Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 6:56:02 PM, on 11/25/2009
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16791)
Boot mode: Normal
Running processes:
H:\WINDOWS\System32\smss.exe
H:\WINDOWS\system32\winlogon.exe
H:\WINDOWS\system32\services.exe
H:\WINDOWS\system32\lsass.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\WINDOWS\system32\svchost.exe
H:\WINDOWS\System32\svchost.exe
H:\WINDOWS\system32\Ati2evxx.exe
H:\Program Files\AVG\AVG9\avgchsvx.exe
H:\Program Files\AVG\AVG9\avgrsx.exe
H:\Program Files\AVG\AVG9\avgcsrvx.exe
H:\PROGRA~1\COMMON~1\Stardock\SDMCP.exe
H:\WINDOWS\System32\wltrysvc.exe
H:\WINDOWS\System32\bcmwltry.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
H:\WINDOWS\Explorer.EXE
H:\WINDOWS\system32\spoolsv.exe
H:\Program Files\AVG\AVG9\avgwdsvc.exe
H:\Program Files\Bonjour\mDNSResponder.exe
H:\Program Files\Kodak\AiO\center\KodakSvc.exe
H:\WINDOWS\system32\PnkBstrA.exe
H:\WINDOWS\system32\PnkBstrB.exe
H:\WINDOWS\system32\SearchIndexer.exe
H:\Program Files\AVG\AVG9\avgnsx.exe
H:\Program Files\AVG\AVG9\avgemc.exe
H:\Program Files\Kodak\AiO\Center\EKDiscovery.exe
H:\Program Files\AVG\AVG9\avgcsrvx.exe
H:\WINDOWS\system32\wltray.exe
H:\WINDOWS\LTMSG.exe
H:\PROGRA~1\AVG\AVG9\avgtray.exe
H:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe
H:\WINDOWS\system32\ctfmon.exe
H:\Program Files\Valve\Steam\Steam.exe
H:\Program Files\Windows Desktop Search\WindowsSearch.exe
H:\WINDOWS\system32\svchost.exe
H:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
H:\Program Files\Mozilla Firefox\firefox.exe
H:\Documents and Settings\DMC\Desktop\hijackthis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Connection Wizard,ShellNext = http://windowsupdate.microsoft.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - H:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - H:\Program Files\AVG\AVG9\avgssie.dll
O4 - HKLM\..\Run: [wltray.exe] H:\WINDOWS\system32\wltray.exe
O4 - HKLM\..\Run: [LTMSG] LTMSG.exe 7
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "H:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Conime] %windir%\system32\conime.exe
O4 - HKLM\..\Run: [AVG9_TRAY] H:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKLM\..\Run: [Ashampoo FireWall] "H:\Program Files\Ashampoo\Ashampoo FireWall FREE\FireWall.exe" -TRAY
O4 - HKCU\..\Run: [ctfmon.exe] H:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [Steam] "H:\Program Files\Valve\Steam\Steam.exe" -silent
O4 - Global Startup: Microsoft Office.lnk = H:\Program Files\Microsoft Office\Office10\OSA.EXE
O4 - Global Startup: Windows Search.lnk = H:\Program Files\Windows Desktop Search\WindowsSearch.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://H:\PROGRA~1\MICROS~3\Office10\EXCEL.EXE/3000
O9 - Extra button: Bonjour - {7F9DB11C-E358-4ca6-A83D-ACC663939424} - H:\Program Files\Bonjour\ExplorerPlugin.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - H:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - H:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {4871A87A-BFDD-4106-8153-FFDE2BAC2967} (DLM Control) - http://dlm.tools.akamai.com/dlmanager/v ... .2.4.2.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftup ... 0522656359
O17 - HKLM\System\CCS\Services\Tcpip\..\{282C1275-941E-4661-8699-8EFAD7ED8BDC}: NameServer = 85.255.112.213,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\..\{B0733E12-988B-45BC-8BA3-BB6621DA53D4}: NameServer = 85.255.112.213,85.255.112.6
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: NameServer = 85.255.112.213,85.255.112.6
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: NameServer = 85.255.112.213,85.255.112.6
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - H:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - H:\WINDOWS\SYSTEM32\avgrsstx.dll
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - H:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Free E-mail Scanner (avg9emc) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG9\avgemc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - H:\Program Files\AVG\AVG9\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. - H:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - H:\Program Files\Common Files\InstallShield\Driver\1150\Intel 32\IDriverT.exe
O23 - Service: Keenfinder Service - Unknown owner - H:\Program Files\Keenfinder\keenfinder.exe
O23 - Service: Kodak AiO Network Discovery Service - Eastman Kodak Company - H:\Program Files\Kodak\AiO\Center\EKDiscovery.exe
O23 - Service: Kodak AiO Device Service (KodakSvc) - Eastman Kodak Company - H:\Program Files\Kodak\AiO\center\KodakSvc.exe
O23 - Service: Lavasoft Ad-Aware Service - Lavasoft - H:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
O23 - Service: PnkBstrA - Unknown owner - H:\WINDOWS\system32\PnkBstrA.exe
O23 - Service: PnkBstrB - Unknown owner - H:\WINDOWS\system32\PnkBstrB.exe
O23 - Service: Broadcom Wireless LAN Tray Service (wltrysvc) - Unknown owner - H:\WINDOWS\System32\wltrysvc.exe
--
End of file - 6369 bytes