gianter
25.01.05, 10:08
Logfile of HijackThis v1.98.2
Scan saved at 10:05:26, on 05-01-25
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\KERIO\PERSONAL FIREWALL\PERSFW.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\INTERNAT.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\MYIE2\MYIE.EXE
C:\PROGRAM FILES\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Interne t Explorer,SearchURL = aifind.inf/?
id=54
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.google.pl/
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
www.idg.pl
R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page_bak =
www.google.pl/
R0 - HKLM\Software\Microsoft\Interne t Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Interne t Connection Wizard,ShellNext =
www.idg.pl/
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Program
Microsoft Internet Explorer dostarczony przez IDG.pl
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04 FD64497} - (no
file)
O1 - Hosts: 212.33.69.3 js1.hitbox.com
O1 - Hosts: 212.33.69.3 stats.hitbox.com
O1 - Hosts: 212.33.69.3 pagead2.googlesyndication.com
O1 - Hosts: 212.33.69.3 m1.nedstatbasic.net
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER .OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWS\scanregw.exe /autorun
O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM\..\RunServices: [PersFw] "C:\Program Files\Kerio\Personal
Firewall\persfw.exe" /hide
O9 - Extra button: (no name) - {FB5F1910-F110-11d2-BB9E-00C04F 795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NP DocBox.dll
O14 - IERESET.INF: START_PAGE_URL=www.idg.pl
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F2 9E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {315D1BD2-0165-48AE-9F91-9CC271 704FBA} (LRNPrint Class) -
file://D:\Bazy_danych\2071\LRN Viewer\HTML\lrniehlp.cab
O16 - DPF: {5F874A6F-8B34-433D-BA4B-47AC91 C0567F} (MailCfg Control) -
poczta.wp.pl/autoryzacja/mailcfg2.ocx
O17 - HKLM\System\CCS\Services\VxD\MS TCP: NameServer = 195.177.196.3