Logfile of HijackThis v1.99.0
Scan saved at 00:00:58, on 2005-02-12
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\Explorer.EXE
D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
D:\PROGRA~1\PESTPA~1\PPControl.exe
D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
D:\Program Files\Wcinap\winampa.exe
D:\WINDOWS\system32\ctfmon.exe
D:\Program Files\Messenger\msmsgs.exe
D:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
D:\WINDOWS\system32\RUNDLL32.EXE
D:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
D:\WINDOWS\system32\wscntfy.exe
D:\Program Files\BitComet\BitComet.exe
D:\WINDOWS\system32\ldrtt.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\DOCUME~1\MICHAŁ~1.RAM\USTAWI~1\Temp\Katalog tymczasowy 1 dla hijackthis1.99.zip\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://new-search.net/search.php?v=6&aff=791780
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://new-search.net/index.php?v=6&aff=791780
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.wp.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://www.couldnotfind.com/search_page … _id=138770
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - URLSearchHook: (no name) - _{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts file is located at: D:\WINDOWS\nsdb\hosts
O1 - Hosts: 82.179.166.192 new-search.net
O1 - Hosts: 82.179.166.190 x-google.net
O2 - BHO: (no name) - {A3FDD654-A057-4971-9844-4ED8E67DBBB8} - (no file)
O4 - HKLM…\Run: [WooCnxMon] D:\PROGRA~1\NEOSTR~1\CnxMon.exe
O4 - HKLM…\Run: [speedTouch USB Diagnostics] “D:\Program Files\Thomson\SpeedTouch USB\Dragdiag.exe” /icon
O4 - HKLM…\Run: [WOOWATCH] D:\PROGRA~1\NEOSTR~1\Watch.exe
O4 - HKLM…\Run: [WOOTASKBARICON] D:\PROGRA~1\NEOSTR~1\TaskbarIcon.exe
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINDOWS\System32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [iyO1] D:\WINDOWS\tugruv.exe
O4 - HKLM…\Run: [sais] d:\program files\180solutions\sais.exe
O4 - HKLM…\Run: [dgl] D:\WINDOWS\dgl.exe
O4 - HKLM…\Run: [PPMemCheck] D:\PROGRA~1\PESTPA~1\PPMemCheck.exe
O4 - HKLM…\Run: [PestPatrol Control Center] D:\PROGRA~1\PESTPA~1\PPControl.exe
O4 - HKLM…\Run: [CookiePatrol] D:\PROGRA~1\PESTPA~1\CookiePatrol.exe
O4 - HKLM…\Run: [sCANINICIO] “D:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe”
O4 - HKLM…\Run: [APVXDWIN] “D:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE” /s
O4 - HKLM…\Run: [WinampAgent] D:\Program Files\Wcinap\winampa.exe
O4 - HKCU…\Run: [CTFMON.EXE] D:\WINDOWS\system32\ctfmon.exe
O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINDOWS\System32\NVMCTRAY.DLL,NvTaskbarInit
O4 - HKCU…\Run: [skype] “D:\Program Files\Skype\Phone\Skype.exe” /nosplash /minimized
O4 - HKCU…\Run: [HomeDialer] D:\Program Files\dial@home\dial@home.exe tray
O8 - Extra context menu item: Web Rebates - file://D:\Program Files\Web_Rebates\Sy1150\Tp1150\scri1150a.htm
O9 - Extra button: SideFind - {10E42047-DEB9-4535-A118-B3F6EC39B807} - D:\WINDOWS\System32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O9 - Extra ‘Tools’ menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - D:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {14A3221B-1678-1982-A355-7263B1281987} - ms-its:mhtml:file://C:\foo.mht! http://82.179.166.145/x15.chm::/trs15.exe
O16 - DPF: {386A771C-E96A-421F-8BA7-32F1B706892F} - http://www.xxxtoolbar.com/ist/softwares … cracks.cab
O17 - HKLM\System\CCS\Services\Tcpip…{56138D6F-73F1-4914-B66D-57548A5D7E38}: NameServer = 194.204.152.34 217.98.63.164
O23 - Service: Macromedia Licensing Service - Unknown - D:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: NVIDIA Driver Helper Service - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe
O23 - Service: Panda Firewall Service - Unknown - D:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service - Unknown - D:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe