here is a hijackthis log
Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:32:24 p.m., on 9/09/2008 Platform: Windows Vista (WinNT 6.00.1904) MSIE: Internet Explorer v7.00 (7.00.6000.16711) Boot mode: Normal
Running processes: C:\\Windows\\system32\\taskeng.exe C:\\Windows\\system32\\Dwm.exe C:\\Windows\\Explorer.EXE C:\\hp\\support\\hpsysdrv.exe C:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe C:\\Windows\\RtHDVCpl.exe C:\\Windows\\System32\\jureg.exe C:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe C:\\Windows\\system32\\schtasks.exe C:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe C:\\Windows\\System32\\rundll32.exe C:\\Windows\\System32\\rundll32.exe C:\\Program Files\\Windows Sidebar\\sidebar.exe C:\\Windows\\ehome\\ehtray.exe C:\\Program Files\\Windows Media Player\\wmpnscfg.exe C:\\Windows\\ehome\\ehmsas.exe C:\\Program Files\\Mozilla Firefox\\firefox.exe C:\\hp\\kbd\\kbd.exe C:\\Windows\\system32\\SearchFilterHost.exe C:\\Windows\\explorer.exe C:\\Program Files\\Internet Explorer\\IEUser.exe C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page =
formatting link
- HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page =
formatting link
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL =
formatting link
- HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL =
formatting link
- HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page =
formatting link
- HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page =
formatting link
- HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant = R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch = R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName = O1 - Hosts: ::1 localhost O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}
- C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll O2 - BHO: (no name) - {1E8A6170-7264-4D0F-BEAE-D42A53123C75} - c:\\Program Files\\Common Files\\Symantec Shared\\coShared\\Browser\\1.5\\NppBho.dll O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file) O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll O2 - BHO: Safe web - {A8485774-8230-4D88-B00F-4A04A3E4FC1C} - C:\\Windows\\system32\\syssf.dll O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll O3 - Toolbar: Show Norton Toolbar - {90222687-F593-4738-B738-FBEE9C7B26DF} - c:\\Program Files\\Common Files\\Symantec Shared\\coShared\\Browser\\1.5\\UIBHO.dll O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll O4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe
-hide O4 - HKLM\\..\\Run: [hpsysdrv] c:\\hp\\support\\hpsysdrv.exe O4 - HKLM\\..\\Run: [KBD] C:\\HP\\KBD\\KbdStub.EXE O4 - HKLM\\..\\Run: [OsdMaestro] "C:\\Program Files\\Hewlett-Packard\\On-Screen OSD Indicator\\OSD.exe" O4 - HKLM\\..\\Run: [RtHDVCpl] RtHDVCpl.exe O4 - HKLM\\..\\Run: [HP Health Check Scheduler] c:\\Program Files\\Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] "C:\\Program Files\\Adobe\\Reader
8.0\\Reader\\Reader_sl.exe" O4 - HKLM\\..\\Run: [SunJavaUpdateReg] "C:\\Windows\\system32\\jureg.exe" O4 - HKLM\\..\\Run: [HP Software Update] c:\\Program Files\\HP\\HP Software Update\\HPWuSchd2.exe O4 - HKLM\\..\\Run: [ccApp] "c:\\Program Files\\Common Files\\Symantec Shared\\ccApp.exe" O4 - HKLM\\..\\Run: [D-Link AirPlus G] C:\\Program Files\\D-Link\\AirPlus G\\AirGCFG.exe O4 - HKLM\\..\\Run: [ANIWZCS2Service] C:\\Program Files\\ANI\\ANIWZCS2 Service\\WZCSLDR2.exe O4 - HKLM\\..\\Run: [BDMCon] "C:\\Program Files\\Softwin\\BitDefender10\\bdmcon.exe" /reg O4 - HKLM\\..\\Run: [BDAgent] "C:\\Program Files\\Softwin\\BitDefender10\\bdagent.exe" O4 - HKLM\\..\\Run: [NvSvc] RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit O4 - HKLM\\..\\Run: [Symantec PIF AlertEng] "C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe" /a /m "C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\AlertEng.dll" O4 - HKLM\\..\\Run: [NeroCheck] C:\\Windows\\system32\\\\NeroCheck.exe O4 - HKLM\\..\\Run: [QuickTime Task] "C:\\Program Files\\QuickTime\\QTTask.exe"
-atboottime O4 - HKLM\\..\\RunOnce: [Launcher] %WINDIR%\\SMINST\\launcher.exe O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun O4 - HKCU\\..\\Run: [MsnMsgr] "C:\\Program Files\\Windows Live\\Messenger\\MsnMsgr.Exe" /background O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe O4 - HKCU\\..\\Run: [AlcoholAutomount] "C:\\Program Files\\Alcohol Soft\\Alcohol
120\\axcmd.exe" /automount O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User 'LOCAL SERVICE') O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE') O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User 'NETWORK SERVICE') O4 - HKUS\\S-1-5-18\\..\\Run: [msnmsgr] "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe" /background (User 'SYSTEM') O4 - HKUS\\.DEFAULT\\..\\Run: [msnmsgr] "C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe" /background (User 'Default user') O4 - Startup: MediaRing Talk.lnk = C:\\Program Files\\MediaRing\\MediaRing Talk\\mrtalk.exe O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~3\\OFFICE11\\EXCEL.EXE/3000 O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\OFFICE11\\REFIEBAR.DLL O13 - Gopher Prefix: O16 - DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} (DivXBrowserPlugin Object) -
formatting link
- DPF: {BD08A9D5-0E5C-4F42-99A3-C0CB5E860557} (CSolidBrowserObj Object) -
formatting link
- DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
formatting link
- Service: Automatic LiveUpdate Scheduler - Symantec Corporation - C:\\Program Files\\Symantec\\LiveUpdate\\ALUSchedulerSvc.exe O23 - Service: BitDefender Scan Server (bdss) - Unknown owner - C:\\Program Files\\Common Files\\Softwin\\BitDefender Scan Server\\bdss.exe O23 - Service: Symantec Event Manager (ccEvtMgr) - Symantec Corporation
- c:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe O23 - Service: Symantec Settings Manager (ccSetMgr) - Symantec Corporation - c:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Symantec Corporation - c:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe O23 - Service: COM Host (comHost) - Symantec Corporation - c:\\Program Files\\Common Files\\Symantec Shared\\VAScanner\\comHost.exe O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe O23 - Service: HP Health Check Service - Hewlett-Packard - c:\\Program Files\\Hewlett-Packard\\HP Health Check\\hphc_service.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation
- c:\\Program Files\\Common Files\\InstallShield\\Driver\\1050\\Intel 32\\IDriverT.exe O23 - Service: Symantec IS Password Validation (ISPwdSvc) - Symantec Corporation
- c:\\Program Files\\Norton Internet Security\\isPwdSvc.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - c:\\Program Files\\Common Files\\LightScribe\\LSSrvc.exe O23 - Service: BitDefender Desktop Update Service (LIVESRV) - SOFTWIN S.R.L. - C:\\Program Files\\Common Files\\Softwin\\BitDefender Update Service\\livesrv.exe O23 - Service: LiveUpdate - Symantec Corporation - C:\\PROGRA~1\\Symantec\\LIVEUP~1\\LUCOMS~1.EXE O23 - Service: LiveUpdate Notice Service Ex (LiveUpdate Notice Ex) - Symantec Corporation - c:\\Program Files\\Common Files\\Symantec Shared\\ccSvcHst.exe O23 - Service: LiveUpdate Notice Service - Symantec Corporation - C:\\Program Files\\Common Files\\Symantec Shared\\PIF\\{B8E1DD85-8582-4c61-B58F-2F227FCA9A08}\\PIFSvc.exe O23 - Service: RoxMediaDB9 - Sonic Solutions - c:\\Program Files\\Common Files\\Roxio Shared\\9.0\\SharedCOM\\RoxMediaDB9.exe O23 - Service: Remote Packet Capture Protocol v.0 (experimental) (rpcapd) - CACE Technologies - C:\\Program Files\\WinPcap\\rpcapd.exe O23 - Service: Remote Procedure Manager(TPM) (RPCM) - Unknown owner - C:\\Program Files\\Common Files\\Microsoft Shared\\Speech\\csvde.exe (file missing) O23 - Service: stllssvr - MicroVision Development, Inc. - c:\\Program Files\\Common Files\\SureThing Shared\\stllssvr.exe O23 - Service: Symantec Core LC - Unknown owner - C:\\Program Files\\Common Files\\Symantec Shared\\CCPD-LC\\symlcsvc.exe O23 - Service: Symantec AppCore Service (SymAppCore) - Symantec Corporation - c:\\Program Files\\Common Files\\Symantec Shared\\AppCore\\AppSvc32.exe O23 - Service: BitDefender Virus Shield (VSSERV) - SOFTWIN S.R.L. - C:\\Program Files\\Softwin\\BitDefender10\\vsserv.exe O23 - Service: XAudioService - Conexant Systems, Inc. - C:\\Windows\\system32\\DRIVERS\\xaudio.exe O23 - Service: BitDefender Communicator (XCOMM) - SOFTWIN S.R.L - C:\\Program Files\\Common Files\\Softwin\\BitDefender Communicator\\xcommsvr.exe
-- End of file - 10555 bytes