Dodaj do ulubionych

proszę o sprawdzenie Loga hijackthis

IP: *.internetdsl.tpnet.pl 06.12.05, 15:45
Logfile of HijackThis v1.99.1
Scan saved at 15:54:47, on 2005-12-06
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavProt.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PaSSrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Firewall\PavFires.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavFnSvr.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Pavkre.exe
E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\pavsrv51.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\AVENGINE.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\prevsrv.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PsImSvc.exe
E:\WINDOWS\System32\svchost.exe
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
E:\WINDOWS\System32\RunDll32.exe
E:\Program Files\QuickTime\qttask.exe
E:\Program Files\Common Files\Symantec Shared\ccApp.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\APVXDWIN.EXE
E:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\SRVLOAD.EXE
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\WebProxy.exe
E:\Program Files\Internet Explorer\IEXPLORE.EXE
E:\Documents and Settings\Marzenka i Darek\Ustawienia lokalne\Temporary
Internet Files\Content.IE5\EOTS04I8\HijackThis[1].exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
c:\secure32.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
searchbar.findthewebsiteyouneed.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
searchbar.findthewebsiteyouneed.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.onet.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
www.searchgateway.net/search/%s
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
c:\secure32.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
file)
F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
E:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe
O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe
O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
Gateway\MediaGateway.exe
O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda
Platinum 2005 Internet Security\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Platinum
2005 Internet Security\APVXDWIN.EXE" /s
O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "E:\Program
Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
Folders\ibm00001.exe"
O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe
O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe
O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe
O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
E:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - E:\WINDOWS\web\related.htm
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O20 - Winlogon Notify: Control Panel - E:\WINDOWS\system32\en4ol1h31.dll
(file missing)
O20 - Winlogon Notify: msupdate - E:\WINDOWS\SYSTEM32\msupdate32.dll
O20 - Winlogon Notify: Run - E:\WINDOWS\system32\enjul1191.dll (file missing)
O20 - Winlogon Notify: Setup - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: SMDEn - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
O20 - Winlogon Notify: StillImage - E:\WINDOWS\system32\r08s0al7edq.dll (file
missing)
O20 - Winlogon Notify: Syncmgr - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: Telephony - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: ThemeManager - E:\WINDOWS\system32\n62ulgf9162.dll
(file missing)
O20 - Winlogon Notify: Themes - E:\WINDOWS\system32\hrp6057se.dll (file
missing)
O20 - Winlogon Notify: URL - E:\WINDOWS\system32\hrp6057se.dll (file missing)
O21 - SSODL: SysTray.Exiv - {2963ECFC-4E5C-2f3b-B334-D67434FC72E0} -
E:\WINDOWS\System32\hhgjgcdm.dll
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec
Corporation - E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: MkSUpdateInt - Unknown owner - E:\Program
Files\MKS\bin\MkSUpdateInt.exe (file missing)
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - E:\Program
Files\MKS\Bin\mksmonsv.exe (file missing)
O23 - Service: MkS_Scan - Unknown owner - E:\Program
Files\MKS\Bin\mks_scan.exe (file missing)
O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PaSSrv.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\Firewall\PavFires.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software -
E:\Program Files\Panda Software\Panda Platinum 2005 Internet
Security\PavFnSvr.exe
O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program
Fil
Obserwuj wątek
    • Gość: k Re: proszę o sprawdzenie Loga hijackthis IP: *.warszawa.sdi.tpnet.pl 06.12.05, 19:38
      Jak mozna zrobic cos takiego z komputera?
      Odinstaluj Nortona, uslugi mksa wylacz w services.msc

      Usun w hijackthis:

      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
      c:\secure32.html <- usun plik
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
      searchbar.findthewebsiteyouneed.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
      searchbar.findthewebsiteyouneed.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
      searchbar.findthewebsiteyouneed.com
      R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
      www.searchgateway.net/search/%s
      R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
      c:\secure32.html
      R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
      R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
      file)
      F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe <- usun caly katalog
      inet20003
      O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe <- usun plik
      O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe <- usun plik
      O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
      Gateway\MediaGateway.exe <- odinstaluj i usun katalog Media Gateway
      O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
      Folders\ibm00001.exe"
      O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe <- usun plik
      O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe <- usun plik
      O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe <-
      odinstaluj i usun katalog SpySherriff
      O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe <-
      odinstaluj i usun katalog vcclient
      O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
      O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe <- usun katalog
      qqfu
      O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
      E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
      E:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
      00aa003c157a} - E:\WINDOWS\web\related.htm
      O20 - Winlogon Notify: Control Panel - E:\WINDOWS\system32\en4ol1h31.dll
      (file missing)
      O20 - Winlogon Notify: msupdate - E:\WINDOWS\SYSTEM32\msupdate32.dll <- usun
      plik
      O20 - Winlogon Notify: Run - E:\WINDOWS\system32\enjul1191.dll (file missing)
      O20 - Winlogon Notify: Setup - E:\WINDOWS\system32\r08s0al7edq.dll (file
      missing)
      O20 - Winlogon Notify: SMDEn - E:\WINDOWS\system32\r08s0al7edq.dll (file
      missing)
      O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
      O20 - Winlogon Notify: StillImage - E:\WINDOWS\system32\r08s0al7edq.dll (file
      missing)
      O20 - Winlogon Notify: Syncmgr - E:\WINDOWS\system32\hrp6057se.dll (file
      missing)
      O20 - Winlogon Notify: Telephony - E:\WINDOWS\system32\hrp6057se.dll (file
      missing)
      O20 - Winlogon Notify: ThemeManager - E:\WINDOWS\system32\n62ulgf9162.dll
      (file missing)
      O20 - Winlogon Notify: Themes - E:\WINDOWS\system32\hrp6057se.dll (file
      missing)
      O20 - Winlogon Notify: URL - E:\WINDOWS\system32\hrp6057se.dll (file missing)
      To wszystko to look2me, uzyj uninstallera stad:
      www.pchell.com/support/look2me.shtml
      O21 - SSODL: SysTray.Exiv - {2963ECFC-4E5C-2f3b-B334-D67434FC72E0} -
      E:\WINDOWS\System32\hhgjgcdm.dll <- usun plik

      Na koniec skan tym:
      download.ewido.net/ewido-setup.exe <- zrob update przed skanowaniem, po
      przeskanowaniu odinstaluj.
      Zamknij porty tym:
      www.firewallleaktester.com/tools/wwdc.exe
      Po wszystkim wklej nowy log.
      • Gość: Marotka Re: proszę o sprawdzenie Loga hijackthis IP: *.internetdsl.tpnet.pl 06.12.05, 21:35
        Dzięki, wiem, ze narozrabiałam z tym kompem okropnie.
        Niestety nie potrafię odinstalować Look2Me :(
        Pliki które wskazałeś usunęłam, pozostała ta deinstalacja.
        Próbowałam automatycznie ale mam następujący komunikat:
        A
        n UnInstaller has already been requested twice from you IP address today and
        the number of requests is limited by two per day, please try again tomorrow.

        Thank you for using the Look2Me application.

        a ręcznie nie wychodzi mi niestety :(

        Proszę o cierpliwość dla laika...
          • Gość: Marotak nowy log IP: *.internetdsl.tpnet.pl 06.12.05, 22:31
            Logfile of HijackThis v1.99.1
            Scan saved at 22:41:37, on 2005-12-06
            Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
            MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

            Running processes:
            E:\WINDOWS\System32\smss.exe
            E:\WINDOWS\SYSTEM32\winlogon.exe
            E:\WINDOWS\system32\services.exe
            E:\WINDOWS\system32\lsass.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\PavProt.exe
            E:\WINDOWS\system32\svchost.exe
            E:\WINDOWS\System32\svchost.exe
            E:\WINDOWS\Explorer.EXE
            E:\WINDOWS\system32\spoolsv.exe
            E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
            E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\Firewall\PavFires.exe
            E:\WINDOWS\System32\RunDll32.exe
            E:\Program Files\QuickTime\qttask.exe
            E:\Program Files\Common Files\Symantec Shared\ccApp.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\APVXDWIN.EXE
            E:\WINDOWS\System32\ctfmon.exe
            C:\Program Files\Gadu-Gadu\gg.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\PavFnSvr.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\SRVLOAD.EXE
            E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\pavsrv51.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\prevsrv.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\AVENGINE.EXE
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\PsImSvc.exe
            E:\WINDOWS\System32\svchost.exe
            E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet
            Security\WebProxy.exe
            E:\Documents and Settings\Marzenka i Darek\Pulpit\hijackthis\HijackThis.exe

            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
            searchbar.findthewebsiteyouneed.com
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
            searchbar.findthewebsiteyouneed.com
            R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
            searchbar.findthewebsiteyouneed.com
            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
            www.onet.pl/
            R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
            www.searchgateway.net/search/%s
            R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
            c:\secure32.html
            R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
            R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
            file)
            F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe
            O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
            E:\WINDOWS\System32\msdxm.ocx
            O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
            O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -
            atboottime
            O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe
            O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe
            O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
            Shared\ccApp.exe"
            O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
            Gateway\MediaGateway.exe
            O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda Platinum
            2005 Internet Security\Inicio.exe"
            O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Platinum
            2005 Internet Security\APVXDWIN.EXE" /s
            O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "E:\Program
            Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
            O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
            O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
            O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
            Folders\ibm00001.exe"
            O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe
            O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe
            O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
            O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe
            O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
            O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe
            O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
            res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
            O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
            E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
            O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
            E:\WINDOWS\web\related.htm
            O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
            00aa003c157a} - E:\WINDOWS\web\related.htm
            O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
            bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
            O20 - Winlogon Notify: Control Panel - E:\WINDOWS\system32\en4ol1h31.dll (file
            missing)
            O20 - Winlogon Notify: msupdate - E:\WINDOWS\SYSTEM32\msupdate32.dll
            O20 - Winlogon Notify: Run - E:\WINDOWS\system32\enjul1191.dll (file missing)
            O20 - Winlogon Notify: Setup - E:\WINDOWS\system32\r08s0al7edq.dll (file
            missing)
            O20 - Winlogon Notify: SMDEn - E:\WINDOWS\system32\r08s0al7edq.dll (file
            missing)
            O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
            O20 - Winlogon Notify: StillImage - E:\WINDOWS\system32\r08s0al7edq.dll (file
            missing)
            O20 - Winlogon Notify: Syncmgr - E:\WINDOWS\system32\hrp6057se.dll (file
            missing)
            O20 - Winlogon Notify: Telephony - E:\WINDOWS\system32\hrp6057se.dll (file
            missing)
            O20 - Winlogon Notify: ThemeManager - E:\WINDOWS\system32\n62ulgf9162.dll (file
            missing)
            O20 - Winlogon Notify: Themes - E:\WINDOWS\system32\hrp6057se.dll (file missing)
            O20 - Winlogon Notify: URL - E:\WINDOWS\system32\hrp6057se.dll (file missing)
            O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
            E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
            O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
            E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
            O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
            E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
            O23 - Service: MkSUpdateInt - Unknown owner - E:\Program
            Files\MKS\bin\MkSUpdateInt.exe (file missing)
            O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - E:\Program
            Files\MKS\Bin\mksmonsv.exe (file missing)
            O23 - Service: MkS_Scan - Unknown owner - E:\Program Files\MKS\Bin\mks_scan.exe
            (file missing)
            O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner -
            E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
            O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - E:\Program
            Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
            O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - E:\Program
            Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
            O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program Files\Panda
            Software\Panda Platinum 2005 Internet Security\Pavkre.exe
            O23 - Service: Panda PavProt (PavProt) - Panda Software - E:\Program
            Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
            O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software -
            E:\Program Files\C
            • Gość: Marotka zrobiłam co mówiłeś - nowy log IP: *.internetdsl.tpnet.pl 06.12.05, 23:13
              Logfile of HijackThis v1.99.1
              Scan saved at 23:23:54, on 2005-12-06
              Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
              MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

              Running processes:
              E:\WINDOWS\System32\smss.exe
              E:\WINDOWS\SYSTEM32\winlogon.exe
              E:\WINDOWS\system32\services.exe
              E:\WINDOWS\system32\lsass.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\PavProt.exe
              E:\WINDOWS\system32\svchost.exe
              E:\WINDOWS\System32\svchost.exe
              E:\WINDOWS\Explorer.EXE
              E:\WINDOWS\system32\spoolsv.exe
              E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
              E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\Firewall\PavFires.exe
              E:\WINDOWS\System32\RunDll32.exe
              E:\Program Files\QuickTime\qttask.exe
              E:\Program Files\Common Files\Symantec Shared\ccApp.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\APVXDWIN.EXE
              E:\WINDOWS\System32\ctfmon.exe
              C:\Program Files\Gadu-Gadu\gg.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\PavFnSvr.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\SRVLOAD.EXE
              E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\pavsrv51.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\prevsrv.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\AVENGINE.EXE
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\PsImSvc.exe
              E:\WINDOWS\System32\svchost.exe
              E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\WebProxy.exe
              E:\Program Files\Internet Explorer\iexplore.exe
              E:\Documents and Settings\Marzenka i Darek\Pulpit\hijackthis\HijackThis.exe

              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
              searchbar.findthewebsiteyouneed.com
              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
              searchbar.findthewebsiteyouneed.com
              R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
              searchbar.findthewebsiteyouneed.com
              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
              www.onet.pl/
              R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
              www.searchgateway.net/search/%s
              R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
              c:\secure32.html
              R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
              R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
              file)
              F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe
              O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
              E:\WINDOWS\System32\msdxm.ocx
              O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
              O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -
              atboottime
              O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe
              O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe
              O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
              Shared\ccApp.exe"
              O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
              Gateway\MediaGateway.exe
              O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda Platinum
              2005 Internet Security\Inicio.exe"
              O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Platinum
              2005 Internet Security\APVXDWIN.EXE" /s
              O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "E:\Program
              Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
              O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
              O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
              O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
              Folders\ibm00001.exe"
              O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe
              O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe
              O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
              O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe
              O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
              O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe
              O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
              res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
              O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
              E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
              O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
              bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
              O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing)
              O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
              O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
              E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
              O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
              E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
              O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
              E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
              O23 - Service: MkSUpdateInt - Unknown owner - E:\Program
              Files\MKS\bin\MkSUpdateInt.exe (file missing)
              O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - E:\Program
              Files\MKS\Bin\mksmonsv.exe (file missing)
              O23 - Service: MkS_Scan - Unknown owner - E:\Program Files\MKS\Bin\mks_scan.exe
              (file missing)
              O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner -
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
              O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - E:\Program
              Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
              O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - E:\Program
              Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
              O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program Files\Panda
              Software\Panda Platinum 2005 Internet Security\Pavkre.exe
              O23 - Service: Panda PavProt (PavProt) - Panda Software - E:\Program
              Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
              O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software -
              E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
              O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - E:\Program
              Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
              O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software -
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\prevsrv.exe
              O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional -
              E:\Program Files\Panda Software\Panda Platinum 2005 Internet
              Security\PsImSvc.exe
              O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
              Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
              O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program
              Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


              Czy wreszcie jest OK? Niestety nie mogę usunąć Nortona, nie reaguje na
              komendę "usun" w panelu sterowania.
                • Gość: Marotka a teraz? IP: *.internetdsl.tpnet.pl 07.12.05, 16:25
                  Logfile of HijackThis v1.99.1
                  Scan saved at 16:35:25, on 2005-12-07
                  Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
                  MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                  Running processes:
                  E:\WINDOWS\System32\smss.exe
                  E:\WINDOWS\SYSTEM32\winlogon.exe
                  E:\WINDOWS\system32\services.exe
                  E:\WINDOWS\system32\lsass.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\PavProt.exe
                  E:\WINDOWS\system32\svchost.exe
                  E:\WINDOWS\System32\svchost.exe
                  E:\WINDOWS\Explorer.EXE
                  E:\WINDOWS\system32\spoolsv.exe
                  E:\WINDOWS\System32\RunDll32.exe
                  E:\Program Files\QuickTime\qttask.exe
                  E:\Program Files\Common Files\Symantec Shared\ccApp.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\APVXDWIN.EXE
                  E:\WINDOWS\System32\ctfmon.exe
                  C:\Program Files\Gadu-Gadu\gg.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\SRVLOAD.EXE
                  E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
                  E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\Firewall\PavFires.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\PavFnSvr.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\Pavkre.exe
                  E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\pavsrv51.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\prevsrv.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\AVENGINE.EXE
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\PsImSvc.exe
                  E:\WINDOWS\System32\svchost.exe
                  E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\WebProxy.exe
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\PAVJOBS.EXE
                  E:\Program Files\Internet Explorer\iexplore.exe
                  E:\Documents and Settings\Marzenka i Darek\Pulpit\hijackthis\HijackThis.exe

                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
                  searchbar.findthewebsiteyouneed.com
                  R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
                  searchbar.findthewebsiteyouneed.com
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
                  www.onet.pl/
                  R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) =
                  www.searchgateway.net/search/%s
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
                  c:\secure32.html
                  R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
                  R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no
                  file)
                  F3 - REG:win.ini: run=E:\WINDOWS\inet20003\services.exe
                  O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
                  E:\WINDOWS\System32\msdxm.ocx
                  O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
                  O4 - HKLM\..\Run: [QuickTime Task] "E:\Program Files\QuickTime\qttask.exe" -
                  atboottime
                  O4 - HKLM\..\Run: [timessquare] c:\windows\timessquare.exe
                  O4 - HKLM\..\Run: [adtech2006] c:\windows\adtech2006.exe
                  O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec
                  Shared\ccApp.exe"
                  O4 - HKLM\..\Run: [Media Gateway] E:\Program Files\Media
                  Gateway\MediaGateway.exe
                  O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda Platinum
                  2005 Internet Security\Inicio.exe"
                  O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Platinum
                  2005 Internet Security\APVXDWIN.EXE" /s
                  O4 - HKLM\..\RunServices: [PANDA ANTISPAM SERVER SERVICE] "E:\Program
                  Files\Panda Software\Panda Platinum 2005 Internet Security\PasSrv.exe"
                  O4 - HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
                  O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
                  O4 - HKCU\..\Run: [Shell] "E:\Program Files\Common Files\Microsoft Shared\Web
                  Folders\ibm00001.exe"
                  O4 - HKCU\..\Run: [bxproxy] E:\WINDOWS\bxproxy.exe
                  O4 - HKCU\..\Run: [PayTime] E:\WINDOWS\System32\paytime.exe
                  O4 - HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
                  O4 - HKCU\..\Run: [CU1] E:\Program Files\Common Files\VCClient\VCClient.exe
                  O4 - HKCU\..\Run: [CU2] E:\Program Files\Common Files\VCClient\VCMain.exe
                  O4 - HKCU\..\Run: [qqfu] E:\PROGRA~1\COMMON~1\qqfu\qqfum.exe
                  O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
                  res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
                  O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
                  E:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
                  O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
                  bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
                  O20 - Winlogon Notify: msupdate - msupdate32.dll (file missing)
                  O20 - Winlogon Notify: ssldr - ssldr32.dll (file missing)
                  O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation -
                  E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
                  O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation -
                  E:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
                  O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation -
                  E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
                  O23 - Service: MkSUpdateInt - Unknown owner - E:\Program
                  Files\MKS\bin\MkSUpdateInt.exe (file missing)
                  O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - E:\Program
                  Files\MKS\Bin\mksmonsv.exe (file missing)
                  O23 - Service: MkS_Scan - Unknown owner - E:\Program Files\MKS\Bin\mks_scan.exe
                  (file missing)
                  O23 - Service: Panda Antispam Server Service (PASSRV) - Unknown owner -
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet Security\PaSSrv.exe
                  O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - E:\Program
                  Files\Panda Software\Panda Platinum 2005 Internet Security\Firewall\PavFires.exe
                  O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software - E:\Program
                  Files\Panda Software\Panda Platinum 2005 Internet Security\PavFnSvr.exe
                  O23 - Service: Panda Pavkre (Pavkre) - Panda Software - E:\Program Files\Panda
                  Software\Panda Platinum 2005 Internet Security\Pavkre.exe
                  O23 - Service: Panda PavProt (PavProt) - Panda Software - E:\Program
                  Files\Panda Software\Panda Platinum 2005 Internet Security\PavProt.exe
                  O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software -
                  E:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
                  O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - E:\Program
                  Files\Panda Software\Panda Platinum 2005 Internet Security\pavsrv51.exe
                  O23 - Service: Panda Preventium+ Service (PREVSRV) - Panda Software -
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\prevsrv.exe
                  O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software Internacional -
                  E:\Program Files\Panda Software\Panda Platinum 2005 Internet
                  Security\PsImSvc.exe
                  O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec
                  Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
                  O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program
                  Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

                  • Gość: k Re: a teraz? IP: *.warszawa.sdi.tpnet.pl 07.12.05, 19:24
                    hm, masz jakis problem ze wzrokiem? Napisalem Ci przeciez co masz usunac w
                    hijackthis:
                    forum.gazeta.pl/forum/72,2.html?f=430&w=33082447&a=33092750
                    Czytasz co napisalem i usuwasz, a nie cos tam usuwasz i wklejasz znowu to samo
                    pytajac czy jest ok...

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka