moj log chociaź nie do końca wiem o co chodzi
Code
Logfile of HijackThis v1.99.1
Scan saved at 9:24:38 PM, on 7/29/2005
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\QuickTime\qttask.exe
C:\WINDOWS\system32\CTHELPER.EXE
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\PROGRA~1\AVPERS~1\AVGNT.EXE
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\PROGRA~1\AVPERS~1\AVSched32.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Creative\TaskBar\CTLTray.exe
C:\Program Files\Silicon Prairie Software\MemTurbo\MemTurbo.exe
C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
C:\Program Files\AVPersonal\AVGUARD.EXE
C:\WINDOWS\Microsoft.NET\Framework\v2.0.40607\aspnet_admin.exe
C:\Program Files\AVPersonal\AVWUPSRV.EXE
C:\WINDOWS\system32\drivers\CDAC11BA.EXE
C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\System32\CTsvcCDA.exe
C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\system32\tcpsvcs.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\System32\imapi.exe
C:\Program Files\ATI Technologies\ATI.ACE\cli.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\taskmgr.exe
C:\WINDOWS\explorer.exe
C:\Documents and Settings\paluch\Pulpit\HijackThis.exe
C:\WINDOWS\System32\svchost.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Lacza
O2 – BHO: (no name) – {A82BE883–EE51–4FAB–85B4–9432C6056673} – (no file)
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\NeroCheck.exe
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [WINDVDPatch] CTHELPER.EXE
O4 – HKLM\..\Run: [AVGCtrl] C:\PROGRA~1\AVPERS~1\AVGNT.EXE /min
O4 – HKLM\..\Run: [ATICCC] "C:\Program Files\ATI Technologies\ATI.ACE\cli.exe" runtime
O4 – HKLM\..\Run: [AVSCHED32] C:\PROGRA~1\AVPERS~1\AVSched32.EXE /min
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [TaskTray] "C:\Program Files\Creative\TaskBar\CTLTray.exe"
O4 – HKCU\..\Run: [TaskBar] "C:\Program Files\Creative\TaskBar\CTLTask.exe"
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 – Global Startup: MemTurbo.lnk = C:\Program Files\Silicon Prairie Software\MemTurbo\MemTurbo.exe
O4 – Global Startup: ATI CATALYST System Tray.lnk = C:\Program Files\ATI Technologies\ATI.ACE\CLI.exe
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {15589FA1–C456–11CE–BF01–000000000000} – http://www.errornuker.com/products/errn2004/installers/default/ErrorNukerInstaller.exe
O16 – DPF: {17492023–C23A–453E–A040–C7C580BBF700} (Windows Genuine Advantage Validation Tool) – http://go.microsoft.com/fwlink/?linkid=39204
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/funwebproducts/CursorManiaInitialSetup1.0.0.6.cab
O16 – DPF: {1DB3B8DD–5801–443F–B2D5–9BF8912B980E} (dmgrax2Ctrl Class) – http://www.lxsystems.com/downloads/Install.cab
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {41F17733–B041–4099–A042–B518BB6A408C} – http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 – DPF: {70BA88C8–DAE8–4CE9–92BB–979C4A75F53B} (GSDACtl Class) – http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 – DPF: {78AF2F24–A9C3–11D3–BF8C–0060B0FCC122} (AcDcToday Control) – file://C:\Program Files\AutoCAD 2002\AcDcToday.ocx
O16 – DPF: {AE1C01E3–0283–11D3–9B3F–00C04F8EF466} (HeartbeatCtl Class) – http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 – DPF: {AE563720–B4F5–11D4–A415–00108302FDFD} (NOXLATE–BANR) – file://C:\Program Files\AutoCAD 2002\InstBanr.ocx
O16 – DPF: {B8BE5E93–A60C–4D26–A2DC–220313175592} (ZoneIntro Class) – http://zone.msn.com/binFramework/v10/ZIntro.cab34246.cab
O16 – DPF: {C4925E65–7A1E–11D2–8BB4–00A0C9CC72C3} (Virtools WebPlayer Class) – http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 – DPF: {C6637286–300D–11D4–AE0A–0010830243BD} (InstaFred) – file://C:\Program Files\AutoCAD 2002\InstFred.ocx
O16 – DPF: {E5D419D6–A846–4514–9FAD–97E826C84822} (HeartbeatCtl Class) – http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 – DPF: {F281A59C–7B65–11D3–8617–0010830243BD} (AcPreview Control) – file://C:\Program Files\AutoCAD 2002\AcPreview.ocx
O17 – HKLM\System\CCS\Services\Tcpip\..\{02BF9870–EC8E–42E7–A31F–9F86702AC7F4}: NameServer = 192.168.1.1
O18 – Protocol: ms–help – {314111C7–A502–11D2–BBCA–00C04F8EC294} – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 – Filter: text/html – {8B49C8D4–0380–4053–9757–819E9AF60218} – (no file)
O18 – Filter: text/plain – {8B49C8D4–0380–4053–9757–819E9AF60218} – (no file)
O20 – Winlogon Notify: disk – C:\WINDOWS\
O20 – Winlogon Notify: style32 – C:\WINDOWS\system32\winstyle32.dll
O23 – Service: AntiVir Service (AntiVirService) – H+BEDV Datentechnik GmbH – C:\Program Files\AVPersonal\AVGUARD.EXE
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: AntiVir Update (AVWUpSrv) – H+BEDV Datentechnik GmbH, Germany – C:\Program Files\AVPersonal\AVWUPSRV.EXE
O23 – Service: C–DillaCdaC11BA – Macrovision – C:\WINDOWS\system32\drivers\CDAC11BA.EXE
O23 – Service: C–DillaSrv – C–Dilla Ltd – C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE
O23 – Service: Creative Service for CDROM Access – Creative Technology Ltd – C:\WINDOWS\System32\CTsvcCDA.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: SQL Server (SQLEXPRESS) (MSSQL$SQLEXPRESS) – Unknown owner – C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe" –sSQLEXPRESS (file missing)
O23 – Service: StyleXPService – Unknown owner – C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe (file missing)
.
Odpowiedzi: 6
dzięki za pomoc teraz juz wszystko gra...
Zaznacz w HiJacku i nacisnij przycisk FIX...
Odszukaj na dysku i usun jesli bedzie –> winstyle32.dll
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 – BHO: (no name) – {A82BE883–EE51–4FAB–85B4–9432C6056673} – (no file)
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O16 – DPF: {1D4DB7D2–6EC9–47A3–BD87–1E41684E07BB} – http://ak.imgfarm.com/images/nocache/funwebproducts/CursorManiaInitialSetup1.0.0.6.cab
O16 – DPF: {1DB3B8DD–5801–443F–B2D5–9BF8912B980E} (dmgrax2Ctrl Class) – http://www.lxsystems.com/downloads/Install.cab
O16 – DPF: {41F17733–B041–4099–A042–B518BB6A408C} – http://a1540.g.akamai.net/7/1540/52/20030530/qtinstall.info.apple.com/bonnie/us/win/QuickTimeInstaller.exe
O16 – DPF: {70BA88C8–DAE8–4CE9–92BB–979C4A75F53B} (GSDACtl Class) – http://launch.gamespyarcade.com/software/launch/alaunch.cab
O16 – DPF: {AE1C01E3–0283–11D3–9B3F–00C04F8EF466} (HeartbeatCtl Class) – http://fdl.msn.com/zone/datafiles/heartbeat.cab
O16 – DPF: {C4925E65–7A1E–11D2–8BB4–00A0C9CC72C3} (Virtools WebPlayer Class) – http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 – DPF: {E5D419D6–A846–4514–9FAD–97E826C84822} (HeartbeatCtl Class) – http://fdl.msn.com/zone/datafiles/heartbeat.cab
O18 – Filter: text/html – {8B49C8D4–0380–4053–9757–819E9AF60218} – (no file)
O18 – Filter: text/plain – {8B49C8D4–0380–4053–9757–819E9AF60218} – (no file)
O20 – Winlogon Notify: disk – C:\WINDOWS\
O20 – Winlogon Notify: style32 – C:\WINDOWS\system32\winstyle32.dll
Odszukaj na dysku i usun jesli bedzie –> winstyle32.dll
Hmm moźe poczytaj:
http://www.searchengines.pl/phpbb203/index.php?showtopic=31936
http://www.searchengines.pl/phpbb203/index.php?showtopic=31936
Hmm moźe poczytaj:
http://www.searchengines.pl/phpbb203/index.php?showtopic=31936
http://www.searchengines.pl/phpbb203/index.php?showtopic=31936
po włączeniu się windowsa (jest juz pulpit z ikonkami), gdy ładują sie jeszcze ostatnie programy ekran robi się czarny i moge ruszac tylko kursorem. po wcisnieciu magicznego ctrl+alt+del pojawia sie tapeta i mozna normalnie odpalic menadźera a w nim mozna wyłączyc explore.exe i jeszcze raz włączyc, wtedy pojawia się pulpit z ikonkami i przez kilka sekund wszystko działa (moźna odpalic np. internet explorera aby napisac tego posta) i się nagle zawiesza, mozna sobie klikac i nic. trzeba znów wcisnąc magiczną kombinację i odpalic menadźera, programy które zaczęły sie odpalac gdy pulpit działał przez te kilka sekund i które się zawiesiły, po ponownym wyłączeniu explorera "odwieszają się" i moźna nawet grac. stało się to ot tak i nie mam pojęcia o co chodzi. wirusów nie ma nowe drivery graficzne nie pomagają i tyle.
a jaki konkretnie masz problem z kompem źe dajesz loga??
Strona 1 / 1