Witam! mam nastepujacy problem… na ircu dostalem link… oczywiscie jak debil ostatni z ciekawosci wszedlem i mam wira… rozsyla wszystkim spam z tym wirem itd… powiedziano mi zeby spradzic system32…przeskanowalem caly komputer EWIDO oraz AD-AWARE jak i osobno przeskanowalem system32…usunalem kilka wirusow ale to nie ten… ciagle rozsyla spam… a zurzycie procka podskauje co 10 sec do 100% ze nawet winakp sie na sekunde zacina : / ogolnie tragedia …prosze pomozcie
Logfile of HijackThis v1.99.1
Scan saved at 23:06:44, on 2006-01-10
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\MsPMSPSv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
C:\Program Files\Razer\razerhid.exe
C:\WINDOWS\System32\rundll32.exe
C:\WINDOWS\System32\wkssvc.exe
C:\Program Files\Steam\Steam.exe
C:\Program Files\Razer\razertra.exe
C:\Program Files\Razer\razerofa.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Windows Media Player\wmplayer.exe
C:\Program Files\OpenOffice.org1.1.0\program\soffice.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\progsy\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.pl/
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [razer] C:\Program Files\Razer\razerhid.exe
O4 - HKLM\..\Run: [New.net Startup] rundll32 C:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
O4 - HKLM\..\Run: [Windows Workstation Service] wkssvc.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunServices: [Windows Workstation Service] wkssvc.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Steam] "C:\Program Files\Steam\Steam.exe" -silent
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O10 - Hijacked Internet access by New.Net
O17 - HKLM\System\CCS\Services\Tcpip\..\{4E28F7DF-DBCA-4BCC-AA4F-8C4C1794799F}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe
to log hijack z gory dalem i dzieki …pozdrawiam