Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:10:19 PM, on 07/09/2010
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal
Running processes:
C:\Windows\System32\smss.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\wininit.exe
C:\Windows\system32\csrss.exe
C:\Windows\system32\services.exe
C:\Windows\system32\lsass.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\winlogon.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Program Files\Microsoft Security Essentials\MsMpEng.exe
C:\Windows\System32\svchost.exe
C:\Windows\System32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\nvvsvc.exe
C:\Windows\system32\svchost.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\Anti-virus\prevx.exe
C:\Windows\system32\svchost.exe
C:\Windows\system32\PnkBstrA.exe
C:\Windows\system32\svchost.exe
C:\Program Files\0-a safe, protected computer\firewall-type progs\ThreatFire\TFService.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\anti-malware\Spybot - Search & Destroy\SDWinSec.exe
C:\Windows\system32\WUDFHost.exe
C:\Windows\system32\taskhost.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\Anti-virus\prevx.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\UnHackMe\hackmon.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\SOUNDMAN.EXE
C:\Program Files\1-Hardware software\Trust\GM-4200 Gamer Mouse Optical\Panel.exe
C:\Program Files\Microsoft Xbox 360 Accessories\XBoxStat.exe
C:\Program Files\Microsoft Security Essentials\msseces.exe
C:\Program Files\0-a safe, protected computer\firewall-type progs\ThreatFire\TFTray.exe
C:\Program Files\X3watch\x3watch.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\z-Windows Addons\RocketDock\RocketDock.exe
C:\Program Files\z-Windows Addons\ClocX\ClocX.exe
C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\anti-malware\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\z-Windows Addons\PowerMenu\PowerMenu.exe
C:\Program Files\z-Windows Addons\ObjectDock\ObjectDock.exe
C:\Windows\System32\svchost.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\SUPERAnti-spyware\SUPERAntiSpyware.exe
C:\Users\Gareth\My Programs\0-a safe, protected PC\Secunia\psi.exe
C:\Users\Gareth\My Programs\text programs\EditPad Lite\EditPadLite.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Users\Gareth\My Programs\text programs\EditPad Lite\EditPadLite.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files\0-a safe, protected computer\HijackThis\Trend Micro\HiJackThis\HiJackThis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page =
Bing
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
MSN.com
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
Bing
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
Bing
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
MSN.com
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Users\Gareth\MYPROG~1\0-ASAF~1\ANTI-M~1\SPYBOT~1\SDHelper.dll
O2 - BHO: SafeOnline BHO - {69D72956-317C-44bd-B369-8E44D4EF9801} - C:\Windows\system32\PxSecure.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: DAPIELoader Class - {FF6C3CF0-4B15-11D1-ABED-709549C10000} - C:\Users\Gareth\MYPROG~1\1-OTHE~1\DAP\DAPIEL~1.DLL
O3 - Toolbar: (no name) - {D4027C7F-154A-4066-A1AD-4243D8127440} - (no file)
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [Trust Gaming mouse] "C:\Program Files\1-Hardware software\Trust\GM-4200 Gamer Mouse Optical\Panel.exe"
O4 - HKLM\..\Run: [XboxStat] "C:\Program Files\Microsoft Xbox 360 Accessories\XboxStat.exe" silentrun
O4 - HKLM\..\Run: [Malwarebytes Anti-Malware (reboot)] "C:\Program Files\0-a safe, protected computer\Anti-malware\Malwarebytes' Anti-Malware\mbam.exe" /runcleanupscript
O4 - HKLM\..\Run: [MSSE] "C:\Program Files\Microsoft Security Essentials\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [ThreatFire] C:\Program Files\0-a safe, protected computer\firewall-type progs\ThreatFire\TFTray.exe
O4 - HKLM\..\Run: [x3watch] "C:\Program Files\X3watch\x3watch.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\z-Windows Addons\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [ClocX] C:\Program Files\z-Windows Addons\ClocX\ClocX.exe
O4 - HKCU\..\Run: [Google Update] "C:\Users\Gareth\AppData\Local\Google\Update\GoogleUpdate.exe" /c
O4 - HKCU\..\Run: [OpenDNS Updater] "C:\Program Files\OpenDNS Updater\OpenDNSUpdater.exe" /autostart
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Users\Gareth\My Programs\0-a safe, protected PC\anti-malware\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: dwm.exe.lnk = C:\Windows\System32\dwm.exe
O4 - Startup: PowerMenu.lnk = C:\Program Files\z-Windows Addons\PowerMenu\PowerMenu.exe
O4 - Startup: RocketDock.exe - Shortcut.lnk = C:\Program Files\z-Windows Addons\RocketDock\RocketDock.exe
O4 - Startup: Stardock ObjectDock.lnk = C:\Program Files\z-Windows Addons\ObjectDock\ObjectDock.exe
O8 - Extra context menu item: &Clean Traces - C:\Users\Gareth\My Programs\1-other programs\DAP\Privacy Package\dapcleanerie.htm
O8 - Extra context menu item: &Download with &DAP - C:\Users\Gareth\My Programs\1-other programs\DAP\dapextie.htm
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: Download &all with DAP - C:\Users\Gareth\My Programs\1-other programs\DAP\dapextie2.htm
O8 - Extra context menu item: Sothink SWF Catcher - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Users\Gareth\MYPROG~1\0-ASAF~1\ANTI-M~1\SPYBOT~1\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search & Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Users\Gareth\MYPROG~1\0-ASAF~1\ANTI-M~1\SPYBOT~1\SDHelper.dll
O9 - Extra button: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O9 - Extra 'Tools' menuitem: Sothink SWF Catcher - {E19ADC6E-3909-43E4-9A89-B7B676377EE3} - C:\Program Files\Common Files\SourceTec\SWF Catcher\InternetExplorer.htm
O16 - DPF: {1E54D648-B804-468d-BC78-4AFFED8E262F} (System Requirements Lab) -
http://www.nvidia.com/content/Driver...reqlab_nvd.cab
O16 - DPF: {8100D56A-5661-482C-BEE8-AFECE305D968} (Facebook Photo Uploader 5 Control) -
http://upload.facebook.com/controls/...Uploader55.cab
O17 - HKLM\System\CCS\Services\Tcpip\..\{1C9E1459-4692-4106-BFD0-3E35E96078FB}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS1\Services\Tcpip\..\{1C9E1459-4692-4106-BFD0-3E35E96078FB}: NameServer = 208.67.222.222,208.67.220.220
O17 - HKLM\System\CS2\Services\Tcpip\..\{1C9E1459-4692-4106-BFD0-3E35E96078FB}: NameServer = 208.67.222.222,208.67.220.220
O20 - Winlogon Notify: !SASWinLogon - C:\Users\Gareth\My Programs\0-a safe, protected PC\SUPERAnti-spyware\SASWINLO.dll
O23 - Service: CSIScanner - Prevx - C:\Users\Gareth\My Programs\0-a safe, protected PC\Anti-virus\prevx.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: PnkBstrA - Unknown owner - C:\Windows\system32\PnkBstrA.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Users\Gareth\My Programs\0-a safe, protected PC\anti-malware\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files\Common Files\Steam\SteamService.exe
O23 - Service: ThreatFire - PC Tools - C:\Program Files\0-a safe, protected computer\firewall-type progs\ThreatFire\TFService.exe
--
End of file - 10130 bytes