zenu12
(Zenu1)
4 Marzec 2006 18:28
#1
Sprawdzałem logi z hijack this … i nic… użyłem programu worms doors clenear skanowałem jv16 i reg clenear i też nic… skanowałem antywirami i antyspy i nic A przez ten blad internet nie chodzi i kodeki.
Macie jskieś pomysły na to
Acha jeszcze mam xp sp2
zenu12
(Zenu1)
4 Marzec 2006 18:37
#3
Logfile of HijackThis v1.99.1
Scan saved at 19:34:32, on 2006-03-04
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
C:\Program Files\DVWin\bin\connector.exe
C:\Program Files\DVWin\bin\processor.exe
C:\Program Files\CIMPLICITY Machine Edition\fxControl\Runtime\NT\FxControl.exe
C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\WINDOWS\System32\sim9sync.exe
C:\Program Files\CIMPLICITY Machine Edition\Common\Components\NT\trapiserver.exe
C:\WINDOWS\system32\UAService7.exe
C:\Program Files\DVWin\bin\WinVNC.exe
C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
C:\WINDOWS\system32\TPWRTRAY.EXE
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\System32\00THotkey.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\YDP\NetDict\Watch.exe
C:\Program Files\Microsoft Office\Office\OSA.EXE
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv7.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\userinit.exe
\zeus\profile$\ZZyla\Desktop\Nieużywane skróty pulpitu\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft.pl/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = file://zeus/intranet/http/index.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 10.0.0.254:8080
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 10.0.0.254;213.77.25.203;intra.jokey.de;
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [DVWinRCController] "C:\Program Files\DVWin\bin\processor.exe" -userLogin
O4 - HKLM\..\Run: [Synchronization Manager] %SystemRoot%\system32\mobsync.exe /logon
O4 - HKLM\..\Run: [winvnc] "C:\Program Files\DVWin\bin\WinVNC.exe" -servicehelper
O4 - HKLM\..\Run: [vptray] C:\Program Files\Symantec_Client_Security\Symantec AntiVirus\vptray.exe
O4 - HKLM\..\Run: [Tpwrtray] TPWRTRAY.EXE
O4 - HKLM\..\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM\..\Run: [TosHKCW.exe] "C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe"
O4 - HKLM\..\Run: [TFNF5] TFNF5.exe
O4 - HKLM\..\Run: [TFncKy] TFncKy.exe /Type 20
O4 - HKLM\..\Run: [S7UB Start] "C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe" -StartDB
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [DVWinRCConnector] "C:\Program Files\DVWin\bin\connector.exe" -userLogin
O4 - HKLM\..\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [00THotkey] C:\WINDOWS\System32\00THotkey.exe
O4 - HKLM\..\Run: [000StTHK] 000StTHK.exe
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - Global Startup: Aktywacja Testera.lnk = C:\Program Files\YDP\NetDict\Watch.exe
O4 - Global Startup: Microsoft Find Fast.lnk = C:\Program Files\Microsoft Office\Office\FINDFAST.EXE
O4 - Global Startup: Uruchamianie pakietu Office.lnk = C:\Program Files\Microsoft Office\Office\OSA.EXE
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O14 - IERESET.INF: START_PAGE_URL=file://zeus/intranet/http/index.htm
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = jpb.jokey
O17 - HKLM\Software\..\Telephony: DomainName = jpb.jokey
O20 - Winlogon Notify: NavLogon - C:\WINDOWS\System32\NavLogon.dll
O23 - Service: DefWatch - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\DefWatch.exe
O23 - Service: DoubleVision Windows Connector To IAS (DVWinConnectToIASConnector) - Unknown owner - C:\Program Files\DVWin\bin\connector.exe" -runService -connectInetAccess -silent 0 (file missing)
O23 - Service: DoubleVision Windows Connector Direct (DVWinRCConnector) - Unknown owner - C:\Program Files\DVWin\bin\connector.exe" -runService -silent 0 (file missing)
O23 - Service: DoubleVision Windows Controller (DVWinRCController) - Unknown owner - C:\Program Files\DVWin\bin\processor.exe" -runService -silent 0 (file missing)
O23 - Service: FxControl Runtime (FxControlRuntime) - Total Control Products (Canada) Inc. - C:\Program Files\CIMPLICITY Machine Edition\fxControl\Runtime\NT\FxControl.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Symantec AntiVirus Client (Norton AntiVirus Server) - Symantec Corporation - C:\PROGRA~1\SYMANT~1\SYMANT~1\Rtvscan.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\SYSTEM32\SPOOL\DRIVERS\W32X86\3\HPZipm12.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: SIMATIC NET Synchronization Service (Sim9Sync) - Siemens AG - C:\WINDOWS\System32\sim9sync.exe
O23 - Service: Trapi File Server (TrapiServer) - Unknown owner - C:\Program Files\CIMPLICITY Machine Edition\Common\Components\NT\trapiserver.exe
O23 - Service: SecuROM User Access Service (V7) (UserAccess7) - Unknown owner - C:\WINDOWS\system32\UAService7.exe
O23 - Service: TridiaVNC Server (winvnc) - Unknown owner - C:\Program Files\DVWin\bin\WinVNC.exe" -service (file missing)
Gutek
(Gutek)
4 Marzec 2006 18:44
#4
Użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable. Po użyciu tego narzędzia wymagany jest reset sysa.
http://forum.dobreprogramy.pl/viewtopic.php?t=63328 widze jeden temat był
zenu12
(Zenu1)
4 Marzec 2006 18:48
#5
Używałem i nic
Złączono Posta : 04.03.2006 (Sob) 19:49
Właśnie zamierzam skan ewido ale czy pomoże
Gutek
(Gutek)
4 Marzec 2006 19:00
#6
Zaisntaluj jakiegoś firewalla
zenu12
(Zenu1)
4 Marzec 2006 19:03
#7
no dobra.
Instaluje se kerio.
Złączono Posta : 06.03.2006 (Pon) 17:53
Już ok.
Nie działał mi systemowy ale taraz mam Kerio