Na wstępie przepraszam ze umieszczam ten temat oddzielnie (wiem ze gzieś jest zbiorczy) ale jestem zdesperowany - chodzi o kompa na ktorym mam prace magisterskie do wydruku.
Prosze administratora o nie usuwanie tego tematu.
Bardzo zalezy mi na czasie
Problemy sie zaczely kiedy zacząłem ściągać niby oprogramowanie do AwerTV
Logfile of HijackThis v1.99.0
Scan saved at 07:28:11, on 05-02-04
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\WINZIP\WINZIP32.EXE
C:\WINDOWS\TEMP\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://213.159.117.134/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://213.159.117.134/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = http://213.159.117.134/index.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Program Microsoft Internet Explorer dostarczony przez IDG.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: 127.0.0.3 http://www.greg-tut.com
O1 - Hosts: 127.0.0.3 nylonsexy.com
O1 - Hosts: 127.0.0.3 http://www.nylonsexy.com
O1 - Hosts: 127.0.0.3 vparivalka.com
O1 - Hosts: 127.0.0.3 http://www.vparivalka.comtoescrowpay.com
O1 - Hosts: 127.0.0.3 http://www.awmdabest.com
O1 - Hosts: 127.0.0.3 http://www.sexfiles.nu
O1 - Hosts: 127.0.0.3 awmdabest.com
O1 - Hosts: 127.0.0.3 sexfiles.nu
O1 - Hosts: 127.0.0.3 allforadult.com
O1 - Hosts: 127.0.0.3 http://www.allforadult.com
O1 - Hosts: 127.0.0.3 http://www.iframe.biz
O1 - Hosts: 127.0.0.3 iframe.biz
O1 - Hosts: 127.0.0.3 http://www.newiframe.biz
O1 - Hosts: 127.0.0.3 newiframe.biz
O1 - Hosts: 127.0.0.3 http://www.vesbiz.biz
O1 - Hosts: 127.0.0.3 vesbiz.biz
O1 - Hosts: 127.0.0.3 http://www.pizdato.biz
O1 - Hosts: 127.0.0.3 pizdato.biz
O1 - Hosts: 127.0.0.3 http://www.aaasexypics.com
O1 - Hosts: 127.0.0.3 aaasexypics.com
O1 - Hosts: 127.0.0.3 http://www.virgin-tgp.net
O1 - Hosts: 127.0.0.3 virgin-tgp.net
O1 - Hosts: 127.0.0.3 http://www.awmcash.biz
O1 - Hosts: 127.0.0.3 awmcash.biz
O1 - Hosts: 127.0.0.3 buldog-stats.com
O1 - Hosts: 127.0.0.3 http://www.buldog-stats.com
O1 - Hosts: 127.0.0.3 fregat.drocherway.com
O1 - Hosts: 127.0.0.3 slutmania.biz
O1 - Hosts: 127.0.0.3 http://www.slutmania.biz
O1 - Hosts: 127.0.0.3 toolbarpartner.com
O1 - Hosts: 127.0.0.3 http://www.toolbarpartner.com
O1 - Hosts: 127.0.0.3 http://www.megapornix.com
O1 - Hosts: 127.0.0.3 megapornix.com
O1 - Hosts: 127.0.0.3 http://www.sp2fucked.biz
O1 - Hosts: 127.0.0.3 sp2fucked.biz
O1 - Hosts: 69.20.16.183 auto.search.msn.com
O1 - Hosts: 69.20.16.183 search.netscape.com
O1 - Hosts: 69.20.16.183 ieautosearch
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: IEMenuExtension toolbar - {6b95678d-30a4-4ff8-a72f-4208340c1f7f} - C:\PROGRAM FILES\IEMENUEXTENSION\TBEXTN.DLL
O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM…\Run: [internat.exe] internat.exe
O4 - HKLM…\Run: [systemTray] SysTray.Exe
O4 - HKLM…\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM…\Run: [RestartWatch] C:\Program files\Eicon\Diva\WATCH.EXE
O4 - HKLM…\Run: [Kernel32] C:\WINDOWS\SYSTEM\Kernel.dll
O4 - HKLM…\Run: [AVK Mail Checker] “C:\PROGRAM FILES\ANTIVIRENKIT PROFESSIONAL\AVKPOP.EXE”
O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\Run: [CreativeMixer] C:\SBPCI\ctmix32.exe /T
O4 - HKLM…\Run: [iE Menu Extension toolbar] rundll32.exe “C:\PROGRA~1\IEMENU~1\tbextn.dll” DllShowTB
O4 - HKLM…\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O4 - HKLM…\RunServices: [AVKService] C:\PROGRA~1\ANTIVI~1\AVKSER~1.EXE
O4 - HKLM…\RunServices: [AVKWCtl] C:\PROGRA~1\ANTIVI~1\AVKWCTL9.EXE
O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\RunServices: [schedulingAgent] mstask.exe
O4 - HKLM…\RunServices: [wuviewer] C:\WINDOWS\SYSTEM\wuviewer.exe
O4 - HKCU…\Run: [cvchost] c:\windows\cvchost.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\GADU-GADU\GG.EXE” /tray
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: PLANET WL-8303.lnk = C:\Program Files\PLANET\WL-8303\RtlWake.exe
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin3.dll
O12 - Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O15 - Trusted IP range: 213.159.117.202 (HKLM)
O16 - DPF: Notowania ONET - http://notowania.bph.pl/arkusz/notowania.cab
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/components/SignActivX.cab
O16 - DPF: {AFD8ED36-EA54-11D6-AC3F-00105ADCF632} (Ntw4 Control) - https://www.brebrokers.pl/res/ntw4.cab
O16 - DPF: {43A848AB-928D-43A0-8B8A-81D953E9F3EE} (XMLFileSaver Class) - https://www.brebrokers.pl/res/EPMXMLFILESAVERCOM.cab
O16 - DPF: Notowania ONET - http://notowania.bph.pl/arkusz/notowania.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {79849612-A98F-45B8-95E9-4D13C7B6B35C} (Loader2 Control) - http://iframedollars.biz/tb/loader2.ocx
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 194.204.159.1,194.204.152.34
O18 - Filter: text/html - {B72F75B8-93F3-429D-B13E-660B206D897A} - C:\WINDOWS\SYSTEM\porynt.dll
O18 - Filter: text/plain - {B72F75B8-93F3-429D-B13E-660B206D897A} - C:\WINDOWS\SYSTEM\porynt.dll
O21 - SSODL: OLE Automation Module - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - C:\WINDOWS\SYSTEM\child.dll (file missing)
O21 - SSODL: Web Event Logger - {7EFBAEFF-EE02-1333-ABDF-416572E5D639} - C:\WINDOWS\SYSTEM\Ccbnje32.dll (file missing)
O21 - SSODL: OLE Module - {0211C4D9-BC71-8916-38AD-9DEA5D213614} - C:\WINDOWS\SYSTEM\chup.dll (file missing)