Wirus ? pomozcie ...
Przelecialem przez HijackThis
Logfile of HijackThis v1.99.0
Scan saved at 13:58:25, on 2005–07–18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WNDW\System32\smss.exe
D:\WNDW\system32\csrss.exe
D:\WNDW\SYSTEM32\winlogon.exe
D:\WNDW\system32\services.exe
D:\WNDW\system32\lsass.exe
D:\WNDW\System32\Ati2evxx.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavProt.exe
D:\WNDW\system32\svchost.exe
D:\WNDW\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WNDW\System32\svchost.exe
D:\WNDW\system32\spoolsv.exe
D:\WNDW\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
D:\WNDW\svchost.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavFnSvr.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\Pavkre.exe
D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
D:\Program Files\Kerio\Personal Firewall\persfw.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\prevsrv.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PsImSvc.exe
D:\WNDW\System32\svchost.exe
D:\WNDW\System32\wdfmgr.exe
D:\Program Files\Opiekun\OpiekunTray.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\apvxdwin.exe
D:\WNDW\SYSTEM32\Ati2evxx.exe
D:\WNDW\Explorer.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\WebProxy.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\WNDW\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Media Gateway\MediaGateway.exe
D:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\Program Files\Gadu–Gadu\gg.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Program Files\Alwil Software\Avast4\setup\setup.ovr
D:\DOCUME~1\zi0m\USTAWI~1\Temp\Rar$EX01.625\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
F2 – REG:system.ini: Shell=Explorer.exe D:\WNDW\System32\kernels32.exe
F2 – REG:system.ini: UserInit=userinit.exe,xpjava.exe
O2 – BHO: PCTools Site Guard – {5C8B2A36–3DB1–42A4–A3CB–D426709BBFEB} – D:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – D:\WNDW\system32\appwiz.dll
O2 – BHO: (no name) – {A5366673–E8CA–11D3–9CD9–0090271D075B} – (no file)
O2 – BHO: PCTools Browser Monitor – {B56A7D7D–6927–48C8–A975–17DF180C71AC} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 – BHO: (no name) – {D51C7E20–6800–4AE7–9702–64D9021BFEC1} – D:\WNDW\System32\OpiekunIE.dll
O2 – BHO: FlashFXP Helper for Internet Explorer – {E5A1691B–D188–4419–AD02–90002030B8EE} – D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 – Toolbar: Opiekun – {3453E1A9–9D23–4B6B–9222–4A4B5E1002C9} – D:\WNDW\System32\OpiekunIE.dll
O3 – Toolbar: ZToolbar – {A6790AA5–C6C7–4BCF–A46D–0FDAC4EA90EB} – D:\WNDW\System32\ztoolb005.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WNDW\System32\msdxm.ocx
O4 – HKLM\..\Run: [internat.exe] internat.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [LVCOMS] D:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WNDW\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Media Gateway] D:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [AntiSpy PRO] D:\Program Files\AntiSpy Pro\AntiSpyPro.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe
O4 – HKCU\..\Run: [Spyware Doctor] D:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
O4 – HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 – Extra button: Spyware Doctor – {2D663D1A–8670–49D9–A1A5–4C56B4E14E84} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FLASHGET\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FLASHGET\flashget.exe
O10 – Broken Internet access because of LSP provider 'olsp.dll' missing
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{985E0105–8650–4A88–8435–4773EE0348F0}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: avast! iAVS4 Control Service – Unknown – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – Unknown – D:\WNDW\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown – D:\WNDW\SYSTEM32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: CA License Client – Computer Associates International Inc. – D:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 – Service: Event Log Watch – Computer Associates – D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 – Service: svchost.exe – Unknown – D:\WNDW\svchost.exe
O23 – Service: Opiekun – SoftStory – D:\WNDW\System32\OpiekunService.exe
O23 – Service: Panda Function Service – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavFnSvr.exe
O23 – Service: Panda Pavkre – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\Pavkre.exe
O23 – Service: Panda PavProt – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavProt.exe
O23 – Service: Panda Process Protection Service – Unknown – D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Kerio Personal Firewall – Kerio Technologies – D:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 – Service: PestPatrol Remote – Computer Associates International, Inc. – D:\Program Files\Common Files\PestPatrol\ppRemoteService.exe
O23 – Service: Panda Preventium+ Service – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\prevsrv.exe
O23 – Service: Panda IManager Service – Panda Software Internacional – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PsImSvc.exe
O23 – Service: StyleXPService – Unknown – D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
mam wira msdirectx.sys i cos tam
wescie pomuzcie mi :/
Umieszczaj topici w odpowiednich miejscach, od tego typu problemów jest dział Bezpieczeństwo.
SLAY3R
Logfile of HijackThis v1.99.0
Scan saved at 13:58:25, on 2005–07–18
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WNDW\System32\smss.exe
D:\WNDW\system32\csrss.exe
D:\WNDW\SYSTEM32\winlogon.exe
D:\WNDW\system32\services.exe
D:\WNDW\system32\lsass.exe
D:\WNDW\System32\Ati2evxx.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavProt.exe
D:\WNDW\system32\svchost.exe
D:\WNDW\System32\svchost.exe
D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
D:\WNDW\System32\svchost.exe
D:\WNDW\system32\spoolsv.exe
D:\WNDW\System32\svchost.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
D:\WNDW\svchost.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavFnSvr.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\Pavkre.exe
D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
D:\Program Files\Kerio\Personal Firewall\persfw.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\prevsrv.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PsImSvc.exe
D:\WNDW\System32\svchost.exe
D:\WNDW\System32\wdfmgr.exe
D:\Program Files\Opiekun\OpiekunTray.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\apvxdwin.exe
D:\WNDW\SYSTEM32\Ati2evxx.exe
D:\WNDW\Explorer.exe
D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\WebProxy.exe
D:\PROGRA~1\NEOSTR~1\CnxMon.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\WNDW\SOUNDMAN.EXE
D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
D:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\Media Gateway\MediaGateway.exe
D:\PROGRA~1\SPYWAR~1\swdoctor.exe
C:\Program Files\Gadu–Gadu\gg.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Program Files\WinRAR\WinRAR.exe
D:\Program Files\Alwil Software\Avast4\setup\setup.ovr
D:\DOCUME~1\zi0m\USTAWI~1\Temp\Rar$EX01.625\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl/
R1 – HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 – URLSearchHook: Search Class – {08C06D61–F1F3–4799–86F8–BE1A89362C85} – D:\PROGRA~1\NEOSTR~1\SEARCH~1.DLL
F2 – REG:system.ini: Shell=Explorer.exe D:\WNDW\System32\kernels32.exe
F2 – REG:system.ini: UserInit=userinit.exe,xpjava.exe
O2 – BHO: PCTools Site Guard – {5C8B2A36–3DB1–42A4–A3CB–D426709BBFEB} – D:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – D:\WNDW\system32\appwiz.dll
O2 – BHO: (no name) – {A5366673–E8CA–11D3–9CD9–0090271D075B} – (no file)
O2 – BHO: PCTools Browser Monitor – {B56A7D7D–6927–48C8–A975–17DF180C71AC} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O2 – BHO: (no name) – {D51C7E20–6800–4AE7–9702–64D9021BFEC1} – D:\WNDW\System32\OpiekunIE.dll
O2 – BHO: FlashFXP Helper for Internet Explorer – {E5A1691B–D188–4419–AD02–90002030B8EE} – D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 – Toolbar: Opiekun – {3453E1A9–9D23–4B6B–9222–4A4B5E1002C9} – D:\WNDW\System32\OpiekunIE.dll
O3 – Toolbar: ZToolbar – {A6790AA5–C6C7–4BCF–A46D–0FDAC4EA90EB} – D:\WNDW\System32\ztoolb005.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – D:\WNDW\System32\msdxm.ocx
O4 – HKLM\..\Run: [internat.exe] internat.exe
O4 – HKLM\..\Run: [SystemTray] SysTray.Exe
O4 – HKLM\..\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 – HKLM\..\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 – HKLM\..\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 – HKLM\..\Run: [SpeedTouch USB Diagnostics] "D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe" /icon
O4 – HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM\..\Run: [ATIPTA] D:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [LVCOMS] D:\Program Files\Common Files\Logitech\QCDriver2\LVCOMS.EXE
O4 – HKLM\..\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\Run: [NeroFilterCheck] D:\WNDW\system32\NeroCheck.exe
O4 – HKLM\..\Run: [Media Gateway] D:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [AntiSpy PRO] D:\Program Files\AntiSpy Pro\AntiSpyPro.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [APVXDWIN] "D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\APVXDWIN.EXE" /s
O4 – HKLM\..\RunServices: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe
O4 – HKCU\..\Run: [Spyware Doctor] D:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
O4 – HKCU\..\Run: [STYLEXP] D:\Program Files\TGTSoft\StyleXP\StyleXP.exe –Hide
O4 – HKCU\..\Run: [Gadu–Gadu] "C:\Program Files\Gadu–Gadu\gg.exe" /tray
O4 – Global Startup: Adobe Gamma Loader.lnk = D:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O9 – Extra button: Spyware Doctor – {2D663D1A–8670–49D9–A1A5–4C56B4E14E84} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FLASHGET\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\PROGRA~1\FLASHGET\flashget.exe
O10 – Broken Internet access because of LSP provider 'olsp.dll' missing
O16 – DPF: {9A9307A0–7DA4–4DAF–B042–5009F29E09E1} (ActiveScan Installer Class) – http://www.pandasoftware.com/activescan/as5/asinst.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{985E0105–8650–4A88–8435–4773EE0348F0}: NameServer = 194.204.152.34 217.98.63.164
O23 – Service: avast! iAVS4 Control Service – Unknown – D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: Ati HotKey Poller – Unknown – D:\WNDW\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown – D:\WNDW\SYSTEM32\ati2sgag.exe
O23 – Service: avast! Antivirus – Unknown – D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: CA License Client – Computer Associates International Inc. – D:\Program Files\CA\SharedComponents\CA_LIC\lic98rmt.exe
O23 – Service: Event Log Watch – Computer Associates – D:\Program Files\CA\SharedComponents\CA_LIC\LogWatNT.exe
O23 – Service: svchost.exe – Unknown – D:\WNDW\svchost.exe
O23 – Service: Opiekun – SoftStory – D:\WNDW\System32\OpiekunService.exe
O23 – Service: Panda Function Service – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavFnSvr.exe
O23 – Service: Panda Pavkre – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\Pavkre.exe
O23 – Service: Panda PavProt – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PavProt.exe
O23 – Service: Panda Process Protection Service – Unknown – D:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 – Service: Kerio Personal Firewall – Kerio Technologies – D:\Program Files\Kerio\Personal Firewall\persfw.exe
O23 – Service: PestPatrol Remote – Computer Associates International, Inc. – D:\Program Files\Common Files\PestPatrol\ppRemoteService.exe
O23 – Service: Panda Preventium+ Service – Unknown – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\prevsrv.exe
O23 – Service: Panda IManager Service – Panda Software Internacional – D:\Program Files\Panda Software\Panda TruPrevent Personal 2005\PsImSvc.exe
O23 – Service: StyleXPService – Unknown – D:\Program Files\TGTSoft\StyleXP\StyleXPService.exe
mam wira msdirectx.sys i cos tam
wescie pomuzcie mi :/
Umieszczaj topici w odpowiednich miejscach, od tego typu problemów jest dział Bezpieczeństwo.
SLAY3R
Odpowiedzi: 2
thx juz nie mam tego ; ]
Wyłącz przywracanie systemu na wszystkich dyskach.
Zakoncz procesy:
svchost.exe (uruchomiony przez usera, nie przez system)
MediaGateway.exe
swdoctor.exe
Z Dodaj/Usuń odinstaluj Spyware Doctora
Usun wpsiy, a wyboldowane pliki/katalogi usun recznie z dysku:
Plik olsp.dll usun z winsock programem LSP–FIX, szczególy w FAQ w tym dziale.
Wpis 023 spróbuj usunąć tak, uruchamiasz wiersz pleceń i wpisujesz:
sc stop svchost.exe
sc delete svchost.exe
Na końcu usuwasz plik z podanej lokalizacji, nie ruszaj przypadkiem tego w system32, zresztą nie da rady sie ruszyć.
Gdzie znaleziono tego msdirectx ?
Co to za program:
Zakoncz procesy:
svchost.exe (uruchomiony przez usera, nie przez system)
MediaGateway.exe
swdoctor.exe
Z Dodaj/Usuń odinstaluj Spyware Doctora
Usun wpsiy, a wyboldowane pliki/katalogi usun recznie z dysku:
F2 – REG:system.ini: Shell=Explorer.exe D:\WNDW\System32\kernels32.exe
F2 – REG:system.ini: UserInit=userinit.exe,xpjava.exe
O2 – BHO: PCTools Site Guard – {5C8B2A36–3DB1–42A4–A3CB–D426709BBFEB} – D:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 – BHO: (no name) – {78364D99–A640–4ddf–B91A–67EFF8373045} – D:\WNDW\system32\appwiz.dll
O2 – BHO: (no name) – {A5366673–E8CA–11D3–9CD9–0090271D075B} – (no file)
O2 – BHO: PCTools Browser Monitor – {B56A7D7D–6927–48C8–A975–17DF180C71AC} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O3 – Toolbar: ZToolbar – {A6790AA5–C6C7–4BCF–A46D–0FDAC4EA90EB} – D:\WNDW\System32\ztoolb005.dll
O4 – HKLM\..\Run: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\Run: [Media Gateway] D:\Program Files\Media Gateway\MediaGateway.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\RunServices: [Microsoft uptime Service] sysuptime.exe
O4 – HKLM\..\RunServices: [Microsoft Update] wuamkop32.exe
O4 – HKCU\..\Run: [Spyware Doctor] D:\PROGRA~1\SPYWAR~1\swdoctor.exe /Q
O9 – Extra button: Spyware Doctor – {2D663D1A–8670–49D9–A1A5–4C56B4E14E84} – D:\PROGRA~1\SPYWAR~1\tools\iesdpb.dll
O10 – Broken Internet access because of LSP provider 'olsp.dll' missing
O23 – Service: svchost.exe – Unknown – D:\WNDW\svchost.exe
Plik olsp.dll usun z winsock programem LSP–FIX, szczególy w FAQ w tym dziale.
Wpis 023 spróbuj usunąć tak, uruchamiasz wiersz pleceń i wpisujesz:
sc stop svchost.exe
sc delete svchost.exe
Na końcu usuwasz plik z podanej lokalizacji, nie ruszaj przypadkiem tego w system32, zresztą nie da rady sie ruszyć.
Gdzie znaleziono tego msdirectx ?
Co to za program:
O4 – HKLM\..\Run: [AntiSpy PRO] D:\Program Files\AntiSpy Pro\AntiSpyPro.exe
Strona 1 / 1