Logfile of HijackThis v1.99.1
Scan saved at 13:44:56 PM, on 7/27/2005
Platform: Unknown Windows (WinNT 6.00.4074)
MSIE: Internet Explorer v7.00 (7.00.4074.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\wininit.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\logonui.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\RsFxSvc.exe
C:\WINDOWS\system32\avrtsvr.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\fontcacheservice.exe
C:\WINDOWS\assembly\gac_msil\FontCacheService\6.0.4074.0__365143bb27e7ac8b\fontcacheservice.exe
C:\WINDOWS\assembly\gac_msil\WindowsEventForwardingService\6.0.4074.0__365143bb27e7ac8b\WindowsEventForwardingService.exe
C:\WINDOWS\system32\WinFS\WinFS.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\RunDll32.exe
C:\WINDOWS\system32\WinFS\FSAgent.exe
C:\WINDOWS\system32\rundll32.exe
C:\WINDOWS\system32\WinFS\msidx35.exe
C:\WINDOWS\system32\WinFS\WinFPM.exe
C:\WINDOWS\system32\WinFS\msgthr35.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\system32\wpabaln.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
C:\Program Files\Common Files\Symantec Shared\ccApp.exe
C:\Program Files\Microsoft AntiSpyware\gcasServ.exe
C:\Program Files\MSN Apps\Updater\01.02.3000.1001\pl-pl\msnappau.exe
C:\Program Files\AutoConnect\AutoConnect.exe
C:\Program Files\MSN Messenger\MsnMsgr.Exe
C:\Program Files\Microsoft AntiSpyware\gcasDtServ.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft Office\OFFICE11\WINWORD.EXE
C:\Documents and Settings\Administrator\Local Settings\Temp\Temporary Directory 2 for hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: ST - {9394EDE7-C8B5-483E-8773-474BF36AF6E4} - C:\Program Files\MSN Apps\ST\01.03.0000.1005\en-xu\stmain.dll
O2 - BHO: Norton Personal Firewall - {9ECB9560-04F9-4bbc-943D-298DDF1699E1} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O2 - BHO: MSNToolBandBHO - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\pl-pl\msntb.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-FADC6B084872} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\system32\msdxm.ocx
O3 - Toolbar: Norton Personal Firewall - {0B53EAC3-8D69-4b9e-9B19-A37C9A5676A7} - C:\Program Files\Common Files\Symantec Shared\AdBlocking\NISShExt.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - C:\Program Files\Norton AntiVirus\NavShExt.dll
O3 - Toolbar: MSN - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\MSN Apps\MSN Toolbar\01.02.3000.1001\pl-pl\msntb.dll
O4 - HKLM\..\Run: [ccApp] "C:\Program Files\Common Files\Symantec Shared\ccApp.exe"
O4 - HKLM\..\Run: [Symantec NetDriver Monitor] C:\PROGRA~1\SYMNET~1\SNDMon.exe /Consumer
O4 - HKLM\..\Run: [gcasServ] "C:\Program Files\Microsoft AntiSpyware\gcasServ.exe"
O4 - HKLM\..\Run: [msnappau] "C:\Program Files\MSN Apps\Updater\01.02.3000.1001\pl-pl\msnappau.exe"
O4 - HKCU\..\Run: [AutoConnect] C:\Program Files\AutoConnect\AutoConnect.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: @shdocvw.dll,-866 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: @shdocvw.dll,-864 - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\WINDOWS\web\related.htm
O17 - HKLM\System\CCS\Services\Tcpip\..\{19BFAB60-6C13-4499-800E-9B28AB07452B}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLM\System\CS1\Services\Tcpip\..\{19BFAB60-6C13-4499-800E-9B28AB07452B}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLM\System\CS2\Services\Tcpip\..\{19BFAB60-6C13-4499-800E-9B28AB07452B}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: msmailhtml - {F6D6F026-E766-436B-8291-5CF29E916348} - C:\WINDOWS\system32\msmail.dll
O18 - Protocol: shell - {D34D28CB-3C24-4925-A40C-F3E1808953B2} - C:\WINDOWS\system32\SHELL32.dll
O18 - Filter hijack: application/octet-stream - {8458A88A-033A-4456-9872-5693831F1565} - C:\WINDOWS\Microsoft.NET\Windows\v6.0.4030\PresentationHost.dll
O18 - Filter hijack: application/x-complus - {8458A88A-033A-4456-9872-5693831F1565} - C:\WINDOWS\Microsoft.NET\Windows\v6.0.4030\PresentationHost.dll
O18 - Filter hijack: application/x-msdownload - {8458A88A-033A-4456-9872-5693831F1565} - C:\WINDOWS\Microsoft.NET\Windows\v6.0.4030\PresentationHost.dll
O20 - Winlogon Notify: EFS - C:\WINDOWS\SYSTEM32\sclgntfy.dll
O23 - Service: Discovery Persistence Service - Unknown owner - C:\WINDOWS\assembly\gac_msil\MSSDPersistence\6.0.4074.0__365143bb27e7ac8b\MSSDPersistence.exe
O23 - Service: Font Cache Service - Unknown owner - C:\WINDOWS\system32\fontcacheservice.exe
O23 - Service: FontCacheService - Unknown owner - C:\WINDOWS\assembly\gac_msil\FontCacheService\6.0.4074.0__365143bb27e7ac8b\fontcacheservice.exe
O23 - Service: Fusion Isolation Service - Unknown owner - C:\WINDOWS\assembly\gac_msil\Microsoft.Windows.IsolationService\6.0.4074.0__365143bb27e7ac8b\Microsoft.Windows.IsolationService.exe
O23 - Service: Location Discovery (LocSvc) - Unknown owner - C:\WINDOWS\system32\Location.SvcWrap.exe
O23 - Service: WindowsEventForwardingService - Unknown owner - C:\WINDOWS\assembly\gac_msil\WindowsEventForwardingService\6.0.4074.0__365143bb27e7ac8b\WindowsEventForwardingService.exe
O23 - Service: WinFS Rules (WinFSRules) - Unknown owner - C:\WINDOWS\system32\WinFS\WinFS-Rules.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Network Proxy (ccProxy) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccProxy.exe
O23 - Service: Symantec Password Validation (ccPwdSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\ccSetMgr.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: ISSvc (ISSVC) - Symantec Corporation - C:\Program Files\Norton Personal Firewall\ISSVC.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - C:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: Norton AntiVirus Auto-Protect Service (navapsvc) - Symantec Corporation - C:\Program Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton AntiVirus Firewall Monitor Service (NPFMntor) - Symantec Corporation - C:\Program Files\Norton AntiVirus\IWP\NPFMntor.exe
O23 - Service: SAVScan - Symantec Corporation - C:\Program Files\Norton AntiVirus\SAVScan.exe
O23 - Service: ScriptBlocking Service (SBService) - Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1\SCRIPT~1\SBServ.exe
O23 - Service: Symantec Network Drivers Service (SNDSrvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Symantec SPBBCSvc (SPBBCSvc) - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\SPBBC\SPBBCSvc.exe
O23 - Service: Symantec Core LC - Symantec Corporation - C:\Program Files\Common Files\Symantec Shared\CCPD-LC\symlcsvc.exe
wszystko zaczyna mi sie sypać, każda aplikacje jaka uruchomie to wyskakuja błędy, może w logu cos bedzie, acha system co jakis czas mi sie zawiesza i zamula