Oglądasz wypowiedzi znalezione dla frazy: Microsoft Office Template
Temat: Wysuwajace sie cd-romy
Tak to wyglada:
Logfile of HijackThis v1.97.7
Scan saved at 17:02:51, on 2004-05-18
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32LEXBCES.EXE
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32LEXPPS.EXE
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton AntiVirus
avapsvc.exe
C:Program FilesNorton AntiVirusAdvToolsNPROTECT.EXE
C:WINDOWSSystem32
vsvc32.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32ONELABSvsmon.exe
C:WINDOWSExplorer.EXE
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:WINDOWSSystem32CTHELPER.EXE
C:PROGRA~1ONELA~1ONEAL~1zlclient.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:WINDOWSSystem32RunDLL32.exe
C:Program FilesOpera7Opera.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesMessengermsmsgs.exe
C:Documents and SettingsadminPulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.wp.pl/
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 10.1.1.1:8080
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O1 - Hosts: 217.96.35.130 auto.search.msn.com
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 6.0ReaderActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:PROGRA~1FLASHGETjccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:Program FilesNorton AntiVirusNavShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:PROGRA~1FLASHGETfgiebar.dll
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec SharedccApp.exe"
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec SharedccRegVfy.exe"
O4 - HKLM..Run: [Advanced Tools Check] C:PROGRA~1NORTON~1AdvToolsADVCHK.EXE
O4 - HKLM..Run: [WINDVDPatch] CTHELPER.EXE
O4 - HKLM..Run: [Jet Detection] "C:Program FilesCreativeSBLivePROGRAMADGJDet.exe"
O4 - HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [Zone Labs Client] C:PROGRA~1ONELA~1ONEAL~1zlclient.exe
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [NvMediaCenter] RunDLL32.exe NvMCTray.dll,NvTaskbarInit
O4 - Global Startup:
Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 - Extra context menu item: E&ksport do programu
Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:Program FilesFlashGetjc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:Program FilesFlashGetjc_all.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O9 - Extra button: FlashGet (HKLM)
O9 - Extra 'Tools' menuitem: &FlashGet (HKLM)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (
Microsoft Office Template and Media Control) -
office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) -
www.cult3d.com/download/cult.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
Przeczytaj wszystkie posty z tego wątku
Temat: HijackThis
"MichaÂł Biek" <m@coi.pw.edu.pl.invalidskrev i meddelandet
Newspupil as :: Solana :: via <solana@hotmail.NO-SPAM.comwith the
tick <:">news:d105ol$sv4$1@news.onet.pl>:
| Jesli ktos bylby taki mily i rozszyfrowal mi reszte raportu HijackThis
| [...]
Now is playing ...:-)
"The last that ever she saw him.....
Dzieki :-)
Dawaj toto. Ino nie plik, tylko jego treœÌ! I wytnij wszystko jw.!
OK:
Logfile of HijackThis v1.97.7
Scan saved at 15:44:39, on 2005-03-13
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:WINNTSystem32smss.exe
D:WINNTsystem32winlogon.exe
D:WINNTsystem32services.exe
D:WINNTsystem32lsass.exe
D:WINNTsystem32svchost.exe
D:WINNTsystem32spoolsv.exe
D:ProgramAlwil SoftwareAvast4aswUpdSv.exe
D:ProgramAlwil SoftwareAvast4ashServ.exe
D:WINNTsystem32driversCDAC11BA.EXE
D:WINNTsystem32DRIVERSCDANTSRV.EXE
D:WINNTsystem32cisvc.exe
D:WINNTsystem32svchost.exe
D:WINNTsystem32
vsvc32.exe
D:WINNTsystem32
egsvc.exe
D:WINNTsystem32MSTask.exe
D:WINNTsystem32stisvc.exe
D:WINNTSystem32WBEMWinMgmt.exe
D:WINNTsystem32svchost.exe
D:WINNTExplorer.EXE
D:WINNTTBPanel.exe
D:ProgramTiscali SETiscali ADSL Bredbandfts.exe
D:ProgramAlwil SoftwareAvast4ashMaiSv.exe
D:ProgramJavaj2re1.4.2_06injusched.exe
D:WINNTsystem32spooldriversw32x863hpztsb07.exe
D:ProgramAheadInCDInCD.exe
D:ProgramDelade filerRealUpdate_OB
ealsched.exe
D:WINNTsystem32internat.exe
D:ProgramGadu-Gadugg.exe
D:ProgramLogitechSetPointKEM.exe
D:ProgramExif LauncherQuickDCF.exe
D:ProgramLogitechSetPointKHALMNPR.EXE
D:ProgramInternet ExplorerIEXPLORE.EXE
D:ProgramMicrosoft OfficeOfficeWINWORD.EXE
D:WINNTmsagentAgentSvr.exe
D:WINNTwinhlp32.exe
D:WINNTsystem32cidaemon.exe
D:ProgramInternet Exploreriexplore.exe
D:ProgramOutlook Expressmsimn.exe
D:WINNTsystem32
otepad.exe
D:WINNT
otepad.exe
E:DocumentsProgramsHijackThis.exe
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = localhost
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
Länkar
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
D:ProgramAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
D:ProgramSPYBOT~1SDHelper.dll
O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
d:programgooglegoogletoolbar1.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio -
{8E718888-423F-11D2-876E-00A0C9082467} - D:WINNTsystem32msdxm.ocx
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} -
d:programgooglegoogletoolbar1.dll
O4 - HKLM..Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM..Run: [Gainward] D:WINNTTBPanel.exe /A
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE
D:WINNTsystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [SunJavaUpdateSched]
D:ProgramJavaj2re1.4.2_06injusched.exe
O4 - HKLM..Run: [HPDJ Taskbar Utility]
D:WINNTsystem32spooldriversw32x863hpztsb07.exe
O4 - HKLM..Run: [avast!] D:ProgramALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [TkBellExe] "D:ProgramDelade
filerRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [RegShave] C:Progra~1REGSHAVEREGSHAVE.EXE /autorun
O4 - HKCU..Run: [internat.exe] internat.exe
O4 - HKCU..Run: [LDM] ProgramBackWeb-8876480.exe
O4 - Startup: SpySubtract.lnk = D:ProgramSpySubtractSpySub.exe
O4 - Global Startup: Logitech Desktop Messenger.lnk =
D:ProgramLogitechDesktop Messenger8876480ProgramLDMConf.exe
O4 - Global Startup: SpySubtract.lnk = D:ProgramSpySubtractSpySub.exe
O8 - Extra context menu item: &Google Search -
res://D:ProgramGoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: Backward &Links -
res://D:ProgramGoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cac&hed Snapshot of Page -
res://D:ProgramGoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: Si&milar Pages -
res://D:ProgramGoogleGoogleToolbar1.dll/cmsimilar.html
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (Microsoft Office Template
and Media Control) - http://office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} (QuickTime Object) -
http://www.apple.com/qtactivex/qtplugin.cab
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} (Shockwave ActiveX
Control) - http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus
scanner) -
http://security.symantec.com/sscv6/SharedContent/vc/bin/AvSniff.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
http://download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-...
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) -
http://security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
---
Przed chwila skanowalam wszystkie dyski online,
http://security.symantec.com/ i dostalaminf o nast wirusach/trojanach:
D:WINNTDownloaded Program FilesWinTaskAdX.dll is infected with
Adware.SyncroAd
D:WINNTDownloaded Program FilesWinTaskAdX.dll is infected with
Packed.Adware
D:WINNTsystem32TFTP560 is infected with W32.Spybot.Worm
Jak to jest mozliwe? Nie otwieram zalacznikow, nie surfuje po "zakazanych"
stronach ;-), mam pelna (???) ochrone - co mozna zrobic jeszcze???
Serdecznie dziekuje!
magda
Przeczytaj wszystkie posty z tego wątku
Temat: Hj
Hj
A może Pan sprawdzic tez moj ??
Z gory wielkie dzieki :))
Logfile of HijackThis v1.97.7
Scan saved at 23:45:53, on 2004-05-06
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesSymantec SharedccEvtMgr.exe
C:Program FilesNorton SystemWorksNorton AntiVirus
avapsvc.exe
C:Program FilesNorton SystemWorksNorton UtilitiesNPROTECT.EXE
C:PROGRA~1NORTON~1SPEEDD~1
opdb.exe
C:Program FilesCommon FilesRealUpdate_OB
ealsched.exe
C:Program FilesBrowser MouseBrowser Mouse1.0lwbwheel.exe
C:Program FilesCommon FilesSymantec SharedccApp.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesWirtualna PolskaWPKontaktWPKontakt.exe
C:Program FilesInternet Exploreriexplore.exe
C:Documents and SettingsAguśPulpitHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.onet.pl/
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
res://C:PROGRA~1Toolbar oolbar.dll/sa
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,SearchAssistant =
www.websearch.com/ie.aspx?tb_id=50007
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,CustomizeSearch =
res://C:PROGRA~1Toolbar oolbar.dll/sa
R3 - URLSearchHook: (no name) - {8952A998-1E7E-4716-B23D-3DBE03910972} - (no
file)
O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-
5838F569A31D} - C:Program FilesMyWebSearchSrchAstt1.binMWSSRCAS.DLL
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:Program
FilesMyWebSearchar1.binMWSBAR.DLL
O2 - BHO: (no name) - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:PROGRA~1
COMMON~1RealToolbar
ealbar.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:Program
FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} -
C:Program FilesNorton SystemWorksNorton AntiVirusNavShExt.dll
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -
C:Program FilesMyWebSearchar1.binMWSBAR.DLL
O3 - Toolbar: REALBAR - {4E7BD74F-2B8D-469E-C0FF-FD60B590A87D} - C:PROGRA~1
COMMON~1RealToolbar
ealbar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: (no name) - {339BB23F-A864-48C0-A59F-29EA915965EC} - (no file)
O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon
FilesRealUpdate_OB
ealsched.exe" -osboot
O4 - HKLM..Run: [LWBMOUSE] C:Program FilesBrowser MouseBrowser Mouse1.0
lwbwheel.exe
O4 - HKLM..Run: [ccRegVfy] "C:Program FilesCommon FilesSymantec
SharedccRegVfy.exe"
O4 - HKLM..Run: [ccApp] "C:Program FilesCommon FilesSymantec
SharedccApp.exe"
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O8 - Extra context menu item: Download with GetRight - C:Program
FilesGetRightGRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - C:Program
FilesGetRightGRbrowse.htm
O9 - Extra 'Tools' menuitem: Sun Java Console (HKLM)
O16 - DPF: {0000000A-0000-0010-8000-00AA00389B71} -
download.microsoft.com/download/d/4/4/d446e8a9-3a86-4b59-bb19-f5bd11b40367/wmavax.CAB
O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} (
Microsoft Office Template
and Media Control) -
office.microsoft.com/templates/ieawsdc.cab
O16 - DPF: {17D72920-7A15-11D4-921E-0080C8DA7A5E} (AimSp32 Class) -
makeover.substance.com/save/makeover.cab
O16 - DPF: {19E28AFC-EAE3-4CE5-AC83-2407B42F57C9} (MSSecurityAdvisor Class) -
download.microsoft.com/download/0/5/c/05c905f4-dd30-427d-a3de-373c3e5552fc/msSecAdv.cab?1083755681499
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} (Fun Web Products Installer
Start) -
imgfarm.com/images/nocache/funwebproducts/MailStampInitialSetup1.0.0.5.cab
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) -
poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
207.188.7.150/27b3c08acb9d38aed220/netzip/RdxIE601.cab
O16 - DPF: {7B297BFD-85E4-4092-B2AF-16A91B2EA103} (WScanCtl Class) -
www3.ca.com/virusinfo/webscan.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38081.5404513889
O16 - DPF: {A8658086-E6AC-4957-BC8E-7D54A7E8A78E} (SassCln Object) -
www.microsoft.com/security/controls/SassCln.CAB
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
Przeczytaj wszystkie posty z tego wątku
zanotowane.pldoc.pisz.plpdf.pisz.plerfly06132.opx.pl