Gość: stukan
IP: *.man.czest.pl
04.12.05, 15:37
Logfile of HijackThis v1.99.1
Scan saved at 15:29:52, on 05-12-04
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\WINDOWS\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\WINKILL\WINKILL.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\WINAMP\WINAMP.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\FG\FLASHGET.EXE
C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL =
searchmiracle.com/sp.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blant
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar =
res://C:\WINDOWS\TEMP\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyServer = 217.97.237.145:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray
O4 - Startup: WinKill.lnk = C:\Program Files\WinKill\WinKill.exe
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\PROGRAM
FILES\FG\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a -
C:\PROGRAM FILES\FG\jc_all.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm (file missing)
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm (file missing)
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} -
C:\PROGRAM FILES\FG\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
0050BA6940E3} - C:\PROGRAM FILES\FG\FLASHGET.EXE
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} -
C:\WINDOWS\SYSTEM\SHDOCVW.DLL
O16 - DPF: Win32 Classes - file://C:\WINDOWS\Java\classes\win32ie4.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-
its:mhtml:file://C:\foo.mht!http://dl.ad-ware.cc/0AGd1hN-
hEHcV9_VGg6c.chm::/on-line.exe
O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} (Installer Class) -
www.tbcode.com/ist/softwares/v4.0/0006_serial.cab
O16 - DPF: {D7BF3304-138B-4DD5-86EE-491BB6A2286C} -
www.azebar.com/install/azesearch.cab
O18 - Filter: text/html - {C83696C0-AABA-11D9-91F7-00E0ACC8D9C8} -
C:\WINDOWS\SYSTEM\AKGE.DLL
O18 - Filter: text/plain - {C83696C0-AABA-11D9-91F7-00E0ACC8D9C8} -
C:\WINDOWS\SYSTEM\AKGE.DLL
O20 - Winlogon Notify: style32 - C:\WINDOWS\Q749635_DISK.DLL