Scan saved at 11:19:55 AM, on 10/22/2009
Platform: Windows 2003 SP2, v.4566 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP2 (6.00.3790.2825)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Advanced Communications\Hosting Controller\exes\HCDiskQuota.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCRemotingService.exe
C:\Program Files\Advanced Communications\Hosting Controller\exes\HCSchedulerService.exe
C:\Program Files\Advanced Communications\Hosting Controller\exes\HCSMTPService.exe
C:\WINDOWS\system32\inetsrv\inetinfo.exe
C:\Program Files\Microsoft SQL Server\MSSQL$HC7\Binn\sqlservr.exe
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCBillingService.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCMailService.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCQuotaService.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCServer.exe
C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCSyncService.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\rdpclip.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
C:\WINDOWS\system32\dumprep.exe
C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Advanced Communications\Hosting Controller\exes\hostingcontroller.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Internet Explorer\iexplore.exe
c:\windows\system32\inetsrv\w3wp.exe
c:\windows\system32\inetsrv\w3wp.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/hardAdmin.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://update.microsoft.com/
O4 - HKLM\..\Run: [AVP] "C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe"
O4 - HKLM\..\Run: [UserFaultCheck] %systemroot%\system32\dumprep 0 -u
O4 - HKUS\S-1-5-19\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-21-4259553010-3067046617-1597072791-1004\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-21-4259553010-3067046617-1597072791-1047\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O4 - Global Startup: Service Manager.lnk = C:\Program Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O15 - ESC Trusted Zone: http://www.enigmasoftware.a013.com
O15 - ESC Trusted Zone: http://forums.asp.net
O15 - ESC Trusted Zone: http://view.atdmt.com
O15 - ESC Trusted Zone: http://free.avg.com
O15 - ESC Trusted Zone: http://ads.bridgetrack.com
O15 - ESC Trusted Zone: http://www.brothersoft.com
O15 - ESC Trusted Zone: http://*.coreftp.com
O15 - ESC Trusted Zone: http://www.devilsworkshop.org
O15 - ESC Trusted Zone: http://ad.doubleclick.net
O15 - ESC Trusted Zone: http://googleads.g.doubleclick.net
O15 - ESC Trusted Zone: http://www.emsisoft.com
O15 - ESC Trusted Zone: http://www.google.co.in
O15 - ESC Trusted Zone: http://*.hostingcontroller.com
O15 - ESC Trusted Zone: http://www.iis.net
O15 - ESC Trusted Zone: http://www.kaspersky.co.uk
O15 - ESC Trusted Zone: http://www.kaspersky.com
O15 - ESC Trusted Zone: http://analytics.live.com
O15 - ESC Trusted Zone: http://by140w.bay140.mail.live.com
O15 - ESC Trusted Zone: http://login.live.com
O15 - ESC Trusted Zone: http://mail.live.com
O15 - ESC Trusted Zone: http://*.malwareremoval.com
O15 - ESC Trusted Zone: http://www.motherspridekids.com
O15 - ESC Trusted Zone: http://*.motherspridekids.com
O15 - ESC Trusted Zone: http://www.mothersprideonline.com
O15 - ESC Trusted Zone: http://www.mozilla.com
O15 - ESC Trusted Zone: http://analytics.msn.com
O15 - ESC Trusted Zone: http://in.msn.com
O15 - ESC Trusted Zone: http://www.msn.com
O15 - ESC Trusted Zone: http://www.presidiumonline.com
O15 - ESC Trusted Zone: http://www.quickheal.co.in
O15 - ESC Trusted Zone: http://www.scanwith.com
O15 - ESC Trusted Zone: http://hjt-data.trendmicro.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com
O15 - ESC Trusted Zone: http://ad.yieldmanager.com
O15 - ESC Trusted Zone: http://*.windowsupdate.com (HKLM)
O15 - ESC Trusted IP range: http://66.165.106.6
O15 - ESC Trusted IP range: http://66.165.106.14
O15 - ESC Trusted IP range: http://66.165.106.16
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 7511102232
O17 - HKLM\System\CCS\Services\Tcpip\..\{6CE59D3B-FD8C-44B7-AABB-3B81554BDD0C}: NameServer = 216.15.129.202,216.15.129.201
O23 - Service: Kaspersky Anti-Virus 6.0 (AVP) - Kaspersky Lab - C:\Program Files\Kaspersky Lab\Kaspersky Anti-Virus 6.0 for Windows Servers\avp.exe
O23 - Service: Hosting Controller Billing Service (HCBilling) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCBillingService.exe
O23 - Service: Hosting Controller Client (HCClient) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCClient.exe
O23 - Service: Hosting Controller DiskQuota Service (HCDiskQuotaService) - Advanced Communications - C:\Program Files\Advanced Communications\Hosting Controller\exes\HCDiskQuota.exe
O23 - Service: Hosting Controller Mail Service (HCMail) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCMailService.exe
O23 - Service: Hosting Controller Payment Service (HCPaymentService) - PJ Naughter - C:\Program Files\Advanced Communications\Hosting Controller\exes\HCPaymentService.exe
O23 - Service: Hosting Controller Quota Service (HCQuota) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCQuotaService.exe
O23 - Service: Hosting Controller Remoting Service (HCRemoting) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCRemotingService.exe
O23 - Service: Hosting Controller Scheduler Service (HCSchedulerService) - Advanced Communications - C:\Program Files\Advanced Communications\Hosting Controller\exes\HCSchedulerService.exe
O23 - Service: Hosting Controller Server (HCServer) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCServer.exe
O23 - Service: Hosting Controller Delivery Service (HCSMTP Service) - Advanced Communications - C:\Program Files\Advanced Communications\Hosting Controller\exes\HCSMTPService.exe
O23 - Service: Hosting Controller Sync Service (HCSync) - Hosting Controller - C:\Program Files\Advanced Communications\Hosting Controller 7C\Web\Bin\HCSyncService.exe
O23 - Service: HostingController - Unknown owner - C:\Program Files\Advanced Communications\Hosting Controller\exes\hostingcontroller.exe
--
End of file - 8047 bytes