slow pc spyware?
Dear people, please check this log. I can't figure why pc is so slow. Thanks. My system is P4, Windows XP. Thanks.
Logfile of HijackThis v1.99.1
Scan saved at 11:35:09 AM, on 10/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINPENJR\Win32\pphidpad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\programs\hijackthis\HijackThis.exe
F3 - REG:win.ini: run=C:\WINPENJR\Win32\CUSTOM.EXE
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series"
/O6 "USB002" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P26 "EPSON Stylus CX3500 Series" /O6
"USB004" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6
"USB007" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series"
/O6 "USB016" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6
"USB032" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R250 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAHP.EXE /P30 "EPSON Stylus Photo R250 Series"
/O6 "USB041" /M "Stylus Photo R250"
O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6
"USB041" /M "Stylus CX3700"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX510] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3K2.EXE /P24 "EPSON Stylus Photo RX510" /O6
"USB013" /M "Stylus Photo RX510"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6
"USB010" /M "Stylus CX3800"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 2)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 2)" /O6 "USB012" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C82 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C82 Series" /O6
"USB018" /M "Stylus C82"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 4)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 4)" /O6 "USB040" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop
Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C65 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3S2.EXE /P23 "EPSON Stylus C65 Series" /O6
"USB017" /M "Stylus C65"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06
\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 5)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 5)" /O6 "USB043" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus CX4700 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIADP.EXE /P26 "EPSON Stylus CX4700 Series" /O6
"USB041" /M "Stylus CX4700"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P23 "EPSON Stylus C87 Series" /O6
"USB036" /M "Stylus C87"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
/SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
/IMEName
O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\Win32\pphidpad.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe"
/WAITSERVICE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper
Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive
Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series"
/O5 "LPT1:" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON Stylus C83 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C83 Series" /O6
"USB029" /M "Stylus C83"
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\SSC Service
Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 1)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 1)" /O6 "USB012" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition
Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program
Files\LimeWire\LimeWire.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} (WebDigiNet Control) -
http://kamote.dyndns.biz/WebDiginet.CAB
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler)
- Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) -
AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT
Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program
Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program
Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program
Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program
Files\Eset\nod32krn.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. -
C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: USBest Service Zero (UTSCSI) - Unknown owner -
C:\WINDOWS\system32\UTSCSI.EXE
Logfile of HijackThis v1.99.1
Scan saved at 11:35:09 AM, on 10/5/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINPENJR\Win32\pphidpad.exe
C:\WINDOWS\SOUNDMAN.EXE
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\programs\hijackthis\HijackThis.exe
F3 - REG:win.ini: run=C:\WINPENJR\Win32\CUSTOM.EXE
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-
784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series"
/O6 "USB002" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P26 "EPSON Stylus CX3500 Series" /O6
"USB004" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6
"USB007" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series"
/O6 "USB016" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6
"USB032" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R250 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIAHP.EXE /P30 "EPSON Stylus Photo R250 Series"
/O6 "USB041" /M "Stylus Photo R250"
O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6
"USB041" /M "Stylus CX3700"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX510] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3K2.EXE /P24 "EPSON Stylus Photo RX510" /O6
"USB013" /M "Stylus Photo RX510"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6
"USB010" /M "Stylus CX3800"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 2)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 2)" /O6 "USB012" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C82 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C82 Series" /O6
"USB018" /M "Stylus C82"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 4)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 4)" /O6 "USB040" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop
Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C65 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I3S2.EXE /P23 "EPSON Stylus C65 Series" /O6
"USB017" /M "Stylus C65"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06
\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 5)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 5)" /O6 "USB043" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus CX4700 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIADP.EXE /P26 "EPSON Stylus CX4700 Series" /O6
"USB041" /M "Stylus CX4700"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P23 "EPSON Stylus C87 Series" /O6
"USB036" /M "Stylus C87"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil
/RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe
/SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32
\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE
/IMEName
O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\Win32\pphidpad.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe"
/WAITSERVICE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper
Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive
Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series"
/O5 "LPT1:" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON Stylus C83 Series] C:\WINDOWS\System32
\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C83 Series" /O6
"USB029" /M "Stylus C83"
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\SSC Service
Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 1)]
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus
Photo R230 Series (Copy 1)" /O6 "USB012" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition
Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program
Files\LimeWire\LimeWire.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft
Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program
Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} -
C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-
00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} -
C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-
00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer
Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} (WebDigiNet Control) -
http://kamote.dyndns.biz/WebDiginet.CAB
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler)
- Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) -
AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT
Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program
Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program
Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program
Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program
Files\Eset\nod32krn.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. -
C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: USBest Service Zero (UTSCSI) - Unknown owner -
C:\WINDOWS\system32\UTSCSI.EXE
0
Comments
Scan saved at 12:06:30 PM, on 10/9/2006
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SOUNDMAN.EXE
C:\WINPENJR\Win32\pphidpad.exe
C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
C:\WINDOWS\system32\HotfixQ0306270.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE
C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE
C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\ewido\security suite\ewidoctrl.exe
C:\Program Files\LimeWire\LimeWire.exe
C:\Program Files\Eset\nod32krn.exe
C:\WINDOWS\system32\IoctlSvc.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Adobe\Acrobat 7.0\Reader\AcroRd32.exe
C:\Program Files\Adobe\Photoshop 7.0\Photoshop.exe
C:\programs\hijackthis\HijackThis.exe
F3 - REG:win.ini: run=C:\WINPENJR\Win32\CUSTOM.EXE
O2 - BHO: Yahoo! Toolbar Helper - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn0\yt.dll
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O3 - Toolbar: (no name) - {BA52B914-B692-46c4-B683-905236F6F655} - (no file)
O4 - HKLM\..\Run: [EPSON Stylus Photo R210 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3H2.EXE /P30 "EPSON Stylus Photo R210 Series" /O6 "USB002" /M "Stylus Photo R210"
O4 - HKLM\..\Run: [EPSON Stylus CX3500 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATI9BP.EXE /P26 "EPSON Stylus CX3500 Series" /O6 "USB004" /M "Stylus CX3500"
O4 - HKLM\..\Run: [EPSON Stylus C45 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3T1.EXE /P23 "EPSON Stylus C45 Series" /O6 "USB007" /M "Stylus C45"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P30 "EPSON Stylus Photo R230 Series" /O6 "USB016" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [SoundMan] SOUNDMAN.EXE
O4 - HKLM\..\Run: [EPSON Stylus C67 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAAP.EXE /P23 "EPSON Stylus C67 Series" /O6 "USB032" /M "Stylus C67"
O4 - HKLM\..\Run: [EPSON Stylus Photo R250 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAHP.EXE /P30 "EPSON Stylus Photo R250 Series" /O6 "USB041" /M "Stylus Photo R250"
O4 - HKLM\..\Run: [EPSON Stylus CX3700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACP.EXE /P26 "EPSON Stylus CX3700 Series" /O6 "USB041" /M "Stylus CX3700"
O4 - HKLM\..\Run: [EPSON Stylus Photo RX510] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3K2.EXE /P24 "EPSON Stylus Photo RX510" /O6 "USB013" /M "Stylus Photo RX510"
O4 - HKLM\..\Run: [EPSON Stylus CX3800 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIACA.EXE /P26 "EPSON Stylus CX3800 Series" /O6 "USB010" /M "Stylus CX3800"
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 2)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 2)" /O6 "USB012" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus C82 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C82 Series" /O6 "USB018" /M "Stylus C82"
O4 - HKLM\..\Run: [NeroCheck] C:\WINDOWS\system32\\NeroCheck.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 4)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 4)" /O6 "USB040" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [Adobe Photo Downloader] "C:\Program Files\Adobe\Photoshop Album Starter Edition\3.0\Apps\apdproxy.exe"
O4 - HKLM\..\Run: [EPSON Stylus C65 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I3S2.EXE /P23 "EPSON Stylus C65 Series" /O6 "USB017" /M "Stylus C65"
O4 - HKLM\..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre1.5.0_06\bin\jusched.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 5)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 5)" /O6 "USB043" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [EPSON Stylus CX4700 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIADP.EXE /P26 "EPSON Stylus CX4700 Series" /O6 "USB041" /M "Stylus CX4700"
O4 - HKLM\..\Run: [EPSON Stylus C87 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIABP.EXE /P23 "EPSON Stylus C87 Series" /O6 "USB036" /M "Stylus C87"
O4 - HKLM\..\Run: [IMJPMIG8.1] "C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE" /Spoil /RemAdvDef /Migration32
O4 - HKLM\..\Run: [MSPY2002] C:\WINDOWS\system32\IME\PINTLGNT\ImScInst.exe /SYNC
O4 - HKLM\..\Run: [PHIME2002ASync] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /SYNC
O4 - HKLM\..\Run: [PHIME2002A] C:\WINDOWS\system32\IME\TINTLGNT\TINTSETP.EXE /IMEName
O4 - HKLM\..\Run: [PPHIDPAD] C:\WINPENJR\Win32\pphidpad.exe
O4 - HKLM\..\Run: [nod32kui] "C:\Program Files\Eset\nod32kui.exe" /WAITSERVICE
O4 - HKLM\..\Run: [DiskeeperSystray] "C:\Program Files\Diskeeper Corporation\Diskeeper\DkIcon.exe"
O4 - HKLM\..\Run: [TSE_PLUtil] C:\Program Files\USB 2.0 Flash Drive Utility\PLBkMon.exe
O4 - HKLM\..\Run: [PLFFAP] C:\WINDOWS\system32\HotfixQ0306270.exe
O4 - HKLM\..\Run: [EPSON Stylus Photo R300 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S4I2F1.EXE /P30 "EPSON Stylus Photo R300 Series" /O5 "LPT1:" /M "Stylus Photo R300"
O4 - HKLM\..\Run: [EPSON Stylus C83 Series] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_S10IC2.EXE /P23 "EPSON Stylus C83 Series" /O6 "USB029" /M "Stylus C83"
O4 - HKLM\..\Run: [SSC Service Utility] C:\Program Files\SSC Service Utility\ssc_serv.exe /s
O4 - HKLM\..\Run: [EPSON Stylus Photo R230 Series (Copy 1)] C:\WINDOWS\System32\spool\DRIVERS\W32X86\3\E_FATIAIP.EXE /P39 "EPSON Stylus Photo R230 Series (Copy 1)" /O6 "USB014" /M "Stylus Photo R230"
O4 - HKLM\..\Run: [avgnt] "C:\Program Files\AntiVir PersonalEdition Classic\avgnt.exe" /min
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [BitComet] "C:\Program Files\BitComet\BitComet.exe"
O4 - Startup: LimeWire On Startup.lnk = C:\Program Files\LimeWire\LimeWire.exe
O4 - Global Startup: Microsoft Office.lnk = C:\Program Files\Microsoft Office\Office\OSA9.EXE
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Acrobat 7.0\Reader\reader_sl.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.5.0_06\bin\ssv.dll
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {9A9307A0-7DA4-4DAF-B042-5009F29E09E1} (ActiveScan Installer Class) - http://acs.pandasoftware.com/activescan/as5free/asinst.cab
O16 - DPF: {9E265649-6E0E-4EEA-9F49-DAE0801440CF} (WebDigiNet Control) - http://kamote.dyndns.biz/WebDiginet.CAB
O23 - Service: AntiVir PersonalEdition Classic Scheduler (AntiVirScheduler) - Avira GmbH - C:\Program Files\AntiVir PersonalEdition Classic\sched.exe
O23 - Service: AntiVir PersonalEdition Classic Guard (AntiVirService) - AVIRA GmbH - C:\Program Files\AntiVir PersonalEdition Classic\avguard.exe
O23 - Service: BlueSoleil Hid Service - Unknown owner - C:\Program Files\IVT Corporation\BlueSoleil\BTNtService.exe
O23 - Service: Diskeeper - Diskeeper Corporation - C:\Program Files\Diskeeper Corporation\Diskeeper\DkService.exe
O23 - Service: EpsonBidirectionalService - Unknown owner - C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe
O23 - Service: ewido security suite control - ewido networks - C:\Program Files\ewido\security suite\ewidoctrl.exe
O23 - Service: NOD32 Kernel Service (NOD32krn) - Eset - C:\Program Files\Eset\nod32krn.exe
O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe
O23 - Service: USBest Service Zero (UTSCSI) - Unknown owner - C:\WINDOWS\system32\UTSCSI.EXE