Prosze o sprawdzenie loga
Witam nie moge zmienic tapety na kompie
Ponizej przedstawiam loga
Logfile of HijackThis v1.99.1
Scan saved at 22:10:43, on 2006–04–16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOCUME~1\Tomek\USTAWI~1\Temp\Rar$EX65.672\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {196B9CB5–4C83–46F7–9B06–9672ECD9D99B} – C:\WINDOWS\system32\winbrume.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 – HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Research – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE12\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145208922453
O17 – HKLM\System\CCS\Services\Tcpip\..\{BE7A444B–7C61–46AB–8F22–D555F1BDFC03}: NameServer = 80.85.224.2,80.85.224.50
O18 – Protocol: ms–help – {314111C7–A502–11D2–BBCA–00C04F8EC294} – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 – Filter hijack: text/xml – {807563E5–5146–11D5–A672–00B0D022E945} – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ConfigFree Service (CFSvcs) – TOSHIBA CORPORATION – C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 – Service: DVD–RAM_Service – Matsushita Electric Industrial Co., Ltd. – C:\WINDOWS\system32\DVDRAMSV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Ponizej przedstawiam loga
Logfile of HijackThis v1.99.1
Scan saved at 22:10:43, on 2006–04–16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\WINDOWS\system32\DVDRAMSV.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\ZoneLabs\vsmon.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Eset\nod32.exe
C:\Program Files\Opera\Opera.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\DOCUME~1\Tomek\USTAWI~1\Temp\Rar$EX65.672\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {196B9CB5–4C83–46F7–9B06–9672ECD9D99B} – C:\WINDOWS\system32\winbrume.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_03\bin\jusched.exe
O4 – HKLM\..\Run: [nod32kui] C:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Zone Labs Client] C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
O4 – HKLM\..\Run: [CloneCDTray] "C:\Program Files\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar2.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&xport to Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE12\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\j2re1.4.2_03\bin\npjpi142_03.dll
O9 – Extra button: Research – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE12\REFIEBAR.DLL
O9 – Extra button: eBay – Homepage – {EF79EAC5–3452–4E02–B8BD–BA4C89F1AC7A} – C:\Program Files\IrfanView\Ebay\Ebay.htm
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe (file missing)
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1145208922453
O17 – HKLM\System\CCS\Services\Tcpip\..\{BE7A444B–7C61–46AB–8F22–D555F1BDFC03}: NameServer = 80.85.224.2,80.85.224.50
O18 – Protocol: ms–help – {314111C7–A502–11D2–BBCA–00C04F8EC294} – C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 – Filter hijack: text/xml – {807563E5–5146–11D5–A672–00B0D022E945} – C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O23 – Service: Ati HotKey Poller – Unknown owner – C:\WINDOWS\system32\Ati2evxx.exe
O23 – Service: ConfigFree Service (CFSvcs) – TOSHIBA CORPORATION – C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 – Service: DVD–RAM_Service – Matsushita Electric Industrial Co., Ltd. – C:\WINDOWS\system32\DVDRAMSV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: TrueVector Internet Monitor (vsmon) – Zone Labs, LLC – C:\WINDOWS\system32\ZoneLabs\vsmon.exe
Odpowiedzi: 1
Witam, witam :P
http://forum.centrumxp.pl/viewtopic.php?t=29728
faq 31. – na tapete.
Wywal
winstall.exe – usuń, równieź z dysku.
http://forum.centrumxp.pl/viewtopic.php?t=29728
faq 31. – na tapete.
Wywal
O2 – BHO: (no name) – {196B9CB5–4C83–46F7–9B06–9672ECD9D99B} – C:\WINDOWS\system32\winbrume.dll
winstall.exe – usuń, równieź z dysku.
Strona 1 / 1