Logfile of HijackThis v1.99.1
Scan saved at 18:27:16, on 2005-03-12
Platform: Windows 2000 SP4 (WinNT 5.00.2195)
MSIE: Internet Explorer v6.00 SP1 (6.00.2800.1106)
Running processes:
D:\WINNT\System32\smss.exe
D:\WINNT\SYSTEM32\winlogon.exe
D:\WINNT\system32\services.exe
D:\WINNT\system32\lsass.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\system32\spoolsv.exe
D:\WINNT\system32\ZoneLabs\isafe.exe
D:\WINNT\System32\svchost.exe
E:\programy\ghoust norton\GhostStartService.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
D:\WINNT\system32\nvsvc32.exe
D:\WINNT\system32\regsvc.exe
D:\WINNT\system32\MSTask.exe
D:\WINNT\system32\ZONELABS\vsmon.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
D:\WINNT\System32\WBEM\WinMgmt.exe
D:\WINNT\system32\svchost.exe
D:\WINNT\Explorer.EXE
D:\WINNT\SOUNDMAN.EXE
D:\Program Files\D-Tools\daemon.exe
D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe
D:\WINNT\system32\ctfmon.exe
D:\Program Files\Gadu-Gadu\gg.exe
D:\WINNT\system32\RaConfig.exe
D:\WINNT\system32\rundll32.exe
D:\Program Files\Kerio\Personal Firewall 4\kpf4gui.exe
D:\Program Files\Internet Explorer\IEXPLORE.EXE
D:\Program Files\BitTorrent\btdownloadgui.exe
E:\download\hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://minisearch.startnow.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://minisearch.startnow.com/
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,SearchAssistant = http://minisearch.startnow.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = http://minisearch.startnow.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = 148.244.150.58:80
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
R3 - Default URLSearchHook is missing
F2 - REG:system.ini: UserInit=D:\WINNT\svchost32.exe,D:\Documents and Settings\szmelc1\Pulpit\Serwer.exe,D:\WINNT\svchost32.exe,D:\WINNT\system32\userinit.exe,
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - D:\Program Files\Adobe\Acrobat 6.0 CE\Reader\ActiveX\AcroIEHelper.dll
O2 - BHO: brdg Class - {9C691A33-7DDA-4C2F-BE4C-C176083F35CF} - (no file)
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINNT\system32\msdxm.ocx
O4 - HKLM…\Run: [synchronization Manager] mobsync.exe /logon
O4 - HKLM…\Run: [soundMan] SOUNDMAN.EXE
O4 - HKLM…\Run: [DAEMON Tools-1033] “D:\Program Files\D-Tools\daemon.exe” -lang 1033
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE D:\WINNT\system32\NvCpl.dll,NvStartup
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [NvMediaCenter] RUNDLL32.EXE D:\WINNT\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM…\Run: [Resume copy] copyfstq.exe /startup
O4 - HKLM…\Run: [KASP] “D:\Program Files\Kaspersky Lab\Kaspersky Security Suite\Kaspersky Anti-Spam Personal\OESpamTest.exe”
O4 - HKLM…\Run: [Zone Labs Client] “D:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe”
O4 - HKLM…\Run: [KAV50] “D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kav.exe” -run -n PersonalPro -v 5.0.0.0 -chkss
O4 - HKLM…\Run: [DC++] D:\Program Files\DC++\DCPlusPlus.exe
O4 - HKLM…\Run: [MKS_MENU] D:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKCU…\Run: [ctfmon.exe] ctfmon.exe
O4 - HKCU…\Run: [sys32] D:\WINNT\sys32.exe
O4 - HKCU…\Run: [Gadu-Gadu] “D:\Program Files\Gadu-Gadu\PowerGG.exe”
O4 - HKCU…\Run: [star Downloader Free] D:\Program Files\Star Downloader\stardown.exe
O4 - Global Startup: RaConfig.lnk = D:\WINNT\system32\RaConfig.exe
O8 - Extra context menu item: E&ksport do programu Microsoft Excel - res://D:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - D:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINNT\web\related.htm
O16 - DPF: {10003000-1000-0000-1000-000000000000} - ms-its:mhtml:file://C:\foo.mht! http://bin.wordsx.cc/sIls2808UaacOitp5FjP.chm::/on-line.exe
O16 - DPF: {15AD4789-CDB4-47E1-A9DA-992EE8E6BAD6} - ms-its:mhtml:file://c:\nosuxxx.mht! http://acc2.gateone.ath.cx/script/loud.chm::/Bridge-c139.cab
O17 - HKLM\System\CCS\Services\Tcpip…{7A334118-E46C-4335-98DD-B93E1AB8762D}: NameServer = 194.204.159.1,194.204.152.34
O23 - Service: CA ISafe (CAISafe) - Computer Associates International, Inc. - D:\WINNT\system32\ZoneLabs\isafe.exe
O23 - Service: Usługa administracyjna Menedżera dysków logicznych (dmadmin) - VERITAS Software Corp. - D:\WINNT\System32\dmadmin.exe
O23 - Service: GhostStartService - Symantec Corporation - E:\programy\ghoust norton\GhostStartService.exe
O23 - Service: Kaspersky Anti-Virus Service (KLBLMain) - Kaspersky Lab - D:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus Personal Pro 5\kavmm.exe
O23 - Service: Kerio Personal Firewall 4 (KPF4) - Kerio Technologies - D:\Program Files\Kerio\Personal Firewall 4\kpf4ss.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - D:\WINNT\system32\nvsvc32.exe
O23 - Service: Office Source Engine (ose) - Unknown owner - D:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE (file missing)
O23 - Service: TrueVector Internet Monitor (vsmon) - Zone Labs LLC - D:\WINNT\system32\ZONELABS\vsmon.exe