Gość: Terenia
IP: *.internetdsl.tpnet.pl
12.04.05, 12:43
Podczas pracy co chwilę otwieraja mi się jakieś okienka informujące mnie o
wykryciu wirusów, reklamy zapraszające w jakies dziwne miejsca itp. Poniżej
wklejam log. Dziekuję z góry.
Logfile of HijackThis v1.99.1
Scan saved at 11:53:26, on 05-04-12
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\MDM.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE
C:\TEMP\SALM.EXE
C:\WINDOWS\SYSTEM\GAH95ON6.EXE
C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE
C:\WINDOWS\SYSTEM\SPOOL32.EXE
C:\WINDOWS\SYSTEM\TAPISRV.EXE
C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE
C:\WINDOWS\SYSTEM\WMIEXE.EXE
C:\WINDOWS\SYSTEM\PSTORES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAMMI\BIBWIN4\OFFICE\MSACCESS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\COMMON FILES\REAL\UPDATE_OB\REALSCHED.EXE
C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\WINDOWS\TEMP\se.dll/sp.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\WINDOWS\TEMP\se.dll/sp.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1
\SPYBOT~1\SDHELPER.DLL
O2 - BHO: (no name) - {12B3E687-8027-11D9-88A4-4445AA5F0F5D} -
C:\WINDOWS\SYSTEM\KGNI.DLL
O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb04.exe
O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM\..\Run: [sp] rundll32 C:\WINDOWS\TEMP\SE.DLL,DllInstall
O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe
O4 - HKLM\..\Run: [salm] c:\temp\salm.exe
O4 - HKLM\..\Run: [cnsjcp] C:\WINDOWS\cnsjcp.exe
O4 - HKLM\..\Run: [gah95on6] C:\WINDOWS\SYSTEM\gah95on6.exe
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common
Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE
O9 - Extra button: Accesso al servizio - {FF4D2994-6575-4F03-A5C6-
6559C8793A06} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O9 - Extra 'Tools' menuitem: Accesso al servizio - {FF4D2994-6575-4F03-A5C6-
6559C8793A06} - C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O16 - DPF: ING Bank Online -
ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {DB893839-10F0-4AF9-92FA-B23528F530AF} -
deposito.hostance.net/dialer/1056307.exe
O16 - DPF: {EB387D2F-E27B-4D36-979E-847D1036C65D} (QDiagHUpdateObj Class) -
h30043.www3.hp.com/hpdj/en/check/qdiagh.cab?326
O17 - HKLM\System\CCS\Services\VxD\MSTCP: Domain = y
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer =
194.204.152.34,217.98.63.164
O18 - Filter: text/html - {12B3E686-8027-11D9-88A4-4445C513AAC6} -
C:\WINDOWS\SYSTEM\KGNI.DLL
O18 - Filter: text/plain - {12B3E686-8027-11D9-88A4-4445C513AAC6} -
C:\WINDOWS\SYSTEM\KGNI.DLL