Proszę o pomoc
Antyvir wykrył u mnie takie wirusy: split1.exe, msvcp.exe i G56363.dll.
Zrobiłem loga. Prosze o pomoc co mam jeszcze zrobić, bo powyzsze pliki usunąłem. Z góry dzięki.
Logfile of HijackThis v1.99.1
Scan saved at 08:14:28, on 06–01–12
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS.000\SYSTEM\MSTASK.EXE
C:\WINDOWS.000\TEMP\SAVAGENT.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\TASKMON.EXE
C:\WINDOWS.000\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AXIS COMMUNICATIONS\PRINT SYSTEM\TRAYICON.EXE
C:\WINDOWS.000\RunDLL.exe
C:\WINDOWS.000\SYSTEM\CTFMON.EXE
C:\WINDOWS.000\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SOPHOS SWEEP\ICMON.EXE
C:\WINDOWS.000\TEMP\ICSUPP95.EXE
A:\HIJACKTHIS.EXE
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mos.gov.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.1.14:6588
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 – HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 – HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\Run: [InterCheckMonitor] "C:\PROGRAM FILES\SOPHOS SWEEP\ICMON.EXE" –minimised
O4 – HKLM\..\Run: [AXIS Print System TrayIcon] C:\Program Files\Axis Communications\Print System\TrayIcon.exe
O4 – HKLM\..\Run: [AXIS Printer Driver Scanner] C:\Program Files\Axis Communications\Print System\DriverScanner.exe
O4 – HKLM\..\Run: [SAVAgent] C:\WINDOWS.000\TEMP\SAVAgent.exe –POOL=3600
O4 – HKLM\..\Run: [Sweep95] "C:\Program Files\Sophos SWEEP\SETUP.EXE"
O4 – HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 – HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 – HKLM\..\RunServices: [Sweep95] C:\Program Files\Sophos SWEEP\ICLOAD95.EXE
O4 – HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 – HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 – Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O12 – Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O17 – HKLM\System\CCS\Services\VxD\MSTCP: Domain = boat.luw
O17 – HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 172.16.1.1
Zrobiłem loga. Prosze o pomoc co mam jeszcze zrobić, bo powyzsze pliki usunąłem. Z góry dzięki.
Logfile of HijackThis v1.99.1
Scan saved at 08:14:28, on 06–01–12
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
C:\WINDOWS.000\SYSTEM\KERNEL32.DLL
C:\WINDOWS.000\SYSTEM\MSGSRV32.EXE
C:\WINDOWS.000\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE
C:\WINDOWS.000\SYSTEM\MSTASK.EXE
C:\WINDOWS.000\TEMP\SAVAGENT.EXE
C:\WINDOWS.000\EXPLORER.EXE
C:\WINDOWS.000\TASKMON.EXE
C:\WINDOWS.000\SYSTEM\SYSTRAY.EXE
C:\PROGRAM FILES\AXIS COMMUNICATIONS\PRINT SYSTEM\TRAYICON.EXE
C:\WINDOWS.000\RunDLL.exe
C:\WINDOWS.000\SYSTEM\CTFMON.EXE
C:\WINDOWS.000\SYSTEM\WMIEXE.EXE
C:\PROGRAM FILES\SOPHOS SWEEP\ICMON.EXE
C:\WINDOWS.000\TEMP\ICSUPP95.EXE
A:\HIJACKTHIS.EXE
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.mos.gov.pl/
R1 – HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 172.16.1.14:6588
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – C:\PROGRA~1\SPYBOT~1\SDHELPER.DLL
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS.000\SYSTEM\MSDXM.OCX
O4 – HKLM\..\Run: [ScanRegistry] C:\WINDOWS.000\scanregw.exe /autorun
O4 – HKLM\..\Run: [TaskMonitor] C:\WINDOWS.000\taskmon.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\Run: [InterCheckMonitor] "C:\PROGRAM FILES\SOPHOS SWEEP\ICMON.EXE" –minimised
O4 – HKLM\..\Run: [AXIS Print System TrayIcon] C:\Program Files\Axis Communications\Print System\TrayIcon.exe
O4 – HKLM\..\Run: [AXIS Printer Driver Scanner] C:\Program Files\Axis Communications\Print System\DriverScanner.exe
O4 – HKLM\..\Run: [SAVAgent] C:\WINDOWS.000\TEMP\SAVAgent.exe –POOL=3600
O4 – HKLM\..\Run: [Sweep95] "C:\Program Files\Sophos SWEEP\SETUP.EXE"
O4 – HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 – HKLM\..\RunServices: [MDM7] "C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\VS7DEBUG\MDM.EXE"
O4 – HKLM\..\RunServices: [SchedulingAgent] mstask.exe
O4 – HKLM\..\RunServices: [Sweep95] C:\Program Files\Sophos SWEEP\ICLOAD95.EXE
O4 – HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 – HKCU\..\Run: [ctfmon.exe] ctfmon.exe
O4 – Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~1\OFFICE10\EXCEL.EXE/3000
O12 – Plugin for .mov: C:\PROGRA~1\INTERN~1\PLUGINS\npqtplugin.dll
O17 – HKLM\System\CCS\Services\VxD\MSTCP: Domain = boat.luw
O17 – HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 172.16.1.1
Odpowiedzi: 2
Dzięki
Nic.Pyrokar:
Prosze o pomoc co mam jeszcze zrobić
Strona 1 / 1