pozostałości pandy

[gamafino]

witam jak pozbyć się już od dawna nieistniejącej holernej Pandy,która pokazuje mi się przy starcie kompa? plis o sugestie

[gamafino]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.0
Scan saved at 01:50:08, on 2007-01-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe
C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesJavajre1.5.0_06injusched.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesHPDigital Imaginginhpqgalry.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesInternet Exploreriexplore.exe
D:InstgalkiHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe /r
O4 - HKLM..Run: [OpwareSE2] "C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHPHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [SpyEmergency] "C:Program FilesSpy Emergency 2005SpyEmergency.exe"
O4 - HKCU..Run: [SpamBully 3 for Outlook Express] "C:Program FilesAxawareSpam Bully 3 for OEsb3oe.exe" install
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:Program FilesHPDigital Imaginginhpqthb08.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:Program FilesGoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:Program FilesGoogleGoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:Program FilesGoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:Program FilesGoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://C:Program FilesGoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:Program FilesGoogleGoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O23 - Service: avast! iAVS4 Control Service - Unknown - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
O23 - Service: InstallDriver Table Manager - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}
"MSMSGS" = ""C:Program FilesMessengermsmsgs.exe" /background" [MS]
"SpyEmergency" = ""C:Program FilesSpy Emergency 2005SpyEmergency.exe"" [file not found]
"SpamBully 3 for Outlook Express" = ""C:Program FilesAxawareSpam Bully 3 for OEsb3oe.exe" install" [file not found]
"updateMgr" = ""C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1" ["Adobe Systems Incorporated"]
"Gadu-Gadu" = ""C:Program FilesGadu-Gadugg.exe" /tray" ["sms-express.com"]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}
"CTSysVol" = "C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe /r" ["Creative Technology Ltd"]
"OpwareSE2" = ""C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"" ["ScanSoft, Inc."]
"RemoteControl" = ""C:Program FilesCyberLinkPowerDVDPDVDServ.exe"" ["Cyberlink Corp."]
"avast!" = "C:PROGRA~1ALWILS~1Avast4ashDisp.exe" [null data]
"HP Software Update" = ""C:Program FilesHPHP Software UpdateHPWuSchd2.exe"" ["Hewlett-Packard Company"]
"SunJavaUpdateSched" = "C:Program FilesJavajre1.5.0_06injusched.exe" ["Sun Microsystems, Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)
  -> {HKLM...CLSID} = "AcroIEHlprObj Class"
                   InProcServer32(Default) = "C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll" ["Adobe Systems Incorporated"]
{6A373B7E-496E-424f-A9BE-486A5E9AB018}(Default) = (no title provided)
  -> {HKLM...CLSID} = "BitComet Toolbar Helper"
                   InProcServer32(Default) = "C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll" [null data]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
  -> {HKLM...CLSID} = "SSVHelper Class"
                   InProcServer32(Default) = "C:Program FilesJavajre1.5.0_06inssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided)
  -> {HKLM...CLSID} = "Google Toolbar Helper"
                   InProcServer32(Default) = "c:program filesgooglegoogletoolbar1.dll" ["Google Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
                   InProcServer32(Default) = "deskpan.dll" [file not found]

[JarekMk]

Daj nowego loga stąd: https://www.instalki.pl/programy/downlo ... kThis.html

Bo masz starą wersje programu

[gamafino]

Kod: Zaznacz wszystko

Logfile of HijackThis v1.99.1
Scan saved at 09:27:39, on 2007-01-05
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
C:Program FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSsystem32MsPMSPSv.exe
C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe
C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:PROGRA~1ALWILS~1Avast4ashDisp.exe
C:Program FilesHPHP Software UpdateHPWuSchd2.exe
C:Program FilesJavajre1.5.0_06injusched.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesGadu-Gadugg.exe
C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe
C:Program FilesAlwil SoftwareAvast4ashWebSv.exe
C:Program FilesHPDigital Imaginginhpqgalry.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesInternet Exploreriexplore.exe
D:InstgalkihijackthisHijackThis.exe

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: BitComet Toolbar Helper - {6A373B7E-496E-424f-A9BE-486A5E9AB018} - C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_06inssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:program filesgooglegoogletoolbar1.dll
O3 - Toolbar: Easy-WebPrint - {327C2873-E90D-4c37-AA9D-10AC9BABA46C} - C:Program FilesCanonEasy-WebPrintToolband.dll
O3 - Toolbar: BitComet Toolbar - {2E608F70-C430-4bc5-96F6-608E02EBA5B2} - C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:program filesgooglegoogletoolbar1.dll
O4 - HKLM..Run: [CTSysVol] C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe /r
O4 - HKLM..Run: [OpwareSE2] "C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"
O4 - HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 - HKLM..Run: [avast!] C:PROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [HP Software Update] "C:Program FilesHPHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 - HKCU..Run: [SpyEmergency] "C:Program FilesSpy Emergency 2005SpyEmergency.exe"
O4 - HKCU..Run: [SpamBully 3 for Outlook Express] "C:Program FilesAxawareSpam Bully 3 for OEsb3oe.exe" install
O4 - HKCU..Run: [updateMgr] "C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1
O4 - HKCU..Run: [Gadu-Gadu] "C:Program FilesGadu-Gadugg.exe" /tray
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = C:Program FilesHPDigital Imaginginhpqthb08.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:Program FilesAdobeAcrobat 7.0Reader
eader_sl.exe
O8 - Extra context menu item: &Google Search - res://C:Program FilesGoogleGoogleToolbar1.dll/cmsearch.html
O8 - Extra context menu item: &Translate English Word - res://C:Program FilesGoogleGoogleToolbar1.dll/cmwordtrans.html
O8 - Extra context menu item: Backward Links - res://C:Program FilesGoogleGoogleToolbar1.dll/cmbacklinks.html
O8 - Extra context menu item: Cached Snapshot of Page - res://C:Program FilesGoogleGoogleToolbar1.dll/cmcache.html
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2OFFICE11EXCEL.EXE/3000
O8 - Extra context menu item: Easy-WebPrint Add To Print List - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_AddToList.html
O8 - Extra context menu item: Easy-WebPrint High Speed Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_HSPrint.html
O8 - Extra context menu item: Easy-WebPrint Preview - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Preview.html
O8 - Extra context menu item: Easy-WebPrint Print - res://C:Program FilesCanonEasy-WebPrintResource.dll/RC_Print.html
O8 - Extra context menu item: Similar Pages - res://C:Program FilesGoogleGoogleToolbar1.dll/cmsimilar.html
O8 - Extra context menu item: Translate Page into English - res://C:Program FilesGoogleGoogleToolbar1.dll/cmtrans.html
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:PROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exe
O20 - Winlogon Notify: WgaLogon - WgaLogon.dll (file missing)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:Program FilesAlwil SoftwareAvast4aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:Program FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver1050Intel 32IDriverT.exe

to też może się przyda :grin:                                             "Silent Runners.vbs", revision 49, http://www.silentrunners.org/
Operating System: Windows XP SP2
Output limited to non-default values, except where indicated by "{++}"


Startup items buried in registry:
---------------------------------

HKCUSoftwareMicrosoftWindowsCurrentVersionRun {++}
"MSMSGS" = ""C:Program FilesMessengermsmsgs.exe" /background" [MS]
"SpyEmergency" = ""C:Program FilesSpy Emergency 2005SpyEmergency.exe"" [file not found]
"SpamBully 3 for Outlook Express" = ""C:Program FilesAxawareSpam Bully 3 for OEsb3oe.exe" install" [file not found]
"updateMgr" = ""C:Program FilesAdobeAcrobat 7.0ReaderAdobeUpdateManager.exe" AcRdB7_0_7 -reboot 1" ["Adobe Systems Incorporated"]
"Gadu-Gadu" = ""C:Program FilesGadu-Gadugg.exe" /tray" ["sms-express.com"]

HKLMSoftwareMicrosoftWindowsCurrentVersionRun {++}
"CTSysVol" = "C:Program FilesCreativeSB Live! 24-bitSurround MixerCTSysVol.exe /r" ["Creative Technology Ltd"]
"OpwareSE2" = ""C:Program FilesScanSoftOmniPageSE2.0OpwareSE2.exe"" ["ScanSoft, Inc."]
"RemoteControl" = ""C:Program FilesCyberLinkPowerDVDPDVDServ.exe"" ["Cyberlink Corp."]
"avast!" = "C:PROGRA~1ALWILS~1Avast4ashDisp.exe" [null data]
"HP Software Update" = ""C:Program FilesHPHP Software UpdateHPWuSchd2.exe"" ["Hewlett-Packard Company"]
"SunJavaUpdateSched" = "C:Program FilesJavajre1.5.0_06injusched.exe" ["Sun Microsystems, Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionExplorerBrowser Helper Objects
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}(Default) = (no title provided)
  -> {HKLM...CLSID} = "AcroIEHlprObj Class"
                   InProcServer32(Default) = "C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll" ["Adobe Systems Incorporated"]
{6A373B7E-496E-424f-A9BE-486A5E9AB018}(Default) = (no title provided)
  -> {HKLM...CLSID} = "BitComet Toolbar Helper"
                   InProcServer32(Default) = "C:Program FilesBitComet Toolbarv2.0.0.4BitComet_Toolbar.dll" [null data]
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided)
  -> {HKLM...CLSID} = "SSVHelper Class"
                   InProcServer32(Default) = "C:Program FilesJavajre1.5.0_06inssv.dll" ["Sun Microsystems, Inc."]
{AA58ED58-01DD-4d91-8333-CF10577473F7}(Default) = (no title provided)
  -> {HKLM...CLSID} = "Google Toolbar Helper"
                   InProcServer32(Default) = "c:program filesgooglegoogletoolbar1.dll" ["Google Inc."]

HKLMSoftwareMicrosoftWindowsCurrentVersionShell ExtensionsApproved
"{42071714-76d4-11d1-8b24-00a0c9068ff3}" = "Rozszerzenie CPL kadrowania wyświetlania"
  -> {HKLM...CLSID} = "Rozszerzenie CPL kadrowania wyświetlania"
                   InProcServer32(Default) = "deskpan.dll" [file not found]
"{88895560-9AA2-1069-930E-00AA0030EBC8}" = "Rozszerzenie ikony HyperTerminalu"
  -> {HKLM...CLSID} = "HyperTerminal Icon Ext"
                   InProcServer32(Default) = "C:WINDOWSsystem32hticons.dll" ["Hilgraeve, Inc."]