Coś mi system podupada
Na starcie IE sie włącza
Menedźer zadań nie włącza się
HiJack this nie kontaktuje
WTF can this be?
Menedźer zadań nie włącza się
HiJack this nie kontaktuje
WTF can this be?
Odpowiedzi: 4
Kumagoro, wychodzi na to źeś guzik usunął od tego czasu: http://forum.centrumxp.pl/viewtopic.php?p=269530
Jest i nowy śmieć:
Jest i nowy śmieć:
O4 – HKLM\..\Run: [Windows notepad] notpad.exe
O4 – HKLM\..\RunServices: [Windows notepad] notpad.exe
O4 – HKCU\..\Run: [Windows notepad] notpad.exe
O4 – HKCU\..\RunServices: [Windows notepad] notpad.exe
Fix:
O4 – HKLM\..\Run: [ntx32] F:\WINDOWS\System32\ntx32.exe
O4 – HKLM\..\Run: [wlsass] F:\WINDOWS\System32\wlsass.exe
O18 – Filter: text/html – (no CLSID) – (no file)
O23 – Service: fwnet64 (fwnet) – Unknown owner – F:\WINDOWS\fwnet64.exe
Pliki na czerwono ręcznie z dysku.
O włączeniu menedźera tutaj:
http://www.elektroda.pl/rtvforum/viewtopic.php?t=252742&highlight=mened%BFer+zada%F1
O4 – HKLM\..\Run: [ntx32] F:\WINDOWS\System32\ntx32.exe
O4 – HKLM\..\Run: [wlsass] F:\WINDOWS\System32\wlsass.exe
O18 – Filter: text/html – (no CLSID) – (no file)
O23 – Service: fwnet64 (fwnet) – Unknown owner – F:\WINDOWS\fwnet64.exe
Pliki na czerwono ręcznie z dysku.
O włączeniu menedźera tutaj:
http://www.elektroda.pl/rtvforum/viewtopic.php?t=252742&highlight=mened%BFer+zada%F1
Ehm, sorry, trochę skrótowe informacje ;)
Avast! wykrywa Win32:SdBot–2993 [Trj]
A to log zroiony w trybie awaryjnym
Logfile of HijackThis v1.99.1
Scan saved at 12:46:03, on 2005–12–31
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\Explorer.EXE
J:\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – F:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [IMJPMIG8.1] F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 – HKLM\..\Run: [MSPY2002] F:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 – HKLM\..\Run: [PHIME2002ASync] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 – HKLM\..\Run: [PHIME2002A] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 – HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 – HKLM\..\Run: [MBM 5] "F:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 – HKLM\..\Run: [DAEMON Tools–1033] "J:\daemon\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [WinampAgent] F:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [ntx32] F:\WINDOWS\System32\ntx32.exe
O4 – HKLM\..\Run: [WheelMouse] F:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 – HKLM\..\Run: [wlsass] F:\WINDOWS\System32\wlsass.exe
O4 – HKLM\..\Run: [Windows notepad] notpad.exe
O4 – HKLM\..\RunServices: [Windows notepad] notpad.exe
O4 – HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [STYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – HKCU\..\Run: [Konnekt] "j:\konekt\konnekt.exe" /autostart
O4 – HKCU\..\Run: [Windows notepad] notpad.exe
O4 – HKCU\..\RunServices: [Windows notepad] notpad.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – F:\Program Files\IrfanView\Ebay\Ebay.htm
O16 – DPF: {92ECE6FA–AC2E–4042–BFAE–0C8608E52A43} (SignActivX Control) – https://www.bph.pl/pi/components/SignActivX.cab
O18 – Filter: text/html – (no CLSID) – (no file)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: fwnet64 (fwnet) – Unknown owner – F:\WINDOWS\fwnet64.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: LicCtrl Service (LicCtrlService) – Unknown owner – F:\WINDOWS\runservice.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – F:\WINDOWS\System32\nvsvc32.exe
O23 – Service: StyleXPService – Unknown owner – F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – F:\WINDOWS\system32\ZONELABS\vsmon.exe
Avast! wykrywa Win32:SdBot–2993 [Trj]
A to log zroiony w trybie awaryjnym
Logfile of HijackThis v1.99.1
Scan saved at 12:46:03, on 2005–12–31
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
F:\WINDOWS\System32\smss.exe
F:\WINDOWS\system32\winlogon.exe
F:\WINDOWS\system32\services.exe
F:\WINDOWS\system32\lsass.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\system32\svchost.exe
F:\WINDOWS\Explorer.EXE
J:\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – F:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – F:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [IMJPMIG8.1] F:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE /Spoil /RemAdvDef /Migration32
O4 – HKLM\..\Run: [MSPY2002] F:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 – HKLM\..\Run: [PHIME2002ASync] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 – HKLM\..\Run: [PHIME2002A] F:\WINDOWS\System32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 – HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_04\bin\jusched.exe
O4 – HKLM\..\Run: [Zone Labs Client] F:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 – HKLM\..\Run: [MBM 5] "F:\Program Files\Motherboard Monitor 5\MBM5.EXE"
O4 – HKLM\..\Run: [DAEMON Tools–1033] "J:\daemon\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [WinampAgent] F:\Program Files\Winamp\winampa.exe
O4 – HKLM\..\Run: [avast!] F:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [NeroFilterCheck] F:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [ntx32] F:\WINDOWS\System32\ntx32.exe
O4 – HKLM\..\Run: [WheelMouse] F:\PROGRA~1\A4Tech\Mouse\Amoumain.exe
O4 – HKLM\..\Run: [wlsass] F:\WINDOWS\System32\wlsass.exe
O4 – HKLM\..\Run: [Windows notepad] notpad.exe
O4 – HKLM\..\RunServices: [Windows notepad] notpad.exe
O4 – HKCU\..\Run: [ctfmon.exe] F:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [STYLEXP] F:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – HKCU\..\Run: [Konnekt] "j:\konekt\konnekt.exe" /autostart
O4 – HKCU\..\Run: [Windows notepad] notpad.exe
O4 – HKCU\..\RunServices: [Windows notepad] notpad.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = F:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 – Global Startup: Adobe Reader Speed Launch.lnk = F:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – F:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – F:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – F:\Program Files\IrfanView\Ebay\Ebay.htm
O16 – DPF: {92ECE6FA–AC2E–4042–BFAE–0C8608E52A43} (SignActivX Control) – https://www.bph.pl/pi/components/SignActivX.cab
O18 – Filter: text/html – (no CLSID) – (no file)
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – F:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – F:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: fwnet64 (fwnet) – Unknown owner – F:\WINDOWS\fwnet64.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – F:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: LicCtrl Service (LicCtrlService) – Unknown owner – F:\WINDOWS\runservice.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – F:\WINDOWS\System32\nvsvc32.exe
O23 – Service: StyleXPService – Unknown owner – F:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – F:\WINDOWS\system32\ZONELABS\vsmon.exe
Tak, ja teź lubie kremówki :mrgreen:
Strona 1 / 1