Logfile of HijackThis v1.99.1
Scan saved at 18:38:57, on 2005-11-12
Platform: Windows XP (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 (6.00.2600.0000)
Running processes:
D:\WINDOWS\System32\smss.exe
D:\WINDOWS\system32\winlogon.exe
D:\WINDOWS\system32\services.exe
D:\WINDOWS\system32\lsass.exe
D:\WINDOWS\system32\svchost.exe
D:\WINDOWS\System32\svchost.exe
D:\WINDOWS\system32\spoolsv.exe
D:\WINDOWS\system32\rundll32.exe
D:\WINDOWS\System32\nvsvc32.exe
D:\WINDOWS\explorer.exe
C:\Bin\EchoCtrl.exe
D:\WINDOWS\System32\ctfmon.exe
C:\winstall.exe
D:\WINDOWS\system32\RaConfig.exe
D:\Program Files\Internet Explorer\iexplore.exe
D:\Documents and Settings\aaa\Ustawienia lokalne\Temp\Katalog tymczasowy 4 dla hijackthis.zip\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
F2 - REG:system.ini: Shell=explorer.exe “D:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe”
O3 - Toolbar: &Radio - {8E718888-423F-11D2-876E-00A0C9082467} - D:\WINDOWS\System32\msdxm.ocx
O4 - HKLM…\Run: [NvCplDaemon] RUNDLL32.EXE NvQTwk,NvCplDaemon initialize
O4 - HKLM…\Run: [nwiz] nwiz.exe /install
O4 - HKLM…\Run: [C-Media Echo Control] c:\Bin\EchoCtrl.exe
O4 - HKLM…\Run: [C-Media Mixer] Mixer.exe /startup
O4 - HKLM…\Run: [sysMemory manager] d:\windows\system32\mdms.exe
O4 - HKLM…\Run: [PayTime] D:\WINDOWS\System32\paytime.exe
O4 - HKLM…\Run: [NeroCheck] D:\WINDOWS\System32\NeroCheck.exe
O4 - HKCU…\Run: [CTFMON.EXE] D:\WINDOWS\System32\ctfmon.exe
O4 - HKCU…\Run: [MSMSGS] “D:\Program Files\Messenger\msmsgs.exe” /background
O4 - HKCU…\Run: [shell] “D:\Program Files\Common Files\Microsoft Shared\Web Folders\ibm00001.exe”
O4 - HKCU…\Run: [Windows installer] C:\winstall.exe
O4 - HKCU…\Run: [PayTime] D:\WINDOWS\System32\paytime.exe
O4 - HKCU…\Run: [urfo] c:\stub_113_4_0_4_0.exe
O4 - HKCU…\Run: [klop] D:\WINDOWS\28.tmp
O4 - HKCU…\Run: [aupd] D:\WINDOWS\System32\sysvcs.exe
O4 - Global Startup: Microsoft Office.lnk = D:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: RaConfig.lnk = D:\WINDOWS\system32\RaConfig.exe
O9 - Extra button: Related - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O9 - Extra ‘Tools’ menuitem: Show &Related Links - {c95fe080-8f5d-11d2-a20b-00aa003c157a} - D:\WINDOWS\web\related.htm
O20 - Winlogon Notify: Run - D:\WINDOWS\system32\bDtt.dll
O20 - Winlogon Notify: SideBySide - D:\WINDOWS\system32\uop10.dll (file missing)
O21 - SSODL: SysTray.Excn2 - {1722ECFF-4356-4f5b-B534-E67294FE75E9} - D:\WINDOWS\System32\najpdhan.dll (file missing)
O21 - SSODL: SysTray.Exsn - {2368D1FC-2F5C-4f1b-B124-E67214FC78E2} - D:\WINDOWS\System32\oceeghcb.dll (file missing)
O21 - SSODL: SysTray.Exrn - {4368ECFC-4F5C-4f3b-B934-D67494FC78E0} - D:\WINDOWS\System32\pcnhngkh.dll (file missing)
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - D:\WINDOWS\System32\nvsvc32.exe