Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 4:45:03 PM, on 6/9/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5730.0013)
Boot mode: Safe mode with network support
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Defender\MsMpEng.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Opera\opera.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer,SearchURL = about:blank
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://www.att.net/ie4/search/index.html
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://login.yahoo.com/config/mail?.intl=us
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: SpywareBlock Class - {0A87E45F-537A-40B4-B812-E2544C21A09F} - C:\Program Files\SpyCatcher 2006\SCActiveBlock.dll (file missing)
O2 - BHO: (no name) - {1FA04217-88FE-F85C-D5ED-830A7500A69A} - C:\WINDOWS\System32\jarf.dll (file missing)
O2 - BHO: (no name) - {1FA04266-888F-8F50-D5ED-F10A070DA69F} - C:\WINDOWS\System32\jarf.dll (file missing)
O2 - BHO: PCTools Site Guard - {5C8B2A36-3DB1-42A4-A3CB-D426709BBFEB} - C:\PROGRA~1\SPYWAR~1\tools\iesdsg.dll
O2 - BHO: (no name) - {875EC112-06FB-2159-8F98-01A2DFA86992} - C:\WINDOWS\System32\jjlzr.dll (file missing)
O2 - BHO: (no name) - {875EC163-068A-5655-8F98-73A2ADA56997} - C:\WINDOWS\System32\jjlzr.dll (file missing)
O2 - BHO: (no name) - {95993E09-A3B7-8B4F-980A-ADC819852A9B} - C:\WINDOWS\System32\vbvhs.dll (file missing)
O2 - BHO: (no name) - {9DF5EE01-7894-0241-95DD-5330531D2492} - C:\WINDOWS\System32\bgo.dll (file missing)
O2 - BHO: (no name) - {9DF5EE06-78E7-074B-95D8-203026102495} - C:\WINDOWS\System32\bgo.dll (file missing)
O4 - HKLM\..\Run: [PCTVOICE] pctspk.exe
O4 - HKLM\..\Run: [Windows Online Updater] dllman.exe
O4 - HKLM\..\Run: [Flashget Download Manager] Flashget.exe
O4 - HKLM\..\Run: [Device] C:\socke.exe
O4 - HKLM\..\Run: [LogitechVideoRepair] C:\Program Files\Logitech\Video\ISStart.exe
O4 - HKLM\..\Run: [Verizon Custom Uninstall Tracking] C:\DOCUME~1\Owner\LOCALS~1\Temp\InstallHelper.exe /uninstalltrackingvendor=Verizon
O4 - HKLM\..\Run: [KernelFaultCheck] C:\WINDOWS\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [Windows Defender] "C:\Program Files\Windows Defender\MSASCui.exe" -hide
O4 - HKLM\..\Run: [realteks] "C:\Documents and Settings\Owner\Application Data\Google\afuya1119762.exe" 2
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min
O4 - HKLM\..\RunServices: [Windows Online Updater] dllman.exe
O4 - HKLM\..\RunServices: [Flashget Download Manager] Flashget.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [msisip] C:\WINDOWS\System32\msisip.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [nah_Shell] C:\Documents and Settings\Owner\nah_kclj.exe
O4 - Global Startup: D-Link AirPlus G Wireless Utility.lnk = ?
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {2BC66F54-93A8-11D3-BEB6-00105AA9B6AE} (Symantec AntiVirus scanner) - http://security.symantec.com/sscv6/Shar ... vSniff.cab
O16 - DPF: {E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} - http://download.abacast.com/download/fi ... tup155.cab
O20 - AppInit_DLLs: interceptor.dll
O21 - SSODL: mtklefa - {2BF9371E-BB71-4FBB-65AE-2555F6577C5B} - C:\WINDOWS\System32\iklewu32.dll (file missing)
O21 - SSODL: sLAbZC - {2C100FC0-86BA-A56A-3FCC-6B805F9E0AB2} - C:\WINDOWS\System32\pwys.dll (file missing)
O23 - Service: Avira AntiVir Scheduler (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe
O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Unknown owner - C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe (file missing