kaminagr
13.06.07, 23:08
Od kilku dni przy każdym włączeniu komputera na dysku C jest coraz mniej
pamięci (np. wczoraj przy wyłączeniu 175MB, dziś nagle 65MB). Komputer
przeszukałam przy pomocy AdAware i Mks-vir online (ten drugi znalazł dwa
trojany, ale problem pozostał), zainstalowane mam też Norton Protection
Center, ale nie chce skanować i zawiesza się po przeszukaniu czterech-pięciu
plików.
Proszę o sprawdzenie loga i wyjaśnienie, co robić, żeby uratować pamięć.
Ach, no i dziś jeszcze do tego zniknął Windows Media Player.
Logfile of HijackThis v1.99.1
Scan saved at 22:45:12, on 2007-06-13
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe
C:\Program Files\Common Files\Symantec Shared\AppCore\AppSvc32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
C:\Program Files\Palick Soft\HDD Temperature\HDDTsvc.exe
C:\WINDOWS\system32\atiptaxx.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\WINDOWS\system32\slserv.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\YDP\UserAccessManager\useraccess.exe
C:\Program Files\Apoint2K\Apntex.exe
D:\Ashampoo\Uninstaler\Ashampoo UnInstaller Suite Plus\UnInstaller
Suite\UIWatcher.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\sllights.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Common Files\Symantec Shared\COH\coh32.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\WinRAR\WinRAR.exe
C:\DOCUME~1\WIESLAW\LOCALS~1\Temp\Rar$EX04.749\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
global.acer.com/
O2 - BHO: MyWebSearch Search Assistant BHO -
{00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program
Files\MyWebSearch\SrchAstt\1.bin\MWSSRCAS.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO - {07B18EA1-A523-4961-B6BB-170DE4475CCA} - C:\Program
Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - C:\Program
Files\Common Files\Symantec Shared\coShared\Browser\1.0\NppBho.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_08\bin\ssv.dll
O2 - BHO: (no name) - {BBE59AF5-EE22-4A3A-AB26-3F774D1B4216} -
C:\PROGRA~1\FOLDER~1\FOLDER~1.DLL
O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} -
C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL (file missing)
O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} -
C:\Program Files\Common Files\Symantec Shared\coShared\Browser\1.0\UIBHO.dll
O4 - HKLM\..\Run: [AtiPTA] atiptaxx.exe
O4 - HKLM\..\Run: [ATIModeChange] Ati2mdxx.exe
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [osCheck] "D:\norton internet security\osCheck.exe"
O4 - HKLM\..\Run: [Symantec PIF AlertEng] "C:\Program Files\Common
Files\Symantec Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\PIFSvc.exe"
/a /m "C:\Program Files\Common Files\Symantec
Shared\PIF\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\AlertEng.dll"
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.5.0_08\bin\jusched.exe"
O4 - HKLM\..\Run: [PwrUpTweakMe] C:\WINDOWS\system32\PUPXPTWK.EXE /TWEAK
O4 - HKCU\..\Run: [UIWatcher] D:\Ashampoo\Uninstaler\Ashampoo UnInstaller
Suite Plus\UnInstaller Suite\UIWatcher.exe
O8 - Extra context menu item: &Search -
bar.mywebsearch.com/menusearch.html?p=ZRxdm184
O8 - Extra context menu item: Blokuj wszystkie obrazy z tego serwera -
C:\Program Files\Avant Browser\AddAllToADBlackList.htm
O8 - Extra context menu item: Dodaj do listy blokowanych reklam - C:\Program
Files\Avant Browser\AddToADBlackList.htm
O8 - Extra context menu item: Otwórz wszystkie adresy z tej strony... -
C:\Program Files\Avant Browser\OpenAllLinks.htm
O8 - Extra context menu item: Podœwietl - C:\Program Files\Avant
Browser\Highlight.htm
O8 - Extra context menu item: Szukaj - C:\Program Files\Avant Browser\Search.htm
O9 - Extra button: Pardon - {302172A1-A2B4-4402-B1D0-F5D54C3E83C6} -
D:\slownik\Pardon 2\Pardon.exe (file missing)
O9 - Extra 'Tools' menuitem: Pardon - {302172A1-A2B4-4402-B1D0-F5D54C3E83C6} -
D:\slownik\Pardon 2\Pardon.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=global.acer.com/
O15 - Trusted Zone: www.mks.com.pl
O15 - Trusted Zone: www.zkmgdynia.pl
O16 - DPF: {02BED220-FBC7-4392-93A2-3A50B056F78E} -
down.plaxo.com/down/release/instub.cab
O16 - DPF: {3E873CB7-D5F5-43EF-AC4A-1F97D3118265} -
O16 - DPF: {644E432F-49D3-41A1-8DD5-E099162EEEC5} (Symantec RuFSI Utility
Class) - security.symantec.com/sscv6/SharedContent/common/bin/cabsa.cab
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) -
www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {F58E1CEF-A068-4C15-BA5E-587CAF3EE8C6} (MSN Chat Control 4.5) -
chat.msn.com/bin/msnchat45.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner -
C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Unknown owner - C:\Program
Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file missing)
O23 - Service: Symantec Settings Manager (ccSetMgr) - Unknown owner -
C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h ccCommon (file
missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown
owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe" /h
ccCommon (file missing)
O23 - Service: COM Host (comHost) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\VAScanner\comHost.exe
O23 - Service: Diskeeper - Executive Software International, Inc. -
D:\Executive Software\diskeeper lite\DKService.exe
O23 - Service: Harmonogram automatycznej uslugi LiveUpdate - Symantec
Corporation - C:\Program Files\Symantec\LiveUpdate\ALUSchedulerSvc.exe
O23 - Service: HDD Temperature (HDDTService) - PalickSoft - C:\Program
Files\Palick Soft\HDD Temperature\HDDTsvc.exe
O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec
Corporation - D:\norton