Bardzo proszę o sprawdzenie loga

05.11.05, 10:25
Z góry dziękuję:)

Logfile of HijackThis v1.99.1
Scan saved at 10:21:05, on 2005-11-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Norton Internet Security\ISSVC.exe
C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
Transitional//EN" "www.w3.org/TR/html4/loose.dtd">
O1 - Hosts: <html>
O1 - Hosts: <head>
O1 - Hosts: <title>
O1 - Hosts: servicemasters.biz
O1 - Hosts: </title>
O1 - Hosts: <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
O1 - Hosts: <meta name="CODE_LANGUAGE" Content="C#">
O1 - Hosts: <meta name="vs_defaultClientScript" content="JavaScript">
O1 - Hosts: <meta name="vs_targetSchema"
content="schemas.microsoft.com/intellisense/ie5">
O1 - Hosts: <meta name="robots" content="index,follow">
O1 - Hosts: <meta name="language" content="en">
O1 - Hosts: <meta name="keywords" content="vacation,packages,hotels">
O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-
8859-1">
O1 - Hosts: <link href="/css/pstyleGeneric0101.css" rel="stylesheet"
type="text/css">
O1 - Hosts: <script language="JavaScript">
O1 - Hosts: <!--
O1 - Hosts: function SymError()
O1 - Hosts: {
O1 - Hosts: return true;
O1 - Hosts: }
O1 - Hosts: window.onerror = SymError;
O1 - Hosts: var SymRealWinOpen = window.open;
O1 - Hosts: function SymWinOpen(url, name, attributes)
O1 - Hosts: {
O1 - Hosts: return (new Object());
O1 - Hosts: }
O1 - Hosts: window.open = SymWinOpen;
O1 - Hosts: //-->
O1 - Hosts: </script>
O1 - Hosts: <script>
O1 - Hosts: var mydate=new Date()
O1 - Hosts: var year=mydate.getYear()
O1 - Hosts: if (year < 1000)
O1 - Hosts: year+=1900
O1 - Hosts: var day=mydate.getDay()
O1 - Hosts: var month=mydate.getMonth()
O1 - Hosts: var daym=mydate.getDate()
O1 - Hosts: if (daym<10)
O1 - Hosts: daym="0"+daym
O1 - Hosts: var dayarray=new Array
("Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday")
O1 - Hosts: var montharray=new Array
("January","February","March","April","May","June","July","August","September"
,"October","November","December")
O1 - Hosts: var d=(dayarray[day]+", "+montharray[month]+" "+daym+", "+year)
O1 - Hosts: </script>
O1 - Hosts: </head>
O1 - Hosts: <body>
O1 - Hosts: <form id="parking_form" method="get" action="/Default.aspx">
O1 - Hosts: <!
    • Gość: m Re: Bardzo proszę o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 05.11.05, 10:48
      hm..no niestety znowu log na tyle zaśmiecony że nie wszedł w całości. Wklej go
      jeszcze raz.
    • asienka83 Re: Bardzo proszę o sprawdzenie loga 05.11.05, 10:53
      Wklejam ponownie mam nadzieje że teraz będzie w całości.
      Logfile of HijackThis v1.99.1
      Scan saved at 10:21:05, on 2005-11-05
      Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Norton Internet Security\ISSVC.exe
      C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
      C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Gadu-Gadu\gg.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
      C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
      O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
      Transitional//EN" "www.w3.org/TR/html4/loose.dtd">
      O1 - Hosts: <html>
      O1 - Hosts: <head>
      O1 - Hosts: <title>
      O1 - Hosts: servicemasters.biz
      O1 - Hosts: </title>
      O1 - Hosts: <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
      O1 - Hosts: <meta name="CODE_LANGUAGE" Content="C#">
      O1 - Hosts: <meta name="vs_defaultClientScript" content="JavaScript">
      O1 - Hosts: <meta name="vs_targetSchema"
      content="schemas.microsoft.com/intellisense/ie5">
      O1 - Hosts: <meta name="robots" content="index,follow">
      O1 - Hosts: <meta name="language" content="en">
      O1 - Hosts: <meta name="keywords" content="vacation,packages,hotels">
      O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-
      8859-1">
      O1 - Hosts: <link href="/css/pstyleGeneric0101.css" rel="stylesheet"
      type="text/css">
      O1 - Hosts: <script language="JavaScript">
      O1 - Hosts: <!--
      O1 - Hosts: function SymError()
      O1 - Hosts: {
      O1 - Hosts: return true;
      O1 - Hosts: }
      O1 - Hosts: window.onerror = SymError;
      O1 - Hosts: var SymRealWinOpen = window.open;
      O1 - Hosts: function SymWinOpen(url, name, attributes)
      O1 - Hosts: {
      O1 - Hosts: return (new Object());
      O1 - Hosts: }
      O1 - Hosts: window.open = SymWinOpen;
      O1 - Hosts: //-->
      O1 - Hosts: </script>
      O1 - Hosts: <script>
      O1 - Hosts: var mydate=new Date()
      O1 - Hosts: var year=mydate.getYear()
      O1 - Hosts: if (year < 1000)
      O1 - Hosts: year+=1900
      O1 - Hosts: var day=mydate.getDay()
      O1 - Hosts: var month=mydate.getMonth()
      O1 - Hosts: var daym=mydate.getDate()
      O1 - Hosts: if (daym<10)
      O1 - Hosts: daym="0"+daym
      O1 - Hosts: var dayarray=new Array
      ("Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday")
      O1 - Hosts: var montharray=new Array
      ("January","February","March","April","May","June","July","August","September","
      October","November","December")
      O1 - Hosts: var d=(dayarray[day]+", "+montharray[month]+" "+daym+", "+year)
      O1 - Hosts: </script>
      O1 - Hosts: </head>
      O1 - Hosts: <body>
      O1 - Hosts: <form id="parking_form" method="get" action="/Default.aspx">
      O1 - Hosts: <!
      • Gość: m Re: Bardzo proszę o sprawdzenie loga IP: *.neoplus.adsl.tpnet.pl 05.11.05, 11:00
        :)
        musisz go podzielić na kilka postów, w jednym wszystko się nie zmieści...
    • asienka83 Re: Bardzo proszę o sprawdzenie loga 05.11.05, 11:19
      Brdzo przepraszam musiałam trochę poszukać gdzie mi sie to urwało i wklejam
      jeszcze raz:


      Logfile of HijackThis v1.99.1
      Scan saved at 10:21:05, on 2005-11-05
      Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
      MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

      Running processes:
      C:\WINDOWS\System32\smss.exe
      C:\WINDOWS\system32\winlogon.exe
      C:\WINDOWS\system32\services.exe
      C:\WINDOWS\system32\lsass.exe
      C:\WINDOWS\system32\svchost.exe
      C:\WINDOWS\System32\svchost.exe
      C:\WINDOWS\system32\spoolsv.exe
      C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      C:\Program Files\Norton Internet Security\ISSVC.exe
      C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
      C:\WINDOWS\System32\nvsvc32.exe
      C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
      C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
      C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
      C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
      C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
      C:\WINDOWS\SOUNDMAN.EXE
      C:\Program Files\Common Files\Symantec Shared\ccApp.exe
      C:\Program Files\Messenger\msmsgs.exe
      C:\WINDOWS\explorer.exe
      C:\Program Files\Gadu-Gadu\gg.exe
      C:\Program Files\Internet Explorer\iexplore.exe
      C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
      C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
      O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
      Transitional//EN" "www.w3.org/TR/html4/loose.dtd">
      O1 - Hosts: <html>
      O1 - Hosts: <head>
      O1 - Hosts: <title>
      O1 - Hosts: servicemasters.biz
      O1 - Hosts: </title>
      O1 - Hosts: <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
      O1 - Hosts: <meta name="CODE_LANGUAGE" Content="C#">
      O1 - Hosts: <meta name="vs_defaultClientScript" content="JavaScript">
      O1 - Hosts: <meta name="vs_targetSchema"
      content="schemas.microsoft.com/intellisense/ie5">
      O1 - Hosts: <meta name="robots" content="index,follow">
      O1 - Hosts: <meta name="language" content="en">
      O1 - Hosts: <meta name="keywords" content="vacation,packages,hotels">
      O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-
      8859-1">
      O1 - Hosts: <link href="/css/pstyleGeneric0101.css" rel="stylesheet"
      type="text/css">
      O1 - Hosts: <script language="JavaScript">
      O1 - Hosts: <!--
      O1 - Hosts: function SymError()
      O1 - Hosts: {
      O1 - Hosts: return true;
      O1 - Hosts: }
      O1 - Hosts: window.onerror = SymError;
      O1 - Hosts: var SymRealWinOpen = window.open;
      O1 - Hosts: function SymWinOpen(url, name, attributes)
      O1 - Hosts: {
      O1 - Hosts: return (new Object());
      O1 - Hosts: }
      O1 - Hosts: window.open = SymWinOpen;
      O1 - Hosts: //-->
      O1 - Hosts: </script>
      O1 - Hosts: <script>
      O1 - Hosts: var mydate=new Date()
      O1 - Hosts: var year=mydate.getYear()
      O1 - Hosts: if (year < 1000)
      O1 - Hosts: year+=1900
      O1 - Hosts: var day=mydate.getDay()
      O1 - Hosts: var month=mydate.getMonth()
      O1 - Hosts: var daym=mydate.getDate()
      O1 - Hosts: if (daym<10)
      O1 - Hosts: daym="0"+daym
      O1 - Hosts: var dayarray=new Array
      ("Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday")
      O1 - Hosts: var montharray=new Array
      ("January","February","March","April","May","June","July","August","September","
      October","November","December")
      O1 - Hosts: var d=(dayarray[day]+", "+montharray[month]+" "+daym+", "+year)
      O1 - Hosts: </script>
      O1 - Hosts: </head>
      O1 - Hosts: <body>
      O1 - Hosts: <form id="parking_form" method="get" action="/Default.aspx">
      O1 - Hosts: <!
    • asienka83 Re: Bardzo proszę o sprawdzenie loga 05.11.05, 11:22
      Ja juz nie mogę i znowu nie dokońca sie wkleiło wklejam ta końcówke której
      brakuje.Prosze nie gniewajcie się na mnie:(



      O1 - Hosts: <a href='/buy/vacation/packages/hotels/hotels.htm'
      title='Hotels'>Hotels</a><a
      href='/buy/vacation/packages/hotels/cheap_flights.htm' title='Cheap
      Flights'>Cheap Flights</a><a
      href='/buy/vacation/packages/hotels/cruise_lines.htm' title='Cruise
      Lines'>Cruise Lines</a><a
      href='/buy/vacation/packages/hotels/golf_vacations.htm' title='Golf
      Vacations'>Golf Vacations</a><a
      href='/buy/vacation/packages/hotels/music_downloads.htm' title='Music
      Downloads'>Music Downloads</a><a
      href='/buy/vacation/packages/hotels/concert_tickets.htm' title='Concert
      Tickets'>Concert Tickets</a><a
      href='/buy/vacation/packages/hotels/book_clubs.htm' title='Book Clubs'>Book
      Clubs</a><a href='/buy/vacation/packages/hotels/movie_tickets.htm' title='Movie
      Tickets'>Movie Tickets</a><a href='/buy/vacation/packages/hotels/dvds.htm'
      title='DVDs'>DVDs</a><a
      href='/buy/vacation/packages/hotels/medical_insurance.htm' title='Medical
      Insurance'>Medical Insurance</a><a
      href='/buy/vacation/packages/hotels/medical_supplies.htm' title='Medical
      O1 - Hosts: </div></div></div></div>
      O1 - Hosts: </td>
      O1 - Hosts: <td id="midColm">
      O1 - Hosts: <img src="/images/blank.gif" alt="" title="" />
      O1 - Hosts: </td>
      O1 - Hosts: <td id="rhtColm">
      O1 - Hosts: <div id="searchBox"><div><div><div>
      O1 - Hosts: <table border="0" cellspacing="0" cellpadding="0">
      O1 - Hosts: <tr><td colspan="3"><img src="/images/blank.gif" alt="" /></td></tr>
      O1 - Hosts: <tr>
      O1 - Hosts: <td><img src="/images/blank.gif" class="search" alt="Search The
      Web" title="Search The Web" /></td>
      O1 - Hosts: <td align="right"><input name="tsearch" id="tsearch" type="text"
      tabindex="1" class="txt"></td>
      O1 - Hosts: <td align="right"><input name="cmdSearch" id="cmdSearch"
      type="image" tabindex="2" src="/images/blank.gif" class="submit"></td>
      O1 - Hosts: </tr>
      O1 - Hosts: <tr><td colspan="3"><img src="/images/blank.gif" alt="" /></td></tr>
      O1 - Hosts: </table>
      O1 - Hosts: </div></div></div></div>
      O1 - Hosts: <div id="featured"><div><div><div>
      O1 - Hosts: <table width="100%" border="0" cellspacing="0" cellpadding="0"
      class="hdr">
      O1 - Hosts: <tr>
      O1 - Hosts: <td><h2>Featured Directory</h2></td>
      O1 - Hosts: <td align="right"><b><script>document.write(d)</script></b></td>
      O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
      O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
      C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
      O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
      C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
      O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
      C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-
      A37C9A5676A7} - C:\Program Files\Common Files\Symantec
      Shared\AdBlocking\NISShExt.dll
      O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
      C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
      O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
      C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
      O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
      \spool\drivers\w32x86\3\hpztsb09.exe
      O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
      Software Update\HPWuSchd.exe"
      O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
      Files\HP\hpcoretech\hpcmpmgr.exe"
      O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
      Imaging\bin\hpotdd01.exe
      O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
      O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
      \NvCpl.dll,NvStartup
      O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
      O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
      Shared\ccApp.exe"
      O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
      \SNDMon.exe /Consumer
      O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
      O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
      O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
      O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
      O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
      Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
      O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
      res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
      O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
      C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
      C:\Program Files\Messenger\msmsgs.exe
      O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
      00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
      O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
      static.windupdates.com/cab/180solutions/ie/bridge-c18.cab
      O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
      v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1119208809624
      O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} -
      www.tbcode.com/ist/softwares/v4.0/0006_cracks.cab
      O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
      C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
      O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
      C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
      O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
      C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
      O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
      C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
      O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton
      Internet Security\ISSVC.exe
      O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec
      Corporation - C:\Program Files\Norton Internet Security\Norton
      AntiVirus\navapsvc.exe
      O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
      C:\WINDOWS\System32\nvsvc32.exe
      O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
      Internet Security\Norton AntiVirus\SAVScan.exe
      O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
      C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
      O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
      Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
      O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program
      Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
      O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
      Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
    • Gość: Koloobs Re: Bardzo proszę o sprawdzenie loga IP: *.warszawa.sdi.tpnet.pl 05.11.05, 11:28
      Usun w hijakthis wszystkie wpisy O1 i wklej nowy log.
      • asienka83 Re:Sprawdzenie kontrolne 05.11.05, 11:50
        Usunełam te wpisy z 01 i mam nadzieję że teraz będzie juz ok :)

        Logfile of HijackThis v1.99.1
        Scan saved at 11:47:39, on 2005-11-05
        Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.exe
        C:\WINDOWS\system32\services.exe
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        C:\WINDOWS\system32\spoolsv.exe
        C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
        C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
        C:\Program Files\Norton Internet Security\ISSVC.exe
        C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
        C:\WINDOWS\System32\nvsvc32.exe
        C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
        C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
        C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
        C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
        C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
        C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
        C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
        C:\WINDOWS\SOUNDMAN.EXE
        C:\Program Files\Common Files\Symantec Shared\ccApp.exe
        C:\Program Files\Messenger\msmsgs.exe
        C:\Program Files\Gadu-Gadu\gg.exe
        C:\WINDOWS\explorer.exe
        D:\eMule\emule.exe
        C:\WINDOWS\system32\wuauclt.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
        C:\Program Files\Internet Explorer\iexplore.exe
        C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O1 - Hosts: </form>
        O1 - Hosts: </body>
        O1 - Hosts: </html>
        O1 - Hosts: SymRealOnUnload();
        O1 - Hosts: SymRealOnLoad();
        O1 - Hosts: SymRealOnUnload = window.onunload;
        O1 - Hosts: window.onunload = SymOnUnload;
        O1 - Hosts: SymRealOnLoad = window.onload;
        O1 - Hosts: window.onload = SymOnLoad;
        O1 - Hosts: <p> </p>
        O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
        C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
        C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
        O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
        C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
        O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
        C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-
        A37C9A5676A7} - C:\Program Files\Common Files\Symantec
        Shared\AdBlocking\NISShExt.dll
        O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
        C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
        O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
        C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
        O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
        \spool\drivers\w32x86\3\hpztsb09.exe
        O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
        Software Update\HPWuSchd.exe"
        O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
        Files\HP\hpcoretech\hpcmpmgr.exe"
        O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
        Imaging\bin\hpotdd01.exe
        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
        \NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
        Shared\ccApp.exe"
        O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
        \SNDMon.exe /Consumer
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
        O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
        O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
        Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
        O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
        res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
        O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
        C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
        O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
        • asienka83 Re:Sprawdzenie kontrolne 05.11.05, 11:53
          Ups, znów sie nie zmieściło, to końcówka:


          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
          C:\Program Files\Messenger\msmsgs.exe
          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
          00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
          O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
          static.windupdates.com/cab/180solutions/ie/bridge-c18.cab
          O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
          v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1119208809624
          O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} -
          www.tbcode.com/ist/softwares/v4.0/0006_cracks.cab
          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
          C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
          O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
          C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
          O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
          C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
          C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
          O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton
          Internet Security\ISSVC.exe
          O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec
          Corporation - C:\Program Files\Norton Internet Security\Norton
          AntiVirus\navapsvc.exe
          O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
          C:\WINDOWS\System32\nvsvc32.exe
          O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
          Internet Security\Norton AntiVirus\SAVScan.exe
          O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
          C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
          O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
          Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
          O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program
          Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
          O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
          Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
        • Gość: Kolobos Re:Sprawdzenie kontrolne IP: *.warszawa.sdi.tpnet.pl 05.11.05, 12:01
          Uzyj tego:
          www.searchengines.pl/phpbb203/index.php?act=Attach&type=post&id=459

          Czesc O1 zostala ale program ktory podalem powinien wszystko usunac:

          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>
          O1 - Hosts: </form>
          O1 - Hosts: </body>
          O1 - Hosts: </html>
          O1 - Hosts: SymRealOnUnload();
          O1 - Hosts: SymRealOnLoad();
          O1 - Hosts: SymRealOnUnload = window.onunload;
          O1 - Hosts: window.onunload = SymOnUnload;
          O1 - Hosts: SymRealOnLoad = window.onload;
          O1 - Hosts: window.onload = SymOnLoad;
          O1 - Hosts: <p> </p>

          Pewnie i tak zaraz wroc bo program ktory to zrobil znowu je dopisze :>

          Usun jeszcze to:

          O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} -
          static.windupdates.com/cab/180solutions/ie/bridge-c18.cab
          O16 - DPF: {7C559105-9ECF-42B8-B3F7-832E75EDD959} -
          www.tbcode.com/ist/softwares/v4.0/0006_cracks.cab

          I przeskanuj tym:
          download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
          oraz:
          download.ewido.net/ewido-setup.exe <- zrob update przed skanowaniem, po
          przeskanowaniu odinstaluj.

          • asienka83 Re:Sprawdzenie kontrolne 05.11.05, 18:47
            Drogi Kolobosie a czy teraz wszystko bedzie ok.
            Jednak nadal mam ten problem bo dalej mi wyskakuje informacja że wystąpił błąd
            z aplikacją internet explorer i w celu bezpieczeństwa zamyka mi przeglądarkę i
            to samo z GG. Może jeszcze jakas podpowiedź:(


            Logfile of HijackThis v1.99.1
            Scan saved at 18:41:46, on 2005-11-05
            Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
            MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

            Running processes:
            C:\WINDOWS\System32\smss.exe
            C:\WINDOWS\system32\winlogon.exe
            C:\WINDOWS\system32\services.exe
            C:\WINDOWS\system32\lsass.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\System32\svchost.exe
            C:\WINDOWS\system32\spoolsv.exe
            C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
            C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
            C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
            C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
            C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
            C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
            C:\WINDOWS\SOUNDMAN.EXE
            C:\Program Files\Common Files\Symantec Shared\ccApp.exe
            C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
            C:\Program Files\Messenger\msmsgs.exe
            C:\Program Files\Gadu-Gadu\gg.exe
            C:\Program Files\Norton Internet Security\ISSVC.exe
            C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
            C:\WINDOWS\System32\nvsvc32.exe
            C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
            C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
            C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
            C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
            C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
            C:\WINDOWS\system32\wuauclt.exe
            D:\eMule\emule.exe
            C:\WINDOWS\explorer.exe
            C:\Program Files\Internet Explorer\iexplore.exe
            C:\Program Files\Common Files\Symantec Shared\AdBlocking\NSMdtr.exe
            C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
            O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
            C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
            O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
            C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
            O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
            C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
            O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
            C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
            O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-
            A37C9A5676A7} - C:\Program Files\Common Files\Symantec
            Shared\AdBlocking\NISShExt.dll
            O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
            C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
            O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
            C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
            O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
            \spool\drivers\w32x86\3\hpztsb09.exe
            O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
            Software Update\HPWuSchd.exe"
            O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
            Files\HP\hpcoretech\hpcmpmgr.exe"
            O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
            Imaging\bin\hpotdd01.exe
            O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
            O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
            \NvCpl.dll,NvStartup
            O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
            O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
            Shared\ccApp.exe"
            O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
            \SNDMon.exe /Consumer
            O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
            O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft
            AntiSpyware\gcasServ.exe"
            O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
            O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
            O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
            O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
            Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
            O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
            res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
            O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
            C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
            O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
            C:\Program Files\Messenger\msmsgs.exe
            O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
            00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
            O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
            v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1119208809624
            O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
            C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
            O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
            C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
            O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
            C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
            O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
            C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
            O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton
            Internet Security\ISSVC.exe
            O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec
            Corporation - C:\Program Files\Norton Internet Security\Norton
            AntiVirus\navapsvc.exe
            O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
            C:\WINDOWS\System32\nvsvc32.exe
            O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
            Internet Security\Norton AntiVirus\SAVScan.exe
            O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
            C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
            O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
            Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
            O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program
            Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
            O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
            Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
            • Gość: Kolobos Re:Sprawdzenie kontrolne IP: *.warszawa.sdi.tpnet.pl 05.11.05, 21:01
              Log wyglada ok, a problemy z IE nie musza byc spowodowane przez trojana/spyware
              itp.

              Sprobuj przeinstalowac IE:
              download.microsoft.com/download/ie6sp1/finrel/6_sp1/W98NT42KMeXP/PL/ie6se
              tup.exe i wybierz naprawe instalacji.
              Albo zainstaluj Opere i nie uzywaj IE, a zamiast GG zainstaluj Tlen, ktory
              dziala z siecia gg.

              Zobacz tez w Panelu sterowania->Narzedzia administracyjne czy w dzienniku
              aplikacji jest jakas informacja o tym jaki dokladnie blad wystapil.
              • asienka83 Re:Sprawdzenie kontrolne 05.11.05, 22:08
                Wielkie, wielkie dzieki Kolobosie:)
                Postaram sie dostosowac do Twoich porad.

                A w tym dzienniku znalazłam tylko takie coś:

                > Aplikacja powodująca błąd explorer.exe, wersja 6.0.2900.2180, moduł
                powodujacy błąd unknown, wersja 0.0.0.0, adres błędu 0x3039313d

                i dalej

                0000: 41 70 70 6c 69 63 61 74 Applicat
                0008: 69 6f 6e 20 46 61 69 6c ion Fail
                0010: 75 72 65 20 20 65 78 70 ure exp
                0018: 6c 6f 72 65 72 2e 65 78 lorer.ex
                0020: 65 20 36 2e 30 2e 32 39 e 6.0.29
                0028: 30 30 2e 32 31 38 30 20 00.2180
                0030: 69 6e 20 75 6e 6b 6e 6f in unkno
                0038: 77 6e 20 30 2e 30 2e 30 wn 0.0.0
                0040: 2e 30 20 61 74 20 6f 66 .0 at of
                0048: 66 73 65 74 20 33 30 33 fset 303
                0050: 39 33 31 33 64 9313d
                • asienka83 Re:Sprawdzenie kontrolne 07.11.05, 10:24
                  Bardzo proszę by ktos poświęcił mi jeszscze minutkę swojego czasu i poradził co
                  mogę jeszcze zrobić by ten błąd się naprawił.Czy to że zamyka mi po 10 minutach
                  przeglądarkę może byc spowodowane że mam IE a nie Opere jak radzicie przy
                  piracie:(czy zmiana na Opere by pomogła.Bo GG zmieniłam na Tlen i jakos się już
                  nie wyłancza.
                  Prosze doradźcie
                  • asienka83 Re:Sprawdzenie loga RAZ JESZCZE 08.11.05, 09:07
                    Bardzo proszę o ponowne sprawdzenie loga:


                    Logfile of HijackThis v1.99.1
                    Scan saved at 09:03:07, on 2005-11-08
                    Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
                    MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                    Running processes:
                    C:\WINDOWS\System32\smss.exe
                    C:\WINDOWS\system32\winlogon.exe
                    C:\WINDOWS\system32\services.exe
                    C:\WINDOWS\system32\lsass.exe
                    C:\WINDOWS\system32\svchost.exe
                    C:\WINDOWS\System32\svchost.exe
                    C:\WINDOWS\system32\spoolsv.exe
                    C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
                    C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
                    C:\Program Files\Norton Internet Security\ISSVC.exe
                    C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
                    C:\WINDOWS\System32\nvsvc32.exe
                    C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                    C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
                    C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                    C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                    C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
                    C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
                    C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
                    C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
                    C:\WINDOWS\SOUNDMAN.EXE
                    C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                    C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
                    C:\Program Files\Messenger\msmsgs.exe
                    C:\Program Files\Tlen.pl\tlen.exe
                    C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
                    C:\WINDOWS\explorer.exe
                    C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

                    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
                    O1 - Hosts: <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01
                    Transitional//EN" "www.w3.org/TR/html4/loose.dtd">
                    O1 - Hosts: <html>
                    O1 - Hosts: <head>
                    O1 - Hosts: <title>
                    O1 - Hosts: servicemasters.biz
                    O1 - Hosts: </title>
                    O1 - Hosts: <meta name="GENERATOR" Content="Microsoft Visual Studio .NET 7.1">
                    O1 - Hosts: <meta name="CODE_LANGUAGE" Content="C#">
                    O1 - Hosts: <meta name="vs_defaultClientScript" content="JavaScript">
                    O1 - Hosts: <meta name="vs_targetSchema"
                    content="schemas.microsoft.com/intellisense/ie5">
                    O1 - Hosts: <meta name="robots" content="index,follow">
                    O1 - Hosts: <meta name="language" content="en">
                    O1 - Hosts: <meta name="keywords" content="master,service,computer">
                    O1 - Hosts: <meta http-equiv="Content-Type" content="text/html; charset=iso-
                    8859-1">
                    O1 - Hosts: <link href="/css/pstyleGeneric0101.css" rel="stylesheet"
                    type="text/css">
                    O1 - Hosts: <script language="JavaScript">
                    O1 - Hosts: <!--
                    O1 - Hosts: function SymError()
                    O1 - Hosts: {
                    O1 - Hosts: return true;
                    O1 - Hosts: }
                    O1 - Hosts: window.onerror = SymError;
                    O1 - Hosts: var SymRealWinOpen = window.open;
                    O1 - Hosts: function SymWinOpen(url, name, attributes)
                    O1 - Hosts: {
                    O1 - Hosts: return (new Object());
                    O1 - Hosts: }
                    O1 - Hosts: window.open = SymWinOpen;
                    O1 - Hosts: //-->
                    O1 - Hosts: </script>
                    O1 - Hosts: <script>
                    O1 - Hosts: var mydate=new Date()
                    O1 - Hosts: var year=mydate.getYear()
                    O1 - Hosts: if (year < 1000)
                    O1 - Hosts: year+=1900
                    O1 - Hosts: var day=mydate.getDay()
                    O1 - Hosts: var month=mydate.getMonth()
                    O1 - Hosts: var daym=mydate.getDate()
                    O1 - Hosts: if (daym<10)
                    O1 - Hosts: daym="0"+daym
                    O1 - Hosts: var dayarray=new Array
                    ("Sunday","Monday","Tuesday","Wednesday","Thursday","Friday","Saturday")
                    O1 - Hosts: var montharray=new Array
                    ("January","February","March","April","May","June","July","August","September","
                    October","November","December")
                    O1 - Hosts: var d=(dayarray[day]+", "+montharray[month]+" "+daym+", "+year)
                    O1 - Hosts: </script>
                    O1 - Hosts: </head>
                    O1 - Hosts: <body>
                    O1 - Hosts: <form id="parking_form" method="get" action="/Default.aspx">
                    O1 - Hosts: <!
                    • Gość: m Re:Sprawdzenie loga RAZ JESZCZE IP: *.neoplus.adsl.tpnet.pl 08.11.05, 09:26
                      ale znowu masz śmietnisko:)
                      powyrzucaj wpisy z O1 i wklej ponownie, bo tak jak poprzednio log nie zmieścił
                      się w całości
                      • asienka83 Re:Sprawdzenie loga RAZ JESZCZE 08.11.05, 09:36
                        A teraz bo widze że dalej jakieś 01 zostały:(

                        Logfile of HijackThis v1.99.1
                        Scan saved at 09:32:54, on 2005-11-08
                        Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
                        MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

                        Running processes:
                        C:\WINDOWS\System32\smss.exe
                        C:\WINDOWS\system32\winlogon.exe
                        C:\WINDOWS\system32\services.exe
                        C:\WINDOWS\system32\lsass.exe
                        C:\WINDOWS\system32\svchost.exe
                        C:\WINDOWS\System32\svchost.exe
                        C:\WINDOWS\system32\spoolsv.exe
                        C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
                        C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
                        C:\Program Files\Norton Internet Security\ISSVC.exe
                        C:\Program Files\Norton Internet Security\Norton AntiVirus\navapsvc.exe
                        C:\WINDOWS\System32\nvsvc32.exe
                        C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                        C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
                        C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                        C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                        C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb09.exe
                        C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe
                        C:\Program Files\HP\hpcoretech\hpcmpmgr.exe
                        C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpotdd01.exe
                        C:\WINDOWS\SOUNDMAN.EXE
                        C:\Program Files\Common Files\Symantec Shared\ccApp.exe
                        C:\Program Files\Messenger\msmsgs.exe
                        C:\Program Files\Tlen.pl\tlen.exe
                        C:\WINDOWS\explorer.exe
                        C:\WINDOWS\system32\msiexec.exe
                        C:\Program Files\Windows Media Player\wmplayer.exe
                        C:\Documents and Settings\Asia\Pulpit\HijackThis.exe

                        R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O1 - Hosts: SymRealOnUnload = window.onunload;
                        O1 - Hosts: window.onunload = SymOnUnload;
                        O1 - Hosts: SymRealOnLoad = window.onload;
                        O1 - Hosts: window.onload = SymOnLoad;
                        O1 - Hosts: SymRealOnLoad();
                        O2 - BHO: Yahoo! Companion BHO - {02478D38-C3F9-4efb-9B51-7695ECA05670} -
                        C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
                        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
                        C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
                        O2 - BHO: CNisExtBho Class - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} -
                        C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
                        O2 - BHO: CNavExtBho Class - {BDF3E430-B101-42AD-A544-FADC6B084872} -
                        C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
                        O3 - Toolbar: Norton Internet Security - {0B53EAC3-8D69-4b9e-9B19-
                        A37C9A5676A7} - C:\Program Files\Common Files\Symantec
                        Shared\AdBlocking\NISShExt.dll
                        O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
                        C:\Program Files\Norton Internet Security\Norton AntiVirus\NavShExt.dll
                        O3 - Toolbar: Yahoo! Companion - {EF99BD32-C1FB-11D2-892F-0090271D4F88} -
                        C:\Program Files\Yahoo!\Companion\Installs\cpn\ycomp5_5_7_0.dll
                        O4 - HKLM\..\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32
                        \spool\drivers\w32x86\3\hpztsb09.exe
                        O4 - HKLM\..\Run: [HP Software Update] "C:\Program Files\Hewlett-Packard\HP
                        Software Update\HPWuSchd.exe"
                        O4 - HKLM\..\Run: [HP Component Manager] "C:\Program
                        Files\HP\hpcoretech\hpcmpmgr.exe"
                        O4 - HKLM\..\Run: [DeviceDiscovery] C:\Program Files\Hewlett-Packard\Digital
                        Imaging\bin\hpotdd01.exe
                        O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
                        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
                        \NvCpl.dll,NvStartup
                        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                        O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
                        Shared\ccApp.exe"
                        O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1
                        \SNDMon.exe /Consumer
                        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
                        O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
                        O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
                        O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
                        O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
                        Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
                        O8 - Extra context menu item: E&kspo
                        • asienka83 Re:Sprawdzenie loga RAZ JESZCZE 08.11.05, 09:37
                          Sory jeszcze druga część:

                          O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
                          C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                          O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
                          C:\Program Files\Messenger\msmsgs.exe
                          O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
                          00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
                          O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
                          v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1119208809624
                          O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
                          C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                          O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation -
                          C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
                          O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
                          C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
                          O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
                          C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
                          O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton
                          Internet Security\ISSVC.exe
                          O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec
                          Corporation - C:\Program Files\Norton Internet Security\Norton
                          AntiVirus\navapsvc.exe
                          O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation -
                          C:\WINDOWS\System32\nvsvc32.exe
                          O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
                          Internet Security\Norton AntiVirus\SAVScan.exe
                          O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation -
                          C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
                          O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
                          Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                          O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program
                          Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
                          O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
                          Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
                          • Gość: m Re:Sprawdzenie loga RAZ JESZCZE IP: *.neoplus.adsl.tpnet.pl 08.11.05, 09:52
                            po usunięciu O1, moim skromnym zdaniem, będzie OK (ale nie chcę wchodzić w
                            kompetencje Kolobosa).
                            a skąd biorą się te Twoje ciagłe problemy niestety nie mam pojęcia...
                            • asienka83 Re:Sprawdzenie loga RAZ JESZCZE 08.11.05, 10:06
                              Ja tez niestety nie wiem , ale dzieki za wszelką pomoc!!
                              Pozdrawiam:)
Pełna wersja