msvsock,winrnr,rsvpsp i rośba o sprawdzenie loga
Proszę o info czy msvsock.dll,winrnr.dll,rsvpsp.dll sa to intruzy które naleźy usunąć?
Prośba o sprawdzenie loga:
Logfile of HijackThis v1.99.1
Scan saved at 21:19:30, on 2006–03–01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Documents and Settings\Mirosław\Moje dokumenty\Picasa2\PicasaMediaDetector.exe
D:\Program Files\RAMCleaner\RAMCleaner.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\DAP\DAP.EXE
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\NetMeter\NetMeter.exe
D:\Program Files\Kalendarz XP\Kalendarz.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\Executive Software\DiskeeperLite\DKService.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\tcpsvcs.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\Documents and Settings\Mirosław\Pulpit\HijackThis.exe
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – d:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – d:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Device Detector] DevDetect.exe –autorun
O4 – HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [Odkurzacz–MCD] C:\Program Files\Odkurzacz 10.0 Pro\odk_mcd.exe
O4 – HKLM\..\Run: [Picasa Media Detector] D:\Documents and Settings\Mirosław\Moje dokumenty\Picasa2\PicasaMediaDetector.exe
O4 – HKLM\..\Run: [RAMCleaner start] D:\Program Files\RAMCleaner\RAMCleaner.exe
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [BearShare] "D:\Program Files\Ściągacz mp3\BearShare.exe" /pause
O4 – HKLM\..\Run: [DownloadAccelerator] "D:\Program Files\DAP\DAP.EXE" /STARTUP
O4 – HKLM\..\Run: [SpeedOptimizer] D:\PROGRA~1\SPEEDO~1\SPO.EXE –s
O4 – HKCU\..\Run: [Easimp3] D:\PROGRA~1\EASIMP3\Easimp3.exe minimized
O4 – HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [D:\Program Files\NetMeter\NetMeter.exe] D:\Program Files\NetMeter\NetMeter.exe
O4 – Global Startup: Kalendarz XP.lnk = D:\Program Files\Kalendarz XP\Kalendarz.exe
O8 – Extra context menu item: &Clean Traces – D:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 – Extra context menu item: &Download with &DAP – D:\Program Files\DAP\dapextie.htm
O8 – Extra context menu item: &Google Search – res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Download &all with DAP – D:\Program Files\DAP\dapextie2.htm
O8 – Extra context menu item: Similar Pages – res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – D:\Program Files\FlashGet\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – D:\Program Files\FlashGet\jc_all.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{99689AD6–A180–4F62–82F6–CF213F34E12D}: NameServer = 85.255.114.20,85.255.112.60
O17 – HKLM\System\CCS\Services\Tcpip\..\{FB1283FB–BBE7–4126–BB68–BD94F729575D}: NameServer = 85.255.114.20,85.255.112.60
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Diskeeper – Executive Software International, Inc. – D:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – D:\Program Files\iPod\bin\iPodService.exe
O23 – Service: MkS_Vir Monitor (MksVirMonSvc) – Unknown owner – D:\Program Files\MKS\Bin\mksmonsv.exe (file missing)
O23 – Service: Leadtek Driver Helper Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
O23 – Service: O&O Defrag (OODefrag) – O&O Software GmbH – D:\WINDOWS\system32\oodag.exe
Prośba o sprawdzenie loga:
Logfile of HijackThis v1.99.1
Scan saved at 21:19:30, on 2006–03–01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\Program Files\QuickTime\qttask.exe
D:\Documents and Settings\Mirosław\Moje dokumenty\Picasa2\PicasaMediaDetector.exe
D:\Program Files\RAMCleaner\RAMCleaner.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\DAP\DAP.EXE
D:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\NetMeter\NetMeter.exe
D:\Program Files\Kalendarz XP\Kalendarz.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\Executive Software\DiskeeperLite\DKService.exe
D:\WINDOWS\System32\inetsrv\inetinfo.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\tcpsvcs.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\wscntfy.exe
D:\WINDOWS\System32\svchost.exe
C:\Program Files\Maxthon\Maxthon.exe
D:\Documents and Settings\Mirosław\Pulpit\HijackThis.exe
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – d:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – d:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 – HKLM\..\Run: [SunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Device Detector] DevDetect.exe –autorun
O4 – HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [Odkurzacz–MCD] C:\Program Files\Odkurzacz 10.0 Pro\odk_mcd.exe
O4 – HKLM\..\Run: [Picasa Media Detector] D:\Documents and Settings\Mirosław\Moje dokumenty\Picasa2\PicasaMediaDetector.exe
O4 – HKLM\..\Run: [RAMCleaner start] D:\Program Files\RAMCleaner\RAMCleaner.exe
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [BearShare] "D:\Program Files\Ściągacz mp3\BearShare.exe" /pause
O4 – HKLM\..\Run: [DownloadAccelerator] "D:\Program Files\DAP\DAP.EXE" /STARTUP
O4 – HKLM\..\Run: [SpeedOptimizer] D:\PROGRA~1\SPEEDO~1\SPO.EXE –s
O4 – HKCU\..\Run: [Easimp3] D:\PROGRA~1\EASIMP3\Easimp3.exe minimized
O4 – HKCU\..\Run: [Skype] "D:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [D:\Program Files\NetMeter\NetMeter.exe] D:\Program Files\NetMeter\NetMeter.exe
O4 – Global Startup: Kalendarz XP.lnk = D:\Program Files\Kalendarz XP\Kalendarz.exe
O8 – Extra context menu item: &Clean Traces – D:\Program Files\DAP\Privacy Package\dapcleanerie.htm
O8 – Extra context menu item: &Download with &DAP – D:\Program Files\DAP\dapextie.htm
O8 – Extra context menu item: &Google Search – res://D:\Program Files\Google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://D:\Program Files\Google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://D:\Program Files\Google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://D:\Program Files\Google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Download &all with DAP – D:\Program Files\DAP\dapextie2.htm
O8 – Extra context menu item: Similar Pages – res://D:\Program Files\Google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://D:\Program Files\Google\GoogleToolbar1.dll/cmtrans.html
O8 – Extra context menu item: Ściągnij przy pomocy FlashGet'a – D:\Program Files\FlashGet\jc_link.htm
O8 – Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a – D:\Program Files\FlashGet\jc_all.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O17 – HKLM\System\CCS\Services\Tcpip\..\{99689AD6–A180–4F62–82F6–CF213F34E12D}: NameServer = 85.255.114.20,85.255.112.60
O17 – HKLM\System\CCS\Services\Tcpip\..\{FB1283FB–BBE7–4126–BB68–BD94F729575D}: NameServer = 85.255.114.20,85.255.112.60
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: Symantec Password Validation (ccPwdSvc) – Symantec Corporation – D:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 – Service: Diskeeper – Executive Software International, Inc. – D:\Program Files\Executive Software\DiskeeperLite\DKService.exe
O23 – Service: iPod Service (iPodService) – Apple Computer, Inc. – D:\Program Files\iPod\bin\iPodService.exe
O23 – Service: MkS_Vir Monitor (MksVirMonSvc) – Unknown owner – D:\Program Files\MKS\Bin\mksmonsv.exe (file missing)
O23 – Service: Leadtek Driver Helper Service (NVSvc) – NVIDIA Corporation – D:\WINDOWS\System32\nvsvc32.exe
O23 – Service: O&O Defrag (OODefrag) – O&O Software GmbH – D:\WINDOWS\system32\oodag.exe
Odpowiedzi: 1
Tak, jesli chodzi o pierwszy. Chyba ze popelniles blad w przepisywaniu, a mialo byc nie "msvsock.dll" a "mswsock.dll" – przez "w".Wróblewski:
Proszę o info czy msvsock.dll,winrnr.dll,rsvpsp.dll sa to intruzy które naleźy usunąć?
Sprawdzilbys sobie kurna loga sam. Jest tu o tym taki temat.
Strona 1 / 1