Coś mi się przykleiło do kompa !!! Proszę o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 16:56:56, on 2006–03–16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\WgaTray.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\POBIERANIE\hijackthis.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 – HKLM\..\Run: [Personal Firewall] D:\Program Files\Lavasoft\Personal Firewall\lpfw.exe /waitservice
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: BlueSoleil.lnk = D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O12 – Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142276517357
O20 – AppInit_DLLs: D:\PROGRA~1\Lavasoft\PERSON~1\wl_hook.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 – Service: AVG E–mail Scanner (AVGEMS) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 – Service: BlueSoleil Hid Service – Unknown owner – D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 – Service: ewido security suite control – ewido networks – D:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: Lavasoft Personal Firewall Service (LavasoftFirewall) – Agnitum Ltd. – D:\Program Files\Lavasoft\Personal Firewall\lpfw.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Scan saved at 16:56:56, on 2006–03–16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
D:\Program Files\ewido anti–malware\ewidoctrl.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\Program Files\QuickTime\qttask.exe
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\WgaTray.exe
D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\POBIERANIE\hijackthis.com
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = localhost
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: Adobe PDF Reader Link Helper – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – D:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [AVG7_CC] C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 – HKLM\..\Run: [Personal Firewall] D:\Program Files\Lavasoft\Personal Firewall\lpfw.exe /waitservice
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Gadu–Gadu] "D:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – Global Startup: Adobe Reader Speed Launch.lnk = D:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 – Global Startup: BlueSoleil.lnk = D:\Program Files\IVT Corporation\BlueSoleil\BlueSoleil.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://C:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://C:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://C:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://C:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://C:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O12 – Plugin for .pdf: C:\Program Files\Internet Explorer\PLUGINS\nppdf32.dll
O16 – DPF: {6E32070A–766D–4EE6–879C–DC1FA91D2FC3} (MUWebControl Class) – http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1142276517357
O20 – AppInit_DLLs: D:\PROGRA~1\Lavasoft\PERSON~1\wl_hook.dll
O20 – Winlogon Notify: WgaLogon – C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 – Service: AVG7 Alert Manager Server (Avg7Alrt) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 – Service: AVG7 Update Service (Avg7UpdSvc) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 – Service: AVG E–mail Scanner (AVGEMS) – GRISOFT, s.r.o. – C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 – Service: BlueSoleil Hid Service – Unknown owner – D:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 – Service: ewido security suite control – ewido networks – D:\Program Files\ewido anti–malware\ewidoctrl.exe
O23 – Service: Lavasoft Personal Firewall Service (LavasoftFirewall) – Agnitum Ltd. – D:\Program Files\Lavasoft\Personal Firewall\lpfw.exe
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Odpowiedzi: 10
Specjalnie, "dla nauki" się poświęciłem ;) i uruchomiłem IE (na codzień uźywam Opery 9.02 TP) i zalogowałem się na forum z uźyciem ciastka. Nie mogłem się zalogować dopiero na najwyźszym poziomie (blokuj wszysko):) . Zresztą w moim firewalu mam zablokowane 3rd party cookies, usuwanie private header information i web bags. A mimo to nie mam klopotów z logowaniem. Pozdrowienia ;)
Nie pisalem o "Tracking Cookie" a o ustawieniach. Beda wyzsze, beda problemy z ciachami.
Tracking Cookie nie "zajmują" się logowaniem do witryn ,a raczej persistent cookie.
No jasne. A pozniej beda posty o tym, ze nigdzie sie nie mozna zalogowac :wink: .w84u:
...podnieś poziom Ustawień na Średnio wysoki lub Wysoki.
Tracking Cookie to ciasteczka śledzące miejsca twoich odwiedzin w Internecie. Poniewaź uźywasz IE, więc Narzędzia, Opcje Internetowe, Prywatność – podnieś poziom Ustawień na Średnio wysoki lub Wysoki.
Chodzisz po necie ? Chodzisz. Otwierasz rozne strony ? Otwierasz. No i kurna za kazdym otwarciem strony, zapisuje sie takie ciacho na dysku. Dlatego "zawsze cos znajdzie".
wiec czemu zawsze cos znajdzie w tych plikach ????
POZDRAWIAM
POZDRAWIAM
Toz to nie infekcje. To tylko cookies. Spij spokojnie.
Wyszły takie infekcje:
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
ewido anti–malware – Scan report
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
+ Created on: 20:28:15, 2006–03–16
+ Report–Checksum: C9696617
+ Scan result:
C:\Documents and Settings\Beata.JANOSIK\Cookies\beata@my.adocean[1].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@ad.adocean[2].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@gde.adocean[2].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@microsoftwga.112.2o7[2].txt –> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@my.adocean[1].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@tradedoubler[2].txt –> TrackingCookie.Tradedoubler : Cleaned with backup
::Report End
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
ewido anti–malware – Scan report
–––––––––––––––––––––––––––––––––––––––––––––––––––––––––
+ Created on: 20:28:15, 2006–03–16
+ Report–Checksum: C9696617
+ Scan result:
C:\Documents and Settings\Beata.JANOSIK\Cookies\beata@my.adocean[1].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@ad.adocean[2].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@gde.adocean[2].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@microsoftwga.112.2o7[2].txt –> TrackingCookie.2o7 : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@my.adocean[1].txt –> TrackingCookie.Adocean : Cleaned with backup
C:\Documents and Settings\Marcin.JANOSIK\Cookies\marcin@tradedoubler[2].txt –> TrackingCookie.Tradedoubler : Cleaned with backup
::Report End
Odklej. Jak nie bedzie schodziło to spirytusem, tylko skromnie bo on cenny jest :wink:Coś mi się przykleiło do kompa
Czemu taki goły post? Bez opisu? Jakieś samodzielne próbu zostaly podjęte?
IMO w logu czysto.
Podaj co się dzieje z komputerem to moźe coś poradzimy.
Strona 1 / 1