slow proccess execution, overall too much has been installed..

Logfile of Trend Micro

HijackThis v2.0.2
Scan saved at 4:55:21

PM, on 9/21/2008
Platform: Windows XP

SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer

v7.00 (7.00.6000.16705)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\sms

s.exe
C:\WINDOWS\system32\win

logon.exe
C:\WINDOWS\system32\ser

vices.exe
C:\WINDOWS\system32\lsa

ss.exe
C:\WINDOWS\system32\svc

host.exe
C:\WINDOWS\System32\svc

host.exe
C:\Program

Files\WIDCOMM\Bluetooth

Software\bin\btwdins.ex

e
C:\WINDOWS\System32\WLT

RYSVC.EXE
C:\WINDOWS\System32\bcm

wltry.exe
C:\PROGRA~1\COMMON~1\St

ardock\SDMCP.exe
C:\WINDOWS\system32\spo

olsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program

Files\Sprint\Mobile

Broadband\SMBAUtilSvc.e

xe
C:\PROGRA~1\AVG\AVG8\av

gwdsvc.exe
C:\Program

Files\Microsoft Small

Business\Business

Contact

Manager\BcmSqlStartupSv

c.exe
C:\Program

Files\Google\Common\Goo

gle

Updater\GoogleUpdaterSe

rvice.exe
C:\WINDOWS\system32\lxc

tcoms.exe
c:\Program

Files\Microsoft SQL

Server\90\Shared\sqlwri

ter.exe
C:\WINDOWS\system32\svc

host.exe
C:\Program

Files\Viewpoint\Common\

ViewpointService.exe
C:\Program

Files\HPQ\Quick Launch

Buttons\EabServr.exe
C:\Program

Files\Synaptics\SynTP\S

ynTPEnh.exe
C:\WINDOWS\system32\tas

kswitch.exe
C:\Program

Files\Java\jre1.6.0_07\

bin\jusched.exe
C:\WINDOWS\AGRSMMSG.exe
C:\WINDOWS\stsystra.exe
C:\WINDOWS\system32\WLT

RAY.exe
C:\WINDOWS\system32\hkc

md.exe
C:\WINDOWS\system32\igf

xpers.exe
C:\Program

Files\CyberLink\PowerDV

D\PDVDServ.exe
C:\Program

Files\Yahoo!\Search

Protection\SearchProtec

tion.exe
C:\Program

Files\PowerISO\PWRISOVM

.EXE
C:\Program

Files\Microsoft

Office\Office12\GrooveM

onitor.exe
C:\PROGRA~1\AVG\AVG8\av

gtray.exe
C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\m3SrchMn.exe
C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
C:\WINDOWS\system32\ctf

mon.exe
C:\Program

Files\Google\GoogleTool

barNotifier\GoogleToolb

arNotifier.exe
C:\Program Files\TomTom

HOME 2\HOMERunner.exe
C:\Program

Files\AIM6\aim6.exe
C:\Program

Files\WIDCOMM\Bluetooth

Software\BTTray.exe
C:\Program

Files\Nikon\PictureProj

ect\NkbMonitor.exe
C:\PROGRA~1\AVG\AVG8\av

grsx.exe
C:\Program

Files\AIM6\aolsoftware.

exe
C:\Documents and

Settings\ADMIN\Desktop\

HiJackThis.exe

R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Default_S

earch_URL =

http://go.microsoft.com

/fwlink/?LinkId=54896
R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Search

Bar =

http://us.rd.yahoo.com/

customize/ie/defaults/s

b/msgr8/*http://www.yah

oo.com/ext/search/searc

h.html
R1 -

HKLM\Software\Microsoft

\Internet

Explorer\Main,Search

Page =

http://go.microsoft.com

/fwlink/?LinkId=54896
R1 -

HKCU\Software\Microsoft

\Windows\CurrentVersion

\Internet

Settings,ProxyServer =

actsvr.comcastonline.co

m:8100
R1 -

HKCU\Software\Microsoft

\Windows\CurrentVersion

\Internet

Settings,ProxyOverride

= cdn
R3 - URLSearchHook:

AOLTBSearch Class -

{EA756889-2338-43DB-8F0

7-D1CA6FB9C90D} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
R3 - URLSearchHook:

Yahoo! Toolbar -

{EF99BD32-C1FB-11D2-892

F-0090271D4F88} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
R3 - URLSearchHook: (no

name) -

{00A6FAF6-072E-44cf-895

7-5838F569A31D} -

C:\Program

Files\MyWebSearch\SrchA

stt\1.bin\MWSSRCAS.DLL
O2 - BHO: MyWebSearch

Search Assistant BHO -

{00A6FAF1-072E-44cf-895

7-5838F569A31D} -

C:\Program

Files\MyWebSearch\SrchA

stt\1.bin\MWSSRCAS.DLL
O2 - BHO: &Yahoo!

Toolbar Helper -

{02478D38-C3F9-4efb-9B5

1-7695ECA05670} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
O2 - BHO: Adobe PDF

Reader Link Helper -

{06849E9F-C8D7-4D59-B87

D-784B7D6BE0B3} -

C:\Program Files\Common

Files\Adobe\Acrobat\Act

iveX\AcroIEHelper.dll
O2 - BHO: mwsBar BHO -

{07B18EA1-A523-4961-B6B

B-170DE4475CCA} -

C:\Program

Files\MyWebSearch\bar\1

.bin\MWSBAR.DLL
O2 - BHO: WormRadar.com

IESiteBlocker.NavFilter

-

{3CA2F312-6F6E-4B53-A66

E-4E65E497C8C0} -

C:\Program

Files\AVG\AVG8\avgssie.

dll
O2 - BHO: Yahoo! IE

Services Button -

{5BAB4B5B-68BC-4B02-94D

6-2FC0DE4A7897} -

C:\Program

Files\Yahoo!\Common\yie

srvc.dll
O2 - BHO: Groove GFS

Browser Helper -

{72853161-30C5-4D22-B7F

9-0BBC1D38A37E} -

C:\Program

Files\Microsoft

Office\Office12\GrooveS

hellExtensions.dll
O2 - BHO: SSVHelper

Class -

{761497BB-D6F0-462C-B6E

B-D4DAF1D92D43} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O2 - BHO: AOL Toolbar

Launcher -

{7C554162-8CB7-45A4-B8F

4-8EA1C75885F9} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O2 - BHO: AVG Security

Toolbar -

{A057A204-BACC-4D26-999

0-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AV

GTOO~1.DLL
O2 - BHO: Google

Toolbar Helper -

{AA58ED58-01DD-4d91-833

3-CF10577473F7} -

c:\program

files\google\googletool

bar1.dll
O2 - BHO: Google

Toolbar Notifier BHO -

{AF69DE43-7D58-4638-B6F

A-CE66B5AD205D} -

C:\Program

Files\Google\GoogleTool

barNotifier\3.0.1225.98

68\swg.dll
O3 - Toolbar: Yahoo!

Toolbar -

{EF99BD32-C1FB-11D2-892

F-0090271D4F88} -

C:\PROGRA~1\Yahoo!\Comp

anion\Installs\cpn1\yt.

dll
O3 - Toolbar: &Google -

{2318C2B1-4965-11d4-9B1

8-009027A5CD4F} -

c:\program

files\google\googletool

bar1.dll
O3 - Toolbar: AVG

Security Toolbar -

{A057A204-BACC-4D26-999

0-79A187E2698E} -

C:\PROGRA~1\AVG\AVG8\AV

GTOO~1.DLL
O3 - Toolbar: AIM

Toolbar -

{DE9C389F-3316-41A7-809

B-AA305ED9D922} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O3 - Toolbar: My Web

Search -

{07B18EA9-A523-4961-B6B

B-170DE4475CCA} -

C:\Program

Files\MyWebSearch\bar\1

.bin\MWSBAR.DLL
O4 - HKLM\..\Run:

[eabconfg.cpl]

C:\Program

Files\HPQ\Quick Launch

Buttons\EabServr.exe

/Start
O4 - HKLM\..\Run:

[SynTPLpr] C:\Program

Files\Synaptics\SynTP\S

ynTPLpr.exe
O4 - HKLM\..\Run:

[SynTPEnh] C:\Program

Files\Synaptics\SynTP\S

ynTPEnh.exe
O4 - HKLM\..\Run:

[CoolSwitch]

C:\WINDOWS\system32\tas

kswitch.exe
O4 - HKLM\..\Run:

[SunJavaUpdateSched]

"C:\Program

Files\Java\jre1.6.0_07\

bin\jusched.exe"
O4 - HKLM\..\Run:

[AGRSMMSG] AGRSMMSG.exe
O4 - HKLM\..\Run:

[SigmatelSysTrayApp]

stsystra.exe
O4 - HKLM\..\Run:

[Broadcom Wireless

Manager UI]

C:\WINDOWS\system32\WLT

RAY.exe
O4 - HKLM\..\Run:

[NeroFilterCheck]

C:\WINDOWS\system32\Ner

oCheck.exe
O4 - HKLM\..\Run:

[igfxtray]

C:\WINDOWS\system32\igf

xtray.exe
O4 - HKLM\..\Run:

[igfxhkcmd]

C:\WINDOWS\system32\hkc

md.exe
O4 - HKLM\..\Run:

[igfxpers]

C:\WINDOWS\system32\igf

xpers.exe
O4 - HKLM\..\Run:

[RemoteControl]

"C:\Program

Files\CyberLink\PowerDV

D\PDVDServ.exe"
O4 - HKLM\..\Run:

[LXCTCATS] rundll32

C:\WINDOWS\System32\spo

ol\DRIVERS\W32X86\3\LXC

Ttime.dll,_RunDLLEntry@

16
O4 - HKLM\..\Run:

[YSearchProtection]

"C:\Program

Files\Yahoo!\Search

Protection\SearchProtec

tion.exe"
O4 - HKLM\..\Run:

[PWRISOVM.EXE]

C:\Program

Files\PowerISO\PWRISOVM

.EXE
O4 - HKLM\..\Run:

[GrooveMonitor]

"C:\Program

Files\Microsoft

Office\Office12\GrooveM

onitor.exe"
O4 - HKLM\..\Run:

[Adobe Reader Speed

Launcher] "C:\Program

Files\Adobe\Reader

8.0\Reader\Reader_sl.ex

e"
O4 - HKLM\..\Run:

[AVG8_TRAY]

C:\PROGRA~1\AVG\AVG8\av

gtray.exe
O4 - HKLM\..\Run:

[LogonStudio]

"C:\Program

Files\WinCustomize\Logo

nStudio\logonstudio.exe

" /RANDOM
O4 - HKLM\..\Run:

[MyWebSearch Plugin]

rundll32

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\M3PLUGIN.DLL,UP

F
O4 - HKLM\..\Run: [My

Web Search Bar Search

Scope Monitor]

"C:\PROGRA~1\MYWEBS~1\b

ar\1.bin\m3SrchMn.exe"

/m=0
O4 - HKLM\..\Run:

[MyWebSearch Email

Plugin]

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
O4 - HKCU\..\Run:

[ctfmon.exe]

C:\WINDOWS\system32\ctf

mon.exe
O4 - HKCU\..\Run:

[MSMSGS] "C:\Program

Files\Messenger\msmsgs.

exe" /background
O4 - HKCU\..\Run: [swg]

C:\Program

Files\Google\GoogleTool

barNotifier\GoogleToolb

arNotifier.exe
O4 - HKCU\..\Run:

[TomTomHOME.exe]

"C:\Program

Files\TomTom HOME

2\HOMERunner.exe"
O4 - HKCU\..\Run:

[CursorXP] C:\Program

Files\CursorXP\CursorXP

.exe
O4 - HKCU\..\Run:

[Aim6] "C:\Program

Files\AIM6\aim6.exe" /d

locale=en-US

ee://aol/imApp
O4 - HKCU\..\Run:

[MyWebSearch Email

Plugin]

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwsoemon.exe
O4 - HKCU\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe
O4 - HKCU\..\Run:

[Yahoo! Pager]

"C:\PROGRA~1\Yahoo!\MES

SEN~1\YAHOOM~1.EXE"

-quiet
O4 -

HKUS\S-1-5-18\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe (User 'SYSTEM')
O4 -

HKUS\.DEFAULT\..\Run:

[MySpaceIM] C:\Program

Files\MySpace\IM\MySpac

eIM.exe (User 'Default

user')
O4 - Startup: YPOPs.lnk

= ?
O4 - Global Startup:

Bluetooth.lnk = ?
O4 - Global Startup:

NkbMonitor.exe.lnk =

C:\Program

Files\Nikon\PictureProj

ect\NkbMonitor.exe
O8 - Extra context menu

item: &AIM Search -

c:\program

files\aol\aim toolbar

5.0\resources\en-US\loc

al\search.html
O8 - Extra context menu

item: &Search -

http://edits.mywebsearc

h.com/toolbaredits/menu

search.jhtml?p=ZUfox000
O8 - Extra context menu

item: E&xport to

Microsoft Excel -

res://C:\PROGRA~1\MICRO

S~2\Office12\EXCEL.EXE/

3000
O8 - Extra context menu

item: Send to

&Bluetooth Device... -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie_ct

x.htm
O9 - Extra button: (no

name) -

{08B0E5C0-4FCB-11CF-AAA

5-00401C608501} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O9 - Extra 'Tools'

menuitem: Sun Java

Console -

{08B0E5C0-4FCB-11CF-AAA

5-00401C608501} -

C:\Program

Files\Java\jre1.6.0_07\

bin\ssv.dll
O9 - Extra button: Send

to OneNote -

{2670000A-7350-4f3c-808

1-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Of

fice12\ONBttnIE.dll
O9 - Extra 'Tools'

menuitem: S&end to

OneNote -

{2670000A-7350-4f3c-808

1-5663EE0C6C49} -

C:\PROGRA~1\MICROS~2\Of

fice12\ONBttnIE.dll
O9 - Extra button: AIM

Toolbar -

{3369AF0D-62E9-4bda-810

3-B4C75499B578} -

C:\Program

Files\AOL\AIM Toolbar

5.0\aoltb.dll
O9 - Extra button:

Yahoo! Services -

{5BAB4B5B-68BC-4B02-94D

6-2FC0DE4A7897} -

C:\Program

Files\Yahoo!\Common\yie

srvc.dll
O9 - Extra button:

Research -

{92780B25-18CC-41C8-B9B

E-3C9C571A8263} -

C:\PROGRA~1\MICROS~2\Of

fice12\REFIEBAR.DLL
O9 - Extra button:

@btrez.dll,-4015 -

{CCA281CA-C863-46ef-933

1-5C8D4460577F} -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie.ht

m
O9 - Extra 'Tools'

menuitem:

@btrez.dll,-12650 -

{CCA281CA-C863-46ef-933

1-5C8D4460577F} -

C:\Program

Files\WIDCOMM\Bluetooth

Software\btsendto_ie.ht

m
O9 - Extra button: (no

name) -

{e2e2dd38-d088-4134-82b

7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.ex

e
O9 - Extra 'Tools'

menuitem:

@xpsp3res.dll,-20001 -

{e2e2dd38-d088-4134-82b

7-f2ba38496583} -

C:\WINDOWS\Network

Diagnostic\xpnetdiag.ex

e
O9 - Extra button:

Messenger -

{FB5F1910-F110-11d2-BB9

E-00C04F795683} -

C:\Program

Files\Messenger\msmsgs.

exe
O9 - Extra 'Tools'

menuitem: Windows

Messenger -

{FB5F1910-F110-11d2-BB9

E-00C04F795683} -

C:\Program

Files\Messenger\msmsgs.

exe
O16 - DPF:

{05CA9FB0-3E3E-4B36-BF4

1-0E3A5CAA8CD8} (Office

Genuine Advantage

Validation Tool) -

http://go.microsoft.com

/fwlink/?linkid=58813
O16 - DPF:

{30528230-99f7-4bb4-88d

8-fa1d4f56a2ab}

(Installation Support)

- C:\Program

Files\Yahoo!\Common\Yin

sthelper.dll
O16 - DPF:

{6B75345B-AA36-438A-BBE

6-4078B4C6984D}

(HpProductDetection

Class) -

http://h20270.www2.hp.c

om/ediags/gmn2/install/

HPProductDetection.cab
O16 - DPF:

{BFF1950D-B1B4-4AE8-B84

2-B2CCF06D9A1B} (Zylom

Games Player) -

http://www.gamehouse.co

m/games/zylom/zylomplay

er.cab
O16 - DPF:

{D27CDB6E-AE6D-11CF-96B

8-444553540000}

(Shockwave Flash

Object) -

http://fpdownload2.macr

omedia.com/get/shockwav

e/cabs/flash/swflash.ca

b
O16 - DPF:

{FD0B6769-6490-4A91-AA0

A-B5AE0DC75AC9}

(Performance Viewer

Activex Control) -

https://secure.logmein.

com/activex/ractrl.cab?

lmi=100
O18 - Protocol:

grooveLocalGWS -

{88FED34C-F0CA-4636-A37

5-3CB6248B04CD} -

C:\Program

Files\Microsoft

Office\Office12\GrooveS

ystemServices.dll
O18 - Protocol:

linkscanner -

{F274614C-63F8-47D5-A4D

1-FBDDE494F8D1} -

C:\Program

Files\AVG\AVG8\avgpp.dl

l
O20 - AppInit_DLLs:

avgrsstx.dll
O23 - Service: Access

Utility Service -

SprintNextel -

C:\Program

Files\Sprint\Mobile

Broadband\SMBAUtilSvc.e

xe
O23 - Service: Ati

HotKey Poller - ATI

Technologies Inc. -

C:\WINDOWS\system32\Ati

2evxx.exe
O23 - Service: AVG8

WatchDog (avg8wd) - AVG

Technologies CZ, s.r.o.

-

C:\PROGRA~1\AVG\AVG8\av

gwdsvc.exe
O23 - Service:

Bluetooth Service

(btwdins) - Broadcom

Corporation. -

C:\Program

Files\WIDCOMM\Bluetooth

Software\bin\btwdins.ex

e
O23 - Service: Google

Updater Service (gusvc)

- Google - C:\Program

Files\Google\Common\Goo

gle

Updater\GoogleUpdaterSe

rvice.exe
O23 - Service: HP WMI

Interface (hpqwmi) -

Hewlett-Packard

Development Company,

L.P. - C:\Program

Files\HPQ\SHARED\HPQWMI

.exe
O23 - Service:

InstallDriver Table

Manager (IDriverT) -

Macrovision Corporation

- C:\Program

Files\Common

Files\InstallShield\Dri

ver\1150\Intel

32\IDriverT.exe
O23 - Service:

lxct_device - -

C:\WINDOWS\system32\lxc

tcoms.exe
O23 - Service: My Web

Search Service

(MyWebSearchService) -

MyWebSearch.com -

C:\PROGRA~1\MYWEBS~1\ba

r\1.bin\mwssvc.exe
O23 - Service:

Viewpoint Manager

Service - Viewpoint

Corporation -

C:\Program

Files\Viewpoint\Common\

ViewpointService.exe
O23 - Service: Dell

Wireless WLAN Tray

Service (wltrysvc) -

Unknown owner -

C:\WINDOWS\System32\WLT

RYSVC.EXE

--
End of file - 12838

bytes

slow proccess execution, overall too much has been installed..

#1
doja503

Posted 21 September 2008 - 06:13 PM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

slow proccess execution, overall too much has been installed..

#1 doja503 Posted 21 September 2008 - 06:13 PM

Advertisements

Similar Topics

0 user(s) are reading this topic

As Featured On:

Forums

Downloads

Members

Connect With Us

Sign In

#1
doja503

Posted 21 September 2008 - 06:13 PM