Gość: sos IP: *.chello.pl 24.10.05, 09:00 Po wpisaniu w wyszukiwarce tekstu pomyłkowo lub nie znalezieniu go w Internecie od razu zawsze wklejami się ta strona : www.perfectnav.com chciałbym to usunąc jak to zrobić Odpowiedz Link Zgłoś czytaj wygodnie posty
Gość: Kolobos Re: perfectnav.com co to jest IP: *.warszawa.sdi.tpnet.pl 24.10.05, 09:39 Wklej log z hijackthis. Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 14:41 a można jaśniej Odpowiedz Link Zgłoś
neder Re: perfectnav.com co to jest 24.10.05, 14:45 w co drugim poście jest jaśniej ;P www.mgregor.republika.pl pzdr Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 15:03 Logfile of HijackThis v1.99.1 Scan saved at 14:58:45, on 05-10-24 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MDM.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\EXPLORER.EXE C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\V38SHELL.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\PROGRAM FILES\FARSTONE\VIRTUALDRIVE\VDTASK.EXE C:\WINDOWS\VCDPLAYX.EXE C:\PROGRAM FILES\SCANNERU\TBRIDGE\BIN\INSTANTACCESS.EXE C:\PROGRAM FILES\A4TECH\MOUSE\AMOUMAIN.EXE C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE C:\PROGRAM FILES\GADU-GADU\GG.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*http://www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: PerfectNavBHO Class - {0428FFC7-1931-45b7-95CB- 3CBB919777E1} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL F1 - win.ini: run=hpfsched O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: (no name) - {C23A3931-7986-D600-52CD-D52ABEE43493} - (no file) O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O2 - BHO: NavErrRedir Class - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19- A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [V38Shell] V38SHELL.EXE O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore O4 - HKLM\..\Run: [vcdplayx] "C:\WINDOWS\vcdplayx.exe" O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe /h O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4TECH\MOUSE\AMOUMAIN.EXE O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Soltek] C:\WINDOWS\SYSTEM\autorun.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1 \SNDMON.EXE /Consumer O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4 \ashServ.exe O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe" O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Otwórz obraz w programie &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~1\OFFICE\1045\PHDINTL.DLL/phdContext.htm O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRAM FILES\GO!ZILLA\download-with-gozilla.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b- 00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E- 00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll O12 - Plugin for .swf: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin7.dll O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin5.dll O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.searchmiracle.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted Zone: *.blazefind.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.slotch.com O15 - Trusted Zone: *.xxxtoolbar.com O15 - Trusted Zone: *.my-internet.info O15 - Odpowiedz Link Zgłoś
Gość: m Re: perfectnav.com co to jest IP: *.neoplus.adsl.tpnet.pl 24.10.05, 16:53 ale masz syfu!!! doklej pozostałą część loga, bo się nie zmieścił, a zaraz Kolobos się wścieknie :) Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 17:45 O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.static.topconverting.com O15 - Trusted Zone: *.05p.com (HKLM) O15 - Trusted Zone: *.searchmiracle.com (HKLM) O15 - Trusted Zone: *.clickspring.net (HKLM) O15 - Trusted Zone: *.blazefind.com (HKLM) O15 - Trusted Zone: *.mt-download.com (HKLM) O15 - Trusted Zone: *.flingstone.com (HKLM) O15 - Trusted Zone: *.slotch.com (HKLM) O15 - Trusted Zone: *.xxxtoolbar.com (HKLM) O15 - Trusted Zone: *.my-internet.info (HKLM) O15 - Trusted Zone: *.scoobidoo.com (HKLM) O15 - Trusted Zone: *.searchbarcash.com (HKLM) O15 - Trusted Zone: *.awmdabest.com (HKLM) O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted Zone: *.static.topconverting.com (HKLM) O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: 206.161.125.149 (HKLM) O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM) O16 - DPF: {A67BA5E3-5B79-11D6-A711-00C12601EADE} - erotyka.to.sex.pl/sex_bez_granic.exe O16 - DPF: BSK Online - ssl.bsk.com.pl/component/BSKOnl.cab O16 - DPF: komentator - sport.onet.pl/komentator.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - www.cult3d.com/download/cult.cab O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab O16 - DPF: {342999A3-728D-4DF6-BB81-CDD1A743096A} (MRActivXUI Class) - comp.mediaring.com/consumer/pcphone/ver5.4.4.0/wbaxuiph544.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c282.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - tools.ebayimg.com/eps/activex/EPUWALControl_v1-0-3-18.cab Odpowiedz Link Zgłoś
Gość: Kolobos Re: perfectnav.com co to jest IP: *.warszawa.sdi.tpnet.pl 24.10.05, 18:29 Odinstaluj nortona i tak Ci do niczego nie potrzebny. Uzyj: www.searchengines.pl/phpbb203/index.php?act=Attach&type=post&id=459 Opis usuwania CWS'a tutaj: www.searchengines.pl/phpbb203/index.php?showtopic=14185&st=45entry87957 Usun w hijackthis: R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = res://C:\WINDOWS\bbspn.dll/sp.html#12345 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = red.clientapps.yahoo.com/customize/ycomp_wave/defaults/su/*www.yahoo.com R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: PerfectNavBHO Class - {0428FFC7-1931-45b7-95CB- 3CBB919777E1} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL <- odinstaluj o ile sie da i usun katalog PerfectNav O2 - BHO: (no name) - {C23A3931-7986-D600-52CD-D52ABEE43493} - (no file) O2 - BHO: NavErrRedir Class - {0428FFC7-1931-45b7-95CB-3CBB919777E1} - C:\PROGRA~1\PERFEC~1\BHO\PERFEC~1.DLL O4 - HKLM\..\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe <- kasujesz caly katalog Media Access O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b- 00aa003c157a} - C:\WINDOWS\web\related.htm Wszystkie O15: O15 - Trusted Zone: *.05p.com O15 - Trusted Zone: *.searchmiracle.com O15 - Trusted Zone: *.clickspring.net O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: 206.161.125.149 (HKLM) O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone O15 - ProtocolDefaults: 'http' protocol is in My Computer Zone, should be Internet Zone (HKLM) O16 - DPF: {A67BA5E3-5B79-11D6-A711-00C12601EADE} - erotyka.to.sex.pl/sex_bez_granic.exe O16 - DPF: {342999A3-728D-4DF6-BB81-CDD1A743096A} (MRActivXUI Class) - comp.mediaring.com/consumer/pcphone/ver5.4.4.0/wbaxuiph544.cab O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - static.windupdates.com/cab/MediaAccessVerisign/ie/bridge-c282.cab O16 - DPF: {4C39376E-FA9D-4349-BACC-D305C1750EF3} (EPUImageControl Class) - tools.ebayimg.com/eps/activex/EPUWALControl_v1-0-3-18.cab Przeskanuj tez tym o ile dziala pod 98: download.ewido.net/ewido-setup.exe <- zrob update przed skanowaniem, po przeskanowaniu odinstaluj. Oraz zainstaluj to: www.safer-networking.org/pl/mirrors/index.html <- SpyBot S&D -> przeskanuj i wlacz ochrone przegladarki www.javacoolsoftware.com/spywareblaster.html <- SpywareBlaster -> wlacz ochrone przegladarki www.wilderssecurity.net/spywareguard.html <- SpywareGuard Po wszystkim wklej nowy log. Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 20:08 Nie ze wszystkim sobie poradziłem, ale zobacz teraz jak to wygląda: Logfile of HijackThis v1.99.1 Scan saved at 20:05:54, on 05-10-24 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MDM.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\MSTASK.EXE C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAM FILES\NORTON INTERNET SECURITY\ISSVC.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPROXY.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\WINDOWS\V38SHELL.EXE C:\WINDOWS\SYSTEM\RPCSS.EXE C:\PROGRAM FILES\FARSTONE\VIRTUALDRIVE\VDTASK.EXE C:\WINDOWS\VCDPLAYX.EXE C:\PROGRAM FILES\SCANNERU\TBRIDGE\BIN\INSTANTACCESS.EXE C:\PROGRAM FILES\A4TECH\MOUSE\AMOUMAIN.EXE C:\PROGRAM FILES\AHEAD\INCD\INCD.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCPD-LC\SYMLCSVC.EXE C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE C:\PROGRAM FILES\GADU-GADU\GG.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SNDSRVC.EXE C:\PROGRAM FILES\OUTLOOK EXPRESS\MSIMN.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\WBEM\WINMGMT.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\NORTON INTERNET SECURITY\NORTON ANTIVIRUS\OPSCAN.EXE C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.onet.pl/ F1 - win.ini: run=hpfsched O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: Norton Internet Security - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19- A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll O4 - HKLM\..\Run: [internat.exe] internat.exe O4 - HKLM\..\Run: [SystemTray] SysTray.Exe O4 - HKLM\..\Run: [V38Shell] V38SHELL.EXE O4 - HKLM\..\Run: [VirtualDrive] "C:\Program Files\FarStone\VirtualDrive\VDTask.exe" /AutoRestore O4 - HKLM\..\Run: [vcdplayx] "C:\WINDOWS\vcdplayx.exe" O4 - HKLM\..\Run: [InstantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe /h O4 - HKLM\..\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM\..\Run: [ICSMGR] ICSMGR.EXE O4 - HKLM\..\Run: [Zasobnik systemowy] SysTray.Exe O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\Run: [WheelMouse] C:\PROGRA~1\A4TECH\MOUSE\AMOUMAIN.EXE O4 - HKLM\..\Run: [InCD] C:\Program Files\Ahead\InCD\InCD.exe O4 - HKLM\..\Run: [Soltek] C:\WINDOWS\SYSTEM\autorun.exe O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe" O4 - HKLM\..\Run: [Symantec Core LC] C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe start O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1 \SNDMON.EXE /Consumer O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE O4 - HKLM\..\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM\..\RunServices: [RNBOStart] C:\WINDOWS\SYSTEM\RNBOSENT\SENTSTRT.EXE O4 - HKLM\..\RunServices: [Machine Debug Manager] C:\WINDOWS\SYSTEM\MDM.EXE O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4 \ashServ.exe O4 - HKLM\..\RunServices: [ccEvtMgr] "C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe" O4 - HKLM\..\RunServices: [ccSetMgr] "C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe" O4 - HKLM\..\RunServices: [ISSVC] "C:\Program Files\Norton Internet Security\ISSVC.exe" O4 - HKLM\..\RunServices: [ccProxy] C:\Program Files\Common Files\Symantec Shared\ccProxy.exe O4 - HKLM\..\RunServices: [ScriptBlocking] "C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe" -reg O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray O4 - Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O8 - Extra context menu item: Otwórz obraz w programie &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~1\OFFICE\1045\PHDINTL.DLL/phdContext.htm O8 - Extra context menu item: Download with Go!Zilla - file://C:\PROGRAM FILES\GO!ZILLA\download-with-gozilla.html O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O9 - Extra 'Tools' menuitem: MSN Messenger Service - {FB5F1910-F110-11d2-BB9E- 00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O12 - Plugin for .mpeg: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin4.dll O12 - Plugin for .swf: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin7.dll O12 - Plugin for .mp3: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin5.dll O15 - Trusted Zone: *.blazefind.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.slotch.com O15 - Trusted Zone: *.xxxtoolbar.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.static.topconverting.com O15 - Trusted Zone: *.05p.com (HKLM) O15 - Trusted Zone: *.searchmiracle.com (HKLM) O15 - Trusted Zone: *.blazefind.com (HKLM) O15 - Trusted Zone: *.mt-download.com (HKLM) O15 - Trusted Zone: *.flingstone.com (HKLM) O15 - Trusted Zone: *.slotch.com (HKLM) O15 - Trusted Zone: *.xxxtoolbar.com (HKLM) O15 - Trusted Zone: *.my-internet.info (HKLM) O15 - Trusted Zone: *.scoobidoo.com (HKLM) O15 - Trusted Zone: *.searchbarcash.com (HKLM) O15 - Trusted Zone: *.awmdabest.com (HKLM) O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted Zone: *.static.topconverting.com (HKLM) O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: 206.161.125.149 (HKLM) O16 - DPF: BSK Online - ssl.bsk.com.pl/component/BSKOnl.cab O16 - DPF: komentator - sport.onet.pl/komentator.cab O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - www.cult3d.com/download/cult.cab O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 20:11 Usunąć wszystkie O15 czy tylko wymienione, czy usówać w hijackthis można w trybie normalnym czy TYLKO w awaryjnym????? Odpowiedz Link Zgłoś
Gość: Kolobos Re: perfectnav.com co to jest IP: *.icm.edu.pl / *.icm.edu.pl 24.10.05, 20:45 Przeciez wyraznie napisalem "Wszystkie O15" wiec czemu pytasz? Zreszta miales uzyc: www.searchengines.pl/phpbb203/index.php?act=Attach&type=post&id=459 To by usunelo wszystkie trusted. Usun: O15 - Trusted Zone: *.blazefind.com O15 - Trusted Zone: *.mt-download.com O15 - Trusted Zone: *.flingstone.com O15 - Trusted Zone: *.slotch.com O15 - Trusted Zone: *.xxxtoolbar.com O15 - Trusted Zone: *.my-internet.info O15 - Trusted Zone: *.scoobidoo.com O15 - Trusted Zone: *.searchbarcash.com O15 - Trusted Zone: *.awmdabest.com O15 - Trusted Zone: *.frame.crazywinnings.com O15 - Trusted Zone: *.static.topconverting.com O15 - Trusted Zone: *.05p.com (HKLM) O15 - Trusted Zone: *.searchmiracle.com (HKLM) O15 - Trusted Zone: *.blazefind.com (HKLM) O15 - Trusted Zone: *.mt-download.com (HKLM) O15 - Trusted Zone: *.flingstone.com (HKLM) O15 - Trusted Zone: *.slotch.com (HKLM) O15 - Trusted Zone: *.xxxtoolbar.com (HKLM) O15 - Trusted Zone: *.my-internet.info (HKLM) O15 - Trusted Zone: *.scoobidoo.com (HKLM) O15 - Trusted Zone: *.searchbarcash.com (HKLM) O15 - Trusted Zone: *.awmdabest.com (HKLM) O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) O15 - Trusted Zone: *.static.topconverting.com (HKLM) O15 - Trusted IP range: 206.161.125.149 O15 - Trusted IP range: 206.161.125.149 (HKLM) Odpowiedz Link Zgłoś
Gość: sos Re: perfectnav.com co to jest IP: *.chello.pl 24.10.05, 20:56 Usunołem, dzięki i przepraszam za kłopot Odpowiedz Link Zgłoś