Dziwny błyskajacy ekranik dosa...
Witam! 8)
Mam to od dwoch dni..
Przy pracy na komputerze przeblyskuje mi co jakis czas taki maly ekranik dosa..
Jakby jakis program pod dosem, ale trudno mi sprawdzic co to, bo to trwa jakas sekunde moze nawet mniej.
Pojawia sie z czestotliwoscia co..no ja wiem jakies 3–4minuty.
Co to moze byc?
Albo jak to wykryc?Przyznam sie ze nie mam zielonego pojecia jak to spowodowalam :?
Dzieki z gory za odpowiedz.
Mam to od dwoch dni..
Przy pracy na komputerze przeblyskuje mi co jakis czas taki maly ekranik dosa..
Jakby jakis program pod dosem, ale trudno mi sprawdzic co to, bo to trwa jakas sekunde moze nawet mniej.
Pojawia sie z czestotliwoscia co..no ja wiem jakies 3–4minuty.
Co to moze byc?
Albo jak to wykryc?Przyznam sie ze nie mam zielonego pojecia jak to spowodowalam :?
Dzieki z gory za odpowiedz.
Odpowiedzi: 18
@sicilpol: Trzeba by niebywałej celnosci aby strzelic i utrafic w problem
– zamykaj po kolei procesy i zobacz czy efekt ustepuje (svchost, winlogon i inne systemowe zostaw)
– otworz i zamknij wiersz polecen (start/uruchom/cmd)
– odpal w awaryjnym i sprawdz czy "mryga"
– zamykaj po kolei procesy i zobacz czy efekt ustepuje (svchost, winlogon i inne systemowe zostaw)
– otworz i zamknij wiersz polecen (start/uruchom/cmd)
– odpal w awaryjnym i sprawdz czy "mryga"
Proszeee pomozcie :?
ie wiem czy dobrze zrobilam
ale screen z menedzera jest tutaj:
http://img236.exs.cx/my.php?loc=img236&image=image10el.jpg
Pomocy ciagne migaaaaa...
W zasadzie nic sie zlego nie dzieje, ale przeciez nie w tym rzecz by to tak zostawic :?
ale screen z menedzera jest tutaj:
http://img236.exs.cx/my.php?loc=img236&image=image10el.jpg
Pomocy ciagne migaaaaa...
W zasadzie nic sie zlego nie dzieje, ale przeciez nie w tym rzecz by to tak zostawic :?
Bobi_robert:
Załaczniki chwilowo wyłaczone
Czyli niedługo będą znów :) Ciesze się
Jakieś przeciąźenia serwera były przez nie ?? :D
PS. Kiedyś byłem na tym forum i moźna było dodawać obrazki. Albo jestem ślepy albo tego niema ??
Czemu ? :roll:
Załaczniki chwilowo wyłaczone
Chodzi Ci o to, źeby pokazać ten obrazek tutaj, na forum ?? Jeśli tak, wejdź na Tą stronę, następnie podaj miejsce gdzie znajduje się obrazek, kliknij host it!, a następnie wklej do odpowiedzi 2 wynik.
Niewiem czy o to ci chodziło, ale jeśli nawet nie to i tak się przyda.
PS. Kiedyś byłem na tym forum i moźna było dodawać obrazki. Albo jestem ślepy albo tego niema ??
Czemu ? :roll:
Niewiem czy o to ci chodziło, ale jeśli nawet nie to i tak się przyda.
PS. Kiedyś byłem na tym forum i moźna było dodawać obrazki. Albo jestem ślepy albo tego niema ??
Czemu ? :roll:
aaa no i nie wiem jak przetransportowac obrazek mojego menedzera tutaj :oops:
Tak to wyglada:
Logfile of HijackThis v1.99.1
Scan saved at 17:51:26, on 2005–03–06
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WeatherCast\Weather.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\YHsmiles\YHsmiles.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ania\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Welcome Anna!
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 – HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O4 – Startup: Desktop Calendar StartUp.lnk = C:\Documents and Settings\Ania\Moje dokumenty\Direct Connect Downloads\Complete\Kalendarz PL\Kalendarz PL.exe
O4 – Startup: Yahoo hidden smileys.lnk = C:\Program Files\YHsmiles\YHsmiles.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 – Global Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {B9191F79–5613–4C76–AA2A–398534BB8999} – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {CFCDAA03–8BE4–11CF–B84B–0020AFBBCCFA} – http://activex.microsoft.com/objects/ocget.dll
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/insaniquarium/popcaploader_v6.cab
O16 – DPF: {F58E1CEF–A068–4C15–BA5E–587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{0303DB38–7085–4063–8B39–7F54D774B75F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Norton AntiVirus Auto–Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc (SPBBCSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A zescreenowac sie nie da bo to cos jakby blysk... nie widac czy cos jest napisane ani co to, ale niewatpliwe to okienko dosowskie.
Blyska nawet gdy nic nie robie co jakies 2–3min :(
Logfile of HijackThis v1.99.1
Scan saved at 17:51:26, on 2005–03–06
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WeatherCast\Weather.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\YHsmiles\YHsmiles.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\Ania\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Welcome Anna!
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_06\bin\jusched.exe
O4 – HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O4 – Startup: Desktop Calendar StartUp.lnk = C:\Documents and Settings\Ania\Moje dokumenty\Direct Connect Downloads\Complete\Kalendarz PL\Kalendarz PL.exe
O4 – Startup: Yahoo hidden smileys.lnk = C:\Program Files\YHsmiles\YHsmiles.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 – Global Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O16 – DPF: {B9191F79–5613–4C76–AA2A–398534BB8999} – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {CFCDAA03–8BE4–11CF–B84B–0020AFBBCCFA} – http://activex.microsoft.com/objects/ocget.dll
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/insaniquarium/popcaploader_v6.cab
O16 – DPF: {F58E1CEF–A068–4C15–BA5E–587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{0303DB38–7085–4063–8B39–7F54D774B75F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Norton AntiVirus Auto–Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc (SPBBCSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
A zescreenowac sie nie da bo to cos jakby blysk... nie widac czy cos jest napisane ani co to, ale niewatpliwe to okienko dosowskie.
Blyska nawet gdy nic nie robie co jakies 2–3min :(
Czep sie kurna tramwaja – gusioo Ci powie w ktorym miejscu najlepiej :P .
Czep się na rondzie tramwaja nr. 16 to do rynku spokojnie zajedziesz ;)
Pozdrawiam.
A moj kochany weather tez bym musiala wyrzucic?
WeatherCast to znany szpieg ale skoro sie przywiazałas to masz dylemat. Ja bym wypitolił :P
Sprobuj ten ekranik w jakis sposob "zescreenowac"
Obrazek w menadzera zadan tez by sie przydał bo HJT czasem nie wszystko pokazuje
Aha tego wpisu nie usuniesz Hijackiem, chyba ze nowa wersja 1.99.1 ma naprawionego tego buga, ale obcielas log i nie widac wersji
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
:arrow: Usun recznie w rejestrze z HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
Czep sie kurna tramwaja – gusioo Ci powie w ktorym miejscu najlepiej :P .EL NINO – ales gafe szczelił :mrgreen:
P.S. Tez se zmienie nicka na EL MARIA i niech sie ktory pomyli :mrgreen: .
Wylacz sobie przywracanie
Zakoncz procesy:
Weather.exe
Usun z dysku:
C:\Program Files\WeatherCast
Zaznaczasz i FIX CHECKED:
EL NINO – ales gafe szczelił :mrgreen:
Kurna tylko nie pisz – jak ??
Zakoncz procesy:
Weather.exe
Usun z dysku:
C:\Program Files\WeatherCast
Zaznaczasz i FIX CHECKED:
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O3 – Toolbar: (no name) – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – (no file)
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O4 – HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O9 – Extra button: (no name) – SolidConverterPDF – (no file) (HKCU)
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.kazaalite.pl/stats/loudklite.chm::/bridge–c46.cab
O16 – DPF: {DB893839–10F0–4AF9–92FA–B23528F530AF} – http://deposito.hostance.net/dialer/607342.exe
EL NINO – ales gafe szczelił :mrgreen:
Kurna tylko nie pisz – jak ??
Dziekuje za podpowiedz :D
Oto on:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WeatherCast\Weather.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\YHsmiles\YHsmiles.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\Documents and Settings\Ania\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Welcome Anna!
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: (no name) – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – (no file)
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 – HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O4 – Startup: Desktop Calendar StartUp.lnk = C:\Documents and Settings\Ania\Moje dokumenty\Direct Connect Downloads\Complete\Kalendarz PL\Kalendarz PL.exe
O4 – Startup: Yahoo hidden smileys.lnk = C:\Program Files\YHsmiles\YHsmiles.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 – Global Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra button: (no name) – SolidConverterPDF – (no file) (HKCU)
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.kazaalite.pl/stats/loudklite.chm::/bridge–c46.cab
O16 – DPF: {B9191F79–5613–4C76–AA2A–398534BB8999} – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {CFCDAA03–8BE4–11CF–B84B–0020AFBBCCFA} – http://activex.microsoft.com/objects/ocget.dll
O16 – DPF: {DB893839–10F0–4AF9–92FA–B23528F530AF} – http://deposito.hostance.net/dialer/607342.exe
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/insaniquarium/popcaploader_v6.cab
O16 – DPF: {F58E1CEF–A068–4C15–BA5E–587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{0303DB38–7085–4063–8B39–7F54D774B75F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Norton AntiVirus Auto–Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc (SPBBCSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
No nie wiem...ja sie nie wyznaje na tym nic a nic... :oops:
Z gory dzieki ze na to ktos spojrzy :D
Oto on:
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\WeatherCast\Weather.exe
C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\YHsmiles\YHsmiles.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Microsoft SQL Server\MSSQL\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\Program Files\Wanadoo\EspaceWanadoo.exe
C:\Program Files\Wanadoo\ComComp.exe
C:\Program Files\Wanadoo\Watch.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jucheck.exe
C:\Documents and Settings\Ania\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Welcome Anna!
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 – Toolbar: (no name) – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – (no file)
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\system32\msdxm.ocx
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 – HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 – HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe
O4 – HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 – HKCU\..\Run: [WeatherCast] C:\Program Files\WeatherCast\Weather.exe /q
O4 – Startup: Desktop Calendar StartUp.lnk = C:\Documents and Settings\Ania\Moje dokumenty\Direct Connect Downloads\Complete\Kalendarz PL\Kalendarz PL.exe
O4 – Startup: Yahoo hidden smileys.lnk = C:\Program Files\YHsmiles\YHsmiles.exe
O4 – Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800–840\dslmon.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O4 – Global Startup: zone alarm.lnk = C:\Program Files\Zone Labs\ZoneAlarm\zonealarm.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra 'Tools' menuitem: Yahoo! Messenger – {E5D12C4E–7B4F–11D3–B5C9–0050045C3C96} – C:\PROGRA~1\Yahoo!\MESSEN~1\YPager.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra 'Tools' menuitem: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\MSMSGS.EXE
O9 – Extra button: (no name) – SolidConverterPDF – (no file) (HKCU)
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.kazaalite.pl/stats/loudklite.chm::/bridge–c46.cab
O16 – DPF: {B9191F79–5613–4C76–AA2A–398534BB8999} – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {CFCDAA03–8BE4–11CF–B84B–0020AFBBCCFA} – http://activex.microsoft.com/objects/ocget.dll
O16 – DPF: {DB893839–10F0–4AF9–92FA–B23528F530AF} – http://deposito.hostance.net/dialer/607342.exe
O16 – DPF: {DF780F87–FF2B–4DF8–92D0–73DB16A1543A} (PopCapLoader Object) – http://download.games.yahoo.com/games/web_games/popcap/insaniquarium/popcaploader_v6.cab
O16 – DPF: {F58E1CEF–A068–4C15–BA5E–587CAF3EE8C6} (MSN Chat Control 4.5) – http://chat.msn.com/bin/msnchat45.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{0303DB38–7085–4063–8B39–7F54D774B75F}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: Symantec Event Manager (ccEvtMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Symantec Settings Manager (ccSetMgr) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 – Service: Norton AntiVirus Auto–Protect Service (navapsvc) – Symantec Corporation – C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 – Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) – Symantec Corporation – C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 – Service: SAVScan – Symantec Corporation – C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 – Service: ScriptBlocking Service (SBService) – Symantec Corporation – C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 – Service: Symantec Network Drivers Service (SNDSrvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 – Service: Symantec SPBBCSvc (SPBBCSvc) – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 – Service: Symantec Core LC – Symantec Corporation – C:\Program Files\Common Files\Symantec Shared\CCPD–LC\symlcsvc.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
No nie wiem...ja sie nie wyznaje na tym nic a nic... :oops:
Z gory dzieki ze na to ktos spojrzy :D
moze przesle liste moich procesow, ale nie wiem jak to przekopiowac... :oops:
– Hijack This
– screen z menadzera zadań...
moze przesle liste moich procesow, ale nie wiem jak to przekopiowac... :oops:
Sprawdzilbys sobie w Task manadzerze co masz uruchomione, sprawdzilbys w autostarcie, msconfigu, sprawdzilbys harmonogram zadan.
przeskanowalam i nic :(
A jak miga tak miga :(
Jak wyweszyc co to?
No i co to moze byc????
Buuuuuuuuu
A jak miga tak miga :(
Jak wyweszyc co to?
No i co to moze byc????
Buuuuuuuuu
przeskanowalam i nic :(
A jak miga tak miga :(
Jak wyweszyc co to?
No i co to moze byc????
Buuuuuuuuu
A jak miga tak miga :(
Jak wyweszyc co to?
No i co to moze byc????
Buuuuuuuuu
Strona 1 / 1