Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:11, on 2007-12-20
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\system32\Ati2evxx.exe
E:\WINDOWS\system32\spoolsv.exe
D:\Program Files\Nero 7\Nero 7\InCD\InCDsrv.exe
E:\WINDOWS\system32\drivers\KodakCCS.exe
D:\XAMPP\mysql\bin\mysqld-nt.exe
E:\WINDOWS\Explorer.EXE
D:\Program Files\Eset\nod32krn.exe
E:\WINDOWS\system32\PnkBstrA.exe
E:\WINDOWS\system32\PnkBstrB.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\WINDOWS\ALCWZRD.EXE
D:\Program Files\Nero 7\Nero 7\InCD\NBHGui.exe
D:\Program Files\QuickTime\qttask.exe
D:\Program Files\Eset\nod32kui.exe
D:\Program Files\DU Meter\DUMeter.exe
D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe
E:\WINDOWS\system32\LVCOMSX.EXE
D:\Program Files\Logitech\Video\LogiTray.exe
D:\Program Files\WebcamMax\wcmmon.exe
E:\WINDOWS\system32\ctfmon.exe
D:\PROGRA~1\NERO7~1\NERO7~1\NEROTO~1\DRIVES~1.EXE
D:\Program Files\Spyware Terminator\sp_rsser.exe
E:\Program Files\Skype\Phone\Skype.exe
D:\Program Files\GetRight\getright.exe
D:\W3D_Miranda_PACK\Miranda IM\miranda32.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\VMware\VMware Server\vmware-authd.exe
E:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
E:\WINDOWS\system32\vmnat.exe
E:\WINDOWS\system32\vmnetdhcp.exe
D:\Program Files\Logitech\Video\FxSvr2.exe
E:\Program Files\VMware\VMware Server\vmserverdWin32.exe
E:\Program Files\Skype\Plugin Manager\skypePM.exe
D:\Program Files\Mozilla Firefox\firefox.exe
D:\Program Files\TuneUp Utilities 2007\Integrator.exe
E:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://www.crawler.com/search/dispatche ... p=aus&qkw=%s&tbid=61005
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
http://start.icq.com/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,SearchAssistant =
http://www.crawler.com/search/ie.aspx?tb_id=61005R1 - HKLM\Software\Microsoft\Internet Explorer\Main,CustomizeSearch =
http://dnl.crawler.com/support/sa_custo ... TbId=61005R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
http://www.crawler.com/search/ie.aspx?tb_id=61005R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://dnl.crawler.com/support/sa_custo ... TbId=61005R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - E:\PROGRA~1\Crawler\Toolbar\ctbr.dll
R3 - URLSearchHook: Nexus Radio Toolbar - {2462d2d8-b36e-44ab-84bf-c5a9383d2429} - E:\Program Files\Nexus_Radio\tbNex1.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {1CB20BF0-BBAE-40A7-93F4-6435FF3D0411} - E:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O2 - BHO: Nexus Radio Toolbar - {2462d2d8-b36e-44ab-84bf-c5a9383d2429} - E:\Program Files\Nexus_Radio\tbNex1.dll
O2 - BHO: GetRight IE Download Helper - {31FF080D-12A3-439A-A2EF-4BA95A3148E8} - D:\Program Files\GetRight\xx2gr.dll
O2 - BHO: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - E:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: (no name) - {A1626E66-B26B-C628-A1DF-BDACCFA26EE1} - E:\Program Files\Common Files\Relive.dll (file missing)
O2 - BHO: FlashFXP Helper for Internet Explorer - {E5A1691B-D188-4419-AD02-90002030B8EE} - D:\PROGRA~1\FlashFXP\IEFlash.dll
O3 - Toolbar: &Crawler Toolbar - {4B3803EA-5230-4DC3-A7FC-33638F3D3542} - E:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O3 - Toolbar: Megaupload Toolbar - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - E:\PROGRA~1\MEGAUP~1\MEGAUP~1.DLL
O3 - Toolbar: Nexus Radio Toolbar - {2462d2d8-b36e-44ab-84bf-c5a9383d2429} - E:\Program Files\Nexus_Radio\tbNex1.dll
O4 - HKLM\..\Run: [Zástupce stránky vlastností sběrnice High Definition Audio] HDAudPropShortcut.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [AlcWzrd] ALCWZRD.EXE
O4 - HKLM\..\Run: [NeroFilterCheck] E:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [SecurDisc] D:\Program Files\Nero 7\Nero 7\InCD\NBHGui.exe
O4 - HKLM\..\Run: [QuickTime Task] "D:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [nod32kui] "D:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DU Meter] D:\Program Files\DU Meter\DUMeter.exe
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [Sony Ericsson PC Suite] "D:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe" /startoptions
O4 - HKLM\..\Run: [SpywareTerminator] "D:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "D:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [LVCOMSX] E:\WINDOWS\system32\LVCOMSX.EXE
O4 - HKLM\..\Run: [LogitechVideoRepair] D:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [LogitechVideoTray] D:\Program Files\Logitech\Video\LogiTray.exe
O4 - HKLM\..\Run: [WebcamMaxMoniter] "D:\Program Files\WebcamMax\wcmmon.exe" /a
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Nero DriveSpeed] "D:\PROGRA~1\NERO7~1\NERO7~1\NEROTO~1\DRIVES~1.EXE"
O4 - HKCU\..\Run: [MirandaIM] "D:\Program Files\WIP Miranda IM 1.4\miranda32.exe" "D:\Program Files\WIP Miranda IM 1.4\resources\profiles\WIP-user"
O4 - HKCU\..\Run: [Skype] "E:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] E:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: miranda32.exe.lnk = D:\W3D_Miranda_PACK\Miranda IM\miranda32.exe
O4 - Global Startup: GetRight - Tray Icon.lnk = D:\Program Files\GetRight\getright.exe
O8 - Extra context menu item: Crawler Search - tbr:iemenu
O8 - Extra context menu item: Download with GetRight - D:\Program Files\GetRight\GRdownload.htm
O8 - Extra context menu item: Open with GetRight Browser - D:\Program Files\GetRight\GRbrowse.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Outpost Firewall Pro Quick Tune - {44627E97-789B-40d4-B5C2-58BD171129A1} - E:\WINDOWS\system32\shdocvw.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O16 - DPF: Justin.tv Publisher -
http://www.justin.tv/plugins/justintv_publisher.CABO18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - E:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: tbr - {4D25FB7A-8902-4291-960E-9ADA051CFBBF} - E:\PROGRA~1\Crawler\Toolbar\ctbr.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Apache - Unknown owner - D:\PROGRA~1\EASYPH~1\Apache\apache.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - E:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: ATI Smart - Unknown owner - E:\WINDOWS\system32\ati2sgag.exe
O23 - Service: Google Updater Service (gusvc) - Google - E:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
O23 - Service: InCD Helper (InCDsrv) - Nero AG - D:\Program Files\Nero 7\Nero 7\InCD\InCDsrv.exe
O23 - Service: Kodak Camera Connection Software (KodakCCS) - Eastman Kodak Company - E:\WINDOWS\system32\drivers\KodakCCS.exe
O23 - Service: MySql - Unknown owner - D:/XAMPP/mysql/bin/mysqld-nt.exe
O23 - Service: NBService - Nero AG - D:\Program Files\Nero 7\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - E:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - D:\Program Files\Eset\nod32krn.exe
O23 - Service: Pml Driver HPZ12 - HP - E:\WINDOWS\system32\HPZipm12.exe
O23 - Service: PnkBstrA - Unknown owner - E:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - E:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Sunbelt Personal Firewall 4 (SPF4) - Sunbelt Software - D:\Program Files\Sunbelt Software\Personal Firewall\kpf4ss.exe
O23 - Service: Spyware Terminator Realtime Shield Service (sp_rssrv) - Crawler.com - D:\Program Files\Spyware Terminator\sp_rsser.exe
O23 - Service: VMware Authorization Service (VMAuthdService) - VMware, Inc. - E:\Program Files\VMware\VMware Server\vmware-authd.exe
O23 - Service: VMware DHCP Service (VMnetDHCP) - VMware, Inc. - E:\WINDOWS\system32\vmnetdhcp.exe
O23 - Service: VMware Virtual Mount Manager Extended (vmount2) - VMware, Inc. - E:\Program Files\Common Files\VMware\VMware Virtual Image Editing\vmount2.exe
O23 - Service: VMware Registration Service (vmserverdWin32) - VMware, Inc. - E:\Program Files\VMware\VMware Server\vmserverdWin32.exe
O23 - Service: VMware NAT Service - VMware, Inc. - E:\WINDOWS\system32\vmnat.exe
O23 - Service: XAMPP Service (XAMPP) - Unknown owner - D:\XAMPP\service.exe
--
End of file - 10295 bytes