Mam ogromny problem ! Pomóźcie mi !
Mam xp z service pack 2. Od pewnego czasu zauwaźyłem, źe mój system robi sobie co chce, tzn. włącza sam róźne programy – poprostu miesza. Trwa to kilka sekund i wszystko powraca do normy. Za kilka minut to samo... Sprawdzałem kilkakrotnie, czy nie złapałem wirusa, albo inne cuda, ale wszystko jest ok. Nie wiem co jest grane. Juź nawet próbowałem oczyścić kompa z kurzu – bez rezultatu. Pomóźcie mi rozwiąźać kłopot, bo sam juź nie daję rady !
Odpowiedzi: 12
ja tak w sprawie tego loga tu mozna sobie samemu sprawdzic... http://www.hijackthis.de/en
... ale nigdy wcześniej nie miałem źadnych problemów, a teraz chyba zwariuję !
nie znam się na logah ale wiem źe torrenty, azureus, bit tornado i inne defendery to potrafią uprzykrzyć źycie. A u ciebie jest tego troszkę.
Zdaje się, źe nic nie pomogło. Jakby przez kilka chwil było lepiej i dalej miesza. Pomóźcie mi !
Logfile of HijackThis v1.99.1
Scan saved at 01:45:20, on 2005–06–11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\WITaj!\Wit2000.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
E:\Programy\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: &Google Search – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 – Extra context menu item: Backward &Links – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Si&milar Pages – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O16 – DPF: {6CB5E471–C305–11D3–99A8–000086395495} (Google Activate) – http://toolbar.google.com/data/pl/big/1.1.62–big/GoogleNav.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 01:45:20, on 2005–06–11
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\WITaj!\Wit2000.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
E:\Programy\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – C:\WINDOWS\Downloaded Program Files\googlenav.dll
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: &Google Search – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsearch.html
O8 – Extra context menu item: Backward &Links – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmbacklinks.html
O8 – Extra context menu item: Cac&hed Snapshot of Page – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmcache.html
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 – Extra context menu item: Si&milar Pages – res://C:\WINDOWS\Downloaded Program Files\googlenav.dll/cmsimilar.html
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O16 – DPF: {6CB5E471–C305–11D3–99A8–000086395495} (Google Activate) – http://toolbar.google.com/data/pl/big/1.1.62–big/GoogleNav.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Jest lepiej, ale od czasu do czasu dalej coś miesza !!!
Logfile of HijackThis v1.99.1
Scan saved at 21:09:17, on 2005–06–10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\WITaj!\Wit2000.exe
E:\Programy\Gadu–Gadu\gg.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Logfile of HijackThis v1.99.1
Scan saved at 21:09:17, on 2005–06–10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\WITaj!\Wit2000.exe
E:\Programy\Gadu–Gadu\gg.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
C:\Program Files\Windows Media Player\wmplayer.exe
E:\Programy\eMule\emule.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Masz tylko szpiega SaveNow
Wyłacz proces:
VVSN.exe
FIX i usuń katalog z dysku:
Poza tym masz kupe programów które spokojnie moźna czy to w msconfig odptaszyć czy z autostartu usunąć.
Wyłacz proces:
VVSN.exe
FIX i usuń katalog z dysku:
O4 – HKLM\..\Run: [Vvsn] C:\Program Files\VVSN\VVSN.exe
Poza tym masz kupe programów które spokojnie moźna czy to w msconfig odptaszyć czy z autostartu usunąć.
Zgadza się, właśnie o to chodziło teraz poczekaj aź ktoś znający się na tym powie ci co masz dalej z tym zrobić.
Czy o to chodziło ?
Logfile of HijackThis v1.99.1
Scan saved at 06:25:19, on 2005–06–10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\WITaj!\Wit2000.exe
E:\Programy\Gadu–Gadu\gg.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [Vvsn] C:\Program Files\VVSN\VVSN.exe
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
Scan saved at 06:25:19, on 2005–06–10
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Executive Software\Diskeeper\DkService.exe
C:\WINDOWS\SYSTEM32\GEARSEC.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe
C:\WINDOWS\system32\fxssvc.exe
C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe
C:\Program Files\Softwin\BitDefender8\vsserv.exe
C:\WINDOWS\Explorer.EXE
E:\Programy\ChrisTV\ChrisTV_Agent.exe
E:\Programy\Winamp\winampa.exe
C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
C:\Program Files\Softwin\BitDefender8\bdoesrv.exe
C:\Program Files\Softwin\BitDefender8\bdswitch.exe
C:\WINDOWS\system32\carpserv.exe
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\DAP\DAP.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
C:\Program Files\VVSN\VVSN.exe
C:\Program Files\WITaj!\Wit2000.exe
E:\Programy\Gadu–Gadu\gg.exe
C:\Program Files\Chameleon Clock\ChamClock.exe
C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
C:\PROGRA~1\HEWLET~1\AiO\Shared\Bin\hpoevm07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOSTS07.exe
C:\Program Files\Hewlett–Packard\AiO\Shared\bin\hpOFXM07.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Documents and Settings\ANDRZEJ DEJA\Pulpit\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.pl
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O3 – Toolbar: DAP Bar – {62999427–33FC–4baf–9C9C–BCE6BD127F08} – C:\Program Files\DAP\DAPIEBar.dll (file missing)
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [ChrisTV Agent] "E:\Programy\ChrisTV\ChrisTV_Agent.exe"
O4 – HKLM\..\Run: [CloneCDTray] "E:\Programy\SlySoft\CloneCD\CloneCDTray.exe" /s
O4 – HKLM\..\Run: [WinampAgent] E:\Programy\Winamp\winampa.exe
O4 – HKLM\..\Run: [BDMCon] C:\PROGRA~1\Softwin\BitDefender8\bdmcon.exe
O4 – HKLM\..\Run: [BDNewsAgent] C:\PROGRA~1\Softwin\BitDefender8\bdnagent.exe
O4 – HKLM\..\Run: [Bdoesrv] C:\Program Files\Softwin\BitDefender8\\bdoesrv.exe
O4 – HKLM\..\Run: [BDSwitchAgent] C:\Program Files\Softwin\BitDefender8\\bdswitch.exe
O4 – HKLM\..\Run: [CARPService] carpserv.exe
O4 – HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM\..\Run: [DownloadAccelerator] C:\PROGRA~1\DAP\DAP.EXE /STARTUP
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 – HKLM\..\Run: [Nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [SiSUSBRG] C:\WINDOWS\SiSUSBrg.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [Vvsn] C:\Program Files\VVSN\VVSN.exe
O4 – HKLM\..\Run: [jv16PT – Privacy Protector] C:\Program Files\jv16 PowerTools\jv16PT.exe –ExecTask "C:\Program Files\jv16 PowerTools\Tasks\_PrivacyProtector\Task.jvb"
O4 – HKCU\..\Run: [WITaj!] C:\Program Files\WITaj!\Wit2000.exe /ikona
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Programy\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [HomeAlarm] C:\Program Files\Chameleon Clock\ChamClock.exe
O4 – HKCU\..\Run: [TweakRAM] C:\Program Files\TweakRAM\TweakRAM.exe
O4 – Startup: PowerReg Scheduler.exe
O4 – Global Startup: HPAiODevice(hp officejet v series) – 1.lnk = C:\Program Files\Hewlett–Packard\AiO\hp officejet v series\Bin\hpoant07.exe
O4 – Global Startup: InterVideo WinCinema Manager.lnk = C:\Program Files\InterVideo\Common\Bin\WinCinemaMgr.exe
O4 – Global Startup: InterVideo WinScheduler.lnk = C:\Program Files\InterVideo\WinDVR\WinScheduler.exe
O4 – Global Startup: MpegTV Station PCITV Remote Control.lnk = C:\Program Files\AVACS\MpegTV Station PCITV\RemoteCtl.exe
O8 – Extra context menu item: &Download with &DAP – C:\PROGRA~1\DAP\dapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:\PROGRA~1\DAP\dapextie2.htm
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:\PROGRA~1\DAP\DAP.EXE
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O16 – DPF: {2B41A786–1B06–4FBD–ACD5–D5BA121902B1} (SearchEngineControl Class) –
O17 – HKLM\System\CCS\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O17 – HKLM\System\CS1\Services\Tcpip\..\{142C381E–5855–4449–B6D0–7678343A3663}: NameServer = 195.114.181.130 195.114.161.61
O23 – Service: BitDefender Scan Server (bdss) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe" /service (file missing)
O23 – Service: Diskeeper – Executive Software International, Inc. – C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 – Service: GEARSecurity – GEAR Software – C:\WINDOWS\SYSTEM32\GEARSEC.EXE
O23 – Service: NVIDIA Display Driver Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\system32\nvsvc32.exe
O23 – Service: BitDefender Virus Shield (VSSERV) – Unknown owner – C:\Program Files\Softwin\BitDefender8\vsserv.exe" /service (file missing)
O23 – Service: BitDefender Communicator (XCOMM) – Unknown owner – C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe" /service (file missing)
AndrzejDeja poczytaj pod tym linkiem http://forum.centrumxp.pl/viewtopic.php?t=34940
Nie znam się na tym. Jak mam to zrobić, gdzie szukać ten log z hijack....
Mieszanie zaczyna się nikedy zaraz po włączeniu kompa, a niekiedy po pewnym czasie od włączenia.
Mieszanie zaczyna się nikedy zaraz po włączeniu kompa, a niekiedy po pewnym czasie od włączenia.
LOg z HIJAck tutaj wklej a specjaliści ci go oczyszczą i prawdopodobnie ci to pomoze... (Przyklejony w dziale bezpieczeństwo)
Strona 1 / 1