Microsoft Find

Oglądasz wypowiedzi znalezione dla frazy: Microsoft Find

Temat: czy ktoś mógłby mi pomóc?
czy ktoś mógłby mi pomóc?

odkąd usunęłam MusicMatcha 9.0 (bo coś nie chciał chodzić) po starcie pojawia
mi się komunikat że nie może znaleźć jakiegoś mmvcp70.dll, nie mogę go
odinstalować przez panel sterowania (komunikat o błędzie przy ładowaniu c:...
intel32ctor.dll), próbowałam ściągnąć i wkleić do systemu mmvcp70.dll ale to
nie wystarczyło) co mam zrobić??

Logfile of HijackThis v1.97.7
Scan saved at 16:37:28, on 2004-11-30
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v5.50 (5.50.4134.0100)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSHCOUNT.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESAGNITUMOUTPOST FIREWALL 1.0OUTPOST.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSERV.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMRESTORESTMGR.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHMAISV.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
D:NARZEDZIAWINZIPWZQKPICK.EXE
D:PROGRAMYOFFICEOFFICEOSA.EXE
D:PROGRAMYOFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSIMPL.EXE
C:WINDOWSNOTEPAD.EXE
D:UŻYTKIHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = wp.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [Windows Millennium Edition Intro Video] C:WINDOWSApplic~1
Micros~1Introcontent.hta
O4 - HKLM..Run: [SelfHostUtil] C:WINDOWSselfhost.exe /L
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [PCHealth] C:WINDOWSPCHealthSupportPCHSchd.exe -s
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [Outpost Firewall] "C:Program FilesAgnitumOutpost
Firewall 1.0outpost.exe" /waitservice
O4 - HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1AVAST4ashmaisv.exe
O4 - HKLM..Run: [MMTray] C:Program FilesMusicmatchMusicmatch
Jukeboxmm_tray.exe
O4 - HKLM..RunServices: [HiberMonitor] HCount.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [*StateMgr] C:WINDOWSSystemRestoreStateMgr.exe
O4 - HKLM..RunServices: [Outpost Firewall] C:PROGRAM FILESAGNITUMOUTPOST
FIREWALL 1.0outpost.exe /service
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil SoftwareAvast4
ashServ.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: WinZip Quick Pick.lnk = D: arzedziaWinZipWZQKPICK.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk =
D:ProgramyofficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = D:ProgramyofficeOfficeFINDFAST.EXE
O4 - User Startup: WinZip Quick Pick.lnk = D: arzedziaWinZipWZQKPICK.EXE
O4 - User Startup: Uruchamianie pakietu Office.lnk =
D:ProgramyofficeOfficeOSA.EXE
O4 - User Startup: Microsoft Find Fast.lnk =
D:ProgramyofficeOfficeFINDFAST.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O9 - Extra button: Messenger (HKLM)
O9 - Extra 'Tools' menuitem: MSN Messenger Service (HKLM)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38318.3588773148
Przeczytaj wszystkie posty z tego wątku

Temat: Bardzo prosze o pomoc
Bardzo prosze o pomoc
Jak widac jest to stary komp.na win95.Jest to komp.mojej babci:)Avast wykrywa
jakiegos trojana i dzieja sie z nim dziwne rzeczy,chodzi baaardzo
wolno.Bardzo prosze o pomoc,gdyz nigdzie nie znalazlem instrukcji usuwania
trojanow pod win95.Logfile of HijackThis v1.98.2
Scan saved at 11:56:11, on 04-12-19
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v5.00 (5.00.2314.1000)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSERV.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHMAISV.EXE
C:PROGRAM FILESGRISOFTAVG7AVGEMC.EXE
C:PROGRAM FILESGRISOFTAVG7AVGAMSVR.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSPULPITHIJACKTHIS19802.EXE
C:WINDOWSSYSTEMPSTORES.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
file://C:WINDOWSTEMPsp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
www.cintek.com/default.shtml
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
file://C:WINDOWSTEMPsp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
file://C:WINDOWSTEMPsp.html
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1
SPYBOT~1SDHELPER.DLL
O2 - BHO: (no name) - {F1B55A26-50E4-11D9-9A48-0002832DC79C} -
C:WINDOWSSYSTEMLJBL.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1AVAST4ashmaisv.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GRISOFTAVG7AVGCC.EXE /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GRISOFTAVG7AVGEMC.EXE
O4 - HKLM..Run: [AVG7_AMSVR] C:PROGRA~1GRISOFTAVG7AVGAMSVR.EXE
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil SoftwareAvast4
ashServ.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O13 - WWW. Prefix:
O14 - IERESET.INF:
SEARCH_PAGE_URL=home.microsoft.com/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=www.cintek.com/default.shtml
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) -
poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLMSystemCCSServicesVxDMSTCP: Domain = lowicz.com
O17 - HKLMSystemCCSServicesVxDMSTCP: NameServer = 194.204.159.1
O18 - Filter: text/html - {140B29E0-5097-11D9-9A48-0002DC8DDF86} -
C:WINDOWSSYSTEMLJBL.DLL
O18 - Filter: text/plain - {140B29E0-5097-11D9-9A48-0002DC8DDF86} -
C:WINDOWSSYSTEMLJBL.DLL

Przeczytaj wszystkie posty z tego wątku

Temat: Bardzo prosze o pomoc
scan zrobilem nowsza,sciagnietaq wersja,choc nie wiem jaka robiana byl
poprzedni.Wklejam loga.Hmm..cos niedobrego dzieje mi sie z klawiatura.Logfile
of HijackThis v1.99.0
Scan saved at 12:03:15, on 04-12-19
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v5.00 (5.00.2314.1000)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSERV.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHMAISV.EXE
C:PROGRAM FILESGRISOFTAVG7AVGEMC.EXE
C:PROGRAM FILESGRISOFTAVG7AVGAMSVR.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page =
file://C:WINDOWSTEMPsp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
www.cintek.com/default.shtml
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
file://C:WINDOWSTEMPsp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
file://C:WINDOWSTEMPsp.html
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
file://C:WINDOWSTEMPsp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:PROGRA~1
SPYBOT~1SDHELPER.DLL
O2 - BHO: (no name) - {F1B55A26-50E4-11D9-9A48-0002832DC79C} -
C:WINDOWSSYSTEMLJBL.DLL (file missing)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1AVAST4ashmaisv.exe
O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GRISOFTAVG7AVGCC.EXE /STARTUP
O4 - HKLM..Run: [AVG7_EMC] C:PROGRA~1GRISOFTAVG7AVGEMC.EXE
O4 - HKLM..Run: [AVG7_AMSVR] C:PROGRA~1GRISOFTAVG7AVGAMSVR.EXE
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil SoftwareAvast4
ashServ.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O13 - WWW. Prefix:
O14 - IERESET.INF: SEARCH_PAGE_URL=home.microsoft.com/access/allinone.asp
O14 - IERESET.INF: START_PAGE_URL=www.cintek.com/default.shtml
O16 - DPF: {37A49D66-2735-4BB9-8503-82BA5E2333D0} (MailCfg Control) -
poczta.wp.pl/autoryzacja/mailcfg.ocx
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) -
www.pandasoftware.com/activescan/as5/asinst.cab
O17 - HKLMSystemCCSServicesVxDMSTCP: Domain = lowicz.com
O17 - HKLMSystemCCSServicesVxDMSTCP: NameServer = 194.204.159.1
O18 - Filter: text/html - {140B29E0-5097-11D9-9A48-0002DC8DDF86} -
C:WINDOWSSYSTEMLJBL.DLL
O18 - Filter: text/plain - {140B29E0-5097-11D9-9A48-0002DC8DDF86} -
C:WINDOWSSYSTEMLJBL.DLL

Przeczytaj wszystkie posty z tego wątku

Temat: XXX Free-pomocy ( wirusy)
ściągnęłam cwshreddera, zrobiłam fix, oto log
Logfile of HijackThis v1.99.0
Scan saved at 13:09:56, on 05-01-02
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESALCATELSPEEDTOUCH USBDRAGDIAG.EXE
C:PROGRAM FILESWANADOOTASKBARICON.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON ANTIVIRUSPOPROXY.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOTDD01.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOHMR08.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESWANADOOESPACEWANADOO.EXE
C:PROGRAM FILESWANADOOCOMCOMP.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOEVM08.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:PROGRAM FILESWANADOOWATCH.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOSTS08.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WINDOWSUSTAWIENIA LOKALNETEMPORARY INTERNET FILESCONTENT.IE5
WLU7GH6NHIJACKTHIS199[1].EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.interia.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.ExE
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WANADOOWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WANADOOTaskbarIcon.exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [NAV DefAlert] C:PROGRA~1NORTON~1DEFALERT.EXE
O4 - HKLM..Run: [Norton Auto-Protect] C:PROGRA~1NORTON~1
NAVAPW32.EXE /LOADQUIET
O4 - HKLM..Run: [Norton eMail Protect] C:Program FilesNorton
AntiVirusPOPROXY.EXE
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN
MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: hpoddt01.exe.lnk = C:Program FilesHewlett-PackardDigital
Imaginginhpotdd01.exe
O4 - Startup: hp psc 1000 series.lnk = C:Program FilesHewlett-PackardDigital
Imaginginhpohmr08.exe
O15 - Trusted IP range: 213.159.117.202
O15 - Trusted IP range: 213.159.117.202 (HKLM)
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
Control) - www.mt-download.com/MediaTicketsInstaller.cab?refid=2732

Przeczytaj wszystkie posty z tego wątku

Temat: XXX Free-pomocy ( wirusy)
zainstalowałam cwShredder i Spybot&..., Ad-aware zainstalowałam też, ale przy
uruchamianiu komp mi sie zawieszal , pojawiała sie jakaś info o zgodności czy
niezgodności ze Spybotem,więc to usunełam.zrobiłam fix cw shredderem, skaner on
line mnks-em i Spybotem, wirusy usunełam:) uff, ale problem w tym, że komp mi
sie normalnie nie wyłącza, zawiesza sie zawsze przy niebieskim ekranie i
napisie Zamykanie systemu Windows, przy właczaniu kompa pojawia jakaś info w
stylu Unable to instalize the wirus scanning.... Norton mi nie chodzi
chyba,Wklejam log:
Logfile of HijackThis v1.99.0
Scan saved at 23:30:21, on 05-01-03
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESALCATELSPEEDTOUCH USBDRAGDIAG.EXE
C:PROGRAM FILESWANADOOTASKBARICON.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON ANTIVIRUSPOPROXY.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOTDD01.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOHMR08.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOEVM08.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOSTS08.EXE
C:PROGRAM FILESWANADOOESPACEWANADOO.EXE
C:PROGRAM FILESWANADOOCOMCOMP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:PROGRAM FILESWANADOOWATCH.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:HIJACKTHISHIJACKTHIS199[1].EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.interia.pl/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER.DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program
FilesSpybot - Search & DestroySDHelper.dll
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.ExE
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C:Program
FilesAlcatelSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1WANADOOWatch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1WANADOOTaskbarIcon.exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [NAV DefAlert] C:PROGRA~1NORTON~1DEFALERT.EXE
O4 - HKLM..Run: [Norton Auto-Protect] C:PROGRA~1NORTON~1
NAVAPW32.EXE /LOADQUIET
O4 - HKLM..Run: [Norton eMail Protect] C:Program FilesNorton
AntiVirusPOPROXY.EXE
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN
MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - HKCU..RunServices: [MsnMsgr] "C:Program FilesMSN
MessengerMsnMsgr.Exe" /background
O4 - HKCU..RunServices: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: hpoddt01.exe.lnk = C:Program FilesHewlett-PackardDigital
Imaginginhpotdd01.exe
O4 - Startup: hp psc 1000 series.lnk = C:Program FilesHewlett-PackardDigital
Imaginginhpohmr08.exe
O15 - Trusted IP range: 213.159.117.202
O15 - Trusted IP range: 213.159.117.202 (HKLM)
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} - www.mt-
download.com/MediaTicketsInstaller.cab?refid=2732

Co robić?? Przeczytaj wszystkie posty z tego wątku

Temat: Nic nie pomaga,pomocy!
Explorera wcale sie nie da uruchomic, ale te wredne programy misb.exe, isb.exe
nadal sie instaluja przy wlaczeniu komputera. Dziekuje za wszelka pomoc:)
teraz to wyglada tak:
Logfile of HijackThis v1.99.0
Scan saved at 16:33:03, on 04-12-31
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Unable to get Internet Explorer version!

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESSYMANTEC_CLIENT_SECURITYSYMANTEC ANTIVIRUSRTVSCN95.EXE
C:PROGRAM FILESSYMANTEC_CLIENT_SECURITYSYMANTEC ANTIVIRUSDEFWATCH.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:COLOR95VI_GRM.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESSYMANTEC_CLIENT_SECURITYSYMANTEC ANTIVIRUSVPTRAY.EXE
C:WINDOWSSYSTEMLXSUPMON.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:WINDOWSSYSTEMLEXBCES.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSSYSTEMLEXPPS.EXE
C:MISB.EXE
C:WINDOWSTEMPRAR$EX00.470HIJACKTHIS.EXE
C:WINDOWSSYSTEMWINOA386.MOD
C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE

R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
www.eu.microsoft.com/poland/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
F1 - win.ini: load=C:COLOR95vi_grm.exe
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} -
C:PROGRA~1SPYBOT~1SDHELPER.DLL
O2 - BHO: Tubby - {9EAC0102-5E61-2312-BC2D-544243544243} - C:WINDOWSSYSTEMTBC.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: Search Toolbar - {9EAC0102-5E61-2312-BC2D-544243544243} -
C:WINDOWSSYSTEMTBC.DLL
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [vptray] C:PROGRA~1SYMANT~1SYMANT~1vptray.exe
O4 - HKLM..Run: [LexStart] Lexstart.exe
O4 - HKLM..Run: [LXSUPMON] C:WINDOWSSYSTEMLXSUPMON.EXE RUN
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] C:WINDOWSSYSTEMmstask.exe
O4 - HKLM..RunServices: [rtvscn95] C:PROGRA~1SYMANT~1SYMANT~1 tvscn95.exe
O4 - HKLM..RunServices: [defwatch] C:PROGRA~1SYMANT~1SYMANT~1defwatch.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN MessengerMsnMsgr.Exe" /background
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:WINDOWSSYSTEMMSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O21 - SSODL: eplrr - {5C891180-5B48-11D9-8AA5-00E07DB012F4} -
C:WINDOWSSYSTEMeplrr3.dll

Przeczytaj wszystkie posty z tego wątku

Temat: Log sprawdzcie!!!!!
Log sprawdzcie!!!!!
Logfile of HijackThis v1.97.7
Scan saved at 13:26:20, on 05-01-10
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:WINDOWSSYSTEMPDESKPDESK.EXE
C:PROGRAM FILESA4TECHMOUSEAMOUMAIN.EXE
C:PROGRAM FILESWINAMPWINAMPA.EXE
C:PROGRAM FILESULEAD SYSTEMSULEAD PHOTO EXPRESS 3.0 SECALCHECK.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.wp.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAM
FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [Matrox Powerdesk]
C:WINDOWSSYSTEMPDeskPDesk.exe /Autolaunch
O4 - HKLM..Run: [WheelMouse] C:PROGRA~1A4TECHMOUSEAMOUMAIN.EXE
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:Program
FilesUlead SystemsUlead Photo Express 3.0 SECalCheck.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .: C:PROGRA~1INTERN~1PLUGINS ppdf32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: BSK Online - ssl.bsk.com.pl/component/BSKOnl.cab
O16 - DPF: BSK import eksport - ssl.bsk.com.pl/component/BSKIE.cab
O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-94901338C922/wmv9VCM.CAB
O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) -
67.15.101.3/g_bin/pl/slots80_2_0_0_21.cab
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) -
67.15.101.3/g_bin/pl/slots90_2_0_0_20.cab
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) -
67.15.101.3/g_bin/pl/roulette_2_0_0_15.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
67.15.101.3/g_bin/pl/slots70_2_0_0_20.cab
O16 - DPF: {2CFB52FD-7CF2-479C-BF65-B27F8A834F31} (SecureSession Class) -
www.samsungtechwin.com/include/pki/SecuiTechIE.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38357.1516898148
O17 - HKLMSystemCCSServicesVxDMSTCP: NameServer =
213.76.179.201,194.204.159.1 Przeczytaj wszystkie posty z tego wątku

Temat: Do Netseca- log
Do Netseca- log
Logfile of HijackThis v1.97.7
Scan saved at 13:26:20, on 05-01-10
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:WINDOWSSYSTEMPDESKPDESK.EXE
C:PROGRAM FILESA4TECHMOUSEAMOUMAIN.EXE
C:PROGRAM FILESWINAMPWINAMPA.EXE
C:PROGRAM FILESULEAD SYSTEMSULEAD PHOTO EXPRESS 3.0 SECALCHECK.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.wp.pl/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: (no name) - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:PROGRAM
FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [Matrox Powerdesk]
C:WINDOWSSYSTEMPDeskPDesk.exe /Autolaunch
O4 - HKLM..Run: [WheelMouse] C:PROGRA~1A4TECHMOUSEAMOUMAIN.EXE
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:Program
FilesUlead SystemsUlead Photo Express 3.0 SECalCheck.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O9 - Extra button: Related (HKLM)
O9 - Extra 'Tools' menuitem: Show &Related Links (HKLM)
O12 - Plugin for .: C:PROGRA~1INTERN~1PLUGINS ppdf32.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) -
download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: BSK Online - ssl.bsk.com.pl/component/BSKOnl.cab
O16 - DPF: BSK import eksport - ssl.bsk.com.pl/component/BSKIE.cab
O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {33564D57-0000-0010-8000-00AA00389B71} -
download.microsoft.com/download/F/6/E/F6E491A6-77E1-4E20-9F5F-
94901338C922/wmv9VCM.CAB
O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8D85044} (GameDesire Slots 80th) -
67.15.101.3/g_bin/pl/slots80_2_0_0_21.cab
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8D85044} (GameDesire Slots 90th) -
67.15.101.3/g_bin/pl/slots90_2_0_0_20.cab
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8D7ED4A} (GameDesire Roulette) -
67.15.101.3/g_bin/pl/roulette_2_0_0_15.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
67.15.101.3/g_bin/pl/slots70_2_0_0_20.cab
O16 - DPF: {2CFB52FD-7CF2-479C-BF65-B27F8A834F31} (SecureSession Class) -
www.samsungtechwin.com/include/pki/SecuiTechIE.cab
O16 - DPF: {9F1C11AA-197B-4942-BA54-47A8489BB47F} (Update Class) -
v4.windowsupdate.microsoft.com/CAB/x86/ansi/iuctl.CAB?38357.1516898148
O17 - HKLMSystemCCSServicesVxDMSTCP: NameServer =
213.76.179.201,194.204.159.1

Przeczytaj wszystkie posty z tego wątku

Temat: Do Netseca- log
Teraz wykonałem skanowanie wersją 1.99. Proszę o sprawdzenie
Dzięki

Logfile of HijackThis v1.99.0
Scan saved at 09:49:37, on 05-01-14
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:WINDOWSSYSTEMPDESKPDESK.E XE
C:PROGRAM FILESA4TECHMOUSEAMOUMAIN.EXE
C:PROGRAM FILESWINAMPWINAMPA.EXE
C:PROGRAM FILESULEAD SYSTEMSULEAD PHOTO EXPRESS 3.0 SECALCHECK.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSPULPITHIJACKTHISHI JACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Start Page =
www.wp.pl/
R0 - HKCUSoftwareMicrosoftInterne t ExplorerToolbar,LinksFolderNam e = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER. OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [Matrox Powerdesk]
C:WINDOWSSYSTEMPDeskPDesk.e xe /Autolaunch
O4 - HKLM..Run: [WheelMouse] C:PROGRA~1A4TECHMOUSEAMOUMA IN.EXE
O4 - HKLM..Run: [WinampAgent] C:Program FilesWinampwinampa.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - Startup: Ulead Photo Express 3.0 SE Calendar Checker.lnk = C:Program
FilesUlead SystemsUlead Photo Express 3.0 SECalCheck.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O12 - Plugin for .: C:PROGRA~1INTERN~1PLUGINS p pdf32.dll
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: BSK Online - ssl.bsk.com.pl/component/BSKOnl.cab
O16 - DPF: BSK import eksport - ssl.bsk.com.pl/component/BSKIE.cab
O16 - DPF: ING Bank Online - ssl.bsk.com.pl/bskonl/component/INGOnl.cab
O16 - DPF: {ECEAD8AE-01D6-11D5-9A39-0080C8 D85044} (GameDesire Slots 80th) -
67.15.101.3/g_bin/pl/slots80_2_0_0_21.cab
O16 - DPF: {4539348E-01D7-11D5-9A39-0080C8 D85044} (GameDesire Slots 90th) -
67.15.101.3/g_bin/pl/slots90_2_0_0_20.cab
O16 - DPF: {18506D80-9B80-11D4-82C2-0080C8 D7ED4A} (GameDesire Roulette) -
67.15.101.3/g_bin/pl/roulette_2_0_0_15.cab
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8 D85044} (GameDesire Slots 70th) -
67.15.101.3/g_bin/pl/slots70_2_0_0_20.cab
O16 - DPF: {2CFB52FD-7CF2-479C-BF65-B27F8A 834F31} (SecureSession Class) -
www.samsungtechwin.com/include/pki/SecuiTechIE.cab
O17 - HKLMSystemCCSServicesVxDMS TCP: NameServer =
213.76.179.201,194.204.159.1

Przeczytaj wszystkie posty z tego wątku

Temat: HiJack - co wywalic?
HiJack - co wywalic?
Logfile of HijackThis v1.99.0
Scan saved at 18:47:56, on 05-01-13
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSSYSTEMHPBPRO.EXE
C:WINDOWSSYSTEMHPBOID.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMQ3DCTL.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESHEWLETT-PACKARDTOOLBOX2. 0APACHE TOMCAT 4.0
WEBAPPSTOOLBOXSTATUSCLIENTS TATUSCLIENT.EXE
C:WINDOWSLOADQM.EXE
C:PROGRAM FILESCOMMON FILESREALUPDATE_OBEVNTSVC.EX E
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:PROGRAM FILESWINAMPWINAMP.EXE
C:PROGRAMYGGHACKGGHACK.EXE
C:PROGRAMYHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Default_Page_URL =
www.tpi.pl
R0 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Start Page =
junior.szczecin.w.interia.pl/junior.htm
R1 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Start Page_bak =
junior.szczecin.w.interia.pl/junior.htm
R1 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Window Title = Neostrada
Plus wita Cie w Internecie
R0 - HKCUSoftwareMicrosoftInterne t ExplorerToolbar,LinksFolderNam e = Łącza
R3 - Default URLSearchHook is missing
O2 - BHO: Local Spool Net support DLL - {41943050-65CC-454B-81E4-
9C8A9D7CBAEA} - C:WINDOWSSYSTEMLOCALSPLNET.D LL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [Q3dctlTray] Q3DCTL.EXE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..Run: [autoclk] autoclk.exe
O4 - HKLM..Run: [StatusClient] C:Program FilesHewlett-PackardToolbox2. 0
Apache Tomcat 4.0webappsToolboxStatusClien tStatusClient.exe /auto
O4 - HKLM..Run: [TomcatStartup] C:Program FilesHewlett-PackardToolbox2. 0
hpbpsttp.exe
O4 - HKLM..Run: [LoadQM] loadqm.exe
O4 - HKLM..Run: [TkBellExe] C:Program FilesCommon
FilesRealUpdate_OBevntsvc.ex e -osboot
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..RunServices: [SchedulingAgent] C:WINDOWSSYSTEMmstask.exe
O4 - HKLM..RunServices: [HP Port Resolver] C:WINDOWSSYSTEMhpbpro.exe
O4 - HKLM..RunServices: [HP Status Server] C:WINDOWSSYSTEMhpboid.exe
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840
dslmon.exe
O8 - Extra context menu item: &ICQ Toolbar Search - res://C:PROGRAM
FILESICQTOOLBARTOOLBAR.DLL/SE ARCH.HTML
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C 608501} -
C:WINDOWSSYSTEMMSJAVA.DLL
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:WINDOWSSYSTEMMSJAVA.DLL
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {D18B7EC3-EECA-11D3-8E71-0000E8 2C6C0D} -
www.slotchbar.com/ist/softwares/remove/ist_remove.cab
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9 CC72C3} (Virtools WebPlayer Class) -
player.virtools.com/downloads/player/Install3.0/Installer.exe

Przeczytaj wszystkie posty z tego wątku

Temat: search..., log-sprawdzcie,proszę.
search..., log-sprawdzcie,proszę.
Chodzi mi glównie o ostatni wpis. coś Media ticket itd, od czasu do czasu
pojawia się u mnie na ekranie jakieś dziwne info, niewielki prostokąt search
cos tam, pomocy

Logfile of HijackThis v1.99.0

Scan saved at 23:35:02, on 05-01-14
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMSPOOL32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESNORTON ANTIVIRUSPOPROXY.EXE
C:PROGRAM FILESMSN MESSENGERMSNMSGR.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESSAGEMSAGEM F@ST 800-840DSLMON.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOTDD01.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOHMR08.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOEVM08.EXE
C:PROGRAM FILESHEWLETT-PACKARDDIGITAL IMAGINGBINHPOSTS08.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:HIJACKTHISHIJACKTHIS199[1]. EXE

R0 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Start Page =
www.interia.pl/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 6.0 CEREADERACTIVEXACROIEHELPER. DLL
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D79 42484F} - C:PROGRA~1
SPYBOT~1SDHELPER.DLL
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.ExE
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [SMSERIAL] sm56hlpr.exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [NAV DefAlert] C:PROGRA~1NORTON~1DEFALERT.E XE
O4 - HKLM..Run: [Norton Auto-Protect] C:PROGRA~1NORTON~1
NAVAPW32.EXE /LOADQUIET
O4 - HKLM..Run: [Norton eMail Protect] C:Program FilesNorton
AntiVirusPOPROXY.EXE
O4 - HKLM..Run: [autoclk] autoclk.exe
O4 - HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1AVAST4ash maisv.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil SoftwareAvast4
ashServ.exe
O4 - HKCU..Run: [MsnMsgr] "C:Program FilesMSN
MessengerMsnMsgr.Exe" /background
O4 - HKCU..Run: [Gadu-Gadu] "C:PROGRAM FILESGADU-GADUGG.EXE" /tray
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840
dslmon.exe
O4 - Startup: hpoddt01.exe.lnk = C:Program FilesHewlett-PackardDigital
Imaginginhpotdd01.exe
O4 - Startup: hp psc 1000 series.lnk = C:Program FilesHewlett-
PackardDigital Imaginginhpohmr08.exe
O15 - Trusted IP range: 213.159.117.202
O15 - Trusted IP range: 213.159.117.202 (HKLM)
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665 414BEF} - www.mt-
download.com/MediaTicketsInstal ler.cab?refid=2732

Przeczytaj wszystkie posty z tego wątku

Temat: ratunku, pomocy lub chociaż diagnozy!!!
ratunku, pomocy lub chociaż diagnozy!!!
Odkąd pamiętam ten komp zawsze chodził tak sobie, no ale ostatnio korzystanie
z IE stalo sie bardzo, bardzo trudne (co chwila IE zamyka się). A stronka
windowsupdate się najzwyczajniej w świecie nie otwiera, czy ten system ma
jeszcze jakąś szanse czy tylko format C ???

Logfile of HijackThis v1.99.0
Scan saved at 09:50:49, on 05-01-21
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v4.72 SP1 (4.72.3110.0000)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMMSTASK.EXE
C:PROGRAM FILESPLUS!VIRUSCANVSHWIN32.E XE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSERV.EXE
C:WINDOWSEXPLORER.EXE
C:MEDIA95VI_GRM.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:SBPCICTMIX32.EXE
C:PROGRAM FILESHEWLETT-PACKARDHP PRECISIONSCANPRECISIONSCANHPL AMP.EXE
C:PROGRAM FILESHEWLETT-PACKARDHP PRECISIONSCANPRECISIONSCANHPP PT.EXE
C:WINDOWSSYSTEMHPSJVXD.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESHP CD-WRITERMMENUHPCDTRAY.EXE
C:WINDOWSPOWERS.EXE
C:REALPLAYERREALPLAY.EXE
C:WINDOWSSYSTEMRPCSS.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHMAISV.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESCAEREPAGEKEEPER30SYSTEM PKJOBS.EXE
C:PROGRAM FILESCAEREPAGEKEEPER30SYSTEM PKTOPASS.EXE
C:PROGRAM FILESCAEREPAGEKEEPER30SYSTEM PKSLAPI.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:MOJE DOKUMENTYRWHIJACKTHIS1_99HIJ ACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Start Page =
www.imp.lodz.pl/
R0 - HKLMSoftwareMicrosoftInterne t ExplorerSearch,SearchAssistant =
R0 - HKLMSoftwareMicrosoftInterne t ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInterne t ExplorerToolbar,LinksFolderNam e =
F1 - win.ini: load=C:MEDIA95vi_grm.exe
F1 - win.ini: run=hpfsched
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.ExE
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [CreativeMixer] C:SBPCIctmix32.exe /T
O4 - HKLM..Run: [HP Lamp] C:Program FilesHewlett-PackardHP
PrecisionScanPrecisionScanHPL amp.exe
O4 - HKLM..Run: [hpppt] C:Program FilesHewlett-PackardHP
PrecisionScanPrecisionScanhpp pt.exe /ICON
O4 - HKLM..Run: [HPSCANMonitor] C:WINDOWSSYSTEMhpsjvxd.exe
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [VsecomrEXE] C:PROGRA~1PLUS!ViruscanVSEC OMR.EXE
O4 - HKLM..Run: [Vshwin32EXE] C:PROGRA~1PLUS!ViruscanVSHW IN32.EXE
O4 - HKLM..Run: [COMSMDEXE] comsmd.exe -off
O4 - HKLM..Run: [PowerS] "C:WINDOWSPowerS.exe"
O4 - HKLM..Run: [RealTray] C:REALPLAYERREALPLAY.EXE SYSTEMBOOTHIDEPLAYER
O4 - HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1AVAST4ash maisv.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..RunServices: [SchedulingAgent] C:WINDOWSSYSTEMmstask.exe
O4 - HKLM..RunServices: [Vshwin32EXE] C:PROGRA~1PLUS!
ViruscanVSHWIN32.EXE /NoSplash
O4 - HKLM..RunServices: [dRMON SmartAgent] drmonSmartAgtSmartAgt.exe
O4 - HKLM..RunServices: [RNBOStart] C:WINDOWSSYSTEMRNBOSENTSENT STRT.EXE
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil SoftwareAvast4
ashServ.exe
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: PageKeeper Jobs.lnk = C:Program FilesCaerePageKeeper30
systemPKJobs.exe
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon
FilesAdobeCalibrationAdobe Gamma Loader.exe
O11 - Options group: [TB] Pasek narzędzi
O12 - Plugin for .mov: C:PROGRA~1INTERN~1PLUGINS p qtplugin.dll
O12 - Plugin for .mid: C:PROGRA~1INTERN~1PLUGINS p qtplugin2.dll
O12 - Plugin for .mpeg: C:PROGRA~1INTERN~1PLUGINS p qtplugin3.dll
O16 - DPF: Win32 Classes - file://C:WINDOWSJavaclasseswin32ie4.cab
O17 - HKLMSystemCCSServicesVxDMS TCP: Domain = imp.lodz.pl
O17 - HKLMSystemCCSServicesVxDMS TCP: NameServer = 192.168.1.1 Przeczytaj wszystkie posty z tego wątku

Temat: Pomóż NETSEC - logHijack This
Pomóż NETSEC - logHijack This
WinME/AntiVirPE/ZoneAlarmPro/Ad -aware/Spy-Sweeper/Spybot-Searc h/CW-Shredder
Co wyciąć?
Logfile of HijackThis v1.99.0
Scan saved at 18:02:45, on 2005-01-22
Platform: Windows ME (Win9x 4.90.3000)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMRESTORESTMGR .EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESWINZIPWINZIP32.EXE
C:WINDOWSTEMPHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInterne t Explorer,(Default) =
fastsearchweb.com/srh.php?q=%s
R1 - HKCUSoftwareMicrosoftInterne t ExplorerSearch,Default_Search_ URL =
about:blank
R1 - HKCUSoftwareMicrosoftInterne t ExplorerMain,HomeOldSP = about:blank
R1 - HKLMSoftwareMicrosoftInterne t ExplorerMain,HomeOldSP = about:blank
R1 - HKCUSoftwareMicrosoftInterne t ExplorerMain,Window Title = Neostrada
TP
R0 - HKCUSoftwareMicrosoftInterne t ExplorerToolbar,LinksFolderNam e = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89 362C85} -
C:PROGRA~1NEOSTR~1SEARCH~1.D LL
R3 - URLSearchHook: (no name) - {D3AB6D21-50AF-1901-AA7C-CEE927 895066} -
browsebar.dll (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D 6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0READERACTIVEXACROIEHELPER .OCX
O2 - BHO: (no name) - {3D5E8F66-BD3B-41FB-92A4-E77CFA 28AE4F} -
C:WINDOWSSYSTEMSNNPAPI.DLL (file missing)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D79 42484F} - C:PROGRA~1
SPYBOT~1SDHELPER.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9 082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O3 - Toolbar: FreshBar - {06ABAA2D-34AB-4902-A326-409BD9 B9A7A5} - (no file)
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [PCHealth] C:WINDOWSPCHealthSupportPCH Schd.exe -s
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..Run: [WooCnxMon] C:PROGRA~1NEOSTR~1CnxMon.exe
O4 - HKLM..Run: [WOOWATCH] C:PROGRA~1NEOSTR~1Watch.exe
O4 - HKLM..Run: [WOOTASKBARICON] C:PROGRA~1NEOSTR~1TaskbarIco n.exe
O4 - HKLM..Run: [Zone Labs Client] "C:Program Filesone
LabsoneAlarmzlclient.exe"
O4 - HKLM..Run: [media64] clamav.exe
O4 - HKLM..Run: [abrek] qwe.exe
O4 - HKLM..Run: [systems restart] Rundll32.exe wnim.dll, DllRegisterServer
O4 - HKLM..Run: [AVSCHED32] C:PROGRAM FILESAVPERSONALAVSCHED32.EXE /min
O4 - HKLM..Run: [AVGCtrl] C:PROGRAM FILESAVPERSONALAVGCTRL.EXE /min
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrSche me
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKLM..RunServices: [*StateMgr] C:WINDOWSSystemRestoreState Mgr.exe
O4 - HKLM..RunServices: [TrueVector] C:WINDOWSSYSTEMONELABSVSMO N.EXE -
service
O4 - HKCU..Run: [1A0 Stardock MCP] C:PROGRA~1COMMON~1STARDOCKs dmcp.exe -
startup
O4 - HKCU..Run: [WareOut] C:PROGRAM FILESWAREOUTWareOut.exe
O4 - HKCU..Run: [xxtoolbar] PrcIdle.exe
O4 - HKCU..Run: [control64] slamm.exe
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Startup: DSLMON.lnk = C:Program FilesSAGEMSAGEM F@st 800-840
dslmon.exe
O12 - Plugin for .spop: C:PROGRA~1INTERN~1PluginsNP DocBox.dll
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE 20BDF7} (MainControl Class) -
skaner.mks.com.pl/SkanerOnline.cab
O18 - Filter: text/html - {1085BE9D-87D8-42E5-AEF9-2236AC 5737C6} -
C:WINDOWSSYSTEMSNNPAPI.DLL
O18 - Filter: text/plain - {1085BE9D-87D8-42E5-AEF9-2236AC 5737C6} -
C:WINDOWSSYSTEMSNNPAPI.DLL

Przeczytaj wszystkie posty z tego wątku

Temat: prosba o sprawdzenie poprawnosci
prosba o sprawdzenie poprawnosci
Logfile of HijackThis v1.99.0
Scan saved at 08:07:45, on 3/18/05
Platform: Windows 98 Gold (Win9x 4.10.1998)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESCOMMON FILESEPSONEBAPISAGENT2.EXE
C:WINDOWSSYSTEMONELABSVSMON.EXE
C:WINDOWSSYSTEMONELABSMINILOG.EXE
C:WINDOWSSYSTEMMSTASK.EXE
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESMATROX MGA POWERDESKMGACTRL.EXE
C:PROGRAM FILESMATROX MGA POWERDESKCOLORHGCCTL95.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:PROGRAM FILESNORTON ANTIVIRUSPOPROXY.EXE
C:PROGRAM FILESKONEKTORTPKONEKTORTP.EXE
C:PROGRAM FILESNORTON ANTIVIRUSNAVAPW32.EXE
C:PROGRAM FILESMATROX MGA POWERDESKQDESKMGAQDESK.EXE
C:WINDOWSRunDLL.exe
C:PROGRAM FILESONE LABSONEALARMONEALARM.EXE
C:WINDOWSMenu StartProgramyAutostartPOLKEYB.EXE
C:CORELGRAPHICS8PROGRAMSMFINDEXER.EXE
C:PROGRAM FILESCORELGRAPHICS9REGISTERREMIND32.EXE
C:PROGRAM FILESEPSONEPSON CARDMONITOREPSON CARDMONITOR1.1.EXE
C:PROGRAM FILESWINZIPWZQKPICK.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:WINDOWSSYSTEMTAPISRV.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSSYSTEMRNAAPP.EXE
C:WINDOWSPULPITCZYSCIEHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.wp.pl/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [Matrox Control Center] C:Program FilesMatrox MGA
PowerDeskmgactrl.exe
O4 - HKLM..Run: [Matrox Color Control] C:Program FilesMatrox MGA
PowerDeskColorhgcctl95.exe
O4 - HKLM..Run: [Matrox Diagnostic] C:Program FilesMatrox MGA
PowerDeskdiagmgadiag.exe -s
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [Norton eMail Protect] C:PROGRAM FILESNORTON
ANTIVIRUSPOProxy.exe
O4 - HKLM..Run: [KonektorTP] "c:program fileskonektortpkonektortp.exe"
tray
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [NAV DefAlert] C:PROGRA~1NORTON~1DEFALERT.EXE
O4 - HKLM..Run: [Norton Auto-Protect] C:PROGRA~1NORTON~1
NAVAPW32.EXE /LOADQUIET
O4 - HKLM..RunServices: [RVS Installer] C:PROGRA~1
RVSWCOMSYSTEMRVSINST.EXE
O4 - HKLM..RunServices: [SAgent2ExePath] C:Program FilesCommon
FilesEPSONEBAPISAgent2.exe
O4 - HKLM..RunServices: [TrueVector] C:WINDOWSSYSTEMONELABSVSMON.EXE -
service
O4 - HKLM..RunServices: [MiniLog] C:WINDOWSSYSTEMONELABSMINILOG.EXE -
service
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [SchedulingAgent] mstask.exe
O4 - HKCU..Run: [Matrox QuickDesk] C:Program FilesMatrox MGA
PowerDeskQDeskmgaqdesk.exe
O4 - HKCU..Run: [Taskbar Display Controls] RunDLL
deskcp16.dll,QUICKRES_RUNDLLENTRY
O4 - Startup: POLKEYB.EXE
O4 - Startup: Corel MEDIA FOLDERS INDEXER 8.LNK = C:CorelGraphics8
programsMFIndexer.exe
O4 - Startup: Rejestrowanie produktów Corela.lnk = C:Program
FilesCorelGraphics9RegisterREMIND32.EXE
O4 - Startup: EPSON CardMonitor.lnk = C:Program FilesEPSONEPSON
CardMonitorEPSON CardMonitor1.1.exe
O4 - Startup: WinZip Quick Pick.lnk = C:Program FilesWinZipWZQKPICK.EXE
O4 - Startup: Adobe Gamma Loader.exe.lnk = C:Program FilesCommon
FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:Program Filesone
LabsoneAlarmzonealarm.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O16 - DPF: Win32 Classes - file://C:WINDOWSJavaclasseswin32ie4.cab

Przeczytaj wszystkie posty z tego wątku

Temat: sprawdzcie mi loga ..bardzo prosze...thx
sprawdzcie mi loga ..bardzo prosze...thx
Logfile of HijackThis v1.98.2
Scan saved at 21:55:29, on 05-04-24
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v5.00 (5.00.2614.3500)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:PROGRAM FILESALWIL SOFTWAREAVAST4ASHSERV.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSSYSTEMRPCSS.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:SBPCICTMIX32.EXE
C:PROGRAM FILESBANKRUTBANKRUT.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESADOBEACROBAT 5.0DISTILLRACROTRAY.EXE
C:WINDOWSSYSTEMWMIEXE.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:WINDOWSSYSTEMIRMON.EXE
C:WINDOWSSYSTEMCARPSERV.EXE
C:PROGRAM FILESGADU-GADUGG.EXE
C:WINDOWSSNDVOL32.EXE
C:PROGRAM FILESMOBILE PHONE MANAGERBINDESPROXY.EXE
C:PROGRAM FILESMOBILE PHONE MANAGERBINSPHONEOBSERVER.EXE
C:PROGRAM FILESWINAMPWINAMP.EXE
C:WINDOWSEXPLORER.EXE
D:PROGRAMYANTYWIRYHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
www.google.pl/
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
www.eu.microsoft.com/poland/
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
F1 - win.ini: run=hpfsched
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:Program
FilesSpybot - Search & DestroySDHelper.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0ACROBATACTIVEXACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [SystemTray] SysTray.ExE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [mdac_runonce] C:WINDOWSSYSTEM unonce.exe
O4 - HKLM..Run: [CreativeMixer] C:SBPCIctmix32.exe /T
O4 - HKLM..Run: [Bankrut] C:PROGRAM FILESBANKRUTankrut.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [avast!] C:Program FilesAlwil
SoftwareAvast4ashServ.exe
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Acrobat Assistant.lnk = ?
O4 - Startup: PowerReg SchedulerV2.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links -
{c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:WINDOWSweb elated.htm
O12 - Plugin for .spop: C:PROGRA~1INTERN~1PluginsNPDocBox.dll
O14 - IERESET.INF: SEARCH_PAGE_URL=
O14 - IERESET.INF: START_PAGE_URL=

Przeczytaj wszystkie posty z tego wątku

Temat: czy mógłby mi ktoś sprawdzić log?
czy mógłby mi ktoś sprawdzić log?
Logfile of HijackThis v1.99.1
Scan saved at 15:05:24, on 2005-05-13
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMONELABSVSMON.EXE
C:WINDOWSSYSTEMONELABSMINILOG.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSTASKMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMSTIMON.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:PROGRAM FILESEWAN-SOFTEWAN-SYSTEM SERWERBINFBGUARD.EXE
C:PROGRAM FILESONE LABSONEALARMONEALARM.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEFINDFAST.EXE
C:PROGRAM FILESEWAN-SOFTEWAN-SYSTEM SERWERBINFBSERVER.EXE
C:PROGRAM FILESONE LABSONEALARMONEALARM.DAT
C:WINDOWSSYSTEMWMIEXE.EXE
C:PROGRAM FILESMOZILLA FIREFOXFIREFOX.EXE
C:WINDOWSPULPITHIJACKTHISHIJACKTHIS.EXE

R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0READERACTIVEXACROIEHELPER.OCX
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [ScanRegistry] C:WINDOWSscanregw.exe /autorun
O4 - HKLM..Run: [TaskMonitor] C:WINDOWS askmon.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..Run: [StillImageMonitor] C:WINDOWSSYSTEMSTIMON.EXE
O4 - HKLM..Run: [Zasobnik systemowy] SysTray.Exe
O4 - HKLM..Run: [FirebirdGuardian] C:Program FilesEWAN-SoftEWAN-System
SERWERinfbguard.exe
O4 - HKLM..RunServices: [LoadPowerProfile] Rundll32.exe
powrprof.dll,LoadCurrentPwrScheme
O4 - HKLM..RunServices: [TrueVector] C:WINDOWSSYSTEMONELABSVSMON.EXE
-service
O4 - HKLM..RunServices: [MiniLog] C:WINDOWSSYSTEMONELABSMINILOG.EXE
-service
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Global Startup: ZoneAlarm.lnk = C:Program Filesone
LabsoneAlarmzonealarm.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:Program FilesJavajre1.5.0_01in pjpi150_01.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program
FilesJavajre1.5.0_01in pjpi150_01.dll
O16 - DPF: {631FF594-EC25-4CFF-B869-402DF294E1D6} (Instalator oprogramowania
Onet.pl) - slimak.onet.pl/_m/kamerzysta/OnetInstalator012s.ocx
O16 - DPF: {5A447319-0EA2-447B-A063-A5F849B097D0} (ScanZillaLE Class) -
www.stopzilla.com/scanner/binaries/SZScanLE.cab
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class)
- www.pandasoftware.com/activescan/as5/asinst.cab
O16 - DPF: {BB21F850-63F4-4EC9-BF9D-565BD30C9AE9} (ASquaredScanForm Element) -
www.windowsecurity.com/trojanscan/axscan.cab
O16 - DPF: {74D05D43-3236-11D4-BDCD-00C04F9A3B61} (HouseCall Control) -
a840.g.akamai.net/7/840/537/2004061001/housecall.trendmicro.com/housecall/xscan53.cab
O21 - SSODL: Web Event Logger - {7CFBACFF-EE01-1231-ABDD-416592E5D639} -
C:WINDOWSSYSTEMDffkhc32.dll (file missing)

Przeczytaj wszystkie posty z tego wątku

Temat: sprawdzcie
Opis usuwania iSearch "Desktop Search" masz tutaj:
www.searchengines.pl/phpbb203/index.php?
showtopic=12510&st=0&p=109496&#entry135478

Instalujesz IE i inne latki z:
www.windowsupdate.com

Wpisy kasujesz w hijackthis, a pliki killbox'em (znajdziesz na google albo na
forum opis uzywania tez):

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
81.222.131.49/index.php
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
81.222.131.49/index.php
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
81.222.131.49/index.php
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
81.222.131.49/index.php
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
81.222.131.49/index.php
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
81.222.131.49/index.php
O2 - BHO: IE Update Class - {5B4AB8E2-6DC5-477A-B637-BF3C1A2E5993} -
C:WINDOWSisrvssysupd.dll (file missing)
O4 - HKLM..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
O4 - HKCU..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted Zone: *.searchmiracle.com
O15 - Trusted Zone: *.searchbarcash.com
O15 - Trusted Zone: *.skoobidoo.com
O15 - Trusted Zone: *.my-internet.info
O15 - Trusted Zone: *.xxxtoolbar.com
O15 - Trusted Zone: *.slotch.com
O15 - Trusted Zone: *.flingstone.com
O15 - Trusted Zone: *.mt-download.com
O15 - Trusted Zone: *.blazefind.com
O15 - Trusted Zone: *.clickspring.net
O15 - Trusted Zone: *.ysbweb.com
O15 - Trusted Zone: *.slotchbar.com
O15 - Trusted Zone: *.windupdates.com (HKLM)
O15 - Trusted Zone: *.searchbarcash.com (HKLM)
O15 - Trusted Zone: *.searchmiracle.com (HKLM)
O15 - Trusted Zone: *.skoobidoo.com (HKLM)
O15 - Trusted Zone: *.my-internet.info (HKLM)
O15 - Trusted Zone: *.xxxtoolbar.com (HKLM)
O15 - Trusted Zone: *.slotch.com (HKLM)
O15 - Trusted Zone: *.flingstone.com (HKLM)
O15 - Trusted Zone: *.mt-download.com (HKLM)
O15 - Trusted Zone: *.blazefind.com (HKLM)
O15 - Trusted Zone: *.clickspring.net (HKLM)
O15 - Trusted Zone: *.ysbweb.com (HKLM)
O15 - Trusted Zone: *.slotchbar.com (HKLM)
O15 - Trusted IP range: 81.222.131.59
O15 - Trusted IP range: 81.222.131.59 (HKLM)
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
Control) - www.mt-download.com/MediaTicketsInstaller.cab?refid=2732
O18 - Filter: text/html - {950238FB-C706-4791-8674-4D429F85897E} -
C:WINDOWSisrvsmfiltis.dll

I Fix Checked

Usun tez z autostartu to:
Microsoft Find Fast

Po wszystkim wklej nowy log z hijackthis. Przeczytaj wszystkie posty z tego wątku

Temat: Prosze o sprawdzenie loga z Hijackthis :)
Borykam się z otwierającą się po uruchomieniu IE www. Czy na podstawie loga z
Hijacka coś będzie można wysnuć?

Przedstawiam logo:

Logfile of HijackThis v1.99.1
Scan saved at 15:35:06, on 05-06-08
Platform: Windows 95 B (Win9x 4.00.1111)
MSIE: Internet Explorer v5.50 (5.50.4134.0600)

Running processes:
C:WINDOWSSYSTEMKERNEL32.DLL
C:WINDOWSSYSTEMMSGSRV32.EXE
C:WINDOWSSYSTEMMPREXE.EXE
C:WINDOWSSYSTEMmmtask.tsk
C:WINDOWSEXPLORER.EXE
C:WINDOWSSYSTEMINTERNAT.EXE
C:WINDOWSSYSTEMSYSTRAY.EXE
C:WINDOWSSYSTEMLOADWC.EXE
C:WINDOWSRUNDLL32.EXE
C:PROGRAM FILESMICROSOFT OFFICEOFFICEOSA.EXE
C:PROGRAM FILESINTERNET EXPLORERIEXPLORE.EXE
C:WINDOWSSYSTEMPSTORES.EXE
C:WINDOWSSYSTEMDDHELP.EXE
C:PROGRAM FILESWINRARWINRAR.EXE
C:WINDOWSPULPITHIJACKTHIS.EXE

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyServer = proxyjg:8080
R1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet
Settings,ProxyOverride = info; 192.168.251.1
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:PROGRAM FILESADOBEACROBAT 5.0 CEREADERACTIVEXACROIEHELPER.OCX
O2 - BHO: (no name) - {C28716E3-D757-11D9-B2E4-0001EED00DCA} -
C:WINDOWSSYSTEMEMAPHEA.DLL
O3 - Toolbar: @msdxmLC.dll,-1@1045,&Radio - {8E718888-423F-11D2-876E-
00A0C9082467} - C:WINDOWSSYSTEMMSDXM.OCX
O4 - HKLM..Run: [internat.exe] internat.exe
O4 - HKLM..Run: [SystemTray] SysTray.Exe
O4 - HKLM..Run: [BrowserWebCheck] loadwc.exe
O4 - HKLM..Run: [MSN Messenger] C:WINDOWSSYSTEMmsmsgs.exe
O4 - HKLM..Run: [sp] rundll32 C:WINDOWSTEMPSE.DLL,DllInstall
O4 - HKCU..Run: [Intel system tool] C:WINDOWSSYSTEMwinnook.exe
O4 - Startup: Microsoft Find Fast.lnk = C:Program FilesMicrosoft
OfficeOfficeFINDFAST.EXE
O4 - Startup: Uruchamianie pakietu Office.lnk = C:Program FilesMicrosoft
OfficeOfficeOSA.EXE
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O13 - WWW. Prefix:
O16 - DPF: {56336BCB-3D8A-11D6-A00B-0050DA18DE71} (RdxIE Class) -
software-dl.real.com/273b929de64e822d9005/netzip/RdxIE601.cab
O17 - HKLMSystemCCSServicesVxDMSTCP: SearchList = jg.energiapro.pl
O18 - Filter: text/html - {C28716E2-D757-11D9-B2E4-0001819CA851} -
C:WINDOWSSYSTEMEMAPHEA.DLL
O18 - Filter: text/plain - {C28716E2-D757-11D9-B2E4-0001819CA851} -
C:WINDOWSSYSTEMEMAPHEA.DLL

Dzięki za pomoc

Przemek
Przeczytaj wszystkie posty z tego wątku

Temat: Prosze o sprawdzenie loga z Hijackthis :)
Sciagnij i uzyj tego:
www.derbilk.de/SpSeHjfix109.zip
Po resecie w hijackthis zaznacz te wpisy:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/sp.html
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Bar =
res://C:WINDOWSTEMPse.dll/sp.html
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page = about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =
about:blank
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,HomeOldSP = about:blank
O2 - BHO: (no name) - {C28716E3-D757-11D9-B2E4-0001EED00DCA} -
C:WINDOWSSYSTEMEMAPHEA.DLL
O4 - HKLM..Run: [MSN Messenger] C:WINDOWSSYSTEMmsmsgs.exe
O4 - HKLM..Run: [sp] rundll32 C:WINDOWSTEMPSE.DLL,DllInstall
O4 - HKCU..Run: [Intel system tool] C:WINDOWSSYSTEMwinnook.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O13 - WWW. Prefix:
O18 - Filter: text/html - {C28716E2-D757-11D9-B2E4-0001819CA851} -
C:WINDOWSSYSTEMEMAPHEA.DLL
O18 - Filter: text/plain - {C28716E2-D757-11D9-B2E4-0001819CA851} -
C:WINDOWSSYSTEMEMAPHEA.DLL

I Fix Checked, nastepnie uruchom komputer w trybie msdos (F8 przy starcie ) i
usun te pliki:
C:WINDOWSSYSTEMEMAPHEA.DLL
C:WINDOWSSYSTEMwinnook.exe
C:WINDOWSTEMPSE.DLL
C:WINDOWSSYSTEMmsmsgs.exe

Usuwasz tak:
del C:WINDOWSSYSTEMwinnook.exe
i tak ze wszystkimi plikami, ktore podalem.

W Start->Programy->Austostart usun to:
Microsoft Find Fast
Uruchamianie pakietu Office

Nie uzywaj wiecej Internet Explorera bo jest stary, a nowszego miec nie
bedziesz wiec zmien przegladarke na Opere:
www.opera.com/download/
Lub jak masz lepszy komputer to FireFox:
www.firefox.pl/
Ale pewnie jakbys miel lepszy komputer to nie mialbys Windows 95B.

Nie masz antyvirusa ani nic, eh ten komputer nie nadaje sie do Internetu.

Zainstaluj sobie tego antyvirusa:
www.softpedia.com/get/Antivirus/AntiVir-Personal-Edition.shtml
Przeskanuj tez tym:
www.safer-networking.org/pl/mirrors/index.html
O ile masz nowy winsock zainstalowany. Przeczytaj wszystkie posty z tego wątku

Temat: prosze o sprawdzenie HijackThis
Widze, ze juz masz nowe rzeczy...
Jasniej juz nie umiem napisac.

W hijackthis to:

R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
195.95.218.172/index.php
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
195.95.218.172/index.php
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
195.95.218.172/index.php
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
195.95.218.172/index.php
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
195.95.218.172/index.php
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Local Page =
195.95.218.172/index.php
O2 - BHO: ohb - {999A06FF-10EF-4A29-8640-69E99882C26B} -
C:WINDOWSSYSTEMNSTF082.DLL
O4 - HKLM..Run: [lucleo68] C:WINDOWSSYSTEMlucleo68.exe
O4 - HKLM..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
O4 - HKLM..Run: [_Cat3] C:WINDOWSmsmsgrxp.exe
O4 - HKCU..Run: [SysTime] C:WINDOWSSYSTEMsystime.exe
O4 - HKCU..Run: [PayTime] C:WINDOWSSYSTEMpaytime.exe
O4 - HKCU..Run: [Ptea] C:Program Files nmecaid.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:WINDOWSweb elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:WINDOWSweb elated.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - (no
file)
O15 - Trusted Zone: *.windupdates.com
O15 - Trusted IP range: 195.95.218.170
O15 - Trusted IP range: 195.95.218.170 (HKLM)
O16 - DPF: {CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA} (Java Runtime Environment
1.4.1) -
O16 - DPF: {CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA} (Java Runtime Environment
1.4.0_02) -
O16 - DPF: {11111111-1111-1111-1111-111111111157} - ms-
its:mhtml:file://c: osuch.mht!
iframedollars.biz/dl/adv407/x.chm::/load.exe
O16 - DPF: {9EB320CE-BE1D-4304-A081-4B4665414BEF} (MediaTicketsInstaller
Control) - www.mt-download.com/MediaTicketsInstaller.cab?refid=2732
O16 - DPF: {11111111-1111-1111-1111-111111111123} - file://c:Recycled1.exe

Killbox'em te pliki:

C:WINDOWSSYSTEMNSTF082.DLL
C:WINDOWSSYSTEMlucleo68.exe
C:WINDOWSSYSTEMpaytime.exe
C:WINDOWSmsmsgrxp.exe
C:WINDOWSSYSTEMsystime.exe
C:WINDOWSSYSTEMpaytime.exe
C:Program Files nmecaid.exe

zaznacz Delete file on reboot wklej sciezke do pliku (sam/a nie szukaj tylko
wklejaj gotowa) i naciskaj czerwony przycisk ale na pytanie o reset odpowiadaj
nie i tak zrob z tymi plikami, ktore podalem.

Usun z Start->Programy->Autostart:

Microsoft Find Fast
Uruchamianie pakietu Office
Microsoft Office

Jak mozna czegos tutaj nie zrozumiec? Przeciez napisalem co robic i co klikac :( Przeczytaj wszystkie posty z tego wątku

Strona 3 z 4 • Zostało wyszukane 119 wypowiedzi • 1, 2, 3, 4

Microsoft Find

Odnośniki

Oglądasz wypowiedzi znalezione dla frazy: Microsoft Find