| cybernetictiger |
| (regular) |
| Tue Jun 30 2009 07:20 PM |
|
Re: AVG keeps finding WIN32/HEUR
|
Logs as requested.
ComboFix 09-06-29.04 - Treeza 30/06/2009 18:46.1 - NTFSx86
Microsoft® Windows Vista™ Business 6.0.6000.0.1252.44.1033.18.1917.1091 [GMT 1:00]
Running from: c:\users\Treeza\Desktop\ComboFix.exe
AV: AVG Anti-Virus Free *On-access scanning disabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: AVG Anti-Virus Free *enabled* (Updated) {17DDD097-36FF-435F-9E1B-52D74245D6BF}
SP: Windows Defender *enabled* (Updated) {D68DDC3A-831F-4FAE-9E44-DA132C1ACF46}
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
c:\windows\system32\drivers\SKYNETppottgji.sys
c:\windows\system32\SKYNETexdomxor.dll
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
-------\Service_SKYNETuovdjkmp
((((((((((((((((((((((((( Files Created from 2009-05-28 to 2009-06-30 )))))))))))))))))))))))))))))))
.
2009-06-30 17:50 . 2009-06-30 17:50 -------- d-----w- c:\users\Treeza\AppData\Local\temp
2009-06-30 16:22 . 2009-06-30 16:22 268800 ----a-w- c:\windows\system32\es.dll
2009-06-29 22:16 . 2009-06-29 22:16 -------- d-----w- c:\users\Treeza\AppData\Roaming\Malwarebytes
2009-06-29 22:15 . 2009-06-17 10:27 38160 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2009-06-29 22:15 . 2009-06-29 22:16 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware
2009-06-29 22:15 . 2009-06-29 22:15 -------- d-----w- c:\programdata\Malwarebytes
2009-06-29 22:15 . 2009-06-17 10:27 19096 ----a-w- c:\windows\system32\drivers\mbam.sys
2009-06-29 22:12 . 2009-06-29 22:31 -------- d-----w- c:\users\Treeza\AppData\Roaming\Uniblue
2009-06-29 22:12 . 2009-06-29 22:31 -------- d-----w- c:\program files\Uniblue
2009-06-29 22:12 . 2009-06-29 22:31 -------- d-----w- c:\programdata\DriverScanner
2009-06-29 22:06 . 2009-06-29 22:06 -------- d-----w- c:\program files\Trend Micro
2009-06-29 22:05 . 2009-06-29 22:23 -------- d-----w- c:\program files\Spybot - Search & Destroy
2009-06-29 22:05 . 2009-06-29 22:18 -------- d-----w- c:\programdata\Spybot - Search & Destroy
2009-06-29 21:39 . 2009-06-29 21:40 -------- d-----w- c:\users\Treeza\AppData\Local\Adobe
2009-06-29 21:19 . 2009-06-29 21:19 -------- d-----w- c:\users\Treeza\AppData\Roaming\DivX
2009-06-29 20:42 . 2009-06-29 21:13 476704 --sha-w- c:\windows\system32\drivers\fidbox.dat
2009-06-29 20:31 . 2009-06-29 21:12 -------- d-----w- c:\programdata\ParetoLogic
2009-06-29 20:31 . 2009-06-29 21:12 -------- d-----w- c:\program files\Common Files\ParetoLogic
2009-06-29 20:31 . 2009-06-29 20:31 -------- d-----w- c:\programdata\ParetoLogic Anti-Virus PLUS
2009-06-29 20:31 . 2009-06-29 20:31 -------- d-----w- c:\users\Treeza\AppData\Local\Downloaded Installations
2009-06-29 19:45 . 2009-06-29 19:46 -------- d-----w- c:\program files\Common Files\Adobe
2009-06-29 17:20 . 2009-06-30 16:22 -------- d--h--w- C:\$AVG8.VAULT$
2009-06-29 17:19 . 2008-09-16 19:23 168448 ----a-w- c:\windows\system32\unrar.dll
2009-06-29 17:19 . 2009-06-29 17:19 -------- d-----w- c:\program files\K-Lite Codec Pack
2009-06-29 17:13 . 2009-06-29 17:13 -------- d-----w- c:\program files\Common Files\PX Storage Engine
2009-06-29 17:13 . 2009-06-29 17:13 -------- d-----w- c:\program files\DivX
2009-06-29 17:13 . 2009-06-29 17:13 -------- d-----w- c:\program files\Common Files\DivX Shared
2009-06-29 16:55 . 2009-06-28 12:27 2052888 ----a-w- c:\programdata\avg8\update\backup\avgcorex.dll
2009-06-28 20:57 . 2009-06-28 12:04 -------- d-----w- c:\windows\Panther
2009-06-28 20:57 . 2009-06-28 20:57 -------- d-sh--w- C:\Boot
2009-06-28 20:56 . 2009-06-28 20:56 -------- d-----w- c:\windows\system32\OEM
2009-06-28 20:13 . 2009-06-28 20:13 -------- d-----w- c:\windows\system32\Macromed
2009-06-28 20:12 . 2009-06-28 20:12 -------- d-----w- c:\program files\uTorrent
2009-06-28 20:11 . 2009-06-29 21:28 -------- d-----w- c:\users\Treeza\AppData\Roaming\uTorrent
2009-06-28 16:20 . 2009-06-28 19:07 680 ----a-w- c:\users\Treeza\AppData\Local\d3d9caps.dat
2009-06-28 15:46 . 2009-06-28 15:46 61440 ----a-w- c:\windows\system32\winipsec.dll
2009-06-28 15:46 . 2009-06-28 15:46 28672 ----a-w- c:\windows\system32\FwRemoteSvr.dll
2009-06-28 15:46 . 2009-06-28 15:46 361984 ----a-w- c:\windows\system32\IPSECSVC.DLL
2009-06-28 15:46 . 2009-06-28 15:46 272896 ----a-w- c:\windows\system32\polstore.dll
2009-06-28 15:42 . 2009-06-28 15:42 95232 ----a-w- c:\windows\system32\PortableDeviceClassExtension.dll
2009-06-28 15:42 . 2009-06-28 15:42 241152 ----a-w- c:\windows\system32\PortableDeviceApi.dll
2009-06-28 15:42 . 2009-06-28 15:42 160768 ----a-w- c:\windows\system32\PortableDeviceTypes.dll
2009-06-28 15:40 . 2009-06-28 15:40 39424 ----a-w- c:\windows\system32\ACCTRES.dll
2009-06-28 15:40 . 2009-06-28 15:40 87040 ----a-w- c:\windows\system32\msoert2.dll
2009-06-28 15:40 . 2009-06-28 15:40 205824 ----a-w- c:\windows\system32\msoeacct.dll
2009-06-28 15:39 . 2009-06-28 15:39 704000 ----a-w- c:\windows\system32\PhotoScreensaver.scr
2009-06-28 15:39 . 2009-06-28 15:39 356352 ----a-w- c:\windows\system32\wbem\wbemcomn.dll
2009-06-28 15:39 . 2009-06-28 15:39 24064 ----a-w- c:\windows\system32\wtsapi32.dll
2009-06-28 15:39 . 2009-06-28 15:39 258232 ----a-w- c:\windows\system32\drivers\acpi.sys
2009-06-28 15:39 . 2009-06-28 15:39 20920 ----a-w- c:\windows\system32\drivers\compbatt.sys
2009-06-28 15:39 . 2009-06-28 15:39 11264 ----a-w- c:\windows\system32\drivers\wmiacpi.sys
2009-06-28 15:39 . 2009-06-28 15:39 28344 ----a-w- c:\windows\system32\drivers\battc.sys
2009-06-28 15:39 . 2009-06-28 15:39 14208 ----a-w- c:\windows\system32\drivers\CmBatt.sys
2009-06-28 15:39 . 2009-06-28 15:39 542720 ----a-w- c:\windows\system32\sysmain.dll
2009-06-28 15:38 . 2009-06-28 15:38 67584 ----a-w- c:\windows\system32\wlanhlp.dll
2009-06-28 15:38 . 2009-06-28 15:38 502784 ----a-w- c:\windows\system32\wlansvc.dll
2009-06-28 15:38 . 2009-06-28 15:38 47104 ----a-w- c:\windows\system32\wlanapi.dll
2009-06-28 15:38 . 2009-06-28 15:38 290816 ----a-w- c:\windows\system32\wlanmsm.dll
2009-06-28 15:38 . 2009-06-28 15:38 297984 ----a-w- c:\windows\system32\wlansec.dll
2009-06-28 15:37 . 2009-06-28 15:37 194560 ----a-w- c:\windows\system32\WebClnt.dll
2009-06-28 15:37 . 2009-06-28 15:37 110080 ----a-w- c:\windows\system32\drivers\mrxdav.sys
2009-06-28 15:36 . 2009-06-28 15:36 2028032 ----a-w- c:\windows\system32\win32k.sys
2009-06-28 15:34 . 2009-06-28 15:34 49664 ----a-w- c:\windows\system32\csrsrv.dll
2009-06-28 15:34 . 2009-06-28 15:34 376320 ----a-w- c:\windows\system32\winsrv.dll
2009-06-28 15:30 . 2009-06-28 15:30 376832 ----a-w- c:\windows\system32\winhttp.dll
2009-06-28 15:26 . 2009-06-28 15:26 297472 ----a-w- c:\windows\system32\gdi32.dll
2009-06-28 15:24 . 2009-06-28 15:24 41984 ----a-w- c:\windows\system32\drivers\monitor.sys
2009-06-28 15:24 . 2009-06-28 15:24 1060920 ----a-w- c:\windows\system32\drivers\ntfs.sys
2009-06-28 15:22 . 2009-06-28 15:22 211456 ----a-w- c:\windows\system32\drivers\mrxsmb10.sys
2009-06-28 15:21 . 2009-06-28 15:21 500736 ----a-w- c:\windows\system32\msdtcprx.dll
2009-06-28 15:21 . 2009-06-28 15:21 30208 ----a-w- c:\windows\system32\xolehlp.dll
2009-06-28 15:17 . 2009-06-28 15:17 28672 ----a-w- c:\windows\system32\Apphlpdm.dll
2009-06-28 15:17 . 2009-06-28 15:17 4247552 ----a-w- c:\windows\system32\GameUXLegacyGDFs.dll
2009-06-28 15:17 . 2009-06-28 15:17 1687040 ----a-w- c:\windows\system32\gameux.dll
2009-06-28 15:13 . 2009-06-28 15:13 303616 ----a-w- c:\windows\system32\wmpeffects.dll
2009-06-28 15:11 . 2009-06-28 15:11 2048 ----a-w- c:\windows\system32\msxml3r.dll
2009-06-28 15:11 . 2009-06-28 15:11 1194496 ----a-w- c:\windows\system32\msxml3.dll
2009-06-28 15:10 . 2009-06-28 15:10 414208 ----a-w- c:\windows\system32\msscp.dll
2009-06-28 15:08 . 2009-06-28 15:08 356864 ----a-w- c:\windows\system32\MediaMetadataHandler.dll
2009-06-28 15:07 . 2009-06-28 15:07 63488 ----a-w- c:\windows\system32\drivers\mpsdrv.sys
2009-06-28 15:07 . 2009-06-28 15:07 396800 ----a-w- c:\windows\system32\MPSSVC.dll
2009-06-28 15:07 . 2009-06-28 15:07 392192 ----a-w- c:\windows\system32\FirewallAPI.dll
2009-06-28 15:07 . 2009-06-28 15:07 86016 ----a-w- c:\windows\system32\icfupgd.dll
2009-06-28 15:07 . 2009-06-28 15:07 61952 ----a-w- c:\windows\system32\cmifw.dll
2009-06-28 15:07 . 2009-06-28 15:07 16896 ----a-w- c:\windows\system32\wfapigp.dll
2009-06-28 15:07 . 2009-06-28 15:07 23040 ----a-w- c:\windows\system32\drivers\tunnel.sys
2009-06-28 15:07 . 2009-06-28 15:07 178688 ----a-w- c:\windows\system32\iphlpsvc.dll
2009-06-28 15:07 . 2009-06-28 15:07 15360 ----a-w- c:\windows\system32\drivers\TUNMP.SYS
2009-06-28 15:04 . 2009-06-28 15:04 2048 ----a-w- c:\windows\system32\tzres.dll
2009-06-28 15:02 . 2009-06-28 15:02 8147968 ----a-w- c:\windows\system32\wmploc.DLL
2009-06-28 15:02 . 2009-06-28 15:02 7680 ----a-w- c:\windows\system32\spwmp.dll
2009-06-28 15:02 . 2009-06-28 15:02 4096 ----a-w- c:\windows\system32\dxmasf.dll
2009-06-28 15:00 . 2009-06-28 15:00 0 ----a-w- c:\windows\ativpsrm.bin
2009-06-28 14:57 . 2009-06-28 14:57 696832 ----a-w- c:\windows\system32\localspl.dll
2009-06-28 14:49 . 2009-06-28 14:49 45112 ----a-w- c:\windows\system32\drivers\pciidex.sys
2009-06-28 14:49 . 2009-06-28 14:49 21560 ----a-w- c:\windows\system32\drivers\atapi.sys
2009-06-28 14:49 . 2009-06-28 14:49 15928 ----a-w- c:\windows\system32\drivers\pciide.sys
2009-06-28 14:49 . 2009-06-28 14:49 109624 ----a-w- c:\windows\system32\drivers\ataport.sys
2009-06-28 14:49 . 2009-06-28 14:49 211000 ----a-w- c:\windows\system32\drivers\volsnap.sys
2009-06-28 14:49 . 2009-06-28 14:49 154624 ----a-w- c:\windows\system32\drivers\nwifi.sys
2009-06-28 14:48 . 2009-06-28 14:48 104448 ----a-w- c:\windows\system32\DWWIN.EXE
2009-06-28 14:47 . 2009-06-28 14:47 2923520 ----a-w- c:\windows\explorer.exe
2009-06-28 14:45 . 2009-06-28 14:45 8704 ----a-w- c:\windows\system32\hcrstco.dll
2009-06-28 14:45 . 2009-06-28 14:45 8704 ----a-w- c:\windows\system32\hccoin.dll
2009-06-28 14:45 . 2009-06-28 14:45 5888 ----a-w- c:\windows\system32\drivers\usbd.sys
2009-06-28 14:45 . 2009-06-28 14:45 192000 ----a-w- c:\windows\system32\drivers\usbhub.sys
2009-06-28 14:45 . 2009-06-28 14:45 38400 ----a-w- c:\windows\system32\drivers\usbehci.sys
2009-06-28 14:45 . 2009-06-28 14:45 224768 ----a-w- c:\windows\system32\drivers\usbport.sys
2009-06-28 14:45 . 2009-06-28 14:45 19456 ----a-w- c:\windows\system32\drivers\usbohci.sys
2009-06-28 14:42 . 2009-06-28 14:42 24064 ----a-w- c:\windows\system32\netcfg.exe
2009-06-28 14:42 . 2009-06-28 14:42 22016 ----a-w- c:\windows\system32\netiougc.exe
2009-06-28 14:42 . 2009-06-28 14:42 216632 ----a-w- c:\windows\system32\drivers\netio.sys
2009-06-28 14:42 . 2009-06-28 14:42 167424 ----a-w- c:\windows\system32\tcpipcfg.dll
2009-06-28 14:42 . 2009-06-28 14:42 803328 ----a-w- c:\windows\system32\drivers\tcpip.sys
2009-06-28 14:36 . 2009-06-28 14:36 1793536 ----a-w- c:\windows\system32\NlsLexicons0045.dll
2009-06-28 14:36 . 2009-06-28 14:36 1808896 ----a-w- c:\windows\system32\NlsLexicons0046.dll
2009-06-28 14:36 . 2009-06-28 14:36 1411072 ----a-w- c:\windows\system32\NlsLexicons0047.dll
2009-06-28 14:36 . 2009-06-28 14:36 1558016 ----a-w- c:\windows\system32\NlsLexicons0049.dll
2009-06-28 14:36 . 2009-06-28 14:36 1236992 ----a-w- c:\windows\system32\NlsLexicons0020.dll
2009-06-28 14:36 . 2009-06-28 14:36 1782272 ----a-w- c:\windows\system32\NlsLexicons0039.dll
2009-06-28 14:36 . 2009-06-28 14:36 2136064 ----a-w- c:\windows\system32\NlsLexicons0021.dll
2009-06-28 14:36 . 2009-06-28 14:36 5499904 ----a-w- c:\windows\system32\NlsLexicons0022.dll
2009-06-28 14:35 . 2009-06-28 14:35 7964672 ----a-w- c:\windows\system32\NlsLexicons0024.dll
2009-06-28 14:35 . 2009-06-28 14:35 5791232 ----a-w- c:\windows\system32\NlsLexicons0026.dll
2009-06-28 14:35 . 2009-06-28 14:35 6224896 ----a-w- c:\windows\system32\NlsLexicons0027.dll
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2009-06-29 21:13 . 2009-06-29 20:42 7460 --sha-w- c:\windows\system32\drivers\fidbox.idx
2009-06-28 16:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Calendar
2009-06-28 16:00 . 2006-11-02 11:18 -------- d-----w- c:\program files\Windows Mail
2009-06-28 16:00 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Defender
2009-06-28 15:57 . 2006-11-02 12:37 -------- d-----w- c:\program files\Windows Sidebar
2009-06-28 15:57 . 2006-11-02 10:25 665600 ----a-w- c:\windows\inf\drvindex.dat
2009-06-28 14:32 . 2009-06-28 14:32 5031936 ----a-w- c:\windows\system32\NlsLexicons0816.dll
2009-06-28 14:15 . 2009-06-28 14:15 620088 ----a-w- c:\windows\system32\ci.dll
2009-06-28 14:02 . 2009-06-28 14:02 320000 ----a-w- c:\windows\system32\drivers\csc.sys
2009-06-28 13:10 . 2009-06-28 13:10 78336 ----a-w- c:\windows\system32\ieencode.dll
2009-06-28 13:10 . 2009-06-28 13:10 48128 ----a-w- c:\windows\system32\mshtmler.dll
2009-06-28 13:10 . 2009-06-28 13:10 26624 ----a-w- c:\windows\system32\ieUnatt.exe
2009-06-28 13:10 . 2009-06-28 13:10 56320 ----a-w- c:\windows\system32\iesetup.dll
2009-05-01 21:02 . 2009-05-01 21:02 90112 ----a-w- c:\windows\system32\dpl100.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx0c.dll
2009-05-01 21:02 . 2009-05-01 21:02 823296 ----a-w- c:\windows\system32\divx_xx07.dll
2009-05-01 21:02 . 2009-05-01 21:02 815104 ----a-w- c:\windows\system32\divx_xx0a.dll
2009-05-01 21:02 . 2009-05-01 21:02 811008 ----a-w- c:\windows\system32\divx_xx16.dll
2009-05-01 21:02 . 2009-05-01 21:02 802816 ----a-w- c:\windows\system32\divx_xx11.dll
2009-05-01 21:02 . 2009-05-01 21:02 685056 ----a-w- c:\windows\system32\DivX.dll
2007-02-21 19:48 . 2007-02-21 19:48 8192 --sha-w- c:\windows\Users\Default\NTUSER.DAT
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}]
2009-06-14 15:07 1004800 ----a-w- c:\program files\AVG\AVG8\Toolbar\IEToolbar.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"AVG8_TRAY"="c:\progra~1\AVG\AVG8\avgtray.exe" [2009-06-28 1948440]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2009-02-27 35696]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=c:\windows\System32\avgrsstx.dll
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux1"=wdmaud.drv
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
@="Service"
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\FirewallRules]
"{CE39B175-9594-42CF-A332-10C8C891E48C}"= c:\program files\AVG\AVG8\avgemc.exe:avgemc.exe
"{132FFABD-BA61-447E-B830-3BB5C0A4FA74}"= c:\program files\AVG\AVG8\avgupd.exe:avgupd.exe
"{6CE018E3-7E38-49C0-9A50-BEC0BAB76595}"= c:\program files\AVG\AVG8\avgnsx.exe:avgnsx.exe
"{58E99E54-A984-4DC5-B2A6-3952BF238EF5}"= UDP:c:\program files\uTorrent\uTorrent.exe:µTorrent (TCP-In)
"{76241B5E-A0FF-492C-A838-DD3ABDABA82C}"= TCP:c:\program files\uTorrent\uTorrent.exe:µTorrent (UDP-In)
[HKLM\~\services\sharedaccess\parameters\firewallpolicy\RestrictedServices\Static\System]
"DFSR-1"= RPort=5722|UDP:%SystemRoot%\system32\svchost.exe|Svc=DFSR:Allow inbound TCP traffic|
R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\System32\drivers\avgldx86.sys [28/06/2009 13:28 327688]
R1 AvgTdiX;AVG Free8 Network Redirector;c:\windows\System32\drivers\avgtdix.sys [28/06/2009 13:28 108552]
R2 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\AVG\AVG8\avgemc.exe [28/06/2009 13:27 906520]
R2 avg8wd;AVG Free8 WatchDog;c:\progra~1\AVG\AVG8\avgwdsvc.exe [28/06/2009 13:27 298776]
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
LocalServiceNoNetwork REG_MULTI_SZ PLA DPS BFE mpssvc
.
Contents of the 'Scheduled Tasks' folder
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://www.moneysavingexpert.com/
.
**************************************************************************
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2009-06-30 18:50
Windows 6.0.6000 NTFS
scanning hidden processes ...
scanning hidden autostart entries ...
scanning hidden files ...
scan completed successfully
hidden files: 0
**************************************************************************
.
--------------------- LOCKED REGISTRY KEYS ---------------------
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
Completion time: 2009-06-30 18:51
ComboFix-quarantined-files.txt 2009-06-30 17:51
Pre-Run: 91,420,315,648 bytes free
Post-Run: 91,437,191,168 bytes free
227 --- E O F --- 2009-06-30 17:36
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 19:09:36, on 30/06/2009
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16851)
Boot mode: Normal
Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.exe
C:\Users\Treeza\Desktop\HijackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.moneysavingexpert.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG8\avgssie.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [AVG8_TRAY] C:\PROGRA~1\AVG\AVG8\avgtray.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher] "C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe"
O13 - Gopher Prefix:
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG8\avgpp.dll
O20 - AppInit_DLLs: C:\Windows\System32\avgrsstx.dll
O23 - Service: Ati External Event Utility - ATI Technologies Inc. - C:\Windows\system32\Ati2evxx.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
--
End of file - 2617 bytes