netty2 18.03.06, 23:14 Czesto "otwiera" mi sie ta strona,tylko,ze...tam nic nie ma.Ten adres nie istnieje i nie wie czemu mi to wyskakuje. Czy to jest jakies cholerstwo??? Plizzzz,pomozcie! Odpowiedz Link Zgłoś czytaj wygodnie posty
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 18.03.06, 23:27 Wklej log. Odpowiedz Link Zgłoś
netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? 18.03.06, 23:45 hmmm....jak by ci to powiedziec...ja sie na kompie znam tyle,co przecietny 5 latek na budowie bomby atomowej.:( Ale bede chetnie wspolpracowac...co mam robic. Odpowiedz Link Zgłoś
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 18.03.06, 23:54 W przyklejonym poscie masz napisane jak wkleic log, a wiec to, ze sie nie znasz na komputerze nie ma tutaj nic do rzeczy. Odpowiedz Link Zgłoś
Gość: netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.131.102-84.rev.gaoland.net 18.03.06, 23:58 Ok,I did it ...a przynajmniej mi sie tak wydaje Pc mam po angielsku,ale...wam specom to nic nie przeszkadza :) Alors,le voila : Logfile of HijackThis v1.99.1 Scan saved at 12:01:32 AM, on 3/19/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Eset\nod32krn.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\oodag.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\slserv.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Common Files\WinTools\WToolsS.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\QKeys\QKeys.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\webHancer\Programs\whSurvey.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\Eset\nod32kui.exe C:\WINNT\system32\AVWLPSTA.EXE C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe C:\Program Files\MSN Messenger\msnmsgr.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\abdel\Desktop\Hijack This\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.news.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1 \COMMON~1\WinTools\WToolsB.dll O2 - BHO: IEFriendly Class - {A5483501-070C-41DD-AF44-9BD8864B3015} - C:\Program Files\Httper\httper.dll O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E- 00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: Zipclix - {319A68DB-06D0-46DA-9F93-A810D5A70836} - C:\Program Files\Zipclix\zipclix.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QKeys] C:\Program Files\QKeys\QKeys.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" - atboottime O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program Files\webHancer\Programs\whSurvey.exe" O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04 \bin\jusched.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo! \Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006 \MemOptimizer.exe" autostart O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7- 88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PCSuiteForNokia7650 Detect.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe O4 - Global Startup: PCSuiteForNokia7650 TS.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe O8 - Extra context menu item: &Search - kl.bar.need2find.com/KL/menusearch.html?p=KL O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1 \MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5- 00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b- 00aa003c157a} - C:\WINNT\web\related.htm O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125394507046 O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - www.o2c.de/download/o2cplayer.cab O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - download.spyspotter.com/spyspotter/spsp29953.01noopt/spyspottercabinstall.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F0CD825C-FE26-4715-85E7-DC80530A944C}: NameServer = 172.19.0.254,193.49.144.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O1 Odpowiedz Link Zgłoś
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 19.03.06, 00:40 Doklej brakujaca czesc log'a, ze wzgledu na limit postow nie zmiescil sie caly. Odpowiedz Link Zgłoś
barracuda7110 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? 19.03.06, 00:42 Zakończ proces w menadzerze zadań*, skasuj plik z dysku i wywal wpis w hijackthis > C:\Program Files\webHancer\Programs\whSurvey.exe > O4 - HKLM\..\Run: [webHancer Survey Companion] "C:\Program > Files\webHancer\Programs\whSurvey.exe" > O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - > C:\WINNT\web\related.htm > O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b- > 00aa003c157a} - C:\WINNT\web\related.htm * najpierw zobacz czy nie da się tego odinstalować w dodaj/usuń programy W przyklejonym wątku masz linki do stron z alternatywnymi przeglądarkami. Ściągnij, zainstaluj i wybierz tą, która Ci się bardziej spodoba :). Internet explorer to badziew. Odpowiedz Link Zgłoś
Gość: netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.131.102-84.rev.gaoland.net 19.03.06, 10:54 Ja wam ufam spece komputerowi,ale...czy ja mam na 100 % to usuwac i czy to mi do czegos sluzylo? Dzieki za odp,pa Odpowiedz Link Zgłoś
Gość: netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.131.102-84.rev.gaoland.net 19.03.06, 10:49 O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe Odpowiedz Link Zgłoś
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 19.03.06, 12:07 Do usuniecia jeszcze: O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - (no file) O20 - Winlogon Notify: nwprovau - C:\WINNT\SYSTEM32\nwprovau.dll <- plik usun. Uslugi do kasacji: O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe <- katalog wintools usuwasz. Start->Uruchom->sc stop Autocomplete sc delete Autocomplete sc stop WinToolsSvc sc delete WinToolsSvc Jak juz to wszystko zrobisz + skan tym co w przyklejonym poscie to wklej nowy log zobaczymy co zostalo. Odpowiedz Link Zgłoś
netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? 19.03.06, 12:33 > > Start->Uruchom->sc stop Autocomplete > sc delete Autocomplete > sc stop WinToolsSvc > sc delete WinToolsSvc Tzn...? Odpowiedz Link Zgłoś
netty2 Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? 19.03.06, 12:34 Logfile of HijackThis v1.99.1 Scan saved at 12:39:51 PM, on 3/19/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Eset\nod32krn.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\oodag.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\slserv.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Common Files\WinTools\WToolsS.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\QKeys\QKeys.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\Eset\nod32kui.exe C:\WINNT\system32\AVWLPSTA.EXE C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\abdel\Desktop\Hijack This\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.news.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1 \COMMON~1\WinTools\WToolsB.dll O2 - BHO: IEFriendly Class - {A5483501-070C-41DD-AF44-9BD8864B3015} - C:\Program Files\Httper\httper.dll O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E- 00A0C9082467} - C:\WINNT\System32\msdxm.ocx O3 - Toolbar: Zipclix - {319A68DB-06D0-46DA-9F93-A810D5A70836} - C:\Program Files\Zipclix\zipclix.dll O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QKeys] C:\Program Files\QKeys\QKeys.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" - atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04 \bin\jusched.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo! \Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006 \MemOptimizer.exe" autostart O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7- 88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PCSuiteForNokia7650 Detect.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe O4 - Global Startup: PCSuiteForNokia7650 TS.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe O8 - Extra context menu item: &Search - kl.bar.need2find.com/KL/menusearch.html?p=KL O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1 \MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5- 00401C608501} - C:\Program Files\Java\jre1.5.0_04\bin\npjpi150_04.dll O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com/images/nocache/funwebproducts/ei-2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125394507046 O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - www.o2c.de/download/o2cplayer.cab O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - download.spyspotter.com/spyspotter/spsp29953.01noopt/spyspottercabinstall.cab O17 - HKLM\System\CCS\Services\Tcpip\..\{F0CD825C-FE26-4715-85E7-DC80530A944C}: NameServer = 172.19.0.254,193.49.144.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: EPSON Printer Status Odpowiedz Link Zgłoś
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 19.03.06, 13:05 tzn dokladnie to co napisalem, wpisujesz w uruchom sc stop costam, nastepnie sc delete itd. Odinstaluj: Logitech Desktop Messenger W hijackthis usun: O2 - BHO: (no name) - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - (no file) O2 - BHO: (no name) - {87766247-311C-43B4-8499-3D5FEC94A183} - C:\PROGRA~1 \COMMON~1\WinTools\WToolsB.dll O2 - BHO: IEFriendly Class - {A5483501-070C-41DD-AF44-9BD8864B3015} - C:\Program Files\Httper\httper.dll <- usun katalog httper O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll <- usun katalog webHancer O3 - Toolbar: Zipclix - {319A68DB-06D0-46DA-9F93-A810D5A70836} - C:\Program Files\Zipclix\zipclix.dll <- usun katalog Zipclix O8 - Extra context menu item: &Search - kl.bar.need2find.com/KL/menusearch.html?p=KL O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1 \MICROS~2\Office10\EXCEL.EXE/3000 O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU) O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} - ak.imgfarm.com/images/nocache/funwebproducts/ei- 2/SmileyCentralFWBInitialSetup1.0.0.8-2.cab O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {B1953AD6-C50E-11D3-B020-00A0C9251384} (O2C-Player (ELECO Software GmbH)) - www.o2c.de/download/o2cplayer.cab O16 - DPF: {FC67BB52-AAB6-4282-9D51-2DAFFE73AFD0} - download.spyspotter.com/spyspotter/spsp29953.01noopt/spyspottercabinstall.cab Jak juz pisalem wczesniej, usluga do kasacji tak jak napisalem i ta druga ktora wymienilem tez: O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) Jak juz to zrobisz to wklej nowy log. Odpowiedz Link Zgłoś
Gość: netty Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.131.102-84.rev.gaoland.net 19.03.06, 14:39 Chlopaki ja was podziwiam !!!!!!!!!! Logfile of HijackThis v1.99.1 Scan saved at 2:44:03 PM, on 3/19/2006 Platform: Windows 2000 SP4 (WinNT 5.00.2195) MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106) Running processes: C:\WINNT\System32\smss.exe C:\WINNT\system32\winlogon.exe C:\WINNT\system32\services.exe C:\WINNT\system32\lsass.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\svchost.exe C:\WINNT\system32\spoolsv.exe C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe C:\Program Files\Eset\nod32krn.exe C:\WINNT\System32\nvsvc32.exe C:\WINNT\system32\oodag.exe C:\WINNT\system32\regsvc.exe C:\WINNT\system32\MSTask.exe C:\WINNT\system32\slserv.exe C:\WINNT\System32\WBEM\WinMgmt.exe C:\Program Files\Common Files\WinTools\WToolsS.exe C:\WINNT\System32\mspmspsv.exe C:\WINNT\system32\svchost.exe C:\WINNT\System32\msdtc.exe C:\WINNT\system32\svchost.exe C:\WINNT\Explorer.EXE C:\Program Files\QKeys\QKeys.EXE C:\Program Files\QuickTime\qttask.exe C:\Program Files\Logitech\MouseWare\system\em_exec.exe C:\Program Files\Java\jre1.5.0_04\bin\jusched.exe C:\Program Files\Eset\nod32kui.exe C:\WINNT\system32\AVWLPSTA.EXE C:\Program Files\MSN Messenger\MsnMsgr.Exe C:\Program Files\TuneUp Utilities 2006\MemOptimizer.exe C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe C:\Program Files\Gadu-Gadu\gg.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe C:\PROGRA~1\Nokia\PCSUIT~1\Elogerr.exe C:\Program Files\Intuwave\Shared\mRouterRunTime\mRouterRuntime.exe C:\PROGRA~1\Nokia\PCSUIT~1\BROADC~1.EXE C:\PROGRA~1\Nokia\PCSUIT~1\SCRFS.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\abdel\Desktop\Hijack This\hijackthis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = fr.news.yahoo.com/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = fr.yahoo.com R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = fr.yahoo.com R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = ;localhost;<local> R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E- 00A0C9082467} - C:\WINNT\System32\msdxm.ocx O4 - HKLM\..\Run: [Synchronization Manager] mobsync.exe /logon O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize O4 - HKLM\..\Run: [nwiz] nwiz.exe /install O4 - HKLM\..\Run: [QKeys] C:\Program Files\QKeys\QKeys.EXE O4 - HKLM\..\Run: [NeroCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [Logitech Utility] Logi_MwX.Exe O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" - atboottime O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_04 \bin\jusched.exe O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINNT\system32\NeroCheck.exe O4 - HKLM\..\Run: [AVWLPSTA.EXE] AVWLPSTA.EXE O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background O4 - HKCU\..\Run: [Yahoo! Pager] "C:\Program Files\Yahoo! \Messenger\ypager.exe" -quiet O4 - HKCU\..\Run: [ccleaner] "C:\Program Files\CCleaner\ccleaner.exe" /AUTO O4 - HKCU\..\Run: [TuneUp MemOptimizer] "C:\Program Files\TuneUp Utilities 2006 \MemOptimizer.exe" autostart O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7- 88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\lib\NMBgMonitor.exe" O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized O4 - HKCU\..\Run: [LDM] \Program\BackWeb-8876480.exe O4 - Global Startup: Adobe Gamma Loader.exe.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: CAMEDIA Master.lnk = C:\Program Files\OLYMPUS\CAMEDIA Master 4.2\CM_camera.exe O4 - Global Startup: Logitech Desktop Messenger.lnk = C:\Program Files\Logitech\Desktop Messenger\8876480\Program\LDMConf.exe O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE O4 - Global Startup: PCSuiteForNokia7650 Detect.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\connmngmntbox.exe O4 - Global Startup: PCSuiteForNokia7650 TS.lnk = C:\Program Files\Nokia\PC Suite pour Nokia 7650\ectaskscheduler.exe O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1125394507046 O17 - HKLM\System\CCS\Services\Tcpip\..\{F0CD825C-FE26-4715-85E7-DC80530A944C}: NameServer = 172.19.0.254,193.49.144.1 O17 - HKLM\System\CS1\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O17 - HKLM\System\CS2\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O17 - HKLM\System\CCS\Services\Tcpip\Parameters: SearchList = uang,univ- angers.fr O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) O23 - Service: Logical Disk Manager Administrative Service (dmadmin) - VERITAS Software Corp. - C:\WINNT\System32\dmadmin.exe O23 - Service: EPSON Printer Status Agent2 (EPSONStatusAgent2) - SEIKO EPSON CORPORATION - C:\Program Files\Common Files\EPSON\EBAPI\SAgent2.exe O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - C:\WINNT\System32\nvsvc32.exe O23 - Service: O&O Defrag - O&O Software GmbH - C:\WINNT\system32\oodag.exe O23 - Service: SmartLinkService (SLService) - - C:\WINNT\SYSTEM32\slserv.exe O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe Odpowiedz Link Zgłoś
Gość: k Re: Co to jest- http:/e.rn11.com/a/a122-mftmppu ? IP: *.warszawa.sdi.tpnet.pl 19.03.06, 15:04 Logitech Desktop Messenger odinstaluj, watpie zebys go uzywal ale jezeli faktycznie go uzywasz to zostaw ;-) Zostaly juz tylko te uslugi: O23 - Service: AutoComplete Service (Autocomplete) - Unknown owner - C:\PROGRA~1 \SYSTEM~1\autocomp.exe (file missing) O23 - Service: WinTools for IE service (WinToolsSvc) - Unknown owner - C:\Program Files\Common Files\WinTools\WToolsS.exe Nie zobaczylem, ze masz w2k, a wiec nie masz sc wiec usun je tak: Hijackthis -> Open Misc tools -> Delete nt service i wpisz tam: Autocomplete i ok, nastepnie to samo z: Wintoolssvc Jak juz to zrobisz to usuwasz katalog C:\Program Files\Common Files\WinTools\ z dysku. Na koniec skanujesz systm tymi programami: forum.gazeta.pl/forum/72,2.html?f=430&w=38051058&a=38492825 To wszystko. Odpowiedz Link Zgłoś