mam chyba jakiegos szpiega ;/ a oto moj log...
Logfile of HijackThis v1.99.0
Scan saved at 00:05:36, on 2005–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSygateSPFSmc.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
C:PROGRA~1WanadooTaskbarIcon.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesWanadooEspaceWanadoo.exe
C:Program FilesWanadooComComp.exe
C:Program FilesWanadooWatch.exe
C:Program FilesAvant Browseravant.exe
C:Program FilesGadu–Gadugg.exe
C:Documents and SettingsAndziulkaaPulpitWAZNEHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O4 – HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooTaskbarIcon.exe
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [TrojanScanner] C:Program FilesTrojan RemoverTrjscan.exe
O4 – HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe
O4 – HKLM..Run: [LVCOMS] C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE
O4 – HKLM..Run: [SmcService] C:PROGRA~1SygateSPFsmc.exe –startgui
O4 – HKLM..Run: [AntyDialerTP] "c:program filesantydialer tpantydialertp.exe" tray
O4 – HKLM..RunOnce: [SpybotSnD] "C:Program FilesSpybot – Search & DestroySpybotSD.exe" /autocheck
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O8 – Extra context menu item: Blokuj wszystkie obrazy z tego serwera – C:Program FilesAvant BrowserAddAllToADBlackList.htm
O8 – Extra context menu item: Dodaj do listy blokowanych reklam – C:Program FilesAvant BrowserAddToADBlackList.htm
O8 – Extra context menu item: Otwórz wszystkie adresy z tej strony... – C:Program FilesAvant BrowserOpenAllLinks.htm
O8 – Extra context menu item: Podświetl – C:Program FilesAvant BrowserHighlight.htm
O8 – Extra context menu item: Szukaj – C:Program FilesAvant BrowserSearch.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSsystem32msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSsystem32msjava.dll
O9 – Extra button: (no name) – {CD67F990–D8E9–11d2–98FE–00C0F0318AFE} – (no file)
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 – HKLMSystemCCSServicesTcpip..{A136F758–6945–45CE–B3BD–BC731AABE51F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 – Service: Symantec Password Validation – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 – Service: Norton AntiVirus Auto Protect Service – Symantec Corporation – C:Program FilesNorton AntiVirus avapsvc.exe
O23 – Service: Norton Unerase Protection – Symantec Corporation – C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
O23 – Service: NVIDIA Display Driver Service – NVIDIA Corporation – C:WINDOWSSystem32 vsvc32.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 – Service: Sygate Personal Firewall Pro – Sygate Technologies, Inc. – C:Program FilesSygateSPFSmc.exe
O23 – Service: Symantec Network Drivers Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 – Service: SymWMI Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
sprawdzcie go bo nie wiem czy juz usunelam wszystko co powinnam...
Ps.raport scana antyvirusowego on–line:
Spyware:Spyware/YourSiteBar Nie wyleczalny C:Documents and SettingsAndziulkaaUstawienia lokalneTemporary Internet FilesContent.IE5AJEJAD6BCACLAJWZ.HTM
POMOZCIE...:(
Scan saved at 00:05:36, on 2005–02–24
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesSygateSPFSmc.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32 vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
C:PROGRA~1WanadooTaskbarIcon.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSsystem32RunDll32.exe
C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
C:Program FilesWanadooEspaceWanadoo.exe
C:Program FilesWanadooComComp.exe
C:Program FilesWanadooWatch.exe
C:Program FilesAvant Browseravant.exe
C:Program FilesGadu–Gadugg.exe
C:Documents and SettingsAndziulkaaPulpitWAZNEHijackThis.exe
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.google.pl/
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O4 – HKLM..Run: [WOOWATCH] C:PROGRA~1WanadooWatch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooTaskbarIcon.exe
O4 – HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 – HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 – HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [TrojanScanner] C:Program FilesTrojan RemoverTrjscan.exe
O4 – HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe
O4 – HKLM..Run: [LVCOMS] C:Program FilesCommon FilesLogitechQCDriver2LVCOMS.EXE
O4 – HKLM..Run: [SmcService] C:PROGRA~1SygateSPFsmc.exe –startgui
O4 – HKLM..Run: [AntyDialerTP] "c:program filesantydialer tpantydialertp.exe" tray
O4 – HKLM..RunOnce: [SpybotSnD] "C:Program FilesSpybot – Search & DestroySpybotSD.exe" /autocheck
O4 – HKCU..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NVMCTRAY.DLL,NvTaskbarInit
O4 – Global Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800–840dslmon.exe
O8 – Extra context menu item: Blokuj wszystkie obrazy z tego serwera – C:Program FilesAvant BrowserAddAllToADBlackList.htm
O8 – Extra context menu item: Dodaj do listy blokowanych reklam – C:Program FilesAvant BrowserAddToADBlackList.htm
O8 – Extra context menu item: Otwórz wszystkie adresy z tej strony... – C:Program FilesAvant BrowserOpenAllLinks.htm
O8 – Extra context menu item: Podświetl – C:Program FilesAvant BrowserHighlight.htm
O8 – Extra context menu item: Szukaj – C:Program FilesAvant BrowserSearch.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSsystem32msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSsystem32msjava.dll
O9 – Extra button: (no name) – {CD67F990–D8E9–11d2–98FE–00C0F0318AFE} – (no file)
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=36467&clcid=0x409
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 – HKLMSystemCCSServicesTcpip..{A136F758–6945–45CE–B3BD–BC731AABE51F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
O23 – Service: Symantec Password Validation – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedccPwdSvc.exe
O23 – Service: Norton AntiVirus Auto Protect Service – Symantec Corporation – C:Program FilesNorton AntiVirus avapsvc.exe
O23 – Service: Norton Unerase Protection – Symantec Corporation – C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
O23 – Service: NVIDIA Display Driver Service – NVIDIA Corporation – C:WINDOWSSystem32 vsvc32.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 – Service: Sygate Personal Firewall Pro – Sygate Technologies, Inc. – C:Program FilesSygateSPFSmc.exe
O23 – Service: Symantec Network Drivers Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 – Service: SymWMI Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe
sprawdzcie go bo nie wiem czy juz usunelam wszystko co powinnam...
Ps.raport scana antyvirusowego on–line:
Spyware:Spyware/YourSiteBar Nie wyleczalny C:Documents and SettingsAndziulkaaUstawienia lokalneTemporary Internet FilesContent.IE5AJEJAD6BCACLAJWZ.HTM
POMOZCIE...:(
Odpowiedzi: 4
To lepiej nie 8) dlatego pytam :wink:
marek321:
Co to jest?? wanado :wink:
C:PROGRA~1WanadooTaskbarIcon.exe
C:Program FilesWanadooEspaceWanadoo.exe
C:Program FilesWanadooComComp.exe
C:Program FilesWanadooWatch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooTaskbarIcon.exe
Od modemu neostrady. Lepiej tego nie ruszać.
Co to jest?? wanado :wink:
C:PROGRA~1WanadooTaskbarIcon.exe
C:Program FilesWanadooEspaceWanadoo.exe
C:Program FilesWanadooComComp.exe
C:Program FilesWanadooWatch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooTaskbarIcon.exe
Od modemu neostrady. Lepiej tego nie ruszać.
Wywal to
Co to jest?? wanado :wink:
Wywal to recznie z katalogu
O9 – Extra button: (no name) – {CD67F990–D8E9–11d2–98FE–00C0F0318AFE} – (no file)
Co to jest?? wanado :wink:
C:PROGRA~1WanadooTaskbarIcon.exe
C:Program FilesWanadooEspaceWanadoo.exe
C:Program FilesWanadooComComp.exe
C:Program FilesWanadooWatch.exe
O4 – HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WanadooTaskbarIcon.exe
Spyware:Spyware/YourSiteBar Nie wyleczalny C:Documents and SettingsAndziulkaaUstawienia lokalneTemporary Internet FilesContent.IE5AJEJAD6BCACLAJWZ.HTM
Wywal to recznie z katalogu
Strona 1 / 1