Win32:Adware-gen POMOCY!

Main Page -> Forum Index -> Computer Service -> Computer Software -> Win32:Adware-gen POMOCY!

Author

Message

tom321
Poziom 13

Joined: 04 Apr 2005
Posts: 148

30 Oct 2005 11:29

Win32:Adware-gen POMOCY!

Avast wykrył mi takiego reklamiarza..."Win32:Adware-gen" niby pisze że go usunął ale po chwili znowu jest... otwiera strony www (których odziwo nie ma na pasku zadań :| ) wie ktoś może jak sie za niego zabrać?? Mam WinXP SP2 (jesli to w czymś pomoże ;) )
Z GÓRY DZĘKI :)
POZDRO

Google

Google Adsense

30 Oct 2005 11:29

Kolobos
Poziom 26

Joined: 13 Jun 2003
Posts: 26223
Location: Warszawa

#2 30 Oct 2005 11:50

Win32:Adware-gen POMOCY!

Wklej na forum log z hijackthis.

Google

Google Adsense

# 30 Oct 2005 11:50

tom321
Poziom 13

Joined: 04 Apr 2005
Posts: 148

30 Oct 2005 12:12

Re: Win32:Adware-gen POMOCY!

Logfile of HijackThis v1.99.1
Scan saved at 12:09:41, on 2005-10-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\helper.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\PROGRAM FILES\INTERNET EXPLORER\IEXPLORE.EXE
C:\PROGRA~1\OXYGEN\OPM2\opm_sw.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\Winamp\winamp.exe
C:\Documents and Settings\tomek\Moje dokumenty\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.upload.dvhk.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [IEAgent update check] C:\WINDOWS\system32\iewatch.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_05\bin\npjpi150_05.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{36E8ADEB-074F-4F35-A250-9E203642E3B1}: NameServer = 10.0.0.1,194.204.152.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{36E8ADEB-074F-4F35-A250-9E203642E3B1}: NameServer = 10.0.0.1,194.204.152.34
O17 - HKLM\System\CS2\Services\Tcpip\..\{36E8ADEB-074F-4F35-A250-9E203642E3B1}: NameServer = 10.0.0.1,194.204.152.34
O20 - Winlogon Notify: Reinstall - C:\WINDOWS\system32\j60slgd7160.dll
O21 - SSODL: W32Time - {81C845F1-89A9-82B1-E0F6-FC74ED8C75BE} - C:\WINDOWS\help\fde.hlp
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - C:\Program Files\Alcohol Soft\Alcohol 52\StarWind\StarWindService.exe

Google

Google Adsense

30 Oct 2005 12:12

Kolobos
Poziom 26

Joined: 13 Jun 2003
Posts: 26223
Location: Warszawa

#4 30 Oct 2005 12:20 helpful post - solution

Win32:Adware-gen POMOCY!

Zakoncz ten proces i usun plik:
C:\WINDOWS\helper.exe

W hijackthis:

O4 - HKLM\..\Run: [IEAgent update check] C:\WINDOWS\system32\iewatch.exe <- usun plik
O20 - Winlogon Notify: Reinstall - C:\WINDOWS\system32\j60slgd7160.dll <- zlapales look2me, uninstaller masz tutaj:
http://www.pchell.com/support/look2me.shtml
O21 - SSODL: W32Time - {81C845F1-89A9-82B1-E0F6-FC74ED8C75BE} - C:\WINDOWS\help\fde.hlp <- usun plik

Przeskanuj tez tym:
http://download.microsoft.com/download/8/1/5/815d2d60-49b5-44dc-ae35-fca2f2c6f0cc/MicrosoftAntiSpywareInstall.exe
oraz:
http://download.ewido.net/ewido-setup.exe <- zrob update przed skanowaniem, po przeskanowaniu odinstaluj.

tom321
Poziom 13

Joined: 04 Apr 2005
Posts: 148

30 Oct 2005 12:53

Re: Win32:Adware-gen POMOCY!

Wielkie Dzięki :)

Moderated by jankolo:

Temat zamykam

Main Page -> Forum Index -> Computer Service -> Computer Software -> Win32:Adware-gen POMOCY!

Page 1 of 1

Page generation time: 0.133 seconds

FAQ || Administrator || Moderators || Widgets and banners || Contact