYSTEM\HPZTSB09.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\HP SOFTWARE UPDATE\HPWUSCHD.EXE
C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\DIGITAL IMAGING\BIN\HPOTDD01.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\PC MIGHTYMAX\PCMM.EXE
C:\SPYWAREVANISHER-FREE\FREESCANNER.EXE
C:\PROGRAM FILES\SCANNERP\AM32.EXE
C:\PROGRAM FILES\WINZIP\WZQKPICK.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\MICROSOFT OFFICE\OFFICE\WINWORD.EXE
C:\WINDOWS\SYSTEM\DMSADMINS.EXE
C:\WINDOWS\SYSTEM\QWINNTA.EXE
C:\WINDOWS\SYSTEM\SESMGR.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wp.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Microsoft Internet Explorer dostarczony przez 4Future
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - {EDE4C795-BB4C-A0AD-2505-724C304C27C9} - ABCXYZ.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 6.0\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: ActiveX Control - {377D5F40-B327-11D9-B51D-000ACD047AC1} - C:\WINDOWS\SYSTEM\MSDYA.DLL
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\IE2CLTR.DLL
O2 - BHO: IE SP2 AddOn - {3AE62CC0-B327-11D9-B51D-000ACD047AC1} - C:\WINDOWS\SYSTEM\SPFED.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\IE2CLTR.DLL
O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM…\Run: [internat.exe] internat.exe
O4 - HKLM…\Run: [systemTray] SysTray.Exe
O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\Run: [EzAudioTray] C:\Program Files\EzAudio\EZAUDIO.EXE TRAYAPP
O4 - HKLM…\Run: [Q3dctlTray] Fmctrl.EXE
O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb09.exe
O4 - HKLM…\Run: [HP Software Update] “C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe”
O4 - HKLM…\Run: [HP Component Manager] “C:\PROGRAM FILES\HP\HPCORETECH\HPCMPMGR.EXE”
O4 - HKLM…\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
O4 - HKLM…\Run: [instantAccess] C:\Program Files\ScannerP\TBRIDGE\BIN\InstantAccess.exe /h
O4 - HKLM…\Run: [RegisterDropHandler] C:\Program Files\ScannerP\TBRIDGE\BIN\RegisterDropHandler.exe
O4 - HKLM…\Run: [WinampAgent] “C:\PROGRAM FILES\WINAMP\WINAMPa.exe”
O4 - HKLM…\Run: [QuickTime Task] “C:\WINDOWS\SYSTEM\QTTASK.EXE” -atboottime
O4 - HKLM…\Run: [system32] “user32.exe” -user
O4 - HKLM…\Run: [PCMMRealtime] C:\Program Files\PC MightyMax\pcmm.exe /R
O4 - HKLM…\Run: [startman] NukeSpan.exe
O4 - HKLM…\Run: [barint] StartCpl.exe
O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\RunServices: [schedulingAgent] mstask.exe
O4 - HKLM…\RunServices: [RegisterDropHandler] C:\Program Files\ScannerP\TBRIDGE\BIN\RegisterDropHandler.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray
O4 - HKCU…\Run: [WareOut] “C:\Program Files\WareOut\WareOut.exe”
O4 - HKCU…\Run: [ERTYDF] qwe.exe
O4 - HKCU…\Run: [media64] Uint32.exe
O4 - HKCU…\Run: [newbreed] NukeSpan.exe
O4 - HKCU…\Run: [spyware Vanisher] C:\SPYWAREVANISHER-FREE\FREESCANNER.EXE -FastScan
O4 - HKCU…\RunServices: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray
O4 - HKCU…\RunServices: [WareOut] “C:\Program Files\WareOut\WareOut.exe”
O4 - HKCU…\RunServices: [ERTYDF] qwe.exe
O4 - HKCU…\RunServices: [media64] Uint32.exe
O4 - HKCU…\RunServices: [newbreed] NukeSpan.exe
O4 - HKCU…\RunServices: [spyware Vanisher] C:\SPYWAREVANISHER-FREE\FREESCANNER.EXE -FastScan
O4 - Startup: Action Manager 32.lnk = C:\Program Files\ScannerP\Am32.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O9 - Extra ‘Tools’ menuitem: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O15 - Trusted Zone: http://*.63.219.181.7
O16 - DPF: {5F874A6F-8B34-433D-BA4B-47AC91C0567F} (MailCfg Control) - https://poczta.wp.pl/autoryzacja/mailcfg2.ocx
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht! http://195.95.218.82/users/zoom/web/axe/x.chm::/update.exe
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.176.156,195.225.176.31
O18 - Protocol: cetihpz - {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\PROGRAM FILES\HP\HPCORETECH\COMP\HPUIPROT.DLL
z góry dziękuję i pozdrawiam