Logfile of HijackThis v1.99.1
Scan saved at 12:38:04, on 5.7.2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\spoolsv.exe
H:\WINDOWS\Explorer.EXE
G:\server\Apache2\bin\Apache.exe
H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
H:\Program Files\Alwil Software\Avast4\ashServ.exe
G:\server\xampp\FileZillaFTP\FileZillaServer.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
H:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe
H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe
H:\WINDOWS\system32\RUNDLL32.EXE
H:\Program Files\Winamp\winampa.exe
H:\Program Files\ICQLite\ICQLite.exe
H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
G:\server\xampp\mysql\bin\mysqld-nt.exe
H:\WINDOWS\system32\ctfmon.exe
G:\server\Apache2\bin\ApacheMonitor.exe
H:\Program Files\NetLimiter 2 Pro\nlsvc.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
H:\WINDOWS\system32\nvsvc32.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe
H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
H:\Program Files\NetLimiter 2 Pro\NLClient.exe
G:\server\Apache2\bin\Apache.exe
H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
H:\Program Files\Alwil Software\Avast4\ashWebSv.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\wpabaln.exe
H:\WINDOWS\system32\wuauclt.exe
H:\Program Files\TC PowerPack\totalcmd.exe
H:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\WINDOWS\system32\osk.exe
H:\WINDOWS\system32\MSSWCHX.EXE
H:\Program Files\WinRAR\WinRAR.exe
H:\DOCUME~1\dmw\LOCALS~1\Temp\Rar$EX00.079\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://google.icq.com/search/search_frame.php
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
http://google.icq.com
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
F2 - REG:system.ini: Shell=explorer.exe ,svchost.exe
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - H:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O4 - HKLM\..\Run: [SpeedTouch USB Diagnostics] "H:\Program Files\Alcatel\SpeedTouch USB\Dragdiag.exe" /icon
O4 - HKLM\..\Run: [NVMixerTray] "H:\Program Files\NVIDIA Corporation\NvMixer\NVMixerTray.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE H:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE H:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [WinampAgent] H:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [ICQ Lite] "H:\Program Files\ICQLite\ICQLite.exe" -minimize
O4 - HKLM\..\Run: [avast!] H:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 - HKCU\..\Run: [CTFMON.EXE] H:\WINDOWS\system32\ctfmon.exe
O4 - Startup: WinMySQLadmin.lnk = G:\server\xampp\mysql\bin\winmysqladmin.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = H:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O4 - Global Startup: Monitor Apache Servers.lnk = G:\server\Apache2\bin\ApacheMonitor.exe
O9 - Extra button: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Program Files\ICQLite\ICQLite.exe
O9 - Extra 'Tools' menuitem: ICQ Lite - {B863453A-26C3-4e1f-A54D-A2CD196348E9} - H:\Program Files\ICQLite\ICQLite.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O10 - Unknown file in Winsock LSP: h:\windows\system32\nvappfilter.dll
O17 - HKLM\System\CCS\Services\Tcpip\..\{8F01B7EB-0F84-4809-B8C8-963D3E61570A}: NameServer = 194.228.41.65 194.228.41.113
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - H:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apache2 - Unknown owner - G:\server\Apache2\bin\Apache.exe" -k runservice (file missing)
O23 - Service: app_filter - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcAppFlt.exe
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - Unknown owner - H:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 - Service: avast! Antivirus - Unknown owner - H:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 - Service: avast! Mail Scanner - Unknown owner - H:\Program Files\Alwil Software\Avast4\ashMaiSv.exe" /service (file missing)
O23 - Service: avast! Web Scanner - Unknown owner - H:\Program Files\Alwil Software\Avast4\ashWebSv.exe" /service (file missing)
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - G:\server\xampp\FileZillaFTP\FileZillaServer.exe
O23 - Service: Forceware Web Interface (ForcewareWebInterface) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\Apache Group\Apache2\bin\apache.exe" -k runservice (file missing)
O23 - Service: Macromedia Licensing Service - Macromedia - H:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe
O23 - Service: mysql - Unknown owner - G:\server\xampp\mysql\bin\mysqld-nt.exe
O23 - Service: NetLimiter (nlsvc) - Locktime Software - H:\Program Files\NetLimiter 2 Pro\nlsvc.exe
O23 - Service: ForceWare user log service (nSvcLog) - Unknown owner - H:\Program Files\NVIDIA Corporation\NetworkAccessManager\bin\nSvcLog.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - H:\WINDOWS\system32\nvsvc32.exe
mwav:
Wed Jul 05 12:46:09 2006 => File H:\Documents and Settings\dmw\Plocha\girc442.exe tagged as not-a-virus:Client-IRC.Win32.mIRC.616. No Action Taken.
Wed Jul 05 12:51:17 2006 => ***** Checking for specific ITW Viruses *****
Wed Jul 05 12:51:17 2006 => Checking for Welchia Virus...
Wed Jul 05 12:51:17 2006 => Checking for LovGate Virus...
Wed Jul 05 12:51:17 2006 => Checking for CodeRed Virus...
Wed Jul 05 12:51:17 2006 => Checking for OpaServ Virus...
Wed Jul 05 12:51:17 2006 => Checking for Sobig.e Virus...
Wed Jul 05 12:51:17 2006 => Checking for Winupie Virus...
Wed Jul 05 12:51:17 2006 => Checking for Swen Virus...
Wed Jul 05 12:51:17 2006 => Checking for JS.Fortnight Virus...
Wed Jul 05 12:51:17 2006 => Checking for Novarg Virus...
Wed Jul 05 12:51:17 2006 => Checking for Pagabot Virus...
Wed Jul 05 12:51:17 2006 => Checking for Parite.b Virus...
Wed Jul 05 12:51:17 2006 => Checking for Parite.a Virus...
Wed Jul 05 12:51:17 2006 => Checking for Adware.SeekSeek Virus...
Wed Jul 05 12:51:17 2006 => ***** Scanning complete. *****
Wed Jul 05 12:51:17 2006 => Total Objects Scanned: 20558
Wed Jul 05 12:51:17 2006 => Total Critical Objects: 1
Wed Jul 05 12:51:17 2006 => Total Disinfected Objects: 0
Wed Jul 05 12:51:17 2006 => Total Objects Renamed: 0
Wed Jul 05 12:51:17 2006 => Total Deleted Objects: 0
Wed Jul 05 12:51:17 2006 => Total Errors: 27
Wed Jul 05 12:51:17 2006 => Time Elapsed: 00:06:01
Wed Jul 05 12:51:17 2006 => Virus Database Date: 7/5/2006
Wed Jul 05 12:51:17 2006 => Virus Database Count: 204761
Wed Jul 05 12:51:17 2006 => Scan Completed.
je to tam porad, kdyz chci neco otevrit, tak se mi zobrazi vlastnosti(takze ale je tam porad, ne jen pri psani)