Dodaj do ulubionych

czy kamera może miec wirusa?

IP: *.neoplus.adsl.tpnet.pl 05.02.05, 08:15
To jest sony. W momencie, kiedy ja wlączę, wywala wszystkie programy, jakie
moglyby ściągać obraz z niej. To idzie przez USB, dodam, ze na tym samym
kablu chodzi tez aparat foto, z nim nie ma problemow, a jak tylko odpalę
kamerkę, od razu wszystko zdycha. Wkleje jeszcze hijack log, pomózcie proszę,
nie znam się na tym kompletnie.

Logfile of HijackThis v1.98.0
Scan saved at 08:04:31, on 05-02-2005
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.ex e
C:\WINDOWS\system32\services.ex e
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
E:\DVD\nero sześć zero\InCD\InCDsrv.exe
C:\WINDOWS\system32\spoolsv.exe
D:\Programy z D\avast\aswUpdSv.exe
D:\Programy z D\avast\ashServ.exe
C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
C:\WINDOWS\System32\E_S00RP2.EX E
D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
\kpf4ss.exe
C:\Program Files\Norton Utilities\NPROTECT.EXE
C:\WINDOWS\System32\nvsvc32.exe
D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
\kpf4gui.exe
C:\Program Files\Speed Disk\nopdb.exe
D:\Programy z D\avast\ashMaiSv.exe
C:\WINDOWS\Explorer.EXE
D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
\kpf4gui.exe
C:\WINDOWS\soundman.exe
C:\WINDOWS\autoclk.exe
C:\PROGRA~1\WANADOO\taskbaricon .exe
C:\Program Files\Common Files\Real\Update_OB\realsched. exe
C:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
E:\DVD\power dvd\PDVDServ.exe
E:\DVD\nero sześć zero\InCD\InCD.exe
C:\temp\msbb.exe
D:\PROGRA~1\avast\ashDisp.exe
D:\programy z d\quick time\qttask.exe
C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe
C:\Program Files\Norton Utilities\SYSDOC32.EXE
C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
D:\Programy z D\WinZip\WZQKPICK.EXE
D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IMAPP.EXE
C:\PROGRA~1\WANADOO\EspaceWanad oo.exe
C:\PROGRA~1\WANADOO\ComComp.exe
C:\PROGRA~1\WANADOO\Watch.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRA~1\INCRED~1\bin\IBMAIN .EXE
C:\Program Files\Norton Utilities\WINDOC.EXE
D:\Programy z D\do ściągania plików\FlashGet\flashget.exe
D:\Programy z D\Instalki\antywiry i system użytkowe\HijackThis.exe

R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
www.gazeta.pl/0,0.html
R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
Plus wita Cie w Internecie
R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB91 9777E1} - (no
file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
Files\IncrediBar\bin\IBBHO.dll
O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B87 7923E1} - (no
file)
O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C 60FAF2} - (no file)
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} -
D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\j ccatch.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} - D:\Programy z
D\norton antywirus\Norton antyvir+key no install\unzipp norton
antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
D:\Programy z D\norton antywirus\Norton antyvir+key no install\unzipp norton
antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} -
C:\Program Files\IncrediBar\bin\IBTBar.dll
O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154E CE70AC} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [SoundMan] soundman.exe
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [autoclk] autoclk.exe
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common
Files\Real\Update_OB\realsched. exe -osboot
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
Shared\Security Center\UsrPrmpt.exe
O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
NAV /CMDLINE "REBOOT"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
\bin\jusched.exe
O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"
O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe
O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program
Files\EbatesMoeMoneyMaker\Syste m\Code" Main lp: "C:\Program
Files\EbatesMoeMoneyMaker"
O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
atboottime
O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
O4 - HKCU\..\Run: [Autoupdate Service] C:\DOCUME~1\Iwona\USTAWI~1
\Temp\kaka.exe
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
\DSLMON.exe
O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
Utilities\SYSDOC32.EXE
O4 - Global Startup: Image Transfer.lnk = ?
O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z
D\WinZip\WZQKPICK.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
Files\Adobe\Calibration\Adobe Gamma Loader.exe
O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ resources\WebMenuImg.htm
O8 - Extra context menu item: &Tlumacz z LING... -
www.ling.pl/ling/def-src.php4
O8 - Extra context menu item: + Offline &Explorer: Download the link -
file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
Pro\Add_UrlO.htm
O8 - Extra context menu item: + Offline E&xplorer: Download the current page -
file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
Pro\Add_AllO.htm
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
D\do ściągania plików\FlashGet\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a -
D:\Programy z D\do ściągania plików\FlashGet\jc_all.htm
O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
C:\Program Files\IncrediBar\bin\IBTBar.dll
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:\WINDOWS\System32\msjava.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\WINDOWS\System32\msjava.dll
O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D 6C7040} -
D:\Programy z D\do ściągania plików\całe strony\WinHTTrack\WinHTTrackIEB ar.dll
O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-
AFF36D6C7040} - D:\Programy z D\do ściągania plików\całe
strony\WinHTTrack\WinHTTrackIEB ar.dll
O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-009027 6F843F} -
www.net2phone.com/ (file missing)
O9 - E
Obserwuj wątek
      • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 10:56
        Oto on - log jak dzwon:

        Logfile of HijackThis v1.99.0
        Scan saved at 10:55:27, on 05-02-2005
        Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
        MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

        Running processes:
        C:\WINDOWS\System32\smss.exe
        C:\WINDOWS\system32\winlogon.ex e
        C:\WINDOWS\system32\services.ex e
        C:\WINDOWS\system32\lsass.exe
        C:\WINDOWS\system32\svchost.exe
        C:\WINDOWS\System32\svchost.exe
        E:\DVD\nero sześć zero\InCD\InCDsrv.exe
        C:\WINDOWS\system32\spoolsv.exe
        D:\Programy z D\avast\aswUpdSv.exe
        D:\Programy z D\avast\ashServ.exe
        C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
        C:\WINDOWS\System32\E_S00RP2.EX E
        D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
        \kpf4ss.exe
        C:\Program Files\Norton Utilities\NPROTECT.EXE
        C:\WINDOWS\System32\nvsvc32.exe
        D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
        \kpf4gui.exe
        C:\Program Files\Speed Disk\nopdb.exe
        D:\Programy z D\avast\ashMaiSv.exe
        C:\WINDOWS\Explorer.EXE
        D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
        \kpf4gui.exe
        C:\WINDOWS\soundman.exe
        C:\WINDOWS\autoclk.exe
        C:\PROGRA~1\WANADOO\taskbaricon .exe
        C:\Program Files\Common Files\Real\Update_OB\realsched. exe
        C:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
        E:\DVD\power dvd\PDVDServ.exe
        E:\DVD\nero sześć zero\InCD\InCD.exe
        C:\temp\msbb.exe
        D:\PROGRA~1\avast\ashDisp.exe
        C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe
        C:\Program Files\Norton Utilities\SYSDOC32.EXE
        C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
        D:\Programy z D\WinZip\WZQKPICK.EXE
        D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IMAPP.EXE
        C:\Program Files\Norton Utilities\WINDOC.EXE
        C:\PROGRA~1\WANADOO\EspaceWanad oo.exe
        C:\PROGRA~1\WANADOO\ComComp.exe
        C:\PROGRA~1\WANADOO\Watch.exe
        C:\PROGRA~1\INCRED~1\bin\IBMAIN .EXE
        D:\Programy z D\do ściągania plików\FlashGet\flashget.exe
        C:\Program Files\Internet Explorer\IEXPLORE.EXE
        D:\Programy z D\Pożeracz Konia Trojańskiego\hijack\HijackThis. exe

        R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
        www.gazeta.pl/0,0.html
        R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
        Plus wita Cie w Internecie
        R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
        R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB91 9777E1} - (no
        file)
        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
        d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
        O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
        Files\IncrediBar\bin\IBBHO.dll
        O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B87 7923E1} - (no file)
        O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C 60FAF2} - (no file)
        O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} - D:\PROGRA~1
        \DOŚCIĄ~1\FLASHGET\jccatch.dll
        O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} - D:\Programy z
        D\norton antywirus\Norton antyvir+key no install\unzipp norton
        antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
        O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
        D:\Programy z D\norton antywirus\Norton antyvir+key no install\unzipp norton
        antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
        O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
        D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
        O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} - C:\Program
        Files\IncrediBar\bin\IBTBar.dll
        O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154E CE70AC} - (no file)
        O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
        C:\WINDOWS\System32\msdxm.ocx
        O4 - HKLM\..\Run: [SoundMan] soundman.exe
        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
        O4 - HKLM\..\Run: [autoclk] autoclk.exe
        O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
        O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
        O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common
        Files\Real\Update_OB\realsched. exe -osboot
        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
        \NvCpl.dll,NvStartup
        O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
        Shared\Security Center\UsrPrmpt.exe
        O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
        NAV /CMDLINE "REBOOT"
        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
        \bin\jusched.exe
        O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"
        O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
        O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe
        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
        O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program
        Files\EbatesMoeMoneyMaker\Syste m\Code" Main lp: "C:\Program
        Files\EbatesMoeMoneyMaker"
        O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
        atboottime
        O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
        O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
        O4 - HKCU\..\Run: [Autoupdate Service] C:\DOCUME~1\Iwona\USTAWI~1\Temp \kaka.exe
        O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
        \DSLMON.exe
        O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
        Utilities\SYSDOC32.EXE
        O4 - Global Startup: Image Transfer.lnk = ?
        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z D\WinZip\WZQKPICK.EXE
        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
        Files\Adobe\Calibration\Adobe Gamma Loader.exe
        O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
        D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ resources\WebMenuImg.htm
        O8 - Extra context menu item: &Tlumacz z LING... - www.ling.pl/ling/def-
        src.php4
        O8 - Extra context menu item: + Offline &Explorer: Download the link -
        file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
        Pro\Add_UrlO.htm
        O8 - Extra context menu item: + Offline E&xplorer: Download the current page -
        file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
        Pro\Add_AllO.htm
        O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
        D\do ściągania plików\FlashGet\jc_link.htm
        O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a -
        D:\Programy z D\do ściągania plików\FlashGet\jc_all.htm
        O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
        C:\Program Files\IncrediBar\bin\IBTBar.dll
        O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
        C:\WINDOWS\System32\msjava.dll
        O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
        00401C608501} - C:\WINDOWS\System32\msjava.dll
        O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D 6C7040} -
        D:\Programy z D\do ściągania plików\całe strony\WinHTTrack\WinHTTrackIEB ar.dll
        O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-
        AFF36D6C7040} - D:\Programy z D\do ściągania plików\całe
        strony\WinHTTrack\WinHTTrackIEB ar.dll
        O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-009027 6F843F} -
        www.net2phone.com/ (file missing)
        O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-
        0090276F843F} - www.net2phone.com/ (file missing)
        O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa00 3c157a} -
        C:\WINDOWS\web\related.htm
        O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
        00aa003c157a} - C:\
    • Gość: piecyk gazowy Re: czy kamera może miec wirusa? IP: *.tpnet.pl / *.tpnet.pl 05.02.05, 10:57
      Przczyn może być wiele. Masz bardzo zaśmiecony system, może to to?

      Masz dwa programy antywirusowe. KONIECZNIE jeden odinstaluj.

      Zaznacz poniższe pozycje i wciśnij Fix Checked:

      R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB91 9777E1} - (no
      file)

      O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
      Files\IncrediBar\bin\IBBHO.dll
      O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B87 7923E1} - (no
      file)
      O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C 60FAF2} - (no file)

      O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} -
      C:\Program Files\IncrediBar\bin\IBTBar.dll
      O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154E CE70AC} - (no file)

      O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common
      Files\Real\Update_OB\realsched. exe -osboot

      O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
      NAV /CMDLINE "REBOOT"
      O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
      \bin\jusched.exe
      O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"

      O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe

      O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program
      Files\EbatesMoeMoneyMaker\Syste m\Code" Main lp: "C:\Program
      Files\EbatesMoeMoneyMaker"
      O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
      atboottime

      O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
      O4 - HKCU\..\Run: [Autoupdate Service] C:\DOCUME~1\Iwona\USTAWI~1
      \Temp\kaka.exe

      Wklej loga z nowego HijackThis (m.gregor podał linka) i zwróć uwagę by był cały
      (ten był ucięty).
          • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 11:07
            Logfile of HijackThis v1.99.0
            Scan saved at 11:05:57, on 05-02-2005
            Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
            MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

            Running processes:
            C:\WINDOWS\System32\smss.exe
            C:\WINDOWS\system32\winlogon.ex e
            C:\WINDOWS\system32\services.ex e
            C:\WINDOWS\system32\lsass.exe
            C:\WINDOWS\system32\svchost.exe
            C:\WINDOWS\System32\svchost.exe
            E:\DVD\nero sześć zero\InCD\InCDsrv.exe
            C:\WINDOWS\system32\spoolsv.exe
            D:\Programy z D\avast\aswUpdSv.exe
            D:\Programy z D\avast\ashServ.exe
            C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
            C:\WINDOWS\System32\E_S00RP2.EX E
            D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
            \kpf4ss.exe
            C:\Program Files\Norton Utilities\NPROTECT.EXE
            C:\WINDOWS\System32\nvsvc32.exe
            D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
            \kpf4gui.exe
            C:\Program Files\Speed Disk\nopdb.exe
            D:\Programy z D\avast\ashMaiSv.exe
            C:\WINDOWS\Explorer.EXE
            D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
            \kpf4gui.exe
            C:\WINDOWS\soundman.exe
            C:\WINDOWS\autoclk.exe
            C:\PROGRA~1\WANADOO\taskbaricon .exe
            C:\Program Files\Common Files\Real\Update_OB\realsched. exe
            C:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
            E:\DVD\power dvd\PDVDServ.exe
            E:\DVD\nero sześć zero\InCD\InCD.exe
            C:\temp\msbb.exe
            D:\PROGRA~1\avast\ashDisp.exe
            C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe
            C:\Program Files\Norton Utilities\SYSDOC32.EXE
            C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
            D:\Programy z D\WinZip\WZQKPICK.EXE
            D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IMAPP.EXE
            C:\Program Files\Norton Utilities\WINDOC.EXE
            C:\PROGRA~1\WANADOO\EspaceWanad oo.exe
            C:\PROGRA~1\WANADOO\ComComp.exe
            C:\PROGRA~1\WANADOO\Watch.exe
            C:\PROGRA~1\INCRED~1\bin\IBMAIN .EXE
            D:\Programy z D\do ściągania plików\FlashGet\flashget.exe
            C:\Program Files\Internet Explorer\IEXPLORE.EXE
            C:\WINDOWS\system32\NOTEPAD.EXE
            D:\Programy z D\Pożeracz Konia Trojańskiego\hijack\HijackThis. exe

            R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
            www.gazeta.pl/0,0.html
            R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
            Plus wita Cie w Internecie
            R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
            R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB91 9777E1} - (no
            file)
            O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
            d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
            O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
            Files\IncrediBar\bin\IBBHO.dll
            O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B87 7923E1} - (no file)
            O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C 60FAF2} - (no file)
            O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} - D:\PROGRA~1
            \DOŚCIĄ~1\FLASHGET\jccatch.dll
            O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B 084872} - D:\Programy z
            D\norton antywirus\Norton antyvir+key no install\unzipp norton
            antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
            O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF 00B1D6} -
            D:\Programy z D\norton antywirus\Norton antyvir+key no install\unzipp norton
            antyvirus\NAV\External\NORTON\A PP\NAVShExt.dll
            O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
            D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
            O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} - C:\Program
            Files\IncrediBar\bin\IBTBar.dll
            O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154E CE70AC} - (no file)
            O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
            C:\WINDOWS\System32\msdxm.ocx
            O4 - HKLM\..\Run: [SoundMan] soundman.exe
            O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
            O4 - HKLM\..\Run: [autoclk] autoclk.exe
            O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
            O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
            O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
            O4 - HKLM\..\Run: [TkBellExe] C:\Program Files\Common
            Files\Real\Update_OB\realsched. exe -osboot
            O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
            \NvCpl.dll,NvStartup
            O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
            Shared\Security Center\UsrPrmpt.exe
            O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
            NAV /CMDLINE "REBOOT"
            O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
            \bin\jusched.exe
            O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"
            O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
            O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe
            O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
            O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program
            Files\EbatesMoeMoneyMaker\Syste m\Code" Main lp: "C:\Program
            Files\EbatesMoeMoneyMaker"
            O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
            atboottime
            O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
            O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
            O4 - HKCU\..\Run: [Autoupdate Service] C:\DOCUME~1\Iwona\USTAWI~1\Temp \kaka.exe
            O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
            \DSLMON.exe
            O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
            Utilities\SYSDOC32.EXE
            O4 - Global Startup: Image Transfer.lnk = ?
            O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z D\WinZip\WZQKPICK.EXE
            O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
            Files\Adobe\Calibration\Adobe Gamma Loader.exe
            O8 - Extra context menu item: &Add animation to IncrediMail Style Box -
            D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ resources\WebMenuImg.htm
            O8 - Extra context menu item: &Tlumacz z LING... - www.ling.pl/ling/def-
            src.php4
            O8 - Extra context menu item: + Offline &Explorer: Download the link -
            file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
            Pro\Add_UrlO.htm
            O8 - Extra context menu item: + Offline E&xplorer: Download the current page -
            file://D:\Programy z D\do ściągania plików\offline\Offline Explorer
            Pro\Add_AllO.htm
            O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
            D\do ściągania plików\FlashGet\jc_link.htm
            O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a -
            D:\Programy z D\do ściągania plików\FlashGet\jc_all.htm
            O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
            C:\Program Files\IncrediBar\bin\IBTBar.dll
            O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
            C:\WINDOWS\System32\msjava.dll
            O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
            00401C608501} - C:\WINDOWS\System32\msjava.dll
            O9 - Extra button: Run WinHTTrack - {36ECAF82-3300-8F84-092E-AFF36D 6C7040} -
            D:\Programy z D\do ściągania plików\całe strony\WinHTTrack\WinHTTrackIEB ar.dll
            O9 - Extra 'Tools' menuitem: Launch WinHTTrack - {36ECAF82-3300-8F84-092E-
            AFF36D6C7040} - D:\Programy z D\do ściągania plików\całe
            strony\WinHTTrack\WinHTTrackIEB ar.dll
            O9 - Extra button: Net2Phone - {4B30061A-5B39-11D3-80F8-009027 6F843F} -
            www.net2phone.com/ (file missing)
            O9 - Extra 'Tools' menuitem: Net2Phone - {4B30061A-5B39-11D3-80F8-
            0090276F843F} - www.net2phone.com/ (file missing)
            O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa00 3c157a} -
            C:\WINDOWS\web\related.htm
            O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
            00aa003c157
            • m.gregor Re: czy kamera może miec wirusa? 05.02.05, 11:24
              > R3 - URLSearchHook: (no name) - {0428FFC7-1931-45b7-95CB-3CBB91 9777E1} - (no
              > file)
              > O2 - BHO: Search Relevancy - {1D7E3B41-23CE-469B-BE1B-A64B87 7923E1} - (no fil
              > e)
              > O2 - BHO: (no name) - {83DE62E0-5805-11D8-9B25-00E04C 60FAF2} - (no file)
              > O3 - Toolbar: (no name) - {0494D0D9-F8E0-41ad-92A3-14154E CE70AC} - (no file)
              > O4 - HKLM\..\Run: [autoclk] autoclk.exe
              > O4 - HKLM\..\Run: [msbb] c:\temp\msbb.exe
              > O4 - HKLM\..\Run: [EbatesMoeMoneyMaker] wjview /cp:p "C:\Program
              > Files\EbatesMoeMoneyMaker\Syste m\Code" Main lp: "C:\Program
              > Files\EbatesMoeMoneyMaker"
              > O4 - HKCU\..\Run: [Autoupdate Service] C:\DOCUME~1\Iwona\USTAWI~1\Temp \kaka.e
              > xe
              Najlepiej wywalac w trybie awaryjnym (F8 zanim pojawi sie plansza z WindowsXP).
              Do tego zaktualizuj system ze strony www.windowsupdate.com

              --
              "It's time to kick ass and chew bubblegum. And I'm all outta gum."(c)Duke Nukem
              mail: m.gregor(at)gazeta(dot)pl ; GG: 391450
                  • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 11:49
                    Logfile of HijackThis v1.99.0
                    Scan saved at 11:40:26, on 05-02-2005
                    Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
                    MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

                    Running processes:
                    C:\WINDOWS\System32\smss.exe
                    C:\WINDOWS\system32\winlogon.ex e
                    C:\WINDOWS\system32\services.ex e
                    C:\WINDOWS\system32\lsass.exe
                    C:\WINDOWS\system32\svchost.exe
                    C:\WINDOWS\System32\svchost.exe
                    E:\DVD\nero sześć zero\InCD\InCDsrv.exe
                    C:\WINDOWS\system32\spoolsv.exe
                    D:\Programy z D\avast\aswUpdSv.exe
                    D:\Programy z D\avast\ashServ.exe
                    C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
                    C:\WINDOWS\System32\E_S00RP2.EX E
                    D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
                    \kpf4ss.exe
                    C:\WINDOWS\Explorer.EXE
                    C:\Program Files\Norton Utilities\NPROTECT.EXE
                    D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
                    \kpf4gui.exe
                    C:\WINDOWS\System32\nvsvc32.exe
                    C:\Program Files\Speed Disk\nopdb.exe
                    D:\Programy z D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4
                    \kpf4gui.exe
                    C:\WINDOWS\soundman.exe
                    C:\WINDOWS\autoclk.exe
                    C:\PROGRA~1\WANADOO\taskbaricon .exe
                    C:\Program Files\Java\j2re1.4.2_05\bin\jus ched.exe
                    E:\DVD\power dvd\PDVDServ.exe
                    E:\DVD\nero sześć zero\InCD\InCD.exe
                    D:\PROGRA~1\avast\ashDisp.exe
                    C:\Program Files\SAGEM\SAGEM F@st 800-840\DSLMON.exe
                    D:\Programy z D\avast\ashMaiSv.exe
                    C:\Program Files\Norton Utilities\SYSDOC32.EXE
                    C:\Program Files\Sony Corporation\Image Transfer\SonyTray.exe
                    D:\Programy z D\WinZip\WZQKPICK.EXE
                    D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IMAPP.EXE
                    C:\PROGRA~1\WANADOO\EspaceWanad oo.exe
                    C:\PROGRA~1\WANADOO\ComComp.exe
                    C:\PROGRA~1\WANADOO\Watch.exe
                    C:\Program Files\Internet Explorer\IEXPLORE.EXE
                    C:\PROGRA~1\INCRED~1\bin\IBMAIN .EXE
                    C:\Program Files\Internet Explorer\IEXPLORE.EXE
                    D:\Programy z D\Pożeracz Konia Trojańskiego\hijack\HijackThis. exe

                    R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
                    www.gazeta.pl/0,0.html
                    R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
                    Plus wita Cie w Internecie
                    R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
                    O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
                    d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
                    O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
                    Files\IncrediBar\bin\IBBHO.dll
                    O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} - D:\PROGRA~1
                    \DOŚCIĄ~1\FLASHGET\jccatch.dll
                    O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
                    D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
                    O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} - C:\Program
                    Files\IncrediBar\bin\IBTBar.dll
                    O4 - HKLM\..\Run: [SoundMan] soundman.exe
                    O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                    O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
                    O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
                    O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
                    O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
                    \NvCpl.dll,NvStartup
                    O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
                    Shared\Security Center\UsrPrmpt.exe
                    O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
                    NAV /CMDLINE "REBOOT"
                    O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
                    \bin\jusched.exe
                    O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"
                    O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
                    O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
                    O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
                    atboottime
                    O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
                    O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
                    O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
                    \DSLMON.exe
                    O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
                    Utilities\SYSDOC32.EXE
                    O4 - Global Startup: Image Transfer.lnk = ?
                    O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z D\WinZip\WZQKPICK.EXE
                    O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
                    Files\Adobe\Calibration\Adobe Gamma Loader.exe
                    O8 - Extra context menu item: &Tlumacz z LING... - www.ling.pl/ling/def-
                    src.php4
                    O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
                    D\do ściągania plików\FlashGet\jc_link.htm
                    O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
                    C:\Program Files\IncrediBar\bin\IBTBar.dll
                    O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA 6940E3} -
                    D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                    O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
                    0050BA6940E3} - D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                    O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45 B69CBF} -
                    O16 - DPF: {20AD521D-3A3E-11D4-BC32-005004 0D952B} (SwIcdInstall Class) -
                    file://C:\DOCUME~1\Iwona\USTAWI~1\Temp\WZS4C.tmp\swicdad.cab
                    O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA 18DE71} (RdxIE Class) -
                    207.188.7.150/11ef10c6ccef92226506/netzip/RdxIE601.cab
                    O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF3 3E833C} (WUWebControl Class) -
                    v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094554209195
                    O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F 9A3B61} (HouseCall Control) -
                    a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
                    O16 - DPF: {9E6C7461-FE4A-41A9-9D35-746879 6CF9E7} (AVXControl Class) -
                    threatlevel.pcsecurityshield.com/control/avxnew.dll
                    O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105A A9B6AE} (Symantec RuFSI Registry
                    Information Class) -
                    security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
                    O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEF FEDCBA} (Java Runtime Environment
                    1.4.1) -
                    O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A 675EE8} (IP-Uploader Control) -
                    asp01.photoprintit.de/microsite/4523/defaults/activex/ImageUploader3.cab
                    O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
                    skaner.mks.com.pl/SkanerOnline.cab
                    O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027 438003} (Persits Software XUpload) -
                    dobrebopolskie.com/dirUser/upload/XUpload.ocx
                    O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A 256D46} (IMDownloader Class) -
                    www2.incredimail.com/contents/setup/downloader/imloader.cab
                    O17 - HKLM\System\CCS\Services\Tcpip\ ..\{699BCC01-C18F-4BB7-9EE8-54A 560C362E1}:
                    NameServer = 194.204.152.34 217.98.63.164
                    O23 - Service: avast! iAVS4 Control Service - Unknown - D:\Programy z
                    D\avast\aswUpdSv.exe
                    O23 - Service: avast! Antivirus - Unknown - D:\Programy z D\avast\ashServ.exe
                    O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy z
                    D\avast\ashMaiSv.exe
                    O23 - Service:
                      • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 11:54
                        R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
                        www.gazeta.pl/0,0.html
                        R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
                        Plus wita Cie w Internecie
                        R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
                        O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
                        d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
                        O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
                        Files\IncrediBar\bin\IBBHO.dll
                        O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} - D:\PROGRA~1
                        \DOŚCIĄ~1\FLASHGET\jccatch.dll
                        O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
                        D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
                        O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} - C:\Program
                        Files\IncrediBar\bin\IBTBar.dll
                        O4 - HKLM\..\Run: [SoundMan] soundman.exe
                        O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                        O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
                        O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
                        O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
                        O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
                        \NvCpl.dll,NvStartup
                        O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
                        Shared\Security Center\UsrPrmpt.exe
                        O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
                        NAV /CMDLINE "REBOOT"
                        O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
                        \bin\jusched.exe
                        O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"
                        O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
                        O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
                        O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
                        atboottime
                        O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
                        O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
                        O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
                        \DSLMON.exe
                        O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
                        Utilities\SYSDOC32.EXE
                        O4 - Global Startup: Image Transfer.lnk = ?
                        O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z D\WinZip\WZQKPICK.EXE
                        O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
                        Files\Adobe\Calibration\Adobe Gamma Loader.exe
                        O8 - Extra context menu item: &Tlumacz z LING... - www.ling.pl/ling/def-
                        src.php4
                        O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
                        D\do ściągania plików\FlashGet\jc_link.htm
                        O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
                        C:\Program Files\IncrediBar\bin\IBTBar.dll
                        O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA 6940E3} -
                        D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                        O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
                        0050BA6940E3} - D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                        O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45 B69CBF} -
                        O16 - DPF: {20AD521D-3A3E-11D4-BC32-005004 0D952B} (SwIcdInstall Class) -
                        file://C:\DOCUME~1\Iwona\USTAWI~1\Temp\WZS4C.tmp\swicdad.cab
                        O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA 18DE71} (RdxIE Class) -
                        207.188.7.150/11ef10c6ccef92226506/netzip/RdxIE601.cab
                        O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF3 3E833C} (WUWebControl Class) -
                        v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094554209195
                        O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F 9A3B61} (HouseCall Control) -
                        a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
                        O16 - DPF: {9E6C7461-FE4A-41A9-9D35-746879 6CF9E7} (AVXControl Class) -
                        threatlevel.pcsecurityshield.com/control/avxnew.dll
                        O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105A A9B6AE} (Symantec RuFSI Registry
                        Information Class) -
                        security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
                        O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEF FEDCBA} (Java Runtime Environment
                        1.4.1) -
                        O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A 675EE8} (IP-Uploader Control) -
                        asp01.photoprintit.de/microsite/4523/defaults/activex/ImageUploader3.cab
                        O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
                        skaner.mks.com.pl/SkanerOnline.cab
                        O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027 438003} (Persits Software XUpload) -
                        dobrebopolskie.com/dirUser/upload/XUpload.ocx
                        O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A 256D46} (IMDownloader Class) -
                        www2.incredimail.com/contents/setup/downloader/imloader.cab
                        O17 - HKLM\System\CCS\Services\Tcpip\ ..\{699BCC01-C18F-4BB7-9EE8-54A 560C362E1}:
                        NameServer = 194.204.152.34 217.98.63.164
                        O23 - Service: avast! iAVS4 Control Service - Unknown - D:\Programy z
                        D\avast\aswUpdSv.exe
                        O23 - Service: avast! Antivirus - Unknown - D:\Programy z D\avast\ashServ.exe
                        O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy z
                        D\avast\ashMaiSv.exe
                        O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
                        C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
                        O23 - Service: EPSON V3 Service2(02) - SEIKO EPSON CORPORATION -
                        C:\WINDOWS\System32\E_S00RP2.EX E
                        O23 - Service: InCD Helper - Ahead Software AG - E:\DVD\nero sześć
                        zero\InCD\InCDsrv.exe
                        O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - D:\Programy z
                        D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4\kpf4ss.exe
                        O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program
                        Files\Norton Utilities\NPROTECT.EXE
                        O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation -
                        C:\WINDOWS\System32\nvsvc32.exe
                        O23 - Service: Speed Disk service - Symantec Corporation - C:\Program
                        Files\Speed Disk\nopdb.exe
                        O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common
                        Files\Symantec Shared\Security Center\SymWSC.exe

                        Już nic więcej nie ma.
                        • Gość: piecyk gazowy Re: czy kamera może miec wirusa? IP: *.tpnet.pl / *.tpnet.pl 05.02.05, 12:00
                          OK. Teraz wybierz Do a system scan, zaznacz poniższe pozycje i wciśnij Fix
                          Checked.

                          > O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
                          > Files\IncrediBar\bin\IBBHO.dll

                          > O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} -
                          C:\Program
                          >
                          > Files\IncrediBar\bin\IBTBar.dll

                          > O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
                          > NAV /CMDLINE "REBOOT"
                          > O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
                          > \bin\jusched.exe
                          > O4 - HKLM\..\Run: [RemoteControl] "E:\DVD\power dvd\PDVDServ.exe"

                          > O4 - HKLM\..\Run: [QuickTime Task] "D:\programy z d\quick time\qttask.exe" -
                          > atboottime

                          > O16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45 B69CBF} -
                          > O16 - DPF: {20AD521D-3A3E-11D4-BC32-005004 0D952B} (SwIcdInstall Class) -
                          > file://C:\DOCUME~1\Iwona\USTAWI~1\Temp\WZS4C.tmp\swicdad.cab
                          > O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA 18DE71} (RdxIE Class) -
                          > 207.188.7.150/11ef10c6ccef92226 506/netzip/RdxIE601.cab

                          > O16 - DPF: {9E6C7461-FE4A-41A9-9D35-746879 6CF9E7} (AVXControl Class) -
                          > threatlevel.pcsecurityshield.co m/control/avxnew.dll

                          > O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEF FEDCBA} (Java Runtime Environment
                          > 1.4.1) -

                          > O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A 256D46} (IMDownloader Class) -
                          > www2.incredimail.com/contents/s etup/downloader/imloader.cab


                          Potem wygeneruj i wklej nowego loga.
                          • m.gregor No i piecyk... 05.02.05, 12:04
                            ...jak zwykle okazal sie niezawodny jak sciereczka z telesklepu ;-)
                            --
                            "Your face, your ass, what's the difference?"(c) Duke Nukem
                            mail: m.gregor(at)gazeta(dot)pl ; GG: 391450
                              • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 12:31
                                Juz ją zabiłam!

                                R0 - HKCU\Software\Microsoft\Interne t Explorer\Main,Start Page =
                                www.gazeta.pl/0,0.html
                                R1 - HKCU\Software\Microsoft\Interne t Explorer\Main,Window Title = Neostrada
                                Plus wita Cie w Internecie
                                R0 - HKCU\Software\Microsoft\Interne t Explorer\Toolbar,LinksFolderNam e = Łącza
                                O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
                                d:\programy z d\acrobat reader\Reader\ActiveX\AcroIEHel per.ocx
                                O2 - BHO: IBBHO - {12BA043E-293E-4CE4-A8C7-846093 4FE801} - C:\Program
                                Files\IncrediBar\bin\IBBHO.dll
                                O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-009027 1D075B} - D:\PROGRA~1
                                \DOŚCIĄ~1\FLASHGET\jccatch.dll
                                O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA 6940E3} -
                                D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f giebar.dll
                                O3 - Toolbar: IncrediBar - {D8073790-84C7-4602-BF77-C6ACBF 1612E4} - C:\Program
                                Files\IncrediBar\bin\IBTBar.dll
                                O4 - HKLM\..\Run: [SoundMan] soundman.exe
                                O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
                                O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe
                                O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\taskbaricon .exe
                                O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.e xe
                                O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
                                \NvCpl.dll,NvStartup
                                O4 - HKLM\..\Run: [SSC_UserPrompt] C:\Program Files\Common Files\Symantec
                                Shared\Security Center\UsrPrmpt.exe
                                O4 - HKLM\..\Run: [NAV CfgWiz] C:\WINDOWS\system32\dllcache\cf gwiz.exe /GUID
                                NAV /CMDLINE "REBOOT"
                                O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\j2re1.4.2_05
                                \bin\jusched.exe
                                O4 - HKLM\..\Run: [InCD] E:\DVD\nero sześć zero\InCD\InCD.exe
                                O4 - HKLM\..\Run: [avast!] D:\PROGRA~1\avast\ashDisp.exe
                                O4 - HKCU\..\Run: [IncrediMail] D:\PROGRA~1\RÓŻNE\INCRED~1\bin\ IncMail.exe /c
                                O4 - HKCU\..\Run: [NBJ] "D:\mp3\Nero\Nero BackItUp\NBJ.exe"
                                O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840
                                \DSLMON.exe
                                O4 - Global Startup: Norton System Doctor.lnk = C:\Program Files\Norton
                                Utilities\SYSDOC32.EXE
                                O4 - Global Startup: Image Transfer.lnk = ?
                                O4 - Global Startup: WinZip Quick Pick.lnk = D:\Programy z D\WinZip\WZQKPICK.EXE
                                O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common
                                Files\Adobe\Calibration\Adobe Gamma Loader.exe
                                O8 - Extra context menu item: &Tlumacz z LING... - www.ling.pl/ling/def-
                                src.php4
                                O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - D:\Programy z
                                D\do ściągania plików\FlashGet\jc_link.htm
                                O9 - Extra button: IncrediBar - {023FA804-DCE1-4817-94ED-6BA420 0F9AF2} -
                                C:\Program Files\IncrediBar\bin\IBTBar.dll
                                O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA 6940E3} -
                                D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                                O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-
                                0050BA6940E3} - D:\PROGRA~1\DOŚCIĄ~1\FLASHGET\f lashget.exe
                                O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF3 3E833C} (WUWebControl Class) -
                                v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1094554209195
                                O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F 9A3B61} (HouseCall Control) -
                                a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
                                O16 - DPF: {9E6C7461-FE4A-41A9-9D35-746879 6CF9E7} (AVXControl Class) -
                                threatlevel.pcsecurityshield.com/control/avxnew.dll
                                O16 - DPF: {C2FCEF52-ACE9-11D3-BEBD-00105A A9B6AE} (Symantec RuFSI Registry
                                Information Class) -
                                security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
                                O16 - DPF: {DEB21AD3-FDA4-42F6-B57D-EE696A 675EE8} (IP-Uploader Control) -
                                asp01.photoprintit.de/microsite/4523/defaults/activex/ImageUploader3.cab
                                O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
                                skaner.mks.com.pl/SkanerOnline.cab
                                O16 - DPF: {E87F6C8E-16C0-11D3-BEF7-009027 438003} (Persits Software XUpload) -
                                dobrebopolskie.com/dirUser/upload/XUpload.ocx
                                O16 - DPF: {F00F4763-7355-4725-82F7-0DA94A 256D46} (IMDownloader Class) -
                                www2.incredimail.com/contents/setup/downloader/imloader.cab
                                O17 - HKLM\System\CCS\Services\Tcpip\ ..\{699BCC01-C18F-4BB7-9EE8-54A 560C362E1}:
                                NameServer = 194.204.152.34 217.98.63.164
                                O23 - Service: avast! iAVS4 Control Service - Unknown - D:\Programy z
                                D\avast\aswUpdSv.exe
                                O23 - Service: avast! Antivirus - Unknown - D:\Programy z D\avast\ashServ.exe
                                O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Programy z
                                D\avast\ashMaiSv.exe
                                O23 - Service: EPSON Printer Status Agent2 - SEIKO EPSON CORPORATION -
                                C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe
                                O23 - Service: EPSON V3 Service2(02) - SEIKO EPSON CORPORATION -
                                C:\WINDOWS\System32\E_S00RP2.EX E
                                O23 - Service: InCD Helper - Ahead Software AG - E:\DVD\nero sześć
                                zero\InCD\InCDsrv.exe
                                O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - D:\Programy z
                                D\Pożeracz Konia Trojańskiego\Kerio PFW\Personal Firewall 4\kpf4ss.exe
                                O23 - Service: Norton Unerase Protection - Symantec Corporation - C:\Program
                                Files\Norton Utilities\NPROTECT.EXE
                                O23 - Service: NVIDIA Display Driver Service - NVIDIA Corporation -
                                C:\WINDOWS\System32\nvsvc32.exe
                                O23 - Service: Speed Disk service - Symantec Corporation - C:\Program
                                Files\Speed Disk\nopdb.exe
                                O23 - Service: SymWMI Service - Symantec Corporation - C:\Program Files\Common
                                Files\Symantec Shared\Security Center\SymWSC.exe

    • Gość: iwona Re: czy kamera może miec wirusa? IP: *.neoplus.adsl.tpnet.pl 05.02.05, 12:46
      A i jeszcze co ważne: problemy z kamerą zaczęly się od momentu, kiedy
      zainstalowałam najnowszą wersję movie makera, na tej starej gralo i bucalo,
      chcialam se polepszyć i se po...rzylam. No to wywaliłam tego movie maker i
      przynajmniej odpoczęlam psychicznie, ale jak np. odpalę nero sześc zero, żeby
      zjadl obraz z kamery, wyświetla się komunikat o błędzie programu i wszystko się
      zamyka. No i co ja mam zrobić? Sterowniki kamery deinstalowałam i ponownie
      instalowałam chyba 5 razy,nic nie pomaga.

Popularne wątki

Nie pamiętasz hasła

lub ?

 

Nie masz jeszcze konta? Zarejestruj się

Nakarm Pajacyka