Wyskakujące reklamy po zainstalowaniu Gameztar i wirusy

rogerk · 14 Grudzień 2009 18:10

ja też mam dokładnie taki sam problem. Pomożecie mi ? Bo ja się zupełnie na tym nie znam:

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 18:39:44, on 2009-12-15

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v8.00 (8.00.6001.18702)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\AVG\AVG9\avgchsvx.exe

C:\Program Files\AVG\AVG9\avgrsx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\a-squared Free\a2service.exe

C:\Program Files\AVG\AVG9\avgwdsvc.exe

C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe

C:\Program Files\AVG\AVG9\avgnsx.exe

C:\Program Files\CyberLink\Shared Files\RichVideo.exe

C:\Program Files\AVG\AVG9\avgemc.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\wbem\wmiapsrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\RTHDCPL.EXE

C:\WINDOWS\system32\RUNDLL32.EXE

C:\PROGRA~1\AVG\AVG9\avgtray.exe

C:\Program Files\Winamp\winampa.exe

C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe

C:\Program Files\Nero\Nero 7\InCD\InCD.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\lg_fwupdate\fwupdate.exe

C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe

C:\Documents and Settings\EWELINA\Moje dokumenty\Ewelinka\ADSTOP.exe

C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Messenger\msmsgs.exe

C:\Program Files\VDOTool\TBPanel.exe

C:\Program Files\QuestService\questservice.exe

C:\WINDOWS\system32\wuauclt.exe

C:\Program Files\AVG\AVG9\avgui.exe

C:\Program Files\AVG\AVG9\avgscanx.exe

C:\Program Files\AVG\AVG9\avgcsrvx.exe

C:\WINDOWS\system32\rundll32.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\Documents and Settings\PATRYK\Pulpit\HiJackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.theprizeday.com/today.php

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =

R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O1 - Hosts: ::1 localhost

O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll

O2 - BHO: Automated Content Enhancer - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5240\ACEIEAddOn.dll

O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll

O2 - BHO: Customized Platform Advancer - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll

O2 - BHO: Content Management Wizard - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1880\CMWIE.dll (file missing)

O2 - BHO: Textual Content Provider - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1710\TCPIE.dll (file missing)

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll

O2 - BHO: Web Search Operator - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.1880\wso.dll

O2 - BHO: IEPluginBHO - {F5CC7F02-6F4E-4462-B5B1-394A57FD3E0D} - C:\Documents and Settings\EWELINA\Dane aplikacji\Nowe Gadu-Gadu_userdata\ggbho.1.dll

O4 - HKLM…\Run: [RTHDCPL] RTHDCPL.EXE

O4 - HKLM…\Run: [Alcmtr] ALCMTR.EXE

O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM…\Run: [nwiz] nwiz.exe /install

O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM…\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe

O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”

O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe

O4 - HKLM…\Run: [securDisc] C:\Program Files\Nero\Nero 7\InCD\NBHGui.exe

O4 - HKLM…\Run: [inCD] C:\Program Files\Nero\Nero 7\InCD\InCD.exe

O4 - HKLM…\Run: [RemoteControl] “C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe”

O4 - HKLM…\Run: [LanguageShortcut] “C:\Program Files\CyberLink\PowerDVD\Language\Language.exe”

O4 - HKLM…\Run: [LGODDFU] “C:\Program Files\lg_fwupdate\fwupdate.exe” blrun

O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe”

O4 - HKLM…\Run: [Adobe ARM] “C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe”

O4 - HKLM…\Run: [internet Today Task] “C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe”

O4 - HKLM…\Run: [ADSTOP] C:\Documents and Settings\EWELINA\Moje dokumenty\Ewelinka\ADSTOP.exe

O4 - HKCU…\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [TBPanel] C:\Program Files\VDOTool\TBPanel.exe /A

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA LOKALNA’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘USŁUGA SIECIOWA’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘SYSTEM’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~1\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~1\OFFICE11\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O13 - Gopher Prefix:

O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll

O20 - Winlogon Notify: avgrsstarter - C:\WINDOWS\SYSTEM32\avgrsstx.dll

O23 - Service: a-squared Free Service (a2free) - Emsi Software GmbH - C:\Program Files\a-squared Free\a2service.exe

O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgemc.exe

O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe

O23 - Service: InCD Helper (InCDsrv) - Nero AG - C:\Program Files\Nero\Nero 7\InCD\InCDsrv.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe

O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: QuestService Service - Unknown owner - C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared Files\RichVideo.exe

–

End of file - 8462 bytes

krzysiekx · 14 Grudzień 2009 18:12

@up

Wrzuć logi z programów:

a) OTL

Ustaw Processes i Modules na All a w Custom Scans/Fixes wklej:

b) GMER

Skan trwa kilkadziesiąt minut

c) System Repair Engineer

Logi wklej na www.wklej.org

Gutek · 14 Grudzień 2009 18:51

Zmiana zasad wklejania logów na forum - viewtopic.php?f=16&t=253052

rogerk · 14 Grudzień 2009 21:41

Zrobiłam jak kazaliście, wkleiłam tam, gdzie kazaliście

Gutek · 14 Grudzień 2009 21:48

Gdzie są logi?

rogerk · 14 Grudzień 2009 22:02

http://www.wklej.org/id/235641/

Gutek · 14 Grudzień 2009 22:16

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL PRC - [2009-12-04 22:23:30 | 00,058,744 | ---- | M] () – C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe PRC - [2009-12-04 22:23:30 | 00,058,744 | ---- | M] () – C:\Program Files\QuestService\questservice.exe MOD - [2009-12-04 22:23:28 | 00,598,016 | ---- | M] () – C:\Program Files\QuestService\questservice.dll SRV - [2009-12-04 22:23:30 | 00,058,744 | ---- | M] () [Auto | Running] – C:\Documents and Settings\All Users\Dane aplikacji\QuestService\questservice129.exe – (QuestService Service) FF - prefs.js…extensions.enabledItems: {8141440E-08F0-4339-9959-5C31C6A69F23}:4.1.0.5240 FF - prefs.js…extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.2 FF - prefs.js…extensions.enabledItems: {E63605FC-D583-4C81-867F-9457BDB3EA1B}:4.1.0.1880 FF - HKLM\software\mozilla\Firefox\extensions\{E63605FC-D583-4C81-867F-9457BDB3EA1B}: C:\Program Files\Web Search Operator\4.1.0.1880\FF [2009-12-09 21:30:10 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{8141440E-08F0-4339-9959-5C31C6A69F23}: C:\Program Files\Automated Content Enhancer\4.1.0.5240\FF [2009-12-09 21:30:59 | 00,000,000 | —D | M] FF - HKLM\software\mozilla\Firefox\extensions\{E889F097-B0BE-471B-89AD-B86B6F04B506}: C:\Program Files\Customized Platform Advancer\4.1.0.1800\FF [2009-12-15 19:01:38 | 00,000,000 | —D | M] O1 - Hosts: 127.0.0.1 ad2.pl.mediainter.net O1 - Hosts: 127.0.0.1 imppl.tradedoubler.com O1 - Hosts: 127.0.0.1 imp.tradedoubler.com O1 - Hosts: 127.0.0.1 impgb.tradedoubler.com O1 - Hosts: 127.0.0.1 adserver.webhelp.pl O1 - Hosts: 127.0.0.1 adv.wp.pl O1 - Hosts: 127.0.0.1 dot.wp.pl O1 - Hosts: 127.0.0.1 adsearch.wp.pl O1 - Hosts: 127.0.0.1 intao.hit.gemius.pl O1 - Hosts: 127.0.0.1 i.interia.pl O1 - Hosts: 127.0.0.1 onet.hit.gemius.pl O1 - Hosts: 127.0.0.1 ads.boksy.interia.pl O1 - Hosts: 127.0.0.1 wp.hit.gemius.pl O1 - Hosts: 127.0.0.1 k.interia.pl O1 - Hosts: 127.0.0.1 reklama.onet.pl O1 - Hosts: 127.0.0.1 o2.hit.gemius.pl O1 - Hosts: 127.0.0.1 adserver.o2.pl O1 - Hosts: 127.0.0.1 s1.my.adocean.pl O1 - Hosts: 127.0.0.1 ads.o2.pl O1 - Hosts: 127.0.0.1 pagead.googlesyndication.com O1 - Hosts: 127.0.0.1 pagead2.googlesyndication.com O1 - Hosts: 127.0.0.1 boksy.onet.pl O1 - Hosts: 127.0.0.1 ad.yieldmanager.com O1 - Hosts: 49 more lines… O2 - BHO: (Automated Content Enhancer) - {1D74E9DD-8987-448b-B2CB-67FFF2B8A932} - C:\Program Files\Automated Content Enhancer\4.1.0.5240\ACEIEAddOn.dll () O2 - BHO: (Customized Platform Advancer) - {42C7C39F-3128-4a17-BDB7-91C46032B5B9} - C:\Program Files\Customized Platform Advancer\4.1.0.1800\CPAIEAddOn.dll File not found O2 - BHO: (Content Management Wizard) - {B72681C0-A222-4b21-A0E2-53A5A5CA3D41} - C:\Program Files\Content Management Wizard\1.1.0.1880\CMWIE.dll File not found O2 - BHO: (Textual Content Provider) - {CAC89FF9-34A9-4431-8CFE-292A47F843BC} - C:\Program Files\Textual Content Provider\1.1.0.1710\TCPIE.dll File not found O2 - BHO: (Web Search Operator) - {EB4A577D-BCAD-4b1c-8AF2-9A74B8DD3431} - C:\Program Files\Web Search Operator\4.1.0.1880\WSO.dll () O4 - HKLM…\Run: [ADSTOP] C:\Documents and Settings\EWELINA\Moje dokumenty\Ewelinka\ADSTOP.exe () O4 - HKLM…\Run: [internet Today Task] C:\Program Files\Internet Today\1.1.0.1230\InternetToday.exe () [2009-12-09 21:36:59 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Textual Content Provider [2009-12-09 21:36:59 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Customized Platform Advancer [2009-12-09 21:36:26 | 00,000,000 | —D | C] – C:\Program Files\QuestService [2009-12-09 21:36:26 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dane aplikacji\QuestService [2009-12-09 21:36:04 | 00,000,000 | —D | C] – C:\Program Files\Textual Content Provider [2009-12-09 21:34:28 | 00,000,000 | —D | C] – C:\Program Files\Content Management Wizard [2009-12-09 21:33:32 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Internet Today [2009-12-09 21:33:31 | 00,000,000 | —D | C] – C:\Program Files\Internet Today [2009-12-09 21:31:55 | 00,000,000 | —D | C] – C:\Program Files\Customized Platform Advancer [2009-12-09 21:31:01 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Automated Content Enhancer [2009-12-09 21:30:59 | 00,000,000 | —D | C] – C:\Program Files\Automated Content Enhancer [2009-12-09 21:30:11 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Web Search Operator [2009-12-09 21:30:10 | 00,000,000 | —D | C] – C:\Program Files\Web Search Operator [2009-12-09 21:28:36 | 00,000,000 | -H-D | C] – C:\Documents and Settings\All Users\Dane aplikacji{62BCF14B-CFA3-42F6-B4DB-345C3842B1B8} [2009-12-09 21:28:25 | 00,000,000 | —D | C] – C:\Documents and Settings\EWELINA\Ustawienia lokalne\Dane aplikacji\Gameztar Toolbar :Services QuestService Service :Commands [emptytemp] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

Następnie uruchom OTL ponownie, tym razem wywołaj opcję Run Scan.

Pokaż nowy log OTL.txt oraz log z czyszczenia.

rogerk · 14 Grudzień 2009 22:50

Po restarcie nie pojawiają mi się żadne nowe logi - nie widzę nigdzie zapisanego loga z czyszczenia ani OTL.txt ani nowego

– Dodane 14.12.2009 (Pn) 23:56 –

Tylko takie coś było: http://wklej.org/id/235735/

Gutek · 14 Grudzień 2009 23:12

Uruchom OTL i w oknie Custom Scans/Fixes wklej to:

:OTL DRV - File not found [Kernel | On_Demand | Stopped] – -- (WDICA) DRV - File not found [Kernel | Disabled | Stopped] – -- (ViaIde) DRV - File not found [Kernel | Disabled | Stopped] – -- (ultra) DRV - File not found [Kernel | Disabled | Stopped] – -- (TosIde) DRV - File not found [Kernel | Disabled | Stopped] – -- (symc8xx) DRV - File not found [Kernel | Disabled | Stopped] – -- (symc810) DRV - File not found [Kernel | Disabled | Stopped] – -- (sym_u3) DRV - File not found [Kernel | Disabled | Stopped] – -- (sym_hi) DRV - File not found [Kernel | Disabled | Stopped] – -- (Sparrow) DRV - File not found [Kernel | Disabled | Stopped] – -- (Simbad) DRV - File not found [Kernel | Disabled | Stopped] – -- (ql1280) DRV - File not found [Kernel | Disabled | Stopped] – -- (ql1240) DRV - File not found [Kernel | Disabled | Stopped] – -- (ql12160) DRV - File not found [Kernel | Disabled | Stopped] – -- (Ql10wnt) DRV - File not found [Kernel | Disabled | Stopped] – -- (ql1080) DRV - File not found [Kernel | Disabled | Stopped] – -- (perc2hib) DRV - File not found [Kernel | Disabled | Stopped] – -- (perc2) DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRFRAME) DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDRELI) DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDFRAME) DRV - File not found [Kernel | On_Demand | Stopped] – -- (PDCOMP) DRV - File not found [Kernel | System | Stopped] – -- (PCIDump) DRV - File not found [Kernel | Disabled | Stopped] – -- (mraid35x) DRV - File not found [Kernel | System | Stopped] – -- (lbrtfdc) DRV - File not found [Kernel | On_Demand | Stopped] – -- (IRENUM) DRV - File not found [Kernel | Disabled | Stopped] – -- (IntelIde) DRV - File not found [Kernel | Disabled | Stopped] – -- (ini910u) DRV - File not found [Kernel | Disabled | Stopped] – -- (i2omp) DRV - File not found [Kernel | System | Stopped] – -- (i2omgmt) DRV - File not found [Kernel | Disabled | Stopped] – -- (hpn) DRV - File not found [Kernel | On_Demand | Stopped] – -- (GMSIPCI) DRV - File not found [Kernel | Disabled | Stopped] – -- (dpti2o) DRV - File not found [Kernel | Disabled | Stopped] – -- (dac960nt) DRV - File not found [Kernel | Disabled | Stopped] – -- (Cpqarray) DRV - File not found [Kernel | Disabled | Stopped] – -- (CmdIde) DRV - File not found [Kernel | System | Stopped] – -- (Changer) DRV - File not found [Kernel | Disabled | Stopped] – -- (cd20xrnt) DRV - File not found [Kernel | Disabled | Stopped] – -- (Atdisk) DRV - File not found [Kernel | Disabled | Stopped] – -- (asc3550) DRV - File not found [Kernel | Disabled | Stopped] – -- (asc3350p) DRV - File not found [Kernel | Disabled | Stopped] – -- (asc) DRV - File not found [Kernel | Disabled | Stopped] – -- (amsint) DRV - File not found [Kernel | Disabled | Stopped] – -- (AliIde) DRV - File not found [Kernel | Disabled | Stopped] – -- (aic78xx) DRV - File not found [Kernel | Disabled | Stopped] – -- (aic78u2) DRV - File not found [Kernel | Disabled | Stopped] – -- (Aha154x) DRV - File not found [Kernel | Disabled | Stopped] – -- (adpu160m) DRV - File not found [Kernel | Disabled | Stopped] – -- (abp480n5) DRV - File not found [Kernel | Disabled | Stopped] – -- (Abiosdsk) O1 - Hosts: 127.0.0.1 ad.afilo.pl O1 - Hosts: 127.0.0.1 ad.arbomedia.pl O1 - Hosts: 127.0.0.1 ad.doubleclick.net O1 - Hosts: 127.0.0.1 ad.gazeta.pl O1 - Hosts: 127.0.0.1 ad.hit.gemius.pl O1 - Hosts: 127.0.0.1 ad.prv.pl O1 - Hosts: 127.0.0.1 ad.zanox.com O1 - Hosts: 127.0.0.1 adcode.adengage.com O1 - Hosts: 127.0.0.1 addserver3.allegro.pl O1 - Hosts: 127.0.0.1 adidm.idmnet.pl O1 - Hosts: 127.0.0.1 adnet.hit.gemius.pl O1 - Hosts: 127.0.0.1 ads.auctionads.com O1 - Hosts: 127.0.0.1 ads.businessclick.pl O1 - Hosts: 127.0.0.1 ads.expekt.com O1 - Hosts: 127.0.0.1 ads.joemonster.org O1 - Hosts: 127.0.0.1 ads.redtube.com O1 - Hosts: 127.0.0.1 adsearch.adkontekst.pl O1 - Hosts: 127.0.0.1 adserver.gadu-gadu.pl O1 - Hosts: 127.0.0.1 adserving.cpxinteractive.com O1 - Hosts: 127.0.0.1 adseu.novem.pl O1 - Hosts: 127.0.0.1 advicepl.adocean.pl O1 - Hosts: 127.0.0.1 allegro.hit.gemius.pl O1 - Hosts: 127.0.0.1 crv.clickad.pl O1 - Hosts: 127.0.0.1 dc.sabela.pl O1 - Hosts: 26 more lines… [2009-12-15 19:01:38 | 00,000,000 | —D | C] – C:\Documents and Settings\All Users\Dokumenty\Customized Platform Advancer :Commands [emptytemp] [Reboot]

Kliknij w Run Fix. Zatwierdź restart komputera.

W OTL kliknij na przycisk CleanUp

Wykonaj pełny skan Dr. Web CureIt

deFco247 · 15 Grudzień 2009 09:42

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (WDICA)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ViaIde)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ultra)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (TosIde)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc8xx)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (symc810)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_u3)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (sym_hi)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Sparrow)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Simbad)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1280)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1240)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql12160)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Ql10wnt)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ql1080)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2hib)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (perc2)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDRELI)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDFRAME)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (PDCOMP)

DRV - File not found [Kernel | System | Stopped] -- -- (PCIDump)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (mraid35x)

DRV - File not found [Kernel | System | Stopped] -- -- (lbrtfdc)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (IRENUM)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (IntelIde)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (ini910u)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (i2omp)

DRV - File not found [Kernel | System | Stopped] -- -- (i2omgmt)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (hpn)

DRV - File not found [Kernel | On_Demand | Stopped] -- -- (GMSIPCI)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (dpti2o)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (dac960nt)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Cpqarray)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (CmdIde)

DRV - File not found [Kernel | System | Stopped] -- -- (Changer)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (cd20xrnt)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Atdisk)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3550)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc3350p)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (asc)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (amsint)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (AliIde)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78xx)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (aic78u2)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Aha154x)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (adpu160m)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (abp480n5)

DRV - File not found [Kernel | Disabled | Stopped] -- -- (Abiosdsk)

To są sterownikowe usługi systemowe, których OTL domyślnie nie pokazuje, gdyż są na liście bezpiecznych sterowników. Przestawiając w OTL-u Drivers na All wyświetlane są wszystkie obecne w systemie sterowniki, również te z listy ingorowanych. Powyższego NIE USUWAĆ. Natomiast to:

O1 - Hosts: 127.0.0.1 ad.afilo.pl

O1 - Hosts: 127.0.0.1 ad.arbomedia.pl

O1 - Hosts: 127.0.0.1 ad.doubleclick.net

O1 - Hosts: 127.0.0.1 ad.gazeta.pl

O1 - Hosts: 127.0.0.1 ad.hit.gemius.pl

O1 - Hosts: 127.0.0.1 ad.prv.pl

O1 - Hosts: 127.0.0.1 ad.zanox.com

O1 - Hosts: 127.0.0.1 adcode.adengage.com

O1 - Hosts: 127.0.0.1 addserver3.allegro.pl

O1 - Hosts: 127.0.0.1 adidm.idmnet.pl

O1 - Hosts: 127.0.0.1 adnet.hit.gemius.pl

O1 - Hosts: 127.0.0.1 ads.auctionads.com

O1 - Hosts: 127.0.0.1 ads.businessclick.pl

O1 - Hosts: 127.0.0.1 ads.expekt.com

O1 - Hosts: 127.0.0.1 ads.joemonster.org

O1 - Hosts: 127.0.0.1 ads.redtube.com

O1 - Hosts: 127.0.0.1 adsearch.adkontekst.pl

O1 - Hosts: 127.0.0.1 adserver.gadu-gadu.pl

O1 - Hosts: 127.0.0.1 adserving.cpxinteractive.com

O1 - Hosts: 127.0.0.1 adseu.novem.pl

O1 - Hosts: 127.0.0.1 advicepl.adocean.pl

O1 - Hosts: 127.0.0.1 allegro.hit.gemius.pl

O1 - Hosts: 127.0.0.1 crv.clickad.pl

O1 - Hosts: 127.0.0.1 dc.sabela.pl

O1 - Hosts: 26 more lines...

To są zablokowane serwery reklam poprzez plik HOSTS i tego również nie usuwać, bo inaczej reklamki powrócą.

Lepiej użyć taki skrypt:

PS. Jak już chcemy wyczyścić plik hosts z niebezpiecznych przekierowań, to używa się:

Monczkin · 15 Grudzień 2009 09:50

rogerk@ , byleś poproszony z poprawienie posta z logiem zasady-wklejania-logow-forum-t253052.html Za chwilę wyciągnę konsekwencje.