">netoperek
2007-02-23 08:18:10 UTC
poni¿ej zamieszczam log z hijackthis zrobiony po czyszczeniu systemu
programem Spybot Serch & Destroy
Logfile of HijackThis v1.99.1
Scan saved at 09:09:09, on 2007-02-23
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Topro\tppoll.exe
C:\Program Files\Weather Watcher\ww.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\eMule\emule.exe
F:\zrzuty\programy\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
£±cza
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Skype add-on (mastermind) -
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda
Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [QuickTime Task]
"C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tppoll] C:\Program Files\Topro\tppoll.exe
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - Startup: Skrót do Neostrada TP.lnk = ?
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program
Files\ICQLite\ICQLite.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania
Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuwe
b_site.cab?1161111246726
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muwe
b_site.cab?1161111203324
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) -
http://runonce.msn.com/setacceptlang.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{65F8A0DD-46B4-4F1A-A333-DD3B3C2A39E7}:
NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program
Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software
International - C:\Program Files\Panda Software\Panda Antivirus
2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software -
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
.....................
niestety pomimo czyszcenia nic, absolutne zero. Nadal po zagooglowaniu, i
próbie otwarcia linka z listy wyników google np. w nowym oknie, strona
"przeskakuje" mi na adres losowo wybrany jakiej¶ tam witrryny.Wywali³em
rêcznie z ustawiñ po³±czenia adresy serwreów DNS które automatycznie mi siê
tam wpisa³y, ale nadal to g...no siedzi mi w kompie i przeszkadza w
u¿ytkowaniu internetu. Co prawda mogê po prostu klikn±æ wstecz, i mam
wy¶wietlon± strtonê któr± szuka³em, ale to chyba nie o to chodzi, ¿eby ca³y
czas tak klikaæ prawda? niestety nie posiadam sp2 wiêc mo¿e to przez to? Czy
w takim razie po wgraniu sp2 problem zniknie? Pros¿e pomó¿cie, problem
pojawia sie tylko przy googlowaniu, na innych stronach jest ok.
--
programem Spybot Serch & Destroy
Logfile of HijackThis v1.99.1
Scan saved at 09:09:09, on 2007-02-23
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\pavsrv51.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\wdfmgr.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\NEOSTR~1\CnxMon.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Panda Software\Panda Antivirus 2007\APVXDWIN.EXE
C:\Program Files\Topro\tppoll.exe
C:\Program Files\Weather Watcher\ww.exe
c:\program files\panda software\panda antivirus 2007\WebProxy.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\Program Files\eMule\emule.exe
F:\zrzuty\programy\hijackthis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
£±cza
O1 - Hosts: 66.98.148.65 auto.search.msn.com
O1 - Hosts: 66.98.148.65 auto.search.msn.es
O2 - BHO: Skype add-on (mastermind) -
{22BF413B-C6D2-4d91-82A9-A0F997BA588C} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Software\Panda
Antivirus 2007\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [QuickTime Task]
"C:\WINDOWS\system32\qttask.exe" -atboottime
O4 - HKLM\..\Run: [tppoll] C:\Program Files\Topro\tppoll.exe
O4 - HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 - Startup: Skrót do Neostrada TP.lnk = ?
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} -
C:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite -
{B863453A-26C3-4e1f-A54D-A2CD196348E9} - C:\Program
Files\ICQLite\ICQLite.exe
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage
Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania
Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuwe
b_site.cab?1161111246726
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) -
http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muwe
b_site.cab?1161111203324
O16 - DPF: {E6A3C1E2-F792-483E-9133-596215172BE9} (AcceptLang Class) -
http://runonce.msn.com/setacceptlang.cab
O17 -
HKLM\System\CCS\Services\Tcpip\..\{65F8A0DD-46B4-4F1A-A333-DD3B3C2A39E7}:
NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\
O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program
Files\Ahead\InCD\InCDsrv.exe
O23 - Service: LightScribeService Direct Disc Labeling Service
(LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common
Files\LightScribe\LSSrvc.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software
International - C:\Program Files\Panda Software\Panda Antivirus
2007\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software -
C:\Program Files\Panda Software\Panda Antivirus 2007\PsImSvc.exe
.....................
niestety pomimo czyszcenia nic, absolutne zero. Nadal po zagooglowaniu, i
próbie otwarcia linka z listy wyników google np. w nowym oknie, strona
"przeskakuje" mi na adres losowo wybrany jakiej¶ tam witrryny.Wywali³em
rêcznie z ustawiñ po³±czenia adresy serwreów DNS które automatycznie mi siê
tam wpisa³y, ale nadal to g...no siedzi mi w kompie i przeszkadza w
u¿ytkowaniu internetu. Co prawda mogê po prostu klikn±æ wstecz, i mam
wy¶wietlon± strtonê któr± szuka³em, ale to chyba nie o to chodzi, ¿eby ca³y
czas tak klikaæ prawda? niestety nie posiadam sp2 wiêc mo¿e to przez to? Czy
w takim razie po wgraniu sp2 problem zniknie? Pros¿e pomó¿cie, problem
pojawia sie tylko przy googlowaniu, na innych stronach jest ok.
--
netoperek<