Scan saved at 9:30:48 PM, on 16/08/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.5450.0004)
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\SYSTEM32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\Explorer.EXE
E:\WINDOWS\eHome\ehRecvr.exe
E:\WINDOWS\eHome\ehSched.exe
E:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\mdm.exe
E:\WINDOWS\system32\nvsvc32.exe
E:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
E:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Panda Software\Panda Antivirus Platinum\AVENGINE.EXE
E:\Program Files\KickKeys\KickKeys.exe
E:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE
E:\WINDOWS\system32\ctfmon.exe
E:\WINDOWS\system32\dllhost.exe
E:\Program Files\Panda Software\Panda Antivirus Platinum\pavProxy.exe
E:\Program Files\Bon Echo\firefox.exe
E:\Program Files\R-Mail for Outlook Demo\r-mailo.exe
E:\Documents and Settings\aa\Desktop\HijackThis.exe
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft....cid={SUB_CLCID}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
O2 - BHO: DAPHelper Class - {0000CC75-ACF3-4cac-A0A9-DD3868E06852} - E:\Program Files\DAP\DAPBHO.dll
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: FlpLauncher Class - {4401FDC3-7996-4774-8D2B-C1AE9CD6CC25} - E:\Program Files\E-Book Systems\FlipAlbum 5 Pro Eval\fplaunch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 6.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: DAP Bar - {62999427-33FC-4baf-9C9C-BCE6BD127F08} - E:\Program Files\DAP\DAPIEBar.dll
O3 - Toolbar: Yahoo! Toolbar - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - E:\Program Files\Yahoo!\Companion\Installs\cpn\yt.dll
O3 - Toolbar: (no name) - {CBCC61FA-0221-4ccc-B409-CEE865CACA3A} - (no file)
O4 - HKLM\..\Run: [KickKeys] E:\Program Files\KickKeys\KickKeys.exe
O4 - HKLM\..\Run: [NeroFilterCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [SCANINICIO] "E:\Program Files\Panda Software\Panda Antivirus Platinum\Inicio.exe"
O4 - HKLM\..\Run: [APVXDWIN] "E:\Program Files\Panda Software\Panda Antivirus Platinum\APVXDWIN.EXE" /s
O4 - HKLM\..\RunOnce: [System Mechanic Cache Cleanup] E:\Program Files\iolo\System Mechanic\SysMechanic.exe /CompleteCache
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\system32\ctfmon.exe
O4 - Startup: Adobe Gamma Loader.exe
O8 - Extra context menu item: &Download with &DAP - E:\PROGRA~1\DAP\dapextie.htm
O8 - Extra context menu item: Download &all with DAP - E:\PROGRA~1\DAP\dapextie2.htm
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Run DAP - {669695BC-A811-4A9D-8CDF-BA8C795F261C} - E:\PROGRA~1\DAP\DAP.EXE
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - E:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: {8D8972A9-FFFA-11D4-9CC7-00902761BD36} (JSControl Class) - http://mailjol.com/dev/cab/jscntrl.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{C2C51DE7-301F-4708-933A-554D281074BF}: NameServer = 61.0.128.65 61.0.0.5
O18 - Protocol: ms-help - {314111C7-A502-11D2-BBCA-00C04F8EC294} - E:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll
O18 - Filter hijack: text/xml - {807563E5-5146-11D5-A672-00B0D022E945} - E:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL
O20 - Winlogon Notify: wintuh32 - E:\WINDOWS\SYSTEM32\wintuh32.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: ASP.NET State Service (aspnet_state) - Pinnacle Systems GmbH - (no file)
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - E:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Driver Helper Service (NVSvc) - NVIDIA Corporation - E:\WINDOWS\system32\nvsvc32.exe
O23 - Service: Panda Firewall Service (PAVFIRES) - Panda Software - E:\Program Files\Panda Software\Panda Antivirus Platinum\Firewall\PavFires.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software - E:\Program Files\Panda Software\Panda Antivirus Platinum\pavsrv51.exe