Sprawdzcie mi loga


(romankul) #1

Logfile of HijackThis v1.99.0

Scan saved at 21:34:10, on 2005-01-08

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Mixer.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE

C:\Program Files\DeskAd Service\DeskAdServ.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\DeskAd Service\DeskAdKeep.exe

C:\Program Files\REALTEK Semiconductor Corp\REALTEK RTL8180 Wireless LAN Driver and Utility\RtlWake.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe

E:\Programy\Microsoft AntiSpyware\gcasDtServ.exe

E:\Programy\Microsoft AntiSpyware\gcasServ.exe

C:\WINDOWS\system32\winse.exe

C:\WINDOWS\ievq.exe

E:\Programy\Lavasoft\Ad-aware 6\Ad-watch.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Roman\Pulpit\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - Default URLSearchHook is missing

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programy\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {877180E2-E50E-B6C8-70AE-236CC50DEFE9} - C:\WINDOWS\ntkh.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\pl-pl\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s

O4 - HKLM..\Run: [Ad-watch] "E:\Programy\Lavasoft\Ad-aware 6\Ad-watch.exe"

O4 - HKCU..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Programy\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: RtlWake.lnk = ?

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O15 - Trusted Zone: *.awmdabest.com

O15 - Trusted Zone: *.frame.crazywinnings.com

O15 - Trusted Zone: *.scoobidoo.com

O15 - Trusted Zone: *.static.topconverting.com

O15 - Trusted Zone: *.awmdabest.com (HKLM)

O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)

O15 - Trusted Zone: *.scoobidoo.com (HKLM)

O15 - Trusted Zone: *.static.topconverting.com (HKLM)

O15 - Trusted IP range: 206.161.125.149

O15 - Trusted IP range: 206.161.125.149 (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 4589822280

O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4. ... egular.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab

O17 - HKLM\System\CCS\Services\Tcpip..{C99BF7B2-0C7B-4520-AB5C-B317EC9179AD}: NameServer = 194.204.159.1

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Panda Process Protection Service - Unknown - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe

O23 - Service: Panda IManager Service - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe


(Lolyt Xd) #2

Jeśli nie znasz usuń.


(romankul) #3

Znam.A poza tym wszystko w porzadku??


(Lolyt Xd) #4

Hm... wiesz zostawie to specjalistom czyli Shark zwroc sie do niego :smiley:


(Dragonlnx) #5

To jest "mixer" karty dźwiękowej ...

Specjaliste :oops:

Jeżeli nie używasz Messengera usuwasz:

O4 - HKCU..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

Usuwasz obowiązkowo:

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C**** :\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C**** :\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C**** :\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C**** :\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C**** :\WINDOWS\udsjn.dll/sp.html#93256

O15 - Trusted Zone: *.awmdabest.com

O15 - Trusted Zone: *.frame.crazywinnings.com

O15 - Trusted Zone: *.scoobidoo.com

O15 - Trusted Zone: *.static.topconverting.com

O15 - Trusted Zone: *.awmdabest.com (HKLM)

O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)

O15 - Trusted Zone: *.scoobidoo.com (HKLM)

O15 - Trusted Zone: *.static.topconverting.com (HKLM)

O15 - Trusted IP range: 206.161.125.149

O15 - Trusted IP range: 206.161.125.149 (HKLM)

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v ... 4589822280

O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4. ... egular.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMe ... loader.cab

Później robisz obydwa skany :

..::mks_vir::..

http://skaner.mks.com.pl

..::GeCAD (RAV)::..

http://www.ravantivirus.com/scan/

Programami:

Ad-Aware Se Personal

CWShredder 2.0

ETD Security Scanner 3.0 - Antyszpieg

PestPatrol

Opis Konfiguracji PestPatrol'a

Spybot -Search & Destroy

I dajesz jeszcze raz log !


(Aminokwasy) #6

C:\Program Files\DeskAd Service\DeskAdKeep.exe

C:\Program Files\DeskAd Service\DeskAdServ.exe

usun to tez i wyszukaj w kompie czy nie masz pliku Sahagent

Pozdro :smiley: :smiley: :smiley:


(Aminokwasy) #7

a i jeszcze

C:\WINDOWS\ievq.exe

:smiley: :smiley: :smiley:


(Adarek) #8

To co to jest ????

Nie !!

A opisać co sie dzieje z kompem to już nie raczysz ????? !!

Wyłacz przywracanie systemu.

Start kompa do awaryjnego.

Usuń :

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\btxwl.dll/sp.html#93256 

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\btxwl.dll/sp.html#93256 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\udsjn.dll/sp.html#93256 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\udsjn.dll/sp.html#93256 

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\udsjn.dll/sp.html#93256 

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza 

R3 - Default URLSearchHook is missing 

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programy\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll 

O2 - BHO: (no name) - {877180E2-E50E-B6C8-70AE-236CC50DEFE9} - C:\WINDOWS\ntkh.dll

Wyrejestruj z systemu ntkh.dll Start - uruchom - regsvr32 \u C:\WINDOWS\System32\ tu wpisujesz nazwe pliku - i klikasz Teraz w szukaj go wpisz , znajdz i usuń. szukaj w ukrytych. Dalej

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)

 O4 - Global Startup: RtlWake.lnk = ? 

O15 - Trusted Zone: *.awmdabest.com 

O15 - Trusted Zone: *.frame.crazywinnings.com 

O15 - Trusted Zone: *.scoobidoo.com 

O15 - Trusted Zone: *.static.topconverting.com 

O15 - Trusted Zone: *.awmdabest.com (HKLM) 

O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM) 

O15 - Trusted Zone: *.scoobidoo.com (HKLM) 

O15 - Trusted Zone: *.static.topconverting.com (HKLM) 

O15 - Trusted IP range: 206.161.125.149 

O15 - Trusted IP range: 206.161.125.149 (HKLM)

Przeleć system programem CWShredder 2.12

I daj nowego loda do sprawdzenia :smiley:

I za dużo anty wirów .Albo Norton albo Panda !!

A i tak żaden cie nie uchronił. :smiley:


(romankul) #9

Czytaj uwaznie to bedziesz wiedzial co to jest mixer.Shark napisal.Z kompem dzieje sie to ze jest zainstalowany Home Search i nie da sie go odinstalowac.Cwshredder juz mi saknowal i na razie nie bardzo pomoglo.A nortona juz nie mam! !!


(romankul) #10

Obecnie log wyglada tak:

Logfile of HijackThis v1.99.0

Scan saved at 22:15:11, on 2005-01-08

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

C:\WINDOWS\Mixer.exe

C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE

C:\Program Files\DeskAd Service\DeskAdServ.exe

C:\WINDOWS\System32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\DeskAd Service\DeskAdKeep.exe

C:\Program Files\REALTEK Semiconductor Corp\REALTEK RTL8180 Wireless LAN Driver and Utility\RtlWake.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe

C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\AVENGINE.EXE

C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\WebProxy.exe

E:\Programy\Microsoft AntiSpyware\gcasDtServ.exe

E:\Programy\Microsoft AntiSpyware\gcasServ.exe

C:\WINDOWS\system32\winse.exe

C:\WINDOWS\ievq.exe

E:\Programy\Lavasoft\Ad-aware 6\Ad-watch.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Documents and Settings\Roman\Pulpit\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\btxwl.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = res://C:\WINDOWS\udsjn.dll/sp.html#93256

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - Default URLSearchHook is missing

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Programy\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: (no name) - {877180E2-E50E-B6C8-70AE-236CC50DEFE9} - C:\WINDOWS\ntkh.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll

O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\pl-pl\msntb.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll

O4 - HKLM\..\Run: [C-Media Mixer] Mixer.exe /startup

O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe

O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\APVXDWIN.EXE" /s

O4 - HKLM\..\Run: [Ad-watch] "E:\Programy\Lavasoft\Ad-aware 6\Ad-watch.exe"

O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background

O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\MSN Messenger\msnmsgr.exe" /background

O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - Global Startup: Adobe Reader Speed Launch.lnk = E:\Programy\Adobe\Acrobat 7.0\Reader\reader_sl.exe

O4 - Global Startup: Microsoft Office.lnk = E:\Programy\Microsoft Office\Office10\OSA.EXE

O4 - Global Startup: RtlWake.lnk = ?

O8 - Extra context menu item: &Google Search - res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html

O8 - Extra context menu item: Backward Links - res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html

O8 - Extra context menu item: Cached Snapshot of Page - res://c:\program files\google\GoogleToolbar2.dll/cmcache.html

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://E:\Programy\MICROS~1\Office10\EXCEL.EXE/3000

O8 - Extra context menu item: Similar Pages - res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html

O8 - Extra context menu item: Translate into English - res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html

O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_link.htm

O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\Program Files\FlashGet\jc_all.htm

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\MSMSGS.EXE

O15 - Trusted Zone: *.frame.crazywinnings.com

O15 - Trusted Zone: *.static.topconverting.com

O15 - Trusted Zone: *.frame.crazywinnings.com (HKLM)

O15 - Trusted Zone: *.static.topconverting.com (HKLM)

O16 - DPF: {771A1334-6B08-4A6B-AEDC-CF994BA2CEBE} (Installer Class) - http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} (MsnMessengerSetupDownloadControl Class) - http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{C99BF7B2-0C7B-4520-AB5C-B317EC9179AD}: NameServer = 194.204.159.1

O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Network Proxy - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Password Validation - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe

O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: Panda Process Protection Service - Unknown - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe

O23 - Service: Panda anti-virus service - Unknown - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\pavsrv51.exe

O23 - Service: Panda IManager Service - Panda Software Internacional - C:\Program Files\Panda Software\Panda Titanium Antivirus 2004\PsImSvc.exe

O23 - Service: Symantec Network Drivers Service - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

I uzywam messengera! !!


(Lolyt Xd) #11

Usuń pliki i w hijack'u usun te wpisy !!


(Aminokwasy) #12

a po wejsciu na dysk C nie pojawil Ci sie folder Temp

Michu juz mu to pisalem jakbys nie zauwazyl


(romankul) #13

POJAWIŁ!

A sluchajcie jak ja mam usunac te pliki w dosie bo normalnie to one sie nie daja usunac?Tzn wiem jak wlaczyc dosa ale ja bawilem sie w dosa kilka lat temu.Teraz nic nie pamietam.Startuje mi z C:\document and settings\roman;Co trzeba powpisywac aby dojsc do tych plikow i je usunac??


(Aminokwasy) #14

Hehe no to tam siedza mali agenci

wcisnij alt Ctrl delet i wylacz te procesy ktorych pliki znajduja sie w folderze Temp nastepnie usun ten folder

i jeszcze chyba proces bundle.exe wylacz ten proces

i usun ten plik

powinien byc w Documentand setings /uzytkownik/ustawienia loklane/Temp

:smiley: :smiley: :smiley:


(romankul) #15

Pliki ktore sa w tempie nie ma w procesach.A tego pliku bundle tez nie ma w procesach.


(Aminokwasy) #16

a te pliki Desk ad service sa normalnie na liscie w dodaj usun

wystarczy je odinstalowac

ale najpier usunu to co pisale wczesniej


(romankul) #17

Z panelu nie da sie odinstalowac.A z dosa to pisalem dwa posty temu cos.Przeczytaj.I prosze o kolejne rady.


(romankul) #18

A usuniecie samego tego tempa w trybie awaryjnym nie wystarczy??


(fiesta) #19

romankul

Od czego masz icon_edit.gif

Nie pisz kilku postów pod sobą tylko edytuj już istniejący :!:


(Aminokwasy) #20

a co dokladnie co jest w tym tempie naipisz