Logfile of HijackThis v1.99.1
Scan saved at 23:19:12, on 2007-06-30
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16473)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSExplorer.EXE
C
rogram FilesEsetnod32krn.exe
C:WINDOWSSystem32nvsvc32.exe
C
rogram FilesThomsonSpeedTouch USBDragdiag.exe
C:WINDOWSSOUNDMAN.EXE
C:WINDOWSsystem32RUNDLL32.EXE
C:windowsservices.exe
C:Windowssystem32explorer.exe
C
rogram FilesEsetnod32kui.exe
C:windowsservices.exe
C
rogram FilesGadu-Gadu 6.0gg.exe
C:WINDOWSsystem32ctfmon.exe
C
rogram FilesWinampwinamp.exe
C
ROGRA~1MOZILL~1FIREFOX.EXE
C:WINDOWSSystem32svchost.exe
C
rogram FilesHijackThisHijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Search Bar =
http://szukaj.wp.pl
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://www.neostrada.pl
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLMSoftwareMicrosoftInternet ExplorerMain,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLMSoftwareMicrosoftInternet ExplorerMain,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,Window Title = Neostrada TP
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Search Class - {08C06D61-F1F3-4799-86F8-BE1A89362C85} - C
ROGRA~1NEOSTR~1SEARCH~1.DLL (file missing)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C
rogram FilesAdobeAcrobat 7.0ActiveXAcroIEHelper.dll
O2 - BHO: (no name) - {0A87E45F-537A-40B4-B812-E2544C21A09F} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C
rogram FilesJavajre1.6.0_01binssv.dll
O4 - HKLM..Run: [SpeedTouch USB Diagnostics] "C
rogram FilesThomsonSpeedTouch USBDragdiag.exe" /icon
O4 - HKLM..Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM..Run: [NvMediaCenter] RUNDLL32.EXE C:WINDOWSSystem32NvMcTray.dll,NvTaskbarInit
O4 - HKLM..Run: [NvCplDaemon] RUNDLL32.EXE C:WINDOWSSystem32NvCpl.dll,NvStartup
O4 - HKLM..Run: [services] C:windowsservices.exe
O4 - HKLM..Run: [explorer] C:Windowssystem32explorer.exe
O4 - HKLM..Run: [nod32kui] "C
rogram FilesEsetnod32kui.exe" /WAITSERVICE
O4 - HKLM..Run: [MSConfig] C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKCU..Run: [Gadu-Gadu] "C
rogram FilesGadu-Gadu 6.0gg.exe" /tray
O4 - HKCU..Run: [ctfmon.exe] C:WINDOWSsystem32ctfmon.exe
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C
rogram FilesJavajre1.6.0_01binssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%Network Diagnosticxpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C
rogram FilesMessengermsmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O17 - HKLMSystemCCSServicesTcpip..{31207800-13FB-4541-9EC0-3F50B81544CB}: NameServer = 194.204.152.34 217.98.63.164
O17 - HKLMSystemCS1ServicesTcpip..{31207800-13FB-4541-9EC0-3F50B81544CB}: NameServer = 194.204.152.34 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C
ROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: WgaLogon - C:WINDOWS
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:WINDOWSsystem32WPDShServiceObj.dll
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C
rogram FilesEsetnod32krn.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:WINDOWSSystem32nvsvc32.exe
LOG z hijack