Podejrzane zachowanie przeglądarki

[Demerzel]

Zdarzyło mi sie to już kiedyś. SeeaMonkey przestaje wczytywać strony. Cokolwiek nie zrobię na podanie adresu czy naciśnięcie linka nie reaguje. Przy uruchomieniu pokazało się jeszcze malutkie okienko w lewym górnym rogu. Po restarcie zaskoczyło i teraz pisze.

AVG nic nie znalazł. czy to błąd w przeglądarce czyjakiś programik niefajny?

Logfile of Trend Micro HijackThis v2.0.2Scan saved at 15:05:44, on 2007-08-20Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)Boot mode: NormalRunning processes:C:WINDOWSSystem32smss.exeC:WINDOWSsystem32winlogon.exeC:WINDOWSsystem32services.exeC:WINDOWSsystem32lsass.exeC:WINDOWSsystem32svchost.exeC:WINDOWSSystem32svchost.exeC:WINDOWSsystem32ZoneLabsvsmon.exeC:WINDOWSsystem32LEXBCES.EXEC:WINDOWSsystem32spoolsv.exeC:WINDOWSsystem32LEXPPS.EXEC:PROGRA~1GrisoftAVGFRE~1avgamsvr.exeC:PROGRA~1GrisoftAVGFRE~1avgupsvc.exeC:PROGRA~1GrisoftAVGFRE~1avgemc.exeC:WINDOWSSystem32svchost.exeC:Program FilesAnalog DevicesSoundMAXSMAgent.exeC:WINDOWSSystem32svchost.exeC:WINDOWSExplorer.EXEC:WINDOWSsystem32pctspk.exeC:Program FilesATI TechnologiesATI Control Panelatiptaxx.exeC:PROGRA~1GrisoftAVGFRE~1avgcc.exeC:Program FilesAnalog DevicesSoundMAXSMax4PNP.exeC:WINDOWSsystem32wscntfy.exeC:Program FilesZone LabsZoneAlarmzlclient.exeC:WINDOWSVM305_STI.EXEC:Program FilesCommon FilesRealUpdate_OBrealsched.exeC:Program FilesSAMSUNGSamsung Internet KeyboardMMKbd.exeC:Program FilesBOINCboincmgr.exeC:Program FilesBOINCboinc.exeC:Program FilesBOINCprojectsboinc.bakerlab.org_rosettarosetta_beta_5.76_windows_intelx86.eeC:PROGRA~1GrisoftAVGFRE~1avgwb.datC:Program Filesmozilla.orgSeaMonkeyseamonkey.exeC:Program FilesTrend MicroHijackThisHijackThis.exeR1 - HKCUSoftwareMicrosoftInternet Connection Wizard,ShellNext = http://redirect.zonelabs.com/redirect/route?oem=1038∏=1&mode=4&app=inclient&version=6.5.737.000〈=en&locale=pl-PL&date=-86400&link_id=4&dest=whats_newR1 - HKCUSoftwareMicrosoftWindowsCurrentVersionInternet Settings,ProxyServer = :R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaO2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:Program FilesMySearchSrchAstt1.binMYSRCHAS.DLLO2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:Program FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dllO2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:Program FilesJavajre1.5.0_09binssv.dllO4 - HKLM..Run: [Lexmark X6100 Series] "C:Program FilesLexmark X6100 Serieslxbfbmgr.exe"O4 - HKLM..Run: [PCTVOICE] pctspk.exeO4 - HKLM..Run: [ATIPTA] C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exeO4 - HKLM..Run: [DAEMON Tools] "C:Program FilesDAEMON Toolsdaemon.exe" -lang 1033O4 - HKLM..Run: [AVG7_CC] C:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUPO4 - HKLM..Run: [KernelFaultCheck] %systemroot%system32dumprep 0 -kO4 - HKLM..Run: [soundMAXPnP] C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exeO4 - HKLM..Run: [soundMAX] "C:Program FilesAnalog DevicesSoundMAXSmax4.exe" /trayO4 - HKLM..Run: [ZoneAlarm Client] "C:Program FilesZone LabsZoneAlarmzlclient.exe"O4 - HKLM..Run: [bigDog305] C:WINDOWSVM305_STI.EXE VIMICRO USB PC Camera (ZC0305)O4 - HKLM..Run: [TkBellExe] "C:Program FilesCommon FilesRealUpdate_OBrealsched.exe"  -osbootO4 - HKUSS-1-5-19..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA LOKALNA')O4 - HKUSS-1-5-19..Run: [AVG7_Run] C:PROGRA~1GrisoftAVGFRE~1avgw.exe /RUNONCE (User 'USŁUGA LOKALNA')O4 - HKUSS-1-5-20..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'USŁUGA SIECIOWA')O4 - HKUSS-1-5-18..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'SYSTEM')O4 - HKUS.DEFAULT..Run: [CTFMON.EXE] C:WINDOWSSystem32CTFMON.EXE (User 'Default user')O4 - Startup: BOINC Manager.lnk = C:Program FilesBOINCboincmgr.exeO4 - Global Startup: Microsoft Office.lnk = C:Program FilesMicrosoft OfficeOffice10OSA.EXEO4 - Global Startup: Samsung Internet Keyboard.lnk = ?O8 - Extra context menu item: &Download by NetAnts - C:PROGRA~1NetAntsNAGet.htmO8 - Extra context menu item: Download &All by NetAnts - C:PROGRA~1NetAntsNAGetAll.htmO8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:PROGRA~1MICROS~2Office10EXCEL.EXE/3000O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_09binssv.dllO9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:Program FilesJavajre1.5.0_09binssv.dllO9 - Extra button: NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:PROGRA~1NetAntsNetAnts.exeO9 - Extra 'Tools' menuitem: &NetAnts - {57E91B47-F40A-11D1-B792-444553540000} - C:PROGRA~1NetAntsNetAnts.exeO17 - HKLMSystemCCSServicesTcpip..{AC87B42D-C06A-40EC-AB59-774E1D49BB9B}: NameServer = 192.168.1.1O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:PROGRA~1COMMON~1SkypeSKYPE4~1.DLLO23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - C:Program FilesPToPAreschatServer.exeO23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exeO23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgamsvr.exeO23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgupsvc.exeO23 - Service: AVG E-mail Scanner (AVGEMS) - GRISOFT, s.r.o. - C:PROGRA~1GrisoftAVGFRE~1avgemc.exeO23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:Program FilesCommon FilesInstallShieldDriver11Intel 32IDriverT.exeO23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:WINDOWSsystem32LEXBCES.EXEO23 - Service: Macromedia Licensing Service - Unknown owner - C:Program FilesCommon FilesMacromedia SharedServiceMacromedia Licensing.exeO23 - Service: SoundMAX Agent Service (SoundMAX Agent Service (default)) - Analog Devices, Inc. - C:Program FilesAnalog DevicesSoundMAXSMAgent.exeO23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs, LLC - C:WINDOWSsystem32ZoneLabsvsmon.exe--End of file - 6203 bytes

[CatchMe]

O2 - BHO: MySearch Search Assistant BHO - {04079851-5845-4dea-848C-3ECD647AA554} - C:Program FilesMySearchSrchAstt1.binMYSRCHAS.DLL

- to masz do usunięcia (pogrubione ręcznie z dysku a wpis w HijackThis).

- Poproszę o loga z programu ComboFix.

[Demerzel]

:oops: Jak usunąć ten wpis?

ComboFix 07-08-17.2 - "My" 2007-08-22 18:05:44.1 - NTFSx86 Microsoft Windows XP Professional  5.1.2600.2.1250.1.1045.18.83 [GMT 2:00] * Created a new restore point(((((((((((((((((((((((((   Files Created from 2007-07-22 to 2007-08-22  )))))))))))))))))))))))))))))))2007-08-22 18:04	51,200	--a------	C:WINDOWSnircmd.exe2007-08-20 15:04	<DIR>	d--------	C:Program FilesTrend Micro2007-08-19 17:01	<DIR>	d--------	C:spm22007-08-16 16:33	<DIR>	d--------	C:DOCUME~1SYLWES~1.thumbnails2007-08-16 16:32	<DIR>	d--------	C:DOCUME~1SYLWES~1DANEAP~1gtk-2.02007-08-11 18:25	<DIR>	d--------	C:Program FilesGameJack 52007-08-11 14:35	<DIR>	d--------	C:Program FilesCommon Filesxing shared2007-08-07 23:41	<DIR>	d--------	C:Program FilesCommon FilesDirectX2007-08-07 08:45	<DIR>	d--------	C:Program FilesAIDA32 - Personal System Information2007-07-27 23:36	<DIR>	d--------	C:Program FilesDink Smallwood2007-07-27 23:15	<DIR>	d--------	C:Nowy folder2007-07-27 18:38	<DIR>	d--------	C:Program FilesMagic Match 22007-07-27 18:38	<DIR>	d--------	C:DOCUME~1ALLUSE~1DANEAP~1Friends Games((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))2007-08-22 18:08	---------	d--------	C:Program FilesBOINC2007-08-22 12:42	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1Skype2007-08-19 13:51	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1Magic Match2007-08-15 19:13	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1OpenOffice.ux.pl22007-08-11 18:24	---------	d--------	C:Program FilesCommon FilesWise Installation Wizard2007-08-11 14:35	---------	d--------	C:Program FilesCommon FilesReal2007-08-11 14:35	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1Real2007-08-02 20:16	---------	d--------	C:Program FilesPIXEL2007-08-02 09:20	---------	d--------	C:Program FilesWIEM20062007-08-02 09:20	---------	d--------	C:Program FilesSzybkie czytanie2007-08-02 09:20	---------	d--------	C:Program FilesNiemPol2007-08-02 09:20	---------	d--------	C:Program FilesLexmark X6100 Series2007-08-02 09:20	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1Dev-Cpp2007-08-02 09:12	---------	d--------	C:Program FilesBejeweled 2 Deluxe2007-07-29 18:10	---------	d--------	C:Program FilesPuzzle2007-07-18 16:05	118784	--a------	C:WINDOWSSeaMonkeyUninstall.exe2007-07-18 16:04	12844351	--a------	C:seamonkey-1.1.pl-PL.win32.installer.exe2007-07-18 16:04	---------	d--------	C:Program FilesNetAnts2007-07-15 10:33	---------	d--------	C:Program FilesPToP2007-07-08 10:12	---------	d--------	C:Program FilesGadu-Gadu2007-07-06 17:16	---------	d--------	C:Program FilesZylom Games2007-07-05 14:59	---------	d--------	C:Program FilesFreeciv-2.0.8-gtk22007-07-02 13:16	---------	d--------	C:Program FilesPidgin2007-07-02 13:16	---------	d--------	C:DOCUME~1SYLWES~1DANEAP~1.purple2007-06-27 22:14	---------	d--------	C:Program FilesBrainsBreaker(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))*Note* empty entries & legit default entries are not shown [HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionRun]"Lexmark X6100 Series"="C:Program FilesLexmark X6100 Serieslxbfbmgr.exe" [2003-07-25 17:26]"PCTVOICE"="pctspk.exe" [2001-12-06 08:54 C:WINDOWSsystem32pctspk.exe]"ATIPTA"="C:Program FilesATI TechnologiesATI Control Panelatiptaxx.exe" [2003-02-28 22:00]"DAEMON Tools"="C:Program FilesDAEMON Toolsdaemon.exe" [2005-12-10 16:57]"AVG7_CC"="C:PROGRA~1GrisoftAVGFRE~1avgcc.exe" [2007-08-17 09:46]"SoundMAXPnP"="C:Program FilesAnalog DevicesSoundMAXSMax4PNP.exe" [2003-05-29 16:28]"SoundMAX"="C:Program FilesAnalog DevicesSoundMAXSmax4.exe" [2003-05-30 09:42]"ZoneAlarm Client"="C:Program FilesZone LabsZoneAlarmzlclient.exe" [2007-03-09 00:02]"BigDog305"="C:WINDOWSVM305_STI.exe" [2005-11-03 09:46]"TkBellExe"="C:Program FilesCommon FilesRealUpdate_OBrealsched.exe" [2007-08-11 14:34]C:Documents and SettingsSylwesterMenu StartProgramyAutostartBOINC Manager.lnk - C:Program FilesBOINCboincmgr.exe [2007-03-01 11:19:50]C:Documents and SettingsAll UsersMenu StartProgramyAutostartMicrosoft Office.lnk - C:Program FilesMicrosoft OfficeOffice10OSA.EXE [2001-02-13 11:01:04]Samsung Internet Keyboard.lnk - C:Program FilesSAMSUNGSamsung Internet KeyboardMMKbd.exe [2006-12-14 19:22:24][HKEY_LOCAL_MACHINEsoftwaremicrosoftwindowscurrentversionrun-]"QuickTime Task"="C:Program FilesQuickTimeqttask.exe" -atboottime"SunJavaUpdateSched"="C:Program FilesJavajre1.5.0_09binjusched.exe"R2 BT848;BtCap, WDM Video Capture;C:WINDOWSsystem32driversBT848.SYSR2 BTTUNER;BtTuner, WDM TV Tuner;C:WINDOWSsystem32driversBTTUNER.SYSR2 BTXBAR;BtXBar, WDM Crossbar;C:WINDOWSsystem32driversBTXBAR.SYSR2 UxTuneUp;TuneUp Design Expansion;C:WINDOWSSystem32svchost.exe -k netsvcsR3 ZSMC0305;VIMICRO USB PC Camera V;C:WINDOWSsystem32DriversusbVM305.sysHKEY_LOCAL_MACHINESoftwareMicrosoftWindows NTCurrentVersionSvchost  - NetSvcsUxTuneUp**************************************************************************catchme 0.3.1061 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.netRootkit scan 2007-08-22 18:08:50Windows 5.1.2600 Dodatek Service Pack 2 NTFSscanning hidden processes ...scanning hidden autostart entries ...HKLMSoftwareMicrosoftWindowsCurrentVersionRun  BigDog305 = C:WINDOWSVM305_STI.EXE VIMICRO USB PC Camera (ZC0305)???????????????????0?????????@?????????????? scanning hidden files ...scan completed successfullyhidden files: 0**************************************************************************Completion time: 2007-08-22 18:09:44	--- E O F ---