hmm...mam ten sam problem. Mam to co w w/w przypadkach oraz gdy klikam RMB na jakiś plik(nie katalog), wpisuję adres strony do IE lub wybieram z ulubionych. I to jest straszne :| Mam nadzieję, źe pomoźecie jak poprzednio.
Log z hijackthis:

Logfile of HijackThis v1.98.2
Scan saved at 16:11:31, on 2004–11–13
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:Program FilesTGTSoftStyleXPStyleXPService.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesKerioMailServermailserver.exe
C:WINDOWSExplorer.EXE
C:Program FilesJavaj2re1.4.2_05injusched.exe
C:Program FilesTGTSoftStyleXPStyleXP.exe
C:Program FilesKonnektkonnekt.exe
C:program filesoperaopera.exe
C:progvirusHijackThis19802.exe

R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = 200.80.10.154:6588
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 – BHO: F1 Organizer Class – {00000EF1–0786–4633–87C6–1AA7A44296DA} – C:WINDOWSsystem32ATPART~1.DLL
O2 – BHO: AcroIEHlprObj Class – {06849E9F–C8D7–4D59–B87D–784B7D6BE0B3} – C:Program FilesAdobeAcrobat 5.0ReaderActiveXAcroIEHelper.ocx
O2 – BHO: NavErrRedir Class – {5D60FF48–95BE–4956–B4C6–6BB168A70310} – (no file)
O2 – BHO: Google Toolbar Helper – {AA58ED58–01DD–4d91–8333–CF10577473F7} – c:program filesgooglegoogletoolbar1.dll
O3 – Toolbar: &Google – {2318C2B1–4965–11d4–9B18–009027A5CD4F} – c:program filesgooglegoogletoolbar1.dll
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [UpdReg] C:WINDOWSUpdReg.EXE
O4 – HKLM..Run: [Jet Detection] "C:Program FilesCreativeSBLivePROGRAMADGJDet.exe"
O4 – HKLM..Run: [CTStartup] C:Program FilesCreativeSplash ScreenCTEaxSpl.EXE /run
O4 – HKLM..Run: [QuickTime Task] "C:Program FilesQuickTimeqttask.exe" –atboottime
O4 – HKLM..Run: [updater] C:Program FilesCommon filesupdaterwupdater.exe
O4 – HKLM..Run: [NeroCheck] C:WINDOWSsystem32NeroCheck.exe
O4 – HKLM..Run: [SunJavaUpdateSched] C:Program FilesJavaj2re1.4.2_05injusched.exe
O4 – HKCU..Run: [STYLEXP] C:Program FilesTGTSoftStyleXPStyleXP.exe –Hide
O4 – HKCU..Run: [EdHTML] C:Program FilesEdHTMLv5.0EdHTML.exe /none
O4 – Startup: Konnekt.lnk = C:Program FilesKonnektkonnekt.exe
O4 – Global Startup: Adobe Gamma Loader.lnk = C:Program FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 – Global Startup: eMule.lnk = C:Program FileseMuleemule.exe
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: &Google Search – res://c:program filesgoogleGoogleToolbar1.dll/cmsearch.html
O8 – Extra context menu item: Backward Links – res://c:program filesgoogleGoogleToolbar1.dll/cmbacklinks.html
O8 – Extra context menu item: Cached Snapshot of Page – res://c:program filesgoogleGoogleToolbar1.dll/cmcache.html
O8 – Extra context menu item: Similar Pages – res://c:program filesgoogleGoogleToolbar1.dll/cmsimilar.html
O8 – Extra context menu item: Translate into English – res://c:program filesgoogleGoogleToolbar1.dll/cmtrans.html
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSystem32msjava.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:WINDOWSSystem32msjava.dll
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe (file missing)
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:Program FilesMessengermsmsgs.exe (file missing)
O12 – Plugin for .spop: C:Program FilesInternet ExplorerPluginsNPDocBox.dll
O16 – DPF: {6414512B–B978–451D–A0D8–FCFDF33E833C} (WUWebControl Class) – http://v5.windowsupdate.microsoft.com/v5consumer/V5Controls/en/x86/client/wuweb_site.cab?1093307279985
O17 – HKLMSystemCCSServicesTcpip..{67201BA6–40EE–4620–AD14–5414DB9F0AF8}: NameServer = 192.168.0.1

Fix :

O1 – Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 – BHO: MyWay Search Assistant BHO – {04079851–5845–4dea–848C–3ECD647AA554} – C:Program FilesMyWaySrchAstt1.binMYSRCHAS.DLL
O2 – BHO: (no name) – {82315A18–6CFB–44a7–BDFD–90E36537C252} – C:Program FilesQuickSearchQuickSearchBar1_27.dll
O2 – BHO: (no name) – {D14641FA–445B–448E–9994–209F7AF15641} – C:WINDOWSsystem32mbho.dll
O3 – Toolbar: QuickSearch Search Bar – {82315A18–6CFB–44a7–BDFD–90E36537C252} – C:Program FilesQuickSearchQuickSearchBar1_27.dll
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O4 – HKLM..Run: [updater] C:Program FilesCommon filesupdaterwupdater.exe
O4 – HKLM..Run: [msbb] c:program filessearch–assistantmsbb.exe
O4 – HKLM..Run: [Winad Client] C:Program FilesWinad ClientWinad.exe
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://public.windupdates.com/get_file.php?bt=ie&p=10f08450ab596047f6c94d90b79b47d1528d9dc4c40924e2499f8b9bd779519ddd40d759133a448fde7f410342650f82cf1f1ae7:7ba4efda898ff66841613117fb4ea0f9

Wyłącz przywracanie systemu,
Wyłącz procesy w Task`u :

wupdater.exe
msbb.exe
Winad.exe

Wyszukaj zaznaczając ukryte pliki i foldery i usuń :

wupdater.exe
msbb.exe
Winad.exe
MYSRCHAS.DLL
QuickSearchBar1_27.dll
mbho.dll

Włącz przywracanie.

Nie wiem czy to dokladnie o to chodzi, ale to chyba sa te loga ...jezeli komus to cos mowi to prosze o pomoc :

Logfile of HijackThis v1.97.7
Scan saved at 22:39:22, on 2004–08–31
Platform: Windows XP Dodatek SP. 1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)

Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:Program FilesCommon FilesAcronisSchedule2schedul2.exe
C:WINDOWSSystem32 vsvc32.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumFirewallPavFires.exe
C:Program FilesPanda SoftwarePanda Antivirus Platinumpavsrv51.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumAVENGINE.EXE
C:WINDOWSExplorer.EXE
C:Program FilesAcronisTrueImageTrueImageMonitor.exe
C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
D:ProgramyWinampWinampa.exe
C:Program FilesCommon FilesRealUpdate_OB ealsched.exe
C:WINDOWSSOUNDMAN.EXE
C:Program FilesPanda SoftwarePanda Antivirus PlatinumAPVXDWIN.EXE
C:program filessearch–assistantmsbb.exe
C:Program Files22M WLAN AdapterWLANMON.exe
C:Program FilesPanda SoftwarePanda Antivirus PlatinumpavProxy.exe
C:Program FilesYahoo!MessengerYPager.exe
C:Program FilesWindows Media Playerwmplayer.exe
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Program FilesInternet ExplorerIEXPLORE.EXE
C:Documents and SettingsmoniqaaPulpitHijackThis.exe

R0 – HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page = http://www.onet.pl/
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,AutoConfigURL = http://proxy.in.net.pl/auto.pac
R1 – HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = http://w3cache.tarman.pl:8080
R0 – HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O1 – Hosts: 12.129.205.209 search.netscape.com12.129.205.209 sitefinder.verisign.com
O2 – BHO: (no name) – {02478D38–C3F9–4efb–9B51–7695ECA05670} – C:PROGRA~1Yahoo!COMPAN~1Installscpnycomp5_3_12_0.dll
O2 – BHO: MyWay Search Assistant BHO – {04079851–5845–4dea–848C–3ECD647AA554} – C:Program FilesMyWaySrchAstt1.binMYSRCHAS.DLL
O2 – BHO: (no name) – {82315A18–6CFB–44a7–BDFD–90E36537C252} – C:Program FilesQuickSearchQuickSearchBar1_27.dll
O2 – BHO: (no name) – {D14641FA–445B–448E–9994–209F7AF15641} – C:WINDOWSsystem32mbho.dll
O3 – Toolbar: &Radio – {8E718888–423F–11D2–876E–00A0C9082467} – C:WINDOWSSystem32msdxm.ocx
O3 – Toolbar: &Yahoo! Companion – {EF99BD32–C1FB–11D2–892F–0090271D4F88} – C:PROGRA~1Yahoo!COMPAN~1Installscpnycomp5_3_12_0.dll
O3 – Toolbar: QuickSearch Search Bar – {82315A18–6CFB–44a7–BDFD–90E36537C252} – C:Program FilesQuickSearchQuickSearchBar1_27.dll
O3 – Toolbar: PopUpCop – {DB43E4E6–FF8A–4018–8C8E–F68587A44A73} – C:PROGRA~1PopUpCopPopUpCop.dll
O3 – Toolbar: (no name) – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – (no file)
O4 – HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 – HKLM..Run: [nwiz] nwiz.exe /install
O4 – HKLM..Run: [AcronisTrueImage Monitor] C:Program FilesAcronisTrueImageTrueImageMonitor.exe
O4 – HKLM..Run: [Acronis Scheduler2 Service] C:Program FilesCommon FilesAcronisSchedule2schedhlp.exe
O4 – HKLM..Run: [WinampAgent] "D:ProgramyWinampWinampa.exe"
O4 – HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OB ealsched.exe" –osboot
O4 – HKLM..Run: [QuickTime Task] "D:ProgramyQuickTimeqttask.exe" –atboottime
O4 – HKLM..Run: [NeroCheck] C:WINDOWSSystem32NeroCheck.exe
O4 – HKLM..Run: [updater] C:Program FilesCommon filesupdaterwupdater.exe
O4 – HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 – HKLM..Run: [ashMaiSv] C:PROGRA~1ALWILS~1Avast4ashmaisv.exe
O4 – HKLM..Run: [SCANINICIO] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumInicio.exe"
O4 – HKLM..Run: [APVXDWIN] "C:Program FilesPanda SoftwarePanda Antivirus PlatinumAPVXDWIN.EXE" /s
O4 – HKLM..Run: [msbb] c:program filessearch–assistantmsbb.exe
O4 – HKLM..Run: [Winad Client] C:Program FilesWinad ClientWinad.exe
O4 – HKCU..Run: [Gadu–Gadu] "D:programyGadu–Gadugg.exe" /tray
O4 – Global Startup: 22M WLAN Adapter.lnk = ?
O4 – Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOfficeOSA9.EXE
O8 – Extra context menu item: &Yahoo! Search – file:///C:Program FilesYahoo!Common/ycsrch.htm
O8 – Extra context menu item: Open Image in New Window – res://C:Program FilesPopUpCoppopupcop.dll/imagenew
O8 – Extra context menu item: Yahoo! &Dictionary – file:///C:Program FilesYahoo!Common/ycdict.htm
O8 – Extra context menu item: Yahoo! &Maps – file:///C:Program FilesYahoo!Common/ycdict.htm
O9 – Extra button: Messenger (HKLM)
O9 – Extra 'Tools' menuitem: Yahoo! Messenger (HKLM)
O16 – DPF: {15AD4789–CDB4–47E1–A9DA–992EE8E6BAD6} – http://public.windupdates.com/get_file.php?bt=ie&p=10f08450ab596047f6c94d90b79b47d1528d9dc4c40924e2499f8b9bd779519ddd40d759133a448fde7f410342650f82cf1f1ae7:7ba4efda898ff66841613117fb4ea0f9
O16 – DPF: {30528230–99F7–4BB4–88D8–FA1D4F56A2AB} (YInstStarter Class) – http://download.yahoo.com/dl/installs/yinst0401.cab
O16 – DPF: {33564D57–0000–0010–8000–00AA00389B71} – http://download.microsoft.com/download/F/6/E/F6E491A6–77E1–4E20–9F5F–94901338C922/wmv9VCM.CAB
O16 – DPF: {917623D1–D8E5–11D2–BE8B–00104B06BDE3} (CamImage Class) – http://217.117.128.162/activex/AxisCamControl.cab
O16 – DPF: {9F1C11AA–197B–4942–BA54–47A8489BB47F} (Update Class) – http://v4.windowsupdate.microsoft.com/CAB/x86/unicode/iuctl.CAB?38164.2246643519
O16 – DPF: {B9191F79–5613–4C76–AA2A–398534BB8999} (YAddBook Class) – http://us.dl1.yimg.com/download.yahoo.com/dl/installs/suite/yautocomplete.cab
O16 – DPF: {D27CDB6E–AE6D–11CF–96B8–444553540000} (Shockwave Flash Object) – http://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
O17 – HKLMSystemCCSServicesTcpip..{2598DBE5–EED8–4520–86FA–D0A80F6C46C9}: NameServer = 217.117.133.1,217.117.128.3
O17 – HKLMSystemCCSServicesTcpip..{7E8BB529–B7E3–4B9B–B0C1–50426B5C1639}: NameServer = 217.117.133.1,217.117.128.3
O17 – HKLMSystemCS1ServicesTcpip..{2598DBE5–EED8–4520–86FA–D0A80F6C46C9}: NameServer = 217.117.133.1,217.117.128.3
O17 – HKLMSystemCS2ServicesTcpip..{2598DBE5–EED8–4520–86FA–D0A80F6C46C9}: NameServer = 217.117.133.1,217.117.128.3

:arrow: http://www.centrumxp.pl/forum/viewtopic.php?t=19974

co to takiego jest ??? i gdzie to moge znalesc ??

Pokaz loga z hijackthis .

sprzęt:
Plyta AMD EPOX 8K9AI
Pamięć DDR 256 MG 400
Karta Graficzna GF FX 5200 64 MB TV
Procesor Athlon 2.0 GB
Dysk twardy IBM DTLA 30 GB 7200 ATA 100
Monitor Samsung Sync Master 755 DF
System WIN XP

A jaki masz sprzęt :?:
Bo narazie to tylko dywagacje moźna snuć.

Tempy usuniete :?:
procesy w taskmenagerze przeanalizowane :?:
programy startujace z windowsem przegladniete :?:
skanowanie antywirusowe oraz anty spyware/adware przeprowadzone z aktualna sygnaturą :?: