Co pobiera z netu
Internet ciągnie ok 3,5 KB/s usunołem NewDotNet ale i tak cos ciągnie proszę o pomoc
Scan saved at 13:02:10, on 2005–11–21
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ClocX–zegar na pulpit\ClocX.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
E:\AnalogX\NetStat Live\nsl.exe
D:\Zegarynka\Zegarynka.exe
C:\Program Files\Weather Watcher\ww.exe
E:\Gadu–Gadu\gg.exe
D:\NetMeter\NetMeter.exe
C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
D:\Prog.instalacyjne\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {E9087C34–A9E5–6027–4424–1A90548B6F6E} – C:\DOCUME~1\Pati\DANEAP~1\mealcity\Hold Date.exe
O3 – Toolbar: iMeshBar – {5345A7A9–805A–4923–B505–86B2FEBA3FE0} – C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [ClocX] C:\Program Files\ClocX–zegar na pulpit\ClocX.exe
O4 – HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 – HKLM\..\Run: [SysMetrix] D:\SysMetrix\SysMetrix.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 – HKLM\..\Run: [NetStat Live] E:\AnalogX\NetStat Live\nsl.exe
O4 – HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 – HKCU\..\Run: [Zegarynka] D:\Zegarynka\Zegarynka.exe
O4 – HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [D:\NetMeter\NetMeter.exe] D:\NetMeter\NetMeter.exe
O4 – Startup: SysInfoMyWork.lnk = C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
O4 – Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 – DPF: {917623D1–D8E5–11D2–BE8B–00104B06BDE3} (CamImage Class) – http://217.113.232.11/activex/AxisCamControl.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Scan saved at 13:02:10, on 2005–11–21
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\ClocX–zegar na pulpit\ClocX.exe
C:\Program Files\Logitech\iTouch\iTouch.exe
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
E:\AnalogX\NetStat Live\nsl.exe
D:\Zegarynka\Zegarynka.exe
C:\Program Files\Weather Watcher\ww.exe
E:\Gadu–Gadu\gg.exe
D:\NetMeter\NetMeter.exe
C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\WINDOWS\System32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\progra~1\intern~1\iexplore.exe
D:\Prog.instalacyjne\HijackThis.exe
C:\Program Files\Internet Explorer\iexplore.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – Default URLSearchHook is missing
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 – BHO: (no name) – {E9087C34–A9E5–6027–4424–1A90548B6F6E} – C:\DOCUME~1\Pati\DANEAP~1\mealcity\Hold Date.exe
O3 – Toolbar: iMeshBar – {5345A7A9–805A–4923–B505–86B2FEBA3FE0} – C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing)
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [ClocX] C:\Program Files\ClocX–zegar na pulpit\ClocX.exe
O4 – HKLM\..\Run: [zBrowser Launcher] C:\Program Files\Logitech\iTouch\iTouch.exe
O4 – HKLM\..\Run: [SysMetrix] D:\SysMetrix\SysMetrix.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
O4 – HKLM\..\Run: [NetStat Live] E:\AnalogX\NetStat Live\nsl.exe
O4 – HKLM\..\Run: [MSConfig] C:\WINDOWS\PCHealth\HelpCtr\Binaries\MSConfig.exe /auto
O4 – HKCU\..\Run: [Zegarynka] D:\Zegarynka\Zegarynka.exe
O4 – HKCU\..\Run: [WeatherWatcher] C:\Program Files\Weather Watcher\ww.exe
O4 – HKCU\..\Run: [Gadu–Gadu] "E:\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [D:\NetMeter\NetMeter.exe] D:\NetMeter\NetMeter.exe
O4 – Startup: SysInfoMyWork.lnk = C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
O4 – Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_01\bin\npjpi150_01.dll
O9 – Extra button: Badanie – {92780B25–18CC–41C8–B9BE–3C9C571A8263} – C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O16 – DPF: {917623D1–D8E5–11D2–BE8B–00104B06BDE3} (CamImage Class) – http://217.113.232.11/activex/AxisCamControl.cab
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
Odpowiedzi: 2
stefano, nie jest tutaj przyjete, aby po kazdorazowo wygenerowanym logu zakladac nowy temat. Zaczales jeden temat, kontynuuj w nim.
Weather Watcher nie powoduje u Ciebie tego "ruchu" ? Poinstalowales roznistych, nie wiadomo komu potrzebnych programow i dziwisz sie, ze Netstat Live wykrywa transmisje ?
damiancore, dlaczego usuwac Hold Date.exe, Zegarynka.exe, SysInfoMyWork.exe ?
Weather Watcher nie powoduje u Ciebie tego "ruchu" ? Poinstalowales roznistych, nie wiadomo komu potrzebnych programow i dziwisz sie, ze Netstat Live wykrywa transmisje ?
damiancore, dlaczego usuwac Hold Date.exe, Zegarynka.exe, SysInfoMyWork.exe ?
A moźe poprostu jaklis wirus/trojan??
wywalasz:
A to znasz?:
wywalasz:
R3 – Default URLSearchHook is missing
O2 – BHO: (no name) – {E9087C34–A9E5–6027–4424–1A90548B6F6E} – C:\DOCUME~1\Pati\DANEAP~1\mealcity\Hold Date.exe
O3 – Toolbar: iMeshBar – {5345A7A9–805A–4923–B505–86B2FEBA3FE0} – C:\Program Files\iMeshBar\bar\1.bin\IMESHBAR.DLL (file missing)
A to znasz?:
jeźeli nie, to wywal to i ich procesyD:\Zegarynka\Zegarynka.exe
C:\Program Files\SysInfoMyWork\SysInfoMyWork.exe
Strona 1 / 1