Proszę o sprawdzenie loga

aggi · 29 Sierpień 2006 15:18

ojaaaa, co?

ktos dobry sprawdzi prosze

Logfile of HijackThis v1.99.1 Scan saved at 17:12:31, on 29.08.2006 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Programme\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\System32\rundll32.exe C:\Programme\RAM Idle\RAM_XP.exe C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe C:\Programme\Java\jre1.5.0_08\bin\jusched.exe C:\Programme\Eset\nod32kui.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Programme\Microsoft Office\Office\OSA.EXE C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE C:\PROGRA~1\PANASO~1\REMOTE~1\kmentsrv.exe C:\Programme\Eset\nod32krn.exe C:\WINDOWS\System32\nvsvc32.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\wuauclt.exe C:\Programme\Windows Media Player\wmplayer.exe C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\Internet Explorer\IEXPLORE.EXE C:\Programme\WinRAR\WinRAR.exe C:\DOKUME~1\Buffer\LOKALE~1\Temp\Rar$EX00.188\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page … _id=145499 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.de/ R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page … _id=145499 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://startpage.iload.to/?m=abc&t=&u=h … ar=msnhome R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = proxy.hs-wismar.de:8181 R3 - Default URLSearchHook is missing O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Programme\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Zango Search Assistant Helper /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B94E3D67C5E78412A3DC7 - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\programme\zango\zangohook.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O2 - BHO: (no name) - {A3D43A6E-810F-4F4D-834C-C87A4F0311EE} - C:\WINDOWS\System32\exkpsrv.dll O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O3 - Toolbar: (no name) - {BF42D42E-4EC0-41DA-834B-BD1CC42F8D6C} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [NVCLOCK] rundll32 nvclock.dll,fnNvclock O4 - HKLM…\Run: [soundMan] soundman.exe O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [msci] C:\DOKUME~1\Buffer\LOKALE~1\Temp\200542820579_mcinfo.exe /insfin O4 - HKLM…\Run: [RAM Idle Professional] C:\Programme\RAM Idle\RAM_XP.exe O4 - HKLM…\Run: [Acrobat Assistant 7.0] “C:\Programme\Adobe\Acrobat 7.0\Distillr\Acrotray.exe” O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Programme\Java\jre1.5.0_08\bin\jusched.exe” O4 - HKLM…\Run: [QuickTime Task] “C:\WINDOWS\system32\qttask.exe” -atboottime O4 - HKLM…\Run: [smcService] C:\PROGRA~1\Sygate\SPF\smc.exe -startgui O4 - HKLM…\Run: [nod32kui] “C:\Programme\Eset\nod32kui.exe” /WAITSERVICE O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU…\Run: [MSMSGS] “C:\Programme\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [updateMgr] C:\Programme\Adobe\Acrobat 7.0\Acrobat\AdobeUpdateManager.exe AcPro7_0_5 -reboot 1 O4 - Global Startup: Adobe Acrobat - Schnellstart.lnk = ? O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Programme\Gemeinsame Dateien\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: InterVideo WinCinema Manager.lnk = C:\Programme\InterVideo\Common\Bin\WinCinemaMgr.exe O4 - Global Startup: Microsoft-Indexerstellung.lnk = C:\Programme\Microsoft Office\Office\FINDFAST.EXE O4 - Global Startup: Office-Start.lnk = C:\Programme\Microsoft Office\Office\OSA.EXE O4 - Global Startup: Statusanzeige KX-P7305 und KX-P7310.lnk = ? O8 - Extra context menu item: Alles mit FlashGet laden - C:\Programme\FlashGet\jc_all.htm O8 - Extra context menu item: Ausgewählte Verknüpfungen in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html O8 - Extra context menu item: Ausgewählte Verknüpfungen in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html O8 - Extra context menu item: Auswahl in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Auswahl in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: In Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: In vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O8 - Extra context menu item: Mit FlashGet laden - C:\Programme\FlashGet\jc_link.htm O8 - Extra context menu item: Nach Microsoft &Excel exportieren - res://C:\PROGRA~1\OFFICE~1\Office10\EXCEL.EXE/3000 O8 - Extra context menu item: Verknüpfungsziel in Adobe PDF konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html O8 - Extra context menu item: Verknüpfungsziel in vorhandene PDF-Datei konvertieren - res://C:\Programme\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Konsole - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Programme\Java\jre1.5.0_08\bin\ssv.dll O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing) O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing) O16 - DPF: {78AF2F24-A9C3-11D3-BF8C-0060B0FCC122} (AcDcToday Control) - file://C:\Programme\Autodesk Architectural Desktop 3\AcDcToday.ocx O16 - DPF: {AE563720-B4F5-11D4-A415-00108302FDFD} (NOXLATE-BANR) - file://C:\Programme\Autodesk Architectural Desktop 3\InstBanr.ocx O16 - DPF: {C6637286-300D-11D4-AE0A-0010830243BD} (InstaFred) - file://C:\Programme\Autodesk Architectural Desktop 3\InstFred.ocx O16 - DPF: {F281A59C-7B65-11D3-8617-0010830243BD} (AcPreview Control) - file://C:\Programme\Autodesk Architectural Desktop 3\AcPreview.ocx O23 - Service: Adobe LM Service - Adobe Systems - C:\Programme\Gemeinsame Dateien\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: Autodesk Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Autodesk Shared\Service\AdskScSrv.exe O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\System32\DRIVERS\CDANTSRV.EXE O23 - Service: KME Remote Server - Panasonic Communications Co.,Ltd. - C:\PROGRA~1\PANASO~1\REMOTE~1\kmentsrv.exe O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Programme\Gemeinsame Dateien\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Programme\Eset\nod32krn.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Ray2soft3d400 Server (Ray2soft3d400Server) - Unknown owner - C:\programme\Softimage\SOFT3D_4.0\mental_ray\bin\ray2Soft3D400server.exe (file missing) O23 - Service: Sygate Personal Firewall Pro (SmcService) - Sygate Technologies, Inc. - C:\Programme\Sygate\SPF\smc.exe

dziekujsia

Bieniol · 29 Sierpień 2006 15:31

W trybie awaryjnym z wyłączonym przywracaniem systemu usuwasz (wpisy Hijackiem, pliki/foldery na czerwono ręcznie z dysku):

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.couldnotfind.com/search_page … _id=145499 R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page … _id=145499 R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page_bak = http://startpage.iload.to/?m=abc&t=&u=h … ar=msnhome R3 - Default URLSearchHook is missing O2 - BHO: Zango Search Assistant Helper /fleok=1D8A83A5C5E315789FA575760EA83FA5EF80752B94E3D67C5E78412A3DC7 - {56F1D444-11BF-4879-A12B-79CF0177F038} - c:\programme\zango\zangohook.dll (file missing) O2 - BHO: (no name) - {A3D43A6E-810F-4F4D-834C-C87A4F0311EE} - C:\WINDOWS\System32\exkpsrv.dll O3 - Toolbar: (no name) - {BF42D42E-4EC0-41DA-834B-BD1CC42F8D6C} - (no file) O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file) O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file) O4 - HKLM…\Run: [msci] C:\DOKUME~1\Buffer\LOKALE~1\Temp\200542820579_mcinfo.exe /insfin

Jeżeli nie masz już FlashGeta, to usuń też te wpisy:

Czy jest jakiś problem?

aggi · 29 Sierpień 2006 15:50

dziekuje bardzo

problem generalnie jest. wlasnie nie wiem dokladnie na czym polega, ale wszystko sie slimaczy na tym kompie i zolwi, dziwnie wyglada, na przyklad w menu usun programy nie ma ciaglosci , takie puste biale miejsca, no i trwa to wszystko niemozliwie dluuugo…

heh.

dzieki raz jeszcze pozdro100

Bieniol · 29 Sierpień 2006 16:15

Po wykonaniu tych czynności wrzuć nowy log z Hijacka + log z Silent Runners

Gutek · 29 Sierpień 2006 16:33

Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny

Pozdrawiam Gutek2222