Scan saved at 12:01:57, on 05-04-20
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2919.6304)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\COMMON FILES\ADAPTEC SHARED\CREATECD\CREATECD50.EXE
C:\PROGRAM FILES\ROXIO\EASY CD CREATOR 5\DIRECTCD\DIRECTCD.EXE
C:\WINDOWS\SYSTEM\SERVICES{E6B00D60-B114-11D9-9CCB-0050FCF2B59C}\SVCHOST.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\REALTEK\RTL8180\RTLWAKE.EXE
C:\PROGRAM FILES\COREL\GRAPHICS9\REGISTER\REMIND32.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\NOWY FOLDER\GADU-GADU\GG.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\NOWY FOLDER\MIRC\MIRC.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
C:\WINDOWS\TEMP\RAR$EX00.403\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\TEMP\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: (no name) - {50B88B6D-ABA7-11D9-9CCB-0050E975D097} - C:\WINDOWS\SYSTEM\GKND.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O4 - HKLM..\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM..\Run: [internat.exe] internat.exe
O4 - HKLM..\Run: [systemTray] SysTray.Exe
O4 - HKLM..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM..\Run: [nwiz] nwiz.exe /install
O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.dll,CMICtrlWnd
O4 - HKLM..\Run: [CreateCD50] "C:\Program Files\Common Files\Adaptec Shared\CreateCD\CreateCD50.exe" -r
O4 - HKLM..\Run: [AdaptecDirectCD] "C:\Program Files\Roxio\Easy CD Creator 5\DirectCD\DirectCD.exe"
O4 - HKLM..\Run: [service Host] C:\WINDOWS\SYSTEM\Services{E6B00D60-B114-11D9-9CCB-0050FCF2B59C}\SVCHOST.EXE
O4 - HKLM..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM..\RunServices: [schedulingAgent] mstask.exe
O4 - HKCU..\Run: [Gadu-Gadu] "C:\NOWY FOLDER\GADU-GADU\GG.EXE" /tray
O4 - Startup: RtlWake.lnk = C:\Program Files\Realtek\Rtl8180\RtlWake.exe
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Startup: Rejestrowanie produktów Corela.lnk = C:\Program Files\Corel\Graphics9\Register\Remind32.exe
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=
O18 - Filter: text/html - {26C0F760-B12F-11D9-9CCB-0050EF9610D8} - C:\WINDOWS\SYSTEM\GKND.DLL
O18 - Filter: text/plain - {26C0F760-B12F-11D9-9CCB-0050EF9610D8} - C:\WINDOWS\SYSTEM\GKND.DLL
O21 - SSODL: jpKMgqIWXl - {123F12EA-B895-B840-44FF-57F452B58C47} - C:\WINDOWS\SYSTEM\TJDA.DLL
Witam prosilbym o pomoc... ad aware i spybot znajduja rozne swinstwa w stylu TIB czy CWS niby usuwa ale porbme dalej zostaje
Prosilbym o pomoc z gory bardzo dziekuje:D
