Kto pomoze PILNIE blondynce w logu? PLISSS

IP: *.tosa.pl 14.07.05, 09:24
To moj log...
Prosze napiszcie mi BARDZO PROSZE!!! Co usunac??? To pilne, bo to komp w
pracy! Bede wdzieczna do kona zycia! I co zrobic dalej (wiem, ze juz
bylo ...)

Logfile of HijackThis v1.99.1
Scan saved at 09:19:20, on 2005-07-14
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NORTON~1\navapw32.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
C:\WINDOWS\System32\paytime.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\System32\paytime.exe
C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\System32\newdial1.exe
C:\WINDOWS\System32\newdial1.exe
C:\Program Files\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
195.95.218.172/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
195.95.218.172/index.php
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
195.95.218.172/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
195.95.218.172/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
195.95.218.172/index.php
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
195.95.218.172/index.php
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} -
C:\WINDOWS\drexinit.dll
O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} -
C:\WINDOWS\System32\zolker004.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
Files\Norton AntiVirus\NavShExt.dll
O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} -
C:\WINDOWS\System32\ztoolb004.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: ZToolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} -
C:\WINDOWS\System32\ztoolb004.dll
O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
Imaging\\Unload\hpqcmon.exe
O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program Files\Hewlett-
Packard\HP Share-to-Web\hpgs2wnd.exe
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted IP range: 81.222.131.59
O15 - Trusted IP range: 81.222.131.59 (HKLM)
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O21 - SSODL: DCOM Server - {2c1cd3d7-86ac-4068-93bc-a02304bb8c34} -
C:\WINDOWS\System32\msdcom32.dll
O21 - SSODL: DCOM Server - {2c1cd3d7-86ac-4068-93bc-a02304bb8c34} -
C:\WINDOWS\System32\msdcom32.dll
O21 - SSODL: EXAhLFx - {AC392B35-0693-819F-2749-DB7A9FB2986C} -
C:\WINDOWS\System32\edv.dll (file missing)
O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINDOWS\svchost.exe
O23 - Service: Usługa Autoochrony w programie Norton AntiVirus (navapsvc) -
Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

    • Gość: Kolobos Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.warszawa.sdi.tpnet.pl 14.07.05, 10:39
      Skan i usuwanie wszystkiego tym:
      download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
      Uzyj tez tego:
      www.searchengines.pl/phpbb203/index.php?
      s=5debf1bfeab0c89e54567f66c39699f0&act=Attach&type=post&id=459



      W hijackthis to:

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      195.95.218.172/index.php
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
      195.95.218.172/index.php
      R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      195.95.218.172/index.php
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
      195.95.218.172/index.php
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      195.95.218.172/index.php
      R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
      195.95.218.172/index.php
      O2 - BHO: (no name) - {A0269420-A638-4509-889C-8FC3CC85DA7E} -
      C:\WINDOWS\drexinit.dll
      O2 - BHO: (no name) - {B75F75B8-93F3-429D-FF34-660B206D897A} -
      C:\WINDOWS\System32\zolker004.dll
      O2 - BHO: ZToolbar Activator Class - {FFF5092F-7172-4018-827B-FA5868FB0478} -
      C:\WINDOWS\System32\ztoolb004.dll
      O3 - Toolbar: ZToolbar - {A6790AA5-C6C7-4BCF-A46D-0FDAC4EA90EB} -
      C:\WINDOWS\System32\ztoolb004.dll
      O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
      O4 - HKCU\..\Run: [PayTime] C:\WINDOWS\System32\paytime.exe
      O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
      C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
      00aa003c157a} - C:\WINDOWS\web\related.htm
      O15 - Trusted Zone: *.blazefind.com
      O15 - Trusted Zone: *.clickspring.net
      O15 - Trusted Zone: *.flingstone.com
      O15 - Trusted Zone: *.mt-download.com
      O15 - Trusted Zone: *.my-internet.info
      O15 - Trusted Zone: *.searchbarcash.com
      O15 - Trusted Zone: *.searchmiracle.com
      O15 - Trusted Zone: *.skoobidoo.com
      O15 - Trusted Zone: *.slotch.com
      O15 - Trusted Zone: *.slotchbar.com
      O15 - Trusted Zone: *.windupdates.com
      O15 - Trusted Zone: *.xxxtoolbar.com
      O15 - Trusted Zone: *.ysbweb.com
      O15 - Trusted Zone: *.blazefind.com (HKLM)
      O15 - Trusted Zone: *.clickspring.net (HKLM)
      O15 - Trusted Zone: *.flingstone.com (HKLM)
      O15 - Trusted Zone: *.mt-download.com (HKLM)
      O15 - Trusted Zone: *.my-internet.info (HKLM)
      O15 - Trusted Zone: *.searchbarcash.com (HKLM)
      O15 - Trusted Zone: *.searchmiracle.com (HKLM)
      O15 - Trusted Zone: *.skoobidoo.com (HKLM)
      O15 - Trusted Zone: *.slotch.com (HKLM)
      O15 - Trusted Zone: *.slotchbar.com (HKLM)
      O15 - Trusted Zone: *.windupdates.com (HKLM)
      O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
      O15 - Trusted Zone: *.ysbweb.com (HKLM)
      O15 - Trusted IP range: 81.222.131.59
      O15 - Trusted IP range: 81.222.131.59 (HKLM)
      O21 - SSODL: DCOM Server - {2c1cd3d7-86ac-4068-93bc-a02304bb8c34} -
      C:\WINDOWS\System32\msdcom32.dll
      O21 - SSODL: DCOM Server - {2c1cd3d7-86ac-4068-93bc-a02304bb8c34} -
      C:\WINDOWS\System32\msdcom32.dll
      O21 - SSODL: EXAhLFx - {AC392B35-0693-819F-2749-DB7A9FB2986C} -
      C:\WINDOWS\System32\edv.dll (file missing)
      O23 - Service: svchost.exe (moto) - Unknown owner - C:\WINDOWS\svchost.exe

      Zamykasz w menadzerze zadan te procesy (jak sa) i usuwasz te pliki z dysku:

      C:\WINDOWS\svchost.exe
      C:\WINDOWS\System32\paytime.exe
      C:\WINDOWS\System32\newdial1.exe
      C:\WINDOWS\drexinit.dll
      C:\WINDOWS\System32\ztoolb004.dll
      C:\winstall.exe
      C:\WINDOWS\System32\msdcom32.dll

      Jakby dll'e nie chcialy sie skasowac to wpisz w start->uruchom:
      regsvr32 /u C:\WINDOWS\System32\msdcom32.dll
      i dopiero kasuj.

      Po wszystkim wklej nowy log.
      • Gość: Nena25 Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.tosa.pl 14.07.05, 13:00
        DZIEKUJE CI BARDZO ZA PROBE POMOCY!!!:) TAK JAK NAPISALES POUSUWALAM.JEDNAK NIE
        WSZYSTKO POSZLO.Bez problemy poszlo ze strona - tapeta i z tool barami i tymi
        tam...tym paskiem;) Jednak najgorszy byl ten trojan w WINOWS SVCHOST :-( Co go
        zamykalam to mi sie caly system zamykal...
        Pozniej przyszedl znajomy i poradzil Przywracanie systemu... i dziala wszystko
        ok. Przeskanowalam programami i nic nie wykrylo. Czy to wystarczy? dziekuje Ci
        za pomoc.Jesli moge sie jakos odwdzieczyc to napisz. Moze chcialbys jakies mp3?
        Pozdrawiam:) kate2004@o2.pl
        • Gość: Kolobos Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.warszawa.sdi.tpnet.pl 14.07.05, 15:25
          Pewnie zamykalas nie ten svchost co potrzeba bo jeden to proces systemowy i nie
          nalezy go zamykac, a drugi to byl trojan ;-)
          • Gość: Nena25 Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: 82.160.17.* 14.07.05, 15:46
            Tam bylo az 5 tych plikow... :)) Zamykalam po kolei ;) Ale myslisz ze to
            przywrocenie systemu pomoze? Jakby co to podaj mi maila w razie czego sie
            odezwe;) Dzieki za wszystko poki co.
            • Gość: Kolobos Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.warszawa.sdi.tpnet.pl 14.07.05, 16:48
              Wklej nowy log to Ci powiem czy jest ok.
              Wystarczy, ze napiszesz na forum, mail jest zbedny.
              • Gość: Nena25 Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.tosa.pl 15.07.05, 09:06
                KOCHANY KOLOMBUSIE!!!
                To moj, powiedz czy cos jeszcze wypieprzyc. Sadze, ze nie jest jeszcze do konca
                ok....Niby wszystko dziala, ale az sie boje. Zainstalowalam sobie inna
                przegladarke bo na IE jest podobno duzo tych swinstw. Wklejam loga. napisz co
                usunac teraz. I DZIEKI Z GORY!MILEGO DNIA.
                Logfile of HijackThis v1.99.1
                Scan saved at 09:02:23, on 2005-07-15
                Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
                MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                Running processes:
                C:\WINDOWS\System32\smss.exe
                C:\WINDOWS\system32\winlogon.exe
                C:\WINDOWS\system32\services.exe
                C:\WINDOWS\system32\lsass.exe
                C:\WINDOWS\system32\svchost.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\system32\spoolsv.exe
                C:\Program Files\Norton AntiVirus\navapsvc.exe
                C:\WINDOWS\System32\svchost.exe
                C:\WINDOWS\Explorer.EXE
                C:\PROGRA~1\NORTON~1\navapw32.exe
                C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
                C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                C:\WINDOWS\System32\ctfmon.exe
                C:\Program Files\Messenger\msmsgs.exe
                C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
                C:\WINDOWS\System32\wuauclt.exe
                D:\programy\hijackthis\HijackThis.exe

                R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/
                R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
                O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
                C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
                O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
                Files\Norton AntiVirus\NavShExt.dll
                O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
                C:\WINDOWS\System32\msdxm.ocx
                O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
                C:\Program Files\Norton AntiVirus\NavShExt.dll
                O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
                O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
                /Consumer
                O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
                O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
                Imaging\\Unload\hpqcmon.exe
                O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
                Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
                Shared\Security Center\UsrPrmpt.exe
                O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
                O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
                Office\Office\OSA9.EXE
                O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -
                %windir%\bdoscandel.exe (file missing)
                O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
                {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
                O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
                C:\WINDOWS\web\related.htm
                O9 - Extra 'Tools' menuitem: Show &Related Links -
                {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
                O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
                www.netsecure.pl/scan8/oscan8.cab
                O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
                skaner.mks.com.pl/SkanerOnline.cab
                O23 - Service: Usługa Autoochrony w programie Norton AntiVirus (navapsvc) -
                Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
                O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
                C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
                O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation
                - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
                Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

                Pozatym boje sie o tego SVOCHSTA czy jak mu tam bylo;)
                • Gość: Kolobos Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.warszawa.sdi.tpnet.pl 15.07.05, 12:57
                  Do kasacji tylko to:

                  O9 - Extra button: (no name) - {85d1f590-48f4-11d9-9669-0800200c9a66} -
                  %windir%\bdoscandel.exe (file missing)
                  O9 - Extra 'Tools' menuitem: Uninstall BitDefender Online Scanner v8 -
                  {85d1f590-48f4-11d9-9669-0800200c9a66} - %windir%\bdoscandel.exe (file missing)
                  O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
                  C:\WINDOWS\web\related.htm
                  O9 - Extra 'Tools' menuitem: Show &Related Links -
                  {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
                  O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) -
                  www.netsecure.pl/scan8/oscan8.cab

                  Ale wszystko i tak jest ok, zainstaluj sobie tez:
                  download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
                  • Gość: Nena25 Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.tosa.pl 15.07.05, 13:12
                    Ja juz myslalam, ze Ty na weekend wyjechales:-(((... Skasowalam i wklejam loga.
                    A ten SVOCHST to chybe nie ten wirus, nie?:))

                    ogfile of HijackThis v1.99.1
                    Scan saved at 13:09:36, on 2005-07-15
                    Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
                    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                    Running processes:
                    C:\WINDOWS\System32\smss.exe
                    C:\WINDOWS\system32\winlogon.exe
                    C:\WINDOWS\system32\services.exe
                    C:\WINDOWS\system32\lsass.exe
                    C:\WINDOWS\system32\svchost.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\WINDOWS\system32\spoolsv.exe
                    C:\Program Files\Norton AntiVirus\navapsvc.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\WINDOWS\Explorer.EXE
                    C:\PROGRA~1\NORTON~1\navapw32.exe
                    C:\Program Files\Hewlett-Packard\Digital Imaging\Unload\hpqcmon.exe
                    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                    C:\WINDOWS\System32\ctfmon.exe
                    C:\Program Files\Messenger\msmsgs.exe
                    C:\Program Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnf.exe
                    C:\WINDOWS\System32\wuauclt.exe
                    D:\programy\hijackthis\HijackThis.exe

                    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.wp.pl/
                    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
                    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
                    C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
                    O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program
                    Files\Norton AntiVirus\NavShExt.dll
                    O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
                    C:\WINDOWS\System32\msdxm.ocx
                    O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
                    C:\Program Files\Norton AntiVirus\NavShExt.dll
                    O4 - HKLM\..\Run: [NAV Agent] C:\PROGRA~1\NORTON~1\navapw32.exe
                    O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
                    /Consumer
                    O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
                    O4 - HKLM\..\Run: [CamMonitor] C:\Program Files\Hewlett-Packard\Digital
                    Imaging\\Unload\hpqcmon.exe
                    O4 - HKLM\..\Run: [Share-to-Web Namespace Daemon] C:\Program
                    Files\Hewlett-Packard\HP Share-to-Web\hpgs2wnd.exe
                    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
                    Shared\Security Center\UsrPrmpt.exe
                    O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
                    O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                    O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
                    Office\Office\OSA9.EXE
                    O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
                    skaner.mks.com.pl/SkanerOnline.cab
                    O23 - Service: Usługa Autoochrony w programie Norton AntiVirus (navapsvc) -
                    Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
                    O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
                    C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
                    O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation
                    - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                    O23 - Service: SymWMI Service (SymWSC) - Symantec Corporation - C:\Program
                    Files\Common Files\Symantec Shared\Security Center\SymWSC.exe

                    DZIEKUJE CI ZA POMOC;-) BEDE PAMIETALA DLUGO TWOJ NICK;) POZDRAWIAM.
                    • Gość: Kolobos Re: Kto pomoze PILNIE blondynce w logu? PLISSS IP: *.warszawa.sdi.tpnet.pl 15.07.05, 13:29
                      Nie to plik systemowy nie ruszaj go :-)
                      Wszystko jest juz ok.
                      • Gość: Nena25 Dzieki KOLUBMUS! IP: *.tosa.pl 15.07.05, 13:53
                        DZIEKI DZIEKI DZIEKI ;)))) Pozdrawiam. A ciekawa jestem czy to Twoje hobby czy
                        zajmujesz sie tym na codzien, ze tak wszystkim pomagasz?:)
    • mbucz Re: Kto pomoze PILNIE blondynce w logu? PLISSS 14.07.05, 10:42
      Dlaczego w co drugim poście ktos pisze to plisss paskudne?
Pełna wersja