Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. 
Join 
This topic is locked
Logfile of HijackThis v1.99.1
Scan saved at 11:29:23 AM, on 6/5/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00
(7.00.6000.16441)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe
C:\WINDOWS\system32\netdde.exe
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
C:\WINDOWS\System32\cisvc.exe
C:\WINDOWS\system32\clipsrv.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common
Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
C:\WINDOWS\Microsoft.NET\Framework\v3.0\Wind
ows Communication Foundation\infocard.exe
C:\WINDOWS\system32\ImapiRox.exe
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\system32\nvsvc32.exe
C:\WINDOWS\system32\pctspk.exe
C:\WINDOWS\System32\HPZipm12.exe
C:\WINDOWS\system32\sessmgr.exe
C:\WINDOWS\System32\rsvp.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\System32\dllhost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\System32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Hijackthis\HijackThis.exe
C:\WINDOWS\system32\wuauclt.exe
R0 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page =
http://www.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Start Page_bak =
http://www.yahoo.com/
R1 -
HKCU\Software\Microsoft\Windows\CurrentVersi
on\Internet Settings,ProxyOverride =
localhost
O2 - BHO: AcroIEHlprObj Class -
{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -
C:\Program Files\Adobe\Acrobat
5.0\Reader\ActiveX\AcroIEHelper.ocx
O2 - BHO: (no name) -
{53707962-6F74-2D53-2644-206D7942484F} -
C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SSVHelper Class -
{761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: CIEObjectObj Object -
{CA13D72F-2DAC-4D99-B08D-C5EA1C920E89} -
C:\WINDOWS\IECodecPlg.dll
O4 - HKLM\..\Run: [NvMediaCenter]
RUNDLL32.EXE
C:\WINDOWS\system32\NvMcTray.dll,NvTaskbarIn
it
O4 - HKLM\..\Run: [AVG7_CC]
C:\PROGRA~1\Grisoft\AVG7\avgcc.exe /STARTUP
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE
C:\WINDOWS\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\RunServices: [Windows
iMessenger Messenger] winimsg.exe
O4 - HKCU\..\RunServices: [Windows
iMessenger Messenger] winimsg.exe
O9 - Extra button: (no name) -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java
Console -
{08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program
Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) -
{85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra 'Tools' menuitem: Uninstall
BitDefender Online Scanner v8 -
{85d1f590-48f4-11d9-9669-0800200c9a66} -
%windir%\bdoscandel.exe (file missing)
O9 - Extra button: (no name) -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe
(file missing)
O9 - Extra 'Tools' menuitem:
@xpsp3res.dll,-20001 -
{e2e2dd38-d088-4134-82b7-f2ba38496583} -
%windir%\Network Diagnostic\xpnetdiag.exe
(file missing)
O9 - Extra button: Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O9 - Extra 'Tools' menuitem: Windows
Messenger -
{FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\MSMSGS.EXE
O11 - Options group: [INTERNATIONAL]
International*
O16 - DPF:
{02BF25D5-8C17-4B23-BC80-D3488ABDDC6B}
(QuickTime Object) -
http://a1540.g.akama...540/52/20061205
/qtinstall.info.apple.com/qtactivex/qtplugin
.cab
O16 - DPF:
{03F998B2-0E00-11D3-A498-00104B6EB52E} -
https://components.v...com/MTSInstalle
rs/MetaStream3.cab?url=http://www.viewpoint.
com/cgi-bin/beta/vet_install_popup.pl?1&4&04
.00.07.02&http://www.bhg.com/bhg/category.jh
tml?categoryid=/templatedata/bhg/category/da
ta/coloraroom_livingroom1.xml
O16 - DPF:
{0E5F0222-96B9-11D3-8997-00104BD12D94}
(PCPitstop Utility) -
http://www.pcpitstop...tstop/PCPitStop
.CAB
O16 - DPF:
{11260943-421B-11D0-8EAC-0000C07D88CF} (iPIX
ActiveX Control) -
http://www.ipix.com/download/ipixx.cab
O16 - DPF:
{17492023-C23A-453E-A040-C7C580BBF700}
(Windows Genuine Advantage Validation Tool)
-
http://go.microsoft....k/?linkid=39204
O16 - DPF:
{30528230-99f7-4bb4-88d8-fa1d4f56a2ab}
(YInstStarter Class) - C:\Program
Files\Yahoo!\Common\yinsthelper.dll
O16 - DPF:
{39B0684F-D7BF-4743-B050-FDC3F48F7E3B}
(CDownloadCtrl Object) -
http://www.fileplane...lmgr/cabs/FPDC_
2.3.6.108.cab
O16 - DPF:
{5D86DDB5-BDF9-441B-9E9E-D4730F4EE499}
(BDSCANONLINE Control) -
http://download.bitd...om/resources/sc
an8/oscan8.cab
O16 - DPF:
{62475759-9E84-458E-A1AB-5D2C442ADFDE} -
O16 - DPF:
{68BCE50A-DC9B-4519-A118-6FDA19DB450D} (Info
Class) -
http://support.vugam...tasubmission/sy
sinfo/Si.cab
O16 - DPF:
{6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.micros...icrosoftupdate/
v6/V5Controls/en/x86/client/muweb_site.cab?1
172019746421
O16 - DPF:
{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA} (Java
Runtime Environment 1.4.1_03) -
O16 - DPF:
{D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.m....com/get/shockw
ave/cabs/flash/swflash.cab
O16 - DPF:
{E7DBFB6C-113A-47CF-B278-F5C6AF4DE1BD} -
http://download.abac...ownload/files/a
basetup142f1.cab
O20 - Winlogon Notify: WgaLogon -
C:\WINDOWS\SYSTEM32\WgaLogon.dll
O21 - SSODL: WPDShServiceObj -
{AAA288BA-9A4C-45B0-95D7-94D524869DB5} -
C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: AVG7 Alert Manager Server
(Avg7Alrt) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgamsvr.exe
O23 - Service: AVG7 Update Service
(Avg7UpdSvc) - GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgupsvc.exe
O23 - Service: AVG E-mail Scanner (AVGEMS) -
GRISOFT, s.r.o. -
C:\PROGRA~1\Grisoft\AVG7\avgemc.exe
O23 - Service: FanSpeedNT Service - Unknown
owner -
C:\unzipped\FanSpeed1_2_0\fanspeedNT.exe"
(file missing)
O23 - Service: InstallDriver Table Manager
(IDriverT) - Macrovision Corporation -
C:\Program Files\Common
Files\InstallShield\Driver\11\Intel
32\IDriverT.exe
O23 - Service: IMAPI CD-Burning COM Service
(ImapiService) - Roxio Inc. -
C:\WINDOWS\system32\ImapiRox.exe
O23 - Service: iPod Service - Apple Inc. -
C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: NVIDIA Display Driver Service
(NVSvc) - NVIDIA Corporation -
C:\WINDOWS\system32\nvsvc32.exe
O23 - Service: PCTEL Speaker Phone (Pctspk)
- PCtel, Inc. -
C:\WINDOWS\system32\pctspk.exe
O23 - Service: Pml Driver HPZ12 - HP -
C:\WINDOWS\System32\HPZipm12.exe
