Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:43:15 PM, on 8/31/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
C:\Program Files\Common Files\Symantec
Shared\ccEvtMgr.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Microsoft SQL
Server\MSSQL$MICROSOFTBCM\Binn\sqlservr.exe
C:\Program Files\Norton AntiVirus\navapsvc.exe
C:\Program Files\Norton
AntiVirus\AdvTools\NPROTECT.EXE
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VCSW\VCSW.exe
C:\Program
Files\Viewpoint\Common\ViewpointService.exe
C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VzCdb\VzCdbSvc.exe
C:\Program Files\Common Files\Sony Shared\VAIO
Entertainment Platform\VzCdb\VzFw.exe
C:\Program Files\Common Files\Symantec
Shared\Security Center\SymWSC.exe
C:\Program Files\Sony\SmartWi Connection
Utility\SmartWiService.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Apoint\Apoint.exe
C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe
C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe
C:\Program Files\Intel\Wireless\Bin\EOUWiz.exe
C:\Program Files\Java\jre1.6.0_02\bin\jusched.exe
C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
C:\Program Files\Sony\ISB Utility\ISBMgr.exe
C:\Program Files\Sony\VAIO Update 2\VAIOUpdt.exe
C:\Program Files\Protector Suite QL\menusw.exe
C:\Program Files\Sony\SmartWi Connection
Utility\WCULauncher.exe
C:\Program Files\Sony\VAIO Camera
Utility\VCUServe.exe
C:\Program Files\Google\Gmail Notifier\gnotify.exe
C:\PROGRA~1\Sony\SONICS~1\SsAAD.exe
C:\Program Files\Common Files\Symantec
Shared\ccApp.exe
C:\Program Files\Apoint\Apvfb.exe
C:\Program Files\Apoint\Apntex.exe
C:\Program Files\Sony\SmartWi Connection
Utility\SmartWiTogglet.exe
C:\PROGRA~1\Intel\Wireless\Bin\Dot1XCfg.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosBtMng.exe
C:\Program Files\Cisco Systems\Clean Access
Agent\CCAAgent.exe
C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WLLoginProxy.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosA2dp.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosBtHid.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosBtHsp.exe
C:\Program Files\Viewpoint\Viewpoint
Manager\ViewMgr.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\System32\Rundll32.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Messenger\msmsgs.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\tosOBEX.exe
C:\Program Files\Toshiba\Bluetooth Toshiba
Stack\tosBtProc.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Jasc Software Inc\Paint Shop Pro 7
\psp.exe
C:\hijackthis\HiJackThis\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page = http://www.cadcuci.net/
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://www.sony.com/vaiopeople
R3 - URLSearchHook: AOLSearchHook Class - {54EB34EA-
E6BE-4CFD-9F4F-C4A0C2EAFA22} - C:\Program
Files\AOL\AOL Search Enhancement\AOLSearch.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-
C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: rightonadz.biz browser optimizer -
{36A91CEC-6C71-4758-B492-397BFC8E96A2} -
C:\WINDOWS\system32\gzmrotate.dll
O2 - BHO: AOL Search Enhancement - {54EB34EA-E6BE-
4CFD-9F4F-C4A0C2EAFA22} - C:\Program Files\AOL\AOL
Search Enhancement\AOLSearch.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB
-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_02
\bin\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-
BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper - {9030D464-
4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: NAV Helper - {BDF3E430-B101-42AD-A544-
FADC6B084872} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O2 - BHO: adssite - {F31B3634-12AA-41ca-B021-
0685C3B3E4CA} - C:\WINDOWS\system32\nsaA.dll
O3 - Toolbar: Norton AntiVirus - {42CDD1BF-3FFB-4238
-8AD1-7859DF00B1D6} - C:\Program Files\Norton
AntiVirus\NavShExt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [Apoint] C:\Program
Files\Apoint\Apoint.exe
O4 - HKLM\..\Run: [igfxtray] C:\WINDOWS\system32
\igfxtray.exe
O4 - HKLM\..\Run: [igfxhkcmd] C:\WINDOWS\system32
\hkcmd.exe
O4 - HKLM\..\Run: [igfxpers] C:\WINDOWS\system32
\igfxpers.exe
O4 - HKLM\..\Run: [IntelZeroConfig] "C:\Program
Files\Intel\Wireless\bin\ZCfgSvc.exe"
O4 - HKLM\..\Run: [IntelWireless] "C:\Program
Files\Intel\Wireless\Bin\ifrmewrk.exe" /tf Intel
PROSet/Wireless
O4 - HKLM\..\Run: [EOUApp] "C:\Program
Files\Intel\Wireless\Bin\EOUWiz.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre1.6.0_02\bin\jusched.exe"
O4 - HKLM\..\Run: [SonyPowerCfg] C:\Program
Files\Sony\VAIO Power Management\SPMgr.exe
O4 - HKLM\..\Run: [ISBMgr.exe] C:\Program
Files\Sony\ISB Utility\ISBMgr.exe
O4 - HKLM\..\Run: [VAIO Update 2] "C:\Program
Files\Sony\VAIO Update 2\VAIOUpdt.exe" /Stationary
O4 - HKLM\..\Run: [Biomenu] "C:\Program
Files\Protector Suite QL\menusw.exe"
O4 - HKLM\..\Run: [WCULauncher] C:\Program
Files\Sony\SmartWi Connection Utility\WCULauncher.exe
O4 - HKLM\..\Run: [VAIOCameraUtility] "C:\Program
Files\Sony\VAIO Camera Utility\VCUServe.exe"
O4 - HKLM\..\Run: [VAIO Recovery]
C:\WINDOWS\Sonysys\VAIO Recovery\PartSeal.exe
O4 - HKLM\..\Run: [{0228e555-4f9c-4e35-a3ec-
b109a192b4c2}] C:\Program Files\Google\Gmail
Notifier\gnotify.exe
O4 - HKLM\..\Run: [Advanced Tools Check] C:\PROGRA~1
\NORTON~1\AdvTools\ADVCHK.EXE
O4 - HKLM\..\Run: [adstart] C:\WINDOWS\System32
\Rundll32.exe "C:\WINDOWS\system32\gzmrotate.dll"
DllVerify
O4 - HKLM\..\Run: [SsAAD.exe] C:\PROGRA~1
\Sony\SONICS~1\SsAAD.exe
O4 - HKLM\..\Run: [ccRegVfy] C:\Program Files\Common
Files\Symantec Shared\ccRegVfy.exe
O4 - HKLM\..\Run: [ccApp] C:\Program Files\Common
Files\Symantec Shared\ccApp.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0
\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [Adobe Photo Downloader]
"C:\Program Files\Adobe\Photoshop Album Starter
Edition\3.2\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\qttask.exe" -atboottime
O4 - HKCU\..\Run: [Aim6] "C:\Program Files\AIM6
\aim6.exe" /d locale=en-US ee://aol/imApp
O4 - Global Startup: Bluetooth Manager.lnk = ?
O4 - Global Startup: Clean Access Agent.lnk =
C:\Program Files\Cisco Systems\Clean Access
Agent\CCAAgent.exe
O8 - Extra context menu item: E&xport to Microsoft
Excel - res://C:\PROGRA~1\MICROS~3\OFFICE11
\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-
AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program
Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-
B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~3\OFFICE11
\REFIEBAR.DLL
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-
BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O14 - IERESET.INF:
START_PAGE_URL=http://www.sony.com/vaiopeople
O16 - DPF: {00001023-A15C-11D4-97A4-0050BF0FBE67}
(NetmarbleStarter23 Class) -
http://download.netm...arter/NMStarter
23.cab
O16 - DPF: {00001024-A15C-11D4-97A4-0050BF0FBE67}
(NetmarbleStarter24 Class) -
http://download.netm...arter/NMStarter
24.cab
O16 - DPF: {406B5949-7190-4245-91A9-30A17DE16AD0}
(Snapfish Activia) -
http://www2.snapfish...fishActivia.cab
O16 - DPF: {5F8469B4-B055-49DD-83F7-62B522420ECC}
(Facebook Photo Uploader Control) -
http://upload.facebo...cebookPhotoUplo
ader.cab
O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616}
(DivXBrowserPlugin Object) -
http://go.divx.com/p...owserPlugin.cab
O16 - DPF: {92E82FBB-DA00-41E0-ABFE-95482E21A4F6}
(NMTransX Module) -
http://download.netm...tX/NMTransX.cab
O16 - DPF: {9B75502C-BBED-4BBD-8FE2-822E5E0AD32C}
(MagicLockOCX Control) -
http://www.diodeo.com/DioDeoPlayer.cab
O16 - DPF: {A4508A45-F1C4-40F3-99B4-0CA08AC77E3B}
(Kdfense8 Control) -
http://download.netm...ce/kdfense8.cab
O16 - DPF: {AF60D574-F249-4243-8040-5521AAA5BB5E}
(PandoraTVSet Class) -
http://imgcdn.pandor...yer/package/pdr
tvset.cab
O16 - DPF: {BD6BB450-7C69-43B8-96F3-689CAE57AB51}
(SBSWebPlayer Class) -
http://netv.sbs.co.k...BSWebPlayer.cab
O16 - DPF: {CBD8B1CB-2F5F-415F-93E8-A297B33DCBB2}
(CentrinoCheck Control) -
http://entriq.vo.lln...rsal/cabs/cpuch
eck_1_0_0_5.cab
O16 - DPF: {E8E20D57-3D5B-4A2D-B710-252900B66685}
(Installer Class) -
http://www.haduri.co...er/v1.2.3.7/Had
uriInstaller.cab
O16 - DPF: {FA463B6E-93D5-4E02-B7F2-E0BA98DA73FC}
(SHLaunch Control) -
http://nchat2.haduri...launch_0930.cab
O16 - DPF: {FF0CD5DC-60A6-4668-AB80-1ACF40ED9CB8}
(HitPlus Control) -
http://haduri.com/ha...cut/HitPlus.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458
-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1
\Skype\SKYPE4~1.DLL
O23 - Service: Apple Mobile Device - Apple, Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: Symantec Event Manager (ccEvtMgr) -
Symantec Corporation - C:\Program Files\Common
Files\Symantec Shared\ccEvtMgr.exe
O23 - Service: Symantec Password Validation Service
(ccPwdSvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\ccPwdSvc.exe
O23 - Service: Intel® PROSet/Wireless Event Log
(EvtEng) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\EvtEng.exe
O23 - Service: InstallDriver Table Manager (IDriverT)
- Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Image Converter video recording
monitor for VAIO Entertainment - Sony Corporation -
C:\Program Files\Sony\Image Converter 2\IcVzMon.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: MSCSPTISRV - Sony Corporation -
C:\Program Files\Common Files\Sony
Shared\AVLib\MSCSPTISRV.exe
O23 - Service: Norton AntiVirus Auto Protect Service
(navapsvc) - Symantec Corporation - C:\Program
Files\Norton AntiVirus\navapsvc.exe
O23 - Service: Norton Unerase Protection
(NProtectService) - Symantec Corporation - C:\Program
Files\Norton AntiVirus\AdvTools\NPROTECT.EXE
O23 - Service: NVIDIA Display Driver Service (NVSvc)
- NVIDIA Corporation - C:\WINDOWS\system32
\nvsvc32.exe
O23 - Service: PACSPTISVR - Sony Corporation -
C:\Program Files\Common Files\Sony
Shared\AVLib\PACSPTISVR.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Intel® PROSet/Wireless Registry
Service (RegSrvc) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\RegSrvc.exe
O23 - Service: Intel® PROSet/Wireless Service
(S24EventMonitor) - Intel Corporation - C:\Program
Files\Intel\Wireless\Bin\S24EvMon.exe
O23 - Service: ScriptBlocking Service (SBService) -
Symantec Corporation - C:\PROGRA~1\COMMON~1\SYMANT~1
\SCRIPT~1\SBServ.exe
O23 - Service: SmartWiService - Sony Electronics, Inc
- C:\Program Files\Sony\SmartWi Connection
Utility\SmartWiService.exe
O23 - Service: Symantec Network Drivers Service
(SNDSrvc) - Symantec Corporation - C:\Program
Files\Common Files\Symantec Shared\SNDSrvc.exe
O23 - Service: Sony SPTI Service (SPTISRV) - Sony
Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SPTISRV.exe
O23 - Service: SonicStage SCSI Service (SSScsiSV) -
Sony Corporation - C:\Program Files\Common Files\Sony
Shared\AVLib\SSScsiSV.exe
O23 - Service: SymWMI Service (SymWSC) - Symantec
Corporation - C:\Program Files\Common Files\Symantec
Shared\Security Center\SymWSC.exe
O23 - Service: VAIO Entertainment TV Device
Arbitration Service - Sony Corporation - C:\Program
Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VzCs\VzHardwareResourceManager\VzHardwareRes
ourceManager.exe
O23 - Service: VAIO Event Service - Sony Corporation
- C:\Program Files\Sony\VAIO Event Service\VESMgr.exe
O23 - Service: VAIO Media Integrated Server
(VAIOMediaPlatform-IntegratedServer-AppServer) - Sony
Corporation - C:\Program Files\Sony\VAIO Media
Integrated Server\VMISrv.exe
O23 - Service: VAIO Media Integrated Server (HTTP)
(VAIOMediaPlatform-IntegratedServer-HTTP) - Sony
Corporation - C:\Program Files\Sony\VAIO Media
Integrated Server\Platform\SV_Httpd.exe
O23 - Service: VAIO Media Integrated Server (UPnP)
(VAIOMediaPlatform-IntegratedServer-UPnP) - Sony
Corporation - C:\Program Files\Sony\VAIO Media
Integrated Server\Platform\UPnPFramework.exe
O23 - Service: VAIO Media Gateway Server
(VAIOMediaPlatform-Mobile-Gateway) - Sony Corporation
- C:\Program Files\Sony\VAIO Media Integrated
Server\Platform\VmGateway.exe
O23 - Service: VAIO Entertainment UPnP Client Adapter
(Vcsw) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment
Platform\VCSW\VCSW.exe
O23 - Service: Viewpoint Manager Service - Viewpoint
Corporation - C:\Program
Files\Viewpoint\Common\ViewpointService.exe
O23 - Service: VAIO Entertainment Database Service
(VzCdbSvc) - Sony Corporation - C:\Program
Files\Common Files\Sony Shared\VAIO Entertainment
Platform\VzCdb\VzCdbSvc.exe
O23 - Service: VAIO Entertainment File Import Service
(VzFw) - Sony Corporation - C:\Program Files\Common
Files\Sony Shared\VAIO Entertainment
Platform\VzCdb\VzFw.exe
--
End of file - 14365 bytes
Edited by pOoOka, 01 September 2007 - 10:13 AM.