Prosze o sprawdzenie mojego loga z drugiego kompa niestety nie zabezpieczonego i przepraszam jak go źle wkleiłem
Logfile of HijackThis v1.99.1
Scan saved at 10:04:19, on 2005-03-17
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\SSDPSRV.EXE
C:\PROGRAM FILES\COMMON FILES\ SYSTEM\MOSEARCH\BIN\ MOSEARCH.EXE
C:\PROGRAM FILES\COMMON FILES\ MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS\SYSTEM\CAPM1RS.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\WINDOWS\SYSTEM\AP9H4QMO.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\RRAUT.EXE
C:\WINDOWS\XHRMY.EXE
C:\WINDOWS\SYSTEM\SAIE.EXE
C:\WINDOWS\SYSTEM\CTFMON.EXE
C:\WINDOWS\SYSTEM\CAPM1LA.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\CAPM1SW.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\WINRAR\WINRAR.EXE
C:\WINDOWS\TEMP\RAR$EX01.039\HIJACKTHIS.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.interia.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F1 - win.ini: run=C:\Centura\hpfsched.bat;
C:\Centura\hpfsched.exe;
C:\Centura\hpfsched.com;
C:\Centura\hpfsched.scr;
C:\Centura\hpfsched.vbs;
C:\WINDOWS\hpfsched.bat;
C:\WINDOWS\hpfsched.exe;
C:\WINDOWS\hpfsched.com;
C:\WINDOWS\hpfsched.scr;
C:\WINDOWS\hpfsched.vbs;
C:\WINDOWS\COMMAND\hpfsched.bat;
C:\WINDOWS\COMMAND\hpfsched.exe;
C:\WINDOWS\COMMAND\hpfsched.com;
C:\WINDOWS\COMMAND\hpfsched.scr;
C:\WINDOWS\COMMAND\hpfsched.vbs;
C:\WINDOWS\SYSTEM\hpfsched.bat;
C:\WINDOWS\SYSTEM\hpfsched.exe;
C:\WINDOWS\SYSTEM\hpfsched.com;
C:\WINDOWS\SYSTEM\hpfsched.scr;
C:\WINDOWS\SYSTEM\hpfsched.vbs
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} –
C:\PROGRAM FILES\ADOBE\ACROBAT 6.0 CE\READER\ACTIVEX\ACROIEHELPER.DLL
O2 - BHO: F1 Organizer Class - {00000EF1-0786-4633-87C6-1AA7A44296DA} - C:\WINDOWS\SYSTEM\ATPARTNERS.DLL
O2 - BHO: LinkTracker Class - {6A6E50DC-BFA8-4B40-AB1B-159E03E829FD} - C:\WINDOWS\SYSTEM\LMF32V.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} –
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKLM\..\Run: [ap9h4qmo] C:\WINDOWS\SYSTEM\ap9h4qmo.exe
O4 - HKLM\..\Run: [bluestart] C:\\RRAUT.exe
O4 - HKLM\..\Run: [xhrmy] C:\WINDOWS\Xhrmy.exe
O4 - HKLM\..\Run: [saie] c:\windows\system\saie.exe
O4 - HKLM\..\Run: [ypqxir] C:\WINDOWS\ypqxir.exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [SSDPSRV] C:\WINDOWS\SYSTEM\ssdpsrv.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [MOSearch] C:\PROGRA~1\COMMON~1\SYSTEM\MOSEARCH\BIN\MOSEARCH.EXE
O4 - HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 - HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 - Startup: Okno stanu Canon PC1200 iC D600 iR1200G.LNK = C:\WINDOWS\SYSTEM\CAPM1LA.EXE
O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O16 - DPF: {92ECE6FA-AC2E-4042-BFAE-0C8608E52A43} (SignActivX Control) - https://www.bph.pl/pi/components/SignActivX.cab
O16 - DPF: {E7D2588A-7FB5-47DC-8830-832605661009} (Live Collaboration) - http://bok.plusgsm.pl/rnt/rnl/java/RntX.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c337.cab
O18 - Filter: text/html - {DFAA31C8-A356-4313-9D95-5EDAB46C5070} - C:\WINDOWS\SYSTEM\LMF32V.DLL