Problem z explorer.exe

sqone · 12 Listopad 2005 12:11

Hej mam taki problem. Co minutę wyłączają mi się wszystkie okna na jakieś 3 sekundy i ponownie się właczają. Weszłem na menadżera zadań windows i zauważyłem, że proces explorer.exe się wyłącza i ponownie uruchamia po 3 sekundach Głupia sytuacja. Mam Windows XP SP1. Możliwe, że mam wirusa. Z góry dzięki za pomoc

kamaa · 12 Listopad 2005 12:13

to trzeba sprawdzić czy nie masz syfu:

skaner MKS On Line

Spybot Search & Destroy

CWShredder

Ad-aware SE Personal

HijackThis

po skanowaniu podaj co sie dzieje nastepnie bedziemy działac dalej

sqone · 12 Listopad 2005 12:31

Skaner nie działa pod XP mi a po tych innych programach nic się nie zmieniło o to mój log

Running processes:

C:\WINDOWS\System32\smss.exe

C:\WINDOWS\system32\csrss.exe

C:\WINDOWS\SYSTEM32\winlogon.exe

C:\WINDOWS\system32\services.exe

C:\WINDOWS\system32\lsass.exe

C:\WINDOWS\system32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\System32\svchost.exe

C:\WINDOWS\system32\spoolsv.exe

C:\WINDOWS\System32\alg.exe

C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE

C:\WINDOWS\System32\wdfmgr.exe

C:\windows\system32\mdms.exe

C:\Program Files\Mozilla Firefox\firefox.exe

C:\WINDOWS\explorer.exe

C:\Documents and Settings\Sławek\Pulpit\hijackthis\HijackThis.exe


R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = about:blank

R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza

R3 - URLSearchHook: (no name) - _{041BC795-DC43-4643-98A8-8A1649CA3149} - (no file)

R3 - URLSearchHook: (no name) - _{444C961F-9A20-4B1D-B916-8A588788FA20} - (no file)

R3 - URLSearchHook: (no name) - _{2F93AD4E-1056-4110-A9D8-19508629AE8C} - (no file)

R3 - URLSearchHook: (no name) - _{1A414D3B-6035-41C0-874B-B42549A560D3} - (no file)

R3 - URLSearchHook: (no name) - _{6EB78743-18E6-4E6A-9648-4B9BAADBAA29} - (no file)

R3 - URLSearchHook: (no name) - _{9160EB46-162C-423C-A475-7696CD47F08A} - (no file)

R3 - URLSearchHook: (no name) - _{CFBD442B-0B40-475B-ADCB-5DA0978DEC4C} - (no file)

R3 - URLSearchHook: (no name) - _{D613E760-8FDB-4C5F-95D8-FCF3CD7749BC} - (no file)

R3 - URLSearchHook: (no name) - _{F22D58C1-29A7-4789-8D8D-BF32749C57F1} - (no file)

R3 - URLSearchHook: (no name) - _{F4FCC98A-6472-4D1A-A5B3-B61E29C29FB6} - (no file)

R3 - URLSearchHook: (no name) - _{FDA898AA-AC4C-424E-9FEE-B5F7F115F27B} - (no file)

R3 - URLSearchHook: (no name) - _{A20106D2-D279-4B7D-91E8-5FDDDBDDDD44} - (no file)

R3 - URLSearchHook: (no name) - _{7FDCF99F-2550-4D18-8CDC-0F0B361190FA} - (no file)

R3 - URLSearchHook: (no name) - _{BFF432A7-1338-40A4-B230-ED68D8E6F862} - (no file)

R3 - URLSearchHook: (no name) - _{09295E7A-BABD-4EC9-A234-B7C91A924CCB} - (no file)

R3 - URLSearchHook: (no name) - _{6692CC1C-8F61-40F8-8090-D1B1E0AD37E2} - (no file)

R3 - URLSearchHook: (no name) - _{84779C8D-84EF-4283-9997-19827F040792} - (no file)

R3 - URLSearchHook: (no name) - _{00000000-0000-0000-0000-000000000000} - (no file)

R3 - URLSearchHook: (no name) - _{24CD222B-FB48-A67C-7E7D-58B96F916599} - (no file)

R3 - URLSearchHook: (no name) - _{8CF36B9E-71F0-475A-A6C3-B63E82ED9A0F} - (no file)

R3 - URLSearchHook: (no name) - _{E2FF08AF-3F9B-4FB2-9265-737774A160C6} - (no file)

R3 - URLSearchHook: (no name) - _{474D4E7F-3E3B-408F-A37D-7A21E7C68C30} - (no file)

R3 - URLSearchHook: (no name) - _{E64E81B0-760B-46F9-85C9-9167AB77A175} - (no file)

R3 - URLSearchHook: (no name) - _{765A9A67-954E-482A-978E-E6443E27EFA6} - (no file)

R3 - URLSearchHook: (no name) - _{DE14B7CB-D240-4512-ADE4-8BA8FB77576F} - (no file)

R3 - URLSearchHook: (no name) - _{F0D02204-DEB1-4156-96DF-87186B13FABC} - (no file)

R3 - URLSearchHook: (no name) - _{CD07BC4B-CF60-4AFF-9363-5B9439A64A14} - (no file)

O2 - BHO: Internet Explorer Web Content Guard - {1B77D30A-81C9-497A-8647-142F7511B1FB} - C:\DOCUME~1\SAWEK~1\USTAWI~1\Temp\mediabar.dll

O2 - BHO: (no name) - {23D25640-4306-4987-891C-D231B5DC113B} - (no file)

O2 - BHO: (no name) - {78364D99-A640-4ddf-B91A-67EFF8373045} - C:\WINDOWS\System32\appwiz.dll

O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - C:\PROGRA~1\FlashGet\jccatch.dll

O3 - Toolbar: (no name) - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - (no file)

O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx

O4 - HKLM\..\Run: [SysMemory manager] c:\windows\system32\mdms.exe

O4 - HKLM\..\RunServices: [Microsoft Windows Update] scvvhost.exe

O4 - HKLM\..\RunServices: [Microsoft Update] uclt32.exe

O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Programy\Gadu-Gadu\gg.exe" /tray

O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present

O8 - Extra context menu item: Download All by FlashGet - C:\PROGRA~1\FlashGet\jc_all.htm

O8 - Extra context menu item: Download using FlashGet - C:\PROGRA~1\FlashGet\jc_link.htm

O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000

O9 - Extra button: Search - {00000000-0000-0000-0000-000000000000} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\WINDOWS\System32\msjava.dll

O9 - Extra button: Search - {15AF8BFC-9A1C-4EBE-83B4-DA8481F2DB8E} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {160A1A64-011D-42E9-96F3-7C5C4CFB713B} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {2EE357B8-95F8-480E-AAB7-FCB92C73F955} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {372FD9D5-84F5-4976-8763-4A2B90A967B0} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {396B6049-BF18-4A03-8770-3989AFC5970D} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {4833DAAF-D8F8-49C4-AACD-15153CA446E5} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {4C031E45-DC2C-483D-8D6F-F28624FE3A1A} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {50262617-9ADB-4C5C-A722-BECF97647A4D} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {5BB35DE4-598A-4930-B0CA-7E7EC89E7944} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {6D59BACC-BB38-49FC-A75F-A8F2FE85FC59} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {854D8837-417E-461E-B71C-A695C4D5942D} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {923A05C7-1AC3-4413-A599-85F91017E952} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL

O9 - Extra button: Search - {9311D7AF-23AF-4C8F-B161-1C65D260B4CF} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {95321678-3DC8-44F2-9783-F839F84476FD} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {A420C169-2E28-412C-9B0C-1A493829FBBF} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {AC40D75B-F062-49EA-B8F4-3DC747BF3634} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {B30444A6-1734-4D55-96FD-90E344258C69} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {B57AC333-5FA8-48F4-AC7C-193CD59AE869} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {B60AD07F-6B31-4E21-B3FD-5F2B403A722E} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {B663C1F0-80DE-4A54-AAA4-13D4DAE93ADC} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {C070C740-6BB3-4A99-819D-1B6C29819FE5} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {CD980E05-FE4D-4930-867A-F994AD5D1C23} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {D52088BF-F9D4-4420-A9D7-50F237EBFC3A} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\PROGRA~1\FlashGet\flashget.exe (file missing)

O9 - Extra button: Search - {D6F243D3-BE4D-4877-9E24-87D46756A15F} - C:\WINDOWS\System32\shdocvw.dll

O9 - Extra button: Search - {DC8EFBC4-3C3E-42B5-9E06-255106C793A0} - C:\WINDOWS\System32\shdocvw.dll

O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht!http://82.179.170.82/e9xr2.chm::/file.exe

O16 - DPF: {15AD6789-CDB4-47E1-A9DA-992EE8E6BAD6} - http://static.windupdates.com/cab/6247971CanadaInc/ie/bridge-c337.cab

O16 - DPF: {2DF91772-19DC-47AE-B52F-B8E2FE545625} (Spd2 Class) - http://www.lemontv.pl/lmctrls.cab

O16 - DPF: {31B7EB4E-8B4B-11D1-A789-00A0CC6651A8} (Cult3D ActiveX Player) - http://www.cult3d.com/download/cult.cab

O16 - DPF: {4418DD4D-7265-4C32-BC0A-3FDB3C2DA938} - http://www.slotchbar.com/ist/softwares/v4.0/protect_regular.cab

O16 - DPF: {83AFB5CA-ED35-11D4-A452-0080C8D85045} (GameDesire Poker Games) - http://67.15.101.3/g_bin/pl/poker_2_0_0_36.cab

O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab

O16 - DPF: {A1FE3DE0-CF77-11D4-8340-0080C8D7ED4A} (GameDesire Pinball Demon) - http://67.15.101.3/g_bin/pl/demon_2_0_0_18.cab

O16 - DPF: {AD0B8220-7DA4-4C0A-8532-B25A9F631D3D} - http://advnt01.com/dialer/internazionale_ver10.CAB

O16 - DPF: {BFA1F11D-3121-AFE1-4112-894323212DAC} (GameDesire Word Games) - http://67.15.101.3/g_bin/pl/words_2_0_0_36.cab

O16 - DPF: {CDCBE0F1-D13A-4F86-A963-3A272D3ABA7E} - http://66.194.38.28/dialer/internazionale_ver15.CAB

O16 - DPF: {D19781C5-2051-44F8-8445-DDC82933C191} - http://advnt01.com/dialer/internazionale_ver11.CAB

O16 - DPF: {E84E5574-FAE4-4EE2-877D-092AFF688F21} (RPBX(v6.0)) - http://80.53.96.234:82/cab/RPB.cab

O16 - DPF: {E95CF138-A587-4C54-8175-3AD80997CB14} (GINSOCCER Class) - http://67.15.101.3/g_bin/pl/soccer_2_0_0_7.cab

O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C5} (GameDesire Snooker) - http://67.15.101.3/g_bin/pl/snooker_2_0_0_22.cab

O17 - HKLM\System\CCS\Services\Tcpip\..\{95E352E4-A841-43A3-B186-FD156820C618}: NameServer = 194.204.159.1,194.204.152.34

O21 - SSODL: SysTray.Excn2 - {1722ECFF-4356-4f5b-B534-E67294FE75E9} - C:\WINDOWS\System32\qkfjphph.dll

O21 - SSODL: SysTray.Exsn - {2368D1FC-2F5C-4f1b-B124-E67214FC78E2} - C:\WINDOWS\System32\abooopfm.dll

O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe

O23 - Service: Panda Process Protection Service (PavPrSrv) - Unknown owner - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe (file missing)

Złączono Posta : 12.11.2005 (Sob) 23:08

Problem rozwiązany -> FORMAT Temat można zamknąć