30.04.2008, 17:54
Wszystko w komputerze sie wiesza i powoli sie otwieraja katalogi.Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:46:43, on 2008-04-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20627)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesCOMODOFirewallcfp.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:WINDOWSsystem32devldr32.exe
Crogram FilesCOMODOFirewallcmdagent.exe
Crogram FilesEsetnod32krn.exe
C:WINDOWSSystem32PAStiSvc.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesCommon FilesNeroLibNMIndexingService.exe
C:WINDOWSsystem32wscntfy.exe
Crogram FilesMozilla Firefoxfirefox.exe
Crogram FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_03binssv.dll
O4 - HKLM..Run: []Crogram FilesESETnod32kui.exe
O4 - HKLM..Run: [COMODO Firewall Pro]"Crogram FilesCOMODOFirewallcfp.exe" -h
O4 - HKLM..Run: [nod32kui]"Crogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [NeroFilterCheck]Crogram FilesCommon FilesNeroLibNeroCheck.exe
O4 - HKCU..Run: [µTorrent]"Cocuments and SettingsmarioPulpitutorrent.exe"
O4 - HKCU..Run: [nod32]Crogram FilesESETnod32kui.exe
O4 - HKCU..Run: [ctfmon.exe]C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]"Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-19..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-20..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''SYSTEM'')
O4 - HKUSS-1-5-18..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''SYSTEM'')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''Default user'')
O4 - HKUS.DEFAULT..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''Default user'')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel -
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra ''Tools'' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~1Office12REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs:C:WINDOWSsystem32guard32.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - Crogram FilesAreschatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - Crogram FilesCOMODOFirewallcmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - Crogram FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset- Crogram FilesEsetnod32krn.exe
O23 - Service: STI Simulator - Unknown owner - C:WINDOWSSystem32PAStiSvc.exe
--
End of file - 5336 bytes
Scan saved at 18:46:43, on 2008-04-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.20627)
Boot mode: Normal
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32Ati2evxx.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32spoolsv.exe
Crogram FilesCOMODOFirewallcfp.exe
C:WINDOWSsystem32ctfmon.exe
Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe
C:WINDOWSsystem32devldr32.exe
Crogram FilesCOMODOFirewallcmdagent.exe
Crogram FilesEsetnod32krn.exe
C:WINDOWSSystem32PAStiSvc.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesCommon FilesNeroLibNMIndexingService.exe
C:WINDOWSsystem32wscntfy.exe
Crogram FilesMozilla Firefoxfirefox.exe
Crogram FilesTrend MicroHijackThisHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =[Aby zobaczyć linki, zarejestruj się tutaj]
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =[Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =[Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,SearchAssistant =R0 - HKLMSoftwareMicrosoftInternet ExplorerSearch,CustomizeSearch =
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Local Page =
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - Crogram FilesAdobeAcrobat 6.0 CEReaderActiveXAcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.6.0_03binssv.dll
O4 - HKLM..Run: []Crogram FilesESETnod32kui.exe
O4 - HKLM..Run: [COMODO Firewall Pro]"Crogram FilesCOMODOFirewallcfp.exe" -h
O4 - HKLM..Run: [nod32kui]"Crogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [NeroFilterCheck]Crogram FilesCommon FilesNeroLibNeroCheck.exe
O4 - HKCU..Run: [µTorrent]"Cocuments and SettingsmarioPulpitutorrent.exe"
O4 - HKCU..Run: [nod32]Crogram FilesESETnod32kui.exe
O4 - HKCU..Run: [ctfmon.exe]C:WINDOWSsystem32ctfmon.exe
O4 - HKCU..Run: [IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}]"Crogram FilesCommon FilesNeroLibNMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020
O4 - HKUSS-1-5-19..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-19..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''USŁUGA LOKALNA'')
O4 - HKUSS-1-5-20..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-20..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''USŁUGA SIECIOWA'')
O4 - HKUSS-1-5-18..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''SYSTEM'')
O4 - HKUSS-1-5-18..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''SYSTEM'')
O4 - HKUS.DEFAULT..Run: [CTFMON.EXE]C:WINDOWSsystem32CTFMON.EXE (User ''Default user'')
O4 - HKUS.DEFAULT..RunOnce: [nltide_2]regsvr32 /s /n /i:U shell32 (User ''Default user'')
O8 - Extra context menu item: E&ksportuj do programu Microsoft Excel -
[Aby zobaczyć linki, zarejestruj się tutaj]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dllO9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.6.0_03binssv.dll
O9 - Extra button: Wyślij do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra ''Tools'' menuitem: Wyślij &do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - CROGRA~1MICROS~1Office12ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~1Office12REFIEBAR.DLL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - AppInit_DLLs:C:WINDOWSsystem32guard32.dll
O23 - Service: Ares Chatroom server (AresChatServer) - Ares Development Group - Crogram FilesAreschatServer.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:WINDOWSsystem32Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:WINDOWSsystem32ati2sgag.exe
O23 - Service: COMODO Firewall Pro Helper Service (cmdAgent) - COMODO - Crogram FilesCOMODOFirewallcmdagent.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - Crogram FilesCommon FilesInstallShieldDriver1150Intel 32IDriverT.exe
O23 - Service: NMIndexingService - Nero AG - Crogram FilesCommon FilesNeroLibNMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset- Crogram FilesEsetnod32krn.exe
O23 - Service: STI Simulator - Unknown owner - C:WINDOWSSystem32PAStiSvc.exe
--
End of file - 5336 bytes