CentrumXP Forum Tematyka portalu CentrumXP.pl Programy Problem z explore–rem

Problem z explore–rem

Witam

odrazu dodam ze przeszukalem cale forum i nic nie znalazlem o moim problemie (moze zle szukalem :D)

od okolo 3 dni mam problem z explore–rem strasznie sie muli. Kiedy wlacze przegladarke i np. wpisze w wyszukiwarce jakas strone zeby wyszukala to wskaznik myszki ze strzalki robi sie na klepsydre (zajety) i wtedy zaczyna sie mulic okolo jedna minute. Skanowalem kompa "nortonem antivirusem" oraz "ad–aware" i nic nie wykrylo. Dodam jeszcze ze raz na jakis czas tak sie dzieje.

logi z Hijack:

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSSYSTEM32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C:PROGRA~1NORTON~1 avapw32.exe
C:Program FilesWinampWinampa.exe
C:Program FilesBullsEye Networkinargains.exe
C:WINDOWSSystem32vytwzzb.exe
C:WINDOWSSystem32ctfmon.exe
C:Program FilesNorton AntiVirus avapsvc.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FileseDonkey2000eDonkey2000.exe
C:Program FilesGadu–Gadugg.exe
C:Program FilesFlashFXPFlashFXP.exe
C:Program FilesInternet Exploreriexplore.exe
D:HijackThis.exe

R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http:/82.179.166.192/search.php?v=6&aff=44401
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http:/82.179.166.192/index.php?v=6&aff=44401
R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.wp.pl/
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *new–search.net*;*x–google.net*
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName =
R3 – URLSearchHook: (no name) – {8952A998–1E7E–4716–B23D–3DBE03910972} – (no file)
O1 – Hosts file is located at: C:WINDOWS sdbhosts
O1 – Hosts: 82.179.166.192 new–search.net
O1 – Hosts: 82.179.166.190 x–google.net
O2 – BHO: BTGrabObj Class – {00000000–F09C–02B4–6EC2–AD0300000000} – C:WINDOWSBTGrab.dll
O2 – BHO: NavErrRedir Class – {00D6A7E7–4A97–456f–848A–3B75BF7554D7} – (no file)
O2 – BHO: (no name) – {83DE62E0–5805–11D8–9B25–00E04C60FAF2} – C:WINDOWS2_0_1browserhelper2.dll
O2 – BHO: brdg Class – {9C691A33–7DDA–4C2F–BE4C–C176083F35CF} – C:WINDOWSSystem32ridge.dll
O2 – BHO: NAV Helper – {BDF3E430–B101–42AD–A544–FADC6B084872} – C:Program FilesNorton AntiVirusNavShExt.dll
O2 – BHO: ADP UrlCatcher Class – {F4E04583–354E–4076–BE7D–ED6A80FD66DA} – C:WINDOWSSystem32msbe.dll
O3 – Toolbar: Norton AntiVirus – {42CDD1BF–3FFB–4238–8AD1–7859DF00B1D6} – C:Program FilesNorton AntiVirusNavShExt.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O4 – HKLM..Run: [NAV Agent] C:PROGRA~1NORTON~1 avapw32.exe
O4 – HKLM..Run: [Symantec NetDriver Monitor] C:PROGRA~1SYMNET~1SNDMon.exe
O4 – HKLM..Run: [SSC_UserPrompt] C:Program FilesCommon FilesSymantec SharedSecurity CenterUsrPrmpt.exe
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [WinampAgent] "C:Program FilesWinampWinampa.exe"
O4 – HKLM..Run: [RunDLL] rundll32.exe "C:WINDOWSSystem32ridge.dll",Load
O4 – HKLM..Run: [BullsEye Network] C:Program FilesBullsEye Networkinargains.exe
O4 – HKLM..Run: [fbvlvqsq] C:WINDOWSSystem32vytwzzb.exe
O4 – HKCU..Run: [CTFMON.EXE] C:WINDOWSSystem32ctfmon.exe
O4 – Startup: Sid Registration.lnk = F:ATR1.exe
O8 – Extra context menu item: &Download with &DAP – C:PROGRA~1DAPdapextie.htm
O8 – Extra context menu item: Download &all with DAP – C:PROGRA~1DAPdapextie2.htm
O9 – Extra button: Run DAP – {669695BC–A811–4A9D–8CDF–BA8C795F261C} – C:PROGRA~1DAPDAP.EXE
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – ms–its:mhtml:file://C:foo.mht!http://82.179.166.145/x15.chm::/trs15.exe
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1098990735920
O16 – DPF: {83AFB5CA–ED35–11D4–A452–0080C8D85045} (GameDesire Poker Games) – http://67.15.101.3/g_bin/pl/poker_2_0_0_34.cab
O16 – DPF: {A6212120–01D4–11D5–9A39–0080C8D85044} (GameDesire Slots 70th) – http://67.15.101.3/g_bin/pl/slots70_2_0_0_20.cab
O16 – DPF: {FDDBE2B8–6602–4AD8–946D–94C5A32FA6C5} (GameDesire Snooker) – http://67.15.101.3/g_bin/pl/snooker_2_0_0_21.cab
O17 – HKLMSystemCCSServicesTcpip..{DA38F294–56ED–4084–9B86–1CEF61E842CD}: NameServer = 62.233.190.14,194.204.159.1
O18 – Filter: text/html – {4F7681E5–6CAF–478D–9CB8–4CA593BEE7FB} – C:WINDOWSSystem32xplugin.dll
O23 – Service: ISEXEng – Unknown – C:WINDOWSSystem32angelex.exe
O23 – Service: Norton AntiVirus Auto Protect Service – Symantec Corporation – C:Program FilesNorton AntiVirus avapsvc.exe
O23 – Service: NVIDIA Driver Helper Service – NVIDIA Corporation – C:WINDOWSSystem32 vsvc32.exe
O23 – Service: ScriptBlocking Service – Symantec Corporation – C:PROGRA~1COMMON~1SYMANT~1SCRIPT~1SBServ.exe
O23 – Service: Symantec Network Drivers Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSNDSrvc.exe
O23 – Service: SymWMI Service – Symantec Corporation – C:Program FilesCommon FilesSymantec SharedSecurity CenterSymWSC.exe


moze sie przydadza :)

z gory dziekuje za pomoc

Odpowiedzi: 3

Prosze bardzo.
primax:
nawet system jest szybszy
Ma prawo byc szybszy, poniewaz teraz bez syfu :wink: .
EL NINO
Dodano
15.01.2005 23:02:37
dziekuje slicznie za pomoc na oko jak narazie ladnie chodzi nawet system jest szybszy (pol roku temu instalowany) :D

pozdro.
primax
Dodano
15.01.2005 22:51:54
Wylacz procesy o nazwach znalezionych ponizej plikow exe, zaznacz w HiJacku te wpisy i nacisnij "FIX...". Na koniec wyszukaj na dysku podane nizej pliki i usun jesli znajdziesz.

C:Program FilesBullsEye Networkinargains.exe
C:WINDOWSSystem32vytwzzb.exe

R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar = http:/82.179.166.192/search.php?v=6&aff=44401
R1 – HKCUSoftwareMicrosoftInternet ExplorerMain,Search Page = http:/82.179.166.192/index.php?v=6&aff=44401
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyOverride = *new–search.net*;*x–google.net*
R3 – URLSearchHook: (no name) – {8952A998–1E7E–4716–B23D–3DBE03910972} – (no file)
O1 – Hosts file is located at: C:WINDOWS sdbhosts
O1 – Hosts: 82.179.166.192 new–search.net
O1 – Hosts: 82.179.166.190 x–google.net
O2 – BHO: BTGrabObj Class – {00000000–F09C–02B4–6EC2–AD0300000000} – C:WINDOWSBTGrab.dll
O2 – BHO: NavErrRedir Class – {00D6A7E7–4A97–456f–848A–3B75BF7554D7} – (no file)
O2 – BHO: (no name) – {83DE62E0–5805–11D8–9B25–00E04C60FAF2} – C:WINDOWS2_0_1browserhelper2.dll
O2 – BHO: brdg Class – {9C691A33–7DDA–4C2F–BE4C–C176083F35CF} – C:WINDOWSSystem32ridge.dll
O2 – BHO: ADP UrlCatcher Class – {F4E04583–354E–4076–BE7D–ED6A80FD66DA} – C:WINDOWSSystem32msbe.dll
O4 – HKLM..Run: [RunDLL] rundll32.exe "C:WINDOWSSystem32ridge.dll",Load
O4 – HKLM..Run: [BullsEye Network] C:Program FilesBullsEye Networkinargains.exe
O4 – HKLM..Run: [fbvlvqsq] C:WINDOWSSystem32vytwzzb.exe
O4 – Startup: Sid Registration.lnk = F:ATR1.exe
O9 – Extra button: Related – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O9 – Extra 'Tools' menuitem: Show &Related Links – {c95fe080–8f5d–11d2–a20b–00aa003c157a} – C:WINDOWSweb elated.htm
O16 – DPF: {14A3221B–1678–1982–A355–7263B1281987} – ms–its:mhtml:file://C:foo.mht!http://82.179.166.145/x15.chm::/trs15.exe
O18 – Filter: text/html – {4F7681E5–6CAF–478D–9CB8–4CA593BEE7FB} – C:WINDOWSSystem32xplugin.dll
O23 – Service: ISEXEng – Unknown – C:WINDOWSSystem32angelex.exe


P.S. Systemowy plik hosts znajduje sie w innym miejscu.
EL NINO
Dodano
15.01.2005 22:00:17
primax
Dodano:
15.01.2005 14:02:29
Komentarzy:
3
Strona 1 / 1