Witam,
wygląda na to że załapałem jakiegos wirusa…Mógłby ktoś mi pomóc w usunięciu go ponieważ jak dotąd żaden antivirus którego używalem nie daje rady…Poniżej plik z Hijack-a…Z góry dzięki za pomoc…
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 09:24:44, on 2008-10-06
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\ArchestrA\aaLogger.exe
C:\Program Files\GE Fanuc\Alarm Viewer\Host\AEClientHostService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\GE Fanuc\Proficy Common\Proficy Common Licensing\CCFLIC0.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
C:\Program Files\Common Files\ArchestrA\NTServApp.exe
C:\PROGRA~1\AVG\AVG8\avgam.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\PROGRA~1\AVG\AVG8\avgnsx.exe
C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
C:\Program Files\Common Files\ArchestrA\slssvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\ThpSrv.exe
C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
C:\WINDOWS\SkyTel.EXE
C:\Program Files\GE Fanuc\Proficy Machine Edition\Common\Components\NT\trapiserver.exe
C:\Program Files\TOSHIBA\TME3\TMEEJME.EXE
C:\Program Files\FactorySuite\Common\wwlogsvc.exe
C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\system32\00THotkey.exe
C:\Program Files\Apoint2K\Apoint.exe
C:\WINDOWS\AGRSMMSG.exe
C:\Program Files\Apoint2K\Apntex.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\WINDOWS\system32\TPSMain.exe
C:\WINDOWS\system32\thpsrv.exe
C:\WINDOWS\system32\TFNF5.exe
C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
C:\WINDOWS\system32\TPSBattM.exe
C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE
C:\WINDOWS\system32\igfxext.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\TOSHIBA\TOSHIBA Controls\TFncKy.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE
C:\WINDOWS\VM303_STI.EXE
C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe
C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Common Files\Siemens\Sqlany\dbsrv7.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\PROGRA~1\COMMON~1\Nokia\MPAPI\MPAPI3s.exe
C:\Program Files\OpenOffice.org 2.0.3\program\soffice.exe
C:\Program Files\OpenOffice.org 2.0.3\program\soffice.BIN
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\PROGRA~1\AVG\AVG8\aAvgApi.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
c:\program files\common files\installshield\updateservice\isuspm.exe
C:\Program Files\Common Files\InstallShield\UpdateService\agent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\clipsrv.exe
C:\Program Files\Common Files\ArchestrA\alarmmgr.exe
C:\Program Files\Outlook Express\msimn.exe
C:\totalcmd\TOTALCMD.EXE
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.pajacyk.pl/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 192.168.100.10:8080
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AlpGld.Tb6 - {57BE2636-F271-4151-9D4A-40A2663E4FD7} - C:\WINDOWS\system32\gjopli.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O2 - BHO: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: AVG Security Toolbar - {A057A204-BACC-4D26-9990-79A187E2698E} - C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O4 - HKLM…\Run: [skyTel] SkyTel.EXE
O4 - HKLM…\Run: [00THotkey] C:\WINDOWS\system32\00THotkey.exe
O4 - HKLM…\Run: [000StTHK] 000StTHK.exe
O4 - HKLM…\Run: [Apoint] C:\Program Files\Apoint2K\Apoint.exe
O4 - HKLM…\Run: [AGRSMMSG] AGRSMMSG.exe
O4 - HKLM…\Run: [igfxtray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM…\Run: [igfxhkcmd] C:\WINDOWS\system32\hkcmd.exe
O4 - HKLM…\Run: [igfxpers] C:\WINDOWS\system32\igfxpers.exe
O4 - HKLM…\Run: [TPSMain] TPSMain.exe
O4 - HKLM…\Run: [TPSODDCtl] TPSODDCtl.exe
O4 - HKLM…\Run: [ThpSrv] thpsrv /logon
O4 - HKLM…\Run: [TFNF5] TFNF5.exe
O4 - HKLM…\Run: [smoothView] C:\Program Files\TOSHIBA\Program narzędziowy TOSHIBA Zooming Utility\SmoothView.exe
O4 - HKLM…\Run: [TouchED] C:\Program Files\TOSHIBA\TouchED\TouchED.Exe
O4 - HKLM…\Run: [TOSDCR] TOSDCR.EXE
O4 - HKLM…\Run: [TMESRV.EXE] C:\Program Files\TOSHIBA\TME3\TMESRV31.EXE /Logon
O4 - HKLM…\Run: [TMERzCtl.EXE] C:\Program Files\TOSHIBA\TME3\TMERzCtl.EXE /Service
O4 - HKLM…\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM…\Run: [TFncKy] TFncKy.exe
O4 - HKLM…\Run: [TosHKCW.exe] “C:\Program Files\TOSHIBA\Wireless Hotkey\TosHKCW.exe”
O4 - HKLM…\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM…\Run: [intelZeroConfig] “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
O4 - HKLM…\Run: [intelWireless] “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
O4 - HKLM…\Run: [PCSuiteTrayApplication] C:\PROGRA~1\Nokia\NOKIAP~1\LAUNCH~1.EXE -startup
O4 - HKLM…\Run: [bigDog303] C:\WINDOWS\VM303_STI.EXE VIMICRO USB PC Camera (ZC0301PLH)
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_03\bin\jusched.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [s7UB Start] “C:\Program Files\Common Files\Siemens\S7ubtoox\s7ubtstx.exe” -StartDB
O4 - HKLM…\Run: [iSUSPM Startup] “c:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” -startup
O4 - HKLM…\Run: [iSUSScheduler] “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
O4 - HKLM…\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM…\Run: [userFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [TOSCDSPD] C:\Program Files\TOSHIBA\TOSCDSPD\toscdspd.exe
O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [PcSync] C:\Program Files\Nokia\Nokia PC Suite 6\PcSync2.exe /NoDialog
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)
O4 - Startup: OpenOffice.org 2.0.3.lnk = C:\Program Files\OpenOffice.org 2.0.3\program\quickstart.exe
O4 - Global Startup: Action Manager 32.lnk = C:\Program Files\ScannerU\AM32.exe
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Dienst-Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_03\bin\ssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll
O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx
O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - AppInit_DLLs: avgrsstx.dll
O23 - Service: ArchestrA Logger (aaLogger) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\aaLogger.exe
O23 - Service: AEClientHostService - GE Fanuc Automation Americas - C:\Program Files\GE Fanuc\Alarm Viewer\Host\AEClientHostService.exe
O23 - Service: Automation License Manager Service (almservice) - SIEMENS AG - C:\Program Files\Common Files\Siemens\sws\almsrv\almsrvx.exe
O23 - Service: AVG8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Proficy Licensing (CCFLIC0) - GE Fanuc Automation Americas - C:\Program Files\GE Fanuc\Proficy Common\Proficy Common Licensing\CCFLIC0.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA CORPORATION - C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Intel® PROSet/Wireless Event Log (EvtEng) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: FS Service Control - Wonderware Corporation - C:\Program Files\Common Files\ArchestrA\NTServApp.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: OpcEnum - OPC Foundation - C:\WINDOWS\system32\OpcEnum.exe
O23 - Service: Intel® PROSet/Wireless Registry Service (RegSrvc) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service (S24EventMonitor) - Intel Corporation - C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: S7 Global Services (s7asysvx) - SIEMENS AG - C:\Program Files\Siemens\Step7\S7BIN\s7asysvx.exe
O23 - Service: SIMATIC IEPG Help Service (s7oiehsx) - SIEMENS AG - C:\Program Files\Common Files\Siemens\S7IEPG\s7oiehsx.exe
O23 - Service: ServiceLayer - Nokia. - C:\Program Files\Common Files\PCSuite\Services\ServiceLayer.exe
O23 - Service: Wonderware SuiteLink (slssvc) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\slssvc.exe
O23 - Service: Ochrona dysku twardego TOSHIBA (Thpsrv) - TOSHIBA Corporation - C:\WINDOWS\system32\ThpSrv.exe
O23 - Service: Tmesrv3 (Tmesrv) - TOSHIBA - C:\Program Files\TOSHIBA\TME3\Tmesrv31.exe
O23 - Service: Trapi File Server (TrapiServer) - Unknown owner - C:\Program Files\GE Fanuc\Proficy Machine Edition\Common\Components\NT\trapiserver.exe
O23 - Service: Wonderware Logger (WWLOGSVC) - Wonderware Corporation - C:\Program Files\FactorySuite\Common\wwlogsvc.exe
O23 - Service: Wonderware NetDDE Helper (WWNetDDE) - Invensys Systems, Inc. - C:\Program Files\Common Files\ArchestrA\wwnetdde.exe
O23 - Service: WwRpcSvr - Wonderware Corporation - C:\WINDOWS\system32\wwinstsvc.exe
–
End of file - 12930 bytes