Wolno chodzi net

liundiula23 · 20 Grudzień 2006 15:41

Logfile of HijackThis v1.99.1 Scan saved at 16:40:49, on 2006-12-20 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\FSGK32.EXE C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE C:\WINDOWS\System32\svchost.exe C:\Program Files\F-Secure Internet Security\Common\FSMB32.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fssm32.exe C:\Program Files\F-Secure Internet Security\Common\FCH32.EXE C:\Program Files\F-Secure Internet Security\Common\FAMEH32.EXE C:\Program Files\F-Secure Internet Security\Anti-Virus\fsqh.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsrw.exe C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe C:\WINDOWS\Explorer.EXE C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe C:\WINDOWS\System32\G-VGA.exe C:\WINDOWS\System32\RunDll32.exe C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe C:\PROGRA~1\NEOSTR~1\CnxMon.exe C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe C:\PROGRA~1\NEOSTR~1\taskbaricon.exe C:\Program Files\Creative\Shared Files\CAMTRAY.EXE C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE C:\Program Files\HP\HP Software Update\HPWuSchd2.exe C:\WINDOWS\System32\CTFMON.EXE C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe C:\Program Files\F-Secure Internet Security\Anti-Virus\fsav32.exe C:\Program Files\AVerTV\QuickTV.exe C:\PROGRA~1\F-SECU~1\ANTI-S~1\fsaw.exe C:\Program Files\F-Secure Internet Security\FSGUI\fsguidll.exe C:\Program Files\hp\Digital Imaging\bin\hpqimzone.exe C:\PROGRA~1\NEOSTR~1\NeostradaTP.exe C:\PROGRA~1\NEOSTR~1\ComComp.exe C:\PROGRA~1\NEOSTR~1\Watch.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\Internet Explorer\IEXPLORE.EXE C:\Documents and Settings\xxx\Pulpit\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://szukaj.wp.pl R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/ R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll O4 - HKLM…\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM…\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe O4 - HKLM…\Run: [VGAUtil] C:\WINDOWS\System32\G-VGA.exe O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\System32\spool\drivers\w32x86\3\hpztsb05.exe O4 - HKLM…\Run: [WooCnxMon] C:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\NEOSTR~1\taskbaricon.exe O4 - HKLM…\Run: [Creative WebCam Tray] C:\Program Files\Creative\Shared Files\CAMTRAY.EXE O4 - HKLM…\Run: [F-Secure Manager] “C:\Program Files\F-Secure Internet Security\Common\FSM32.EXE” /splash O4 - HKLM…\Run: [F-Secure TNB] “C:\Program Files\F-Secure Internet Security\TNB\TNBUtil.exe” /CHECKALL /WAITFORSW O4 - HKLM…\Run: [F-Secure Startup Wizard] “C:\Program Files\F-Secure Internet Security\FSGUI\FSSW.EXE” /reboot O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [Gadu-Gadu] “D:\Gadu-Gadu\gg.exe” /tray O4 - Startup: QuickTV.lnk = C:\Program Files\AVerTV\QuickTV.exe O4 - Global Startup: F-Secure Anti-Virus 2006.lnk = C:\Program Files\F-Secure Internet Security\backweb\4476822\Program\fspex.exe O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\hp\Digital Imaging\bin\hpqtra08.exe O4 - Global Startup: HP Photosmart Premier - Szybkie uruchomienie.lnk = C:\Program Files\hp\Digital Imaging\bin\hpqthb08.exe O8 - Extra context menu item: &Zablokuj to okienko - C:\Program Files\F-Secure Internet Security\Anti-Spyware\blockpopups.htm O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll O9 - Extra button: Osłona programu IE - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll O9 - Extra ‘Tools’ menuitem: Osłona programu IE… - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure Internet Security\Anti-Spyware\ieshield.dll O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL O16 - DPF: {5A09E43F-A0A7-4ABF-AF80-11367CF1DC8F} (MainControl Class) - http://mks.com.pl/skaner/SkanerOnline.cab O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_28.cab O17 - HKLM\System\CCS\Services\Tcpip…{FE649BA2-36F5-4200-BAB5-0ACBA87FEB02}: NameServer = 194.204.152.34 217.98.63.164 O23 - Service: F-Secure Anti-Virus 2006 (BackWeb Plug-in - 4476822) - F-Secure Internet Security 2005 - C:\PROGRA~1\F-SECU~1\backweb\4476822\Program\SERVIC~1.EXE O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Anti-Virus\fsgk32st.exe O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure Internet Security\backweb\4476822\program\fsbwsys.exe O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\FWES\Program\fsdfwd.exe O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure Internet Security\Common\FSMA32.EXE

proszę o sprawdzenie mam problem z jakimiś mru czarna magia nie wiem o co chodzi gdy przeskanuje ad-aware to są jakies problemy poddaje kwarantannie i jakiś czas jest oki a potem znowu to samo te mru powracają i jest problem pomocy dz

adam9870 · 20 Grudzień 2006 15:43

Log masz ok.

Pozamykaj porty robakom. W tym celu użyj Windows Worms Doors Cleanera zmień znaczki z disable na enable (wszystkie znaczki maja być na zielono, jeżeli któryś z nich będzie na żółto to go zostaw). Po użyciu narzędzia wymagany jest restart.

Przeskanuj jeszcze raz ad-adware i wklej raport.

Proponuję zainstalować dodatek Service Pack 2. Poprawia on bezpieczeństwo w systemie etc…

liundiula23 · 20 Grudzień 2006 16:21

Ad-Aware SE Build 1.06r1 Logfile Created on:20 grudnia 2006 16:58:13 Created with Ad-Aware SE Personal, free for private use. Using definitions file:SE1R140 18.12.2006 »»»»»»»&r References detected during the scan:»»»»»»»» Ad-Aware SE Settings =========================== Set : Search for negligible risk entries Set : Safe mode (always request confirmation) Set : Scan active processes Set : Scan registry Set : Deep-scan registry Set : Scan my IE Favorites for banned URLs Set : Scan my Hosts file Extended Ad-Aware SE Settings =========================== Set : Unload recognized processes & modules during scan Set : Scan registry for all users instead of current user only Set : Always try to unload modules before deletion Set : During removal, unload Explorer and IE if necessary Set : Let Windows remove files in use at next reboot Set : Delete quarantined objects after restoring Set : Include basic Ad-Aware settings in log file Set : Include additional Ad-Aware settings in log file Set : Include reference summary in log file Set : Include alternate data stream details in log file Set : Play sound at scan completion if scan locates critical objects 2006-12-20 16:58:13 - Scan started. (ADS scan) Performing deep Scan and listing Alternate Data Streams… Deep scanning and examining files (C:) »»»»»»»»» C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»» C: Enumerating detected ADS… »»»»»»»»» Disk Scan Result for C:\cme-data\»»»»»»»» C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»» C: Enumerating detected ADS… »»»»»»»»»& Disk Scan Result for C:\Config.Msi\ »»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»» C: Enumerating detected ADS… »»»»»» Disk Scan Result for C:\MSOCache\ »»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»» C: Enumerating detected ADS… »»»»»» Disk Scan Result for C:\My Download Files\ »»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»&raqu C: Enumerating detected ADS… »»»»»»»»»» Disk Scan Result for C:\TempEI4\ »»»»»»»»»» New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»» »»»»»»»»»» Disk Scan Result for C:\WINDOWS\ »»»»»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»» C: Enumerating detected ADS… »»»»»»»»»» »»»»»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»» C: Enumerating detected ADS… »»»»»»»»»» Disk Scan Result for C:\WINDOWS\AppPatch\»»»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»» C: Enumerating detected ADS… »»»»»»»»»» Disk Scan Result for C:\WINDOWS\assembly\ »»»»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»» C: Enumerating detected ADS… »»»»»»»»»» Disk Scan Result for C:\WINDOWS\Config\ »»»»»»»»»» Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… »»»»»»»»»»&r C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Connection Wizard\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Cursors\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Debug\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Downloaded Program Files\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Driver Cache\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Drivers\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Fonts\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\ftpcache\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Help\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\ime\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\inf\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Installer\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\java\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Media\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Microsoft.NET\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Minidump\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\msagent\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\msapps\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\mui\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\OemDir\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Offline Web Pages\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\PCHEALTH\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Prefetch\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\Profiles\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS… Disk Scan Result for C:\WINDOWS\pss\ New critical objects: 0 Objects found so far: 0 C: Drive supports Alternate Data Streams. Scanning and Enumerating ADS… C: Enumerating detected ADS…

adam9870 · 20 Grudzień 2006 16:33

Hmm…

Pobierz program AVG Anti-Spyware zrób update i przeskanuj. A potem wrzuć raport z niego.

Proponuję sprawdzić czy nie przekroczyłeś limitu pobierania danych (np. w przypadku neostrady można to sprawdzić na stronie https://panel.neostrada.pl/).