Mam problem z wyskakującymi reklamami i rozłancza mi się ciągle internet
Logfile of HijackThis v1.99.1 Scan saved at 22:46:10, on 05-12-06 Platform: Windows 98 SE (Win9x 4.10.2222A) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINDOWS\SYSTEM\KERNEL32.DLL C:\WINDOWS\SYSTEM\MSGSRV32.EXE C:\WINDOWS\SYSTEM\MPREXE.EXE C:\WINDOWS\SYSTEM\mmtask.tsk C:\WINDOWS\SYSTEM\MSTASK.EXE C:\WINDOWS\SYSTEM\MSPATCH32.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\SYMTRAY.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCEVTMGR.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCSETMGR.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON UTILITIES\NPROTECT.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINJECT.EXE C:\WINDOWS\EXPLORER.EXE C:\WINDOWS\SYSTEM\INTERNAT.EXE C:\WINDOWS\TASKMON.EXE C:\WINDOWS\SYSTEM\SYSTRAY.EXE C:\PROGRAM FILES\WINAMP\WINAMPA.EXE C:\PROGRAM FILES\WANADOO\TASKBARICON.EXE C:\WINDOWS\SYSTEM\HPZTSB03.EXE C:\WINDOWS\SYSTEM\SPOOL32.EXE C:\WINDOWS\SYSTEM\QTTASK.EXE C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCK.EXE C:\WINDOWS\SYSTEM\KMI59LI9.EXE C:\PROGRAM FILES\MEDIA ACCESS\MEDIAACCESS.EXE C:\PROGRAM FILES\INTERNET OPTIMIZER\OPTIMIZE.EXE C:\PROGRAM FILES\PRXCLDJ\PUNALLU.EXE C:\PROGRAM FILES\INTERNET OPTIMIZER\ACTALERT.EXE C:\UPDATE.EXE C:\PROGRAM FILES\COMMON FILES\SYMANTEC SHARED\CCAPP.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\PASSWORD MANAGER\ACCTMGR.EXE C:\PROGRAM FILES\180SEARCH ASSISTANT\180SA.EXE C:\PROGRAM FILES\CHAT\GADU-GADU\GG.EXE C:\PROGRAM FILES\SAGEM\SAGEM F@ST 800-840\DSLMON.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\CSINSM32.EXE C:\WINDOWS\SYSTEM\PSTORES.EXE C:\WINDOWS\SYSTEM\WMIEXE.EXE C:\PROGRAM FILES\NORTON SYSTEMWORKS\NORTON CLEANSWEEP\Monwow.exe C:\WINDOWS\SYSTEM\RNAAPP.EXE C:\WINDOWS\SYSTEM\TAPISRV.EXE C:\PROGRAM FILES\WANADOO\ESPACEWANADOO.EXE C:\PROGRAM FILES\WANADOO\COMCOMP.EXE C:\PROGRAM FILES\WANADOO\WATCH.EXE C:\WINDOWS\SYSTEM\DDHELP.EXE C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/WINDOWS/secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure32.html R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada Plus wita Cie w Internecie R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\PROGRAM FILES\ADOBE\ACROBAT 5.0\READER\ACTIVEX\ACROIEHELPER.OCX O2 - BHO: UCmore Toolbar - {ED8DB0FD-D8F4-4b2c-BB5B-9EF040FE104D} - C:\PROGRAM FILES\UCMORE\UCMIE.DLL O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\NEM220.DLL (file missing) O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\WSEM303.DLL (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: (no name) - {7A7E6D97-B492-4884-9ABB-C31281DCC4F2} - (no file) O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\PROGRAM FILES\180SEARCH ASSISTANT\180SAHOOK.DLL O3 - Toolbar: UCmore Toolbar - {53CBEE82-D747-11d3-9ED0-005004189684} - C:\PROGRAM FILES\UCMORE\UCMIE.DLL O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton SystemWorks\Norton Antivirus\NavShExt.dll O4 - HKLM…\Run: [internat.exe] internat.exe O4 - HKLM…\Run: [scanRegistry] C:\WINDOWS\scanregw.exe /autorun O4 - HKLM…\Run: [TaskMonitor] C:\WINDOWS\taskmon.exe O4 - HKLM…\Run: [systemTray] SysTray.Exe O4 - HKLM…\Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM…\Run: [NVRTCLK] C:\WINDOWS\SYSTEM\NVRTClk.exe O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\SYSTEM\NvCpl.dll,NvStartup O4 - HKLM…\Run: [nwiz] nwiz.exe /install O4 - HKLM…\Run: [WinampAgent] “C:\PROGRAM FILES\WINAMP\WINAMPa.exe” O4 - HKLM…\Run: [WOOWATCH] C:\PROGRA~1\WANADOO\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] C:\PROGRA~1\WANADOO\TaskbarIcon.exe O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\SYSTEM\hpztsb03.exe O4 - HKLM…\Run: [ALiUSBfix] C:\WINDOWS\SYSTEM\GREENMK.exe O4 - HKLM…\Run: [instantAccess] C:\Program Files\ScannerU\TBRIDGE\BIN\InstantAccess.exe /h O4 - HKLM…\Run: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM…\Run: [Zasobnik systemowy] SysTray.Exe O4 - HKLM…\Run: [QuickTime Task] “C:\WINDOWS\SYSTEM\QTTASK.EXE” -atboottime O4 - HKLM…\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe O4 - HKLM…\Run: [kmi59li9] C:\WINDOWS\SYSTEM\kmi59li9.exe O4 - HKLM…\Run: [internet Optimizer] “C:\Program Files\Internet Optimizer\optimize.exe” O4 - HKLM…\Run: [iakrmi] C:\PROGRAM FILES\PRXCLDJ\PUNALLU.EXE O4 - HKLM…\Run: [zkhif] C:\WINDOWS\zkhif.exe O4 - HKLM…\Run: [WindowsUpdate] “C:\UPDATE.EXE” O4 - HKLM…\Run: [MS-patch] MSPATCH32.EXE O4 - HKLM…\Run: [ccApp] “C:\Program Files\Common Files\Symantec Shared\ccApp.exe” O4 - HKLM…\Run: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe O4 - HKLM…\Run: [AcctMgr] C:\Program Files\Norton SystemWorks\Password Manager\AcctMgr.exe /startup O4 - HKLM…\Run: [WindowsUpdatelsass] lsass.exe O4 - HKLM…\Run: [WindowsUpdatesvchost] svchost.exe O4 - HKLM…\Run: [WindowsUpdatedirect] syssvcc.exe O4 - HKLM…\Run: [180sa] c:\program files\180search assistant\180sa.exe O4 - HKLM…\Run: [WindowsUpdatecrss] crss.exe O4 - HKLM…\RunServices: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme O4 - HKLM…\RunServices: [schedulingAgent] mstask.exe O4 - HKLM…\RunServices: [RegisterDropHandler] C:\Program Files\ScannerU\TBRIDGE\BIN\RegisterDropHandler.exe O4 - HKLM…\RunServices: [MS-patch] MSPATCH32.EXE O4 - HKLM…\RunServices: [symTray - Norton SystemWorks] C:\Program Files\Common Files\Symantec Shared\SymTray.exe “Norton SystemWorks” O4 - HKLM…\RunServices: [scriptBlocking] “C:\Program Files\Common Files\Symantec Shared\Script Blocking\SBServ.exe” -reg O4 - HKLM…\RunServices: [ccEvtMgr] “C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe” O4 - HKLM…\RunServices: [ccSetMgr] “C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe” O4 - HKLM…\RunServices: [NPROTECT] C:\Program Files\Norton SystemWorks\Norton Utilities\Nprotect.exe O4 - HKLM…\RunServices: [CSINJECT.EXE] C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinject.exe O4 - HKCU…\Run: [Gadu-Gadu] “C:\PROGRAM FILES\CHAT\GADU-GADU\GG.EXE” /tray O4 - HKCU…\Run: [shell] “C:\WINDOWS\SYSTEM\ibm00001.exe” O4 - HKCU…\Run: [PayTime] C:\WINDOWS\SYSTEM\paytime.exe O4 - HKCU…\Run: [Windows installer] C:\winstall.exe O4 - HKCU…\Run: [aupd] C:\WINDOWS\SYSTEM\sysvcs.exe O4 - HKCU…\Run: [sNInstall] C:\WINDOWS\TOOL2.EXE O4 - HKCU…\RunServices: [aupd] C:\WINDOWS\SYSTEM\sysvcs.exe O4 - Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE O4 - Startup: DSLMON.lnk = C:\Program Files\SAGEM\SAGEM F@st 800-840\dslmon.exe O4 - Startup: Action Manager 32.lnk = C:\Program Files\ScannerU\AM32.exe O4 - Startup: CleanSweep Smart Sweep-Internet Sweep.lnk = C:\Program Files\Norton SystemWorks\Norton CleanSweep\csinsm32.exe O8 - Extra context menu item: Download using FlashGet - C:\PROGRAM FILES\FLASHGET\jc_link.htm O8 - Extra context menu item: Download All by FlashGet - C:\PROGRAM FILES\FLASHGET\jc_all.htm O8 - Extra context menu item: &Google Search - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmwordtrans.html O8 - Extra context menu item: Cached Snapshot of Page - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmcache.html O8 - Extra context menu item: Similar Pages - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmsimilar.html O8 - Extra context menu item: Backward Links - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmbacklinks.html O8 - Extra context menu item: Translate Page into English - res://C:\PROGRAM FILES\GOOGLE\GOOGLETOOLBAR2.DLL/cmtrans.html O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O9 - Extra ‘Tools’ menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE O12 - Plugin for .spop: C:\PROGRA~1\INTERN~1\Plugins\NPDocBox.dll O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/diamond.cab O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab O20 - AppInit_DLLs: apitrap.dll; O20 - Winlogon Notify: style32 - C:\WINDOWS\Q1854004.DLL (file missing) O21 - SSODL: SysTray.Exiv - {2963ECFC-4E5C-2f3b-B334-D67434FC72E0} - (no file)
Gutek
(Gutek)
6 Grudzień 2005 23:26
#2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = file:///C:/WINDOWS/secure32.html R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = C:\WINDOWS\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = C:\WINDOWS\secure32.html R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure32.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\secure32.html R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file) O2 - BHO: UCmore Toolbar - {ED8DB0FD-D8F4-4b2c-BB5B-9EF040FE104D} - C:\PROGRAM FILES\UCMORE\UCMIE.DLL O2 - BHO: BHObj Class - {00000010-6F7D-442C-93E3-4A4827C2E4C8} - C:\WINDOWS\NEM220.DLL (file missing) O2 - BHO: BHObj Class - {8F4E5661-F99E-4B3E-8D85-0EA71C0748E4} - C:\WINDOWS\WSEM303.DLL (file missing) O2 - BHO: (no name) - {7A7E6D97-B492-4884-9ABB-C31281DCC4F2} - (no file) O2 - BHO: SABHO - {21B4ACC4-8874-4AEC-AEAC-F567A249B4D4} - C:\PROGRAM FILES\180SEARCH ASSISTANT\180SAHOOK.DLL O3 - Toolbar: UCmore Toolbar - {53CBEE82-D747-11d3-9ED0-005004189684} - C:\PROGRAM FILES\UCMORE\UCMIE.DLL O4 - HKLM…\Run: [Media Access] C:\PROGRAM FILES\MEDIA ACCESS\MediaAccK.exe O4 - HKLM…\Run: [kmi59li9] C:\WINDOWS\SYSTEM\kmi59li9.exe O4 - HKLM…\Run: [internet Optimizer] “C:\Program Files\Internet Optimizer\optimize.exe” O4 - HKLM…\Run: [iakrmi] C:\PROGRAM FILES\PRXCLDJ\PUNALLU.EXE O4 - HKLM…\Run: [zkhif] C:\WINDOWS\zkhif.exe O4 - HKLM…\Run: [WindowsUpdate] “C:\UPDATE.EXE” O4 - HKLM…\Run: [MS-patch] MSPATCH32.EXE O4 - HKLM…\Run: [WindowsUpdatelsass] lsass.exe O4 - HKLM…\Run: [WindowsUpdatesvchost] svchost.exe O4 - HKLM…\Run: [WindowsUpdatedirect] syssvcc.exe O4 - HKLM…\Run: [180sa] c:\program files\180search assistant\180sa.exe O4 - HKLM…\Run: [WindowsUpdatecrss] crss.exe O4 - HKLM…\RunServices: [MS-patch] MSPATCH32.EXE O4 - HKCU…\Run: [shell] “C:\WINDOWS\SYSTEM\ibm00001.exe” O4 - HKCU…\Run: [PayTime] C:\WINDOWS\SYSTEM\paytime.exe O4 - HKCU…\Run: [Windows installer] C:\winstall.exe O4 - HKCU…\Run: [aupd] C:\WINDOWS\SYSTEM\sysvcs.exe O4 - HKCU…\Run: [sNInstall] C:\WINDOWS\TOOL2.EXE O4 - HKCU…\RunServices: [aupd] C:\WINDOWS\SYSTEM\sysvcs.exe O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm O16 - DPF: {E0CE16CB-741C-4B24-8D04-A817856E07F4} (IObjSafety.DemoCtl) - http://cabs.media-motor.net/cabs/diamond.cab O16 - DPF: {99410CDE-6F16-42ce-9D49-3807F78F0287} (ClientInstaller Class) - http://www.180searchassistant.com/180saax.cab O20 - Winlogon Notify: style32 - C:\WINDOWS\Q1854004.DLL (file missing) O21 - SSODL: SysTray.Exiv - {2963ECFC-4E5C-2f3b-B334-D67434FC72E0} - (no file)
Zastartować do trybu awaryjnego bez internetu(opis TU ).
Zaznaczyć wskazane wpisy w Hijacku i kliknąć Fix checked. Wpisy zostaną usunięte.
Skasować z dysku pliki i foldery, które podkreśliłem na czerwono
Dokończyć skanerami online - Scanery do wyboru
Pokazać nowy log
Zastosować Usuwanie tapety SpySheriff oraz TROJAN STYDLER
kuz5
(Kuz5)
7 Grudzień 2005 01:24
#4
Log masz juz ok
Reklamy dalej wyskakuja?
Poprawa systemu jest widoczna?
Jest dobrze z reklamami,ale przy uruchamianiu systemu cały czas cos mi sie wgrywa i jakies zerzy musze potwierzac ENTEREM bo inaczej nie urochomie go.Co musze zrobic?
kuz5
(Kuz5)
7 Grudzień 2005 15:07
#6
Nie rozumiem mozesz to bardziej opisać, czy to jest jakis komunikat czy moze coś innego, najlepiej daj screena
Tzn jak właczam komputer wyskakuje mi cos takiego Scan disk jak pokazuje sie gdy zle wyłączysz komputer.Ja to mam cały czas nawet jak wyłącze poprawnie
kuz5
(Kuz5)
7 Grudzień 2005 23:32
#8
Nie sobie on do konca przeleci
Poczytaj