The download link for Hijackthis is broken by the way, I had to find it through Google.
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:57:07 AM, on 12/29/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16762)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Avira\AntiVir PersonalEdition
Classic\avguard.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\RUNDLL32.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Avira\AntiVir PersonalEdition
Classic\avgnt.exe
C:\Program Files\Logitech\Gaming Software\LWEMon.exe
C:\PROGRA~1\AVG\AVG8\avgtray.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Veoh Networks\Veoh\VeohClient.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\MsnMsgr.Exe
C:\Program Files\Electronic Arts\EADM\Core.exe
C:\Program Files\Microsoft SQL
Server\80\Tools\Binn\sqlmangr.exe
C:\Program Files\Avira\AntiVir PersonalEdition
Classic\sched.exe
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Sony\Shared Plug-Ins\Media
Manager\MSSQL$SONY_MEDIAMGR\Binn\sqlservr.exe
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\Nexon\Mabinogi\npkcmsvc.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\Program Files\Alcohol Soft\Alcohol
120\StarWind\StarWindServiceAE.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet
Explorer,SearchURL = http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet
Explorer,SearchURL = http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://internetsearchservice.com
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Bar =
Internet Explorer Search
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Search Page =
http://internetsearchservice.com
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
Live Search
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Bar =
Internet Explorer Search
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Search Page =
Live Search
R0 - HKLM\Software\Microsoft\Internet
Explorer\Main,Start Page =
MSN.com
R1 - HKCU\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://internetsearchservice.com
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
http://internetsearchservice.com
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet
Settings,ProxyOverride = *.local
R3 - URLSearchHook: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Yahoo! Toolbar Helper -
{02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: ShoppingReport -
{100EB1FD-D03E-47FD-81F3-EE91287F9465} - C:\Program
Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file
missing)
O2 - BHO: GigagetIEHelper Class -
{111CAA23-6F4F-42AC-8555-B48C1D87BBAB} -
C:\WINDOWS\system32\gigagetbho_v10.dll
O2 - BHO: AVG Safe Search -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program
Files\AVG\AVG8\avgssie.dll
O2 - BHO: Java(tm) Plug-In SSV Helper -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program
Files\Java\jre6\bin\ssv.dll
O2 - BHO: (no name) -
{7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Windows Live Sign-in Helper -
{9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program
Files\Common Files\Microsoft Shared\Windows
Live\WindowsLiveLogin.dll
O2 - BHO: (no name) -
{99BA268B-4021-4739-9945-3C774217FE75} - C:\Program
Files\NetProject\sbmdl.dll (file missing)
O2 - BHO: AVG Security Toolbar -
{A057A204-BACC-4D26-9990-79A187E2698E} -
C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O2 - BHO: Java(tm) Plug-In 2 SSV Helper -
{DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: 905757 Class -
{E28F671C-3D83-4149-BA2F-546A67702B49} -
C:\WINDOWS\system32\905757\905757.dll (file missing)
O2 - BHO: JQSIEStartDetectorImpl -
{E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program
Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 - Toolbar: Internet Service -
{51D81DD5-55B7-497F-95DB-D356429BB54E} - C:\Program
Files\NetProject\wamdl.dll (file missing)
O3 - Toolbar: AVG Security Toolbar -
{A057A204-BACC-4D26-9990-79A187E2698E} -
C:\PROGRA~1\AVG\AVG8\AVGTOO~1.DLL
O3 - Toolbar: Veoh Browser Plug-in -
{D0943516-5076-4020-A3B5-AEFAF26AB263} - C:\Program
Files\Veoh Networks\Veoh\Plugins\reg\VeohToolbar.dll
O3 - Toolbar: Yahoo! Toolbar -
{EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program
Files\Yahoo!\Companion\Installs\cpn\yt.dll
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [nwiz] nwiz.exe /install
O4 - HKLM\..\Run: [NvMediaCenter] RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\..\Run: [avgnt] "C:\Program
Files\Avira\AntiVir PersonalEdition Classic\avgnt.exe"
/min
O4 - HKLM\..\Run: [Start WingMan Profiler] C:\Program
Files\Logitech\Gaming Software\LWEMon.exe /noui
O4 - HKLM\..\Run: [AVG8_TRAY]
C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [KernelFaultCheck]
%systemroot%\system32\dumprep 0 -k
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program
Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program
Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [AlcoholAutomount] "C:\Program
Files\Alcohol Soft\Alcohol 120\axcmd.exe" /automount
O4 - HKCU\..\Run: [Veoh] "C:\Program Files\Veoh
Networks\Veoh\VeohClient.exe" /VeohHide
O4 - HKCU\..\Run: [ctfmon.exe]
C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\Windows
Live\Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EA Core] C:\Program Files\Electronic
Arts\EADM\Core.exe -silent
O4 - HKCU\..\Run: [Fraps] C:\DOCUMENTS AND
SETTINGS\TARA\DESKTOP\NEW FOLDER\FRAPS\FRAPS.EXE
O4 - HKLM\..\Policies\Explorer\Run: [some] C:\Program
Files\NetProject\scit.exe
O4 - HKLM\..\Policies\Explorer\Run: [start] C:\Program
Files\NetProject\sbmntr.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk =
C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk =
C:\Program Files\Adobe\Reader
8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Service Manager.lnk = C:\Program
Files\Microsoft SQL Server\80\Tools\Binn\sqlmangr.exe
O8 - Extra context menu item: &Download All by Gigaget
- C:\Program Files\Giganology\Gigaget\getallurl.htm
O8 - Extra context menu item: &Download by Gigaget -
C:\Program Files\Giganology\Gigaget\geturl.htm
O9 - Extra button: (no name) -
{9034A523-D068-4BE8-A284-9DF278BE776E} -
ietoolpro.com (file missing)
O9 - Extra 'Tools' menuitem: IE Anti-Spyware -
{9034A523-D068-4BE8-A284-9DF278BE776E} -
ietoolpro.com (file missing)
O9 - Extra button: ShopperReports - Compare product
prices - {C5428486-50A0-4a02-9D20-520B59A9F9B2} -
C:\Program
Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file
missing)
O9 - Extra button: ShopperReports - Compare travel
rates - {C5428486-50A0-4a02-9D20-520B59A9F9B3} -
C:\Program
Files\ShoppingReport\Bin\2.5.0\ShoppingReport.dll (file
missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program
Files\Messenger\msmsgs.exe
O16 - DPF: {0B386B45-B2CF-4525-82FE-D3489C2D26C9}
(ActozWebLauncher Control) -
http://www.latale.com/Launcher/ActozWebLauncher.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501}
(Checkers Class) -
http://messenger.zone.msn.com/binary/msgrchkr.cab56986.
cab
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953}
(Nexon Package Manager Control) -
http://s.nx.com/activex/public_new/nxpm.cab
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF: {4C563F3F-5621-4F23-BAC8-6B84DCA61AB2}
(GoonzuGlobal_downloader Control) -
http://cdn.goonzu.com/gscdnSkins/GoonzuGlobal_downloade
r1222.cab
O16 - DPF: {69EF49E5-FE46-4B92-B5FA-2193AB7A6B8A}
(GameLauncher Control) -
http://www.acclaim.com/cabs/acclaim_v5.cab
O16 - DPF: {7E980B9B-8AE5-466A-B6D6-DA8CF814E78A}
(MJLauncherCtrl Class) -
http://messenger.zone.msn.com/EN-US/a-LUXR/mjolauncher.
cab
O16 - DPF: {99CAAA27-FA0C-4FA4-B88A-4AB1CC7A17FE}
(MGLaunch_USAv1001 Class) -
http://ares.netgame.com/download/mglaunch_USAv1002.cab
O16 - DPF: {AA07EBD2-EBDD-4BD6-9F8F-114BD513492C}
(NeffyLauncherCtl Class) -
http://dist.globalgamecdn.com/dist/neffy/NeffyLauncher.
cab
O16 - DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557}
(CSolidBrowserObj Object) -
http://www.solidstatenetworks.com/demos/plugintest/soli
dstateion.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072}
(MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPACl
ient.cab56907.cab
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.macromedia.com/get/shockwave/cabs/fl
ash/swflash.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48}
(Minesweeper Flags Class) -
http://messenger.zone.msn.com/binary/MineSweeper.cab569
86.cab
O18 - Protocol: linkscanner -
{F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program
Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: avgrsstx.dll
O22 - SharedTaskScheduler: delayingly -
{e89fa8e9-5c0b-45f6-a70e-f7b177bcd193} -
C:\WINDOWS\system32\rtmipr.dll (file missing)
O23 - Service: AntiVir PersonalEdition Classic
Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program
Files\Avira\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard
(AntiVirService) - Avira GmbH - C:\Program
Files\Avira\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: Apple Mobile Device - Apple Inc. -
C:\Program Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG
Technologies CZ, s.r.o. -
C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG
Technologies CZ, s.r.o. -
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
O23 - Service: Bonjour Service - Apple Inc. -
C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program
Files\iPod\bin\iPodService.exe
O23 - Service: Java Quick Starter
(JavaQuickStarterService) - Sun Microsystems, Inc. -
C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: npkcmsvc - INCA Internet Co., Ltd. -
C:\Nexon\Mabinogi\npkcmsvc.exe
O23 - Service: NVIDIA Display Driver Service (NVSvc) -
NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: StarWind AE Service (StarWindServiceAE)
- Rocket Division Software - C:\Program Files\Alcohol
Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
--
End of file - 12114 bytes
