Okužen, brez možnosti rešitve ?

mcn

Majstr
3. sep 2007
1.910
263
83
Slovenija
Nekaj dni nazaj sem kar tako pognal tcpview (orodje za spremljanje prometa po Ip protokolu) in na svoje začudenje opazil množico povezav preko mojega računalnika na razne spletne strani. Zagnal Avasta, Nič, Kaspersky, nič, Ad Avare, SPybot in AVG antispyware, Webroot Antispyware, niti Gmer in Sdfix skripta mi nista nič rešila, Ta promet se še vedno pojavlja, izklopim ga lahko samo če ugasnem svchost povezavo.
Ima kdo kakšno idejo kako rešit to zadevo ????
Jaz namreč nisem več dovolj pameten.
frown-1.gif


Prilagam izpisek, ki mi ga naredi TCPView:
System:4 TCP XP3100:microsoft-ds XP3100:0 LISTENING
System:4 TCP xp3100:netbios-ssn XP3100:0 LISTENING
System:4 UDP xp3100:netbios-dgm *:*
System:4 UDP xp3100:netbios-ns *:*
System:4 UDP XP3100:microsoft-ds *:*
svchost.exe:1324 UDP xp3100:ntp *:*
svchost.exe:1324 UDP XP3100:ntp *:*
svchost.exe:1324 UDP XP3100:3310 *:*
svchost.exe:1244 TCP XP3100:epmap XP3100:0 LISTENING
svchost.exe:1184 TCP xp3100:3521 69.64.155.145:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1151 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3431 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3082 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2856 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2552 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3460 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2270 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1070 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2944 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3510 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2810 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2994 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2732 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3496 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2980 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3060 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2888 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1848 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2468 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2608 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2388 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3104 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1108 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1180 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3012 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2262 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2922 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1158 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3438 mail.ameriflex123.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3499 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2983 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2272 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1170 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1076 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2858 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2812 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1211 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3462 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3450 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1135 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2934 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2946 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2996 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2967 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3039 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2948 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2860 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1194 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3415 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2197 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3464 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3045 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1164 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1080 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1118 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3561 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3022 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3444 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2928 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3470 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2878 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2954 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1206 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1130 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3006 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2930 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3490 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2034 69.64.155.145:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5046 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1044 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2460 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3128 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2912 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2752 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2851 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3455 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3533 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2487 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2113 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2341 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2121 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1633 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3067 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:4815 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3569 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3053 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2217 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2961 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1153 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1053 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3477 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3433 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2333 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3085 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1967 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1067 mail.ameriflex123.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:4495 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3572 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3056 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2905 wf.networksolutions.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2013 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3069 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3523 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3535 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2307 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3556 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2412 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2343 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2123 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3412 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5039 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:4873 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3537 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3112 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1138 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2896 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2188 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3095 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3517 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2289 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2021 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2497 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3418 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:4881 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3543 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2363 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2143 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1375 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3107 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3079 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2291 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2651 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3047 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2891 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3501 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2985 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3528 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1110 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1182 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3014 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2004 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1160 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1146 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3440 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2924 68.101.120.77.colo.static.dc.volia.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3426 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2242 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2754 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2162 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2914 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3550 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3590 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3130 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3406 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2550 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3458 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2854 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2942 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2992 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2808 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3508 mail.ameriflex123.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1149 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3429 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2741 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2036 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1133 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1184 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1162 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1100 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1112 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1209 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3016 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3037 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3004 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3442 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2560 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1186 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1114 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2926 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2899 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2969 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3018 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2643 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2562 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3485 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2423 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2998 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2864 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3115 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3468 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2814 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1196 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1120 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2952 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3024 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3396 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1140 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3000 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3452 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2400 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2234 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1814 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3574 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3058 host5.stormpay.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3009 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3087 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2907 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3123 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2443 lnx.co.il:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2987 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3031 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1127 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1203 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3503 leapcash.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3531 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2485 66.45.254.245:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3065 mail.ameriflex123.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1734 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3126 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2458 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2910 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2226 18.64.232.72.static.reverse.ltdomains.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2495 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3077 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3110 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3089 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2821 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2521 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2626 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3515 eris.diyhost.co.uk:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2894 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2186 74-52-77-50.webbytechnologies.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3091 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3558 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2972 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2634 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2131 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:1320 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2414 38.97.225.135:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2351 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3385 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3541 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3071 web2.4wdns.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2141 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2581 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2361 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3488 a100.nthosting.ru:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3097 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2589 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3553 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3409 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:3525 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2617 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2529 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:2901 sp19.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP XP3100:6337 XP3100:0 LISTENING
svchost.exe:1184 TCP xp3100:5065 searchportal.information.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5374 rmt.mlmlead.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5386 parkwebwin-v01.prod.mesa1.secureserver.net:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5388 mercury.orderbox-domainforward.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5396 64.8.20.50:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5428 img290.imageshack.us:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5495 mail.ol7.com:http CLOSE_WAIT
svchost.exe:1184 TCP xp3100:5518 8.15.231.128:http CLOSE_WAIT
 

SouthPark

Jas da nea vem?! Ka te je...
5. sep 2007
24.570
5
38
Klobukarjev dol
Če ti je svchost okužil, potem je boljše formatirat. Meni se je to lani zgodilo, ni blo šanse spucat oz. spucal sem potem z nekim boot cd-jem, samo potem pol stvari ni delalo (wireless, search, v glavnem cel kup zadev).
 

mcn

Majstr
3. sep 2007
1.910
263
83
Slovenija
Mislim, pa sigurno mora obstajat kakšna finta, da se zadeva uredi. Namreč, če v task managerju samo zaprem svchost.exe (v danem primeru tega z odprtim portom 1184), je zadeva urejena in vse deluje normalno. Težava je v tem, ker je ob vsakem zagonu računalnika drug port aktiven, zato firewall ne morem naučiti oz. mu ustvariti pravilo. Sicer pa uporabljam Comodo fw.

M.
 

mcn

Majstr
3. sep 2007
1.910
263
83
Slovenija
Ne, nisem.
kakor je že SouthPark povedal, včasih je hitreje sistem vzpostavit znova z vsemi instalacijami programov vred, kakor pa uporabit na ton antispyware programčkov in, čakat da kaj najdejo.....
Tako da sem obupal, na novo winse inštaliral in sedaj dela vse kakor mora.
 

Cash

Guru
19. avg 2007
8.073
983
113
Citat:
Uporabnik mcn pravi:
Mislim, pa sigurno mora obstajat kakšna finta, da se zadeva uredi. Namreč, če v task managerju samo zaprem svchost.exe (v danem primeru tega z odprtim portom 1184), je zadeva urejena in vse deluje normalno. Težava je v tem, ker je ob vsakem zagonu računalnika drug port aktiven, zato firewall ne morem naučiti oz. mu ustvariti pravilo. Sicer pa uporabljam Comodo fw

M.

Hibernacijo sem mislil s tem, da ko pride iz hibernacije, ima že vse nastavitve naštimane!
 
Nazadnje urejeno:

creep

Fizikalc
19. jul 2007
1.306
50
48
42
www.lampret.net
Bootaj v safe mode, probaj izbrisat virus. Pozeni "sfc /scannow" in poglej, ce ti bo resilo sistemske datoteke.

Sicer lahko tudi poskusis z obnovitvijo sistemskih datotek na datum pred okuzbo. Vcasih pomaga.
 

SouthPark

Jas da nea vem?! Ka te je...
5. sep 2007
24.570
5
38
Klobukarjev dol
Citat:
Uporabnik Cash pravi:
Citat:
Uporabnik mcn pravi:
Mislim, pa sigurno mora obstajat kakšna finta, da se zadeva uredi. Namreč, če v task managerju samo zaprem svchost.exe (v danem primeru tega z odprtim portom 1184), je zadeva urejena in vse deluje normalno. Težava je v tem, ker je ob vsakem zagonu računalnika drug port aktiven, zato firewall ne morem naučiti oz. mu ustvariti pravilo. Sicer pa uporabljam Comodo fw

M.

Hibernacijo sem mislil s tem, da ko pride iz hibernacije, ima že vse nastavitve naštimane!

hysterical-1.gif
Pa sej ni računalnik medvedka, da gre jeseni spat, spomladi pa ima 3 mladičke v brlogu.
 

mcn

Majstr
3. sep 2007
1.910
263
83
Slovenija
khm, da še malcenadaljujem temo:
vse kar ste napisali, z izjemo cureit-a sem poskusil, in ni pomagalo nič. Tudi to, da sem zagnal linux s cd-ja, pa nič našel, pa live win xp s cd-ja in potem vse poskeniral pa nič našel. V glavnem zanimivo je, kako ob vseh teh milijon antivirusnih, anti malware in anti kaj vem že vse kaj zadevah, je skoraj vedno hitreje sistem postaviti na novo, kot pa se truditi in iskati vir in odpravljati posledico okužbe.
Priznam pa, da me še vedno matra, s čim je bil računalnik okužen, da se ni dalo nič naredit....
Ali pa imajo XP-ji res kritično varnostno napako (topla voda ???)
ali j... ga, gremo dalje...

lp, M