Witam.
Otworzyłam link na jakieś forum i pomijając to źe zainfekowali mi z kilkadziesiąt wirusów to jak włączam przeglądarekę to wyskakuje taki napis na niebieskim tle.

Detected SPYware! System error #384
__________________________________________________________________________

Your IP address is xx.xx.xx.xxx Using this address a remote computer has gained anaccess to your computer and probably is collecting the information about the sites you've visited and the files contained in the folder Temporary Internet Files. Attention! Ask for help or install the software for deleting secret information about the sites you visited.

__________________________________________________________________________

Your computer is full of evidences!


ISP of transmission: TPNET
Your IP address: xx.xx.xx.xxx
They know you're using: Mozilla/4.0 (compatible; MSIE 5.5; Windows 98; Win 9x 4.90)
Your computer is: Windows 98
Risk status for further investigation: VERY HIGH RISK



To protect from the Spyware – click here
To prevent information transmission – click here
To delete the history of your activity, click here


Byłabym bardzo wdzięczna gdyby ktoś powiedział mi co mam z tym zrobić. Mniej więcej rozumiem co tam jest napisane ale i tak nie wiem o co chodzi(nie znam sie na takich sprawach :roll: ). Próbowałam juź sama coś z tym zrobić, ale nic nie wyszło. Prosiłabym o sprawdzenie loga. A ten log to:

Logfile of HijackThis v1.99.1
Scan saved at 10:33:25, on 2006–04–02
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\mmtask.tsk
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\WINDOWS.000\SYSTEM\MSTASK.EXE
C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\SCHEDM.EXE
C:\WINDOWS.000\SYSTEM\TETRIZ3.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\SYSTEM\RPCSS.EXE
C:\WINDOWS.000\SYSTEM\LXCGPPLS.EXE
C:\WINDOWS.000\SYSTEM\INTERNAT.EXE
C:\WINDOWS.000\TASKMON.EXE
C:\WINDOWS.000\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\ANTIVIR PERSONALEDITION CLASSIC\AVGCTRL.EXE
C:\PROGRAM FILES\WINAMP\WINAMPA.EXE
C:\PROGRAM FILES\CYBERLINK\POWERDVD\PDVDSERV.EXE
C:\PROGRAM FILES\LEXMARK 2300 SERIES\LXCGMON.EXE
C:\PROGRAM FILES\LEXMARK 2300 SERIES\EZPRINT.EXE
C:\WINDOWS.000\SYSTEM\SPOOL32.EXE
C:\PROGRAM FILES\TRXRTIGX.EXE
C:\WINDOWS.000\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\GADU–GADU\GG.EXE
C:\WINDOWS.000\SYSTEM\RESTORE\STMGR.EXE
C:\PROGRAM FILES\OPENOFFICE.ORG1.1.3\PROGRAM\SOFFICE.EXE
C:\WINDOWS.000\SYSTEM\LXCGCOMS.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS.000\SYSTEM\STIMON.EXE
C:\WINDOWS.000\SYSTEM\DDHELP.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS.000\PULPIT\HIJACKTHIS_V1.99.1.EXE

R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F1 – win.ini: run=lxcgppls.exe
O1 – Hosts: 127.0.0.5 makethemcry.com
O1 – Hosts: 127.0.0.5 loudcash.com
O1 – Hosts: 127.0.0.5 iframestat.com
O1 – Hosts: 127.0.0.5 toolbarpartner.com
O1 – Hosts: 127.0.0.5 hqcash.com
O1 – Hosts: 127.0.0.5 verybigcash.com
O1 – Hosts: 127.0.0.5 makethemcry.com
O1 – Hosts: 127.0.0.5 moviepartnership.com
O1 – Hosts: 127.0.0.5 callmachine.com
O1 – Hosts: 127.0.0.5 regcash.com
O1 – Hosts: 127.0.0.5 toolbarpartner.com
O1 – Hosts: 127.0.0.5 klikrevenue.com
O1 – Hosts: 127.0.0.5 p2dll.com
O1 – Hosts: 127.0.0.5 t73.com
O1 – Hosts: 127.0.0.5 www.makethemcry.com
O1 – Hosts: 127.0.0.5 www.loudcash.com
O1 – Hosts: 127.0.0.5 www.iframestat.com
O1 – Hosts: 127.0.0.5 www.toolbarpartner.com
O1 – Hosts: 127.0.0.5 www.hqcash.com
O1 – Hosts: 127.0.0.5 www.verybigcash.com
O1 – Hosts: 127.0.0.5 www.makethemcry.com
O1 – Hosts: 127.0.0.5 www.moviepartnership.com
O1 – Hosts: 127.0.0.5 www.callmachine.com
O1 – Hosts: 127.0.0.5 www.regcash.com
O1 – Hosts: 127.0.0.5 www.toolbarpartner.com
O1 – Hosts: 127.0.0.5 www.klikrevenue.com
O1 – Hosts: 127.0.0.5 www.p2dll.com
O1 – Hosts: 127.0.0.5 www.t73.com
O2 – BHO: Yahoo! Toolbar Helper – {02478D38–C3F9–4EFB–9B51–7695ECA05670} – C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\PROGRAM FILES\ADOBE\ACROBAT 5.0 CE\READER\ACTIVEX\ACROIEHELPER.OCX
O3 – Toolbar: @msdxmLC.dll,–1@1045,&Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O3 – Toolbar: Yahoo! Toolbar – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:\PROGRAM FILES\YAHOO!\COMPANION\INSTALLS\CPN\YT.DLL
O4 – HKLM\..\Run: [internat.exe] internat.exe
O4 – HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 – HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 – HKLM\..\Run: [PCHealth] C:\WINDOWS.000\PCHealth\Support\PCHSchd.exe –s
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\Run: [avgctrl] "C:\Program Files\AntiVir PersonalEdition Classic\avgctrl.exe" /min
O4 – HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"
O4 – HKLM\..\Run: [LXCGCATS] rundll32 C:\WINDOWS.000\SYSTEM\LXCGtime.dll,_RunDLLEntry@16
O4 – HKLM\..\Run: [lxcgmon.exe] "C:\Program Files\Lexmark 2300 Series\lxcgmon.exe"
O4 – HKLM\..\Run: [EzPrint] "C:\Program Files\Lexmark 2300 Series\ezprint.exe"
O4 – HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 – HKLM\..\Run: [SysTray] C:\PROGRAM FILES\TRXRTIGX.EXE
O4 – HKLM\..\Run: [tetriz3] C:\WINDOWS.000\SYSTEM\tetriz3.exe
O4 – HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 – HKLM\..\RunServices: [*StateMgr] C:\WINDOWS.000\System\Restore\StateMgr.exe
O4 – HKLM\..\RunServices: [schedm] "C:\Program Files\AntiVir PersonalEdition Classic\schedm.exe"
O4 – HKLM\..\RunServices: [tetriz3] C:\WINDOWS.000\SYSTEM\tetriz3.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\PROGRAM FILES\GADU–GADU\GG.EXE" /tray
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 – HKCU\..\Run: [pro] C:\WINSTALL.EXE
O4 – HKCU\..\Run: [tetriz3] C:\WINDOWS.000\SYSTEM\tetriz3.exe
O4 – HKCU\..\RunServices: [Gadu–Gadu] "C:\PROGRAM FILES\GADU–GADU\GG.EXE" /tray
O4 – HKCU\..\RunServices: [Windows installer] C:\winstall.exe
O4 – HKCU\..\RunServices: [pro] C:\WINSTALL.EXE
O4 – HKCU\..\RunServices: [tetriz3] C:\WINDOWS.000\SYSTEM\tetriz3.exe
O4 – Startup: OpenOffice.org 1.1.3.lnk = C:\Program Files\OpenOffice.org1.1.3\program\quickstart.exe
O4 – Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS.000\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:\WINDOWS.000\web\related.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\PROGRA~1\MESSEN~1\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: MSN Messenger Service – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\PROGRA~1\MESSEN~1\MSMSGS.EXE