Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 11:29:53 AM, on 3/21/2010
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18385)
Boot mode: Normal
Running processes:
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\TrendMicro\HiJackThis\HiJackThis.exe
R3 - URLSearchHook: (no name) - *{CFBFAE00-17A6-11D0-99CB-00C04FD64497} - (no file)
R3 - URLSearchHook: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
F2 - REG:system.ini: UserInit=userinit.exe
O1 - Hosts: ::1 localhost
O2 - BHO: AcroIEHelperStub - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files (x86)\AVG\AVG8\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
O2 - BHO: Windows Live Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: AVG Security Toolbar BHO - {A3BC75A2-1F87-4686-AA43-5347D756017C} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O2 - BHO: Microsoft Live Search Toolbar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: Microsoft Live Search Toolbar - {1E61ED7C-7CB8-49d6-B9E9-AB4C880C8414} - c:\Program Files (x86)\MSN\Toolbar\3.0.0541.0\msneshellx.dll
O3 - Toolbar: AVG Security Toolbar - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - C:\Program Files (x86)\AVG\AVG8\Toolbar\IEToolbar.dll
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\daemon.exe" -autorun
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [Pando Media Booster] C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
O4 - HKCU\..\Run: [Software Informer] "C:\Program Files (x86)\Software Informer\softinfo.exe" -autorun
O4 - HKCU\..\Run: [WMPNSCFG] C:\Program Files (x86)\Windows Media Player\WMPNSCFG.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem (User 'NETWORK SERVICE')
O15 - Trusted Zone: *.cyworld.com
O15 - Trusted Zone: *.nate.com
O15 - ESC Trusted Zone: http://*.update.microsoft.com
O16 - DPF: {063F7D71-5E0B-48F2-87D5-F63C5917947E} (Aosmgr Control) -
http://ahnlabdownload.nefficient.co.kr/aos/plugin/aosmgr.cabO16 - DPF: {286A75C3-11FB-4FB4-AC4A-4DD1B0750050} (INISAFEWeb6 V6 Class) -
http://www.siren24.com/initech/plugin/INIS60.cabO16 - DPF: {2DCB00FB-3485-486B-BD41-C49AD605264D} (EZKeytecWeb Class) -
http://update2.spaceinter.com/easykeytec/bin/easykeytec.cabO16 - DPF: {33EAE546-128F-41C3-BAD4-7624EB5E3730} (KT ICS Download Component) -
http://static.plaync.co.kr/aion_v2/skin/AddOn_091224.cabO16 - DPF: {39461460-2552-4D51-A062-3AB6A7B902E9} (INISAFE Updater Control) -
http://banking.nonghyup.com/shttp/install/down/INIS70.cabO16 - DPF: {39FC0CF9-86F3-4502-B773-D16706EDEC83} (SCSK Control) -
http://banking.nonghyup.com/plugin/scsk/ini7/SCSK4_WOW64.cabO16 - DPF: {51B1D5ED-67DC-43F0-A3F8-8502F1A5E404} (nPCom2 Control) -
http://nprotect.plaync.co.kr/nProtect/netizen2007/ncsoft/npstarter.cabO16 - DPF: {5DBE942F-CE91-4EED-853F-A1CD022665AF} (DacomCrossDomain Control) -
http://pgdownload.dacom.net/common/js/crossdomain/LGDacom_CrossDomain_20091117.cabO16 - DPF: {60F33B36-3E89-48EF-BE77-ACC23A366C2A} (NCLoaderCtl Class) -
https://wstatic.plaync.co.kr/common/js/UniUpdTool/NCLoader.8.cabO16 - DPF: {6F15128C-E66A-490C-B848-5000B5ABEEAC} (HP Download Manager) -
https://h20436.www2.hp.com/ediags/dex/secure/HPDEXAXO.cabO16 - DPF: {80E16BB6-161D-40AE-8578-8C43A5F237F0} (Tple AAĆ®