Ktoś ściąga pliki z mojego dysku - pomocy!


(Webfalcon) #1

witam

ponawiam temat, bo został usunięty, nie mogłem odpisać ponieważ z tego wszystkiego komp mi się zawiesił.

coś mi obciąża wysyłanie, ktoś ściąga moje dane.

miałem antyvira avasta home, przedchwilą zainstalowałem nortona 2006

oto logi z HijackThis

Logfile of HijackThis v1.99.1

Scan saved at 20:19:42, on 2006-05-28

Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

E:\WINDOWS\System32\smss.exe

E:\WINDOWS\system32\winlogon.exe

E:\WINDOWS\system32\services.exe

E:\WINDOWS\system32\lsass.exe

E:\WINDOWS\System32\Ati2evxx.exe

E:\WINDOWS\system32\svchost.exe

E:\WINDOWS\System32\svchost.exe

E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

E:\WINDOWS\system32\Ati2evxx.exe

E:\WINDOWS\Explorer.EXE

E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

E:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

E:\Program Files\Common Files\Symantec Shared\ccApp.exe

F:\Norton Internet Security\cfgwiz.exe

E:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe

E:\Program Files\Common Files\Symantec Shared\ccProxy.exe

E:\WINDOWS\system32\spoolsv.exe

F:\Norton Internet Security\Norton AntiVirus\navapsvc.exe

E:\Program Files\Messenger\msmsgs.exe

E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

E:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

E:\Program Files\Symantec\LiveUpdate\LUAll.exe

E:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

F:\NORTON~1\NORTON~1\navw32.exe

E:\Documents and Settings\Komputer\Pulpit\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll

O2 - BHO: Norton Internet Security 2006 - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - E:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - F:\FlashGet\jccatch.dll

O2 - BHO: NAV Helper - {A8F38D8D-E480-4D52-B7A2-731BB6995FDD} - F:\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O3 - Toolbar: Norton Internet Security 2006 - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - E:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll

O3 - Toolbar: Norton AntiVirus - {C4069E3A-68F1-403E-B40E-20066696354B} - F:\Norton Internet Security\Norton AntiVirus\NavShExt.dll

O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "E:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon

O4 - HKLM\..\Run: [ccApp] "E:\Program Files\Common Files\Symantec Shared\ccApp.exe"

O4 - HKLM\..\Run: [SSC_UserPrompt] "E:\Program Files\Common Files\Symantec Shared\Security Center\UsrPrmpt.exe"

O4 - HKLM\..\RunServices: [Microsoft Anti-Virus] avtmxaek.exe

O4 - HKLM\..\RunServices: [msng] loul.exe

O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background

O17 - HKLM\System\CCS\Services\Tcpip\..\{AE445172-B459-4EF9-9ED5-F84CA1EB68A0}: NameServer = 213.241.79.37 195.114.181.130

O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\System32\Ati2evxx.exe

O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe

O23 - Service: Symantec Internet Security Password Validation (ccISPwdSvc) - Symantec Corporation - F:\Norton Internet Security\ccPwdSvc.exe

O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccProxy.exe

O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe

O23 - Service: COM Host (comHost) - Symantec Corporation - F:\Norton Internet Security\comHost.exe

O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - F:\Norton Internet Security\Norton AntiVirus\navapsvc.exe

O23 - Service: Norton Protection Center Service (NSCService) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\Security Console\NSCSRVCE.EXE

O23 - Service: Symantec AVScan (SAVScan) - Symantec Corporation - F:\Norton Internet Security\Norton AntiVirus\SAVScan.exe

O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe

O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe

O23 - Service: Symantec Core LC - Symantec Corporation - E:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe

PROSZĘ O POMOC O SPRAWDZENIE LOGA. POMOCY!


(Gblade) #2

Ściągnij Windows Woorms Door Cleaner, odpal>>>zmień wszystkie znaczki z disable na enable>>>po użyciu narzedzia wymagany jest reset kompa.

1.Startujesz do trybu awaryjnego

2.Wyłanczasz przywracanie systemu (tylko Me/Xp)

3.Kasujesz wpisy w HijackThis

4.Kasujesz pogrubione pliki/foldery

5.Dajesz nowy log z hjt + log z Silent Runners

przed logami skan http://www.ewido.net / po update