Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 10:06:59 AM, on 2/7/2008
Platform: Windows 2003 SP1 (WinNT 5.02.3790)
MSIE: Internet Explorer v6.00 SP1 (6.00.3790.1830)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\winlogon.exe:svchost.exe
F:\IMAIL\decludeproc.exe
F:\IMail\IMAP4D32.exe
F:\IMail\IWebCal.exe
F:\IMail\iwebmsg.exe
F:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
F:\IMail\POP3D32.exe
F:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
F:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
F:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe
F:\Program Files\Simple DNS Plus\sdnsmain.exe
F:\IMail\smtpd32.exe
F:\IMail\SYSLOGD.exe
C:\Program Files\RealVNC\VNC4\WinVNC4.exe
C:\WINDOWS\system32\os.exp
C:\WINDOWS\Explorer.EXE
F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE
F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe
C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe
C:\WINDOWS\system32\taskmgr.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = res://shdoclc.dll/softAdmin.htm
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - F:\PROGRA~1\SPYBOT~1\SDHelper.dll
O4 - HKLM\..\Run: [Simple DNS Plus] F:\Program Files\Simple DNS Plus\sdnsplus.exe -t
O4 - HKLM\..\Run: [ShStatEXE] "F:\Program Files\Network Associates\VirusScan\SHSTAT.EXE" /STANDALONE
O4 - HKLM\..\Run: [McAfeeUpdaterUI] "F:\Program Files\Network Associates\Common Framework\UpdaterUI.exe" /StartedFromRunKey
O4 - HKLM\..\Run: [Network Associates Error Reporting Service] "C:\Program Files\Common Files\Network Associates\TalkBack\TBMon.exe"
O4 - HKUS\S-1-5-18\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User '?')
O4 - HKUS\.DEFAULT\..\RunOnce: [tscuninstall] %systemroot%\system32\tscupgrd.exe (User 'Default user')
O16 - DPF: {193C772A-87BE-4B19-A7BB-445B226FE9A1} (ewidoOnlineScan Control) - http://download.ewido.net/ewidoOnlineScan.cab
O16 - DPF: {215B8138-A3CF-44C5-803F-8226143CFC0A} (Trend Micro ActiveX Scan Agent 6.6) - http://housecall65.trendmicro.com/housecall/applet/html/native/x86/win32/activex/hcImpl.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) - http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1138200338250
O17 - HKLM\System\CCS\Services\Tcpip\..\{3E5C65A5-A66E-4990-8EF7-2AB2541DB509}: NameServer = 208.255.176.2,198.6.1.146
O17 - HKLM\System\CCS\Services\Tcpip\..\{6B55B029-3A6B-4720-8FE7-26EFCF34FFFC}: NameServer = 208.255.176.2,208.255.176.3
O23 - Service: Messenger         (AdmSVC) - Unknown owner - C:\WINDOWS\system32\drivers\etc\MSPX-32.EXE (file missing)
O23 - Service: Microsoft System Video Device (AoAdmin) - Unknown owner - C:\WINDOWS\system32\dmconv.exe (file missing)
O23 - Service: COM+ Event Log (comlog) - Unknown owner - C:\WINDOWS\system32\CatRoot\svchost.exe (file missing)
O23 - Service: Decludeproc - Unknown owner - F:\IMAIL\decludeproc.exe
O23 - Service: Diskeeper - Executive Software International, Inc. - C:\Program Files\Executive Software\Diskeeper\DkService.exe
O23 - Service: Remote DNS Client (dnsrec) - Unknown owner - C:\WINDOWS\system32\dnsremcl.exe (file missing)
O23 - Service: IMail FINGER Server (FINGRD32) - Ipswitch, Inc.  - F:\IMail\FINGRD32.exe
O23 - Service: HXD Service 100 (HackerDefender100) - Unknown owner - c:\recycler\root\hxdef100.exe (file missing)
O23 - Service: IMail LDAP Server (ILDAP) - Ipswitch, Inc.  - F:\IMail\ILDAP.exe
O23 - Service: IMail IMAP4 Server (IMAP4D32) - Ipswitch, Inc.  - F:\IMail\IMAP4D32.exe
O23 - Service: IMail Monitor Service (IMonitor) - Ipswitch, Inc.  - F:\IMail\IMonitor.exe
O23 - Service: IMail Web Calendar Service (IWebCal) - Ipswitch, Inc.  - F:\IMail\IWebCal.exe
O23 - Service: IMail Web Service (IWEBMSG) - Ipswitch, Inc.  - F:\IMail\iwebmsg.exe
O23 - Service: McAfee Framework Service (McAfeeFramework) - Network Associates, Inc. - F:\Program Files\Network Associates\Common Framework\FrameworkService.exe
O23 - Service: Network Associates Task Manager (McTaskManager) - Network Associates, Inc. - F:\Program Files\Network Associates\VirusScan\VsTskMgr.exe
O23 - Service: Microsoft System File Structure (MicrosoftSystem) - Unknown owner - C:\system32.exe (file missing)
O23 - Service: Microsoft NET32 Service Handler (MS.NET) - Unknown owner - C:\WINDOWS\twain_32\ms_xml\ms_xml.exe (file missing)
O23 - Service: NT LM Manager (NTLMmg) - Unknown owner - C:\WINDOWS\system32\lssas.exe (file missing)
O23 - Service: IMail POP3 Server (POP3D32) - Ipswitch, Inc.  - F:\IMail\POP3D32.exe
O23 - Service: PRTG Service (PRTGService) - Paessler GmbH - F:\Program Files\PRTG Traffic Grapher\PRTG Traffic Grapher.exe
O23 - Service: PRTG Watchdog (prtgwatchservice) - Unknown owner - F:\Program Files\PRTG Traffic Grapher\watchdog\prtgwatchdog.exe
O23 - Service: IMail PWD Server (PSERVE) - Ipswitch, Inc.  - F:\IMail\PSERVE.exe
O23 - Service: Remote Administrator Service (r_server) - Unknown owner - c:\windows\system32\nvsvc32.exe (file missing)
O23 - Service: Simple DNS Plus (sdnsplus) - JH Software - F:\Program Files\Simple DNS Plus\sdnsmain.exe
O23 - Service: IMail SMTP Server (SMTPD32) - Ipswitch, Inc.  - F:\IMail\smtpd32.exe
O23 - Service: IMail Sys Logger Service (SYSLOGD) - Ipswitch, Inc.  - F:\IMail\SYSLOGD.exe
O23 - Service: TCP-IP Stack (TCP-IP) - Unknown owner - C:\WINDOWS\system32\tcp-ip.exe (file missing)
O23 - Service: TCP/IP Net Client (uninst) - Unknown owner - C:\WINDOWS\inf\netclient.exe (file missing)
O23 - Service: IMail WHOIS Server (WHOISD32) - Ipswitch, Inc.  - F:\IMail\WHOISD32.exe
O23 - Service: VNC Server Version 4 (WinVNC4) - RealVNC Ltd. - C:\Program Files\RealVNC\VNC4\WinVNC4.exe
O23 - Service: Windows Explorer (winxp) - ClassicsExperience - C:\WINDOWS\system32\os.exp
O23 - Service: Windows Management (WmkSvc) - Unknown owner - C:\WINDOWS\system32\iservice.exe (file missing)

--
End of file - 6260 bytes