Log


(Elcupra) #1

Prosze o sprawdzenie. Z góry dziękuje

Logfile of HijackThis v1.99.1

Scan saved at 11:15:26, on 05-07-22

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL\OUTPOST.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\SYSTEM\RPCSS.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\PROGRAM FILES\RAPIDMEM\RAPIDMEM.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\PROGRAM FILES\FOOBAR2000\FOOBAR2000.EXE

C:\PROGRAM FILES\OPERA\OPERA.EXE

C:\PROGRAM FILES\WIRTUALNA POLSKA\WPKONTAKT\WPKONTAKT.EXE

D:\PROGRAMY\HIJACKTHIS\HIJACKTHIS.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.eu.microsoft.com/poland/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\GetRight\xx2gr.dll

O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\PROGRAM FILES\SHAREAZA\PLUGINS\RAZAWEBHOOK.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [Transparent] Trans.exe

O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe

O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\Run: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL\outpost.exe /waitservice

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKLM\..\RunServices: [Outpost Firewall] C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL\outpost.exe /service

O4 - HKCU\..\Run: [RapidMem] "C:\Program Files\RapidMem\RapidMem.exe" /tray

O8 - Extra context menu item: Download with &Shareaza - res://C:\PROGRAM FILES\SHAREAZA\PLUGINS\RAZAWEBHOOK.DLL/3000

O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

O9 - Extra button: Ustawienia przeglądarki - {44627E97-789B-40d4-B5C2-58BD171129A1} - C:\PROGRAM FILES\AGNITUM\OUTPOST FIREWALL\PLUGINS\BROWSERBAR\IE_BAR.DLL

O18 - Protocol: wpmsg - {2E0AC5A0-3597-11D6-B3ED-0001021DC1C3} - C:\PROGRAM FILES\WIRTUALNA POLSKA\WPKONTAKT\URL_WPMSG.DLL

(Damian) #2

Ogólnie czysty...

Mógłbyś jedynie pozbyć się Shareazy, bo zawiera syf w takiej postaci:

O2 - BHO: Shareaza Web Download Hook - {0EEDB912-C5FA-486F-8334-57288578C627} - C:\PROGRAM FILES\SHAREAZA\PLUGINS\RAZAWEBHOOK.DLL


(Qbek50) #3

syf siedzi w tym:

to jest od Shareazy. Jak usuniesz ten plik to nie wiem czy Shareaza odpali.

Kosmetycznie ciachnij:


(boczi) #4

Odpali na pewno.