Gość: jasno-niebieski
IP: *.internetdsl.tpnet.pl
06.04.05, 22:00
witam
mam jakiegos syfa w sytemie ktorego nie moge sie pozbyc, na c: zrobil mi
katalog DESKTOP i trzyma tam aktualny pulpit, nie dziala prawy klawisz myszy
i wogole mam juz dosc tego winshita, w najblizszych dniach instaluje linuxa i
wierze ze przynajniej czesc moich problemow sie skonczy, ale niestety osoby
ktore kozystaja z mojego komputera musza pracowac na windzie, wiec prosba
sprawdzenie co jest nie tak i powiedzzie mi co mam dalej robic bo to moj
pierwszy raz...:)
Logfile of HijackThis v1.99.1
Scan saved at 21:48:55, on 05-04-06
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWSS\SYSTEM\KERNEL32.DLL
C:\WINDOWSS\SYSTEM\MSGSRV32.EXE
C:\WINDOWSS\SYSTEM\MPREXE.EXE
C:\WINDOWSS\SYSTEM\mmtask.tsk
C:\WINDOWSS\SYSTEM\PSTORES.EXE
C:\WINDOWSS\SYSTEM\DDHELP.EXE
C:\WINDOWSS\EXPLORER.EXE
C:\WINDOWSS\SYSTEM\INTERNAT.EXE
C:\WINDOWSS\TASKMON.EXE
C:\WINDOWSS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AVPERSONAL\AVGCTRL.EXE
C:\WINDOWSS\SYSTEM\SYSTRAY.EXE
D:\IREK\GADU-GADU\GG.EXE
C:\PROGRAM FILES\EMULE\EMULE.EXE
C:\PROGRAM FILES\HP OFFICEJET SERIES 700\BIN\HPOSTR03.EXE
C:\PROGRAM FILES\PSI\PSI.EXE
C:\WINDOWSS\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\HP OFFICEJET SERIES 700\BIN\HPOVDX03.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
E:\MOJE\HIJACKTHIS\HIJACKTHIS.EXE
O1 - Hosts: 127.0.0.3 n-glx.s-redirect.com
O1 - Hosts: 127.0.0.3 x.full-tgp.net
O1 - Hosts: 127.0.0.3 counter.sexmaniack.com
O1 - Hosts: 127.0.0.3 autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.autoescrowpay.com
O1 - Hosts: 127.0.0.3 www.awmdabest.com
O1 - Hosts: 127.0.0.3 www.sexfiles.nu
O1 - Hosts: 127.0.0.3 awmdabest.com
O1 - Hosts: 127.0.0.3 sexfiles.nu
O1 - Hosts: 127.0.0.3 allforadult.com
O1 - Hosts: 127.0.0.3 www.allforadult.com
O1 - Hosts: 127.0.0.3 www.iframe.biz
O1 - Hosts: 127.0.0.3 iframe.biz
O1 - Hosts: 127.0.0.3 www.newiframe.biz
O1 - Hosts: 127.0.0.3 newiframe.biz
O1 - Hosts: 127.0.0.3 www.vesbiz.biz
O1 - Hosts: 127.0.0.3 vesbiz.biz
O1 - Hosts: 127.0.0.3 www.pi..to.biz
O1 - Hosts: 127.0.0.3 pi..to.biz
O1 - Hosts: 127.0.0.3 www.aaasexypics.com
O1 - Hosts: 127.0.0.3 aaasexypics.com
O1 - Hosts: 127.0.0.3 www.virgin-tgp.net
O1 - Hosts: 127.0.0.3 virgin-tgp.net
O1 - Hosts: 127.0.0.3 www.awmcash.biz
O1 - Hosts: 127.0.0.3 awmcash.biz
O1 - Hosts: 127.0.0.3 buldog-stats.com
O1 - Hosts: 127.0.0.3 www.buldog-stats.com
O1 - Hosts: 127.0.0.3 fregat.drocherway.com
O1 - Hosts: 127.0.0.3 slutmania.biz
O1 - Hosts: 127.0.0.3 www.slutmania.biz
O1 - Hosts: 127.0.0.3 toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.toolbarpartner.com
O1 - Hosts: 127.0.0.3 www.megapornix.com
O1 - Hosts: 127.0.0.3 megapornix.com
O1 - Hosts: 127.0.0.3 www.sp2fucked.biz
O1 - Hosts: 127.0.0.3 sp2fucked.biz
O1 - Hosts: 127.0.0.3 greg-tut.com
O1 - Hosts: 127.0.0.3 www.greg-tut.com
O1 - Hosts: 127.0.0.3 nylonsexy.com
O1 - Hosts: 127.0.0.3 www.nylonsexy.com
O1 - Hosts: 127.0.0.3 vparivalka.com
O1 - Hosts: 127.0.0.3 www.vparivalka.com
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX
O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program
Files\GetRight\xx2gr.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWSS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [internat.exe] internat.exe
O4 - HKLM\..\Run: [ScanRegistry] C:\WINDOWSS\scanregw.exe /autorun
O4 - HKLM\..\Run: [TaskMonitor] C:\WINDOWSS\taskmon.exe
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWSS\SYSTEM\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [AVGCtrl] C:\PROGRAM FILES\AVPERSONAL\AVGCTRL.EXE /min
O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\IREK\GADU-GADU\GG.EXE" /tray
O4 - HKCU\..\Run: [eMuleAutoStart] C:\PROGRAM FILES\EMULE\EMULE.EXE -AutoStart
O4 - Startup: HP OfficeJet Series 700 StartUp.lnk = C:\Program Files\HP
OfficeJet Series 700\bin\HPOstr03.exe
O4 - Startup: Psi.lnk = C:\Program Files\Psi\psi.exe
O8 - Extra context menu item: Download with GetRight - C:\Program
Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:\Program
Files\GetRight\GRbrowse.htm
O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c293.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab