Logfile:
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:47:54 AM, on 3/8/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\csrss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Dynex Wireless G Enhanced Adapter\WLService.exe
C:\Program Files\Dynex Wireless G Enhanced Adapter\WLanCfgG.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\PnkBstrA.exe
C:\Program Files\Spyware Doctor\pctsAuxs.exe
C:\Program Files\Spyware Doctor\pctsSvc.exe
C:\Program Files\Raxco\PerfectDisk\PDSched.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe
C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe
C:\WINDOWS\system32\RUNDLL32.EXE
C:\Program Files\UltraMon\UltraMon.exe
C:\Program Files\Spyware Doctor\pctsTray.exe
C:\Program Files\Logitech\GamePanel Software\LCD Manager\Applets\LCDClock.exe
C:\Program Files\UltraMon\UltraMonTaskbar.exe
C:\WINDOWS\System32\alg.exe
C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
C:\WINDOWS\System32\wbem\wmiprvse.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Mozilla Firefox\firefox.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Bar = http://us.rd.yahoo.com/customize/ie/def ... earch.html
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {316AEF8D-3C37-423E-9E6E-13820A9DC37A} - (no file)
O2 - BHO: (no name) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
O2 - BHO: (no name) - {E22F9B9D-1A1F-473E-BED6-D8BC152441F4} - (no file)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - (no file)
O4 - HKLM\..\Run: [Logitech Hardware Abstraction Layer] KHALMNPR.EXE
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe
O4 - HKLM\..\Run: [Launch LCDMon] "C:\Program Files\Logitech\GamePanel Software\LCD Manager\LCDMon.exe"
O4 - HKLM\..\Run: [Launch LGDCore] "C:\Program Files\Logitech\GamePanel Software\G-series Software\LGDCore.exe" /SHOWHIDE
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [UltraMon] "C:\Program Files\UltraMon\UltraMon.exe" /auto
O4 - HKLM\..\Run: [ISTray] "C:\Program Files\Spyware Doctor\pctsTray.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'SYSTEM')
O4 - HKUS\S-1-5-18\..\RunOnce: [RunNarrator] Narrator.exe (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User 'Default user')
O4 - HKUS\.DEFAULT\..\RunOnce: [RunNarrator] Narrator.exe (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_07\bin\ssv.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {05CA9FB0-3E3E-4B36-BF41-0E3A5CAA8CD8} (Office Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=67633
O16 - DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} (PCPitstop Utility) - http://www.pcpitstop.com/pcpitstop/PCPitStop.CAB
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {1D17175E-48B7-40EC-BEC2-E91C80A89237} (GamehiSpecCheck Control) - http://suddenattack.redbanana.jp/_inclu ... cCheck.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/ms ... b56986.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} - C:\Program Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {39B0684F-D7BF-4743-B050-FDC3F48F7E3B} (CDownloadCtrl Object) - http://www.fileplanet.com/fpdlmgr/cabs/ ... .6.108.cab
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.2.cab
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} (Solitaire Showdown Class) - http://messenger.zone.msn.com/binary/So ... b56986.cab
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/EN-US/a-U ... E_UNO1.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 0569330499
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0573578843
O16 - DPF: {7C5D062A-7A1E-4A46-A02B-A928084CBD66} (MLauncherNew Class) - http://legendofares.netgame.com/downloa ... herNew.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B} - http://download.netmarble.com/kdefence/kdfense8237.cab
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} (MSN Games - Installer) - http://messenger.zone.msn.com/binary/ZI ... b56649.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/Me ... b56907.cab
O16 - DPF: {CD995117-98E5-4169-9920-6C12D4C0B548} (HGPlugin9USA Class) - http://gamedownload.ijjimax.com/gamedow ... in9USA.cab
O16 - DPF: {D6855164-25C2-40D2-BA39-D8A57FF0B49C} (RedbananaVistaPlay Class) - http://suddenattack.redbanana.jp/_inclu ... toPlay.cab
O16 - DPF: {D9701E87-A34D-11D4-BE29-000102598CE4} (VrUpdate Control) - http://download.globalhauri.com/Eng/onl ... update.cab
O16 - DPF: {E6187999-9FEC-46A1-A20F-F4CA977D5643} (ZoneChess Object) - http://messenger.zone.msn.com/binary/Chess.cab57176.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: bw+0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw+0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw-0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw-0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw00 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw00s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw10 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw10s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw20 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw20s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw30 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw30s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw40 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw40s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw50 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw50s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw60 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw60s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw70 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw70s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw80 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw80s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw90 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bw90s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwa0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwa0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwb0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwb0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwc0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwc0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwd0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwd0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwe0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwe0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwf0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwf0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwfile-8876480 - {9462A756-7B47-47BC-8C80-C34B9B80B32B} - (no file)
O18 - Protocol: bwg0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwg0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwh0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwh0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwi0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwi0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwj0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwj0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwk0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwk0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwl0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwl0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwm0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwm0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwn0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwn0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwo0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwo0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwp0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwp0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwq0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwq0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwr0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwr0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bws0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bws0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwt0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwt0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwu0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwu0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwv0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwv0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bww0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bww0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwx0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwx0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwy0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwy0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwz0 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: bwz0s - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - (no file)
O18 - Protocol: offline-8876480 - {15354DE0-E38F-4E1D-92C2-09EB2F337478} - (no file)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: Dynex Wireless G Enhanced Adapter Service (Dynex DX-WGPDTC WLService) - Unknown owner - C:\Program Files\Dynex Wireless G Enhanced Adapter\WLService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\MSCSPTISRV.exe (file missing)
O23 - Service: npkcmsvc - Unknown owner - C:\Nexon\Mabinogi\npkcmsvc.exe (file missing)
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PACSPTISVR - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\PACSPTISVR.exe (file missing)
O23 - Service: PDEngine - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDEngine.exe
O23 - Service: PDScheduler (PDSched) - Raxco Software, Inc. - C:\Program Files\Raxco\PerfectDisk\PDSched.exe
O23 - Service: PnkBstrA - Unknown owner - C:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - C:\Program Files\Spyware Doctor\pctsAuxs.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - C:\Program Files\Spyware Doctor\pctsSvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Unknown owner - C:\Program Files\Common Files\Sony Shared\AVLib\SPTISRV.exe (file missing)
O23 - Service: ThreatFire - PC Tools - C:\Program Files\Spyware Doctor\TFEngine\TFService.exe
--
End of file - 16179 bytes