Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 5:20:53 PM, on 8/5/2008
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
C:\Program Files\Verizon\McciTrayApp.exe
C:\WINDOWS\system32\rundll32.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE
C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\AVENGINE.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\Firewall\PSHOST.EXE
C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\SRVLOAD.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\WebProxy.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\avciman.exe
C:\Program Files\Panda Security\Panda Internet Security 2008\psimreal.exe
C:\WINDOWS\system32\wuauclt.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://cgi.verizon.net/bookmarks/bmr...1&bm=ho_search
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://finance.yahoo.com/
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer provided by Verizon Online
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = 127.0.0.1;*.local
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: (no name) - {03252EE9-713A-4841-BD58-B965FC7B1521} - (no file)
O2 - BHO: (no name) - {045f318e-550a-48ad-9b53-9dfd6a05dbeb} - (no file)
O2 - BHO: (no name) - {06A1F910-762A-4660-B534-55B82571851C} - C:\WINDOWS\system32\urqqpNhe.dll (file missing)
O2 - BHO: (no name) - {08CC3055-CEE0-40AE-AA25-4B06B3DC7ED9} - (no file)
O2 - BHO: (no name) - {0CEECAA4-C6C3-4038-9E67-2CF35DF4F60F} - C:\WINDOWS\system32\qoMgeDwU.dll (file missing)
O2 - BHO: (no name) - {1046CAF7-6591-4665-9FB8-239D4CC1A048} - C:\WINDOWS\system32\mlJYSihE.dll (file missing)
O2 - BHO: {3c1fdd7f-6a6c-3db8-17d4-f9ea9b055631} - {136550b9-ae9f-4d71-8bd3-c6a6f7ddf1c3} - C:\WINDOWS\system32\izitvd.dll (file missing)
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: (no name) - {383DEC6B-5060-44A2-9F9D-EDB785F3DE6C} - (no file)
O2 - BHO: (no name) - {3C7143AE-6D68-42DA-959D-314FBE4DBEB5} - C:\WINDOWS\system32\rqRLecyx.dll (file missing)
O2 - BHO: (no name) - {69214B90-99A7-4EF1-9530-B635ED73B225} - C:\WINDOWS\system32\cbXQhEuR.dll (file missing)
O2 - BHO: (no name) - {6D1329B9-0797-4493-B147-58D3E30CD38C} - C:\WINDOWS\system32\ddcBRiFW.dll (file missing)
O2 - BHO: (no name) - {73323EEF-7557-4AAD-830D-29379448ADC0} - C:\WINDOWS\system32\wvUkJcDW.dll (file missing)
O2 - BHO: (no name) - {79416477-8464-49F8-8B2D-13BF79EDCBA0} - (no file)
O2 - BHO: (no name) - {7D6E18E3-0AE1-4DAD-98E6-2489B9F36B7F} - (no file)
O2 - BHO: (no name) - {87C416DD-D226-45B6-912A-D6874DDA9640} - C:\WINDOWS\system32\geBRigDv.dll (file missing)
O2 - BHO: (no name) - {94CE3EF9-0764-4BC4-9A30-86DB64BBE09A} - C:\WINDOWS\system32\wvUmmLbX.dll (file missing)
O2 - BHO: (no name) - {9C38C9A3-6858-47F8-96D4-4E7A6754657A} - C:\WINDOWS\system32\geBuUolM.dll (file missing)
O2 - BHO: (no name) - {A66A6E46-08D6-416C-8F32-210F5CF7DB6E} - (no file)
O2 - BHO: (no name) - {B1A72DC4-6EF1-425D-937C-7777F53F5549} - C:\WINDOWS\system32\opnmKEww.dll (file missing)
O2 - BHO: gooochi browser optimizer - {b2b20aa5-cbb6-2c7e-976d-829a82c5289c} - (no file)
O2 - BHO: (no name) - {B5D4F59A-D5B9-4F05-A7D5-32FBF24206BB} - C:\WINDOWS\system32\efcBrQKe.dll (file missing)
O2 - BHO: 100% Free Hearts Toolbar Helper - {CBD540A1-DEFE-4DF9-80F6-ECB8684F7C73} - C:\Program Files\100% Free Hearts Toolbar\v3.3.0.1\100%_Free_Hearts_Toolbar.dll
O2 - BHO: (no name) - {DFB1AE4B-6361-4354-B8A9-FBB731EBE308} - C:\WINDOWS\system32\ssqrRJCs.dll (file missing)
O2 - BHO: (no name) - {FC4B096C-BB9C-4981-BB82-17B5CFB38945} - (no file)
O3 - Toolbar: 100% Free Hearts Toolbar - {26D0D2D9-63E6-4F90-9D78-E68FC5704BAC} - C:\Program Files\100% Free Hearts Toolbar\v3.3.0.1\100%_Free_Hearts_Toolbar.dll
O4 - HKLM\..\Run: [Verizon_McciTrayApp] C:\Program Files\Verizon\McciTrayApp.exe
O4 - HKLM\..\Run: [382c4767] rundll32.exe "C:\WINDOWS\system32\hihugtml.dll",b
O4 - HKLM\..\Run: [BM3b1f74fb] Rundll32.exe "C:\WINDOWS\system32\lfnwiwdh.dll",s
O4 - HKLM\..\Run: [APVXDWIN] "C:\Program Files\Panda Security\Panda Internet Security 2008\APVXDWIN.EXE" /s
O4 - HKLM\..\Run: [SCANINICIO] "C:\Program Files\Panda Security\Panda Internet Security 2008\Inicio.exe"
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [AppleSyncNotifier] C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleSyncNotifier.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [SFP] C:\Program Files\Common Files\Verizon Online\SFP\vzSFPWin.EXE /s
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - Global Startup: AutoCAD Startup Accelerator.lnk = C:\Program Files\Common Files\Autodesk Shared\acstart16.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
O20 - Winlogon Notify: urqqpNhe - urqqpNhe.dll (file missing)
O23 - Service: Lavasoft Ad-Aware Service (aawservice) - Lavasoft - C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
O23 - Service: Autodesk Licensing Service - Autodesk - C:\Program Files\Common Files\Autodesk Shared\Service\AdskScSrv.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: Panda Software Controller - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsCtrls.exe
O23 - Service: Panda Function Service (PAVFNSVR) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PavFnSvr.exe
O23 - Service: Panda Process Protection Service (PavPrSrv) - Panda Software - C:\Program Files\Common Files\Panda Software\PavShld\pavprsrv.exe
O23 - Service: Panda anti-virus service (PAVSRV) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\pavsrv51.exe
O23 - Service: Panda Antispam Engine (pmshellsrv) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\AntiSpam\pskmssvc.exe
O23 - Service: Panda Host Service (PSHost) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\Firewall\PSHOST.EXE
O23 - Service: Panda IManager Service (PSIMSVC) - Panda Software International - C:\Program Files\Panda Security\Panda Internet Security 2008\PsImSvc.exe
--
End of file - 9026 bytes