Logfile of HijackThis v1.99.1
Scan saved at 16:26:09, on 05-04-11
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\RUNSERVICE.EXE
C:\PROGRAM FILES\MKS\BIN\NETMONSV.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\PROGRAM FILES\MKS\BIN\MKS_MON.EXE
C:\PROGRAM FILES\MKS\BIN\ABREGMON.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\WINDOWS\SYSTEM\LVCOMS.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\PERFECT SERIES\OPTICAL MOUSE\3.0\MOUSE32A.EXE
C:\PROGRAM FILES\MKS\TEMP\UPD_INST.EXE
C:\WINDOWS\PULPIT\HIJACKTHIS.EXE
C:\PROGRAM FILES\MKS\BIN\MKS_MENU.EXE
C:\PROGRAM FILES\MKS\BIN\MKS_SCAN.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://www.neostrada.pl/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)
O1 - Hosts: 80.72.33.110 7exe.wuup.com #2004-12-04 20:14:18
O1 - Hosts: 217.17.46.250 adserver.gadu-gadu.pl #2004-12-04 20:14:18
O1 - Hosts: 217.153.145.235 allegro.pl #2004-12-05 15:26:56
O1 - Hosts: 69.50.241.67 anime-jin.net #2004-12-07 14:00:21
O1 - Hosts: 62.89.101.156 archiwum.pszczolek.com #2004-12-07 14:00:21
O1 - Hosts: 193.110.120.7 arte.internetdsl.pl #2004-12-04 20:14:18
O1 - Hosts: 195.116.130.237 biegajznami.pl #2004-12-07 14:00:21
O1 - Hosts: 64.237.54.98 bigmouthfulls.bangbros1.com #2004-12-04 20:14:18
O1 - Hosts: 62.129.249.128 byss.home.pl #2004-12-04 20:14:19
O1 - Hosts: 217.115.142.116 ed2k.2x4u.de #2004-12-04 20:14:19
O1 - Hosts: 64.237.45.66 erotic.goo.pl #2004-12-04 20:14:19
O1 - Hosts: 67.18.29.158 exit.sexarchiwum.pl #2004-12-04 20:14:19
O1 - Hosts: 193.17.41.24 f.kuchnia.o2.pl #2004-12-04 20:14:19
O1 - Hosts: 80.237.203.106 film.gildia.com #2004-12-07 14:00:21
O1 - Hosts: 212.77.99.3 film.wp.pl #2004-12-05 15:26:56
O1 - Hosts: 65.254.54.122 filmiki-flash.ad.warszawa.pl #2004-12-07 14:00:21
O1 - Hosts: 64.237.45.66 filmy.sexraj.pl #2004-12-04 20:14:19
O1 - Hosts: 64.237.45.66 filmy-erotyczne.joo.pl #2004-12-13 19:25:29
O1 - Hosts: 62.111.180.24 forum.dobreprogramy.pl #2004-12-04 20:14:19
O1 - Hosts: 64.94.17.96 freehost07.websamba.com #2004-12-04 20:14:19
O1 - Hosts: 64.237.45.66 galerie.xfotka.pl #2004-12-07 14:00:21
O1 - Hosts: 213.180.130.210 gronet.tenbit.pl #2004-12-04 20:14:19
O1 - Hosts: 212.77.100.5 gwiazdy.wp.pl #2004-12-04 20:14:20
O1 - Hosts: 69.22.140.68 happytee.mondominishows.com #2004-12-13 19:25:29
O1 - Hosts: 63.251.52.89 happytreefriends.atomfilms.com #2004-12-13 19:25:29
O1 - Hosts: 69.22.140.68 happytreefriends.com #2004-12-13 19:25:29
O1 - Hosts: 66.55.133.195 hot.wetpussyclub.net #2004-12-13 19:25:29
O1 - Hosts: 62.111.180.21 infojama.pl #2004-12-04 20:14:20
O1 - Hosts: 66.55.136.243 insiderpress.pl #2004-12-07 14:00:24
O1 - Hosts: 207.44.160.17 isg09.casalemedia.com #2004-12-13 19:25:29
O1 - Hosts: 209.249.116.141 java.sun.com #2004-12-04 20:14:20
O1 - Hosts: 212.77.100.212 katalog.wp.pl #2004-12-05 15:26:56
O1 - Hosts: 193.17.41.71 ko.kurnik.pl #2004-12-04 20:14:20
O1 - Hosts: 212.77.99.4 ksiazki.wp.pl #2004-12-04 20:14:20
O1 - Hosts: 217.79.151.50 kup.nawijka.wp.pl #2004-12-04 20:14:20
O1 - Hosts: 216.127.82.139 landhell.fpp.pl #2004-12-13 19:25:30
O1 - Hosts: 62.87.136.4 magazyn.chip.pl #2004-12-04 20:14:20
O1 - Hosts: 66.90.81.58 mariusz.piwko.pl #2004-12-07 14:00:24
O1 - Hosts: 217.17.36.244 megapanel.gem.pl #2004-12-04 20:14:20
O1 - Hosts: 212.78.204.20 members.lycos.co.uk #2004-12-07 14:00:24
O1 - Hosts: 64.237.45.66 modelki.sexraj.pl #2004-12-13 19:25:30
O1 - Hosts: 217.153.145.235 moto.allegro.pl #2004-12-04 20:14:20
O1 - Hosts: 212.77.100.219 moto.wp.pl #2004-12-05 15:26:56
O1 - Hosts: 212.77.100.168 muzyka.wp.pl #2004-12-04 20:14:20
O1 - Hosts: 212.77.100.167 nawijka.wp.pl #2004-12-04 20:14:20
O1 - Hosts: 195.117.3.84 onephoto.net #2004-12-07 14:00:24
O1 - Hosts: 64.237.45.66 panienki.goo.pl #2004-12-04 20:14:20
O1 - Hosts: 213.218.116.224 partner.wapster.pl #2004-12-04 20:14:20
O1 - Hosts: 213.180.130.206 poczta.onet.pl #2004-12-13 19:25:30
O1 - Hosts: 64.237.45.66 polki-amatorki.goo.pl #2004-12-04 20:14:21
O1 - Hosts: 66.79.179.130 porno.int.pl #2004-12-13 19:25:30
O1 - Hosts: 217.17.44.36 prace.sciaga.pl #2004-12-04 20:14:21
O1 - Hosts: 66.35.250.217 prdownloads.sf.net #2004-12-04 20:14:21
O1 - Hosts: 194.67.1.14 public.ag.ru #2004-12-04 20:14:21
O1 - Hosts: 69.20.69.171 results.cafefind.net #2004-12-04 20:14:21
O1 - Hosts: 212.182.102.165 retro.scene.pl #2004-12-04 20:14:21
O1 - Hosts: 207.44.236.81 sadurski.com #2004-12-07 14:00:24
O1 - Hosts: 193.42.231.67 serwisy.gazeta.pl #2004-12-07 14:00:24
O1 - Hosts: 67.15.36.25 sexfoto.js.pl #2004-12-04 20:14:21
O1 - Hosts: 64.237.45.66 sexmix.pl #2004-12-04 20:14:21
O1 - Hosts: 217.153.57.226 skutery-tuning.pl #2004-12-04 20:14:21
O1 - Hosts: 212.77.100.126 sport.wp.pl #2004-12-05 15:26:56
O1 - Hosts: 66.117.8.10 static.filefront.com #2004-12-13 19:25:30
O1 - Hosts: 212.77.100.224 tv.wp.pl #2004-12-04 20:14:21
O1 - Hosts: 193.109.91.135 viper.pl #2004-12-05 15:26:56
O1 - Hosts: 217.17.41.94 web.gadu-gadu.pl #2004-12-04 20:14:21
O1 - Hosts: 213.205.40.9 web.volftp.mondadori.com #2004-12-04 20:14:21
O1 - Hosts: 207.46.248.113 windowsmedia.com #2004-12-04 20:14:21
O1 - Hosts: 212.77.100.167 wpkontakt.wp.pl #2004-12-04 20:14:21
O1 - Hosts: 195.206.96.72 http://www.1313sex.info #2004-12-04 20:14:22
O1 - Hosts: 193.110.120.7 http://www.21.neostrada.pl #2004-12-04 20:14:22
O1 - Hosts: 207.44.228.33 http://www.ahvids.com #2004-12-07 14:00:24
O1 - Hosts: 217.153.145.235 http://www.allegro.pl #2004-12-04 20:14:22
O1 - Hosts: 66.250.30.140 http://www.anime-gratis.com #2004-12-07 14:00:25
O1 - Hosts: 38.113.198.90 http://www.anime-site.com #2004-12-07 14:00:25
O1 - Hosts: 193.110.121.251 http://www.bajer.pl #2004-12-07 14:00:25
O1 - Hosts: 64.237.45.66 http://www.barti.xfotka.pl #2004-12-13 19:25:30
O1 - Hosts: 69.20.69.171 http://www.benews.net #2004-12-04 20:14:22
O1 - Hosts: 67.15.42.25 http://www.bikepics.com #2004-12-04 20:14:22
O1 - Hosts: 213.181.194.207 http://www.brobin.com.pl #2004-12-07 14:00:25
O1 - Hosts: 212.85.112.177 http://www.bron.pl #2004-12-04 20:14:22
O1 - Hosts: 81.21.192.133 http://www.carlsberg.pl #2004-12-04 20:14:22
O1 - Hosts: 194.42.46.64 http://www.cartoons.pl #2004-12-07 14:00:25
O1 - Hosts: 64.237.37.222 http://www.cartoons-pic.com #2004-12-07 14:00:25
O1 - Hosts: 67.15.36.34 http://www.cda.up.pl #2004-12-04 20:14:22
O1 - Hosts: 216.39.82.50 http://www.celebritymoviearchive.com #2004-12-13 19:25:30
O1 - Hosts: 67.19.120.140 http://www.celebs.pl #2004-12-04 20:14:22
O1 - Hosts: 64.237.45.66 http://www.cipki.sex.buja.pl #2004-12-13 19:25:30
O1 - Hosts: 213.219.122.23 http://www.clinofob.com #2004-12-07 14:00:26
O1 - Hosts: 212.127.66.209 http://www.cojestgrane.pl #2004-12-07 14:00:26
O1 - Hosts: 12.129.204.104 http://www.comeddy.com #2004-12-07 14:00:26
O1 - Hosts: 67.15.36.34 http://www.darmowe-filmy.pl #2004-12-04 20:14:22
O1 - Hosts: 207.234.147.69 http://www.emuzyka.pl #2004-12-04 20:14:22
O1 - Hosts: 217.74.64.33 http://www.enigmapolice.pl #2004-12-04 20:14:22
O1 - Hosts: 80.72.33.110 http://www.eqi.pl #2004-12-04 20:14:22
O1 - Hosts: 66.90.81.57 http://www.evol.private.pl #2004-12-04 20:14:22
O1 - Hosts: 69.20.69.171 http://www.exactsearch.net #2004-12-04 20:14:22
O1 - Hosts: 195.149.224.205 http://www.fifa2005.hk.pl #2004-12-13 19:25:30
O1 - Hosts: 67.19.119.6 http://www.fifaserwis.com #2004-12-04 20:14:22
O1 - Hosts: 64.237.45.66 http://www.filmy.sexraj.pl #2004-12-04 20:14:22
O1 - Hosts: 64.237.45.66 http://www.filmy-erotyczne.xxxlaski.com #2004-12-13 19:25:30
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FGIEBAR.DLL
O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM…\Run: [stillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM…\Run: [MKS_MON] C:\Program Files\MKS\Bin\mks_mon.exe
O4 - HKLM…\Run: [ABREGMON] C:\PROGRAM FILES\MKS\BIN\ABregmon.exe
O4 - HKLM…\Run: [mqqbqsi] C:\WINDOWS\SYSTEM\FILOHVD.EXE
O4 - HKLM…\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~2.DLL,NewDotNetStartup -s
O4 - HKLM…\Run: [LVComs] C:\WINDOWS\SYSTEM\LVComS.exe
O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM…\RunServices: [schedulingAgent] mstask.exe
O4 - HKLM…\RunServices: [LicCtrl] runservice.exe
O4 - HKLM…\RunServices: [ABNetMon] C:\PROGRAM FILES\MKS\BIN\NETMONSV.EXE
O4 - HKCU…\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU…\Run: [WINCOOL.EXE] C:\PROGRAM FILES\WINTERCOOLER\WINCOOL.EXE
O4 - HKCU…\RunServices: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU…\RunServices: [WINCOOL.EXE] C:\PROGRAM FILES\WINTERCOOLER\WINCOOL.EXE
O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: ProRat V1.8 - {89999700-cba3-4071-b251-47cb894244cd} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra ‘Tools’ menuitem: ProRat V1.8 - {89999700-cba3-4071-b251-47cb894244cd} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) - http://poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_36.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C4} (GameDesire Pool Training) - http://67.15.101.3/g_bin/pl/billardt_2_0_0_21.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_21.cab
O16 - DPF: {1A781DED-C22D-4153-3213-A3211E29DF13} (GameDesire Card Games) - http://67.15.101.3/g_bin/pl/cards_2_0_0_61.cab
O16 - DPF: {AC120B1D-9411-4111-AF52-118052D85D45} (GameDesire Darts Games) - http://67.15.101.3/g_bin/pl/darts_2_0_0_29.cab
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) - http://67.15.101.3/g_bin/pl/roulette_2_0_0_15.cab
O16 - DPF: {54B52E52-8000-4413-BD67-FC7FE24B59F2} (EARTPatchX Class) - http://files.ea.com/downloads/rtpatch/v2/EARTPX.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) - http://67.15.101.3/g_bin/pl/slots70_2_0_0_23.cab
O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GINSOCCER Class) - http://67.15.101.3/g_bin/pl/soccer_2_0_0_7.cab
O16 - DPF: {E56347B0-6C2B-4C2E-939F-EE513EAC80BC} (Creative Product Registration ActiveX Control Module) - http://www.creative.com/register/OCXs/C … ENoMFC.cab
O21 - SSODL: DDE Control Module - {3F143C3A-1457-6CCA-03A7-7AA23B61E40F} - (no file)