Stronki typu ...yyy102 i log


(Wampir4) #1

:cry: czesc. co mam zrobic? wyskakuja mi caly czas jakies dziwne reklamki i strony typu tego: http://www.blow-outsales.com/normal/yyy102.html sa troche wkurzajace jak moge je usunac? i co to jest ashwebsv? czy to nie jest jakis virek? jak tak to jak go zniszczyc nie wiem czego szukac a internet mi ostatnio chodzi jak krew z nosa.

to jest log moge prosic o sprawdzenie?

Logfile of HijackThis v1.99.1

Scan saved at 05:32:51, on 2006-02-10

Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)

MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)


Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

C:\Program Files\Alwil Software\Avast4\ashServ.exe

C:\Program Files\ProcessGuard\dcsuserprot.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

C:\Program Files\ProcessGuard\pgaccount.exe

C:\Program Files\Alwil Software\Avast4\ashWebSv.exe

C:\WINDOWS\system32\MMTrayLSI.exe

C:\WINDOWS\system32\MMTray2k.exe

C:\Program Files\NetPanel\NetPanel.exe

C:\WINDOWS\system32\MMTray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

C:\Program Files\Tlen.pl\tlen.exe

C:\Program Files\ProcessGuard\procguard.exe

C:\Program Files\Winamp\Winamp.exe

C:\WINDOWS\explorer.exe

C:\Program Files\Opera\Opera.exe

C:\Program Files\Port Explorer\PortExplorer.exe

C:\Documents and Settings\Privat\Pulpit\HijackThis.exe


R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://wzgodziezeswiatem.blog.onet.pl/

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = 

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,AutoConfigURL = 80.53.193.250,195.117.19.133

O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE

O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe

O4 - HKLM\..\Run: [Resume copy] copyfstq.exe /startup

O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe 

O4 - HKLM\..\Run: [!1_pgaccount] "C:\Program Files\ProcessGuard\pgaccount.exe"

O4 - HKLM\..\Run: [NetPanel] "C:\Program Files\NetPanel\Starter.exe" /path="C:\Program Files\NetPanel"

O4 - HKLM\..\Run: [MMTrayLSI] MMTrayLSI.exe

O4 - HKLM\..\Run: [MMTray2K] MMTray2k.exe

O4 - HKLM\..\Run: [MMTray] MMTray.exe

O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe

O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe

O4 - HKLM\..\Run: [Detect] C:\Program Files\iNTERNET Turbo\iDetect.exe /auto

O4 - HKCU\..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray

O4 - HKCU\..\Run: [!1_ProcessGuard_Startup] "C:\Program Files\ProcessGuard\procguard.exe" -minimize

O4 - Global Startup: WinZip Quick Pick.lnk.disabled

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll

O17 - HKLM\System\CCS\Services\Tcpip\..\{386B00CE-19E5-49C9-9439-B99301B0D127}: NameServer = 80.53.193.250,195.117.19.133

O17 - HKLM\System\CS1\Services\Tcpip\..\{386B00CE-19E5-49C9-9439-B99301B0D127}: NameServer = 80.53.193.250,195.117.19.133

O17 - HKLM\System\CS2\Services\Tcpip\..\{386B00CE-19E5-49C9-9439-B99301B0D127}: NameServer = 80.53.193.250,195.117.19.133

O20 - Winlogon Notify: Nls - C:\WINDOWS\system32\p68q0gl5e6q.dll

O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe

O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe

O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)

O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)

O23 - Service: DiamondCS Process Guard Service v3.000 (DCSPGSRV) - DiamondCS - C:\Program Files\ProcessGuard\dcsuserprot.exe

O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe

z gory dzieki

Złączono Posta : 10.02.2006 (Pią) 6:03

co do tych stronek to wyswietlaja mi sie chyba wszystkie mozliwe ktore mozna bylo zlapac w sieci jakies http://www.a-d-w-a-r-e ..... i td mam jakies rozne programiki ktorymi niby mozna to usunac ale nic z tego a jeszcze jakies typu aktivX wszystko naraz jestem bezsilny. dzieki za pomoc z gory


(Gutek) #2

w dodaj\uusn odinstaluj i po tym hijakciem skasuj wpis

Niestety VX2! !!

zobacz Usuwanie VX2.BetterInternet i daj log nr 1 z narzędzia L2Mfix