Crash1
(Crash!)
24 Marzec 2007 01:24
#1
Witajcie!
jako,że często używam karty kredytowej przez internet, a komputer chodzi coraz wolniej, zaczynam się bać o bezpieczeństwo.
Chodzi mi ogólnie o przyspieszenie systemu oraz pozbycie się wyszukiwarek…
z góry dziękuję
Logfile of HijackThis v1.99.1 Scan saved at 01:19:25, on 2007-03-24 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\Ati2evxx.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\Program Files\Sygate\SPF\smc.exe C:\WINDOWS\system32\spoolsv.exe C:\Program Files\AOL\Active Virus Shield\avp.exe C:\Program Files\Network Monitor\netmon.exe C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ltmsg.exe C:\Program Files\Synaptics\SynTP\SynTPLpr.exe C:\Program Files\Synaptics\SynTP\SynTPEnh.exe C:\Program Files\D-Link\AirPlus G\AirGCFG.exe C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe C:\Program Files\Winamp\winampa.exe C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe C:\Program Files\AOL\Active Virus Shield\avp.exe C:\Program Files\Skype\Phone\Skype.exe C:\Program Files\Compaq Wireless LAN\Client Manager\CMcom.EXE C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\PeDevice\PeDev.exe C:\DOCUME~1\DOM\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis.zip\HijackThis.exe R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.co.uk/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def … earch.html R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com/ R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {04890BE1-C271-4E91-9AE6-1810100C8F08} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll O2 - BHO: (no name) - {2DC01D54-F15F-4C75-9088-CA741896342E} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {2EBD2554-EDB1-40B2-A57D-099C8FD1A448} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: XBTP06568 - {311F9DE8-6126-4EEE-B15F-65CBB3B4F9F6} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O2 - BHO: (no name) - {3491E9A8-8D62-4D93-88F6-B763AAAD1805} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {37F5EC46-8E63-440A-A3B0-A362C83087D7} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {3925B2C8-D10D-49EE-A5BE-106B8578C837} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {3ACEEEE0-7571-7FD0-7763-7BB21A648498} - C:\WINDOWS\system32\mkhp.dll O2 - BHO: (no name) - {3D4DECDD-A861-45D0-9DF3-FD8049CFCC9C} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {443B018D-269D-46C3-815C-9B82EFF5AFFE} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll (file missing) O2 - BHO: (no name) - {4AB2AF26-02FC-47B0-8E26-C522358CBB59} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {547057CA-B2EB-475F-A8CE-ADCDD2D63A0D} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing) O2 - BHO: (no name) - {67753C15-2F19-4295-9D44-CCA675010A19} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {7D52EFC7-1559-45D5-A82F-F7F2A725463F} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {7DD4A643-2F51-4DF0-B3C1-7B7D50ECEDC3} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {8CE437A5-967E-4FC6-AA02-C3019865CA57} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {95533B43-60DD-43FF-862A-E835042B0E76} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {A07FC707-F7C6-49E2-8061-FA33C10CBF45} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar2.dll O2 - BHO: 0 - {B39B138A-B1D5-41A7-70BB-F28797BB413F} - C:\Program Files\Internet Explorer\lawuhetol.dll O2 - BHO: (no name) - {B73E0581-0F48-4EE4-978B-93E37187B6EA} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {B9F20A51-F4C7-48E8-A854-929D27391A45} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {BB214005-47B2-45D2-B139-43516088FC04} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll (file missing) O2 - BHO: (no name) - {C2213B80-2DA1-474D-B2B2-A19E3A51D486} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll (file missing) O2 - BHO: (no name) - {CD9C1EE7-5A21-4D97-BEE9-2EA5479BAB6C} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {D7BFABF2-74D7-47D5-A6F9-8C31E16C913B} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {DD0EE1F1-3731-4A01-8F08-624079B51AED} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll O2 - BHO: (no name) - {F6BEE99E-2B6D-4790-903D-B0F1481D606F} - C:\Program Files\NetMeeting\holenus.dll (file missing) O3 - Toolbar: AOL Security Toolbar - {3BB63FD4-3C00-44D7-94A9-5DE211900DEF} - C:\Program Files\AOL Security Toolbar\AOL_security_toolbar.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar2.dll O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM…\Run: [LTWinModem1] ltmsg.exe 9 O4 - HKLM…\Run: [ATIModeChange] Ati2mdxx.exe O4 - HKLM…\Run: [synTPLpr] C:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM…\Run: [synTPEnh] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM…\Run: [D-Link AirPlus G] C:\Program Files\D-Link\AirPlus G\AirGCFG.exe O4 - HKLM…\Run: [ANIWZCS2Service] C:\Program Files\ANI\ANIWZCS2 Service\WZCSLDR2.exe O4 - HKLM…\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe O4 - HKLM…\Run: [Adobe Photo Downloader] “C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe” O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k O4 - HKLM…\Run: [aol] “C:\Program Files\AOL\Active Virus Shield\avp.exe” O4 - HKCU…\Run: [skype] “C:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized O4 - HKCU…\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe O4 - Global Startup: Compaq Client Manager.lnk = ? O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O10 - Hijacked Internet access by WebHancer O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204 O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda … 4685292880 O18 - Filter: text/html - {2AB289AE-4B90-4281-B2AE-1F4BB034B647} - C:\Program Files\RXToolBar\sfcont.dll O20 - Winlogon Notify: klogon - C:\WINDOWS\system32\klogon.dll O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe O23 - Service: ANIWZCSd Service (ANIWZCSdService) - Alpha Networks Inc. - C:\Program Files\ANI\ANIWZCS2 Service\ANIWZCSdS.exe O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\system32\Ati2evxx.exe O23 - Service: Active Virus Shield (AVP) - Unknown owner - C:\Program Files\AOL\Active Virus Shield\avp.exe" -r (file missing) O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe O23 - Service: Network Monitor - Unknown owner - C:\Program Files\Network Monitor\netmon.exe O23 - Service: Sygate Personal Firewall (SmcService) - Sygate Technologies, Inc. - C:\Program Files\Sygate\SPF\smc.exe O23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:\Program Files\Analog Devices\SoundMAX\SMAgent.exe
Joan
(Joan Sunshine)
24 Marzec 2007 02:41
#2
Ściągnij i odpal LSP-Fix zaznacz “I know what I’m doing” następnie w okienku Keep zaznacz plik newdotnet7_48.dll oraz webhdll.dll / whiehlpr.dll i za pomocą strzałki (>>) przenieś go do okienka Remover i kliknij Finish i restart kompa.
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def … earch.html R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/ R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file) O2 - BHO: (no name) - {04890BE1-C271-4E91-9AE6-1810100C8F08} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {2DC01D54-F15F-4C75-9088-CA741896342E} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {2EBD2554-EDB1-40B2-A57D-099C8FD1A448} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {3491E9A8-8D62-4D93-88F6-B763AAAD1805} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {37F5EC46-8E63-440A-A3B0-A362C83087D7} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {3925B2C8-D10D-49EE-A5BE-106B8578C837} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {3ACEEEE0-7571-7FD0-7763-7BB21A648498} - C:\WINDOWS\system32\mkhp.dll O2 - BHO: (no name) - {3D4DECDD-A861-45D0-9DF3-FD8049CFCC9C} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {443B018D-269D-46C3-815C-9B82EFF5AFFE} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - C:\Program Files\NewDotNet\newdotnet7_48.dll (file missing) O2 - BHO: (no name) - {4AB2AF26-02FC-47B0-8E26-C522358CBB59} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {547057CA-B2EB-475F-A8CE-ADCDD2D63A0D} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: RXResultTracker Class - {59879FA4-4790-461c-A1CC-4EC4DE4CA483} - C:\Program Files\RXToolBar\sfcont.dll (file missing) O2 - BHO: (no name) - {67753C15-2F19-4295-9D44-CCA675010A19} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {7D52EFC7-1559-45D5-A82F-F7F2A725463F} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {7DD4A643-2F51-4DF0-B3C1-7B7D50ECEDC3} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {8CE437A5-967E-4FC6-AA02-C3019865CA57} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {95533B43-60DD-43FF-862A-E835042B0E76} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {A07FC707-F7C6-49E2-8061-FA33C10CBF45} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: 0 - {B39B138A-B1D5-41A7-70BB-F28797BB413F} - C:\Program Files\Internet Explorer\lawuhetol.dll O2 - BHO: (no name) - {B73E0581-0F48-4EE4-978B-93E37187B6EA} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {B9F20A51-F4C7-48E8-A854-929D27391A45} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {BB214005-47B2-45D2-B139-43516088FC04} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: QUICKfind BHO Object - {C08DF07A-3E49-4E25-9AB0-D3882835F153} - C:\PROGRA~1\TEXTware\QUICKF~1\PlugIns\IEHelp.dll (file missing) O2 - BHO: (no name) - {C2213B80-2DA1-474D-B2B2-A19E3A51D486} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: WhIeHelperObj Class - {c900b400-cdfe-11d3-976a-00e02913a9e0} - C:\Program Files\webHancer\programs\whiehlpr.dll (file missing) O2 - BHO: (no name) - {CD9C1EE7-5A21-4D97-BEE9-2EA5479BAB6C} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {D7BFABF2-74D7-47D5-A6F9-8C31E16C913B} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: (no name) - {DD0EE1F1-3731-4A01-8F08-624079B51AED} - C:\Program Files\NetMeeting\holenus.dll (file missing) O2 - BHO: PEDEV_IEListener Class - {E1412445-4FF8-410e-8D24-F2CF86B171A4} - C:\Program Files\PeDevice\PeDev.dll O2 - BHO: (no name) - {F6BEE99E-2B6D-4790-903D-B0F1481D606F} - C:\Program Files\NetMeeting\holenus.dll (file missing) O3 - Toolbar: (no name) - {0BF43445-2F28-4351-9252-17FE6E806AA0} - (no file) O4 - HKLM…\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 -k
Wszystko co na czerwono kasujesz z dysku w trybie awaryjnym, wpisy usuwasz w HJT. Nowe logi HJT+SilentRunners
Gutek
(Gutek)
24 Marzec 2007 11:35
#3
Zastosuj się do tego Tematu i zmień tytuł tematu na konkretny inaczej KOSZ
Pozdrawiam Gutek2222