spy sherif– prosze sprawdzcie mi loga
Witam
Nie moge włączyc zapory, nie moge połaczyc sie z netem. Przyczyna jest to ze zlapalem spy sherif i moze cos jeszcze. Skanowalem dysk awastem i skasowalem co znalazlem jednak dalej zapory nie moge właczycJeszcze hijack moze pomoc. help me
Logfile of HijackThis v1.99.1
Scan saved at 18:39:06, on 2006–03–01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dwwin.exe
D:\Programy\Hijack\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: ICOOExternal Class – {0519A9C9–064A–4cbc–BC47–D0EACD581477} – C:\Program Files\ICOO Loader\addons\icooue.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: ICOODManager Class – {465A59EC–20E5–4fca–A38A–E5EC3C480218} – C:\Program Files\ICOO Loader\addons\icoou.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – D:\Programy\SPYBOT~1\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 – HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 – HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [PayTime] C:\WINDOWS\system32\paytime.exe
O4 – HKLM\..\Run: [winsysupd] C:\\winsysupd11.exe
O4 – HKLM\..\Run: [winsysban] C:\\winsysban11.exe
O4 – HKLM\..\Run: [gimmygames] C:\\gimmygames11.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 – HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 – Global Startup: BlueSoleil.lnk = ?
O4 – Global Startup: BTTray.lnk = ?
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/Seekmo/ie/bridge–c567.cab
O16 – DPF: {AB86CE53–AC9F–449F–9399–D8ABCA09EC09} (Get_ActiveX Control) – https://h17000.www1.hp.com/ewfrf–JAVA/Secure/HPGetDownloadManager.ocx
O16 – DPF: {D1E7CBDA–E60E–4970–A01C–37301EF7BF98} (Measurement Services Client v.3.7) – http://advisor.futuremark.com/global/msc37.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 – Winlogon Notify: igfxcui – C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 – Winlogon Notify: ssldr – C:\WINDOWS\SYSTEM32\ssldr32.dll
O20 – Winlogon Notify: wancp – C:\WINDOWS\SYSTEM32\wancp.dll
O21 – SSODL: DCOM Server – {2C1CD3D7–86AC–4068–93BC–A02304BB8C34} – C:\WINDOWS\system32\dcom_14.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: BlueSoleil Hid Service – Unknown owner – C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 – Service: Bluetooth Service (btwdins) – Broadcom Corporation. – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: iPodService – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe
O23 – Service: Registry Management Service (RegManServ) – Unknown owner – C:\Program Files\Registry Defragmentation\RegManServ.exe
Nie moge włączyc zapory, nie moge połaczyc sie z netem. Przyczyna jest to ze zlapalem spy sherif i moze cos jeszcze. Skanowalem dysk awastem i skasowalem co znalazlem jednak dalej zapory nie moge właczycJeszcze hijack moze pomoc. help me
Logfile of HijackThis v1.99.1
Scan saved at 18:39:06, on 2006–03–01
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\dwwin.exe
D:\Programy\Hijack\HijackThis.exe
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: ICOOExternal Class – {0519A9C9–064A–4cbc–BC47–D0EACD581477} – C:\Program Files\ICOO Loader\addons\icooue.dll
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:\Program Files\Adobe\Acrobat 5.0 CE\Reader\ActiveX\AcroIEHelper.ocx
O2 – BHO: ICOODManager Class – {465A59EC–20E5–4fca–A38A–E5EC3C480218} – C:\Program Files\ICOO Loader\addons\icoou.dll
O2 – BHO: (no name) – {53707962–6F74–2D53–2644–206D7942484F} – D:\Programy\SPYBOT~1\SDHelper.dll
O2 – BHO: SSVHelper Class – {761497BB–D6F0–462C–B6EB–D4DAF1D92D43} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:\program files\google\googletoolbar1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:\program files\google\googletoolbar1.dll
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 – HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 – HKLM\..\Run: [BluetoothAuthenticationAgent] rundll32.exe bthprops.cpl,,BluetoothAuthenticationAgent
O4 – HKLM\..\Run: [HP Software Update] C:\Program Files\Hewlett–Packard\HP Software Update\HPWuSchd2.exe
O4 – HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe
O4 – HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" –osboot
O4 – HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" –atboottime
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 – HKLM\..\Run: [PayTime] C:\WINDOWS\system32\paytime.exe
O4 – HKLM\..\Run: [winsysupd] C:\\winsysupd11.exe
O4 – HKLM\..\Run: [winsysban] C:\\winsysban11.exe
O4 – HKLM\..\Run: [gimmygames] C:\\gimmygames11.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 – HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe
O4 – Global Startup: BlueSoleil.lnk = ?
O4 – Global Startup: BTTray.lnk = ?
O4 – Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\Hewlett–Packard\Digital Imaging\bin\hpqtra08.exe
O4 – Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O8 – Extra context menu item: &Google Search – res://c:\program files\google\GoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: &Translate English Word – res://c:\program files\google\GoogleToolbar1.dll/cmwordtrans.html
O8 – Extra context menu item: Backward Links – res://c:\program files\google\GoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:\program files\google\GoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:\program files\google\GoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate Page into English – res://c:\program files\google\GoogleToolbar1.dll/cmtrans.html
O8 – Extra context menu item: Wyślij do interfejsu &Bluetooth – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie_ctx.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 – Extra button: @btrez.dll,–4015 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O9 – Extra 'Tools' menuitem: @btrez.dll,–4017 – {CCA281CA–C863–46ef–9331–5C8D4460577F} – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\btsendto_ie.htm
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/Seekmo/ie/bridge–c567.cab
O16 – DPF: {AB86CE53–AC9F–449F–9399–D8ABCA09EC09} (Get_ActiveX Control) – https://h17000.www1.hp.com/ewfrf–JAVA/Secure/HPGetDownloadManager.ocx
O16 – DPF: {D1E7CBDA–E60E–4970–A01C–37301EF7BF98} (Measurement Services Client v.3.7) – http://advisor.futuremark.com/global/msc37.cab
O18 – Protocol: msnim – {828030A1–22C1–4009–854F–8E305202313F} – "C:\PROGRA~1\MSNMES~1\msgrapp.dll" (file missing)
O20 – Winlogon Notify: igfxcui – C:\WINDOWS\SYSTEM32\igfxsrvc.dll
O20 – Winlogon Notify: ssldr – C:\WINDOWS\SYSTEM32\ssldr32.dll
O20 – Winlogon Notify: wancp – C:\WINDOWS\SYSTEM32\wancp.dll
O21 – SSODL: DCOM Server – {2C1CD3D7–86AC–4068–93BC–A02304BB8C34} – C:\WINDOWS\system32\dcom_14.dll
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – Unknown owner – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 – Service: avast! Web Scanner – Unknown owner – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 – Service: BlueSoleil Hid Service – Unknown owner – C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 – Service: Bluetooth Service (btwdins) – Broadcom Corporation. – C:\Program Files\WIDCOMM\Oprogramowanie interfejsu Bluetooth\bin\btwdins.exe
O23 – Service: InstallDriver Table Manager (IDriverT) – Macrovision Corporation – C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 – Service: iPodService – Apple Computer, Inc. – C:\Program Files\iPod\bin\iPodService.exe
O23 – Service: Pml Driver HPZ12 – HP – C:\WINDOWS\system32\HPZipm12.exe
O23 – Service: Registry Management Service (RegManServ) – Unknown owner – C:\Program Files\Registry Defragmentation\RegManServ.exe
Odpowiedzi: 3
Pierdzielisz Panie Anderson, jak nie przymierzajac Renata B. Analizator praktycznie zawsze, jak sie wyraziles, pokaze co mu sie nie podoba. Ja "radze" sie sugerowac jego wskazaniami. Cos ze mna nie tak ?MR. Anderson:
Automaty często zawodzą, praktycznie zawsze, więc radze nie sugerować się analizatorem logów na tej stronie.
Porownalem w tej chwili wyniki analizatora ze stanem faktycznym – nie "pomylil sie" w ani jednym miejscu. Czyli co warte sa Twoje mądrości ?
Poniewaz w logu wynikowym znajdzie miejsca w rejestrze, z ktorych trzebaby usunac pewne wartosci. Nie wiesz ze takie sa ?Przecieź on nie ma VX2 to po co ma to uźywać?
Jestes pewien ze to Agent–ZD ? Nie bylby uruchomiony i pokazany w procesach ?na dysku powinien być jeszcze plik doser.exe
A jesli ssldr32.dll i wancp.dll to trojan Proxy–Agent ?
Na poczatek http://forum.centrumxp.pl/viewtopic.php?t=37513
Przyda Ci sie rowniez zajrzec do pkt–u 8 z http://forum.centrumxp.pl/viewtopic.php?t=43523
Usun od razu caly folder MediaGateway z Program files – zerknij do Dodaj/usun programy, czy jest mozliwosc odinstalowania.
Automaty często zawodzą, praktycznie zawsze, więc radze nie sugerować się analizatorem logów na tej stronie.
Przyda Ci sie rowniez zajrzec do pkt–u 8 z http://forum.centrumxp.pl/viewtopic.php?t=43523
Przecieź on nie ma VX2 to po co ma to uźywać? :roll:
_______________________
Zrób tak:
Ściągnij Windows Worm Door Cleaner, http://www.firewallleaktester.com/wwdc.htm , odpal, zrób wszystkie znaczki na enable – wymagany reset kompa.
Start do trybu awaryjnego, wyłącz przywracanie systemu, usuń wpisy i pogrubione pliki/foldery:
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = about:blank
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html
R1 – HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = about:blank
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html
O2 – BHO: ICOOExternal Class – {0519A9C9–064A–4cbc–BC47–D0EACD581477} – C:\Program Files\ICOO Loader\addons\icooue.dll
O4 – HKLM\..\Run: [MediaPipe P2P Loader] "C:\Program Files\p2pnetworks\mpp2pl.exe" /H
O4 – HKLM\..\Run: [Notification Utility] "C:\Program Files\ItBill\itbill.exe"
O4 – HKLM\..\Run: [MediaGateway] C:\Program Files\MediaGateway\MediaGateway.exe (odinstaluj media gateway w dodaj/usuń)
O4 – HKLM\..\Run: [PayTime] C:\WINDOWS\system32\paytime.exe
O4 – HKLM\..\Run: [winsysupd] C:\\winsysupd11.exe
O4 – HKLM\..\Run: [winsysban] C:\\winsysban11.exe
O4 – HKLM\..\Run: [gimmygames] C:\\gimmygames11.exe
O4 – HKCU\..\Run: [Windows installer] C:\winstall.exe
O4 – HKCU\..\Run: [SpySheriff] C:\Program Files\SpySheriff\SpySheriff.exe (odinstaluj spysheriff w dodaj usuń )
O16 – DPF: {8FCDF9D9–A28B–480F–8C3D–581F119A8AB8} (MediaGatewayX) – http://static.zangocash.com/cab/Seekmo/ie/bridge–c567.cab
O20 – Winlogon Notify: ssldr – C:\WINDOWS\SYSTEM32\ssldr32.dll (na dysku powinien być jeszcze plik doser.exe )
O20 – Winlogon Notify: wancp – C:\WINDOWS\SYSTEM32\wancp.dll
O21 – SSODL: DCOM Server – {2C1CD3D7–86AC–4068–93BC–A02304BB8C34} – C:\WINDOWS\system32\dcom_14.dll
Przeskanuj Ewido, ściągnij, zrób update, usuń wszystko co znajdzie.
Poczytaj teź Usuwanie Fałszywej Tapety Spy Sheriff
__________________
EL NINO, nie będe pisał nowego posta, ale ten twój co jest pod moim, nieźle się uśmiałem
Na poczatek http://forum.centrumxp.pl/viewtopic.php?t=37513
Przyda Ci sie rowniez zajrzec do pkt–u 8 z http://forum.centrumxp.pl/viewtopic.php?t=43523
Usun od razu caly folder MediaGateway z Program files – zerknij do Dodaj/usun programy, czy jest mozliwosc odinstalowania.
Przyda Ci sie rowniez zajrzec do pkt–u 8 z http://forum.centrumxp.pl/viewtopic.php?t=43523
Usun od razu caly folder MediaGateway z Program files – zerknij do Dodaj/usun programy, czy jest mozliwosc odinstalowania.
Strona 1 / 1