Witam, najsampierw chciałbym przedstawić mój problem. Otóż po włączeniu komputera (nie zawsze) na dolnym pasku pojawia mi się program mixer.exe. Nie mogę go wyłączyć inaczej, jak tylko przez alt+ctrl+del. Wkurza to trochę…
A poniżej zamieszczam log do sprawdzenia:
Logfile of HijackThis v1.99.1 Scan saved at 23:45:08, on 2007-04-25 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\windows\System32\smss.exe C:\windows\system32\winlogon.exe C:\windows\system32\services.exe C:\windows\system32\lsass.exe C:\windows\system32\svchost.exe C:\windows\System32\svchost.exe C:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe C:\windows\Explorer.EXE C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe C:\windows\system32\WgaTray.exe C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe C:\windows\system32\spoolsv.exe C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe C:\Program Files\internet\Kerio\Personal Firewall 4\kpf4ss.exe C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe C:\Program Files\internet\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\internet\Kerio\Personal Firewall 4\kpf4gui.exe C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE C:\windows\system32\svchost.exe C:\windows\system32\ntvdm.exe C:\PROGRA~1\Keyboard\Ikeymain.exe C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\windows\system32\VTTimer.exe C:\Program Files\PWN\Definicje\Bin\Starter.exe C:\Program Files\Common Files\Symantec Shared\ccApp.exe C:\Program Files\muzyka\iTunes\iTunesHelper.exe C:\Program Files\Mouse Driver\MouseDrv.exe C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe C:\PROGRA~1\Muzyka\MUSICM~1\MMDiag.exe C:\Program Files\iPod\bin\iPodService.exe C:\Program Files\Two Pilots\Document2PDF Pilot 2.2 TRIAL\printer\d2pdfagent.exe C:\windows\system32\ctfmon.exe C:\Program Files\NARZĘDZIA\Weather Watcher\ww.exe C:\Program Files\Muzyka\Musicmatch Jukebox\mim.exe C:\Program Files\GRAFIKA\ScreenshotCaptor\ScreenshotCaptor.exe C:\Program Files\Save\Save.exe C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe C:\Program Files\D-Link AirPlus\AirPlus.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe C:\Program Files\Common Files\Palo Alto Software\8.0\PAS8_Update.exe C:\Program Files\MagicDisc\MagicDisc.exe C:\PROGRA~1\NARZDZ~1\DesktopX\dxwidget.exe C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE C:\PROGRA~1\NARZDZ~1\DesktopX\dxwidget.exe C:\PROGRA~1\NARZDZ~1\DesktopX\dxwidget.exe C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\windows\system32\wuauclt.exe C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprblog.exe C:\Program Files\Java\jre1.5.0_10\bin\jucheck.exe C:\Program Files\Mozilla Firefox\firefox.exe C:\Documents and Settings\Leszczynek.LAS-167909DEE8C\Pulpit\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\PCHealth\HelpCtr\System\panels\blank.htm R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = : R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza F3 - REG:win.ini: load=c:\progra~1\watch.exe O2 - BHO: HelperObject Class - {00C6482D-C502-44C8-8409-FCE54AD9C208} - C:\Program Files\TechSmith\SnagIt 8\SnagItBHO.dll O2 - BHO: ICOOExternal Class - {0519A9C9-064A-4cbc-BC47-D0EACD581477} - C:\Program Files\internet\ICOO Loader\addons\icooue.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: bho2gr Class - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - C:\Program Files\INTERNET\GetRight\xx2gr.dll O2 - BHO: ICOODManager Class - {465A59EC-20E5-4fca-A38A-E5EC3C480218} - C:\Program Files\internet\ICOO Loader\addons\icoou.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\INTERNET\FlashGet\jccatch.dll O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll O2 - BHO: TGTSoft Explorer Toolbar Changer - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O2 - BHO: AlxTB BHO - {F1FABE79-25FC-46de-8C5A-2C6DB9D64333} - C:\windows\system32\AlxTB2.dll O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - C:\Program Files\Norton SystemWorks\Norton AntiVirus\NavShExt.dll O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - C:\PROGRA~1\INTERNET\FlashGet\fgiebar.dll O3 - Toolbar: Alexa - {3CEFF6CD-6F08-4e4d-BCCD-FF7415288C3B} - C:\windows\system32\SHDOCVW.DLL O3 - Toolbar: SnagIt - {8FF5E183-ABDE-46EB-B09E-D2AAB95CABE3} - C:\Program Files\TechSmith\SnagIt 8\SnagItIEAddin.dll O4 - HKLM…\Run: [iKeyWorks] C:\PROGRA~1\Keyboard\Ikeymain.exe O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe” O4 - HKLM…\Run: [C-Media Mixer] Mixer.exe /startup O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.5.0_10\bin\jusched.exe” O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKLM…\Run: [VTTimer] VTTimer.exe O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [MimBoot] C:\PROGRA~1\Muzyka\MUSICM~1\mimboot.exe O4 - HKLM…\Run: [DemonStarter] C:\Program Files\PWN\Definicje\Bin\Starter.exe O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe” O4 - HKLM…\Run: [iTunesHelper] “C:\Program Files\muzyka\iTunes\iTunesHelper.exe” O4 - HKLM…\Run: [QuickTime Task] “C:\Program Files\QuickTime\qttask.exe” -atboottime O4 - HKLM…\Run: [CreativeMouse] C:\Program Files\Mouse Driver\MouseDrv.exe O4 - HKLM…\Run: [WireLessKeyboard] C:\Program Files\Multimedia Keyboard\PS2USBKbdDrv.exe O4 - HKLM…\Run: [sony Ericsson PC Suite] “C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe” /startoptions O4 - HKLM…\Run: [Document2PDF printing agent] “C:\Program Files\Two Pilots\Document2PDF Pilot 2.2 TRIAL\printer\d2pdfagent.exe” O4 - HKCU…\Run: [CTFMON.EXE] C:\windows\system32\ctfmon.exe O4 - HKCU…\Run: [WeatherWatcher] C:\Program Files\NARZĘDZIA\Weather Watcher\ww.exe O4 - HKCU…\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU…\Run: [screenshot Captor] “C:\Program Files\GRAFIKA\ScreenshotCaptor\ScreenshotCaptor.exe” /autorun O4 - HKCU…\Run: [speedX] C:\PROGRA~1\NARZDZ~1\Speed-X\SpeedX.exe O4 - HKCU…\Run: [WhenUSave] “C:\Program Files\Save\Save.exe” O4 - HKCU…\Run: [stefan] C:\Program Files\INTERNET\Stefan\Stefan.exe O4 - HKCU…\Run: [ADS] C:\Windows\ADS.exe O4 - HKCU…\Run: [AnyDVD] C:\Program Files\SlySoft\AnyDVD\AnyDVD.exe O4 - Startup: c242SilicaPerformance.lnk = ? O4 - Startup: MagicDisc.lnk = C:\Program Files\MagicDisc\MagicDisc.exe O4 - Startup: Silica Calendar2.exe O4 - Startup: Silica System-Info.lnk = C:\Documents and Settings\Leszczynek.LAS-167909DEE8C\Pulpit\GRY\SilicaSystem-Info.exe O4 - Startup: Stardock ObjectDock.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\ObjectDock\ObjectDock.exe O4 - Startup: Y’z ToolBar.lnk = C:\WINDOWS\BricoPacks\Vista Inspirat\YzToolbar\YzToolBar.exe O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: D-Link AirPlus.lnk = ? O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: Norton GoBack.lnk = C:\Program Files\Norton SystemWorks\Norton GoBack\GBTray.exe O4 - Global Startup: Palo Alto Software Update Manager 8.0.lnk = C:\Program Files\Common Files\Palo Alto Software\8.0\PAS8_Update.exe O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present O8 - Extra context menu item: Alexa Web Search - http://client.alexa.com/holiday/script/ … search.htm O8 - Extra context menu item: Download All by FlashGet - C:\Program Files\INTERNET\FlashGet\jc_all.htm O8 - Extra context menu item: Download using FlashGet - C:\Program Files\INTERNET\FlashGet\jc_link.htm O8 - Extra context menu item: Download with GetRight - C:\Program Files\INTERNET\GetRight\GRdownload.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Get Alexa Data - http://client.alexa.com/holiday/script/ … tedata.htm O8 - Extra context menu item: Mail to a Friend… - http://client.alexa.com/holiday/script/ … mailto.htm O8 - Extra context menu item: Open with GetRight Browser - C:\Program Files\INTERNET\GetRight\GRbrowse.htm O8 - Extra context menu item: See Related Links - http://client.alexa.com/holiday/script/ … elated.htm O8 - Extra context menu item: Write a Review… - http://client.alexa.com/holiday/script/ … review.htm O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_10\bin\ssv.dll O9 - Extra button: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra ‘Tools’ menuitem: Express Cleanup - {5E638779-1818-4754-A595-EF1C63B87A56} - C:\Program Files\Norton SystemWorks\Norton Cleanup\WCQuick.lnk O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\windows\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\windows\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\INTERNET\FlashGet\flashget.exe O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\INTERNET\FlashGet\flashget.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O16 - DPF: {0EB0E74A-2A76-4AB3-A7FB-9BD8C29F7F75} (CKAVWebScan Object) - http://www.kaspersky.com/downloads/kws/ … nicode.cab O16 - DPF: {5D86DDB5-BDF9-441B-9E9E-D4730F4EE499} (BDSCANONLINE Control) - http://download.bitdefender.com/resourc … oscan8.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan … asinst.cab O17 - HKLM\System\CCS\Services\Tcpip…{799CF3AC-5ACD-4A7F-BFEA-98D8031EC6D6}: NameServer = 192.168.1.1 O18 - Protocol: icoo - {86FE362E-74FA-4F71-8B69-B94D28880628} - C:\Program Files\internet\ICOO Loader\addons\icoou.dll O18 - Protocol: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\PROGRA~1\MSNMES~1\MSGRAP~1.DLL O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL O20 - Winlogon Notify: MCPClient - C:\PROGRA~1\COMMON~1\Stardock\mcpstub.dll O20 - Winlogon Notify: WBSrv - C:\PROGRA~1\NARZDZ~1\WINDOW~1\wbsrv.dll O20 - Winlogon Notify: WgaLogon - C:\windows\SYSTEM32\WgaLogon.dll O23 - Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe O23 - Service: GoBack Polling Service (GBPoll) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton GoBack\GBPoll.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: iPodService - Apple Computer, Inc. - C:\Program Files\iPod\bin\iPodService.exe O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - C:\Program Files\internet\Kerio\Personal Firewall 4\kpf4ss.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\navapsvc.exe O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\IWP\NPFMntor.exe O23 - Service: Norton UnErase Protection (NProtectService) - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\NPROTECT.EXE O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - C:\Program Files\Norton SystemWorks\Norton AntiVirus\SAVScan.exe O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe O23 - Service: SPBBCSvc - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe O23 - Service: Speed Disk service - Symantec Corporation - C:\PROGRA~1\NORTON~1\NORTON~3\SPEEDD~1\NOPDB.EXE O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
adam9870
(adam9870)
25 Kwiecień 2007 22:04
#2
Użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable (wszystkie znaczki maja być na zielono, jeżeli któryś z nich będzie na żółto to go zostaw). Po użyciu narzędzia wymagany jest restart.
Pliki i foldery usuń ręcznie w trybie awaryjnym natomiast wpisy HijackThis.
Czy sam ustawiałeś te restrykcje? Jeśli nie to ten wpis również usuń.
mixer.exe jest mixerem firmy C-Media <= jest Ok.
Po wykonaniu pokaż nowy log z HijackThis plus z SilentRunners .
JNJN
(JNJN)
26 Kwiecień 2007 06:23
#3
Proszę zmienić temat postu na konkretny,opcja zmień i popraw.JNJN