Dodaj do ulubionych

proszę o sprawdzenie loga

IP: *.neoplus.adsl.tpnet.pl 28.06.05, 20:23
Logfile of HijackThis v1.99.1
Scan saved at 20:27:38, on 2005-06-28
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\TASKMON.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
C:\COMPAQ\CPQINET\CPQINET.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
C:\PROGRAM FILES\NEOSTRADA TP\CNXMON.EXE
C:\PROGRAM FILES\NEOSTRADA TP\TASKBARICON.EXE
C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
C:\WINDOWS\SYSTEM\HPZTSB04.EXE
C:\WINDOWS\SYSTEM\HPHMON03.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WND.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\WINDOWS\SYSTEM\GAH95ON6.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\QAZCGI\CPDXUDM.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WNF.EXE
C:\COREL\GRAPHICS8\PROGRAMS\MFINDEXER.EXE
C:\PROGRAM FILES\INTERNET OPTIMIZER\ACTALERT.EXE
C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\WINDOWS\SYSTEM\RNAAPP.EXE
C:\PROGRAM FILES\NEOSTRADA TP\WATCH.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\TEMP\TD_0001.DIR\HIJACKTHIS.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
szukaj.wp.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=3c00&lc=0415&s=search&ap=b204
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada
TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no
file)
O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} -
C:\WINDOWS\NEM220.DLL
O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -
C:\WINDOWS\WSEM303.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button
Support\cpqeadm.exe
O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button
Support\eaclean.exe
O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM\..\Run: [WOOKIT] C:\PROGRAM FILES\NEOSTRADA TP\NeostradaTP.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\SYSTEM\HPHMON03.EXE
O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo
Imaging\Hpi_Monitor.exe"
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-
Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet
Optimizer\optimize.exe"
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\SYSTEM\gah95on6.exe
O4 - HKLM\..\Run: [Sfzfdxv] C:\PROGRAM FILES\QAZCGI\CPDXUDM.EXE
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray
O4 - Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8
\Programs\MFIndexer.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O16 - DPF: {81E688E8-36A4-4FEF-B70B-8B0A1C5C1308} (WebLauncherX Control) -
www.kuchnie.pl/online/cad/launcher.cab
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
static.windupdates.com/cab/MediaAccessVerisign/ie/Bridge-c139.cab
O16 - DPF: {4C0942C1-C405-4805-B3B6-EA16F2DDD1BD} (innova-Panorama-Viewer
Object) - www.innova-
webplaner.de/innova/pano/prog/DE/rundum.7.0.0.12.cab
O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4519/mcfscan.cab

Obserwuj wątek
    • Gość: Kolobos Re: proszę o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 28.06.05, 21:08
      Nie uruchamiaj hijackthis z zipa, wypakuj i dopiero wlacz!

      Usun te wpisy:

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
      search.presario.net/scripts/redirectors/presario/srchredir2.dll?
      c=3c00&lc=0415&s=search&ap=b204
      R3 - URLSearchHook: (no name) - _{08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no
      file)
      O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} -
      C:\WINDOWS\NEM220.DLL
      O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} -
      C:\WINDOWS\WSEM303.DLL
      O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
      O4 - HKLM\..\Run: [Internet Optimizer] "C:\Program Files\Internet
      Optimizer\optimize.exe"
      O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\SYSTEM\gah95on6.exe
      O4 - HKLM\..\Run: [Sfzfdxv] C:\PROGRAM FILES\QAZCGI\CPDXUDM.EXE
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
      C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
      00aa003c157a} - C:\WINDOWS\web\related.htm
      O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
      static.windupdates.com/cab/MediaAccessVerisign/ie/Bridge-c139.cab
      O16 - DPF: {4C0942C1-C405-4805-B3B6-EA16F2DDD1BD} (innova-Panorama-Viewer
      Object) - www.innova-
      webplaner.de/innova/pano/prog/DE/rundum.7.0.0.12.cab


      www.downloads.subratam.org/KillBox.zip
      To kasujesz killbox'em:
      C:\WINDOWS\NEM220.DLL
      C:\WINDOWS\WSEM303.DLL
      C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
      C:\Program Files\Internet Optimizer\optimize.exe
      C:\WINDOWS\SYSTEM\gah95on6.exe
      C:\PROGRAM FILES\QAZCGI\CPDXUDM.EXE

      Po resecie usun katalogi:
      C:\PROGRAM FILES\MEDIA ACCESS\
      C:\Program Files\Internet Optimizer\

      Przeskanuj tez tym:
      www.safer-networking.org/pl/mirrors/index.html <- SpyBot S&D ->
      przeskanuj i wlacz ochrone przegladarki
      www.javacoolsoftware.com/spywareblaster.html <- SpywareBlaster -> wlacz
      ochrone przegladarki

      Po wszystkim wklej nowy log.
      • Gość: kasia Re: kontrolne sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 29.06.05, 17:02
        Logfile of HijackThis v1.99.1
        Scan saved at 17:07:54, on 2005-06-29
        Platform: Windows ME (Win9x 4.90.3000)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\SYSTEM\KERNEL32.DLL
        C:\WINDOWS\SYSTEM\MSGSRV32.EXE
        C:\WINDOWS\SYSTEM\mmtask.tsk
        C:\WINDOWS\SYSTEM\MPREXE.EXE
        C:\WINDOWS\SYSTEM\MSTASK.EXE
        C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
        C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
        C:\WINDOWS\EXPLORER.EXE
        C:\WINDOWS\SYSTEM\INTERNAT.EXE
        C:\WINDOWS\TASKMON.EXE
        C:\WINDOWS\SYSTEM\SYSTRAY.EXE
        C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
        C:\COMPAQ\CPQINET\CPQINET.EXE
        C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
        C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\CNXMON.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\TASKBARICON.EXE
        C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
        C:\WINDOWS\SYSTEM\HPZTSB04.EXE
        C:\WINDOWS\SYSTEM\HPHMON03.EXE
        C:\WINDOWS\SYSTEM\WMIEXE.EXE
        C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
        C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WND.EXE
        C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
        C:\PROGRAM FILES\GADU-GADU\GG.EXE
        C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WNF.EXE
        C:\WINDOWS\SYSTEM\SPOOL32.EXE
        C:\COREL\GRAPHICS8\PROGRAMS\MFINDEXER.EXE
        C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
        C:\WINDOWS\SYSTEM\TAPISRV.EXE
        C:\WINDOWS\SYSTEM\RNAAPP.EXE
        C:\PROGRAM FILES\NEOSTRADA TP\WATCH.EXE
        C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
        C:\WINDOWS\SYSTEM\DDHELP.EXE
        C:\WINDOWS\PULPIT\HIJACKTHIS1.99.1\HIJACKTHIS.EXE

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
        szukaj.wp.pl
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
        search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=3c00&lc=0415&s=search&ap=b204
        R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
        www.neostrada.pl
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1
        \SPYBOT~1\SDHELPER.DLL
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
        C:\WINDOWS\SYSTEM\MSDXM.OCX
        O4 - HKLM\..\Run: [internat.exe] internat.exe
        O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
        O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
        O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
        O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
        O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button
        Support\cpqeadm.exe
        O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button
        Support\eaclean.exe
        O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
        O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
        O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
        O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
        O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
        O4 - HKLM\..\Run: [WOOKIT] C:\PROGRAM FILES\NEOSTRADA TP\NeostradaTP.exe
        O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
        O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
        Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
        O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
        O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\SYSTEM\HPHMON03.EXE
        O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo
        Imaging\Hpi_Monitor.exe"
        O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-
        Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
        O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
        O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
        O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
        O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
        O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray
        O4 - Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8
        \Programs\MFIndexer.exe
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
        C:\WINDOWS\SYSTEM\MSJAVA.DLL
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
        00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
        O16 - DPF: {81E688E8-36A4-4FEF-B70B-8B0A1C5C1308} (WebLauncherX Control) -
        www.kuchnie.pl/online/cad/launcher.cab
        O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
        download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4519/mcfscan.cab

          • Gość: kasia Re: kontrolne sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 29.06.05, 17:22
            Logfile of HijackThis v1.99.1
            Scan saved at 17:26:48, on 2005-06-29
            Platform: Windows ME (Win9x 4.90.3000)
            MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

            Running processes:
            C:\WINDOWS\SYSTEM\KERNEL32.DLL
            C:\WINDOWS\SYSTEM\MSGSRV32.EXE
            C:\WINDOWS\SYSTEM\mmtask.tsk
            C:\WINDOWS\SYSTEM\MPREXE.EXE
            C:\WINDOWS\SYSTEM\MSTASK.EXE
            C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
            C:\WINDOWS\EXPLORER.EXE
            C:\WINDOWS\SYSTEM\INTERNAT.EXE
            C:\WINDOWS\TASKMON.EXE
            C:\WINDOWS\SYSTEM\SYSTRAY.EXE
            C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\CPQEADM.EXE
            C:\COMPAQ\CPQINET\CPQINET.EXE
            C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPLPR.EXE
            C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPENH.EXE
            C:\PROGRAM FILES\NEOSTRADA TP\CNXMON.EXE
            C:\PROGRAM FILES\NEOSTRADA TP\NEOSTRADATP.EXE
            C:\PROGRAM FILES\NEOSTRADA TP\TASKBARICON.EXE
            C:\PROGRAM FILES\THOMSON\SPEEDTOUCH USB\DRAGDIAG.EXE
            C:\WINDOWS\SYSTEM\HPZTSB04.EXE
            C:\WINDOWS\SYSTEM\HPHMON03.EXE
            C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\PHOTO IMAGING\HPI_MONITOR.EXE
            C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WND.EXE
            C:\WINDOWS\SYSTEM\SPOOL32.EXE
            C:\WINDOWS\SYSTEM\WMIEXE.EXE
            C:\PROGRAM FILES\GADU-GADU\GG.EXE
            C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\BTTNSERV.EXE
            C:\WINDOWS\SYSTEM\RESTORE\STMGR.EXE
            C:\COREL\GRAPHICS8\PROGRAMS\MFINDEXER.EXE
            C:\PROGRAM FILES\HEWLETT-PACKARD\PHOTOSMART\HP SHARE-TO-WEB\HPGS2WNF.EXE
            C:\PROGRAM FILES\COMPAQ\EASY ACCESS BUTTON SUPPORT\EAUSBKBD.EXE
            C:\PROGRAM FILES\NEOSTRADA TP\COMCOMP.EXE
            C:\WINDOWS\SYSTEM\TAPISRV.EXE
            C:\WINDOWS\SYSTEM\RNAAPP.EXE
            C:\PROGRAM FILES\NEOSTRADA TP\WATCH.EXE
            C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
            C:\WINDOWS\SYSTEM\DDHELP.EXE
            C:\WINDOWS\PULPIT\HIJACKTHIS1.99.1\HIJACKTHIS.EXE

            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
            szukaj.wp.pl
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
            search.presario.net/scripts/redirectors/presario/srchredir2.dll?c=3c00&lc=0415&s=search&ap=b204
            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
            www.neostrada.pl
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
            O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1
            \SPYBOT~1\SDHELPER.DLL
            O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
            C:\WINDOWS\SYSTEM\MSDXM.OCX
            O4 - HKLM\..\Run: [internat.exe] internat.exe
            O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
            O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe
            O4 - HKLM\..\Run: [PCHealth] C:\WINDOWS\PCHealth\Support\PCHSchd.exe -s
            O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
            O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
            powrprof.dll,LoadCurrentPwrScheme
            O4 - HKLM\..\Run: [CPQEASYACC] C:\Program Files\Compaq\Easy Access Button
            Support\cpqeadm.exe
            O4 - HKLM\..\Run: [EACLEAN] C:\Program Files\Compaq\Easy Access Button
            Support\eaclean.exe
            O4 - HKLM\..\Run: [CPQInet] c:\compaq\CPQInet\CpqInet.exe
            O4 - HKLM\..\Run: [SynTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
            O4 - HKLM\..\Run: [SynTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
            O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
            O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe
            O4 - HKLM\..\Run: [WOOKIT] C:\PROGRAM FILES\NEOSTRADA TP\NeostradaTP.exe
            O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
            O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
            Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
            O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
            O4 - HKLM\..\Run: [HPHmon03] C:\WINDOWS\SYSTEM\HPHMON03.EXE
            O4 - HKLM\..\Run: [CXMon] "C:\Program Files\Hewlett-Packard\PhotoSmart\Photo
            Imaging\Hpi_Monitor.exe"
            O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-
            Packard\PhotoSmart\HP Share-to-Web\hpgs2wnd.exe
            O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
            powrprof.dll,LoadCurrentPwrScheme
            O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
            O4 - HKLM\..\RunServices: [*StateMgr] C:\WINDOWS\System\Restore\StateMgr.exe
            O4 - HKLM\..\RunServices: [KB891711] C:\WINDOWS\SYSTEM\KB891711\KB891711.EXE
            O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray
            O4 - Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:\Corel\Graphics8
            \Programs\MFIndexer.exe
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
            C:\WINDOWS\SYSTEM\MSJAVA.DLL
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
            00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
            O16 - DPF: {81E688E8-36A4-4FEF-B70B-8B0A1C5C1308} (WebLauncherX Control) -
            www.kuchnie.pl/online/cad/launcher.cab
            O16 - DPF: {EF791A6B-FC12-4C68-99EF-FB9E207A39E6} (McFreeScan Class) -
            download.mcafee.com/molbin/iss-loc/vso/en-us/tools/mcfscan/2,0,0,4519/mcfscan.cab






            Ps: czy jest Spyware Blaster w wersji polskiej???

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka