FAQ | Points | Add... | Recent posts | Search | Register | Log in


Problem z wirusem prosze o pomoc
Search:  
Post new topic  Reply to topic      Main Page -> Forum Index -> Computer Service -> Computer Software -> Problem z wirusem prosze o pomoc
Author
Message
Adek8703
Poziom 12
Poziom 12


Joined: 20 Feb 2005
Posts: 83
Location: Zamość
Post#1 Post from the author of the topic 08 Jun 2005 16:23   

Re: Problem z wirusem prosze o pomoc
czy ktoś moze mi sprawdzić loga z hjack this z gory dzięki!


Logfile of HijackThis v1.99.1
Scan saved at 16:22:25, on 05-06-08
Platform: Windows 98 SE (Win9x 4.10.2222A)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:\WINDOWS\SYSTEM\KERNEL32.DLL
C:\WINDOWS\SYSTEM\MSGSRV32.EXE
C:\WINDOWS\SYSTEM\MPREXE.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHSERV.EXE
C:\WINDOWS\SYSTEM\mmtask.tsk
C:\WINDOWS\EXPLORER.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHWEBSV.EXE
C:\PROGRAM FILES\ALWIL SOFTWARE\AVAST4\ASHMAISV.EXE
C:\WINDOWS\SYSTEM\QTTASK.EXE
C:\PROGRAM FILES\ARES LITE EDITION\ARES.EXE
C:\WINDOWS\SYSTEM\DDHELP.EXE
C:\WINDOWS\SYSTEM\RPCSS.EXE
C:\PROGRAM FILES\GADU-GADU\GG.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\RUNDLL32.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\WINDOWS\PULPIT\HIJACKTHIS\HIJACKTHIS.EXE

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=33464
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRAM FILES\FLASHGET\JCCATCH.DLL
O2 - BHO: Internet Explorer Hot Fix - {015BC560-D838-11D9-8E17-00304F2AE605} - C:\WINDOWS\SYSTEM\PMFFW.DLL
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\DOLCQ.DLL
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\DOLCQ.DLL
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\SYSTEM\MSDXM.OCX
O4 - HKLM\..\Run: [avast! Web Scanner] C:\PROGRA~1\ALWILS~1\AVAST4\ASHWEBSV.EXE
O4 - HKLM\..\Run: [ashMaiSv] C:\PROGRA~1\ALWILS~1\AVAST4\ashmaisv.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\WINDOWS\SYSTEM\QTTASK.EXE" -atboottime
O4 - HKLM\..\RunServices: [avast!] C:\Program Files\Alwil Software\Avast4\ashServ.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\PROGRAM FILES\GADU-GADU\GG.EXE" /tray
O4 - HKCU\..\Run: [ares] "C:\PROGRAM FILES\ARES LITE EDITION\ARES.EXE" -h
O4 - HKCU\..\Run: [WareOut] "C:\Program Files\WareOut\WareOut.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: Ściągnij przy pomocy FlashGet'a - C:\PROGRAM FILES\FLASHGET\jc_link.htm
O8 - Extra context menu item: Ściągnij wszystko przy pomocy FlashGet'a - C:\PROGRAM FILES\FLASHGET\jc_all.htm
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRAM FILES\FLASHGET\FLASHGET.EXE
O9 - Extra button: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O9 - Extra 'Tools' menuitem: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads/player/Install2.5/Installer.exe
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://bezpieczenstwo.onet.pl/skaner/SkanerOnline.cab
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.82/users/zoom/web/axe/x.chm::/update.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O17 - HKLM\System\CCS\Services\VxD\MSTCP: NameServer = 69.50.184.84,195.225.176.37
O20 - Winlogon Notify: style2 - C:\WINDOWS\Q7754939_DISK.DLL

Dodano po 10 [minuty]:

prosze o szybką odpowieć poniewaz strasznie zalezy mi na czasie:(
Back to top
   
Google

Google Adsense
Post# Post from the author of the topic 08 Jun 2005 16:23   



Back to top
   
Kolobos
Poziom 26
Poziom 26


Joined: 13 Jun 2003
Posts: 26220
Location: Warszawa
Post#2 08 Jun 2005 16:24   

Problem z wirusem prosze o pomoc
Odinstaluj:
WareOut

Opis usuwania CWS masz tutaj:
http://www.searchengines.pl/phpbb203/index.php?showtopic=14185&st=50&#entry114898

W hijackthis usun te wpisy:

R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://letgohome.com/sp.htm?id=33464
O2 - BHO: Internet Explorer Hot Fix - {015BC560-D838-11D9-8E17-00304F2AE605} - C:\WINDOWS\SYSTEM\PMFFW.DLL
O2 - BHO: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\DOLCQ.DLL
O2 - BHO: CeresObj Class - {00000049-8F91-4D9C-9573-F016E7626484} - C:\WINDOWS\CERES.DLL
O3 - Toolbar: SearchToolbar - {08BEC6AA-49FC-4379-3587-4B21E286C19E} - C:\WINDOWS\SYSTEM\DOLCQ.DLL
O4 - HKCU\..\Run: [WareOut] "C:\Program Files\WareOut\WareOut.exe"
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9 - Extra button: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O9 - Extra 'Tools' menuitem: Start spyware remover - {BF69DF00-2734-477F-8257-27CD04F88779} - C:\Program Files\WareOut\WareOut.exe (HKCU)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} (Virtools WebPlayer Class) - http://a532.g.akamai.net/7/532/6712/6c5b0a1ae398e3/player.virtools.com/downloads /player/Install2.5/Installer.exe
O16 - DPF: {11212111-2121-1311-1141-115611111222} - ms-its:mhtml:file://d: oo.mht!http://195.95.218.82/users/zoom/web/axe/x.chm::/update.exe
O16 - DPF: {11311111-1111-1111-1111-111111111157} - file://C:\Recycled\Q678340.exe
O20 - Winlogon Notify: style2 - C:\WINDOWS\Q7754939_DISK.DLL

Pliki, ktore wymienilem kasujesz z dysku jakby z jakims byl problem to uruchom sobie tryb msdos i dopiero usuwaj.

Po wszystkim wklej nowy log z hijackthis.
Back to top
   
Google

Google Adsense
Post# 08 Jun 2005 16:24   



Back to top
   
Adek8703
Poziom 12
Poziom 12


Joined: 20 Feb 2005
Posts: 83
Location: Zamość
Post#3 Post from the author of the topic 08 Jun 2005 21:35   

Re: Problem z wirusem prosze o pomoc
sorki ze pisze ale kazałes mi usuwać ares life cośtam ,chcem powiedzieć ze to jest moj program p2p i czy jesteś tego pewien ze mam go wywalić?

Dodano po 1 [minuty]:

widze ze chyba zmieniłes zdanie i mam go nie wywalać tak?

Dodano po 4 [godziny] 57 [minuty]:

dzięki za pomoc , strzeliłem formacik :)
Back to top
   
Post new topic  Reply to topic      Main Page -> Forum Index -> Computer Service -> Computer Software -> Problem z wirusem prosze o pomoc
Page 1 of 1
Similar topics
Problem z HTML- prosze o pomoc !!!!!!! (2)
Prosze o pomoc... problem z monitorem.. (23)
Problem z Hdd Prosze o POMOC!(!!!) (3)
problem z pingami-prosze o pomoc (6)
Prosze o pomoc problem z wi fi. (2)
Duży problem z wirusem, prośba o sprawdzenie loga i pomoc. (5)
problem z wirusem-prosze o szybka pomoc (6)
ciekawy problem, prosze o pomoc (4)
PROBLEM Z WLAN, prosze o pomoc (13)
Problem z ROUTEREM!!! PROSZE O POMOC!!! (19)

Page generation time: 0.731 seconds


FAQ || Administrator || Moderators || Widgets and banners || Contact
elektroda.pl topic RSS feed