Wyskakujace okna ie i zmiana strony glownej - co jest?


(Bilasty) #1

Witam

Moj problem polega na ciaglym wyskakiwaniu pustych okien ie ( nie znajduje strony ) i po zmianie strony glownej , nastepnie restart zawsze mam : http://www.lookanddiscover.com/

Przyznaje ze mialem "antiwiraxp 2009" myslalem , ze skasowalem go z powodzeniem ale ... niepokoja mnie te objawy

zalaczam loga z hijacka

Logfile of Trend Micro HijackThis v2.0.2

Scan saved at 19:22:35, on 2008-11-18

Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)

MSIE: Internet Explorer v7.00 (7.00.6000.16735)

Boot mode: Normal

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

C:\WINDOWS\Explorer.EXE

C:\WINDOWS\System32\nvraidservice.exe

C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe

C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe

C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe

C:\WINDOWS\system32\LVCOMSX.EXE

C:\Program Files\Brother\ControlCenter3\brccMCtl.exe

C:\Program Files\Logitech\Video\CameraAssistant.exe

C:\WINDOWS\system32\ElkCtrl.exe

C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe

C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe

C:\WINDOWS\SOUNDMAN.EXE

C:\Program Files\Java\jre6\bin\jusched.exe

C:\WINDOWS\system32\RUNDLL32.EXE

C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe

C:\Program Files\Softwin\BitDefender10\bdmcon.exe

C:\Program Files\Softwin\BitDefender10\bdagent.exe

C:\WINDOWS\system32\RunDll32.exe

C:\Program Files\Common Files\Menedżer instalacji SolidWorks\Scheduler\sldIMScheduler.exe

C:\Program Files\Skype\Phone\Skype.exe

C:\Program Files\uTorrent\uTorrent.exe

C:\Program Files\DAEMON Tools Pro\DTProAgent.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Program Files\Brother\Brmfcmon\BrMfcmon.exe

C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe

C:\Program Files\Bonjour\mDNSResponder.exe

C:\Program Files\Java\jre6\bin\jqs.exe

C:\WINDOWS\system32\nvsvc32.exe

C:\Program Files\CyberLink\Shared files\RichVideo.exe

C:\WINDOWS\System32\svchost.exe

C:\Program Files\RealVNC\VNC4\WinVNC4.exe

C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

C:\Program Files\Softwin\BitDefender10\vsserv.exe

C:\WINDOWS\System32\wbem\unsecapp.exe

C:\Program Files\Common Files\Teleca Shared\Generic.exe

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SYMBIA~1.EXE

C:\Program Files\Skype\Plugin Manager\skypePM.exe

C:\WINDOWS\System32\svchost.exe

C:\PROGRA~1\Symbian\Shared\SYMBIA~1\SCBAL.exe

C:\Program Files\Internet Explorer\iexplore.exe

C:\Program Files\DAP\DAP.EXE

C:\Program Files\TC UP\TOTALCMD.EXE

C:\Hijack This\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.lookanddiscover.com/

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre6\bin\ssv.dll

O2 - BHO: {5cb7d480-0709-9eea-2254-144a8013242a} - {a2423108-a441-4522-aee9-9070084d7bc5} - C:\WINDOWS\system32\vygzjz.dll

O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll

O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll

O4 - HKLM..\Run: [NVRaidService] C:\WINDOWS\System32\nvraidservice.exe

O4 - HKLM..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup

O4 - HKLM..\Run: [nwiz] nwiz.exe /install

O4 - HKLM..\Run: [iSUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup

O4 - HKLM..\Run: [iSUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start

O4 - HKLM..\Run: [sSBkgdUpdate] "C:\Program Files\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" -Embedding -boot

O4 - HKLM..\Run: [PaperPort PTD] "C:\Program Files\ScanSoft\PaperPort\pptd40nt.exe"

O4 - HKLM..\Run: [indexSearch] "C:\Program Files\ScanSoft\PaperPort\IndexSearch.exe"

O4 - HKLM..\Run: [PPort11reminder] "C:\Program Files\ScanSoft\PaperPort\Ereg\Ereg.exe" -r "C:\Documents and Settings\All Users\Dane aplikacji\ScanSoft\PaperPort\11\Config\Ereg\Ereg.ini

O4 - HKLM..\Run: [brMfcWnd] C:\Program Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN

O4 - HKLM..\Run: [ControlCenter3] C:\Program Files\Brother\ControlCenter3\brctrcen.exe /autorun

O4 - HKLM..\Run: [LVCOMSX] C:\WINDOWS\system32\LVCOMSX.EXE

O4 - HKLM..\Run: [LogitechCameraAssistant] C:\Program Files\Logitech\Video\CameraAssistant.exe

O4 - HKLM..\Run: [LogitechVideo[inspector]] C:\Program Files\Logitech\Video\InstallHelper.exe /inspect

O4 - HKLM..\Run: [LogitechCameraService(E)] C:\WINDOWS\system32\ElkCtrl.exe /automation

O4 - HKLM..\Run: [RemoteControl] "C:\Program Files\CyberLink\PowerDVD\PDVDServ.exe"

O4 - HKLM..\Run: [LanguageShortcut] "C:\Program Files\CyberLink\PowerDVD\Language\Language.exe"

O4 - HKLM..\Run: [Acrobat Assistant 7.0] "C:\Program Files\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"

O4 - HKLM..\Run: [PC Suite for Smartphones] "C:\Program Files\Sony Ericsson\Mobile4\Application Launcher\Application Launcher.exe" /startoptions

O4 - HKLM..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime

O4 - HKLM..\Run: [soundMan] SOUNDMAN.EXE

O4 - HKLM..\Run: [sunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"

O4 - HKLM..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit

O4 - HKLM..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"

O4 - HKLM..\Run: [bDMCon] "C:\Program Files\Softwin\BitDefender10\bdmcon.exe" /reg

O4 - HKLM..\Run: [bDAgent] "C:\Program Files\Softwin\BitDefender10\bdagent.exe"

O4 - HKLM..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd

O4 - HKLM..\Run: [solidWorks_CheckForUpdates] "C:\Program Files\Common Files\Menedżer instalacji SolidWorks\Scheduler\sldIMScheduler.exe" /scheduler

O4 - HKCU..\Run: [skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized

O4 - HKCU..\Run: [Komunikator] C:\Program Files\Tlen.pl\tlen.exe

O4 - HKCU..\Run: [DriverUpdaterPro] C:\Program Files\XPC Tools\Driver Updater Pro\DriverUpdaterPro.exe -t

O4 - HKCU..\Run: [uTorrent] "C:\Program Files\uTorrent\uTorrent.exe"

O4 - HKCU..\Run: [DownloadAccelerator] "C:\Program Files\DAP\DAP.EXE" /STARTUP

O4 - HKCU..\Run: [DAEMON Tools Pro Agent] "C:\Program Files\DAEMON Tools Pro\DTProAgent.exe"

O4 - HKCU..\Run: [mRouterConfig] "C:\Program Files\Intuwave\Shared\mRouterRuntime\mRouterConfig.exe"

O4 - HKCU..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe

O4 - HKCU..\Run: [uSDownloader] "C:\Documents and Settings\bilasty\Pulpit\USDownloader\USDownloader\USDownloader.exe"

O4 - HKUS\S-1-5-19..\RunOnce: [3DxAssociateFileExts] C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe "FileExts" (User 'USŁUGA LOKALNA')

O4 - HKUS\S-1-5-20..\RunOnce: [3DxAssociateFileExts] C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe "FileExts" (User 'USŁUGA SIECIOWA')

O4 - HKUS\S-1-5-18..\RunOnce: [3DxAssociateFileExts] C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe "FileExts" (User 'SYSTEM')

O4 - HKUS.DEFAULT..\RunOnce: [3DxAssociateFileExts] C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxViewer\register.exe "FileExts" (User 'Default user')

O4 - S-1-5-18 Startup: Aparat Harmonogramu zadań SolidWorks.lnk = C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\swBOEngine.exe (User 'SYSTEM')

O4 - .DEFAULT Startup: Aparat Harmonogramu zadań SolidWorks.lnk = C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\swBOEngine.exe (User 'Default user')

O4 - Startup: Aparat Harmonogramu zadań SolidWorks.lnk = C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\swBOEngine.exe

O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?

O4 - Global Startup: Start 3DxWare.lnk = C:\Program Files\3Dconnexion\3Dconnexion 3DxSoftware\3DxWare\3dxsrv.exe

O4 - Global Startup: winsched.exe

O8 - Extra context menu item: &Clean Traces - C:\Program Files\DAP\Privacy Package\dapcleanerie.htm

O8 - Extra context menu item: &Download with &DAP - C:\Program Files\DAP\dapextie.htm

O8 - Extra context menu item: Download &all with DAP - C:\Program Files\DAP\dapextie2.htm

O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~3\Office12\EXCEL.EXE/3000

O8 - Extra context menu item: Konwertuj do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konwertuj do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konwertuj miejsce docelowe łącza do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O8 - Extra context menu item: Konwertuj wybrane łącza do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html

O8 - Extra context menu item: Konwertuj wybrane łącza do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html

O8 - Extra context menu item: Konwertuj zaznaczenie do Adobe PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html

O8 - Extra context menu item: Konwertuj zaznaczenie do istniejącego pliku PDF - res://C:\Program Files\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre6\bin\jp2iexp.dll

O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra 'Tools' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~3\Office12\ONBttnIE.dll

O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll

O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\Office12\REFIEBAR.DLL

O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe

O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe

O16 - DPF: {1E53EA77-34F2-474E-9046-B2B0C86F1821} (OggX Control) - http://www.eska.pl/streamplayers/OggX.ocx

O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://www.update.microsoft.com/windows ... 0293986048

O16 - DPF: {68282C51-9459-467B-95BF-3C0E89627E55} (MksSkanerOnline Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab

O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://www.update.microsoft.com/microso ... 0294133689

O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll

O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL

O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\Program Files\Common Files\Softwin\BitDefender Scan Server\bdss.exe

O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe

O23 - Service: SW Distributed TS Coordinator Service (CoordinatorServiceHost) - Dassault Systemes SolidWorks Corp. - C:\Program Files\SolidWorks Corp\SolidWorks\swScheduler\DTSCoordinatorService.exe

O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe

O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe

O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\Program Files\Common Files\Softwin\BitDefender Update Service\livesrv.exe

O23 - Service: Logitech Process Monitor (LVPrcSrv) - Logitech Inc. - c:\program files\common files\logitech\lvmvfm\LVPrcSrv.exe

O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe

O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo.exe

O23 - Service: SolidWorks Licensing Service - SolidWorks - C:\Program Files\Common Files\SolidWorks Shared\Service\SolidWorksLicensing.exe

O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\Program Files\Softwin\BitDefender10\vsserv.exe

O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe

O23 - Service: BitDefender Communicator (XCOMM) - Softwin - C:\Program Files\Common Files\Softwin\BitDefender Communicator\xcommsvr.exe

--

End of file - 13866 bytes

prosze o pomoc


(Apdjs) #2

Użyj opcji "Fix checked" w HJT

Pobierz ComboFix i przeskanuj system

Na czas pobierania i skanowania proszę wyłączyć wszelkie zapory i antyvirusy

Loga wklejasz na WKLEJ TO lub WKLEJ a w poście daj linka


(Bilasty) #3

Dziekuje

Wyglada ze pomoglo :slight_smile:

nastepnym razem loga wkleje prawidlowo - przepraszam


(Apdjs) #4

Gdzie log??