Dodaj do ulubionych

Prośba o sprawdzenie loga

IP: *.adsl.inetia.pl 09.04.07, 13:50
Coś wlazło i komputer ledwie działa, szczeg net


Logfile of HijackThis v1.99.1
Scan saved at 13:43:19, on 2007-04-09
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Ahead\InCD\InCDsrv.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\CTsvcCDA.exe
C:\WINDOWS\system\msnntlp.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\soundman.exe
C:\Program Files\CyberLink DVD Solution\PowerDVD\PDVDServ.exe
C:\WINDOWS\System32\RUNDLL32.EXE
C:\WINDOWS\System32\wdfmgr.exe
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\WINDOWS\system32\helpsys.exe
C:\WINDOWS\system32\sysem.exe
C:\WINDOWS\system32\mfcee.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
F:\Programy\Winamp\winampa.exe
C:\WINDOWS\system32\ssc.exe
C:\WINDOWS\System32\tfyjni.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Spyware Doctor\sdhelp.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Spyware Doctor\Update.exe
C:\Program Files\Spyware Doctor\Update.exe
C:\Documents and Settings\grzesiek\Pulpit\hijackthis_199\HijackThis.exe

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [RemoteControl] "C:\Program Files\CyberLink DVD
Solution\PowerDVD\PDVDServ.exe"
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program
Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [sck12] C:\WINDOWS\system32\helpsys.exe
O4 - HKLM\..\Run: [SoundService] rundll32.exe
"C:\WINDOWS\System32\roptqiph.dll",setvm
O4 - HKLM\..\Run: [sysms] C:\WINDOWS\system32\sysem.exe
O4 - HKLM\..\Run: [staeck12] C:\WINDOWS\system32\mfcee.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] F:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [sixer5] C:\WINDOWS\system32\ssc.exe
O4 - HKLM\..\Run: [Windows Service Agent] tfyjni.exe
O4 - HKLM\..\RunServices: [mysvcig38] mysvcc.exe
O4 - HKLM\..\RunServices: [Windows Service Agent] tfyjni.exe
O4 - HKLM\..\RunServices: [msvccc66] svcchosst.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [sck12] C:\WINDOWS\system32\helpsys.exe
O4 - HKCU\..\Run: [sysms] C:\WINDOWS\system32\sysem.exe
O4 - HKCU\..\Run: [staeck12] C:\WINDOWS\system32\mfcee.exe
O4 - HKCU\..\Run: [Internet Security Service] msq32.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Windows Service Agent] tfyjni.exe
O4 - HKCU\..\Run: [sixer5] C:\WINDOWS\system32\ssc.exe
O4 - HKCU\..\Run: [Spyware Doctor] "C:\Program Files\Spyware
Doctor\swdoctor.exe" /Q
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O9 - Extra button: Spyware Doctor - {2D663D1A-8670-49D9-A1A5-4C56B4E14E84} -
C:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 -
HKLM\System\CCS\Services\Tcpip\..\{327FE358-1303-4100-9D0B-4F8DD535EB1D}:
NameServer = 213.241.79.37 83.238.255.76
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil
Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd -
C:\WINDOWS\System32\CTsvcCDA.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision
Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Ahead Software AG - C:\Program
Files\Ahead\InCD\InCDsrv.exe
O23 - Service: Network helper Service (MSDisk) - Unknown owner -
C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
O23 - Service: msnntlp - Unknown owner - C:\WINDOWS\system\msnntlp.exe
O23 - Service: Network Windows Service (MSWindows) - Unknown owner -
C:\WINDOWS\System32\urdvxc.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: PC Tools Spyware Doctor (SDhelper) - PC Tools Research Pty Ltd
- C:\Program Files\Spyware Doctor\sdhelp.exe

Obserwuj wątek
    • Gość: Kolobos Re: Prośba o sprawdzenie loga IP: *.escom.net.pl 09.04.07, 14:09
      > Coś wlazło i komputer ledwie działa, szczeg net

      To normalne skoro masz piracki windows bez żadnych aktualizacji.

      Uzyj:
      www.atribune.org/ccount/click.php?id=4
      www.atribune.org/content/view/25/2/
      www.symantec.com/content/en/us/global/removal_tool/threat_writeups/FixVundo.exe
      secured2k.home.comcast.net/tools/VirtumundoBeGone.exe
      Zamknij porty przy pomocy wwdc.exe

      W menadzerze zadan zakoncz:
      C:\WINDOWS\system32\helpsys.exe
      C:\WINDOWS\system32\sysem.exe
      C:\WINDOWS\system32\mfcee.exe
      C:\WINDOWS\system32\ssc.exe
      C:\WINDOWS\System32\tfyjni.exe
      Pliki usun z dysku.

      W hjt usun:
      O4 - HKLM\..\Run: [sck12] C:\WINDOWS\system32\helpsys.exe
      O4 - HKLM\..\Run: [SoundService] rundll32.exe
      "C:\WINDOWS\System32\roptqiph.dll",setvm <- plik roptqiph.dll usun z dysku.
      O4 - HKLM\..\Run: [sysms] C:\WINDOWS\system32\sysem.exe
      O4 - HKLM\..\Run: [staeck12] C:\WINDOWS\system32\mfcee.exe
      O4 - HKLM\..\Run: [sixer5] C:\WINDOWS\system32\ssc.exe
      O4 - HKLM\..\Run: [Windows Service Agent] tfyjni.exe
      O4 - HKLM\..\RunServices: [mysvcig38] mysvcc.exe
      O4 - HKLM\..\RunServices: [Windows Service Agent] tfyjni.exe
      O4 - HKLM\..\RunServices: [msvccc66] svcchosst.exe
      O4 - HKCU\..\Run: [sck12] C:\WINDOWS\system32\helpsys.exe
      O4 - HKCU\..\Run: [sysms] C:\WINDOWS\system32\sysem.exe
      O4 - HKCU\..\Run: [staeck12] C:\WINDOWS\system32\mfcee.exe
      O4 - HKCU\..\Run: [Internet Security Service] msq32.exe
      O4 - HKCU\..\Run: [Windows Service Agent] tfyjni.exe
      O4 - HKCU\..\Run: [sixer5] C:\WINDOWS\system32\ssc.exe
      Usun te pliki z dysku.

      O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
      C:\WINDOWS\web\related.htm
      O9 - Extra 'Tools' menuitem: Show &Related Links -
      {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm

      Uslugi do kasacji:
      O23 - Service: Network helper Service (MSDisk) - Unknown owner -
      C:\WINDOWS\System32\irdvxc.exe" /service (file missing)
      O23 - Service: msnntlp - Unknown owner - C:\WINDOWS\system\msnntlp.exe
      O23 - Service: Network Windows Service (MSWindows) - Unknown owner -
      C:\WINDOWS\System32\urdvxc.exe" /service (file missing)

      Start->Uruchom->cmd
      i tam wpisz:
      sc stop MSDisk
      sc stop MSWindows
      sc stop "msnntlp"
      sc delete MSDisk
      sc delete MSWindows
      sc delete "msnntlp"

      Skan tym:
      www.pandasoftware.com/activescan/pol/activescan_principal.htm
      www.spywareinfo.com/xscan.php
      www.bitdefender.com/scan8/ie.html
      Jak juz to wszystko zrobisz to wyslij mi na maila log z comoscan (kolobos (at) gazeta.pl).

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka