Logfile of HijackThis v1.99.1
Scan saved at 6:17:17 AM, on 5/9/2008
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16640)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\SYSTEM32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Panda Security\pavsrv51.exe
C:\Program Files\Panda Security\AVENGINE.EXE
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\netdde.exe
C:\WINDOWS\system32\DRIVERS\CDANTSRV.EXE
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
C:\Program Files\HPQ\shared\hpqwmi.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\PsCtrls.exe
C:\Program Files\Common Files\Panda
Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\PsImSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\vssvc.exe
C:\WINDOWS\system32\wbem\wmiapsrv.exe
C:\WINDOWS\System32\dmadmin.exe
C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Panda Security\APVXDWIN.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Program Files\Panda Security\WebProxy.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Common Files\Microsoft Shared\Windows
Live\WLLoginProxy.exe
C:\Program Files\Common Files\Microsoft
Shared\VS7DEBUG\MDM.EXE
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar =
http://us.rd.yahoo.c...*http://www.yah
oo.com/search/ie.html
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page
= http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page
= http://go.microsoft....k/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R1 - HKCU\Software\Microsoft\Internet Explorer\SearchURL,
(Default) =
http://us.rd.yahoo.c...*http://www.yah
oo.com
R3 - URLSearchHook: (no name) - {6dfc55bb-bfff-485a-9709-
90c3fdf6db58} - (no file)
O2 - BHO: (no name) - {02478D38-C3F9-4EFB-9B51-
7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-
4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common
Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: dsWebAllowBHO Class - {2F85D76C-0569-466F-A488-
493E6BD0E955} - C:\Program Files\Windows Desktop
Search\dsWebAllow.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-
6F6E-4B53-A66E-4E65E497C8C0} - (no file)
O2 - BHO: (no name) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} -
(no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-
D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-
8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft
Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: (no name) - {A7327C09-B521-4EDB-8509-
7D2660C9EC98} - (no file)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-
CF10577473F7} - c:\program files\google\googletoolbar2.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-
B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\3.0.1225.9868\swg.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-
4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live
Toolbar\msntb.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-
ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live
Toolbar\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - c:\program files\google\googletoolbar2.dll
O3 - Toolbar: (no name) - {6dfc55bb-bfff-485a-9709-90c3fdf6db58} -
(no file)
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [BrMfcWnd] C:\Program
Files\Brother\Brmfcmon\BrMfcWnd.exe /AUTORUN
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda
Security\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [Cpqset] C:\Program Files\HPQ\Default
Settings\cpqset.exe
O4 - HKLM\..\Run: [SynTPStart] C:\Program
Files\Synaptics\SynTP\SynTPStart.exe
O4 - HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32
\hkcmd.exe
O4 - HKLM\..\Run: [Persistence] C:\WINDOWS\system32
\igfxpers.exe
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O8 - Extra context menu item: &Windows Live Search -
res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites -
http://favorites.liv...m/quickadd.aspx
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.6.0_05\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB
-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_05
\bin\ssv.dll
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: vzTCPConfig -
http://www2.verizon....vzTCPConfig.CAB
O16 - DPF: {01113300-3E00-11D2-8470-0060089874ED}
(Support.com Configuration Class) -
https://activatemyfi...oad/FIOS/tgctlc
m.cab
O16 - DPF: {2D8ED06D-3C30-438B-96AE-4D110FDC1FB8}
(ActiveScan 2.0 Installer Class) -
http://acs.pandasoft...s/as2stubie.cab
O16 - DPF: {30528230-99F7-4BB4-88D8-FA1D4F56A2AB}
(Installation Support) - C:\Program Files\Yahoo!
\Common\Yinsthelper.dll
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN
Photo Upload Tool) -
http://by119fd.bay11...es/MsnPUpld.cab
O16 - DPF: {512FC5A1-7DE1-43F1-BC0C-371622FCB409}
(TotalScan Installer Class) -
http://www.nanoscan....s/ascstubie.cab
O16 - DPF: {5ED80217-570B-4DA9-BF44-BE107C0EC166}
(Windows Live Safety Center Base Module) -
http://cdn.scan.onec.../scanner/wlscba
se370.cab
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C}
(WUWebControl Class) -
http://update.micros...rols/en/x86/cli
ent/wuweb_site.cab?1165354109912
O16 - DPF: {6B75345B-AA36-438A-BBE6-4078B4C6984D}
(HpProductDetection Class) -
http://h20270.www2.h...ProductDetectio
n.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3}
(MUWebControl Class) -
http://update.micros...rols/en/x86/cli
ent/muweb_site.cab?1187757833968
O16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP
Download Manager) -
https://h20436.www2....re/HPDEXAXO.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737}
(Windows Live Photo Upload Control) - http://cid-
fa2c1bc762a8eb07.spaces.live.com/PhotoUpload/MsnPUpld.cab
O16 - DPF: {CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA} (Java
Runtime Environment 1.4.1_02) -
O16 - DPF: {E8F628B5-259A-4734-97EE-BA914D7BE941} (Driver
Agent ActiveX Control) - http://driveragent.c...driveragent.cab
O16 - DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7}
(PCPitstop Exam) -
http://utilities.pcp.../pcpitstop2.dll
O20 - Winlogon Notify: Antiwpa - antiwpa.dll (file missing)
O20 - Winlogon Notify: avldr - C:\WINDOWS\SYSTEM32\avldr.dll
O20 - Winlogon Notify: igfxcui - C:\WINDOWS\SYSTEM32
\igfxdev.dll
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32
\WgaLogon.dll
O21 - SSODL: WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-
94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll
O23 - Service: Apple Mobile Device - Apple, Inc. - C:\Program
Files\Common Files\Apple\Mobile Device
Support\bin\AppleMobileDeviceService.exe
O23 - Service: C-DillaSrv - C-Dilla Ltd - C:\WINDOWS\system32
\DRIVERS\CDANTSRV.EXE
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: HP WMI Interface (hpqwmi) - Hewlett-Packard
Development Company, L.P. - C:\Program
Files\HPQ\shared\hpqwmi.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company,
L.P. - C:\Program Files\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: Panda Software Controller - Panda Software
International - C:\Program Files\Panda Security\PsCtrls.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) -
Panda Software - C:\Program Files\Common Files\Panda
Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software
International - C:\Program Files\Panda Security\pavsrv51.exe
O23 - Service: Panda IManager Service (PSIMSVC) - Panda
Software International - C:\Program Files\Panda
Security\PsImSvc.exe
Sincerely,
leaofhb/ Hbtomboy@hotmail.com