16.05.2008, 15:41
Logfile of HijackThis v1.99.1
Scan saved at 15:41:10, on 2008-05-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wmsdkns.exe
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32VTtrayp.exe
C:WINDOWSsm56hlpr.exe
Crogram FilesThomson SpeedTouchST330diagnosticsdiagnostics.exe
Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
D:skanerHP Software UpdateHPWuSchd2.exe
Crogram FilesHPhpcoretechhpcmpmgr.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32Rundll32.exe
Crogram FilesAutoConnectAutoConnect.exe
D:skanerDigital Imagingbinhpqgalry.exe
Crogram FilesCommon FilesTeleca SharedGeneric.exe
Crogram FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wuauclt.exe
Crogram FilesAlwil SoftwareAvast4setupavast.setup
Crogram FilesMozilla Firefoxfirefox.exe
D:HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant =
F3 - REG:win.ini: load=C:WINDOWSsvchost.exe
F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:programyzainstalowanejccatch.dll
O2 - BHO: (no name) - {439872BC-24A1-4699-9CEE-A9D03A12AD35} - C:WINDOWSsystem32opnOihFw.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {6c23ab0c-0244-4b01-8253-bee724d0d2ec} - C:WINDOWSsystem32rqRLfEVp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:programyzainstalowanegetflash.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O4 - HKLM..Run: [VTTimer]VTTimer.exe
O4 - HKLM..Run: [VTTrayp]VTtrayp.exe
O4 - HKLM..Run: [SMSERIAL]sm56hlpr.exe
O4 - HKLM..Run: [diagnostics]"Crogram Files/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" /icon -l:pl
O4 - HKLM..Run: [Symantec PIF AlertEng]"Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe" /a /m "Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll"
O4 - HKLM..Run: [AHQInit]e:programyzainstalowaneProgramAHQInit.exe
O4 - HKLM..Run: [NeroFilterCheck]C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [HP Software Update]"D:skanerHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HP Component Manager]"Crogram FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [Adobe Photo Downloader]"Crogram FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [Picasa Media Detector]Crogram FilesPicasa2PicasaMediaDetector.exe
O4 - HKLM..Run: [avast!]CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [PCSuiteTrayApplication]Crogram FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 - HKLM..Run: [Super Audio Grabber 3.0]"Crogram FilesBlueSpriteSuper Audio Grabber 3.0SAGrab.exe"/a
O4 - HKLM..Run: [Sony Ericsson PC Suite]"Crogram FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [runner1]C:WINDOWSmrofinu801.exe 61A847B5BBF7281A329A284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM..Run: [MSConfig]C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [BM1f15f514]Rundll32.exe "C:WINDOWSsystem32ejdctbsf.dll",s
O4 - HKCU..Run: [Gadu-Gadu]"E:programyzainstalowaneGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Skype]"Crogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [HUAWEI 3G Data Card MTS]Crogram FilesHuawei technologiesHuawei UMTS Data CardHUAWEI Mobile Connect.exe
O4 - HKCU..Run: [Super Audio Grabber 3.0]"Crogram FilesBlueSpriteSuper Audio Grabber 3.0SAGrab.exe"/a
O4 - HKCU..Run: [AutoConnect]Crogram FilesAutoConnectAutoConnect.exe
O4 - Startup: Adobe Gamma.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = Crogram FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:skanerDigital Imagingbinhpqtra08.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = D:skanerDigital Imagingbinhpqthb08.exe
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet''a - E:programyzainstalowanejc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet''a - E:programyzainstalowanejc_all.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
O9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:programyzainstalowaneFlashGet.exe
O9 - Extra ''Tools'' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:programyzainstalowaneFlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O12 - Plugin for .spop: Crogram FilesInternet ExplorerPluginsNPDocBox.dll
O17 - HKLMSystemCCSServicesTcpip..{3AE6F1B9-6A9B-4615-A656-CABB92CCA439}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLMSystemCS2ServicesTcpip..{3AE6F1B9-6A9B-4615-A656-CABB92CCA439}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: rqRLfEVp - C:WINDOWSSYSTEM32rqRLfEVp.dll
O20 - Winlogon Notify: WinNt32 - C:WINDOWSSYSTEM32WinNt32.dll
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)
Scan saved at 15:41:10, on 2008-05-16
Platform: Windows XP Dodatek SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:WINDOWSSystem32smss.exe
C:WINDOWSsystem32winlogon.exe
C:WINDOWSsystem32services.exe
C:WINDOWSsystem32lsass.exe
C:WINDOWSsystem32svchost.exe
C:WINDOWSSystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4ashServ.exe
C:WINDOWSsystem32spoolsv.exe
C:WINDOWSsystem32svchost.exe
Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe
Crogram FilesAlwil SoftwareAvast4ashWebSv.exe
C:WINDOWSExplorer.EXE
C:WINDOWSsystem32wmsdkns.exe
C:WINDOWSsystem32VTTimer.exe
C:WINDOWSsystem32VTtrayp.exe
C:WINDOWSsm56hlpr.exe
Crogram FilesThomson SpeedTouchST330diagnosticsdiagnostics.exe
Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe
D:skanerHP Software UpdateHPWuSchd2.exe
Crogram FilesHPhpcoretechhpcmpmgr.exe
CROGRA~1ALWILS~1Avast4ashDisp.exe
C:WINDOWSsystem32Rundll32.exe
Crogram FilesAutoConnectAutoConnect.exe
D:skanerDigital Imagingbinhpqgalry.exe
Crogram FilesCommon FilesTeleca SharedGeneric.exe
Crogram FilesSony EricssonMobile2Mobile Phone Monitorepmworker.exe
C:WINDOWSsystem32wuauclt.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSSystem32svchost.exe
C:WINDOWSsystem32wuauclt.exe
Crogram FilesAlwil SoftwareAvast4setupavast.setup
Crogram FilesMozilla Firefoxfirefox.exe
D:HijackThis.exe
R1 - HKCUSoftwareMicrosoftInternet ExplorerMain,SearchAssistant =
[Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKCUSoftwareMicrosoftInternet ExplorerMain,Start Page =[Aby zobaczyć linki, zarejestruj się tutaj]
R0 - HKCUSoftwareMicrosoftInternet ExplorerToolbar,LinksFolderName = ŁączaF3 - REG:win.ini: load=C:WINDOWSsvchost.exe
F2 - REG:system.ini: UserInit=C:WINDOWSsystem32userinit.exe,C:WINDOWSsystem32wmsdkns.exe,
O2 - BHO: (no name) - {00000250-0320-4dd4-be4f-7566d2314352} - (no file)
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - e:ReaderActiveXAcroIEHelper.ocx
O2 - BHO: (no name) - {13197ace-6851-45c3-a7ff-c281324d5489} - (no file)
O2 - BHO: (no name) - {15651c7c-e812-44a2-a9ac-b467a2233e7d} - (no file)
O2 - BHO: flashget urlcatch - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - E:programyzainstalowanejccatch.dll
O2 - BHO: (no name) - {439872BC-24A1-4699-9CEE-A9D03A12AD35} - C:WINDOWSsystem32opnOihFw.dll
O2 - BHO: (no name) - {4e1075f4-eec4-4a86-add7-cd5f52858c31} - (no file)
O2 - BHO: (no name) - {4e7bd74f-2b8d-469e-92c6-ce7eb590a94d} - (no file)
O2 - BHO: (no name) - {5929cd6e-2062-44a4-b2c5-2c7e78fbab38} - (no file)
O2 - BHO: (no name) - {5dafd089-24b1-4c5e-bd42-8ca72550717b} - (no file)
O2 - BHO: (no name) - {5fa6752a-c4a0-4222-88c2-928ae5ab4966} - (no file)
O2 - BHO: (no name) - {622cc208-b014-4fe0-801b-874a5e5e403a} - (no file)
O2 - BHO: (no name) - {6c23ab0c-0244-4b01-8253-bee724d0d2ec} - C:WINDOWSsystem32rqRLfEVp.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - Crogram FilesJavajre1.5.0_06binssv.dll
O2 - BHO: (no name) - {8674aea0-9d3d-11d9-99dc-00600f9a01f1} - (no file)
O2 - BHO: (no name) - {965a592f-8efa-4250-8630-7960230792f1} - (no file)
O2 - BHO: (no name) - {9c5b2f29-1f46-4639-a6b4-828942301d3e} - (no file)
O2 - BHO: (no name) - {cf021f40-3e14-23a5-cba2-717765728274} - (no file)
O2 - BHO: FlashGet GetFlash Class - {F156768E-81EF-470C-9057-481BA8380DBA} - E:programyzainstalowanegetflash.dll
O2 - BHO: (no name) - {fc3a74e5-f281-4f10-ae1e-733078684f3c} - (no file)
O2 - BHO: (no name) - {ffff0001-0002-101a-a3c9-08002b2f49fb} - (no file)
O4 - HKLM..Run: [VTTimer]VTTimer.exe
O4 - HKLM..Run: [VTTrayp]VTtrayp.exe
O4 - HKLM..Run: [SMSERIAL]sm56hlpr.exe
O4 - HKLM..Run: [diagnostics]"Crogram Files/Thomson SpeedTouch/ST330/diagnostics/diagnostics.exe" /icon -l:pl
O4 - HKLM..Run: [Symantec PIF AlertEng]"Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}PIFSvc.exe" /a /m "Crogram FilesCommon FilesSymantec SharedPIF{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}AlertEng.dll"
O4 - HKLM..Run: [AHQInit]e:programyzainstalowaneProgramAHQInit.exe
O4 - HKLM..Run: [NeroFilterCheck]C:WINDOWSsystem32NeroCheck.exe
O4 - HKLM..Run: [HP Software Update]"D:skanerHP Software UpdateHPWuSchd2.exe"
O4 - HKLM..Run: [HP Component Manager]"Crogram FilesHPhpcoretechhpcmpmgr.exe"
O4 - HKLM..Run: [Adobe Photo Downloader]"Crogram FilesAdobePhotoshop Album Starter Edition3.0Appsapdproxy.exe"
O4 - HKLM..Run: [Picasa Media Detector]Crogram FilesPicasa2PicasaMediaDetector.exe
O4 - HKLM..Run: [avast!]CROGRA~1ALWILS~1Avast4ashDisp.exe
O4 - HKLM..Run: [PCSuiteTrayApplication]Crogram FilesNokiaNokia PC Suite 6LaunchApplication.exe -startup
O4 - HKLM..Run: [Super Audio Grabber 3.0]"Crogram FilesBlueSpriteSuper Audio Grabber 3.0SAGrab.exe"/a
O4 - HKLM..Run: [Sony Ericsson PC Suite]"Crogram FilesSony EricssonMobile2Application LauncherApplication Launcher.exe" /startoptions
O4 - HKLM..Run: [runner1]C:WINDOWSmrofinu801.exe 61A847B5BBF7281A329A284503996897C881250221C8670836AC4FA7C8833201749139
O4 - HKLM..Run: [MSConfig]C:WINDOWSPCHealthHelpCtrBinariesMSConfig.exe /auto
O4 - HKLM..Run: [BM1f15f514]Rundll32.exe "C:WINDOWSsystem32ejdctbsf.dll",s
O4 - HKCU..Run: [Gadu-Gadu]"E:programyzainstalowaneGadu-Gadugg.exe" /tray
O4 - HKCU..Run: [Skype]"Crogram FilesSkypePhoneSkype.exe" /nosplash /minimized
O4 - HKCU..Run: [HUAWEI 3G Data Card MTS]Crogram FilesHuawei technologiesHuawei UMTS Data CardHUAWEI Mobile Connect.exe
O4 - HKCU..Run: [Super Audio Grabber 3.0]"Crogram FilesBlueSpriteSuper Audio Grabber 3.0SAGrab.exe"/a
O4 - HKCU..Run: [AutoConnect]Crogram FilesAutoConnectAutoConnect.exe
O4 - Startup: Adobe Gamma.lnk = Crogram FilesCommon FilesAdobeCalibrationAdobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = Crogram FilesAdobeAcrobat 7.0Readerreader_sl.exe
O4 - Global Startup: HP Digital Imaging Monitor.lnk = D:skanerDigital Imagingbinhpqtra08.exe
O4 - Global Startup: HP Image Zone - szybkie uruchamianie.lnk = D:skanerDigital Imagingbinhpqthb08.exe
O8 - Extra context menu item: &Ściągnij przy pomocy FlashGet''a - E:programyzainstalowanejc_link.htm
O8 - Extra context menu item: &Ściągnij wszystko przy pomocy FlashGet''a - E:programyzainstalowanejc_all.htm
O8 - Extra context menu item: E&ksport do programu Microsoft Excel -
[Aby zobaczyć linki, zarejestruj się tutaj]
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dllO9 - Extra ''Tools'' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - Crogram FilesJavajre1.5.0_06binssv.dll
O9 - Extra button: Badanie - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - CROGRA~1MICROS~2OFFICE11REFIEBAR.DLL
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:programyzainstalowaneFlashGet.exe
O9 - Extra ''Tools'' menuitem: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:programyzainstalowaneFlashGet.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O9 - Extra ''Tools'' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - Crogram FilesMessengermsmsgs.exe
O12 - Plugin for .spop: Crogram FilesInternet ExplorerPluginsNPDocBox.dll
O17 - HKLMSystemCCSServicesTcpip..{3AE6F1B9-6A9B-4615-A656-CABB92CCA439}: NameServer = 194.204.159.1 217.98.63.164
O17 - HKLMSystemCS2ServicesTcpip..{3AE6F1B9-6A9B-4615-A656-CABB92CCA439}: NameServer = 194.204.159.1 217.98.63.164
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - CROGRA~1COMMON~1SkypeSKYPE4~1.DLL
O20 - Winlogon Notify: rqRLfEVp - C:WINDOWSSYSTEM32rqRLfEVp.dll
O20 - Winlogon Notify: WinNt32 - C:WINDOWSSYSTEM32WinNt32.dll
O23 - Service: avast! Antivirus - ALWIL Software - Crogram FilesAlwil SoftwareAvast4ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - Crogram FilesAlwil SoftwareAvast4ashWebSv.exe" /service (file missing)