Zielony juz wiadomo o kogo chodzi oczywiscie Mateo515 Wstawim loga ale nie wiem jak co kasowac w trybie awaryjnym co powiecie na mojego loga;
Logfile of HijackThis v1.99.0
Scan saved at 15:24:58, on 2005-05-02
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\cFosSpeed\spd.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Eset\nod32krn.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
C:\temp\salm.exe
C:\WINDOWS\System32\ap9h4qmo.exe
C:\Program Files\Media Access\MediaAccK.exe
C:\Program Files\cFosSpeed\cFosSpeed.exe
C:\Program Files\Eset\nod32kui.exe
C:\Documents and Settings\Administrator\Dane aplikacji\mwbm.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Media Access\MediaAccess.exe
C:\Program Files\Azureus\Azureus.exe
C:\Program Files\Java\j2re1.4.2_04\bin\javaw.exe
C:\PROGRA~1\MOZILL~1\FIREFOX.EXE
C:\Documents and Settings\Administrator\Pulpit\eMulePlus-1.1c.Binary\777777777777777777777777777.exe
C:\WINDOWS\System32\devldr32.exe
C:\Program Files\Winamp\Winamp.exe
C:\WINDOWS\System32\wuauclt.exe
D:\xxxx\zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz\x\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = wmplayer.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
F2 - REG:system.ini: Shell=explorer.exe
O2 - BHO: (no name) - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {41DDB451-7AB2-536F-C8AC-75D27DABD9CA} - C:\WINDOWS\System32\exocy.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [salm] c:\temp\salm.exe
O4 - HKLM…\Run: [dulob] C:\WINDOWS\dulob.exe
O4 - HKLM…\Run: [ap9h4qmo] C:\WINDOWS\System32\ap9h4qmo.exe
O4 - HKLM…\Run: [Media Access] C:\Program Files\Media Access\MediaAccK.exe
O4 - HKLM…\Run: [cFosSpeed] C:\Program Files\cFosSpeed\cFosSpeed.exe
O4 - HKLM…\Run: [nod32kui] “C:\Program Files\Eset\nod32kui.exe” /WAITSERVICE
O4 - HKCU…\Run: [Rbso] C:\Documents and Settings\Administrator\Dane aplikacji\mwbm.exe
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [Piracy] “C:\WINDOWS\SysUtil.exe” /PIRACY
O4 - Startup: Azureus.lnk = C:\Program Files\Azureus\Azureus.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\j2re1.4.2_04\bin\npjpi142_04.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} -
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller Control) -
O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} (VacPro.internazionale_ver11) - http://advnt03.com/dialer/internazionale_ver11.CAB
O17 - HKLM\System\CCS\Services\Tcpip…{1DA3C373-83E5-4347-9742-603415529EFA}: NameServer = 194.204.159.1,194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip…{1DA3C373-83E5-4347-9742-603415529EFA}: NameServer = 194.204.159.1,194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip…{1DA3C373-83E5-4347-9742-603415529EFA}: NameServer = 194.204.159.1,194.204.152.34
O23 - Service: cFosSpeed System Service - cFos Software GmbH - C:\Program Files\cFosSpeed\spd.exe
O23 - Service: Kerio Personal Firewall 4 - Kerio Technologies - C:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NOD32 Kernel Service - Unknown - C:\Program Files\Eset\nod32krn.exe