Scan saved at 9:48:30 AM, on 6/1/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16827)
Boot mode: Normal
Running processes:
F:\XP2\System32\smss.exe
F:\XP2\system32\winlogon.exe
F:\XP2\system32\services.exe
F:\XP2\system32\lsass.exe
F:\XP2\system32\svchost.exe
F:\Program Files\Windows Defender\MsMpEng.exe
F:\XP2\System32\svchost.exe
F:\XP2\system32\spoolsv.exe
F:\XP2\system32\nvsvc32.exe
F:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
F:\XP2\System32\svchost.exe
F:\XP2\system32\SearchIndexer.exe
F:\XP2\system32\wscntfy.exe
F:\XP2\Explorer.EXE
F:\Program Files\Trend Micro\Internet Security\TmProxy.exe
F:\XP2\system32\RunDll32.exe
F:\XP2\system32\RUNDLL32.EXE
F:\Program Files\Common Files\Real\Update_OB\realsched.exe
F:\Program Files\Windows Defender\MSASCui.exe
F:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
F:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe
F:\XP2\system32\ctfmon.exe
F:\Program Files\HP Wireless Printer Adapter\ConnectMgr.exe
F:\Program Files\Java\jre1.5.0_03\bin\jucheck.exe
F:\Program Files\Microsoft Broadband Networking\MSBNTray.exe
F:\Program Files\Windows Desktop Search\WindowsSearch.exe
F:\Program Files\Microsoft Office\Office10\msoffice.exe
F:\Program Files\Trend Micro\HijackThis\HijackThis.exe
F:\Program Files\Internet Explorer\IEXPLORE.EXE
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.comcast.net/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Windows Internet Explorer provided by Comcast
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - F:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: RealPlayer Download and Record Plugin for Internet Explorer - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\Program Files\Real\RealPlayer\rpbrowserrecordplugin.dll
O2 - BHO: PDFCreator Toolbar Helper - {C451C08A-EC37-45DF-AAAD-18B51AB5E837} - F:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O3 - Toolbar: PDFCreator Toolbar - {31CF9EBE-5755-4A1D-AC25-2834D952D9B4} - F:\Program Files\PDFCreator Toolbar\v3.3.0.1\PDFCreator_Toolbar.dll
O4 - HKLM\..\Run: [Cmaudio] RunDll32 cmicnfg.cpl,CMICtrlWnd
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE F:\XP2\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [TkBellExe] "F:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Windows Defender] "F:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "F:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE F:\XP2\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [SunJavaUpdateSched] F:\Program Files\Java\jre1.5.0_03\bin\jusched.exe
O4 - HKCU\..\Run: [OE] "F:\Program Files\Trend Micro\Internet Security\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] F:\XP2\system32\ctfmon.exe
O4 - Startup: Epson scanner Registration.lnk = E:\E_reg\EPSONREG.EXE
O4 - Global Startup: connection manager.lnk = ?
O4 - Global Startup: Microsoft Broadband Networking.lnk = ?
O4 - Global Startup: Microsoft Office.lnk = F:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = F:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://F:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - F:\Program Files\Java\jre1.5.0_03\bin\npjpi150_03.dll
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700} (Windows Genuine Advantage Validation Tool) - http://go.microsoft.com/fwlink/?linkid=39204
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupda ... 3696250796
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.5.0) - http://javadl-esd.sun.com/update/1.5.0/ ... s-i586.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1ED8CD20-7D5E-4F37-9861-74290D6E1D7C}: NameServer = 85.255.112.89,85.255.112.201
O17 - HKLM\System\CCS\Services\Tcpip\..\{E3B49116-3068-4F69-B94D-932D1C4A361B}: NameServer = 85.255.112.89,85.255.112.201
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.89,85.255.112.201
O17 - HKLM\System\CS1\Services\Tcpip\..\{1ED8CD20-7D5E-4F37-9861-74290D6E1D7C}: NameServer = 85.255.112.89,85.255.112.201
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.89,85.255.112.201
O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - F:\XP2\system32\nvsvc32.exe
O23 - Service: Trend Micro Central Control Component (SfCtlCom) - Trend Micro Inc. - F:\Program Files\Trend Micro\Internet Security\SfCtlCom.exe
O23 - Service: Trend Micro Unauthorized Change Prevention Service (TMBMServer) - Trend Micro Inc. - F:\Program Files\Trend Micro\BM\TMBMSRV.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - F:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - F:\Program Files\Trend Micro\Internet Security\TmProxy.exe
--
End of file - 5952 bytes