Prosze poradzcie co mam wyzucic !!!

03.02.05, 21:31
Logfile of HijackThis v1.99.0
Scan saved at 21:30:40, on 2005-02-03
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.ex e
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\igfxtray.ex e
C:\WINDOWS\System32\hkcmd.exe
C:\Program\Java\j2re1.4.2_03\bi n\jusched.exe
C:\Program\iTunes\iTunesHelper. exe
C:\Program\QuickTime\qttask.exe
C:\Program\Synaptics\SynTP\SynT PLpr.exe
C:\Program\Synaptics\SynTP\SynT PEnh.exe
C:\Program\HP\Digital Imaging\Unload\hpqcmon.exe
C:\Program\HP\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\hphmon05.ex e
C:\Program\Delade filer\Symantec Shared\ccApp.exe
C:\Program\HPQ\Quick Launch Buttons\EabServr.exe
C:\Program\HP\HP Software Update\HPWuSchd2.exe
C:\Program\Messenger\msmsgs.exe
C:\Program\Skype\Phone\Skype.ex e
C:\Program\HP\HP Share-to-Web\hpgs2wnf.exe
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
C:\WINDOWS\System32\gearsec.exe
C:\Program\Norton AntiVirus\navapsvc.exe
C:\Program\Norton AntiVirus\SAVScan.exe
C:\Program\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program\Ulead Systems\Ulead Photo Express 4.0 My Custom
Edition\CalCheck.exe
C:\WINDOWS\System32\svchost.exe
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
C:\Program\Delade filer\Symantec Shared\Security Center\SymWSC.exe
C:\Program\iPod\bin\iPodService .exe
C:\Program\HPQ\SHARED\HPQWMI.ex e
C:\Program\MSN\MSNCoreFiles\msn 6.exe
C:\Program\Gadu-Gadu\gg.exe
C:\Program\Internet Explorer\iexplore.exe
C:\Documents and Settings\KAMILA ADAMSKA\Skrivbord\HijackThis.ex e

R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.onet.pl/
R1 - HKLM\Software\Microsoft\Interne t Explorer\Main,Default_Page_URL =
start.tele2.se
R1 - HKCU\Software\Microsoft\Interne t Connection Wizard,ShellNext =
www.hp.com/
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Microsoft
Internet Explorer - Tele2
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e =
Länkar
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:\Program\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper .ocx
O2 - BHO: CSBrBHO - {96DA5BEE-4ACC-476C-B3EC-54C673 0C4293} -
C:\Program\Comet\Install\Temp\b rbho.dll (file missing)
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} -
C:\Program\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
C:\Program\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.ex e
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program\Java\j2re1.4.2_03
\bin\jusched.exe
O4 - HKLM\..\Run: [iTunesHelper] C:\Program\iTunes\iTunesHelper. exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program\QuickTime\qttask.ex e" -
atboottime
O4 - HKLM\..\Run: [UpdateManager] "C:\Program\Delade filer\Sonic\Update
Manager\sgtray.exe" /r
O4 - HKLM\..\Run: [SynTPLpr] C:\Program\Synaptics\SynTP\SynT PLpr.exe
O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynT PEnh.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program\HP\Digital
Imaging\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program\HP\HP Share-to-
Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [HPHUPD05] c:\Program\HP\{45B6180B-DCAB-40 93-8EE8-
6164457517F0}\hphupd05.exe
O4 - HKLM\..\Run: [HPHmon05] C:\WINDOWS\System32\hphmon05.ex e
O4 - HKLM\..\Run: [ccApp] "C:\Program\Delade filer\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Cpqset] C:\Program\HPQ\Default Settings\cpqset.exe
O4 - HKLM\..\Run: [eabconfg.cpl] C:\Program\HPQ\Quick Launch
Buttons\EabServr.exe /Start
O4 - HKLM\..\Run: [HP Software Update] "C:\Program\HP\HP Software
Update\HPWuSchd2.exe"
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] "C:\Program\Common
Files\Onet.pl\NewAutoUpdate.exe " /updateexetsr
O4 - HKCU\..\Run: [MSMSGS] "C:\Program\Messenger\msmsgs.ex e" /background
O4 - HKCU\..\Run:
[Skype] "C:\Program\Skype\Phone\Skype.e xe" /nosplash /minimized
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program\HP\Digital
Imaging\bin\hpqtra08.exe
O4 - Global Startup: Ulead Photo Express Calendar Checker For My Custom
Edition.lnk = C:\Program\Ulead Systems\Ulead Photo Express 4.0 My Custom
Edition\CalCheck.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:\Program\Java\j2re1.4.2_03\bi n\npjpi142_03.dll
O9 - Extra 'Tools' menuitem: Sun Java-konsol - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program\Java\j2re1.4.2_03\bi n\npjpi142_03.dll
O9 - Extra button: eBay - Homepage - {EF79EAC5-3452-4E02-B8BD-BA4C89 F1AC7A} -
C:\Program\IrfanView\Ebay\Ebay. htm
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F 795683} -
C:\Program\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program\Internet Explorer\Plugins\NPDocBox.dll
O14 - IERESET.INF: START_PAGE_URL=start.tele2.se
O23 - Service: Symantec Event Manager - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation -
C:\Program\Delade filer\Symantec Shared\ccSetMgr.exe
O23 - Service: Gear-säkerhetstjänster - GEAR Software - C:\WINDOWS\System32
\gearsec.exe
O23 - Service: HP WMI Interface - Hewlett Packard Company -
C:\Program\HPQ\SHARED\HPQWMI.ex e
O23 - Service: iPod-tjänst - Apple Computer, Inc. -
C:\Program\iPod\bin\iPodService .exe
O23 - Service: Norton AntiVirus Auto Protect-tjänst - Symantec Corporation -
C:\Program\Norton AntiVirus\navapsvc.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation -
C:\Program\DELADE~1\SYMANT~1\SC RIPT~1\SBServ.exe
O23 - Service: SymWMI Service - Symantec Corporation - C:\Program\Delade
filer\Symantec Shared\Security Center\SymWSC.exe

    • julkaisyn Re: Prosze poradzcie co mam wyrzucic !!! 03.02.05, 21:31
    • julkaisyn !!! 03.02.05, 21:38
      Prosze Was napiszcie mi jeszcze jak mam usunac ....jestem kompletny laik !
    • Gość: piecyk gazowy Re: Prosze poradzcie co mam wyzucic !!! IP: *.tpnet.pl / *.tpnet.pl 03.02.05, 21:57
      Wybierz "Do a system scan", zaznacz poniższe pozycje i wciśnij Fix Checked:

      > O2 - BHO: CSBrBHO - {96DA5BEE-4ACC-476C-B3EC-54C673 0C4293} -
      > C:\Program\Comet\Install\Temp\b rbho.dll (file missing)

      > O4 - HKLM\..\Run: [SynTPLpr] C:\Program\Synaptics\SynTP\SynT PLpr.exe
      > O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynT PEnh.exe
      • Gość: piecyk gazowy Re: Prosze poradzcie co mam wyzucic !!! IP: *.tpnet.pl / *.tpnet.pl 03.02.05, 22:03
        Tego nie wyrzucaj:

        > > O4 - HKLM\..\Run: [SynTPLpr] C:\Program\Synaptics\SynTP\SynT PLpr.exe
        > > O4 - HKLM\..\Run: [SynTPEnh] C:\Program\Synaptics\SynTP\SynT PEnh.exe

        To jest OK.
    • Gość: julkaisyn Dziekuje IP: *.cm-upc.chello.se 03.02.05, 22:41
      a mozesz mi wytlumaczyc co to znaczy to logo i jak czeto powinnam je sprawdzac ?
      • Gość: piecyk gazowy Re: Dziekuje IP: *.tpnet.pl / *.tpnet.pl 03.02.05, 22:54
        To jest wykaz programów, które uruchamiają się wraz ze startem systemu. Czasem
        uruchamiają się robaki, trojany itp. Jeśli wiadomo, które to są wpisy, można je
        wtedy usunąć.

        Sprawdzać można wtedy, gdy coś podejrzanego dzieje się z systemem (spowolni,
        otwierają się ni stąd ni zowąd jakieś okienka itp.).

        Pozdrawiam.
Pełna wersja