Fałszywa tapeta, brak ikon i kilka Virusow

system · 16 Marzec 2006 12:04

Proszę pomozcie mi! Mam fałszywą tapetę, brak ikon na pulpice ale one sa! ylko ich nei widac! i mam kilka wirosow ktorych nei moge usunac !

Logfile of HijackThis v1.99.1 Scan saved at 13:04:00, on 2006-03-16 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MKS\Bin\NetMonSV.exe C:\Program Files\MKS\Bin\mksmonsv.exe C:\Program Files\MKS\Bin\mks_menu.exe C:\Program Files\MKS\Bin\ABregmon.exe C:\WINDOWS\SOUNDMAN.EXE C:\WINDOWS\System32\intell32.exe C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\Program Files\eMule\emule.exe C:\Program Files\Budzik\budzik.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\System32\wuauclt.exe C:\Program Files\MKS\Bin\mks_scan.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Wapster\AQQ\AQQ.exe C:\WINDOWS\System32\dllhost.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Piotr\Moje dokumenty\hijackthis\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\8.bin\MWSSRCAS.DLL R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\8.bin\MWSSRCAS.DLL O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing) O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing) O2 - BHO: Little Fighter 2 Toolbar Helper - {AB41010D-4804-4793-A6A2-3B5EBE2348DD} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll O3 - Toolbar: Little Fighter 2 Toolbar - {C11483F7-D7D8-4804-98D8-6055470BB989} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe O4 - HKLM…\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause O4 - HKLM…\Run: [webrebates] “C:\Program Files\WebRebates4\webrebates.exe” O4 - HKLM…\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe O4 - HKLM…\Run: [WinHound] C:\Program Files\WinHound\WinHound.exe O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU…\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU…\Run: [NBJ] “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” O4 - HKCU…\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe O4 - HKCU…\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/180so … ge-c18.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … 0.0.15.cab O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/mi … Loader.dll O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_18.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/softwar … launch.cab O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_20.cab O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\System32\msctl32.dll (file missing) O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\MKS\Bin\NetMonSV.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\MKS\Bin\mks_scan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

InfinityToJa · 16 Marzec 2006 12:22

W trybie awaryjnym z wyłączonym przywracaniem systemu usuń poniższe wpisym pogrubione pliki/foldery usuń ręcznie:

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\8.bin\MWSSRCAS.DLL R3 - URLSearchHook: (no name) - - (no file) O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\Program Files\MyWebSearch\SrchAstt\8.bin\MWSSRCAS.DLL O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing) O2 - BHO: ADefaultSearch Class - {944864A5-3916-46E2-96A9-A2E84F3F1208} - C:\Program Files\Accoona\ASearchAssist.dll (file missing) O4 - HKLM…\Run: [webrebates] “C:\Program Files\WebRebates4\webrebates.exe” O4 - HKLM…\Run: [intell32.exe] C:\WINDOWS\System32\intell32.exe O4 - HKLM…\Run: [WinHound] C:\Program Files\WinHound \WinHound.exe O8 - Extra context menu item: Web Rebates. - file://C:\Program Files\WebRebates4\websrebates\webtrebates\toprC0.htm O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/180so … ge-c18.cab O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … 0.0.15.cab O16 - DPF: {8FCDF9D9-A28B-480F-8C3D-581F119A8AB8} (MediaGatewayX) - http://static.zangocash.com/cab/Zango/ie/bridge-c18.cab O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll O20 - Winlogon Notify: msctl32.dll - C:\WINDOWS\System32\msctl32.dll (file missing)

Zastosuj usuwanie WinHound

Przeskanuj http://www.ewido.net

Daj log kontrolny

system · 16 Marzec 2006 12:31

e…moemnt w HijackThis mam usunąc to co napisales…a to co ręcznie to gdzie? znalezc? i jescze jedno jak wlaczyc avaryjny tryb i wylaczyc przywraanie systemu? i njapier usunąć ręcznie ponzje w programie? czy na odwrot? :lol:

InfinityToJa · 16 Marzec 2006 12:43

Jak wejść w tryb awaryjny ?

-przy starcie wciskasz [F8] lub [F4] , wybierasz tryb awaryjny

Jak wyłączyć przywracanie systemu ?

-PrawyPrzyciskMyszy na Mój komputer>>>zakładka przywracanie systemu>>>zaptaszkuj wyłącz przywracanie systemu

3 .Jak usunąć ?

-Usuwasz najpierw wpisy w HijackThis(jak kasować masz w przyklejonym temacie), później kasujesz pogrubione pliki/foldery ręcznie z dysku (dojdziesz po ścieżkach dostępu)

Co dalej ?

-Zastosuj usuwanie WinHound, link powyżej

-przeskanuj programem ewido, link powyżej

-daj log kontrolny z HijackThis

system · 16 Marzec 2006 14:05

1.usunolem logi HijackThis

Nie znalazlem plików z (file missing)
Dalej mam fałśzywą tapetę i brak ikon a co za tym idzie- wirusy
Pregladaja c katalog windowsa natrafilem na dziwne biblioteki i pliki: msex(…), cheartch* i ksztalt serduszka !!nie usunalem
Log:

Logfile of HijackThis v1.99.1

Scan saved at 14:45:49, on 2006-03-16

Platform: Windows XP (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files\MKS\Bin\mks_menu.exe

C:\Program Files\MKS\Bin\ABregmon.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\DAEMON Tools\daemon.exe

C:\WINDOWS\System32\ctfmon.exe

C:\WINDOWS\System32\RUNDLL32.EXE

C:\PROGRA~1\Wapster\AQQ\AQQ.exe

C:\Program Files\eMule\emule.exe

C:\Program Files\Budzik\budzik.exe

C:\Program Files\MKS\Bin\NetMonSV.exe

C:\Program Files\MKS\Bin\mksmonsv.exe

C:\WINDOWS\System32\nvsvc32.exe

C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

C:\Program Files\MKS\Bin\mks_scan.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\System32\wuauclt.exe

C:\WINDOWS\Explorer.EXE

C:\Documents and Settings\Piotr\Moje dokumenty\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://google.icq.com/search/search_frame.php

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O2 - BHO: Little Fighter 2 Toolbar Helper - {AB41010D-4804-4793-A6A2-3B5EBE2348DD} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll

O3 - Toolbar: Little Fighter 2 Toolbar - {C11483F7-D7D8-4804-98D8-6055470BB989} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe

O4 - HKLM…\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe

O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe

O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause

O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe

O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - HKCU…\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r

O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray

O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit

O4 - HKCU…\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun

O4 - HKCU…\Run: [NBJ] “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe”

O4 - HKCU…\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe

O4 - HKCU…\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart

O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … 0.0.15.cab

O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/mi … Loader.dll

O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_18.cab

O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/softwar … launch.cab

O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_20.cab

O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\MKS\Bin\NetMonSV.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe

O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe

O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\MKS\Bin\mks_scan.exe

O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe

O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

Teraz sie masakrycznie wiesza mi komp
przez ciebie będe musial wlaczac kompa w trybie avaryjym bo inaczej nie sposob dzialac grrrrrr
jesczenie robilem tym “win hound” lookne co to

Złączono Posta : 16.03.2006 (Czw) 15:11

jescze zrobie tym winhoundem czy cos…ale nei mogelm tych 3 znalezc !

InfinityToJa · 16 Marzec 2006 14:11

W hijackthis skasuj jeszcze to:

Dajesz loga z silent runners http://www.forum.dobreprogramy.pl/viewtopic.php?t=36654

system · 16 Marzec 2006 14:35

nie mam juz falszywej tapety bo zrobilem WinHoundem czy ten link co dales ale dalej mam zablokowany pulpit i brak ikonek log:

Logfile of HijackThis v1.99.1 Scan saved at 15:35:02, on 2006-03-16 Platform: Windows XP (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 (6.00.2600.0000) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\MKS\Bin\NetMonSV.exe C:\Program Files\MKS\Bin\mksmonsv.exe C:\WINDOWS\System32\nvsvc32.exe C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe C:\WINDOWS\Explorer.EXE C:\Program Files\MKS\Bin\mks_menu.exe C:\Program Files\MKS\Bin\ABregmon.exe C:\WINDOWS\SOUNDMAN.EXE C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe C:\Program Files\DAEMON Tools\daemon.exe C:\WINDOWS\System32\ctfmon.exe C:\WINDOWS\System32\RUNDLL32.EXE C:\PROGRA~1\Wapster\AQQ\AQQ.exe C:\Program Files\eMule\emule.exe C:\Program Files\Budzik\budzik.exe C:\Program Files\MKS\Bin\mks_scan.exe C:\WINDOWS\System32\wuauclt.exe C:\WINDOWS\System32\wuauclt.exe C:\PROGRA~1\MOZILL~1\FIREFOX.EXE C:\WINDOWS\Explorer.EXE C:\Documents and Settings\Piotr\Moje dokumenty\hijackthis\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Little Fighter 2 Toolbar Helper - {AB41010D-4804-4793-A6A2-3B5EBE2348DD} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll O3 - Toolbar: Little Fighter 2 Toolbar - {C11483F7-D7D8-4804-98D8-6055470BB989} - C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe O4 - HKLM…\Run: [ABREGMON] C:\Program Files\MKS\Bin\ABregmon.exe O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [bearShare] “C:\Program Files\BearShare\BearShare.exe” /pause O4 - HKLM…\Run: [sunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [DAEMON Tools] “C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033 O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe O4 - HKCU…\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe O4 - HKCU…\Run: [tbon] C:\Program Files\TBONBin\tbon.exe /r O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit O4 - HKCU…\Run: [Free Download Manager] C:\Program Files\Free Download Manager\fdm.exe -autorun O4 - HKCU…\Run: [NBJ] “C:\Program Files\Ahead\Nero BackItUp\NBJ.exe” O4 - HKCU…\Run: [AQQ] C:\PROGRA~1\Wapster\AQQ\AQQ.exe O4 - HKCU…\Run: [eMuleAutoStart] C:\Program Files\eMule\emule.exe -AutoStart O4 - Startup: Budzik.lnk = C:\Program Files\Budzik\budzik.exe O16 - DPF: {288C5F13-7E52-4ADA-A32E-F5BF9D125F99} (CR64Loader Object) - http://www.miniclip.com/supergerball/mi … Loader.dll O16 - DPF: {2A781DED-C22D-4153-9812-CEA98A32981C} (GameDesire Makao) - http://67.15.101.3/g_bin/pl/cardsmakao_2_0_0_18.cab O16 - DPF: {70BA88C8-DAE8-4CE9-92BB-979C4A75F53B} (GSDACtl Class) - http://launch.gamespyarcade.com/softwar … launch.cab O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_20.cab O23 - Service: ArcaBit NetMonitor (ABNetMon) - ArcaBit sp. z o.o. - C:\Program Files\MKS\Bin\NetMonSV.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe O23 - Service: MkSUpdateInt - MkS Sp. z o. o. - C:\Program Files\MKS\bin\MkSUpdateInt.exe O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe O23 - Service: MkS_Scan - Unknown owner - C:\Program Files\MKS\Bin\mks_scan.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\System32\nvsvc32.exe O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe

przypominam ze nie znalazlem a co za tymidzie nei skasowalem plikow “file missing”

InfinityToJa · 16 Marzec 2006 14:46

Miałeś dać loga z silent runners, nie z hijackthis

system · 16 Marzec 2006 15:09

Aaaa…ja tam sie nie znam… :oops:

Log:

“Silent Runners.vbs”, revision 44, http://www.silentrunners.org/ Operating System: Windows XP Output limited to non-default values, except where indicated by “{++}” Startup items buried in registry: --------------------------------- HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “CTFMON.EXE” = “C:\WINDOWS\System32\ctfmon.exe” [MS] “Komunikator” = “C:\Program Files\Tlen.pl\tlen.exe” [file not found] “tbon” = “C:\Program Files\TBONBin\tbon.exe /r” [file not found] “Gadu-Gadu” = ““C:\Program Files\Gadu-Gadu\gg.exe” /tray” [“Gadu-Gadu Sp. z oo”] “NvMediaCenter” = “RUNDLL32.EXE C:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit” [MS] “Free Download Manager” = “C:\Program Files\Free Download Manager\fdm.exe -autorun” [file not found] “NBJ” = ““C:\Program Files\Ahead\Nero BackItUp\NBJ.exe”” [“Ahead Software AG”] “AQQ” = “C:\PROGRA~1\Wapster\AQQ\AQQ.exe” [“AQQ Sp. z o.o.”] “eMuleAutoStart” = “C:\Program Files\eMule\emule.exe -AutoStart” [“http://www.emule-project.net”] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\ {++} “NvCplDaemon” = “RUNDLL32.EXE C:\WINDOWS\System32\NvCpl.dll,NvStartup” [MS] “nwiz” = “nwiz.exe /install” [“NVIDIA Corporation”] “MKS_MENU” = “C:\Program Files\MKS\Bin\mks_menu.exe” [“MKS Sp. z o.o.”] “ABREGMON” = “C:\Program Files\MKS\Bin\ABregmon.exe” [“ArcaBit”] “SoundMan” = “SOUNDMAN.EXE” [“Realtek Semiconductor Corp.”] “NeroFilterCheck” = “C:\WINDOWS\system32\NeroCheck.exe” [“Ahead Software Gmbh”] “BearShare” = ““C:\Program Files\BearShare\BearShare.exe” /pause” [file not found] “SunJavaUpdateSched” = “C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe” [“Sun Microsystems, Inc.”] “DAEMON Tools” = ““C:\Program Files\DAEMON Tools\daemon.exe” -lang 1033” [“DT Soft Ltd.”] HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\ {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}(Default) = (no title provided) -> {HKLM…CLSID} = “SSVHelper Class” \InProcServer32(Default) = “C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll” [“Sun Microsystems, Inc.”] {AB41010D-4804-4793-A6A2-3B5EBE2348DD}(Default) = (no title provided) -> {HKLM…CLSID} = “Little Fighter 2 Toolbar Helper” \InProcServer32(Default) = “C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll” [null data] HKLM\Software\Classes*\shellex\ContextMenuHandlers\ MkS_Vir(Default) = “{CC4245C0-D511-11D0-8918-444553540000}” -> {HKLM…CLSID} = “MkS_Vir Shell Extension” \InProcServer32(Default) = “C:\Program Files\MKS\Bin\MkSShell.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Directory\shellex\ContextMenuHandlers\ WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] HKLM\Software\Classes\Folder\shellex\ContextMenuHandlers\ MkS_Vir(Default) = “{CC4245C0-D511-11D0-8918-444553540000}” -> {HKLM…CLSID} = “MkS_Vir Shell Extension” \InProcServer32(Default) = “C:\Program Files\MKS\Bin\MkSShell.dll” [null data] WinRAR(Default) = “{B41DB860-8EE4-11D2-9906-E49FADC173CA}” -> {HKLM…CLSID} = “WinRAR” \InProcServer32(Default) = “C:\Program Files\WinRAR\rarext.dll” [null data] Active Desktop and Wallpaper: ----------------------------- Active Desktop is enabled at this entry: HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellState Enabled Screen Saver: --------------------- HKCU\Control Panel\Desktop\ HKCU\Software\Microsoft\Internet Explorer\Desktop\Components\0\ “SCRNSAVE.EXE” = “C:\WINDOWS\System32\logon.scr” [MS] Startup items in “Piotr” & “All Users” startup folders: ------------------------------------------------------- C:\Documents and Settings\Piotr\Menu Start\Programy\Autostart “Budzik” -> shortcut to: “C:\Program Files\Budzik\budzik.exe” [“BLITZ-ART”] Winsock2 Service Provider DLLs: ------------------------------- Namespace Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\NameSpace_Catalog5\Catalog_Entries\ {++} 000000000001\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] 000000000002\LibraryPath = “%SystemRoot%\System32\winrnr.dll” [MS] 000000000003\LibraryPath = “%SystemRoot%\System32\mswsock.dll” [MS] Transport Service Providers HKLM\System\CurrentControlSet\Services\Winsock2\Parameters\Protocol_Catalog9\Catalog_Entries\ {++} 0000000000##\PackedCatalogItem (contains) DLL [Company Name], (at) ## range: %SystemRoot%\system32\mswsock.dll [MS], 01 - 03, 06 - 12 %SystemRoot%\system32\rsvpsp.dll [MS], 04 - 05 Toolbars, Explorer Bars, Extensions: ------------------------------------ Toolbars HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\ “{C11483F7-D7D8-4804-98D8-6055470BB989}” -> {HKLM…CLSID} = “Little Fighter 2 Toolbar” \InProcServer32(Default) = “C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll” [null data] HKLM\Software\Microsoft\Internet Explorer\Toolbar\ “{C11483F7-D7D8-4804-98D8-6055470BB989}” = “Little Fighter 2 Toolbar” -> {HKLM…CLSID} = “Little Fighter 2 Toolbar” \InProcServer32(Default) = “C:\Program Files\Little Fighter 2 Toolbar\v2.0.0.1\Little_Fighter_2_Toolbar.dll” [null data] Running Services (Display Name, Service Name, Path {Service DLL}): ------------------------------------------------------------------ ArcaBit NetMonitor, ABNetMon, “C:\Program Files\MKS\Bin\NetMonSV.exe” [“ArcaBit sp. z o.o.”] MkS_Scan, MkS_Scan, “C:\Program Files\MKS\Bin\mks_scan.exe” [empty string] MkS_Vir Monitor, MksVirMonSvc, “C:\Program Files\MKS\Bin\mksmonsv.exe” [empty string] NVIDIA Driver Helper Service, NVSvc, “C:\WINDOWS\System32\nvsvc32.exe” [“NVIDIA Corporation”] StarWind iSCSI Service, StarWindService, “C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindService.exe” [“Rocket Division Software”] ---------- + This report excludes default entries except where indicated. + To see *everywhere* the script checks and *everything* it finds, launch it from a command prompt or a shortcut with the -all parameter. + The search for DESKTOP.INI DLL launch points on all local fixed drives took 199 seconds. + The search for all Registry CLSIDs containing dormant Explorer Bars took 307 seconds. ---------- (total run time: 822 seconds)

Gutek · 16 Marzec 2006 15:35

Otwórz notatnik i wklej:

Plik >>> Zapisz jako >>> Ustaw rozszerzenie z TXT na Wszystkie pliki >>> zapisz pod nazwą FIX.REG >>> kliknij podwójnie zrobiony plik i potwierdź >>> reset kompa

system · 16 Marzec 2006 16:15

odblokwoał sie pupit ( thx wszystkim :lol: ) ale dalej nei mam ikonek

W folderze “pupit” tam gdzie on sie zawsze znajduje ikonki są! Są też gdy chceottworzyc jakis plik np paintem i wlacze pulpit ! sa ale ich nei wiiidac! heelp me

Gutek · 16 Marzec 2006 16:25

Dobrze rozumie nie ma ikonek na puplpicie?

system · 16 Marzec 2006 16:27

nie ma na pulpicie ale ogolnie są.

Złączono Posta : 16.03.2006 (Czw) 17:32

i odkad zaczalem dzis odwirusowywac kompa w moich dokumentach pojawily sie 2 pliki systemowe! a jak to usuwam to sie zaraz robi na nowo

Gutek · 16 Marzec 2006 16:36

Prawy klik na Pulpit >>>rozmieść ikony według >>> Pokaż ikony Pulpitu.

system · 16 Marzec 2006 16:38

wooow! a ja sie tak glowile co mi sie poje**lo ! heeh DZIEEEEEKI

Złączono Posta : 16.03.2006 (Czw) 17:59

Kłopotów ciąg dalszy. Teraz w KAżDYM FOLDERZE MAM PLIK THUMBS.INI A W NIEKTORYCH JESCZE DESKTOP.INI

Gutek · 16 Marzec 2006 17:16

Ale to nie problem wejdź np. Mój komputer>>>narzędzia>>>opje folderów>>>widok>>> i zaznacz ukryj chronione pliki systemu operacyjnego(zalecane0 daj zastosuj i Ok i po sprawie

system · 16 Marzec 2006 17:22

a…rzeczywiscie! dalem “pokaz chronione pliki” jak w\szukalem kilku plikow…aha i jescze jedno…nei udalo m isie usunac 2 lub 3 plikow podanych ktore mialem usnac recznie…to byle te chyba ukryte bo bylo (file missing)…nie bedie z tego problemow? i poradz jakis antiwirus bo mi sie na MKS-sie licencja skoczykla…moze wkleic nowa?

Gutek · 16 Marzec 2006 17:26

Z płatnych to kasperski bezpłatne to avast.

Jak skanowałes EWIDO i nic nie znalazł jest Ok

Scan EWIDO po update - http://www.ewido.net/en/

system · 16 Marzec 2006 17:30

WIDO nie dziala

Gutek · 16 Marzec 2006 17:35

To znaczy jak nie działa?