Mam wirusa i nie moge go niczym usunąć OTO MÓJ LOG
Logfile of HijackThis v1.99.1
Scan saved at 22:30:51, on 2005–04–16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\temp\salm.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\M&Ł\Pulpit\hijackthis1.99.1\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [salm] c:\temp\salm.exe
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Anty_16BitNT Automatyczna Ochrona] C:\WINDOWS\Anty_16BitNT.exe AO
O4 – Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: officejet 6100.lnk = ?
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.dollarisland.com/buttonexchange/loud.chm::/bridge–c46.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107352682348
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Sony SPTI Service (SPTISRV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service (SSScsiSV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Scan saved at 22:30:51, on 2005–04–16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\temp\salm.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Documents and Settings\M&Ł\Pulpit\hijackthis1.99.1\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 6.0\Reader\ActiveX\AcroIEHelper.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [salm] c:\temp\salm.exe
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Anty_16BitNT Automatyczna Ochrona] C:\WINDOWS\Anty_16BitNT.exe AO
O4 – Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: officejet 6100.lnk = ?
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.dollarisland.com/buttonexchange/loud.chm::/bridge–c46.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107352682348
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Sony SPTI Service (SPTISRV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service (SSScsiSV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Odpowiedzi: 8
Uff juź po wszystkim
usunąłem ten cały plik.
:D WIELKIE DZIĘKI GDYBY NIE TY MIAŁBYM PROBLEM:D
Pozdrawiam Michał
usunąłem ten cały plik.
:D WIELKIE DZIĘKI GDYBY NIE TY MIAŁBYM PROBLEM:D
Pozdrawiam Michał
Oproznij doszczetnie wszystkie usuniete maile w OE.
Ok dzięki za wszystko tyle źe jeszcze sprawdzałem antywirusem (NOD 32) i znalazł wirusa i nie moźe go usunąć oto komunikat :
Zbiór C:\Documents and Settings\M&Ł\Ustawienia lokalne\Dane aplikacji\Identities\{DFF8B5E9–E5F7–4064–B065–3FEEB0121225}\Microsoft\Outlook Express\Elementy usunięte.dbx jest zainfekowany – trojan HTML/Phishing.gen. NOD32 Skaner nie moźe wyleczyć infekcji.
Zbiór C:\Documents and Settings\M&Ł\Ustawienia lokalne\Dane aplikacji\Identities\{DFF8B5E9–E5F7–4064–B065–3FEEB0121225}\Microsoft\Outlook Express\Elementy usunięte.dbx jest zainfekowany – trojan HTML/Phishing.gen. NOD32 Skaner nie moźe wyleczyć infekcji.
Juz czysto
PO zmianie:
Logfile of HijackThis v1.99.1
Scan saved at 22:52:56, on 2005–04–16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\M&Ł\Pulpit\hijackthis1.99.1\HijackThis.exe
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Anty_16BitNT Automatyczna Ochrona] C:\WINDOWS\Anty_16BitNT.exe AO
O4 – Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: officejet 6100.lnk = ?
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107352682348
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Sony SPTI Service (SPTISRV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service (SSScsiSV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
Logfile of HijackThis v1.99.1
Scan saved at 22:52:56, on 2005–04–16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Eset\nod32kui.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Gadu–Gadu\gg.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hposol08.exe
C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnf.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpoevm08.exe
C:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\Program Files\Hewlett–Packard\Digital Imaging\Bin\hpoSTS08.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\ntvdm.exe
C:\Documents and Settings\M&Ł\Pulpit\hijackthis1.99.1\HijackThis.exe
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar2.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:\WINDOWS\System32\msdxm.ocx
O4 – HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 – HKLM\..\Run: [nwiz] nwiz.exe /install
O4 – HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 – HKLM\..\Run: [NeroCheck] C:\WINDOWS\System32\\NeroCheck.exe
O4 – HKLM\..\Run: [Share–to–Web Namespace Daemon] C:\Program Files\Hewlett–Packard\HP Share–to–Web\hpgs2wnd.exe
O4 – HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Anty_16BitNT Automatyczna Ochrona] C:\WINDOWS\Anty_16BitNT.exe AO
O4 – Global Startup: hp psc 2000 Series.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpobnz08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 – Global Startup: officejet 6100.lnk = ?
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar2.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar2.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar2.dll/cmcache.html
O8 – Extra context menu item: E&ksport do programu Microsoft Excel – res://C:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar2.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:\program files\google\GoogleToolbar2.dll/cmtrans.html
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1107352682348
O16 – DPF: {E7544C6C–CFD6–43EA–B4E9–360CEE20BDF7} (MainControl Class) – http://skaner.mks.com.pl/SkanerOnline.cab
O23 – Service: MSCSPTISRV – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe
O23 – Service: NOD32 Kernel Service (NOD32krn) – Unknown owner – C:\Program Files\Eset\nod32krn.exe
O23 – Service: NVIDIA Driver Helper Service (NVSvc) – NVIDIA Corporation – C:\WINDOWS\System32\nvsvc32.exe
O23 – Service: PACSPTISVR – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\System32\HPZipm12.exe
O23 – Service: Sony SPTI Service (SPTISRV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe
O23 – Service: SonicStage SCSI Service (SSScsiSV) – Sony Corporation – C:\Program Files\Common Files\Sony Shared\AVLib\SSScsiSV.exe
hastic:
Jak usunąć recznie z klucza: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
Uruchamiasz regedit, otwierasz kolejne klucze, podswielasz ostatni i z prawej usuwasz {CFBFAE00–17A6–11D0–99CB–00C04FD64497}_
Zanim zrobisz to recznie sprawdz czy fix, ktory Ci podałem działa.
Mam watpliwosci czy czasem nie trzeba dodać jeszcze tej kreseczki poziomej, ktora jest naprawde na koncu.
Jak usunąć recznie z klucza: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
Uzywaj na przyszłosc opcji Zmien zeby cos dopisac do posta
Wylacz przywracanie
Zakoncz procesy:
salm.exe
MediaAccK.exe
MediaAccess.exe
Odinstaluj w dodaj/usun: Media Access
Usun:
c:\temp
C:\Program Files\Media Access
FIX:
Usun recznie z klucza: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
Albo zrob sobie własnorecznie fixa
Otworz notatnik i wklej do niego:
Zapisz jako wszystkie pliki, z nazwą FIX.reg
Plik dodaj do rejestru
Wylacz przywracanie
Zakoncz procesy:
salm.exe
MediaAccK.exe
MediaAccess.exe
Odinstaluj w dodaj/usun: Media Access
Usun:
c:\temp
C:\Program Files\Media Access
FIX:
O4 – HKLM\..\Run: [salm] c:\temp\salm.exe
O4 – HKLM\..\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – ms–its:mhtml:file://c:\nosuxxx.mht!http://www.dollarisland.com/buttonexchange/loud.chm::/bridge–c46.cab
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
Usun recznie z klucza: HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks
Albo zrob sobie własnorecznie fixa
Otworz notatnik i wklej do niego:
REGEDIT4
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{CFBFAE00–17A6–11D0–99CB–00C04FD64497}"=""
Zapisz jako wszystkie pliki, z nazwą FIX.reg
Plik dodaj do rejestru
Strona 1 / 1