proszę sprawdzić i mój log
Logfile of HijackThis v1.99.1
Scan saved at 20:23:24, on 2005–02–27
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.exe
E:\WINDOWS\System32\SndMon16.exe
E:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
E:\PROGRA~1\WANADOO\TaskbarIcon.exe
E:\WINDOWS\System32\filess.exe
E:\WINDOWS\System32\SystemReg16.exe
E:\Program Files\Internet Optimizer\optimize.exe
E:\temp\salm.exe
E:\Program Files\ISTsvc\istsvc.exe
E:\WINDOWS\ofentlsv.exe
E:\Program Files\Preview AdService\PrevAdServ.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\System32\spool32.exe
E:\Program Files\Preview AdService\PrevAdKeep.exe
E:\WINDOWS\System32\styepd.exe
E:\WINDOWS\System32\gah95on6.exe
E:\Program Files\ScanSoft\OmniPageSE\opware32.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\System32\mpdat.exe
C:\WIN–98\Pulpit\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
F2 – REG:system.ini: Shell=Explorer.exe mpdat.exe
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – E:\WINDOWS\nem220.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – E:\Program Files\SideFind\sfbho.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – E:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: ISTbar – {5F1ABCDB–A875–46c1–8345–B72A4567E486} – E:\PROGRA~1\ISTbar\istbar.dll
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "E:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [WOOWATCH] E:\PROGRA~1\WANADOO\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] E:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 – HKLM\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\Run: [Internet Optimizer] "E:\Program Files\Internet Optimizer\optimize.exe"
O4 – HKLM\..\Run: [salm] e:\temp\salm.exe
O4 – HKLM\..\Run: [mlgrgpsz] E:\WINDOWS\mlgrgpsz.exe
O4 – HKLM\..\Run: [IST Service] E:\Program Files\ISTsvc\istsvc.exe
O4 – HKLM\..\Run: [KxUi1Dme] E:\WINDOWS\ofentlsv.exe
O4 – HKLM\..\Run: [Preview AdService] E:\Program Files\Preview AdService\PrevAdServ.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\Run: [Cryptographic Service] E:\WINDOWS\System32\wphvsrlv.exe
O4 – HKLM\..\Run: [MS Window Update] styepd.exe
O4 – HKLM\..\Run: [gah95on6] E:\WINDOWS\System32\gah95on6.exe
O4 – HKLM\..\Run: [Omnipage] E:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 – HKLM\..\Run: [System Update] E:\WINDOWS\System32\soqtb.exe
O4 – HKLM\..\RunServices: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\RunServices: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\RunServices: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\RunServices: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\RunServices: [MS Window Update] styepd.exe
O4 – HKLM\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKCU\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKCU\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKCU\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – E:\Program Files\SideFind\sidefind.dll
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O15 – Trusted Zone: http://Download.Windowsupdate.com
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109517193794
O21 – SSODL: Web Event Logger – {79FEACFF–FFCE–815E–A900–316290B5B738} – E:\WINDOWS\System32\Jnibdcjl.dll
O21 – SSODL: mtklefap – {E5386C0F–6797–4E3E–3582–98D446037EB7} – E:\WINDOWS\System32\nwss32.dll
O23 – Service: Ati HotKey Poller – Unknown owner – E:\WINDOWS\System32\Ati2evxx.exe
Z góry dziękuję i pozdrawiam
Scan saved at 20:23:24, on 2005–02–27
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\csrss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\System32\Ati2evxx.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\Explorer.exe
E:\WINDOWS\System32\SndMon16.exe
E:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
E:\PROGRA~1\WANADOO\TaskbarIcon.exe
E:\WINDOWS\System32\filess.exe
E:\WINDOWS\System32\SystemReg16.exe
E:\Program Files\Internet Optimizer\optimize.exe
E:\temp\salm.exe
E:\Program Files\ISTsvc\istsvc.exe
E:\WINDOWS\ofentlsv.exe
E:\Program Files\Preview AdService\PrevAdServ.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\System32\spool32.exe
E:\Program Files\Preview AdService\PrevAdKeep.exe
E:\WINDOWS\System32\styepd.exe
E:\WINDOWS\System32\gah95on6.exe
E:\Program Files\ScanSoft\OmniPageSE\opware32.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\System32\mpdat.exe
C:\WIN–98\Pulpit\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
F2 – REG:system.ini: Shell=Explorer.exe mpdat.exe
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – E:\WINDOWS\nem220.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – E:\Program Files\SideFind\sfbho.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – E:\WINDOWS\System32\msdxm.ocx
O3 – Toolbar: ISTbar – {5F1ABCDB–A875–46c1–8345–B72A4567E486} – E:\PROGRA~1\ISTbar\istbar.dll
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "E:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [WOOWATCH] E:\PROGRA~1\WANADOO\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] E:\PROGRA~1\WANADOO\TaskbarIcon.exe
O4 – HKLM\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\Run: [Internet Optimizer] "E:\Program Files\Internet Optimizer\optimize.exe"
O4 – HKLM\..\Run: [salm] e:\temp\salm.exe
O4 – HKLM\..\Run: [mlgrgpsz] E:\WINDOWS\mlgrgpsz.exe
O4 – HKLM\..\Run: [IST Service] E:\Program Files\ISTsvc\istsvc.exe
O4 – HKLM\..\Run: [KxUi1Dme] E:\WINDOWS\ofentlsv.exe
O4 – HKLM\..\Run: [Preview AdService] E:\Program Files\Preview AdService\PrevAdServ.exe
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\Run: [Cryptographic Service] E:\WINDOWS\System32\wphvsrlv.exe
O4 – HKLM\..\Run: [MS Window Update] styepd.exe
O4 – HKLM\..\Run: [gah95on6] E:\WINDOWS\System32\gah95on6.exe
O4 – HKLM\..\Run: [Omnipage] E:\Program Files\ScanSoft\OmniPageSE\opware32.exe
O4 – HKLM\..\Run: [System Update] E:\WINDOWS\System32\soqtb.exe
O4 – HKLM\..\RunServices: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\RunServices: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\RunServices: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\RunServices: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\RunServices: [MS Window Update] styepd.exe
O4 – HKLM\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [CTFMON.EXE] E:\WINDOWS\System32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKCU\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKCU\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKCU\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – E:\Program Files\SideFind\sidefind.dll
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O15 – Trusted Zone: http://Download.Windowsupdate.com
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1109517193794
O21 – SSODL: Web Event Logger – {79FEACFF–FFCE–815E–A900–316290B5B738} – E:\WINDOWS\System32\Jnibdcjl.dll
O21 – SSODL: mtklefap – {E5386C0F–6797–4E3E–3582–98D446037EB7} – E:\WINDOWS\System32\nwss32.dll
O23 – Service: Ati HotKey Poller – Unknown owner – E:\WINDOWS\System32\Ati2evxx.exe
Z góry dziękuję i pozdrawiam
Odpowiedzi: 4
Plikow tam wymienionych tez sie pozbywasz
zaznaczasz te wpisy tzn. ptaszkiem w kratkach obok i klikasz na dole fix
Dzięki za szybką odpowiedź.
Proszę napiszcie jeszcze w jaki sposób usunąć te wiersze z tego kodu. Nigdy jak dotąd nie uźywałem tego programu. Pozdr.
Proszę napiszcie jeszcze w jaki sposób usunąć te wiersze z tego kodu. Nigdy jak dotąd nie uźywałem tego programu. Pozdr.
Wylacz przywracanie
Zakoncz procesy:
SndMon16.exe
filess.exe
SystemReg16.exe
optimize.exe
salm.exe
istsvc.exe
ofentlsv.exe
PrevAdServ.exe
spool32.exe
PrevAdKeep.exe
styepd.exe
gah95on6.exe
mpdat.exe
Usun:
Zakoncz procesy:
SndMon16.exe
filess.exe
SystemReg16.exe
optimize.exe
salm.exe
istsvc.exe
ofentlsv.exe
PrevAdServ.exe
spool32.exe
PrevAdKeep.exe
styepd.exe
gah95on6.exe
mpdat.exe
Usun:
R3 – URLSearchHook: (no name) – _{CFBFAE00–17A6–11D0–99CB–00C04FD64497} – (no file)
F2 – REG:system.ini: Shell=Explorer.exe mpdat.exe
O2 – BHO: BHObj Class – {00000010–6F7D–442C–93E3–4A4827C2E4C8} – E:\WINDOWS\nem220.dll
O2 – BHO: BAHelper Class – {A3FDD654–A057–4971–9844–4ED8E67DBBB8} – E:\Program Files\SideFind\sfbho.dll
O3 – Toolbar: ISTbar – {5F1ABCDB–A875–46c1–8345–B72A4567E486} – E:\PROGRA~1\ISTbar\istbar.dll
O4 – HKLM\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\Run: [Internet Optimizer] "E:\Program Files\Internet Optimizer\optimize.exe"
O4 – HKLM\..\Run: [salm] e:\temp\salm.exe
O4 – HKLM\..\Run: [mlgrgpsz] E:\WINDOWS\mlgrgpsz.exe
O4 – HKLM\..\Run: [IST Service] E:\Program Files\ISTsvc\istsvc.exe
O4 – HKLM\..\Run: [KxUi1Dme] E:\WINDOWS\ofentlsv.exe
O4 – HKLM\..\Run: [Preview AdService] E:\Program Files\Preview AdService\PrevAdServ.exe
O4 – HKLM\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\Run: [Cryptographic Service] E:\WINDOWS\System32\wphvsrlv.exe
O4 – HKLM\..\Run: [MS Window Update] styepd.exe
O4 – HKLM\..\Run: [gah95on6] E:\WINDOWS\System32\gah95on6.exe
O4 – HKLM\..\Run: [System Update] E:\WINDOWS\System32\soqtb.exe
O4 – HKLM\..\RunServices: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKLM\..\RunServices: [Windows Sound Manager] SndMon16.exe
O4 – HKLM\..\RunServices: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKLM\..\RunServices: [Norton Antivirus Protection] spool32.exe
O4 – HKLM\..\RunServices: [MS Window Update] styepd.exe
O4 – HKLM\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [Windows Sound Manager] SndMon16.exe
O4 – HKCU\..\Run: [Registry System16 Checkup Monitor] SystemReg16.exe
O4 – HKCU\..\Run: [NTFSS MICROSOFT SYSTEM] filess.exe
O4 – HKCU\..\Run: [Norton Antivirus Protection] spool32.exe
O4 – HKCU\..\RunOnce: [Windows Sound Manager] SndMon16.exe
O9 – Extra button: SideFind – {10E42047–DEB9–4535–A118–B3F6EC39B807} – E:\Program Files\SideFind\sidefind.dll
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – E:\WINDOWS\web\related.htm
O15 – Trusted Zone: http://Download.Windowsupdate.com
O21 – SSODL: Web Event Logger – {79FEACFF–FFCE–815E–A900–316290B5B738} – E:\WINDOWS\System32\Jnibdcjl.dll
O21 – SSODL: mtklefap – {E5386C0F–6797–4E3E–3582–98D446037EB7} – E:\WINDOWS\System32\nwss32.dll
Strona 1 / 1