prosze o pomoc w znalezieniu smieci

04.02.05, 13:15
Bede bardzo wdzieczny za wszelka pomoc.
Wogole sie na tym nie znam.
Ratujcie, co pousuwac?



Logfile of HijackThis v1.99.0
Scan saved at 13:06:07, on 2005-02-04
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINNT\System32\smss.exe
C:\WINNT\system32\winlogon.exe
C:\WINNT\system32\services.exe
C:\WINNT\system32\lsass.exe
C:\WINNT\system32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
C:\WINNT\system32\spoolsv.exe
C:\WINNT\System32\svchost.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\WINNT\system32\regsvc.exe
C:\WINNT\system32\MSTask.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\WINNT\System32\WBEM\WinMgmt. exe
C:\WINNT\system32\svchost.exe
C:\WINNT\system32\wupdated.exe
C:\WINNT\Explorer.EXE
C:\Program Files\CyberLink\PowerDVD\PDVDSe rv.exe
C:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\G DATA\AVKMail\AVKPOP.EXE
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\WINNT\System32\svchost.exe
C:\WINNT\system32\desktop.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINNT\system32\taskmgr.exe
C:\PROGRA~1\WinZip\winzip32.exe
C:\DOCUME~1\MAGDAL~1\USTAWI~1\T emp\HijackThis.exe

R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper. ocx
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} - C:\Program
Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:\WINNT\system32\msdxm.ocx
O3 - Toolbar: PopUpCop - {DB43E4E6-FF8A-4018-8C8E-F68587 A44A73} - C:\PROGRA~1
\PopUpCop\PopUpCop.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
C:\Program Files\Norton AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon
O4 - HKLM\..\Run: [RemoteControl] "C:\Program
Files\CyberLink\PowerDVD\PDVDSe rv.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
\bin\jusched.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -
atboottime
O4 - HKLM\..\Run: [Testing 123] C:\WINNT\system32\aightn.exe
O4 - HKLM\..\Run: [Windows Security] winmon.exe
O4 - HKLM\..\Run: [AVK Mail Checker] "C:\Program Files\Common Files\G
DATA\AVKMail\AVKPOP.EXE"
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec
Shared\ccApp.exe"
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe
O4 - HKLM\..\Run: [Windows WKS] wsass.exe
O4 - HKLM\..\Run: [vxcxcvfck] C:\WINNT\SYSTEM32\sbsvsd.exe
O4 - HKLM\..\Run: [CTHELPER] svhost.exe
O4 - HKLM\..\Run: [Windows Update] Isass.exe
O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKLM\..\Run: [System Update Application] msbuffer.exe
O4 - HKLM\..\Run: [Windows Configuration Loader] asclt.exe
O4 - HKLM\..\Run: [desktop] C:\WINNT\system32\desktop.exe
O4 - HKLM\..\RunServices: [Windows Security] winmon.exe
O4 - HKLM\..\RunServices: [Windows WKS] wsass.exe
O4 - HKLM\..\RunServices: [CTHELPER] svhost.exe
O4 - HKLM\..\RunServices: [Windows Update] Isass.exe
O4 - HKLM\..\RunServices: [System Update Application] msbuffer.exe
O4 - HKLM\..\RunServices: [Windows Configuration Loader] asclt.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [CTHELPER] svhost.exe
O4 - HKCU\..\Run: [System Update Application] msbuffer.exe
O4 - HKCU\..\Run: [Windows Configuration Loader] asclt.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
\dslmon.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\Offi ce10\EXCEL.EXE/3000
O8 - Extra context menu item: Open Image in New Window - res://C:\Program
Files\PopUpCop\popupcop.dll/ima genew
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:\WINNT\system32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINNT\system32\msjava.dll
O16 - DPF: {15ad4789-cdb4-47e1-a9da-992ee8 e6bad6} -
static.windupdates.com/cab/GamesUnlimited/ie/bridge-c6.cab
O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B 06BDE3} (CamImage Class) -
212.182.113.107/activex/AxisCamControl.ocx
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {F96D229F-129A-43B5-9B51-B7820E 1BF2D3} (GameControl2 Control) -
www.miastoplusa.pl/applets/GameControl104.cab
O17 - HKLM\System\CCS\Services\Tcpip\ ..\{B41A1B56-70FF-4797-81AC-
F87976118053}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: AVK Service - Unknown - C:\Program
Files\AntiVirenKit\AVKService.e xe (file missing)
O23 - Service: Strażnik AVK - Unknown - C:\Program
Files\AntiVirenKit\AVKWCtl.exe (file missing)
O23 - Service: Symantec Event Manager - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: Usługa administracyjna Menedżera dysków logicznych - VERITAS
Software Corp. - C:\WINNT\System32\dmadmin.exe
O23 - Service: Norton AntiVirus Auto-Protect Service - Symantec Corporation -
C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service - Symantec
Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton
AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service - Symantec Corporation - C:\PROGRA~1
\COMMON~1\SYMANT~1\SCRIPT~1\SBS erv.exe
O23 - Service: Symantec Network Drivers Service - Symantec Corporation -
C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

    • Gość: piecyk gazowy Re: prosze o pomoc w znalezieniu smieci IP: *.tpnet.pl / *.tpnet.pl 05.02.05, 22:09
      W systemie może być aktywny jeden program antywirusowy. Odinstaluj jeden.

      Uruchom system w trybie awaryjnym, zaznacz poniższe pozycje i wciśnij Fix
      Checked:

      > O4 - HKLM\..\Run: [Testing 123] C:\WINNT\system32\aightn.exe
      > O4 - HKLM\..\Run: [Windows Security] winmon.exe

      > O4 - HKLM\..\Run: [Windows WKS] wsass.exe
      > O4 - HKLM\..\Run: [vxcxcvfck] C:\WINNT\SYSTEM32\sbsvsd.exe
      > O4 - HKLM\..\Run: [CTHELPER] svhost.exe
      > O4 - HKLM\..\Run: [Windows Update] Isass.exe

      > O4 - HKLM\..\Run: [System Update Application] msbuffer.exe
      > O4 - HKLM\..\Run: [Windows Configuration Loader] asclt.exe
      > O4 - HKLM\..\Run: [desktop] C:\WINNT\system32\desktop.exe
      > O4 - HKLM\..\RunServices: [Windows Security] winmon.exe
      > O4 - HKLM\..\RunServices: [Windows WKS] wsass.exe
      > O4 - HKLM\..\RunServices: [CTHELPER] svhost.exe
      > O4 - HKLM\..\RunServices: [Windows Update] Isass.exe
      > O4 - HKLM\..\RunServices: [System Update Application] msbuffer.exe
      > O4 - HKLM\..\RunServices: [Windows Configuration Loader] asclt.exe

      > O4 - HKCU\..\Run: [CTHELPER] svhost.exe
      > O4 - HKCU\..\Run: [System Update Application] msbuffer.exe
      > O4 - HKCU\..\Run: [Windows Configuration Loader] asclt.exe

      > O16 - DPF: {15ad4789-cdb4-47e1-a9da-992ee8 e6bad6} -
      > static.windupdates.com/cab/Game sUnlimited/ie/bridge-c6.cab
      > O16 - DPF: {917623D1-D8E5-11D2-BE8B-00104B 06BDE3} (CamImage Class) -
      > 212.182.113.107/activex/AxisCam Control.ocx
Pełna wersja