31 Sie 2006, 16:40
31 Sie 2006, 16:43
31 Sie 2006, 16:47
31 Sie 2006, 20:53
Logfile of HijackThis v1.99.1
Scan saved at 20:47:42, on 2006-08-31
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:WINDOWSSystem32smss.exe
D:WINDOWSsystem32winlogon.exe
D:WINDOWSsystem32services.exe
D:WINDOWSsystem32lsass.exe
D:WINDOWSsystem32svchost.exe
D:WINDOWSSystem32svchost.exe
D:WINDOWSsystem32LEXBCES.EXE
D:WINDOWSsystem32spoolsv.exe
D:WINDOWSsystem32LEXPPS.EXE
D:WINDOWSExplorer.EXE
D:Program FilesPCODECisamonitor.exe
D:Program FilesPCODECpmsngr.exe
D:WINDOWSSystem32LXSUPMON.EXE
D:DEMON Toolsdaemon.exe
D:CacheBoost rayicon.exe
D:Program FilesJavajre1.5.0_06injusched.exe
D:PROGRA~1GrisoftAVGFRE~1avgcc.exe
D:PROGRA~1GrisoftAVGFRE~1avgemc.exe
D:Program FilesAshampooAshampoo FireWallFireWall.exe
D:Program FilesPCODECpmmon.exe
D:WINDOWSSystem32ctfmon.exe
D:Program FilesPCODECisamini.exe
D:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
D:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
D:CacheBoostcbsrv.exe
D:WINDOWSSystem32
vsvc32.exe
D:AlcoholAlcohol 120StarWindStarWindService.exe
D:WINDOWSSystem32devldr32.exe
D:WINDOWSSystem32wuauclt.exe
D:Program FilesInternet Exploreriexplore.exe
D:Gadu-Gadugg.exe
D:Program Filesewido anti-spyware 4.0guard.exe
D:Program Filesewido anti-spyware 4.0ewido.exe
D:Documents and SettingsDomownikUstawienia lokalneTempKatalog tymczasowy 1 dla hijackthis.zipHijackThis.exe
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - D:Program FilesYahoo!CompanionInstallscpnyt.dll
O2 - BHO: (no name) - {202a961f-23ae-42b1-9505-ffe3c818d717} - D:Program FilesPCODECisaddon.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - D:Program FilesJavajre1.5.0_06inssv.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - D:Program FilesYahoo!CompanionInstallscpnyt.dll
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:WINDOWSSystem32msdxm.ocx
O3 - Toolbar: Protection Bar - {fe2d25c1-c1db-4b5e-9390-af1cb5302f32} - D:Program FilesPCODECiesplugin.dll
O4 - HKLM..Run: [LXSUPMON] D:WINDOWSSystem32LXSUPMON.EXE RUN
O4 - HKLM..Run: [DAEMON Tools] "D:DEMON Toolsdaemon.exe" -lang 1033
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM..Run: [nwiz] nwiz.exe /install
O4 - HKLM..Run: [CacheBoost] D:CacheBoost rayicon.exe
O4 - HKLM..Run: [SunJavaUpdateSched] D:Program FilesJavajre1.5.0_06injusched.exe
O4 - HKLM..Run: [AVG7_CC] D:PROGRA~1GrisoftAVGFRE~1avgcc.exe /STARTUP
O4 - HKLM..Run: [AVG7_EMC] D:PROGRA~1GrisoftAVGFRE~1avgemc.exe
O4 - HKLM..Run: [TrojanScanner] D:Program FilesTrojan RemoverTrjscan.exe
O4 - HKLM..Run: [Ashampoo FireWall] "D:Program FilesAshampooAshampoo FireWallFireWall.exe" -TRAY
O4 - HKLM..Run: [!ewido] "D:Program Filesewido anti-spyware 4.0ewido.exe" /minimized
O4 - HKCU..Run: [CTFMON.EXE] D:WINDOWSSystem32ctfmon.exe
O4 - HKCU..Run: [Skype] "D:Program FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - Global Startup: Microsoft Office.lnk = D:Microsoft OfficeOffice10OSA.EXE
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - D:Program FilesJavajre1.5.0_06inssv.dll
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:WINDOWSweb
elated.htm
O9 - Extra 'Tools' menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:WINDOWSweb
elated.htm
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O10 - Unknown file in Winsock LSP: d:program filesashampooashampoo firewallspi.dll
O16 - DPF: {2B323CD9-50E3-11D3-9466-00A0C9700498} (Yahoo! Audio Conferencing) - http://us.chat1.yimg.com/us.yimg.com/i/chat/applet/v45/yacscom.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1156773474967
O16 - DPF: {7D1E9C49-BD6A-11D3-87A8-009027A35D73} (Yahoo! Audio UI1) - http://chat.yahoo.com/cab/yacsui.cab
O16 - DPF: {E504EE6E-47C6-11D5-B8AB-00D0B78F3D48} (Yahoo! Webcam Viewer Wrapper) - http://chat.yahoo.com/cab/yvwrctl.cab
O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - D:WINDOWSSystem32viruxz.dll (file missing)
O23 - Service: ArcaScan - ArcaBit - D:ArcaVirBinArcaScan.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - D:PROGRA~1GrisoftAVGFRE~1avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - D:PROGRA~1GrisoftAVGFRE~1avgupsvc.exe
O23 - Service: CacheBoost Performance Optimizer and Tuner Service (CacheBoost Service) - Systweak India - D:CacheBoostcbsrv.exe
O23 - Service: ewido anti-spyware 4.0 guard - Anti-Malware Development a.s. - D:Program Filesewido anti-spyware 4.0guard.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - D:WINDOWSsystem32LEXBCES.EXE
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:WINDOWSSystem32
vsvc32.exe
O23 - Service: StarWind iSCSI Service (StarWindService) - Rocket Division Software - D:AlcoholAlcohol 120StarWindStarWindService.exe
31 Sie 2006, 21:51
O3 - Toolbar: Protection Bar - {fe2d25c1-c1db-4b5e-9390-af1cb5302f32} - D:Program FilesPCODECiesplugin.dll
O21 - SSODL: bestreak - {874443fe-aa33-4ebf-a6ac-73208787e62d} - D:WINDOWSSystem32viruxz.dll (file missing)
31 Sie 2006, 22:44
31 Sie 2006, 22:51
02 Wrz 2006, 18:33