Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:52:57, on 2009-12-20
Platform: Windows XP Dodatek SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\Ati2evxx.exe
D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
D:\Program Files\Alwil Software\Avast4\ashServ.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
D:\Program Files\Vista Drive Icon\DrvIcon.exe
D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
D:\Program Files\LClock\lclock.exe
D:\Program Files\Gadu-Gadu\gg.exe
C:\Programy1\XP Bajery\Professional Tuning W.XP - Vista [PL-EN] [Final Mega Pack]\Analogue Vista Clock\Analogue Vista Clock.exe
D:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
D:\Program Files\WinFast\WFTVFM\WFTV.exe
D:\WINDOWS\system32\svchost.exe
D:\Program Files\Opera\Opera.exe
D:\Program Files\uTorrent\uTorrent.exe
D:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.onet.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
F2 - REG:system.ini: Shell=
O2 - BHO: Adobe PDF Link Helper - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - D:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - D:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl Class - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - D:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: QT Breadcrumbs Address Bar - {af83e43c-dd2b-4787-826b-31b17dee52ed} - mscoree.dll (file missing)
O3 - Toolbar: QT TabBar - {d2bf470e-ed1c-487f-a333-2bd8835eb6ce} - mscoree.dll (file missing)
O3 - Toolbar: QT Tab Standard Buttons - {D2BF470E-ED1C-487F-A666-2BD8835EB6CE} - mscoree.dll (file missing)
O4 - HKLM…\Run: [WinFast Schedule] D:\Program Files\WinFast\WFTVFM\WFWIZ.exe
O4 - HKLM…\Run: [DrvIcon] D:\Program Files\Vista Drive Icon\DrvIcon.exe
O4 - HKLM…\Run: [avast!] D:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU…\Run: [LClock] D:\Program Files\LClock\lclock.exe
O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\gg.exe” /tray
O4 - HKCU…\Run: [TransBar] C:\Programy1\XP Bajery\Bajery do XP\Przezroczysty.pasek.zadań.exe /s
O4 - HKCU…\Run: [Analogue Vista Clock] C:\Programy1\XP Bajery\Professional Tuning W.XP - Vista [PL-EN] [Final Mega Pack]\Analogue Vista Clock\Analogue Vista Clock.exe
O4 - HKUS\S-1-5-20…\Run: [LClock] D:\Program Files\LClock\LClock.exe (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-20…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘USŁUGA SIECIOWA’)
O4 - HKUS\S-1-5-18…\Run: [LClock] D:\Program Files\LClock\LClock.exe (User ‘SYSTEM’)
O4 - HKUS\S-1-5-18…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘SYSTEM’)
O4 - HKUS.DEFAULT…\Run: [LClock] D:\Program Files\LClock\LClock.exe (User ‘Default user’)
O4 - HKUS.DEFAULT…\RunOnce: [_nltide_3] rundll32 advpack.dll,LaunchINFSectionEx nLite.inf,C,4,N (User ‘Default user’)
O4 - Global Startup: AutorunsDisabled
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - D:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O13 - Gopher Prefix:
O16 - DPF: {DE625294-70E6-45ED-B895-CFFA13AEB044} (AxisMediaControlEmb Class) - http://195.200.199.8/activex/AMC.cab
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - D:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - D:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - D:\WINDOWS\system32\ati2sgag.exe
O23 - Service: avast! Antivirus - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - D:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 - Service: BootlogService - Greatis Software © - D:\Program Files\Greatis\BootLog XP\BootLogService.exe
O23 - Service: Sony Ericsson OMSI download service (OMSI download service) - Unknown owner - D:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
O23 - Service: TuneUp Drive Defrag Service (TuneUp.Defrag) - TuneUp Software GmbH - D:\WINDOWS\System32\TuneUpDefragService.exe
O23 - Service: Ulead Burning Helper (UleadBurningHelper) - Ulead Systems, Inc. - D:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
–
End of file - 5469 bytes