kolor123
17 Lipiec 2006 22:22
#1
Witam nie wiem ale cos jest nie tak nie moe nic kupowac na allegro zamykaja mi sie okienka jak klikam na przyciski nie wiem wlasnie co sie stało mi z komputerem mzoe cos wykwycicie co to mzoe byc za akcja z tym moim syfikiem
o to log:
Logfile of HijackThis v1.99.1 Scan saved at 00:22:09, on 2006-07-18 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\ATKKBService.exe C:\WINDOWS\System32\CTsvcCDA.exe C:\WINDOWS\Explorer.EXE C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Programy\Programy Do Nagrywarki\Alcohol 120\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\System32\MsPMSPSv.exe C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE C:\WINDOWS\System32\CTHELPER.EXE C:\WINDOWS\Anvshell.exe C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe C:\Program Files\TGTSoft\StyleXP\StyleXP.exe C:\Program Files\Messenger\msmsgs.exe C:\Program Files\Programy\Programy Do Internetu\Kalendarz XP\Kalendarz.exe C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterRuntime.exe C:\Program Files\Programy\Programy Do Komunikacji\Gadu-Gadu\gg.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\Dąbrowski Łukasz\Pulpit\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {73364D99-1240-4dff-B11A-67E448373048} - C:\WINDOWS\System32\ipv6monr.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: CoTGT_BHO Class - {C333CF63-767F-4831-94AC-E683D962C63C} - C:\Program Files\TGTSoft\StyleXP\TGT_BHO.dll O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\WINDOWS\Downloaded Program Files\googlenav.dll O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll O4 - HKLM…\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy2\Surround Mixer\CTSysVol.exe O4 - HKLM…\Run: [CTDVDDet] C:\Program Files\Creative\SBAudigy2\DVDAudio\CTDVDDet.EXE O4 - HKLM…\Run: [CTHelper] CTHELPER.EXE O4 - HKLM…\Run: [CTStartup] “C:\Program Files\Creative\Splash Screen\CTEaxSpl.EXE” /run O4 - HKLM…\Run: [Anvshell] C:\WINDOWS\Anvshell.exe O4 - HKLM…\Run: [LiveNote] livenote.exe O4 - HKLM…\Run: [LWBKEYBOARD] C:\Program Files\Labtec\Media Keyboard\V5.0\KbdAp32A.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit O4 - HKLM…\Run: [mRouterConfig for Siemens Data Suite SX1] C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterConfig.exe O4 - HKLM…\Run: [KAVPersonal50] “C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kav.exe” /minimize O4 - HKLM…\RunOnce: [Register C:\Program Files\Symbian\Shared\SymbianConnectRunTime\SymbianConnectRuntime.exe] “C:\Program Files\Symbian\Shared\SymbianConnectRunTime\SymbianConnectRuntime.exe” /RegServer O4 - HKCU…\Run: [sTYLEXP] C:\Program Files\TGTSoft\StyleXP\StyleXP.exe -Hide O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [skype] “C:\Program Files\Programy\Programy Do Komunikacji\Skype\Skype.exe” /nosplash /minimized O4 - Global Startup: Kalendarz XP.lnk = C:\Program Files\Programy\Programy Do Internetu\Kalendarz XP\Kalendarz.exe O8 - Extra context menu item: &Google Search - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html O8 - Extra context menu item: Backward &Links - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html O8 - Extra context menu item: Cac&hed Snapshot of Page - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Open Picture in &Microsoft PhotoDraw - res://C:\PROGRA~1\MICROS~2\Office\1033\phdintl.dll/phdContext.htm O8 - Extra context menu item: Si&milar Pages - res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O12 - Plugin for .mov: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin.dll O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB} (YInstStarter Class) - http://us.dl1.yimg.com/download.yahoo.c … 040510.cab O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania Onet.pl) - http://slimak.onet.pl/_m/kamerzysta/One … or012s.ocx O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://v5.windowsupdate.microsoft.com/v … 8873232046 O16 - DPF: {6CB5E471-C305-11D3-99A8-000086395495} (Google Activate) - http://toolbar.google.com/data/pl/big/1 … gleNav.cab O16 - DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} (Get_ActiveX Control) - https://h17000.www1.hp.com/ewfrf-JAVA/S … anager.ocx O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - C:\WINDOWS\ATKKBService.exe O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\System32\CTsvcCDA.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Usługa Kaspersky Anti-Virus (kavsvc) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro\kavsvc.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: Sandra Data Service (SandraDataSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcDataSrv.exe O23 - Service: Sandra Service (SandraTheSrv) - SiSoftware - C:\Program Files\SiSoftware\SiSoftware Sandra Lite 2005.SR3\RpcSandraSrv.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Programy\Programy Do Nagrywarki\Alcohol 120\Alcohol 120\Alcohol 120\StarWind\StarWindService.exe O23 - Service: StyleXPService - Unknown owner - C:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
system
18 Lipiec 2006 06:47
#2
Masz słabo zabezpieczony system koniecznie aktualizacja windy. Ściagnij to narzędzie WWDC
W logu widać to tylko
Usuń ten wpis w hijackthis a plik ręcznie z dysku.
Dodatkowo zrób scan Ewido http://www.ewido.net/en/ i mozesz jeszcze wkleić loga z silent runners (info w przyklejonym temacie)