Witam, Spybot-S.D wykrył na moim kompie coś takiego jak Myway.Mywebsearch i w żaden sposób nie mogę tego usunąc.Niewiem co to jest .Proszę o sprawdzenie loga.Mój log z HijackThis ,czy ktoś mógłby mi doradzić co mam zrobić to byłabym bardzo wdzięczna. Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:33:07, on 2009-03-31
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal
Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Alwil Software\Avast4\ashDisp.exe
C:\Program Files\IDT\WDM\sttray.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe
C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe
C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\BitComet\BitComet.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Windows\system32\conime.exe
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Skype\Plugin Manager\skypePM.exe
C:\Program Files\Alwil Software\Avast4\ashSimpl.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Windows\system32\SearchFilterHost.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O1 - Hosts: ::1 localhost
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Steganos Password Manager AutoFill - {1427A821-7B93-4F08-9A34-9FA03A3D93DB} - C:\Program Files\Steganos Security Suite 2007\PasswordManagerBHO.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: Java Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: DAEMON Tools Toolbar - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll
O3 - Toolbar: (no name) - {07B18EA9-A523-4961-B6BB-170DE4475CCA} - (no file)
O4 - HKLM…\Run: [Windows Defender] %ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM…\Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
O4 - HKLM…\Run: [Dell Webcam Central] “C:\Program Files\Dell Webcam\Dell Webcam Central\WebcamDell.exe” /mode2
O4 - HKLM…\Run: [WinampAgent] “C:\Program Files\Winamp\winampa.exe”
O4 - HKLM…\Run: [Adobe Reader Speed Launcher] “C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe”
O4 - HKLM…\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKLM…\Run: [sysTrayApp] %ProgramFiles%\IDT\WDM\sttray.exe
O4 - HKLM…\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM…\Run: [sSS2007 PasswordManagerFFAutoFill] “C:\Program Files\Steganos Security Suite 2007\PasswordManagerFFAutoFill.exe”
O4 - HKLM…\Run: [sSS2007 HotKeys] “C:\Program Files\Steganos Security Suite 2007\SteganosHotKeyService.exe”
O4 - HKLM…\Run: [sSS2007 File Redirection Starter] “C:\Program Files\Steganos Security Suite 2007\fredirstarter.exe”
O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre6\bin\jusched.exe”
O4 - HKLM…\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM…\Run: [Ad-Watch] C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
O4 - HKCU…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe”
O4 - HKCU…\Run: [LightScribe Control Panel] C:\Program Files\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU…\Run: [spybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [bitComet] “C:\Program Files\BitComet\BitComet.exe” /tray
O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [WMPNSCFG] C:\Program Files\Windows Media Player\WMPNSCFG.exe
O4 - HKCU…\RunOnce: [spybotDeletingB2672] command.com /c del “C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL_old”
O4 - HKCU…\RunOnce: [spybotDeletingD7882] cmd.exe /c del “C:\Program Files\MyWebSearch\bar\1.bin\MWSBAR.DLL_old”
O4 - HKCU…\RunOnce: [spybotDeletingB7042] command.com /c del “C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL”
O4 - HKCU…\RunOnce: [spybotDeletingD4993] cmd.exe /c del “C:\Program Files\MyWebSearch\bar\1.bin\F3DTACTL.DLL”
O4 - HKCU…\RunOnce: [spybotDeletingB7006] command.com /c del “C:\Program Files\MyWebSearch\bar\1.bin\M3OUTLCN.DLL”
O4 - HKCU…\RunOnce: [spybotDeletingD9154] cmd.exe /c del “C:\Program Files\MyWebSearch\bar\1.bin\F3SCRCTR.DLL”
O4 - HKCU…\RunOnce: [spybotDeletingB2257] command.com /c del “C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S”
O4 - HKCU…\RunOnce: [spybotDeletingD169] cmd.exe /c del “C:\Program Files\MyWebSearch\bar\Avatar\COMMON.F3S”
O4 - HKCU…\RunOnce: [spybotDeletingB9301] command.com /c del “C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S”
O4 - HKCU…\RunOnce: [spybotDeletingD3346] cmd.exe /c del “C:\Program Files\MyWebSearch\bar\Game\CHECKERS.F3S”
O4 - HKUS\S-1-5-19…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-19…\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User ‘USŁUGA LOKALNA’)
O4 - HKUS\S-1-5-20…\Run: [sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun (User ‘Właściciel’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [DAEMON Tools Lite] “C:\Program Files\DAEMON Tools Lite\daemon.exe” -autorun (User ‘Właściciel’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [bitComet] “C:\Program Files\BitComet\BitComet.exe” /tray (User ‘Właściciel’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [ALLUpdate] “C:\Program Files\ALLPlayer\ALLUpdate.exe” “sleep” (User ‘Właściciel’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [bgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] “C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe” (User ‘Właściciel’)
O4 - HKUS\S-1-5-21-2223368156-3494102235-1287858751-1000…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray (User ‘Właściciel’)
O4 - S-1-5-21-2223368156-3494102235-1287858751-1000 Startup: OpenOffice.ux.pl 2.4.0.lnk = C:\Program Files\OpenOffice.ux.pl 2.4.0\program\quickstart.exe (User ‘Właściciel’)
O4 - S-1-5-21-2223368156-3494102235-1287858751-1000 User Startup: OpenOffice.ux.pl 2.4.0.lnk = C:\Program Files\OpenOffice.ux.pl 2.4.0\program\quickstart.exe (User ‘Właściciel’)
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: QuickSet.lnk = C:\Program Files\Dell\QuickSet\quickset.exe
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Pobierz wszystkie VIdeo za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Pobierz wszystko za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Pobierz za pomocą BitComet - res://C:\Program Files\BitComet\BitComet.exe/AddLink.htm
O9 - Extra button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - res://C:\Program Files\BitComet\tools\BitCometBHO_1.3.1.15.dll/206 (file missing)
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra ‘Tools’ menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O13 - Gopher Prefix:
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} (YInstStarter Class) - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/s … wflash.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\aestsrv.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Steganos AntiTheft (SatSrv) - Unknown owner - C:\Windows\system32\SatSrv.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\Windows\System32\DriverStore\FileRepository\stwrt.inf_238116a1\STacSV.exe
O23 - Service: TeamViewer 4 (TeamViewer4) - TeamViewer GmbH - C:\Program Files\TeamViewer\Version4\TeamViewer_Service.exe
–
End of file - 12418 bytes