sabinkasg
25.12.06, 02:00
Logfile of HijackThis v1.99.1
Scan saved at 01:34:31, on 2006-12-25
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avast\aswUpdSv.exe
C:\Program Files\Avast\ashServ.exe
D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\WINDOWS\System32\nvsvc32.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\Explorer.EXE
D:\Programy\Kerio\Personal Firewall 4\kpf4gui.exe
C:\WINDOWS\inet20000\services.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\WINDOWS\System32\RUNDLL32.EXE
C:\PROGRA~1\Avast\ashDisp.exe
D:\Programy\Winamp\winampa.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Common Files\Onet.pl\AutoUpdate.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\WINDOWS\System32\syspools.exe
C:\WINDOWS\System32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\inet20000\wpcem.exe
D:\Programy\Gadu-Gadu\gg.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.908.8472
\GoogleToolbarNotifier.exe
C:\WINDOWS\System32\taskdir.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Skype\Plugin Manager\SkypePM.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
D:\Programy\Winamp\winamp.exe
C:\WINDOWS\inet20000\mmx543.exe
C:\WINDOWS\inet20000\free.exe
C:\WINDOWS\inet20000\wpcem.exe
C:\WINDOWS\System32\wuauclt.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\explorer.exe
C:\Program Files\Internet Explorer\iexplore.exe
D:\Programy\BitComet\BitComet.exe
C:\WINDOWS\system32\NOTEPAD.EXE
C:\Program Files\Internet Explorer\iexplore.exe
D:\Programy\hj\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
search.bearshare.com/sidebar.html?src=ssb
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-
E1F0A5033E4A} - C:\Program Files\BearShare applications\BearShare
MediaBar\MediaBar.dll
F3 - REG:win.ini: run=C:\WINDOWS\inet20000\services.exe
O2 - BHO: edit_html Class - {14D1A72D-8705-11D8-B120-0040F46CB696} -
C:\WINDOWS\inet20000\12250115.dll
O2 - BHO: Skype add-on (mastermind) - {22BF413B-C6D2-4d91-82A9-A0F997BA588C} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O2 - BHO: BitComet ClickCapture - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} -
D:\Programy\BitComet\tools\BitCometBHO.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} -
c:\program files\google\googletoolbar2.dll
O2 - BHO: XBTP02634 - {F97DA966-F09D-4cab-BF29-75A0026986EA} - C:\PROGRA~1
\BEARSH~1\BEARSH~1\MediaBar.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} -
C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: BearShare MediaBar - {D3DEE18F-DB64-4BEB-9FF1-E1F0A5033E4A} -
C:\Program Files\BearShare applications\BearShare MediaBar\MediaBar.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program
files\google\googletoolbar2.dll
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\System32
\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\System32
\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [NeroFilterCheck] C:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [avast!] C:\PROGRA~1\Avast\ashDisp.exe
O4 - HKLM\..\Run: [WinampAgent] D:\Programy\Winamp\winampa.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software
Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [Onet.pl AutoUpdate] C:\Program Files\Common
Files\Onet.pl\AutoUpdate.exe /tsr
O4 - HKLM\..\Run: [7v3j] C:\WINDOWS\System32\z1134.exe gdtgh
O4 - HKLM\..\Run: [xp_system] C:\WINDOWS\inet20000\services.exe
O4 - HKLM\..\Run: [Microsoft WPCEmail] C:\WINDOWS\inet20000\svchost.exe
O4 - HKLM\..\Run: [system spool] C:\WINDOWS\System32\syspools.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "D:\Programy\Gadu-Gadu\gg.exe" /tray
O4 - HKCU\..\Run: [Skype] "C:\Program
Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\1.2.908.8472\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [xp_system] C:\WINDOWS\inet20000\services.exe
O4 - HKCU\..\Run: [taskdir] C:\WINDOWS\System32\taskdir.exe
O4 - HKCU\..\Run: [system spool] C:\WINDOWS\System32\syspools.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program
Files\HP\Digital Imaging\bin\hpqtra08.exe
O8 - Extra context menu item: Download all links using BitComet -
res://D:\Programy\BitComet\BitComet.exe/AddAllLink.htm
O8 - Extra context menu item: Download all videos using BitComet -
res://D:\Programy\BitComet\BitComet.exe/AddVideo.htm
O8 - Extra context menu item: Download link using &BitComet -
res://D:\Programy\BitComet\BitComet.exe/AddLink.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Skype - {77BF5300-1474-4EC7-9980-D32B190E9B07} -
C:\PROGRA~1\Skype\Phone\IEPlugin\SKYPEI~1.DLL
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} -
C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} -
C:\WINDOWS\web\related.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-
00aa003c157a} - C:\WINDOWS\web\related.htm
O16 - DPF: {A6212120-01D4-11D5-9A39-0080C8D85044} (GameDesire Slots 70th) -
67.15.101.3/g_bin/pl/slots70_2_0_0_30.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} -
C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O20 - Winlogon Notify: rpcc - C:\WINDOWS\System32\rpcc.dll
O21 - SSODL: CDRecorder026 - {A3BC5E20-0235-1ABF-9CE1-00AA00512026} -
C:\WINDOWS\System32\kswn32.dll
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner -
C:\Program Files\Avast\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - C:\Program
Files\Avast\ashServ.exe
O23 - Service: avast! Web Scanner - Unknown owner - C:\Program
Files\Avast\ashWebSv.exe" /service (file missing)
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies -
D:\Programy\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation -
C:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe