FreeFixer v0.34 log http://www.freefixer.com/ Operating system: Windows XP Service Pack 3 Log dated 2009-03-15 15:32 Suspicious file names C:\WINDOWS\system32\twunk_16.exe C:\WINDOWS\system32\twunk_32.exe BootExecute (1 whitelisted) C:\WINDOWS\system32\lsdelete.exe Winlogon Notify (9 whitelisted) avgrsstarter - C:\WINDOWS\system32\avgrsstx.dll dimsntfy - C:\WINDOWS\System32\dimsntfy.dll WgaLogon - C:\WINDOWS\system32\WgaLogon.dll Browser Helper Objects {0347C33E-8762-4905-BF09-768834316C61}, HP Print Enhancer, C:\Program Files\HP\Smart Web Printing\hpswp_printenhancer.dll {053F9267-DC04-4294-A72C-58F732D338C0}, HP Print Clips, C:\Program Files\HP\Smart Web Printing\hpswp_framework.dll {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}, Adobe PDF Reader Link Helper, C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll {18DF081C-E8AD-4283-A596-FA578C2EBDC3}, Adobe PDF Link Helper, C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll {53707962-6F74-2D53-2644-206D7942484F}, Spybot-S&D IE Protection, C:\PROGRA~1\SPYBOT~1\SDHelper.dll {5C255C8A-E604-49b4-9D64-90988571CECB}, , No file specified {761497BB-D6F0-462C-B6EB-D4DAF1D92D43}, Java(tm) Plug-In SSV Helper, C:\Program Files\Java\jre6\bin\ssv.dll {9030D464-4C02-4ABF-8ECC-5164760863C6}, Windows Live Sign-in Helper, C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll {DBC80044-A445-435b-BC74-9C25C1C588A9}, Java(tm) Plug-In 2 SSV Helper, C:\Program Files\Java\jre6\bin\jp2ssv.dll {E7E6F031-17CE-4C07-BC86-EABFE594F69C}, JQSIEStartDetectorImpl Class, C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll Internet Explorer toolbars (2 whitelisted) HKCU\..\Toolbar\WebBrowser\{F2CF5485-4E02-4F68-819C-B92DE9277049} - &Links - C:\WINDOWS\system32\ieframe.dll HKCU\..\Toolbar\WebBrowser\ITBar7Height - - No file specified Basic Internet Explorer settings HKCU\..\Main, Start Page = http://www.msn.com/?wl=true Registry Startups (1 whitelisted) HKLM\..\Run, SoundMan = SOUNDMAN.EXE HKLM\..\Run, NvCplDaemon = RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup HKLM\..\Run, AVG8_TRAY = C:\PROGRA~1\AVG\AVG8\avgtray.exe HKLM\..\Run, Windows Defender = "C:\Program Files\Windows Defender\MSASCui.exe" -hide HKLM\..\Run, HPDJ Taskbar Utility = C:\WINDOWS\system32\spool\drivers\w32x86\3\hpztsb09.exe HKLM\..\Run, KernelFaultCheck = %systemroot%\system32\dumprep 0 -k (file is missing) HKLM\..\Run, Ad-Watch = C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe Processes (23 whitelisted) C:\Program Files\Windows Defender\MsMpEng.exe C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe C:\Program Files\Bonjour\mDNSResponder.exe C:\Program Files\firedog advisor\firedogAdvisorSrvHost.exe C:\PROGRA~1\AVG\AVG8\avgrsx.exe C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\SOUNDMAN.EXE C:\PROGRA~1\AVG\AVG8\avgtray.exe C:\Program Files\Windows Defender\MSASCui.exe C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe C:\Program Files\FreeFixer\freefixer.exe Application modules (50 whitelisted) C:\WINDOWS\system32\ieframe.dll C:\WINDOWS\system32\iertutil.dll C:\WINDOWS\system32\Normaliz.dll C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\PDM.DLL C:\WINDOWS\system32\msdbg2.dll C:\Program Files\Common Files\Microsoft Shared\INK\SKCHUI.DLL Services (42 whitelisted) Apple Mobile Device, Apple Mobile Device, c:\program files\common files\apple\mobile device support\bin\applemobiledeviceservice.exe avg8wd, AVG Free8 WatchDog, c:\progra~1\avg\avg8\avgwdsvc.exe Bonjour Service, Bonjour Service, c:\program files\bonjour\mdnsresponder.exe firedogAdvisorSrvHost, firedogAdvisorSrvHost, c:\program files\firedog advisor\firedogadvisorsrvhost.exe idsvc, Windows CardSpace, c:\windows\microsoft.net\framework\v3.0\windows communication foundation\infocard.exe JavaQuickStarterService, Java Quick Starter, c:\program files\java\jre6\bin\jqs.exe Lavasoft Ad-Aware Service, Lavasoft Ad-Aware Service, c:\program files\lavasoft\ad-aware\aawservice.exe MDM, Machine Debug Manager, c:\program files\common files\microsoft shared\vs7debug\mdm.exe NVSvc, NVIDIA Display Driver Service, c:\windows\system32\nvsvc32.exe WinDefend, Windows Defender, c:\program files\windows defender\msmpeng.exe Shell services (5 whitelisted) WPDShServiceObj, {AAA288BA-9A4C-45B0-95D7-94D524869DB5}, C:\WINDOWS\system32\WPDShServiceObj.dll Drivers (26 whitelisted) AvgLdx86, AVG Free AVI Loader Driver x86, C:\WINDOWS\system32\drivers\avgldx86.sys BIOS, BIOS, c:\windows\system32\drivers\bios.sys DbgMsg, Debug Message, c:\windows\system32\drivers\dbgmsg.sys faproct, Circuit City Firedog Advisor ProcessTriggerDriver, C:\WINDOWS\system32\drivers\faproct.sys faunidrv, UniDriver for Firedog Advisor, C:\WINDOWS\system32\drivers\faunidrv.sys nvatabus, , C:\WINDOWS\system32\drivers\nvatabus.sys PxHelp20, PxHelp20, C:\WINDOWS\system32\drivers\pxhelp20.sys