log-prosba o sprawdzenie

IP: *.in.zabkowska.pl / *.zabkowska.pl 10.12.04, 19:24
czy może ktoś sprawdzić mojego loga, coś mi się często otwiera
pozdr

Logfile of HijackThis v1.98.2
Scan saved at 19:23:59, on 04-12-10
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\SYSTEM\STIMON.EXE
C:\WINDOWS\SYSTEM\PDESK.EXE
C:\WINDOWS\SYSTEM\HPZTSB05.EXE
C:\PROGRAM FILES\A4TECH\MOUSE\AMOUMAIN.EXE
C:\WINDOWS\SYSTEM\TWINK64.EXE
C:\PROGRAM FILES\WINDOWS ADSERVICE\WINADSERV.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\RunDLL.exe
C:\WINDOWS\DANE APLIKACJI\WNDO.EXE
C:\WINDOWS\SYSTEM\WFDWGI.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\WINDOWS ADSERVICE\WINADSLAVE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\WINDOS.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
D:\PROGRAM FILES\HIJACKTHIS19802.EXE

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
file://c:\windows\TEMP\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
file://c:\windows\TEMP\sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
file://c:\windows\TEMP\sp.html
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
file://c:\windows\TEMP\sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = tp wita
Cie w Internecie
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM
FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O2 - BHO: (no name) - {1AF66459-9D43-5DB6-8753-60550DF47E1C} -
C:\WINDOWS\SYSTEM\NAYFZCBH.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: (no name) - {31EE3F00-4ADF-11D9-A404-00A04FA2DEF9} -
C:\WINDOWS\SYSTEM\ACLLAAA.DLL
O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -
C:\PROGRAM FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
O4 - HKLM\..\Run: [SystemTray] systray.exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
O4 - HKLM\..\Run: [Internet Explorer Library] C:\WINDOWS\system\ieupdates.exe
O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
O4 - HKLM\..\Run: [Matrox Powerdesk] c:\windows\SYSTEM\PDesk.exe /Autolaunch
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4TECH\MOUSE\AMOUMAIN.EXE
O4 - HKLM\..\Run: [unOnceEx LogR] C:\WINDOWS\SYSTEM\unOnceEx LogR.exe
O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\twink64.exe
internat.dll,LoadKeyboardProfile
O4 - HKLM\..\Run: [Windows AdService] C:\PROGRAM FILES\WINDOWS
ADSERVICE\WINADSERV.EXE
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [PavProc] C:\Program Files\Common Files\Panda
Software\PavShld\PavPrS9x.exe
O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL
deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\Run: [Wttu] C:\WINDOWS\Dane aplikacji\wndo.exe
O4 - HKCU\..\Run: [Rhhaash] C:\WINDOWS\SYSTEM\wfdwgi.exe
O4 - HKCU\..\RunServices: [Taskbar Display Controls] RunDLL
deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - HKCU\..\RunServices: [Wttu] C:\WINDOWS\Dane aplikacji\wndo.exe
O4 - HKCU\..\RunServices: [Rhhaash] C:\WINDOWS\SYSTEM\wfdwgi.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
C:\WINDOWS\SYSTEM\Shdocvw.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} -
C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.topconverting.com
O15 - Trusted Zone: *.crazywinnings.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.slotchbar.com
O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
https://www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) -
http://www.buy@fiat.com/Components/Ocx/Exterior/Outside.cab
O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) -
http://www.buy@fiat.com/Components/Ocx/SurVid/MSSurVid.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O16 - DPF: ING Bank Online -
https://ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
Control) - http://www.mt-download.com/MediaTicketsInstaller.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://www.pandasoftware.com/activescan/as5/asinst.cab
O18 - Filter: text/html - {31EE3F01-4ADF-11D9-A404-00A020EE7B62} -
C:\WINDOWS\SYSTEM\ACLLAAA.DLL
O18 - Filter: text/plain - {31EE3F01-4ADF-11D9-A404-00A020EE7B62} -
C:\WINDOWS\SYSTEM\ACLLAAA.DLL

    • Gość: piecyk gazowy Re: log-prosba o sprawdzenie IP: *.tpnet.pl / *.tpnet.pl 10.12.04, 19:45
      forum.gazeta.pl/forum/72,2.html?f=430&w=18448892&a=18460448
      • Gość: emka Re: log-prosba o sprawdzenie IP: *.in.zabkowska.pl / *.zabkowska.pl 11.12.04, 10:51
        zrobiłem według wskazówek, co dalej?

        pozdr
        emka




        Logfile of HijackThis v1.98.2
        Scan saved at 10:51:50, on 04-12-11
        Platform: Windows 98 SE (Win9x 4.10.2222A)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\SYSTEM\KERNEL32.DLL
        C:\WINDOWS\SYSTEM\MSGSRV32.EXE
        C:\WINDOWS\SYSTEM\MPREXE.EXE
        C:\WINDOWS\SYSTEM\mmtask.tsk
        C:\WINDOWS\SYSTEM\MSTASK.EXE
        C:\WINDOWS\EXPLORER.EXE
        C:\WINDOWS\SYSTEM\SYSTRAY.EXE
        C:\WINDOWS\SYSTEM\STIMON.EXE
        C:\WINDOWS\SYSTEM\PDESK.EXE
        C:\WINDOWS\SYSTEM\HPZTSB05.EXE
        C:\PROGRAM FILES\A4TECH\MOUSE\AMOUMAIN.EXE
        C:\WINDOWS\SYSTEM\TWINK64.EXE
        C:\PROGRAM FILES\WINDOWS ADSERVICE\WINADSERV.EXE
        C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
        C:\WINDOWS\RunDLL.exe
        C:\WINDOWS\DANE APLIKACJI\WNDO.EXE
        C:\WINDOWS\SYSTEM\WFDWGI.EXE
        C:\WINDOWS\SYSTEM\SPOOL32.EXE
        C:\PROGRAM FILES\WINDOWS ADSERVICE\WINADSLAVE.EXE
        C:\WINDOWS\SYSTEM\PSTORES.EXE
        C:\WINDOWS\SYSTEM\WMIEXE.EXE
        C:\WINDOWS\SYSTEM\WINDOS.EXE
        D:\PROGRAM FILES\HIJACKTHIS19802.EXE

        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
        about:blank
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
        file://c:\windows\TEMP\sp.html
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
        file://c:\windows\TEMP\sp.html
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
        file://c:\windows\TEMP\sp.html
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
        file://c:\windows\TEMP\sp.html
        R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        file://c:\windows\TEMP\sp.html
        R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
        file://c:\windows\TEMP\sp.html
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
        R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
        R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = tp wita Cie
        w Internecie
        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM
        FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
        O2 - BHO: (no name) - {1AF66459-9D43-5DB6-8753-60550DF47E1C} -
        C:\WINDOWS\SYSTEM\NAYFZCBH.DLL
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
        C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
        O2 - BHO: (no name) - {8E41DEA0-4B62-11D9-A404-00A0E2FC9943} -
        C:\WINDOWS\SYSTEM\NLA.DLL
        O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM
        FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
        C:\WINDOWS\SYSTEM\MSDXM.OCX
        O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun
        O4 - HKLM\..\Run: [SystemTray] systray.exe
        O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\Run: [SoundFusion] RunDll32 cwcprops.cpl,CrystalControlWnd
        O4 - HKLM\..\Run: [Internet Explorer Library] C:\WINDOWS\system\ieupdates.exe
        O4 - HKLM\..\Run: [mdac_runonce] C:\WINDOWS\SYSTEM\runonce.exe
        O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
        O4 - HKLM\..\Run: [StillImageMonitor] C:\WINDOWS\SYSTEM\STIMON.EXE
        O4 - HKLM\..\Run: [Matrox Powerdesk] c:\windows\SYSTEM\PDesk.exe /Autolaunch
        O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe
        O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4TECH\MOUSE\AMOUMAIN.EXE
        O4 - HKLM\..\Run: [unOnceEx LogR] C:\WINDOWS\SYSTEM\unOnceEx LogR.exe
        O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\twink64.exe
        internat.dll,LoadKeyboardProfile
        O4 - HKLM\..\Run: [Windows AdService] C:\PROGRAM FILES\WINDOWS
        ADSERVICE\WINADSERV.EXE
        O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
        Files\Real\Update_OB\realsched.exe" -osboot
        O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
        powrprof.dll,LoadCurrentPwrScheme
        O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
        O4 - HKLM\..\RunServices: [PavProc] C:\Program Files\Common Files\Panda
        Software\PavShld\PavPrS9x.exe
        O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL
        deskcp16.dll,QUICKRES_RUNDLLENTRY
        O4 - HKCU\..\Run: [Wttu] C:\WINDOWS\Dane aplikacji\wndo.exe
        O4 - HKCU\..\Run: [Rhhaash] C:\WINDOWS\SYSTEM\wfdwgi.exe
        O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
        O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
        C:\WINDOWS\web\related.htm (file missing)
        O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
        00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
        O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} -
        C:\WINDOWS\SYSTEM\Shdocvw.dll
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
        C:\WINDOWS\SYSTEM\MSJAVA.DLL
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
        00401C608501} - C:\WINDOWS\SYSTEM\MSJAVA.DLL
        O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} -
        C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)
        O12 - Plugin for .wav: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
        O15 - Trusted Zone: *.windupdates.com
        O15 - Trusted Zone: *.searchmiracle.com
        O15 - Trusted Zone: *.searchbarcash.com
        O15 - Trusted Zone: *.skoobidoo.com
        O15 - Trusted Zone: *.my-internet.info
        O15 - Trusted Zone: *.xxxtoolbar.com
        O15 - Trusted Zone: *.slotch.com
        O15 - Trusted Zone: *.flingstone.com
        O15 - Trusted Zone: *.mt-download.com
        O15 - Trusted Zone: *.blazefind.com
        O15 - Trusted Zone: *.clickspring.net
        O15 - Trusted Zone: *.topconverting.com
        O15 - Trusted Zone: *.crazywinnings.com
        O15 - Trusted Zone: *.ysbweb.com
        O15 - Trusted Zone: *.slotchbar.com
        O16 - DPF: {CA034DCC-A580-4333-B52F-15F98C42E04C} (Downloader Class) -
        www.stopzilla.com/_download/Auto_Installer/dwnldr.cab
        O16 - DPF: {BB47CA33-8B4D-11D0-9511-00C04FD9152D} (ExteriorSurround Object) -
        www.buy@fiat.com/Components/Ocx/Exterior/Outside.cab
        O16 - DPF: {928626A3-6B98-11CF-90B4-00AA00A4011F} (SurroundVideoCtrl Object) -
        www.buy@fiat.com/Components/Ocx/SurVid/MSSurVid.cab
        O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
        bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
        O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab
        O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
        Control) - www.mt-download.com/MediaTicketsInstaller.cab
        O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
        www.pandasoftware.com/activescan/as5/asinst.cab
        O18 - Filter: text/html - {8E41DEA1-4B62-11D9-A404-00A08DB03CD8} -
        C:\WINDOWS\SYSTEM\NLA.DLL
        O18 - Filter: text/plain - {8E41DEA1-4B62-11D9-A404-00A08DB03CD8} -
        C:\WINDOWS\SYSTEM\NLA.DLL

        • Gość: piecyk gazowy Re: log-prosba o sprawdzenie IP: *.tpnet.pl / *.tpnet.pl 11.12.04, 14:30
          Odinstaluj w Dodaj/usuń programy MyBar czy MySearchBar (czy coś takiego).

          Widzę, że program nie pomógł, więc teraz usuwamy. ;-) Gwiazdką oznaczam wpisy
          poprawne, ale według mnie zbędne (decyzja, czy zostawisz czy usuniesz, należy
          do Ciebie).

          > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
          > about:blank
          > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
          > file://c:\windows\TEMP\sp.html
          > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
          > file://c:\windows\TEMP\sp.html
          > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
          > file://c:\windows\TEMP\sp.html
          > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
          > file://c:\windows\TEMP\sp.html
          > R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
          > file://c:\windows\TEMP\sp.html
          > R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
          > file://c:\windows\TEMP\sp.html
          > R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
          > R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
          *> R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = tp wita
          Cie
          > w Internecie

          > O2 - BHO: myBar BHO - {0494D0D1-F8E0-41ad-92A3-14154ECE70AC} - C:\PROGRAM
          > FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL
          > O2 - BHO: (no name) - {1AF66459-9D43-5DB6-8753-60550DF47E1C} -
          > C:\WINDOWS\SYSTEM\NAYFZCBH.DLL

          > O2 - BHO: (no name) - {8E41DEA0-4B62-11D9-A404-00A0E2FC9943} -
          > C:\WINDOWS\SYSTEM\NLA.DLL
          > O3 - Toolbar: &SearchBar - {0494D0D9-F8E0-41ad-92A3-14154ECE70AC} -
          C:\PROGRAM
          > FILES\MYWAY\MYBAR\1.BIN\MYBAR.DLL

          > O4 - HKLM\..\Run: [Internet Explorer Library] C:\WINDOWS\system\ieupdates.exe

          *> O4 - HKLM\..\Run: [Matrox Powerdesk] c:\windows\SYSTEM\PDesk.exe /Autolaunch
          *> O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb05.exe

          > O4 - HKLM\..\Run: [unOnceEx LogR] C:\WINDOWS\SYSTEM\unOnceEx LogR.exe
          > O4 - HKLM\..\Run: [ControlPanel] C:\WINDOWS\SYSTEM\twink64.exe
          > internat.dll,LoadKeyboardProfile
          > O4 - HKLM\..\Run: [Windows AdService] C:\PROGRAM FILES\WINDOWS
          > ADSERVICE\WINADSERV.EXE
          *> O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
          > Files\Real\Update_OB\realsched.exe" -osboot

          > O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL
          > deskcp16.dll,QUICKRES_RUNDLLENTRY
          > O4 - HKCU\..\Run: [Wttu] C:\WINDOWS\Dane aplikacji\wndo.exe
          > O4 - HKCU\..\Run: [Rhhaash] C:\WINDOWS\SYSTEM\wfdwgi.exe
          > O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
          > O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
          > C:\WINDOWS\web\related.htm (file missing)
          > O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
          > 00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)

          > O9 - Extra button: WeatherBug - {AF6CABAB-61F9-4f12-A198-B7D41EF1CB52} -
          > C:\Program Files\AWS\WeatherBug\Weather.exe (file missing) (HKCU)

          > O15 - Trusted Zone: *.windupdates.com
          > O15 - Trusted Zone: *.searchmiracle.com
          > O15 - Trusted Zone: *.searchbarcash.com
          > O15 - Trusted Zone: *.skoobidoo.com
          > O15 - Trusted Zone: *.my-internet.info
          > O15 - Trusted Zone: *.xxxtoolbar.com
          > O15 - Trusted Zone: *.slotch.com
          > O15 - Trusted Zone: *.flingstone.com
          > O15 - Trusted Zone: *.mt-download.com
          > O15 - Trusted Zone: *.blazefind.com
          > O15 - Trusted Zone: *.clickspring.net
          > O15 - Trusted Zone: *.topconverting.com
          > O15 - Trusted Zone: *.crazywinnings.com
          > O15 - Trusted Zone: *.ysbweb.com
          > O15 - Trusted Zone: *.slotchbar.com

          > O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
          > Control) - www.mt-download.com/MediaTicketsInstaller.cab

          > O18 - Filter: text/html - {8E41DEA1-4B62-11D9-A404-00A08DB03CD8} -
          > C:\WINDOWS\SYSTEM\NLA.DLL
          > O18 - Filter: text/plain - {8E41DEA1-4B62-11D9-A404-00A08DB03CD8} -
          > C:\WINDOWS\SYSTEM\NLA.DLL
          • Gość: emka Re: log-prosba o sprawdzenie IP: *.in.zabkowska.pl / *.zabkowska.pl 12.12.04, 01:37
            dziekuję, wszystkie zjawy zniknęły. Mam jeszcze jeden problem, po zamknięciu IE
            system przez jakieś 10-20 sek. nie reaguje na żadne polecenia. Po naciśnięciu
            ctr+alt+del pokazuje sie: Explorer (nie odpowiada) jest to dość męczące. Gdzie
            szukać przyczyny?

            pozdr
            • Gość: piecyk gazowy Re: log-prosba o sprawdzenie IP: *.tpnet.pl / *.tpnet.pl 12.12.04, 14:19
              Niestety, nie jestem w stanie określić przyczyny.

              W każdym razie zawsze zalecane jest bieżące aktualizowanie systemu. Odwiedź
              witrynę www.windowsupdate.com oraz ściągnij i zainstaluj wszystkie
              krytyczne poprawki (jeśli jeszcze ich nie masz).
Pełna wersja