CentrumXP Forum Tematyka portalu CentrumXP.pl Bezpieczeństwo Odp:

Odp:

ee niebardzo rozumiem :oops: ale zrobiłem ten scan i teraz wam dam to co mi wyskoczyło , jak mam zrobic zeby bylo dobrze?? moj temat INNE>>NET NA XP tam jest , help

Logfile of HijackThis v1.99.0
Scan saved at 18:33:12, on 2005–01–16
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSSystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32 od32cc.exe
C:WINDOWSSystem32 od32m2.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
C:WINDOWSSystem32RunDll32.exe
C:Program FilesCyberLinkPowerDVDPDVDServ.exe
C:Program FilesSlySoftCloneCDCloneCDTray.exe
C:Program FilesJavaj2re1.4.2_06injusched.exe
C:Program FilesD–Toolsdaemon.exe
C:Program FilesInternet Optimizeroptimize.exe
C:program files180solutionssais.exe
C:Program FilesWeb_RebatesWebRebates0.exe
C:Program FilesAdmilli ServiceAdmilliServ.exe
C:WINDOWSSystem32SahAgent.exe
C:WINDOWSSystem32spoolw32.exe
C:Program FilesAdmilli ServiceAdmilliKeep.exe
C:Program FilesWinampwinampa.exe
C:Program FilesKnetqsXrvdp.exe
C:Program FilesMessengermsmsgs.exe
C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb–8876480.exe
C:PROGRA~1COMMON~1 sa sm2.exe
C:Program FilesSkypePhoneSkype.exe
C:PROGRA~1COMMON~1 sa s2.exe
C:Program FilesWeb_RebatesWebRebates1.exe
C:WINDOWSSystem32wuauclt.exe
C:PROGRA~1GADU–G~1gg.exe
C:Program FilesInternet Exploreriexplore.exe
C:PROGRA~1WINZIPwinzip32.exe
C:Documents and SettingsTomekUstawienia lokalneTempHijackThis.exe

R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – C:WINDOWS em220.dll (file missing)
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 – BHO: Search Relevancy – {1D7E3B41–23CE–469B–BE1B–A64B877923E1} – C:PROGRA~1SEARCH~1SEARCH~2.DLL
O2 – BHO: WHttpHelper Class – {9896231A–C487–43A5–8369–6EC9B0A96CC0} – C:WINDOWSSystem32WStart.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – C:Program FilesSideFindsfbho.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O3 – Toolbar: YourSiteBar – {86227D9C–0EFE–4f8a–AA55–30386A3F5686} – C:PROGRA~1YOURSI~1ysb.dll
O4 – HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe
O4 – HKLM..Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 – HKLM..Run: [RemoteControl] "C:Program FilesCyberLinkPowerDVDPDVDServ.exe"
O4 – HKLM..Run: [NeroFilterCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [Nod32CC] "C:WINDOWSSystem32 od32cc.exe" –DONTSHOW
O4 – HKLM..Run: [CloneCDTray] "C:Program FilesSlySoftCloneCDCloneCDTray.exe" /s
O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_06injusched.exe
O4 – HKLM..Run: [DAEMON Tools–1033] "C:Program FilesD–Toolsdaemon.exe" –lang 1033
O4 – HKLM..Run: [Internet Optimizer] "C:Program FilesInternet Optimizeroptimize.exe"
O4 – HKLM..Run: [sais] c:program files180solutionssais.exe
O4 – HKLM..Run: [wbslwp] C:WINDOWSwbslwp.exe
O4 – HKLM..Run: [WebRebates0] "C:Program FilesWeb_RebatesWebRebates0.exe"
O4 – HKLM..Run: [Admilli Service] C:Program FilesAdmilli ServiceAdmilliServ.exe
O4 – HKLM..Run: [SAHAgent] C:WINDOWSSystem32SahAgent.exe
O4 – HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 –k
O4 – HKLM..Run: [System Tray Services] spoolw32.exe
O4 – HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 – HKLM..Run: [Udayxyq] C:Program FilesKnetqsXrvdp.exe
O4 – HKLM..RunServices: [System Tray Services] spoolw32.exe
O4 – HKCU..Run: [MSMSGS] "C:Program FilesMessengermsmsgs.exe" /background
O4 – HKCU..Run: [LDM] C:Program FilesLogitechDesktop Messenger8876480ProgramBackWeb–8876480.exe
O4 – HKCU..Run: [Tsa2] C:PROGRA~1COMMON~1 sa sm2.exe
O4 – HKCU..Run: [Skype] "C:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 – HKCU..Run: [Komunikator] C:Program FilesTlen.pl len.exe
O4 – HKCU..Run: [Gadu–Gadu] "C:PROGRA~1GADU–G~1gg.exe" /tray
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O4 – Global Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O8 – Extra context menu item: Web Rebates – file://C:Program FilesWeb_RebatesSy1150Tp1150scri1150a.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:Program FilesJavaj2re1.4.2_06in pjpi142_06.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:Program FilesJavaj2re1.4.2_06in pjpi142_06.dll
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – C:Program FilesSideFindsidefind.dll
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://static.windupdates.com/cab/MusicUnlimited/ie/bridge–c18.cab
O16 – DPF: {31B7EB4E–8B4B–11D1–A789–00A0CC6651A8} (Cult3D ActiveX Player) – http://www.cult3d.com/download/cult.cab
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1102095009561
O16 – DPF: {771A1334–6B08–4A6B–AEDC–CF994BA2CEBE} (Installer Class) – http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab
O16 – DPF: {91433D86–9F27–402C–B5E3–DEBDD122C339} – http://www.netvenda.com/sites/games–intl/pl/games4.cab
O17 – HKLMSystemCCSServicesTcpip..{967F08A1–13D7–4384–8280–E2BD6A6C4718}: NameServer = 213.77.21.150
O23 – Service: Ati HotKey Poller – Unknown – C:WINDOWSSystem32Ati2evxx.exe
O23 – Service: ATI Smart – Unknown – C:WINDOWSsystem32ati2sgag.exe
O23 – Service: NOD32 Control Center Service – Unknown – C:WINDOWSSystem32 od32cc.exe
O23 – Service: NOD32 Service – Unknown – C:WINDOWSSystem32 od32m2.exe

Odpowiedzi: 1

Pieknie solar, ale prosilem zeby nie pisac w przyklejonym temacie.

To co nizej, wylacz procesy o nazwach takich jak pliki exe, zaznacz w HiJacku i nacisnij "FIX...". Pozniej wyszukaj pliki na dysku i usun jesli beda.

C:Program FilesInternet Optimizeroptimize.exe
C:program files180solutionssais.exe
C:Program FilesWeb_RebatesWebRebates0.exe
C:Program FilesAdmilli ServiceAdmilliServ.exe
C:WINDOWSSystem32SahAgent.exe
C:WINDOWSSystem32spoolw32.exe
C:Program FilesAdmilli ServiceAdmilliKeep.exe
C:Program FilesKnetqsXrvdp.exe
C:PROGRA~1COMMON~1 sa sm2.exe
C:PROGRA~1COMMON~1 sa s2.exe
C:Program FilesWeb_RebatesWebRebates1.exe

R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 – HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant = http://www.couldnotfind.com/search_page.html?&account_id=1001693
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = localhost
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – C:WINDOWS em220.dll (file missing)
O2 – BHO: Search Relevancy – {1D7E3B41–23CE–469B–BE1B–A64B877923E1} – C:PROGRA~1SEARCH~1SEARCH~2.DLL
O2 – BHO: WHttpHelper Class – {9896231A–C487–43A5–8369–6EC9B0A96CC0} – C:WINDOWSSystem32WStart.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – C:Program FilesSideFindsfbho.dll
O3 – Toolbar: YourSiteBar – {86227D9C–0EFE–4f8a–AA55–30386A3F5686} – C:PROGRA~1YOURSI~1ysb.dll
O4 – HKLM..Run: [Internet Optimizer] "C:Program FilesInternet Optimizeroptimize.exe"
O4 – HKLM..Run: [sais] c:program files180solutionssais.exe
O4 – HKLM..Run: [wbslwp] C:WINDOWSwbslwp.exe
O4 – HKLM..Run: [WebRebates0] "C:Program FilesWeb_RebatesWebRebates0.exe"
O4 – HKLM..Run: [Admilli Service] C:Program FilesAdmilli ServiceAdmilliServ.exe
O4 – HKLM..Run: [SAHAgent] C:WINDOWSSystem32SahAgent.exe
O4 – HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 –k
O4 – HKLM..Run: [System Tray Services] spoolw32.exe
O4 – HKLM..Run: [Udayxyq] C:Program FilesKnetqsXrvdp.exe
O4 – HKLM..RunServices: [System Tray Services] spoolw32.exe
O4 – HKCU..Run: [Tsa2] C:PROGRA~1COMMON~1 sa sm2.exe
O8 – Extra context menu item: Web Rebates – file://C:Program FilesWeb_RebatesSy1150Tp1150scri1150a.htm
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – C:Program FilesSideFindsidefind.dll
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://static.windupdates.com/cab/MusicUnlimited/ie/bridge–c18.cab
O16 – DPF: {771A1334–6B08–4A6B–AEDC–CF994BA2CEBE} (Installer Class) – http://www.ysbweb.com/ist/softwares/v4.0/ysb_regular.cab

EL NINO

Dodano: 16.01.2005 21:35:38

solar

Dodano:: 16.01.2005 19:36:00
Komentarzy:: 1

Strona 1 / 1