komputer strasznie wolno pracuje i zawiesza sie
Logfile of HijackThis v1.99.1 Scan saved at 13:47:17, on 2006-02-26 Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600) MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180) Running processes: D:\WINDOWS\System32\smss.exe D:\WINDOWS\system32\winlogon.exe D:\WINDOWS\system32\services.exe D:\WINDOWS\system32\lsass.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\System32\svchost.exe D:\Program Files\Intel\Wireless\Bin\EvtEng.exe D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe D:\Program Files\Intel\Wireless\Bin\ZcfgSvc.exe D:\WINDOWS\Explorer.EXE D:\WINDOWS\system32\spoolsv.exe D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe D:\WINDOWS\ATKKBService.exe D:\Program Files\Alwil Software\Avast4\ashServ.exe D:\Program Files\Intel\Wireless\Bin\OProtSvc.exe D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe D:\WINDOWS\system32\svchost.exe D:\WINDOWS\ATK0100\HControl.exe D:\WINDOWS\system32\igfxtray.exe D:\WINDOWS\system32\hkcmd.exe D:\WINDOWS\SOUNDMAN.EXE D:\Program Files\Synaptics\SynTP\SynTPLpr.exe D:\Program Files\Synaptics\SynTP\SynTPEnh.exe D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe D:\Program Files\Intel\Wireless\Bin\EOUWiz.exe D:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe D:\PROGRA~1\NEOSTR~1\CnxMon.exe D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe D:\WINDOWS\system32\rundll32.exe D:\WINDOWS\system32\ctfmon.exe D:\Program Files\Messenger\msmsgs.exe D:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe D:\PROGRA~1\Intel\Wireless\Bin\1XConfig.exe D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe D:\Program Files\Alwil Software\Avast4\ashWebSv.exe D:\WINDOWS\ATK0100\ATKOSD.exe D:\Program Files\Neostrada TP\NeostradaTP.exe D:\Program Files\Neostrada TP\ComComp.exe D:\Program Files\Neostrada TP\Watch.exe D:\WINDOWS\system32\wuauclt.exe D:\Program Files\Gadu-Gadu\gg.exe D:\PROGRA~1\MOZILL~1\FIREFOX.EXE D:\Program Files\WinRAR\WinRAR.exe D:\DOCUME~1\user\USTAWI~1\Temp\Rar$EX01.344\HijackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant … gn=efc0605 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.neostrada.pl R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=%s R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Neostrada TP R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza R3 - Default URLSearchHook is missing O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - D:\Program Files\NewDotNet\newdotnet7_22.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - d:\program files\google\googletoolbar1.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - d:\program files\google\googletoolbar1.dll O4 - HKLM…\Run: [HControl] D:\WINDOWS\ATK0100\HControl.exe O4 - HKLM…\Run: [igfxTray] D:\WINDOWS\system32\igfxtray.exe O4 - HKLM…\Run: [HotKeysCmds] D:\WINDOWS\system32\hkcmd.exe O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE O4 - HKLM…\Run: [synTPLpr] D:\Program Files\Synaptics\SynTP\SynTPLpr.exe O4 - HKLM…\Run: [synTPEnh] D:\Program Files\Synaptics\SynTP\SynTPEnh.exe O4 - HKLM…\Run: [intelWireless] D:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe /tf Intel PROSet/Wireless O4 - HKLM…\Run: [EOUApp] D:\Program Files\Intel\Wireless\Bin\EOUWiz.exe O4 - HKLM…\Run: [NeroFilterCheck] D:\WINDOWS\system32\NeroCheck.exe O4 - HKLM…\Run: [PowerDirector] D:\WINDOWS\Temp\TPDIR\setup.exe O4 - HKLM…\Run: [RemoteControl] “D:\Program Files\ASUSTeK\ASUSDVD\PDVDServ.exe” O4 - HKLM…\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe O4 - HKLM…\Run: [speedTouch USB Diagnostics] “D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon O4 - HKLM…\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe O4 - HKLM…\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe O4 - HKLM…\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe O4 - HKLM…\Run: [sunJavaUpdateSched] D:\Program Files\Java\jre1.5.0_06\bin\jusched.exe O4 - HKLM…\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s O4 - HKCU…\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background O4 - HKCU…\Run: [Gadwin PrintScreen 3.1] D:\Program Files\Gadwin Systems\PrintScreen\PrintScreen.exe /nosplash O4 - Startup: OpenOffice.org 1.1.4.lnk = C:\Program Files\OpenOffice.org1.1.4\program\quickstart.exe O8 - Extra context menu item: &Google Search - res://d:\program files\google\GoogleToolbar1.dll/cmsearch.html O8 - Extra context menu item: &Translate English Word - res://d:\program files\google\GoogleToolbar1.dll/cmwordtrans.html O8 - Extra context menu item: Backward Links - res://d:\program files\google\GoogleToolbar1.dll/cmbacklinks.html O8 - Extra context menu item: Cached Snapshot of Page - res://d:\program files\google\GoogleToolbar1.dll/cmcache.html O8 - Extra context menu item: Similar Pages - res://d:\program files\google\GoogleToolbar1.dll/cmsimilar.html O8 - Extra context menu item: Translate Page into English - res://d:\program files\google\GoogleToolbar1.dll/cmtrans.html O9 - Extra button: Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra ‘Tools’ menuitem: Windows Messenger - -{FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:\Program Files\Java\jre1.5.0_06\bin\ssv.dll O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O10 - Hijacked Internet access by New.Net O17 - HKLM\System\CCS\Services\Tcpip…{46E357C1-48CB-4C28-8CE0-2548C40E043E}: NameServer = 194.204.152.34 217.98.63.164 O20 - Winlogon Notify: igfxcui - D:\WINDOWS\SYSTEM32\igfxsrvc.dll O20 - Winlogon Notify: IntelWireless - D:\Program Files\Intel\Wireless\Bin\LgNotify.dll O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe O23 - Service: ATK Keyboard Service (ATKKeyboardService) - ASUSTeK COMPUTER INC. - D:\WINDOWS\ATKKBService.exe O23 - Service: avast! Antivirus - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashServ.exe O23 - Service: avast! Mail Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing) O23 - Service: avast! Web Scanner - Unknown owner - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing) O23 - Service: EvtEng - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\EvtEng.exe O23 - Service: OwnershipProtocol - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\OProtSvc.exe O23 - Service: RegSrvc - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\RegSrvc.exe O23 - Service: Spectrum24 Event Monitor (S24EventMonitor) - Intel Corporation - D:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
====================================
Uwaga: Jak wklejasz loga to obejmuj go znacznikiem (tagiem) CODE lub QUOTE
Proponuje poczytać TEN temat i zobacz jaka jest prośba do userów wklejających loga.
Pozdrawiam kuz5
Gutek
(Gutek)
26 Luty 2006 13:40
#2
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.accoona.com/search_assistant … gn=efc0605 R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,(Default) = http://www.accoona.com/search?q=% R3 - Default URLSearchHook is missing O2 - BHO: URLLink - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - D:\Program Files\NewDotNet\newdotnet7_22.dll O4 - HKLM…\Run: [New.net Startup] rundll32 D:\PROGRA~1\NEWDOT~1\NEWDOT~1.DLL,ClientStartup -s
usun w trybie awaryjnym wpisy hijackiem folder ręcznie
Odpal LSP-Fix zaznacz “I know what I’m doing” następnie w okienku Keep zaznacz plik newdotnet7_22.dll i za pomocą strzałki (>>) przenieś go do okienka Remover i kliknij Finish