pegaso
2007-10-06, 18:04
I have NOD32 running on my PC (use to have Norton Internet Security, but I have uninstalled it before I use NOD32), and after I boot it c omes up with the warning for trojan Win32/Agent.bck, when I select "Terminate" after few seconds a new window comes up saying that i am infected with "Trojan Downloader.small trojan"After this I can not run most of my programs e.g. spybot 1.5 , I get the windows message "Spybot (or other software) has encountered an erron and needs to close" etc. etc.
I have dowloaded and run Vundofix which seem to have cleaned it but when I reboot I get the same messages from NOD32. Here is my Hijackthis report.
I have posted the Kaspersky online on a new post since there are too mant characters for this post.
I would appreciate your help to clean the trojans.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6:31:55 μμ, on 5/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\WINDOWS\system32\LEXPPS.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\cisvc.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Eset\nod32krn.exe
E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
e:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\mqsvc.exe
E:\WINDOWS\system32\mqtgsvc.exe
E:\Program Files\Logitech\iTouch\iTouch.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\ESET\nod32kui.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\cidaemon.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Michael Halkiadakis\Desktop\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.otenet.gr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = DGcon Systems
O1 - Hosts: 127.98.9.1 mail.otenet.gr.b9 #
O1 - Hosts: 62.103.128.200 www.otenet.gr #2004-04-07 18:43:13
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {673995FA-5CBC-454B-957F-96403A570E0E} - E:\WINDOWS\system32\awtqo.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - E:\WINDOWS\system32\sycprour.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [zBrowser Launcher] E:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Ad-watch] E:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NAV Agent] E:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] E:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [UIWatcher] E:\Program Files\Ashampoo\Ashampoo UnInstaller 2002-2003\UIWatcher.exe
O4 - HKCU\..\Run: [PlaxoUpdate] E:\WINDOWS\Plaxo\1.5.2.32\InstallStub.exe -a
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] E:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &eBay Search - res://E:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Append to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.com/SnipeIt/SnipeItOpen3.asp
O8 - Extra context menu item: Ε&ξαγωγή στο Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Λήψη όλων με το FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Λήψη με χρήση του FlashGet - E:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .tif: E:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148313725656
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://www.eurobank.gr/europortal/certs/capicom.cab
O16 - DPF: {BA83FD38-CE14-4DA3-BEF5-96050D55F78A} - http://www.flipviewer.com/exe/fvoem1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF9E04D-5622-4326-B971-8A0DC811699A}: NameServer = 195.170.0.1,195.170.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F41938B-0D3D-472F-9770-4F028ADF1DE8}: NameServer = 192.168.100.50
O20 - Winlogon Notify: winhoq32 - winhoq32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetOp Helper ver. 7.60 (2003246) (NetOp Host for NT Service) - Danware Data A/S - E:\Program Files\NetOp Remote Control\HOST\NHOSTSVC.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O24 - Desktop Component 0: (no name) - file:///E:/DOCUME~1/MICHAE~1/LOCALS~1/Temp/msohtml1/01/clip_image002.gif
--
End of file - 11102 bytes
I have dowloaded and run Vundofix which seem to have cleaned it but when I reboot I get the same messages from NOD32. Here is my Hijackthis report.
I have posted the Kaspersky online on a new post since there are too mant characters for this post.
I would appreciate your help to clean the trojans.
Logfile of Trend Micro HijackThis v2.0.0 (BETA)
Scan saved at 6:31:55 μμ, on 5/10/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
Boot mode: Normal
Running processes:
E:\WINDOWS\System32\smss.exe
E:\WINDOWS\system32\winlogon.exe
E:\WINDOWS\system32\services.exe
E:\WINDOWS\system32\lsass.exe
E:\WINDOWS\system32\svchost.exe
E:\Program Files\Windows Defender\MsMpEng.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\LEXBCES.EXE
E:\WINDOWS\system32\LEXPPS.EXE
E:\WINDOWS\system32\spoolsv.exe
E:\WINDOWS\system32\cisvc.exe
E:\WINDOWS\Explorer.EXE
E:\Program Files\Eset\nod32krn.exe
E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
e:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\mqsvc.exe
E:\WINDOWS\system32\mqtgsvc.exe
E:\Program Files\Logitech\iTouch\iTouch.exe
E:\WINDOWS\SOUNDMAN.EXE
E:\Program Files\Messenger\msmsgs.exe
E:\WINDOWS\System32\ctfmon.exe
E:\Program Files\ESET\nod32kui.exe
E:\WINDOWS\System32\svchost.exe
E:\WINDOWS\system32\wuauclt.exe
E:\WINDOWS\system32\cidaemon.exe
E:\Program Files\Internet Explorer\iexplore.exe
E:\Documents and Settings\Michael Halkiadakis\Desktop\HiJackThis_v2.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = http://g.msn.com/0SEENUS/SAOS01
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.otenet.gr/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = DGcon Systems
O1 - Hosts: 127.98.9.1 mail.otenet.gr.b9 #
O1 - Hosts: 62.103.128.200 www.otenet.gr #2004-04-07 18:43:13
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - E:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: (no name) - {673995FA-5CBC-454B-957F-96403A570E0E} - E:\WINDOWS\system32\awtqo.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O2 - BHO: (no name) - {89AD4D75-2429-462e-BD4E-443F233F6033} - E:\WINDOWS\system32\sycprour.dll
O2 - BHO: IeCatch2 Class - {A5366673-E8CA-11D3-9CD9-0090271D075B} - E:\PROGRA~1\FlashGet\jccatch.dll
O2 - BHO: Adobe PDF Conversion Toolbar Helper - {AE7CD045-E861-484f-8273-0445EE161910} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O3 - Toolbar: FlashGet Bar - {E0E899AB-F487-11D5-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\fgiebar.dll
O3 - Toolbar: Solid Converter PDF - {259F616C-A300-44F5-B04A-ED001A26C85C} - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\ExploreExtPDF.dll
O3 - Toolbar: Adobe PDF - {47833539-D0C5-4125-9FA8-0819E2EAAC93} - E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll
O4 - HKLM\..\Run: [zBrowser Launcher] E:\Program Files\Logitech\iTouch\iTouch.exe
O4 - HKLM\..\Run: [Ad-watch] E:\Program Files\Lavasoft\Ad-aware 6\Ad-watch.exe
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [NAV Agent] E:\PROGRA~1\NORTON~1\navapw32.exe
O4 - HKLM\..\Run: [NeroCheck] E:\WINDOWS\system32\NeroCheck.exe
O4 - HKLM\..\Run: [Zone Labs Client] E:\PROGRA~1\ZONELA~1\ZONEAL~1\zlclient.exe
O4 - HKCU\..\Run: [MSMSGS] "E:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] E:\WINDOWS\System32\ctfmon.exe
O4 - HKCU\..\Run: [UIWatcher] E:\Program Files\Ashampoo\Ashampoo UnInstaller 2002-2003\UIWatcher.exe
O4 - HKCU\..\Run: [PlaxoUpdate] E:\WINDOWS\Plaxo\1.5.2.32\InstallStub.exe -a
O4 - HKCU\..\Run: [Symantec NetDriver Monitor] E:\PROGRA~1\Symantec\LIVEUP~1\SNDMon.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = E:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Microsoft Office.lnk = E:\Program Files\Microsoft Office\Office10\OSA.EXE
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O8 - Extra context menu item: &eBay Search - res://E:\Program Files\eBay\eBay Toolbar2\eBayTb.dll/RCSearch.html
O8 - Extra context menu item: Append to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert link target to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert link target to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert selected links to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECaptureSelLinks.html
O8 - Extra context menu item: Convert selected links to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppendSelLinks.html
O8 - Extra context menu item: Convert selection to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: Convert selection to existing PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIEAppend.html
O8 - Extra context menu item: Convert to Adobe PDF - res://E:\Program Files\Adobe\Acrobat 8.0\Acrobat\AcroIEFavClient.dll/AcroIECapture.html
O8 - Extra context menu item: E&xport to Microsoft Excel - res://E:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O8 - Extra context menu item: SnipeIt! eSnipe - http://www.esnipe.com/SnipeIt/SnipeItOpen3.asp
O8 - Extra context menu item: Ε&ξαγωγή στο Microsoft Excel - res://E:\PROGRA~1\MICROS~2\Office10\EXCEL.EXE/3000
O8 - Extra context menu item: Λήψη όλων με το FlashGet - E:\Program Files\FlashGet\jc_all.htm
O8 - Extra context menu item: Λήψη με χρήση του FlashGet - E:\Program Files\FlashGet\jc_link.htm
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - E:\Program Files\Java\jre1.6.0_02\bin\ssv.dll
O9 - Extra button: Create Mobile Favorite - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: (no name) - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra 'Tools' menuitem: Create Mobile Favorite... - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - E:\PROGRA~1\MICROS~3\INetRepl.dll
O9 - Extra button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra 'Tools' menuitem: &FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - E:\PROGRA~1\FlashGet\flashget.exe
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - E:\PROGRA~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - E:\Program Files\Messenger\msmsgs.exe
O9 - Extra button: (no name) - SolidConverterPDF - (no file) (HKCU)
O12 - Plugin for .tif: E:\Program Files\Internet Explorer\PLUGINS\npqtplugin5.dll
O16 - DPF: {01010E00-5E80-11D8-9E86-0007E96C65AE} - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsi.cab
O16 - DPF: {01012101-5E80-11D8-9E86-0007E96C65AE} - https://www-secure.symantec.com/techsupp/asa/ctrl/tgctlsr.cab
O16 - DPF: {0B79F48A-E8D6-11DB-9283-E25056D89593} (F-Secure Online Scanner 3.1) - http://support.f-secure.com/ols/fscax.cab
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} (MUWebControl Class) - http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1148313725656
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} (Java Runtime Environment 1.6.0) - http://javadl-esd.sun.com/update/1.6.0/jinstall-6u2-windows-i586-jc.cab
O16 - DPF: {A996E48C-D3DC-4244-89F7-AFA33EC60679} (Settings Class) - https://www.eurobank.gr/europortal/certs/capicom.cab
O16 - DPF: {BA83FD38-CE14-4DA3-BEF5-96050D55F78A} - http://www.flipviewer.com/exe/fvoem1.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {CE28D5D2-60CF-4C7D-9FE8-0F47A3308078} - https://www-secure.symantec.com/techsupp/asa/ctrl/SymAData.cab
O16 - DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager Control) - http://dlm.tools.akamai.com/dlmanager/versions/activex/dlm-activex-2.2.1.6.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{6DF9E04D-5622-4326-B971-8A0DC811699A}: NameServer = 195.170.0.1,195.170.2.2
O17 - HKLM\System\CCS\Services\Tcpip\..\{6F41938B-0D3D-472F-9770-4F028ADF1DE8}: NameServer = 192.168.100.50
O20 - Winlogon Notify: winhoq32 - winhoq32.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - E:\WINDOWS\System32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - E:\WINDOWS\System32\browseui.dll
O23 - Service: Adobe LM Service - Adobe Systems - E:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - E:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: LexBce Server (LexBceS) - Lexmark International, Inc. - E:\WINDOWS\system32\LEXBCES.EXE
O23 - Service: NetOp Helper ver. 7.60 (2003246) (NetOp Host for NT Service) - Danware Data A/S - E:\Program Files\NetOp Remote Control\HOST\NHOSTSVC.EXE
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - E:\Program Files\Eset\nod32krn.exe
O23 - Service: SolidPDFConverterReadSpool (ScReadSpool) - VoyagerSoft, LLC - E:\Program Files\SolidDocuments\SolidConverterPDF\SCPDF\SolidPdfService.exe
O24 - Desktop Component 0: (no name) - file:///E:/DOCUME~1/MICHAE~1/LOCALS~1/Temp/msohtml1/01/clip_image002.gif
--
End of file - 11102 bytes