Temat: Wirus a łącze internetowe? o0
Zobacz pojedynczy post
stary 24-04-2007, 18:30   #11
..::QRAS::..
Manga & Anime
 
..::QRAS::..'s Avatar
 
Data dołączenia: 25 01 2005
Wiek: 36
Posty: 1,795
..::QRAS::.. ma numer GG 638092
Domyślny
Cytuj:
Oryginalnie napisane przez Guzbi Pokaż post
p2p nie mam, jedyne co włączone to GG(nawet gdy wyłącze to nic nie daje) no i avast. 2 razy dzis skanowałem - jakieś wirusy w system volume~~ (czy jakoś tak). Ok - skan z Hijack This:

Logfile of HijackThis v1.99.1
Scan saved at 13:52:11, on 2007-04-26
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:\WINDOWS\System32\smss*****
C:\WINDOWS\system32\winlogon*****
C:\WINDOWS\system32\services*****
C:\WINDOWS\system32\lsass*****
C:\WINDOWS\System32\Ati2evxx*****
C:\WINDOWS\system32\svchost*****
C:\WINDOWS\System32\svchost*****
C:\Program Files\Alwil Software\Avast4\aswUpdSv*****
C:\Program Files\Alwil Software\Avast4\ashServ*****
C:\WINDOWS\system32\Ati2evxx*****
C:\WINDOWS\Explorer*****
C:\WINDOWS\System32\sstray*****
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx*****
C:\PROGRA~1\NEOSTR~1\CnxMon*****
C:\PROGRA~1\NEOSTR~1\TaskbarIcon*****
C:\Program Files\Java\jre1.5.0_11\bin\jusched*****
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
C:\Program Files\Winamp\winampa*****
C:\Program Files\Common Files\Real\Update_OB\realsched*****
C:\WINDOWS\System32\winIogon*****
C:\WINDOWS\System32\svcchosst***** <<<<< WTF ?
C:\Program Files\Gadu-Gadu\gg*****
C:\Program Files\AutoConnect\AutoConnect*****
C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon*****
C:\WINDOWS\system32\spoolsv*****
C:\WINDOWS\System32\urdvxc*****
C:\WINDOWS\System32\svchost*****
C:\Program Files\Alwil Software\Avast4\ashMaiSv*****
C:\Program Files\Alwil Software\Avast4\ashWebSv*****
C:\Program Files\Alwil Software\Avast4\ashSimpl*****
C:\Program Files\Winamp\winamp*****
E:\Robal\OTS\GoozbiOTS\GoozbiOTS\GoozbiOTS***** (niepolecam zadnych otsow.)
C:\Program Files\Opera\Opera*****
C:\Program Files\HijackThis\HijackThis*****

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &Tłumaczenie - {0D704FAD-66E9-4F0A-BFED-4F665770DDB3} - C:\Program Files\Techland\Common\InternetTranslator\InternetT ranslator.dll
O4 - HKLM\..\Run: [nForce Tray Options] sstray***** /r
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx*****
O4 - HKLM\..\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon*****
O4 - HKLM\..\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch*****
O4 - HKLM\..\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\TaskbarIcon*****
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.5.0_11\bin\jusched*****"
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp*****
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck*****
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa*****
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched*****" -osboot
O4 - HKLM\..\Run: [Windows Logon Application] C:\WINDOWS\System32\winIogon*****
O4 - HKLM\..\Run: [msvccc66] svcchosst*****
O4 - HKLM\..\RunServices: [msvccc66] svcchosst*****
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg*****" /tray
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect*****
O4 - HKCU\..\Run: [WhenUSave] "C:\PROGRA~1\Save\Save*****"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype*****" /nosplash /minimized
O4 - Global Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon*****
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL*****/3000
O8 - Extra context menu item: Pobierz z &BitSpirit - D:\BitSpirit\bsurl.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_11\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetT ranslator.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files\Techland\Common\InternetTranslator\InternetT ranslator.dll,-103 - {B46B0919-62BA-4D99-A5C4-916B57A6805C} - C:\Program Files\Techland\Common\InternetTranslator\InternetT ranslator.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{0E0955A7-C1C0-48AC-926A-CBE111F7F5C8}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{0E0955A7-C1C0-48AC-926A-CBE111F7F5C8}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLM\System\CS2\Services\Tcpip\..\{0E0955A7-C1C0-48AC-926A-CBE111F7F5C8}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O21 - SSODL: eitheror - {2016a466-91a2-43c6-97d8-2fd380f065ef} - (no file)
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv*****
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx*****
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag*****
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ*****
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv*****" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv*****" /service (file missing)
O23 - Service: Network Windows Service (MSWindows) - Unknown owner - C:\WINDOWS\System32\urdvxc*****" /service (file missing)

=0

mam zastrzezenia do tych 2 plikow.
__________________
Autor tego posta otrzymał pochwałę

" Choc droga jest bez konca , pozornie bez znaczenia , mniemam ze mam powody by drogi swej nie zmieniac... "
..::QRAS::.. jest offline   Odpowiedz z Cytatem