Internet Mi muli pomocy

edencja · 4 Lipiec 2009 03:56

Mam problem podczas ruszaniem scrolem bardzo mi sie zacina strona internetowa i tak jest na kazdej stronie nie wiem czego moze byc to wina zrobilem loga ale nie umiem nic sam w nim zrobic.

Pomozcie

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

C:\WINDOWS\system32\WgaTray.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\expiorer.exe

C:\WINDOWS\AhnRpta.exe

C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe

C:\Program Files\Intelligent Driver\4DMAIN.EXE

C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe

C:\Program Files\Norton Ghost\Agent\VProTray.exe

C:\Program Files\Messenger\msmsgs.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Zapu\Zapu\wDivi.exe

C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

C:\Program Files\Norton Ghost\Agent\VProSvc.exe

C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe

C:\WINDOWS\system32\svchost.exe

C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

C:\WINDOWS\system32\wuauclt.exe

C:\PROGRA~1\MOZILL~1\FIREFOX.EXE

C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 121.9.221.189:80

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: (no name) - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - (no file)

R3 - URLSearchHook: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll

O1 - Hosts: 212.150.54.250 dv-networks.com

O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx

O2 - BHO: My Global Search Bar BHO - {37B85A21-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O2 - BHO: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll

O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GRA8E1~1.DLL

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar3.dll

O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\2.0.301.7164\swg.dll

O2 - BHO: WebManager Class - {D5792AA9-D373-4039-8670-2CDAB6A71F15} - C:\Program Files\BitDownload\TorrentManager.dll

O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll

O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar3.dll

O3 - Toolbar: My Global Search Bar - {37B85A29-692B-4205-9CAD-2626E4993404} - C:\Program Files\MyGlobalSearch\bar\1.bin\MGSBAR.DLL

O3 - Toolbar: Share Accelerator MM Toolbar - {4596013b-6c31-408b-a266-deae5c086dc2} - C:\Program Files\Share_Accelerator_MM\tbSha0.dll

O4 - HKLM…\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM…\Run: [avgnt] “C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe” /min

O4 - HKLM…\Run: [TkBellExe] “C:\Program Files\Common Files\Real\Update_OB\realsched.exe” -osboot

O4 - HKLM…\Run: [WheelMouse] C:\Program Files\Intelligent Driver\4DMAIN.EXE

O4 - HKLM…\Run: [PCTAVApp] “C:\Program Files\PC Tools AntiVirus\PCTAV.exe” /MONITORSCAN

O4 - HKLM…\Run: [HPDJ Taskbar Utility] C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb04.exe

O4 - HKLM…\Run: [speedTouch USB Diagnostics] “C:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon

O4 - HKLM…\Run: [GrooveMonitor] “C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe”

O4 - HKLM…\Run: [sunJavaUpdateSched] “C:\Program Files\Java\jre1.6.0_05\bin\jusched.exe”

O4 - HKLM…\Run: [Norton Ghost 14.0] “C:\Program Files\Norton Ghost\Agent\VProTray.exe”

O4 - HKCU…\Run: [PowerBar] “\PowerBar.exe” /AtBootTime

O4 - HKCU…\Run: [MSMSGS] “C:\Program Files\Messenger\msmsgs.exe” /background

O4 - HKCU…\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU…\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe

O4 - HKCU…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray

O4 - HKUS\S-1-5-19…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘?’)

O4 - HKUS\S-1-5-20…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘?’)

O4 - HKUS\S-1-5-21-1292428093-362288127-682003330-1003…\Run: [PowerBar] “\PowerBar.exe” /AtBootTime (User ‘?’)

O4 - HKUS\S-1-5-21-1292428093-362288127-682003330-1003…\Run: [cdoosoft] C:\WINDOWS\system32\olhrwef.exe (User ‘?’)

O4 - HKUS\S-1-5-21-1292428093-362288127-682003330-1003…\Run: [Gadu-Gadu] “C:\Program Files\Gadu-Gadu\gg.exe” /tray (User ‘?’)

O4 - HKUS\S-1-5-18…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘?’)

O4 - HKUS.DEFAULT…\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User ‘Default user’)

O4 - S-1-5-21-1292428093-362288127-682003330-1003 Startup: Zapu Acceleration Engine.lnk = C:\Program Files\Zapu\Zapu\wincm.exe (User ‘?’)

O4 - S-1-5-21-1292428093-362288127-682003330-1003 Startup: Zapu.lnk = C:\Program Files\Zapu\Zapu\wDivi.exe (User ‘?’)

O4 - Startup: Zapu Acceleration Engine.lnk = C:\Program Files\Zapu\Zapu\wincm.exe

O4 - Startup: Zapu.lnk = C:\Program Files\Zapu\Zapu\wDivi.exe

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra ‘Tools’ menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra ‘Tools’ menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O12 - Plugin for .spop: C:\Program Files\Internet Explorer\Plugins\NPDocBox.dll

O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl.sun.com/webapps/download/ … leId=19588

O17 - HKLM\System\CCS\Services\Tcpip…{0E0CFCB9-ACDC-405C-927B-CCFA684D4E95}: NameServer = 194.204.152.34 217.98.63.164

O17 - HKLM\System\CS1\Services\Tcpip…{0E0CFCB9-ACDC-405C-927B-CCFA684D4E95}: NameServer = 194.204.152.34 217.98.63.164

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GR99D3~1.DLL

O20 - AppInit_DLLs: C:\PROGRA~1\Google\GOOGLE~1\GOEC62~1.DLL

O23 - Service: ABBYY FineReader 9.0 PE Licensing Service (ABBYY.Licensing.FineReader.Professional.9.0) - ABBYY (BIT Software) - C:\Program Files\Common Files\ABBYY\FineReader\9.00\Licensing\PE\NetworkLicenseServer.exe

O23 - Service: ABBYY.Licensing.FineReader.ScreenshotReader.9.0 - ABBYY (BIT Software) - C:\Program Files\ABBYY Screenshot Reader\NetworkLicenseServer.exe

O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe

O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe

O23 - Service: GoogleDesktopManager - Google - C:\Program Files\Google\Google Desktop Search\GoogleDesktop.exe

O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe

O23 - Service: LiveUpdate - Symantec Corporation - C:\PROGRA~1\Symantec\LIVEUP~1\LUCOMS~1.EXE

O23 - Service: Norton Ghost - Symantec Corporation - C:\Program Files\Norton Ghost\Agent\VProSvc.exe

O23 - Service: O&O Defrag (OODefrag) - O&O Software GmbH - C:\WINDOWS\system32\oodag.exe

O23 - Service: PC Tools AntiVirus Engine (PCTAVSvc) - PC Tools Research Pty Ltd - C:\Program Files\PC Tools AntiVirus\PCTAVSvc.exe

O23 - Service: SymSnapService - Symantec - C:\Program Files\Norton Ghost\Shared\Drivers\SymSnapService.exe

O24 - Desktop Component 0: (no name) - http://images.google.pl/images?q=tbn:ju … onaldo.jpg

O24 - Desktop Component 1: (no name) - http://www.po.org.pl/_files_/multimedia … 01mini.jpg

O24 - Desktop Component 10: (no name) - http://images.google.pl/images?q=tbn:8H … KWIATY.jpg

O24 - Desktop Component 11: (no name) - http://images.google.pl/images?q=tbn:0E … 57178.jpeg

O24 - Desktop Component 12: (no name) - http://images.google.pl/images?q=tbn:6I … torres.jpg

O24 - Desktop Component 13: (no name) - http://images.google.pl/images?q=tbn:Hz … 90_CAS.jpg

O24 - Desktop Component 14: (no name) - http://images.google.pl/images?q=tbn:n_ … d%3D308276

O24 - Desktop Component 15: (no name) - http://www.lustereczko.pl/lustereczko_2927315.gif

O24 - Desktop Component 16: (no name) - http://www.siudmak.ovh.org/tn_Siudmak_Materia.jpg

O24 - Desktop Component 17: (no name) - http://tbn0.google.com/images?q=tbn:SD0 … cowa_1.jpg

O24 - Desktop Component 18: (no name) - http://tbn3.google.com/images?q=tbn:_zf … -roofb.jpg

O24 - Desktop Component 2: (no name) - http://img.interia.pl/sport/nimg/Tomas_ … 041986.jpg

O24 - Desktop Component 3: (no name) - http://filmy.aeri.pl/tm/445/2192.jpg

O24 - Desktop Component 4: (no name) - http://im.super.cz/celebrity_fan_picture/244/2900.jpg

O24 - Desktop Component 5: (no name) - http://images.google.pl/images?q=tbn:jl … harlie.jpg

O24 - Desktop Component 6: (no name) - http://images.google.pl/images?q=tbn:sU … 36_654.jpg

O24 - Desktop Component 7: (no name) - http://images.google.pl/images?q=tbn:HK … 2/8gv8.jpg

O24 - Desktop Component 8: (no name) - http://images.google.pl/images?q=tbn:Yy … 6337_0.jpg

O24 - Desktop Component 9: (no name) - http://ffmedia.ign.com/filmforce/image/ … 03-000.jpg

–

End of file - 12561 bytes

ciemnowidz · 4 Lipiec 2009 04:46

Tutaj jest infekcja z pendrive’a i nie tylko.

Na początek zastosuj FlashDisinfector

http://www.searchengines.pl/index.php?s … ntry369724

Potem wklej logi z OTL i gmer

http://oldtimer.geekstogo.com/OTL.exe

http://www.gmer.net/

Logi wklejasz na www.wklej.org a tutaj dajesz tylko link.

Poza tym Zapu to dość podejrzany program.

edencja · 4 Lipiec 2009 05:26

Nic nie daje ;(

ciemnowidz · 4 Lipiec 2009 05:37

No to doczytaj co ja napisałem

Logi mają być bo nic samo z siebie się nie usunie, a tutaj masz kupę śmieci ale OTL i gmer pokażą więcej. Dopiero jak wkleisz te logi będzie można cokolwiek usuwać.

edencja · 4 Lipiec 2009 06:48

Ok dzieki

ciemnowidz · 4 Lipiec 2009 06:52

No, ale logi wklej z tych dwóch programów, bo tutaj naprawdę jest co usuwać.

Tu są złodzieje danych, inne szpiegi i spamer, masz wkleić logi.

Smycz · 4 Lipiec 2009 16:29

Wlacz fire foxa czy co tam masz wlacz menedzera zadan daj procesy znajdz proces o nazwie firefox czy co tam masz kliknij prawym-Priorytet-Niski.Git.

Pozdrawiam Smycz

ciemnowidz · 4 Lipiec 2009 16:37

Nie wiem co mu to da skoro u niego w większości z internetu korzystają wirusy.

edencja · 5 Lipiec 2009 08:50

Gdzie te logi wgrac?

ciemnowidz · 5 Lipiec 2009 08:55

Logi wklejasz na www.wklej.org a tutaj link do nich dajesz.

Frog · 5 Lipiec 2009 08:56

edencja , popraw tytuł tematu, używając przycisku

Poza tym na forum używamy polskich znaków (ż, ź, ć, ą, ś itp.). Korzystając z przycisku