Prosze o sprawdzenie log`a kolezanki

system · 28 Styczeń 2006 17:41

Logfile of HijackThis v1.99.1

Scan saved at 18:42:08, on 06-01-28

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\TCDPLAY.DRV

C:\WINDOWS\SYSTEM\TWBROWSE.DRV

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\S3SYSKEY.EXE

C:\WINDOWS\SYSTEM\TOSHIBSU.EXE

C:\WINDOWS\SYSTEM\PSPCCARD.EXE

C:\WINDOWS\SYSTEM\PWRTRAY.EXE

C:\WINDOWS\SYSTEM\TESCKEY.EXE

C:\WINDOWS\SYSTEM\TFUNCKEY.EXE

C:\WINDOWS\SYSTEM\THOTKEY.EXE

C:\WINDOWS\SYSTEM\PAYTIME.EXE

C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSOEMON.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\WINDOWS\RunDLL.exe

C:\PROGRAM FILES\GADU-GADU\GG.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE

C:\PROGRAM FILES\SAGEM WIFI MANAGER\WLANUTL.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\MOZILLA FIREFOX\FIREFOX.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL

O1 - Hosts: 127.0.0.5 makethemcry.com

O1 - Hosts: 127.0.0.5 loudcash.com

O1 - Hosts: 127.0.0.5 iframestat.com

O1 - Hosts: 127.0.0.5 toolbarpartner.com

O1 - Hosts: 127.0.0.5 hqcash.com

O1 - Hosts: 127.0.0.5 verybigcash.com

O1 - Hosts: 127.0.0.5 makethemcry.com

O1 - Hosts: 127.0.0.5 moviepartnership.com

O1 - Hosts: 127.0.0.5 callmachine.com

O1 - Hosts: 127.0.0.5 regcash.com

O1 - Hosts: 127.0.0.5 toolbarpartner.com

O1 - Hosts: 127.0.0.5 klikrevenue.com

O1 - Hosts: 127.0.0.5 p2dll.com

O1 - Hosts: 127.0.0.5 t73.com

O1 - Hosts: 127.0.0.5 www.makethemcry.com

O1 - Hosts: 127.0.0.5 www.loudcash.com

O1 - Hosts: 127.0.0.5 www.iframestat.com

O1 - Hosts: 127.0.0.5 www.toolbarpartner.com

O1 - Hosts: 127.0.0.5 www.hqcash.com

O1 - Hosts: 127.0.0.5 www.verybigcash.com

O1 - Hosts: 127.0.0.5 www.makethemcry.com

O1 - Hosts: 127.0.0.5 www.moviepartnership.com

O1 - Hosts: 127.0.0.5 www.callmachine.com

O1 - Hosts: 127.0.0.5 www.regcash.com

O1 - Hosts: 127.0.0.5 www.toolbarpartner.com

O1 - Hosts: 127.0.0.5 www.klikrevenue.com

O1 - Hosts: 127.0.0.5 www.p2dll.com

O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL

O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [internat.exe] internat.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [s3syskey] s3syskey.exe

O4 - HKLM\..\Run: [TOSHIBSU] TOSHIBSU.EXE

O4 - HKLM\..\Run: [PsPCCard] PsPCCard.EXE

O4 - HKLM\..\Run: [PowerTray] PwrTray.EXE

O4 - HKLM\..\Run: [TEscKey] TESCKEY.EXE

O4 - HKLM\..\Run: [TFunckey] TFUNCKEY.EXE

O4 - HKLM\..\Run: [THotkey] THotkey.Exe

O4 - HKLM\..\Run: [PayTime] C:\WINDOWS\SYSTEM\paytime.exe

O4 - HKLM\..\Run: [winoyo32.dll] rundll32 winoyo32.dll,run

O4 - HKLM\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [TCDPlay] TCDPlay.Drv

O4 - HKLM\..\RunServices: [TWBrowse] TWBrowse.Drv

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray

O4 - HKCU\..\Run: [Shell] "C:\WINDOWS\SYSTEM\ibm00001.exe"

O4 - HKCU\..\Run: [Windows installer] C:\winstall.exe

O4 - HKCU\..\Run: [fmzi] C:\STUB_113_4_0_4_0.EXE

O4 - HKCU\..\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE

O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUxdm209YYPL

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O21 - SSODL: LJQSHRrHCFahd - {396F0FDF-93C5-A575-DEE4-C2EE664D8AC1} - C:\WINDOWS\SYSTEM\IL.DLL

Złączono Posta : 28.01.2006 (Sob) 20:12

bardzo prosze o pomoc zalezy mi na szybkiej odpowiedzi poniewaz patrzą mi na rece

Gutek · 28 Styczeń 2006 20:13

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R3 - URLSearchHook: (no name) - {00A6FAF6-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL O1 - Hosts: 127.0.0.5 makethemcry.com O1 - Hosts: 127.0.0.5 loudcash.com O1 - Hosts: 127.0.0.5 iframestat.com O1 - Hosts: 127.0.0.5 toolbarpartner.com O1 - Hosts: 127.0.0.5 hqcash.com O1 - Hosts: 127.0.0.5 verybigcash.com O1 - Hosts: 127.0.0.5 makethemcry.com O1 - Hosts: 127.0.0.5 moviepartnership.com O1 - Hosts: 127.0.0.5 callmachine.com O1 - Hosts: 127.0.0.5 regcash.com O1 - Hosts: 127.0.0.5 toolbarpartner.com O1 - Hosts: 127.0.0.5 klikrevenue.com O1 - Hosts: 127.0.0.5 p2dll.com O1 - Hosts: 127.0.0.5 t73.com O1 - Hosts: 127.0.0.5 http://www.makethemcry.com O1 - Hosts: 127.0.0.5 http://www.loudcash.com O1 - Hosts: 127.0.0.5 http://www.iframestat.com O1 - Hosts: 127.0.0.5 http://www.toolbarpartner.com O1 - Hosts: 127.0.0.5 http://www.hqcash.com O1 - Hosts: 127.0.0.5 http://www.verybigcash.com O1 - Hosts: 127.0.0.5 http://www.makethemcry.com O1 - Hosts: 127.0.0.5 http://www.moviepartnership.com O1 - Hosts: 127.0.0.5 http://www.callmachine.com O1 - Hosts: 127.0.0.5 http://www.regcash.com O1 - Hosts: 127.0.0.5 http://www.toolbarpartner.com O1 - Hosts: 127.0.0.5 http://www.klikrevenue.com O1 - Hosts: 127.0.0.5 http://www.p2dll.com O2 - BHO: MyWebSearch Search Assistant BHO - {00A6FAF1-072E-44cf-8957-5838F569A31D} - C:\PROGRAM FILES\MYWEBSEARCH\SRCHASTT\1.BIN\MWSSRCAS.DLL O3 - Toolbar: My &Web Search - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - C:\PROGRAM FILES\MYWEBSEARCH\BAR\1.BIN\MWSBAR.DLL O4 - HKLM…\Run: [PayTime] C:\WINDOWS\SYSTEM\paytime.exe O4 - HKLM…\Run: [winoyo32.dll] rundll32 winoyo32.dll,run O4 - HKCU…\Run: [shell] “C:\WINDOWS\SYSTEM\ibm00001.exe” O4 - HKCU…\Run: [Windows installer] C:\winstall.exe O4 - HKCU…\Run: [fmzi] C:\STUB_113_4_0_4_0.EXE O4 - HKCU…\Run: [MyWebSearch Email Plugin] C:\PROGRA~1\MYWEBS~1\BAR\1.BIN\MWSOEMON.EXE O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi … xdm209YYPL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … 0.0.15.cab O21 - SSODL: LJQSHRrHCFahd - {396F0FDF-93C5-A575-DEE4-C2EE664D8AC1} - C:\WINDOWS\SYSTEM\IL.DLL

Zastartować do trybu awaryjnego bez internetu TU.
Zaznaczyć wskazane wpisy w Hijacku i kliknąć Fix checked. Wpisy zostaną usunięte.
Skasować z dysku pliki i foldery, które podkreśliłem na czerwono
Dokończyć skanerami online - Scanery do wyboru
Pokazać nowy log

zastosuj Usuwanie tapety SpySheriff

system · 28 Styczeń 2006 21:06

Logfile of HijackThis v1.99.1

Scan saved at 22:05:38, on 06-01-28

Platform: Windows 98 SE (Win9x 4.10.2222A)

MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)


Running processes:

C:\WINDOWS\SYSTEM\KERNEL32.DLL

C:\WINDOWS\SYSTEM\MSGSRV32.EXE

C:\WINDOWS\SYSTEM\MPREXE.EXE

C:\WINDOWS\SYSTEM\mmtask.tsk

C:\WINDOWS\SYSTEM\MSTASK.EXE

C:\WINDOWS\SYSTEM\TCDPLAY.DRV

C:\WINDOWS\SYSTEM\TWBROWSE.DRV

C:\PROGRAM FILES\ESET\NOD32KRN.EXE

C:\WINDOWS\EXPLORER.EXE

C:\WINDOWS\TASKMON.EXE

C:\WINDOWS\SYSTEM\INTERNAT.EXE

C:\WINDOWS\SYSTEM\SYSTRAY.EXE

C:\WINDOWS\SYSTEM\S3SYSKEY.EXE

C:\WINDOWS\SYSTEM\TOSHIBSU.EXE

C:\WINDOWS\SYSTEM\PSPCCARD.EXE

C:\WINDOWS\SYSTEM\PWRTRAY.EXE

C:\WINDOWS\SYSTEM\TESCKEY.EXE

C:\WINDOWS\SYSTEM\TFUNCKEY.EXE

C:\WINDOWS\SYSTEM\THOTKEY.EXE

C:\PROGRAM FILES\ESET\NOD32KUI.EXE

C:\WINDOWS\RunDLL.exe

C:\PROGRAM FILES\GADU-GADU\GG.EXE

C:\PROGRAM FILES\COMMON FILES\MICROSOFT SHARED\WORKS SHARED\WKCALREM.EXE

C:\PROGRAM FILES\SAGEM WIFI MANAGER\WLANUTL.EXE

C:\WINDOWS\SYSTEM\WMIEXE.EXE

C:\WINDOWS\SYSTEM\DDHELP.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE

C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O1 - Hosts: 127.0.0.5 makethemcry.com

O1 - Hosts: 127.0.0.5 loudcash.com

O1 - Hosts: 127.0.0.5 iframestat.com

O1 - Hosts: 127.0.0.5 toolbarpartner.com

O1 - Hosts: 127.0.0.5 hqcash.com

O1 - Hosts: 127.0.0.5 verybigcash.com

O1 - Hosts: 127.0.0.5 makethemcry.com

O1 - Hosts: 127.0.0.5 moviepartnership.com

O1 - Hosts: 127.0.0.5 callmachine.com

O1 - Hosts: 127.0.0.5 regcash.com

O1 - Hosts: 127.0.0.5 toolbarpartner.com

O1 - Hosts: 127.0.0.5 klikrevenue.com

O1 - Hosts: 127.0.0.5 p2dll.com

O1 - Hosts: 127.0.0.5 t73.com

O1 - Hosts: 127.0.0.5 www.makethemcry.com

O1 - Hosts: 127.0.0.5 www.loudcash.com

O1 - Hosts: 127.0.0.5 www.iframestat.com

O1 - Hosts: 127.0.0.5 www.toolbarpartner.com

O1 - Hosts: 127.0.0.5 www.hqcash.com

O1 - Hosts: 127.0.0.5 www.verybigcash.com

O1 - Hosts: 127.0.0.5 www.makethemcry.com

O1 - Hosts: 127.0.0.5 www.moviepartnership.com

O1 - Hosts: 127.0.0.5 www.callmachine.com

O1 - Hosts: 127.0.0.5 www.regcash.com

O1 - Hosts: 127.0.0.5 www.toolbarpartner.com

O1 - Hosts: 127.0.0.5 www.klikrevenue.com

O1 - Hosts: 127.0.0.5 www.p2dll.com

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX

O4 - HKLM\..\Run: [ScanRegistry] c:\windows\scanregw.exe /autorun

O4 - HKLM\..\Run: [TaskMonitor] c:\windows\taskmon.exe

O4 - HKLM\..\Run: [internat.exe] internat.exe

O4 - HKLM\..\Run: [SystemTray] SysTray.Exe

O4 - HKLM\..\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\Run: [s3syskey] s3syskey.exe

O4 - HKLM\..\Run: [TOSHIBSU] TOSHIBSU.EXE

O4 - HKLM\..\Run: [PsPCCard] PsPCCard.EXE

O4 - HKLM\..\Run: [PowerTray] PwrTray.EXE

O4 - HKLM\..\Run: [TEscKey] TESCKEY.EXE

O4 - HKLM\..\Run: [TFunckey] TFUNCKEY.EXE

O4 - HKLM\..\Run: [THotkey] THotkey.Exe

O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE

O4 - HKLM\..\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme

O4 - HKLM\..\RunServices: [SchedulingAgent] mstask.exe

O4 - HKLM\..\RunServices: [TCDPlay] TCDPlay.Drv

O4 - HKLM\..\RunServices: [TWBrowse] TWBrowse.Drv

O4 - HKLM\..\RunServices: [NOD32kernel] "C:\Program Files\Eset\nod32krn.exe"

O4 - HKCU\..\Run: [Taskbar Display Controls] RunDLL deskcp16.dll,QUICKRES_RUNDLLENTRY

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray

O4 - Startup: Microsoft Works Calendar Reminders.lnk = C:\Program Files\Common Files\Microsoft Shared\Works Shared\wkcalrem.exe

O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE

O4 - Startup: SAGEM Wi-Fi 11g USB adapter LAN Utility.lnk = C:\Program Files\SAGEM WiFi manager\WLANUTL.exe

O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredits/menusearch.jhtml?p=ZUxdm209YYPL

O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/funwebproducts/ei/MyFunCardsFWBInitialSetup1.0.0.15.cab

O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) - http://poczta.wp.pl/d114/mailcfg.ocx

O21 - SSODL: LJQSHRrHCFahd - {396F0FDF-93C5-A575-DEE4-C2EE664D8AC1} - C:\WINDOWS\SYSTEM\IL.DLL

to nic nie dało mam problemy z ustawieniem strony startowej i przy uruchamianiu wyskakuje problem ze niemoze znaleźć pliku ibm00001.exe a przy uruchamianiu przegladarki poszukuje pliku c:\secure32.html prosi o sprawdzeniescieźki

Gutek · 28 Styczeń 2006 21:13

Jak skasujesz wszystko pogadamy, instrukcja wyzej -

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = c:\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = c:\secure32.html O1 - Hosts: 127.0.0.5 makethemcry.com O1 - Hosts: 127.0.0.5 loudcash.com O1 - Hosts: 127.0.0.5 iframestat.com O1 - Hosts: 127.0.0.5 toolbarpartner.com O1 - Hosts: 127.0.0.5 hqcash.com O1 - Hosts: 127.0.0.5 verybigcash.com O1 - Hosts: 127.0.0.5 makethemcry.com O1 - Hosts: 127.0.0.5 moviepartnership.com O1 - Hosts: 127.0.0.5 callmachine.com O1 - Hosts: 127.0.0.5 regcash.com O1 - Hosts: 127.0.0.5 toolbarpartner.com O1 - Hosts: 127.0.0.5 klikrevenue.com O1 - Hosts: 127.0.0.5 p2dll.com O1 - Hosts: 127.0.0.5 t73.com O1 - Hosts: 127.0.0.5 http://www.makethemcry.com O1 - Hosts: 127.0.0.5 http://www.loudcash.com O1 - Hosts: 127.0.0.5 http://www.iframestat.com O1 - Hosts: 127.0.0.5 http://www.toolbarpartner.com O1 - Hosts: 127.0.0.5 http://www.hqcash.com O1 - Hosts: 127.0.0.5 http://www.verybigcash.com O1 - Hosts: 127.0.0.5 http://www.makethemcry.com O1 - Hosts: 127.0.0.5 http://www.moviepartnership.com O1 - Hosts: 127.0.0.5 http://www.callmachine.com O1 - Hosts: 127.0.0.5 http://www.regcash.com O1 - Hosts: 127.0.0.5 http://www.toolbarpartner.com O1 - Hosts: 127.0.0.5 http://www.klikrevenue.com O1 - Hosts: 127.0.0.5 http://www.p2dll.com O8 - Extra context menu item: &Search - http://edits.mywebsearch.com/toolbaredi … xdm209YYPL O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - http://ak.imgfarm.com/images/nocache/fu … 0.0.15.cab O21 - SSODL: LJQSHRrHCFahd - {396F0FDF-93C5-A575-DEE4-C2EE664D8AC1} - C:\WINDOWS\SYSTEM\IL.DLL

Zób tak bo na pewno jest:

zedytować musisz: Start >>> Uruchom >>> SYSTEM.INI i zedytuj ten wpis, jak się nie pokaże.

Mój komputer >>> Narzędzia >>> Opcje folderów >>> Widok

Zaznaczone Pokaż ukryte pliki i foldery + odznaczone Ukryj chronione pliki systemu operacyjnego…

Jak zedytować, w sekcji [boot] jest po shell = explorer.exe ibm00001.exe" [MS], usunąć stamtąd ibm00001.exe (ma zostać shell=explorer.exe)

Ale ja potrzebuje log-a z Silenta - Silent opis: http://www.searchengines.pl/phpbb203/in … opic=15989

system · 28 Styczeń 2006 21:33

czy mam usunąc tylko ten jeden wers zaznaczony na czerwono / np. secure32.exe/ czy wszystkie wersy zawierajce te plik?

Gutek · 28 Styczeń 2006 21:42

Jak skasujesz ten plik potem hijackiem wszytsko uswasz co zaznaczylem i pamietaj o log-u z Silenta

system · 28 Styczeń 2006 22:44

przy próbie uruchamiania silenta pojawia się następujący komunikat:This script requires “WMI” to run.It can be downloaded at http//tinyurl.com/jbxe Press OK to direct yuor browser to the download site or Cancel to quit. po wcisnieciu ok otwiera sie strona Microsofte i jakieś linki do ściągnięcia, nie wiem o co chodzi?

Gutek · 29 Styczeń 2006 11:20

A w linku jest odpowiedz nie chce sie czytac

pobierz http://www.microsoft.com/downloads/deta … F236E0E875