Please advise, I think there’s something messing with my connectivity.

Hello,

I will be glad to hear some suggestions about this HJT log. Please help!

Thanks,

Katherine.

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 22:42:43, on 2009-1-30
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP3 (6.00.2900.5512)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Intel\WiFi\bin\S24EvMon.exe
C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
C:\Program Files\Alwil Software\Avast4\ashServ.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe
C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
C:\WINDOWS\system32\igfxtray.exe
C:\WINDOWS\system32\hkcmd.exe
C:\WINDOWS\system32\igfxpers.exe
C:\Program Files\Winamp\winampa.exe
C:\WINDOWS\system32\igfxsrvc.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe
C:\Program Files\StormII\stormliv.exe
C:\Program Files\OpenOffice.org 3\program\soffice.exe
C:\Program Files\OpenOffice.org 3\program\soffice.bin
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
C:\Program Files\Google\Update\GoogleUpdate.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Canon\CAL\CALMAIN.exe
C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
C:\Program Files\Windows Live\Contacts\wlcomm.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

O2 – BHO: Thunder AtOnce – {01443AEC-0FD1-40fd-9C87-E93D1494C233} – C:\Program Files\Thunder\ComDlls\TDAtOnce_Now.dll
O2 – BHO: AcroIEHelperStub – {18DF081C-E8AD-4283-A596-FA578C2EBDC3} – C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 – BHO: Winamp Toolbar Loader – {25CEE8EC-5730-41bc-8B58-22DDC8AB8C20} – C:\Program Files\Winamp Toolbar\winamptb.dll
O2 – BHO: Java(tm) Plug-In SSV Helper – {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} – C:\Program Files\Java\jre6\bin\ssv.dll
O2 – BHO: ThunderBHO – {889D2FEB-5411-4565-8998-1DD2C5261283} – C:\Program Files\Thunder\ComDlls\xunleiBHO_Now.dll
O2 – BHO: Windows Live Sign-in Helper – {9030D464-4C02-4ABF-8ECC-5164760863C6} – C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 – BHO: 卡卡上网安全助手 – {98B7C13A-E9CD-4959-8B46-FBEAB41E42A8} – C:\WINDOWS\system32\urlFilter.dll
O2 – BHO: Java(tm) Plug-In 2 SSV Helper – {DBC80044-A445-435b-BC74-9C25C1C588A9} – C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 – BHO: Google Gears Helper – {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} – C:\Program Files\Google\Google Gears\Internet Explorer.5.4.2\gears.dll
O2 – BHO: JQSIEStartDetectorImpl – {E7E6F031-17CE-4C07-BC86-EABFE594F69C} – C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O3 – Toolbar: Winamp Toolbar – {EBF2BA02-9094-4c5a-858B-BB198F3D8DE2} – C:\Program Files\Winamp Toolbar\winamptb.dll
O4 – HKLM\..\Run: [IntelZeroConfig] "C:\Program Files\Intel\WiFi\bin\ZCfgSvc.exe"
O4 – HKLM\..\Run: [IntelWireless] "C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe" /tf Intel Wireless Tray
O4 – HKLM\..\Run: [IgfxTray] C:\WINDOWS\system32\igfxtray.exe
O4 – HKLM\..\Run: [HotKeysCmds] C:\WINDOWS\system32\hkcmd.exe
O4 – HKLM\..\Run: [Persistence] C:\WINDOWS\system32\igfxpers.exe
O4 – HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 – HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O4 – HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre6\bin\jusched.exe"
O4 – HKLM\..\Run: [avast!] C:\PROGRA~1\ALWILS~1\Avast4\ashDisp.exe
O4 – HKLM\..\Run: [QuickTime Task] "C:\Program Files\Pure Codec\QTTask.exe" -atboottime
O4 – HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 – HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 – HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /nosplash /minimized
O4 – HKCU\..\Run: [Google Update] "C:\Documents and Settings\Administrator\Local Settings\Application Data\Google\Update\GoogleUpdate.exe" /c
O4 – HKUS\S-1-5-19\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘LOCAL SERVICE’)
O4 – HKUS\S-1-5-20\..\Run: [ctfmon.exe] C:\WINDOWS\system32\CTFMON.EXE (User ‘NETWORK SERVICE’)
O4 – HKUS\S-1-5-18\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User ‘SYSTEM’)
O4 – HKUS\.DEFAULT\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe (User ‘Default user’)
O4 – Startup: OpenOffice.org 3.0.lnk = C:\Program Files\OpenOffice.org 3\program\quickstart.exe
O4 – Startup: Loqu8 iCE v5.1.appref-ms
O8 – Extra context menu item: &Winamp Search – C:\Documents and Settings\All Users\Application Data\Winamp Toolbar\ieToolbar\resources\en-US\local\search.html
O8 – Extra context menu item: 使用迅雷下载 – C:\Program Files\Thunder\Program\geturl.htm
O8 – Extra context menu item: 使用迅雷下载全部链接 – C:\Program Files\Thunder\Program\getallurl.htm
O8 – Extra context menu item: 导出到 Microsoft Office Excel(&X) – res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 – Extra button: (no name) – {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} – C:\Program Files\Google\Google Gears\Internet Explorer.5.4.2\gears.dll
O9 – Extra ‘Tools’ menuitem: Gears 设置(&G) – {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} – C:\Program Files\Google\Google Gears\Internet Explorer.5.4.2\gears.dll
O9 – Extra button: Blog This – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra ‘Tools’ menuitem: &Blog This in Windows Live Writer – {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} – C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 – Extra button: (no name) – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 – Extra ‘Tools’ menuitem: @xpsp3res.dll,-20001 – {e2e2dd38-d088-4134-82b7-f2ba38496583} – C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O10 – Unknown file in Winsock LSP: c:\windows\system32\nwprovau.dll
O16 – DPF: {FFBB3F3B-0A5A-4106-BE53-DFE1E2340CB1} (DownloadManager控制元件) – http://dlm.tools.akamai.com/dlmanage…vex-latest.cab
O17 – HKLM\System\CCS\Services\Tcpip\..\{6A000CE1-3FC8-457A-A779-44C4315BD344}: NameServer = 202.96.128.86 202.96.134.133
O18 – Protocol: about – {3050F406-98B5-11CF-BB82-00AA00BDCE0B} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: cdl – {3DD53D40-7B8B-11D0-B013-00AA0059CE02} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: dvd – {12D51199-0DB5-46FE-A120-47A3D7D937CC} – C:\WINDOWS\system32\msvidctl.dll
O18 – Protocol: file – {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: ftp – {79EAC9E3-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: gopher – {79EAC9E4-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: http – {79EAC9E2-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: https – {79EAC9E5-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: ipp – (no CLSID) – (no file)
O18 – Protocol: its – {9D148291-B9C8-11D0-A4CC-0000F80149F6} – C:\WINDOWS\system32\itss.dll
O18 – Protocol: javascript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: livecall – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O18 – Protocol: local – {79EAC9E7-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: mailto – {3050F3DA-98B5-11CF-BB82-00AA00BDCE0B} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: mhtml – {05300401-BCBC-11D0-85E3-00C04FD85AB4} – C:\WINDOWS\system32\inetcomm.dll
O18 – Protocol: mk – {79EAC9E6-BAF9-11CE-8C82-00AA004BA90B} – C:\WINDOWS\system32\urlmon.dll
O18 – Protocol: ms-its – {9D148291-B9C8-11D0-A4CC-0000F80149F6} – C:\WINDOWS\system32\itss.dll
O18 – Protocol: msdaipp – (no CLSID) – (no file)
O18 – Protocol: msnim – {828030A1-22C1-4009-854F-8E305202313F} – C:\PROGRA~1\WINDOW~3\MESSEN~1\MSGRAP~1.DLL
O18 – Protocol: res – {3050F3BC-98B5-11CF-BB82-00AA00BDCE0B} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: sysimage – {76E67A63-06E9-11D2-A840-006008059382} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: tv – {CBD30858-AF45-11D2-B6D6-00C04FBBDE6E} – C:\WINDOWS\system32\msvidctl.dll
O18 – Protocol: vbscript – {3050F3B2-98B5-11CF-BB82-00AA00BDCE0B} – C:\WINDOWS\system32\mshtml.dll
O18 – Protocol: wia – {13F3EA8B-91D7-4F0A-AD76-D2853AC8BECE} – C:\WINDOWS\system32\wiascr.dll
O18 – Protocol: wlmailhtml – {03C514A3-1EFB-4856-9F99-10D7BE1653C0} – C:\Program Files\Windows Live\Mail\mailcomm.dll
O20 – AppInit_DLLs: ieprot.dll,kmon.dll
O23 – Service: 3ware Controller Service (3wareSrv) – Unknown owner – C:\WINDOWS\System32\3wareSrv.exe
O23 – Service: Lavasoft Ad-Aware Service (aawservice) – Lavasoft – C:\Program Files\Lavasoft\Ad-Aware\aawservice.exe
O23 – Service: avast! iAVS4 Control Service (aswUpdSv) – ALWIL Software – C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
O23 – Service: avast! Antivirus – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashServ.exe
O23 – Service: avast! Mail Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
O23 – Service: avast! Web Scanner – ALWIL Software – C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
O23 – Service: Canon Camera Access Library 8 (CCALib8) – Canon Inc. – C:\Program Files\Canon\CAL\CALMAIN.exe
O23 – Service: Contrl Center of Storm Media (ccosm) – 北京暴风网际科技有限公司 – C:\Program Files\StormII\stormliv.exe
O23 – Service: Intel? PROSet/Wireless Event Log (EvtEng) – Intel(R) Corporation – C:\Program Files\Intel\WiFi\bin\EvtEng.exe
O23 – Service: Firebird Guardian – DefaultInstance (FirebirdGuardianDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\bin\fbguard.exe
O23 – Service: Firebird Server – DefaultInstance (FirebirdServerDefaultInstance) – The Firebird Project – C:\Program Files\Firebird\Firebird_1_5\bin\fbserver.exe
O23 – Service: Google Update Service (gupdate1c981dd96022bd0) (gupdate1c981dd96022bd0) – Google Inc. – C:\Program Files\Google\Update\GoogleUpdate.exe
O23 – Service: Java Quick Starter (JavaQuickStarterService) – Sun Microsystems, Inc. – C:\Program Files\Java\jre6\bin\jqs.exe
O23 – Service: NetMeeting Remote Desktop Sharing (mnmsrvc) – Unknown owner – C:\WINDOWS\system32\mnmsrvc.exe (file missing)
O23 – Service: Intel? PROSet/Wireless Registry Service (RegSrvc) – Intel(R) Corporation – C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
O23 – Service: Intel?PROSet/Wireless WiFi Service (S24EventMonitor) – Intel(R) Corporation – C:\Program Files\Intel\WiFi\bin\S24EvMon.exe

–
End of file – 11368 bytes

This entry was posted on Sunday, February 1st, 2009 at 1:00 am and is filed under Hi-Tech blog. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.

Comments are closed.

hi-tech blog

Please advise, I think there’s something messing with my connectivity.

Calendar

Archives

RSS

Recent Posts

Counter

February 2009
M	T	W	T	F	S	S
« Jan				Mar »
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28