Logfile of HijackThis v1.99.1
Scan saved at 8:44:06 PM, on 5/10/2007
Platform: Windows XP SP1 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP1 (6.00.2600.0000)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
G:\PROGRAM FILES\DigitalPersona\Bin\DPWinLct.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
G:\PROGRAM FILES\DigitalPersona\Bin\DpHost.exe
C:\WINDOWS\System32\svchost.exe
G:\PROGRAM FILES\DigitalPersona\Bin\DPFUSMgr.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\ctfmon.exe
C:\WINDOWS\System32\khooker.exe
G:\PROGRAM FILES\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe
G:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MOTIVESB.EXE
G:\PROGRA~1\Grisoft\AVG7\avgcc.exe
G:\PROGRAM FILES\QuickTime\qttask.exe
G:\PROGRAM FILES\Acronis\TrueImage\TrueImageMonitor.exe
C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe
G:\PROGRAM FILES\Adobe\Acrobat 7.0\Distillr\Acrotray.exe
G:\PROGRAM FILES\PROJECT LAB\DDS\DDS.EXE
G:\PROGRAM FILES\DigitalPersona\Bin\DPAgnt.exe
C:\windows\system32\vdsreg.exe
G:\Program Files\ashampoo\Ashampoo UnInstaller 2002-2003\UIWatcher.exe
G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOTASKBARICON.EXE
G:\PROGRAM FILES\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
G:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
C:\WINDOWS\System32\WgaTray.exe
C:\WINDOWS\system32\ntvdm.exe
G:\PROGRAM FILES\Microsoft Office\Office10\WINWORD.EXE
G:\Program Files\Microsoft Office\Office10\OUTLOOK.EXE
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\WINDOWS\System32\Ipen.exe
G:\Program Files\Visual CD\VisCD.exe
G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\Acrobat.exe
C:\DOCUME~1\default\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\DOCUME~1\default\LOCALS~1\Temp\Adobelm_Cleanup.0001
C:\Program Files\Internet Explorer\iexplore.exe
G:\PROGRAM FILES\Microsoft Office\Office10\EXCEL.EXE
C:\Program Files\Internet Explorer\iexplore.exe
L:\Downloads\Ad-aware-Spybot-anti-malware tools\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.verizon.net/
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\SYSTEM\blank.htm
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Ricks Internet Kingdom Searcher
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1
O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - G:\PROGRAM FILES\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {724d43a9-0d85-11d4-9908-00400523e39a} - G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - g:\program files\google\googletoolbar4.dll
O2 - BHO: AcroIEToolbarHelper Class - {AE7CD045-E861-484f-8273-0445EE161910} - G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O2 - BHO: &Google Notebook - {CCCCCCD3-666F-4F81-8B69-745DE9F6D897} - G:\PROGRAM FILES\Google\Google Notebook\gnotes1.0.2.19-1486484490.dll
O3 - Toolbar: @msdxmLC.dll,-1@1033,&Radio - {8E718888-423F-11D2-876E-00A0C9082467} - C:\WINDOWS\System32\msdxm.ocx
O3 - Toolbar: &RoboForm - {724d43a0-0d85-11d4-9908-00400523e39a} - G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORM.DLL
O3 - Toolbar: FingerSystem IE Memo - {8D13872E-6174-49C1-B8D2-793F90CCAFAC} - G:\PROGRAM FILES\FINGER SYSTEM INC\FINGERSYSTEM IPEN DRIVER\FGIEMEMO.DLL
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - g:\program files\google\googletoolbar4.dll
O3 - Toolbar: Google Notebook - {CCCCCCDB-4DDB-4703-95D4-DD2C526397BF} - G:\PROGRAM FILES\Google\Google Notebook\gnotes1.0.2.19-1486484490.dll
O4 - HKLM\..\Run: [SystemTray] SysTray.Exe
O4 - HKLM\..\Run: [SiS KHooker] C:\WINDOWS\System32\khooker.exe
O4 - HKLM\..\Run: [RoxioDragToDisc] "G:\PROGRAM FILES\Roxio\Easy Media Creator 7\Drag to Disc\DrgToDsc.exe"
O4 - HKLM\..\Run: [QuickFinder Scheduler] "G:\PROGRAM FILES\WORDPERFECT OFFICE 11\PROGRAMS\QFSCHD110.EXE"
O4 - HKLM\..\Run: [Motive SmartBridge] G:\PROGRA~1\VERIZO~1\HELPSU~1\SMARTB~1\MOTIVESB.EXE
O4 - HKLM\..\Run: [AVG7_CC] G:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [QuickTime Task] "G:\PROGRAM FILES\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
O4 - HKLM\..\Run: [Acronis True Image Monitor] "G:\PROGRAM FILES\Acronis\TrueImage\TrueImageMonitor.exe"
O4 - HKLM\..\Run: [Acronis Scheduler2 Service] "C:\Program Files\Common Files\Acronis\Schedule2\schedhlp.exe"
O4 - HKLM\..\Run: [Acrobat Assistant 7.0] "G:\PROGRAM FILES\Adobe\Acrobat 7.0\Distillr\Acrotray.exe"
O4 - HKLM\..\Run: [CCD Manager] "G:\PROGRAM FILES\PROJECT LAB\DDS\DDS.EXE"
O4 - HKLM\..\Run: [DPAgnt] G:\PROGRAM FILES\DigitalPersona\Bin\DPAgnt.exe
O4 - HKLM\..\Run: [Configuration Manager] C:\WINDOWS\cfg32.exe
O4 - HKLM\..\Run: [{9B-BB-B6-6E-ZN}] C:\windows\system32\vdsreg.exe SKY001
O4 - HKLM\..\Run: [SpyHunter] G:\PROGRAM FILES\Enigma Software Group\SpyHunter\SpyHunter.exe
O4 - HKCU\..\Run: [UIWatcher] G:\Program Files\ashampoo\Ashampoo UnInstaller 2002-2003\UIWatcher.exe
O4 - HKCU\..\Run: [swg] G:\PROGRAM FILES\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [Creative Detector] "G:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [RoboForm] "G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\RoboTaskBarIcon.exe"
O4 - Startup: Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Startup: c-program files-filemap by bb v302-bootalert.LNK = C:\Program Files\FileMap By BB v302\Bootalert.exe
O4 - Global Startup: Adobe Acrobat Speed Launcher.lnk = ?
O4 - Global Startup: GoBack.lnk = G:\Program Files\Roxio\GoBack\GBTray.exe
O4 - Global Startup: Microtek Scanner Finder.lnk = G:\Program Files\Microtek\ScanWizard 5\ScannerFinder.exe
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &Search - C:\search\search.htm
O8 - Extra context menu item: Convert link target to Adobe PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert to existing PDF - res://G:\PROGRAM FILES\Adobe\Acrobat 7.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Customize &Menu - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMCUSTOMIZEIEMENU.HTML
O8 - Extra context menu item: E&xport to Microsoft Excel - RES://G:\PROGRA~1\MICROS~2\OFFICE10\EXCEL.EXE/3000
O8 - Extra context menu item: Fill Forms &] - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMFILLFORMS.HTML
O8 - Extra context menu item: Note this (Google Notebook) - res://G:\PROGRAM FILES\Google\Google Notebook\gnotes1.0.2.19-1486484490.dll/gn_menu1.html
O8 - Extra context menu item: Note this item (Google Notebook) - res://G:\PROGRAM FILES\Google\Google Notebook\gnotes1.0.2.19-1486484490.dll/gn_menu2.html
O8 - Extra context menu item: Save Forms &^ - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMSAVEPASS.HTML
O9 - Extra button: Fill Forms - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMFILLFORMS.HTML (file missing)
O9 - Extra 'Tools' menuitem: Fill Forms &] - {320AF880-6646-11D3-ABEE-C5DBF3571F46} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMFILLFORMS.HTML (file missing)
O9 - Extra button: Save - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMSAVEPASS.HTML (file missing)
O9 - Extra 'Tools' menuitem: Save Forms &^ - {320AF880-6646-11D3-ABEE-C5DBF3571F49} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMSAVEPASS.HTML (file missing)
O9 - Extra button: RoboForm - {724d43aa-0d85-11d4-9908-00400523e39a} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMSHOWTOOLBAR.HTML (file missing)
O9 - Extra 'Tools' menuitem: RF Toolbar &2 - {724d43aa-0d85-11d4-9908-00400523e39a} - FILE://G:\PROGRAM FILES\SIBER SYSTEMS\AI ROBOFORM\ROBOFORMCOMSHOWTOOLBAR.HTML (file missing)
O9 - Extra button: Real.com - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - C:\WINDOWS\SYSTEM32\SHDOCVW.DLL
O9 - Extra button: PDFill PDF Editor - {FB858B22-55E2-413f-87F5-30ADC5552151} - G:\PROGRAM FILES\PlotSoft\PDFill\\DownloadPDF.exe
O15 - Trusted Zone: http://esupport.sony.com
O16 - DPF: {D4323BF2-006A-4440-A2F5-27E3E7AB25F8} (Virtools WebPlayer Class) - http://a532.g.akamai...l/installer.exe
O20 - AppInit_DLLs: C:\WINDOWS\System32\perfc000.dat
O20 - Winlogon Notify: DPWLN - C:\WINDOWS\System32\DPWLEvHd.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Acronis Scheduler2 Service (AcrSch2Svc) - Acronis - C:\Program Files\Common Files\Acronis\Schedule2\schedul2.exe
O23 - Service: Adobe LM Service - Adobe Systems - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: AVG7 Alert Manager Server (Avg7Alrt) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service (Avg7UpdSvc) - GRISOFT, s.r.o. - G:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: Windows XP FUS Manager (DPFUSMgr) - DigitalPersona, Inc. - G:\PROGRAM FILES\DigitalPersona\Bin\DPFUSMgr.exe
O23 - Service: Biometric Authentication Service (DpHost) - DigitalPersona, Inc. - G:\PROGRAM FILES\DigitalPersona\Bin\DpHost.exe
O23 - Service: Google Updater Service (gusvc) - Google - G:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Macromedia Licensing Service - Unknown owner - C:\Program Files\Common Files\Macromedia Shared\Service\Macromedia Licensing.exe