[-=Px=-]

Koguaeg lööb IE ja explorer ette igasugu erroreid ja muud pahna. Arvuti on väga aeglane ja isegi CPU usage küündib 100-ni. Arvuti on aeglane nii mängudes, IE-s jne. Olen proovinud SpySpot´i, CWS'i, Microsoft AntiSpyware ja Nod32... miski pole aidanud (safe modes kah mitte). Sooviksin abi kuidas asja parandada, äkki mõned programmid? Programmid peaksid tasuta olema.
Tänud.

[tom1245]

ad-aware't proovisid? Samuti vaata HijackThis'iga üle, mis sul browseri külge on poogitud...

[-=Px=-]

ware ei aidanud ja Logfile of HijackThis:
Logfile of HijackThis v1.99.1
Scan saved at 11:36:33, on 27.04.2005
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)

Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\Explorer.EXE
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\MessengerPlus! 3\MsgPlus.exe
D:\Program Files\Common Files\Real\Update_OB\realsched.exe
D:\WINDOWS\System32\ctfmon.exe
D:\Program Files\MSN Messenger\msnmsgr.exe
D:\Program Files\Eset\nod32krn.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\System32\wuauclt.exe
D:\WINDOWS\System32\rundll32.exe
D:\Documents and Settings\Taavi\Desktop\hijackthis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\DOCUME~1\Taavi\LOCALS~1\Temp\se.dll/spage.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = res://D:\DOCUME~1\Taavi\LOCALS~1\Temp\se.dll/spage.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,HomeOldSP = about:blank
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1D4D08C8-A0EB-40AF-908F-23080EF95F02} - (no file)
O2 - BHO: (no name) - {2519B0E9-003E-4AEB-9A82-8627A8487E89} - (no file)
O2 - BHO: (no name) - {2717A3A9-3D47-4E18-B2E6-FEBAD33E1BE1} - (no file)
O2 - BHO: (no name) - {4A2AACF3-ADF6-11D5-98A9-00E018981B9E} - (no file)
O2 - BHO: (no name) - {4B48F83E-6B01-4D9F-980A-F02048D8475A} - (no file)
O2 - BHO: (no name) - {51B7BD30-D64F-45CC-94AA-3F443FE20C9E} - (no file)
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: CPubSR Object - {5742F79A-1D91-42c4-990C-B46CF55A6478} - D:\WINDOWS\msmsgnc.dll (file missing)
O2 - BHO: (no name) - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - (no file)
O2 - BHO: (no name) - {858C2B9D-4368-4C9C-9E6D-1AC5865EC356} - D:\WINDOWS\System32\galf.dll
O2 - BHO: (no name) - {B56A7D7D-6927-48C8-A975-17DF180C71AC} - (no file)
O2 - BHO: (no name) - {D04540E2-0D3F-4C36-9599-32D820284067} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NeroCheck] D:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [kfpeblgvcvo] D:\WINDOWS\System32\ufwessdx.exe
O4 - HKLM\..\Run: [SpyFighterMonitor] "C:\Program Files\SpyFighter\SpyFighterScanner.exe" monitor
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] D:\Program Files\Eset\nod32kui.exe /WAITSERVICE
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [DAEMON Tools-1033] "C:\Program Files\D-Tools\daemon.exe" -lang 1033
O4 - HKLM\..\Run: [Security iGuard] D:\Program Files\Security iGuard\Security iGuard.exe
O4 - HKLM\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe"
O4 - HKLM\..\Run: [TkBellExe] "D:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [sp] rundll32 D:\DOCUME~1\Taavi\LOCALS~1\Temp\se.dll,DllInstall
O4 - HKCU\..\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [Spyware Vanisher] c:\spywarevanisher-free\FreeScanner.exe -FastScan
O4 - HKCU\..\Run: [Tukati:4] C:\Program Files\Tukati\Redistributor\4\TukatiRedistributor.exe -r:4 -x:2
O4 - HKCU\..\Run: [SpybotSD TeaTimer] c:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [MessengerPlus3] "D:\Program Files\MessengerPlus! 3\MsgPlus.exe" /WinStart
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office10\OSA.EXE
O8 - Extra context menu item: Download all by Free Download Manager - file://c:\Program Files\Free Download Manager\dlall.htm
O8 - Extra context menu item: Download by Free Download Manager - file://c:\Program Files\Free Download Manager\dllink.htm
O8 - Extra context menu item: Download selected by Free Download Manager - file://c:\Program Files\Free Download Manager\dlselected.htm
O8 - Extra context menu item: Download web site by Free Download Manager - file://c:\Program Files\Free Download Manager\dlpage.htm
O8 - Extra context menu item: E&kspordi Microsoft Excelisse - res://C:\PROGRA~1\MICROS~1\Office10\EXCEL.EXE/3000
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\MSMSGS.EXE (file missing)
O9 - Extra button: Microsoft AntiSpyware helper - {023575E5-C72C-4F0A-8042-92191B295674} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {023575E5-C72C-4F0A-8042-92191B295674} - (no file) (HKCU)
O9 - Extra button: Microsoft AntiSpyware helper - {5220DFF1-7F67-4DFF-AADB-66710F8E80F8} - (no file) (HKCU)
O9 - Extra 'Tools' menuitem: Microsoft AntiSpyware helper - {5220DFF1-7F67-4DFF-AADB-66710F8E80F8} - (no file) (HKCU)
O10 - Hijacked Internet access by New.Net
O16 - DPF: {205FF73B-CA67-11D5-99DD-444553540006} (CInstall Class) - http://www.errorguard.com/installation/Install.cab
O16 - DPF: {41F17733-B041-4099-A042-B518BB6A408C} - http://appldnld.m7z.net/qtinstall.info.apple.com/pthalo/us/win/QuickTimeFullInstaller.exe
O16 - DPF: {FE5D6722-826F-11D5-A24E-0060B0F1A5AE} (Tukati Launcher) - http://www.tukati.com/software/4/1.9.21.21/tukati.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{20529D16-556C-47F6-AAE4-9A0FB20A07E0}: NameServer = 194.126.115.18 194.126.101.34
O17 - HKLM\System\CS1\Services\Tcpip\..\{20529D16-556C-47F6-AAE4-9A0FB20A07E0}: NameServer = 194.126.115.18 194.126.101.34
O18 - Filter: text/html - {AE0E2544-A13C-4471-8EA3-37863010DAFC} - D:\WINDOWS\System32\galf.dll
O18 - Filter: text/plain - {AE0E2544-A13C-4471-8EA3-37863010DAFC} - D:\WINDOWS\System32\galf.dll
O23 - Service: Machine Debug Manager (MDM) - Unknown owner - D:\Program Files\Common Files\Microsoft Shared\VS7Debug\mdm.exe (file missing)
O23 - Service: NOD32 Kernel Service (NOD32krn) - Unknown owner - D:\Program Files\Eset\nod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe

[tom1245]

igasugused search bar'id/assistandid ja toolbar'id jms jura võiksid küll ära kustutada, samuti on mingid puuduvad failid (se.dll), mille kohta kirje võiksid ära kustutada. Samuti vaatan, et oled installinud suure hulga antispyware programme, mis sul ilmselt ka autoskännivad kogu aeg. Piisaks vaid ad-awarest ja/või spybotist. Samuti on mingi kahtlane Tukati launcher (mis proge see selline on?). Huvitav kirje on ka O10 - Hijacked Internet access by New.Net. Proovi kustutada ka see ära. Selle quicktime installeri võiksid ka ära kustutada ja hiljem quicktime uuesti peale lasta (äkki see poob sul arvutit). Kas sul on enam vaja msgplus proget, kui väljas on uus MSN Messenger 7.0? Ja alati kui hijackthis-iga midagi kustutad, tee eelnevalt registry backup, siis saad taastada eelneva seisu.

[HacaX]

IMO HJT ei lase "hijacked inet" ridu maha ja õieti teeb: sellega kaoks terve nett ära (kui tegu ikka aktiivse pahalasega ja mitte lihtsalt jäänuksissekannetega). Selle tarvis on LSP-Fix ja WinSockFix
Iseenesest tekib kuri kahtlus, et su adwareitõrjujad pole korralikult uuendatudki või siis mingil x moel konfitud (ainult kasutusjälgi ja mitte pahalase skännima vms, sest SB peaks New.netist ise täielikult vabanema).
Lisaks oleks soovitatav jääda ainult nende paari tõrjuja juurde mis on end tõestanud (Ad-aware, SB, Antispyware, SpySweeper, Pestpatrol, SpySubstract), ja mitte minema reklaami ohvriks (Spyware Wanisher näiteks petab mitteeksisteerivate pahalaste leidmisega jne)

[Incikas]

kasutajale nõuandeks-https://foorum.hinnavaatlus.ee/viewtopic.php?t=94187,kusjuures thänx to HacaX, ,sest asi on ju tõesti nii,nagu teemas kirjas

[weyx13]

https://foorum.hinnavaatlus.ee/viewtopic.php?t=152091&highlight=&sid=2d71fad97cd23eb2afaebb46e833252e
ehk aitab seegi - ise kunagi jamasin. Sõber Hacax aitas

[XCX]

Ära kasuta IE´d vaid mõnda alternatiivi (mozilla, opera jne)

[HacaX]

...ehk peida pea liiva alla (pole vahet kas FF või IE, pahalased ju juba masinas)?