Logfile of HijackThis v1.99.1
Scan saved at 11:32:12, on 2006-03-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\System32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
C:\Program Files\F-Secure\Anti-Virus\FSGK32.EXE
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
C:\Program Files\F-Secure\Common\FSMA32.EXE
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Anti-Virus\fssm32.exe
C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
C:\PROGRA~1\INTERN~2\MEDIAKEY.EXE
C:\Program Files\F-Secure\Common\FSMB32.EXE
C:\Program Files\Lexmark 3300 Series\lxccmon.exe
C:\Program Files\F-Secure\Common\FSM32.EXE
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Gadu-Gadu\gg.exe
C:\Program Files\F-Secure\BackWeb\7681197\Program\F-Secure Automatic Update.exe
C:\Program Files\F-Secure\Common\FCH32.EXE
C:\WINDOWS\System32\svchost.exe
C:\Program Files\F-Secure\Anti-Virus\fsqh.exe
C:\Program Files\F-Secure\Common\FAMEH32.EXE
C:\PROGRA~1\INTERN~2\KBOSDCtl.EXE
C:\PROGRA~1\INTERN~2\KCodeMsg.EXE
C:\Program Files\F-Secure\Anti-Virus\fsrw.exe
C:\WINDOWS\system32\WgaTray.exe
C:\WINDOWS\system32\lxcccoms.exe
C:\Program Files\F-Secure\Common\FNRB32.EXE
C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
C:\Program Files\F-Secure\Common\FIH32.EXE
C:\Program Files\F-Secure\Anti-Virus\fsav32.exe
C:\PROGRA~1\F-Secure\ANTI-S~1\fsaw.exe
C:\Program Files\F-Secure\FSGUI\fsguidll.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\F-Secure\FSGUI\fsavgui.exe
C:\Documents and Settings\niuniulki\Pulpit\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.pl/
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Łącza
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [CM-SmWizard] C:\WINDOWS\System\SmWizard.exe
O4 - HKLM\..\Run: [ATIPTA] C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe
O4 - HKLM\..\Run: [MediaKey] C:\PROGRA~1\INTERN~2\MEDIAKEY.EXE
O4 - HKLM\..\Run: [LXCCCATS] rundll32 C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\LXCCtime.dll,_RunDLLEntry@16
O4 - HKLM\..\Run: [lxccmon.exe] "C:\Program Files\Lexmark 3300 Series\lxccmon.exe"
O4 - HKLM\..\Run: [FaxCenterServer] "C:\Program Files\Lexmark Fax Solutions\fm3032.exe" /s
O4 - HKLM\..\Run: [F-Secure Manager] "C:\Program Files\F-Secure\Common\FSM32.EXE" /splash
O4 - HKLM\..\Run: [F-Secure TNB] "C:\Program Files\F-Secure\TNB\TNBUtil.exe" /CHECKALL /WAITFORSW
O4 - HKLM\..\Run: [MKS_MENU] C:\Program Files\MKS\Bin\mks_menu.exe
O4 - HKCU\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [Gadu-Gadu] "C:\Program Files\Gadu-Gadu\gg.exe" /tray
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: F-Secure Automatic Update.lnk = C:\Program Files\F-Secure\BackWeb\7681197\program\F-Secure Automatic Update.exe
O8 - Extra context menu item: &Block this popup - C:\Program Files\F-Secure\Anti-Spyware\blockpopups.htm
O9 - Extra button: IE Shield - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O9 - Extra 'Tools' menuitem: IE Shield... - {300DB664-75B5-47c0-8B45-A44ACCF73C00} - C:\Program Files\F-Secure\Anti-Spyware\ieshield.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O10 - Unknown file in Winsock LSP: c:\program files\f-secure\fsps\program\fslsp.dll
O15 - Trusted Zone: www.mks.com.pl
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=48835
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {A854AD6D-6DB5-41FB-8044-0BD38092A007} (Ganymede Sudoku) - http://67.15.101.3/g_bin/pl/sudoku_2_0_0_6.cab
O16 - DPF: {BFA1F11D-3121-AFE1-4112-983219421AEF} (GameDesire 1Player Word Games) - http://67.15.101.3/g_bin/pl/wordssingle_2_0_0_36.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game06.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {E23FABEE-12E3-33DA-DA12-195DAC123984} (GameDesire Mahjong) - http://67.15.101.3/g_bin/pl/mahjong_2_0_0_20.cab
O16 - DPF: {E7544C6C-CFD6-43EA-B4E9-360CEE20BDF7} (MainControl Class) - http://www.mks.com.pl/skaner/SkanerOnline.cab
O16 - DPF: {FDDBE2B8-6602-4AD8-946D-94C5A32FA6C1} (GameDesire Pool 8) - http://67.15.101.3/g_bin/pl/billard8_2_0_0_24.cab
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Ati HotKey Poller - Unknown owner - C:\WINDOWS\System32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - C:\WINDOWS\system32\ati2sgag.exe
O23 - Service: F-Secure Automatic Update (BackWeb Plug-in - 7681197) - F-Secure Automatic Update - C:\PROGRA~1\F-Secure\BackWeb\7681197\Program\SERVIC~1.EXE
O23 - Service: Boonty Games - BOONTY - C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe
O23 - Service: FSGKHS (F-Secure Gatekeeper Handler Starter) - F-Secure Corp. - C:\Program Files\F-Secure\Anti-Virus\fsgk32st.exe
O23 - Service: F-Secure Network Request Broker - F-Secure Corporation - C:\Program Files\F-Secure\Common\FNRB32.EXE
O23 - Service: fsbwsys - F-Secure Corp. - C:\Program Files\F-Secure\BackWeb\7681197\program\fsbwsys.exe
O23 - Service: F-Secure Anti-Virus Firewall Daemon (FSDFWD) - F-Secure Corporation - C:\Program Files\F-Secure\FWES\Program\fsdfwd.exe
O23 - Service: F-Secure Management Agent (FSMA) - F-Secure Corporation - C:\Program Files\F-Secure\Common\FSMA32.EXE
O23 - Service: lxcc_device - Lexmark International, Inc. - C:\WINDOWS\system32\lxcccoms.exe
O23 - Service: MkS_Vir Monitor (MksVirMonSvc) - Unknown owner - C:\Program Files\MKS\Bin\mksmonsv.exe (file missing)
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
logi z F securita
10 2006-03-16 08:22:37+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
11 2006-03-16 08:22:42+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@ADSERVER.O2[1].TXT
Action: Spyware was removed from the system.
12 2006-03-16 08:22:47+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
1 2006-03-16 10:10:48+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Automatic Update Agent 1.3.6.1.4.1.2213.42
F-Secure Anti-Virus update 2006-03-16_01 delivered to C:\Program Files\F-Secure\Anti-Virus\dbupdate
2 2006-03-16 10:11:14+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
3 2006-03-16 10:11:34+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
4 2006-03-16 10:11:47+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.12
Virus definition database(s) base091.avc daily.avc updated successfully.
5 2006-03-16 10:39:22+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
6 2006-03-16 10:39:45+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
7 2006-03-16 11:00:24+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
8 2006-03-16 11:00:44+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
9 2006-03-16 11:01:25+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
10 2006-03-16 11:01:38+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
11 2006-03-16 11:03:32+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
12 2006-03-16 11:03:41+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
13 2006-03-16 11:04:33+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
14 2006-03-16 11:04:40+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
15 2006-03-16 11:04:52+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
16 2006-03-16 11:04:58+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
17 2006-03-16 11:07:57+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
18 2006-03-16 11:08:04+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
19 2006-03-16 11:12:14+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
20 2006-03-16 11:12:21+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
21 2006-03-16 11:13:22+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
22 2006-03-16 11:13:28+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
1 2006-03-16 11:23:47+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@TRADEDOUBLER[1].TXT
Action: Spyware was removed from the system.
2 2006-03-16 11:24:05+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
3 2006-03-16 11:31:16+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@FASTCLICK[1].TXT
Action: Spyware was removed from the system.
4 2006-03-16 11:31:16+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@FASTCLICK[1].TXT
Action: Spyware was removed from the system.
5 2006-03-16 11:31:16+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@MEDIA.FASTCLICK[1].TXT
Action: Spyware was removed from the system.
6 2006-03-16 11:31:18+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object: C:\DOCUMENTS AND SETTINGS\NIUNIULKI\COOKIES\NIUNIULKI@CASALEMEDIA[1].TXT
Action: Spyware was removed from the system.
7 2006-03-16 11:31:26+02:00 niniulki-lvfzw4 NINIULKI-LVFZW4\niuniulki F-Secure Anti-Virus 1.3.6.1.4.1.2213.11.1.12
Spyware detected:
Type: cookie
Family:
Name: Tracking Cookie
Object:
Action: Spyware was removed from the system.
RAPORT Z EWIDO
Name: TrackingCookie.2o7
Path: C:\Documents and Settings\niuniulki\Cookies\niuniulki@microsoftwga.112.2o7[1].txt
Risk: Medium
Name: TrackingCookie.Adocean
Path: C:\Documents and Settings\niuniulki\Cookies\niuniulki@my.adocean[2].txt
Risk: Medium
Name: TrackingCookie.Adocean
Path: C:\Documents and Settings\niuniulki\Cookies\niuniulki@gde.adocean[2].txt
Risk: Medium