tomq90 utworzono 20 lipca 2007 utworzono 20 lipca 2007 Proszę o sprawdzenie loga bo od jakiś 2 dni z mojim kompem jest coś nie halo Mam zamiar zrobić formata ale wolę spróbować najpierw z tym Przy normalnym surfowaniu po stronach i słuchaniu muzyki + włączone GG pożera 100% procka wcześniej tak nie było :/ Logfile of HijackThis v1.99.1Scan saved at 20:29:32, on 2007-07-20Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:WINDOWSSystem32smss.exeC:WINDOWSsystem32winlogon.exeC:WINDOWSsystem32services.exeC:WINDOWSsystem32lsass.exeC:WINDOWSsystem32Ati2evxx.exeC:WINDOWSsystem32svchost.exeC:WINDOWSSystem32svchost.exeC:WINDOWSsystem32Ati2evxx.exeC:WINDOWSsystem32spoolsv.exeC:WINDOWSExplorer.EXEC:Program FilesATI TechnologiesATI.ACEcli.exeC:WINDOWSsystem32RunDll32.exeC:Program FilesCommon FilesRealUpdate_OBrealsched.exeC:Program FilesJavajre1.6.0_01binjusched.exeC:WINDOWSsystem32ctfmon.exeC:Program FilesCommon FilesLightScribeLSSrvc.exeC:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exeC:WINDOWSsystem32svchost.exeC:WINDOWSsystem32wscntfy.exeD:ProgramyGadu-Gadugg.exeD:ProgramyWinampwinamp.exeD:ProgramyMozilla Firefoxfirefox.exeC:Documents and SettingsTomaszPulpitHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssbR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.bearshare.com/sidebar.html?src=ssbR1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.bearshare.com/sidebar.html?src=ssbR0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.bearshare.com/pl/R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssbR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaR3 - URLSearchHook: (no name) - {1BB22D38-A411-4B13-A746-C2A4F4EC7344} - (no file)O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:ProgramyFlashGetjccatch.dllO2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLLO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.6.0_01binssv.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:ProgramyFlashGetgetflash.dllO2 - BHO: XBTP01621 - {F6104497-54FD-4688-9162-5115CC8AB0FB} - C:PROGRA~1BEARSH~1BEARSH~1MediaBar.dllO3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:Program FilesBearShare applicationsBearShare MediaBarMediaBar.dllO3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLLO4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtimeO4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndO4 - HKLM..Run: [CM-SmWizard] C:WINDOWSSystemSmWizard.exeO4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osbootO4 - HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exeO4 - HKLM..Run: [sunJavaUpdateSched] "C:Program FilesJavajre1.6.0_01binjusched.exe"O4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exeO4 - HKCU..Run: [Gadu-Gadu] "D:ProgramyGadu-Gadugg.exe" /trayO4 - Startup: Adobe Gamma.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exeO4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exeO4 - Global Startup: Microsoft Office.lnk = D:ProgramyMicrosoft OfficeOffice10OSA.EXEO8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - D:ProgramyFlashGetjc_link.htmO8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - D:ProgramyFlashGetjc_all.htmO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:ProgramyMICROS~1Office10EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.6.0_01binssv.dllO9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:ProgramyFlashGetFlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:ProgramyFlashGetFlashGet.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - https://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cabO23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
CatchMe komentarz 21 lipca 2007 komentarz 21 lipca 2007 Zablokuj porty programami WWDC i Seconfig XP Użyj ComboFix i następnie skasuj te wpisy w HijackThis: R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://search.bearshare.com/sidebar.html?src=ssb R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://search.bearshare.com/sidebar.html?src=ssb R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://google.bearshare.com/pl/ R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://search.bearshare.com/sidebar.html?src=ssb O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} - C:Program FilesBearShare applicationsBearShare MediaBarMediaBar.dll O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:Program FilesMyGlobalSearchbar1.binMGSBAR.DLL - Wklej nowy log z HijackThis i nowy z ComboFix.
tomq90 komentarz 21 lipca 2007 Autor komentarz 21 lipca 2007 Zrobiłem formata i polokowałem teraz te rzeczy co kazałeś I logo z świeżo zainstalowanym systemem + programy Logfile of HijackThis v1.99.1Scan saved at 19:14:04, on 2007-07-21Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Running processes:C:WINDOWSSystem32smss.exeC:WINDOWSsystem32winlogon.exeC:WINDOWSsystem32services.exeC:WINDOWSsystem32lsass.exeC:WINDOWSsystem32Ati2evxx.exeC:WINDOWSsystem32svchost.exeC:WINDOWSSystem32svchost.exeC:WINDOWSsystem32spoolsv.exeC:WINDOWSsystem32Ati2evxx.exeC:WINDOWSsystem32RunDll32.exeC:Program FilesATI TechnologiesATI.ACEcli.exeC:WINDOWSsystem32ctfmon.exeC:Program FilesCommon FilesMicrosoft SharedVS7Debugmdm.exeC:WINDOWSsystem32wscntfy.exeC:WINDOWSexplorer.exeC:Program FilesCommon FilesRealUpdate_OBrealsched.exeD:ProgramyMozilla Firefoxfirefox.exeD:ProgramyHijackThisHijackThis.exeR0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaO2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - D:ProgramyFlashGetjccatch.dllO2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - D:ProgramyFlashGetgetflash.dllO4 - HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWndO4 - HKLM..Run: [CM-SmWizard] C:WINDOWSSystemSmWizard.exeO4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [ATICCC] "C:Program FilesATI TechnologiesATI.ACEcli.exe" runtimeO4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" -osbootO4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /autoO4 - HKCU..Run: [CTFMON.EXE] C:WINDOWSsystem32ctfmon.exeO4 - Global Startup: ATI CATALYST System Tray.lnk = C:Program FilesATI TechnologiesATI.ACECLI.exeO4 - Global Startup: Microsoft Office.lnk = D:ProgramyMicrosoft OfficeOffice10OSA.EXEO8 - Extra context menu item: &Ściągnij przy pomocy FlashGet'a - D:ProgramyFlashGetjc_link.htmO8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet'a - D:ProgramyFlashGetjc_all.htmO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:ProgramyMICROS~1Office10EXCEL.EXE/3000O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:ProgramyFlashGetFlashGet.exeO9 - Extra 'Tools' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - D:ProgramyFlashGetFlashGet.exeO9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:Program FilesMessengermsmsgs.exeO23 - Service: Adobe LM Service - Adobe Systems - C:Program FilesCommon FilesAdobe Systems SharedServiceAdobelmsvc.exeO23 - Service: Ati HotKey Poller - Unknown owner - C:WINDOWSsystem32Ati2evxx.exeO23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exeO23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:Program FilesCommon FilesLightScribeLSSrvc.exe
Wciąż szukasz rozwiązania problemu? Napisz teraz na forum!
Możesz zadać pytanie bez konieczności rejestracji - wystarczy, że wypełnisz formularz.