Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 00:23:12, on 07/09/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal
Running processes:
G:\WINDOWS\System32\smss.exe
G:\WINDOWS\system32\csrss.exe
G:\WINDOWS\system32\winlogon.exe
G:\WINDOWS\system32\services.exe
G:\WINDOWS\system32\lsass.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\System32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\WINDOWS\system32\svchost.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
G:\WINDOWS\system32\spoolsv.exe
G:\Program Files\Common Files\LightScribe\LSSrvc.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
G:\WINDOWS\system32\wdfmgr.exe
G:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
G:\WINDOWS\System32\alg.exe
G:\WINDOWS\system32\wscntfy.exe
G:\WINDOWS\Explorer.EXE
G:\Program Files\Logitech\iTouch\iTouch.exe
G:\Program Files\LogMeIn\LogMeInSystray.exe
G:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
G:\WINDOWS\system32\ctfmon.exe
G:\Program Files\Messenger\msmsgs.exe
G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
G:\Program Files\NETGEAR\WG111v2\WG111v2.exe
G:\Program Files\OpenOffice.org 2.0\program\soffice.exe
G:\Program Files\OpenOffice.org 2.0\program\soffice.BIN
G:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
G:\Program Files\Lavasoft\Ad-Aware 2007\Ad-Aware2007.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Spyware Doctor\swdsvc.exe
G:\Program Files\Spyware Doctor\SDTrayApp.exe
G:\Program Files\Spyware Doctor\svcntaux.exe
G:\Program Files\Internet Explorer\iexplore.exe
G:\Program Files\Spyware Doctor\swdoctor.exe
G:\Program Files\Trend Micro\HijackThis\HijackThis.exe
G:\WINDOWS\system32\wbem\wmiprvse.exe
O2 - BHO: (no name) - {04607465-6868-45D7-91BA-EA855E992A91} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {200E116C-2944-494A-AD7C-8DC7C6B08B97} - g:\windows\system32\mfsmmrtx.dll
O2 - BHO: (no name) - {325BB602-1C94-4793-AA96-F967840ED218} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {3DB6ADEE-52D7-40B2-84D9-1E7C069EA3DD} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {4B9694A4-BA1F-4CEC-884E-1086178940DA} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {5E57316D-4093-4AFB-A392-1380BF90CAB1} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {7474AD6B-2313-4F8E-A2C7-AD2BBE4D8548} - g:\windows\system32\ldoaldo.dll
O2 - BHO: MSVPS System - {88418AA3-16F5-4FC2-A9D8-90B1266DF841} - G:\WINDOWS\nsduo.dll
O2 - BHO: (no name) - {9B4F8A8D-D23A-44BA-B375-AFB58AD1A9A4} - g:\windows\system32\ceizhrfs.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {B1A1192F-D55A-48EC-859D-D8B335941EA1} - g:\windows\system32\ldoaldo.dll
O2 - BHO: (no name) - {D688E60E-9768-44DA-BE2B-2F2C3980256D} - g:\windows\system32\ldoaldo.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [zBrowser Launcher] G:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [auabqaaa] G:\WINDOWS\system32\auabqaaa.exe
O4 - HKLM\..\Run: [LogMeIn GUI] "G:\Program Files\LogMeIn\LogMeInSystray.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] G:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [DllRunning] rundll32.exe "G:\WINDOWS\system32\oxqelsmn.dll",setvm
O4 - HKLM\..\Run: [pccguide.exe] "G:\Program Files\Trend Micro\Internet Security 2005\pccguide.exe"
O4 - HKLM\..\Run: [AAWTray] G:\Program Files\Lavasoft\Ad-Aware 2007\AAWTray.exe
O4 - HKLM\..\Run: [SDTray] "G:\Program Files\Spyware Doctor\SDTrayApp.exe"
O4 - HKCU\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "G:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "G:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] G:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Adobe Gamma.lnk = G:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: OpenOffice.org 2.0.lnk = G:\Program Files\OpenOffice.org 2.0\program\quickstart.exe
O4 - Global Startup: Microsoft Office.lnk = G:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: NETGEAR WG111v2 Smart Wizard.lnk = G:\Program Files\NETGEAR\WG111v2\WG111v2.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - G:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {3E0D93BD-ABC6-4723-A70F-2A57D33C0186} (AlamyUploader Class) - http://www.alamy.com...my_uploader.cab
O20 - Winlogon Notify: alktd - alktd.dll (file missing)
O20 - Winlogon Notify: ijlud - ijlud.dll (file missing)
O20 - Winlogon Notify: kokvd - kokvd.dll (file missing)
O20 - Winlogon Notify: odlpj - odlpj.dll (file missing)
O20 - Winlogon Notify: pjazuwzm - G:\WINDOWS\SYSTEM32\ldoaldo.dll
O20 - Winlogon Notify: tdev - tdev.dll (file missing)
O21 - SSODL: msmhost - {93D5042C-B930-4659-9722-AC2D3EBE4BB1} - G:\WINDOWS\msmhost.dll
O21 - SSODL: msmdev - {4DB388BB-8272-4E7C-B0D3-C9A82C3B1EA8} - G:\WINDOWS\msmdev.dll
O23 - Service: Ad-Aware 2007 Service (aawservice) - Lavasoft AB - G:\Program Files\Lavasoft\Ad-Aware 2007\aawservice.exe
O23 - Service: Adobe LM Service - Adobe Systems - G:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - G:\Program Files\Common Files\LightScribe\LSSrvc.exe
O23 - Service: NMIndexingService - Nero AG - G:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - G:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: PC Tools Auxiliary Service (sdAuxService) - PC Tools - G:\Program Files\Spyware Doctor\svcntaux.exe
O23 - Service: PC Tools Security Service (sdCoreService) - PC Tools - G:\Program Files\Spyware Doctor\swdsvc.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - G:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - G:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - G:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
O24 - Desktop Component 0: Privacy Protection - file:///G:\WINDOWS\privacy_danger\index.htm