prosze o sprawdzenie loga
Logfile of HijackThis v1.99.1
Scan saved at 22:08:44, on 2005–05–22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\LXSUPMON.EXE
D:\Programy\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\G DATA\AVKMail\AVKPOP.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AntiVirenKit\AVKService.exe
C:\Program Files\AntiVirenKit\AVKWCtl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Programy\Winamp\winampa.exe
D:\Programy\Firefox\firefox.exe
D:\Programy\WinAce\WinAce.exe
C:\DOCUME~1\Toudi\USTAWI~1\Temp\~AceTemp\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.haker.com.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – D:\Programy\FlashGet\jccatch.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – D:\Programy\FlashGet\fgiebar.dll
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 – HKLM\..\Run: [gcasServ] "D:\Programy\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O4 – HKLM\..\Run: [AVK Mail Checker] "C:\Program Files\Common Files\G DATA\AVKMail\AVKPOP.EXE"
O4 – HKLM\..\Run: [DAEMON Tools–1033] "D:\Programy\daemon\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] D:\Programy\Tlen.pl\tlen.exe
O8 – Extra context menu item: Download All by FlashGet – D:\Programy\FlashGet\jc_all.htm
O8 – Extra context menu item: Download using FlashGet – D:\Programy\FlashGet\jc_link.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra button: 50 FREE MP3s! – {686C970F–1D7D–4469–85D1–4B35763B56CC} – http://www.emusic.com?fref=149133 (file missing)
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\Programy\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\Programy\FlashGet\flashget.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O17 – HKLM\System\CCS\Services\Tcpip\..\{EC0A9468–5914–4C57–8CAF–83BC6E90FE41}: NameServer = 195.177.64.66,195.177.64.69
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: AVK Service (AVKService) – Unknown owner – C:\Program Files\AntiVirenKit\AVKService.exe
O23 – Service: Straźnik AVK (AVKWCtl) – Unknown owner – C:\Program Files\AntiVirenKit\AVKWCtl.exe
O23 – Service: LexBce Server (LexBceS) – Lexmark International, Inc. – C:\WINDOWS\system32\LEXBCES.EXE
Scan saved at 22:08:44, on 2005–05–22
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\LEXBCES.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\LEXPPS.EXE
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\WINDOWS\Mixer.exe
C:\WINDOWS\System32\LXSUPMON.EXE
D:\Programy\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\Common Files\G DATA\AVKMail\AVKPOP.EXE
C:\Program Files\Java\jre1.5.0_01\bin\jusched.exe
C:\WINDOWS\system32\ctfmon.exe
D:\Programy\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\AntiVirenKit\AVKService.exe
C:\Program Files\AntiVirenKit\AVKWCtl.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Windows Media Player\wmplayer.exe
D:\Programy\Winamp\winampa.exe
D:\Programy\Firefox\firefox.exe
D:\Programy\WinAce\WinAce.exe
C:\DOCUME~1\Toudi\USTAWI~1\Temp\~AceTemp\hijackthis\HijackThis.exe
R0 – HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.haker.com.pl
R0 – HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 – HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 – BHO: IeCatch2 Class – {A5366673–E8CA–11D3–9CD9–0090271D075B} – D:\Programy\FlashGet\jccatch.dll
O3 – Toolbar: FlashGet Bar – {E0E899AB–F487–11D5–8D29–0050BA6940E3} – D:\Programy\FlashGet\fgiebar.dll
O4 – HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 – HKLM\..\Run: [C–Media Mixer] Mixer.exe /startup
O4 – HKLM\..\Run: [LXSUPMON] C:\WINDOWS\System32\LXSUPMON.EXE RUN
O4 – HKLM\..\Run: [gcasServ] "D:\Programy\Microsoft AntiSpyware\gcasServ.exe"
O4 – HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O4 – HKLM\..\Run: [AVK Mail Checker] "C:\Program Files\Common Files\G DATA\AVKMail\AVKPOP.EXE"
O4 – HKLM\..\Run: [DAEMON Tools–1033] "D:\Programy\daemon\daemon.exe" –lang 1033
O4 – HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_02\bin\jusched.exe
O4 – HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 – HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 – HKCU\..\Run: [Komunikator] D:\Programy\Tlen.pl\tlen.exe
O8 – Extra context menu item: Download All by FlashGet – D:\Programy\FlashGet\jc_all.htm
O8 – Extra context menu item: Download using FlashGet – D:\Programy\FlashGet\jc_link.htm
O9 – Extra button: (no name) – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra 'Tools' menuitem: Sun Java Console – {08B0E5C0–4FCB–11CF–AAA5–00401C608501} – C:\Program Files\Java\jre1.5.0_02\bin\npjpi150_02.dll
O9 – Extra button: 50 FREE MP3s! – {686C970F–1D7D–4469–85D1–4B35763B56CC} – http://www.emusic.com?fref=149133 (file missing)
O9 – Extra button: FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\Programy\FlashGet\flashget.exe
O9 – Extra 'Tools' menuitem: &FlashGet – {D6E814A0–E0C5–11d4–8D29–0050BA6940E3} – D:\Programy\FlashGet\flashget.exe
O9 – Extra button: Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O9 – Extra 'Tools' menuitem: Windows Messenger – {FB5F1910–F110–11d2–BB9E–00C04F795683} – C:\Program Files\Messenger\msmsgs.exe
O17 – HKLM\System\CCS\Services\Tcpip\..\{EC0A9468–5914–4C57–8CAF–83BC6E90FE41}: NameServer = 195.177.64.66,195.177.64.69
O23 – Service: Ati HotKey Poller – ATI Technologies Inc. – C:\WINDOWS\System32\Ati2evxx.exe
O23 – Service: ATI Smart – Unknown owner – C:\WINDOWS\system32\ati2sgag.exe
O23 – Service: AVK Service (AVKService) – Unknown owner – C:\Program Files\AntiVirenKit\AVKService.exe
O23 – Service: Straźnik AVK (AVKWCtl) – Unknown owner – C:\Program Files\AntiVirenKit\AVKWCtl.exe
O23 – Service: LexBce Server (LexBceS) – Lexmark International, Inc. – C:\WINDOWS\system32\LEXBCES.EXE
Odpowiedzi: 2
Tak...
Usun:
Windows sypie błędami czego dowodem są te dwa wpisy zrzutu pamięci.
Wklejenie loga ma zwiazek z Twoim tematem z działu Windows XP ??
O4 – HKLM\..\Run: [KernelFaultCheck] %systemroot%\system32\dumprep 0 –k
O4 – HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 –u
O9 – Extra button: 50 FREE MP3s! – {686C970F–1D7D–4469–85D1–4B35763B56CC} – http://www.emusic.com?fref=149133 (file missing)
Windows sypie błędami czego dowodem są te dwa wpisy zrzutu pamięci.
Wklejenie loga ma zwiazek z Twoim tematem z działu Windows XP ??
Strona 1 / 1