Miedziak
13 Grudzień 2005 15:47
#1
Po raz kolejny mam problemiki, zaczelo wszystko wolno chodzic i spyware okienka wyskaują… Napiszczie precyzyjnie i dokladnie co i jak usunąć. Prosze tylko o dobre i wyczerpujące odpowiedzi. Aaa i moze polecilibyscie jakiego Firewalla ? Bo ten w Windowsie XP, chyba neio jest za dobry… (Chodzi o to aby zapora byla skuteczna i nie zamulała łącza)
Logfile of HijackThis v1.99.1 Scan saved at 16:46:36, on 2005-12-13 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\system32\drivers\KodakCCS.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE c:\usr\MYSQL\bin\mysqld.exe C:\WINDOWS\System32\nvsvc32.exe H:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ahead\InCD\InCD.exe C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\NEOSTR~1\taskbaricon.exe C:\WINDOWS\PowerS.exe C:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\Logitech\SetPoint\KEM.exe C:\Program Files\Logitech\SetPoint\KHALMNPR.EXE C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe C:\PROGRA~1\NEOSTR~1\ComComp.exe C:\PROGRA~1\NEOSTR~1\Watch.exe H:\Programy\Tlen.pl\tlen.exe C:\WINDOWS\system32\devldr32.exe C:\WINDOWS\etb\pokapoka79.exe C:\Documents and Settings\Łukasz\Pulpit\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [NeroCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [inCD] C:\Program Files\ahead\InCD\InCD.exe O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb08.exe O4 - HKLM…\Run: [HP Software Update] C:\Program Files\Hewlett-Packard\HP Software Update\HPWuSchd.exe O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\taskbaricon.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe O4 - HKLM…\Run: [PowerS] C:\WINDOWS\PowerS.exe O4 - HKLM…\Run: [mmtask] c:\Program Files\MusicMatch\MusicMatch Jukebox\mmtask.exe O4 - HKLM…\Run: [ChrisTV Agent] “h:\programy\ChrisTV Lite\ChrisTV_Agent.exe” O4 - HKLM…\Run: [Onet.pl AutoUpdate] “C:\Program Files\Common Files\Onet.pl\NewAutoUpdate.exe” /updateexetsr O4 - HKLM…\Run: [checkrun] C:\windows\system32\elitemuc32.exe O4 - HKLM…\Run: [system service79] C:\WINDOWS\etb\pokapoka79.exe O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [steam] “h:\steam\steam.exe” -silent O4 - HKCU…\Run: [MsnMsgr] “C:\Program Files\MSN Messenger\MsnMsgr.Exe” /background O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Logitech SetPoint.lnk = C:\Program Files\Logitech\SetPoint\KEM.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Programy\Adobe Acrobat 7.0\Reader\reader_sl.exe O8 - Extra context menu item: &Download with &DAP - H:\Programy\DAP\dapextie.htm O8 - Extra context menu item: Download &all with DAP - H:\Programy\DAP\dapextie2.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O8 - Extra context menu item: Save Flash with Flash Catcher - res://C:\Program Files\Common Files\justDo\IECatcher.DLL/FlashCatcher.htm O9 - Extra button: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL O9 - Extra ‘Tools’ menuitem: Flash Catcher - {90BAE0EF-F4BF-4FAC-B2EC-2C725C34AF12} - C:\Program Files\Common Files\justDo\IECatcher.DLL O12 - Plugin for .amr: C:\Program Files\Internet Explorer\PLUGINS\npqtplugin3.dll O16 - DPF: {00B71CFB-6864-4346-A978-C0A14556272C} (Checkers Class) - http://messenger.zone.msn.com/binary/ms … b31267.cab O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me … b31267.cab O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan … asinst.cab O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://skaner.mks.com.pl/SkanerOnline.cab O17 - HKLM\System\CCS\Services\Tcpip…{D1A6040F-6A60-4B6C-B9AA-598C2D2F557B}: NameServer = 194.204.152.34 217.98.63.164 O18 - Protocol: msnim - {828030A1-22C1-4009-854F-8E305202313F} - “C:\PROGRA~1\MSNMES~1\msgrapp.dll” (file missing) O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - C:\WINDOWS\system32\drivers\KodakCCS.exe O23 - Service: Macromedia Licensing Service - Macromedia - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe O23 - Service: MySql - Unknown owner - c:\usr/MYSQL/bin/mysqld.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - H:\Programy\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe
Z góry TXH
syfiosz
13 Grudzień 2005 15:55
#2
Kerio + konfiguracja
Przeskanuj ad-aware, spybotem, CWShredder itp… ;]
Gutek
13 Grudzień 2005 17:48
#3
W trybie awryjnym plik i folder recznie usuń, a wpisy hijackiem
Użyj też: Elite Toolbar Remover, Kill Elite Toolbar
