Overclock.net banner
1 - 3 of 3 Posts

·
Registered
Joined
·
762 Posts
Discussion Starter · #1 ·
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 11:03:25 AM, on 7/12/2009
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v6.00 SP2 (6.00.2900.2180)
Boot mode: Normal

Running processes:
C:\\WINDOWS\\System32\\smss.exe
C:\\WINDOWS\\system32\\winlogon.exe
C:\\WINDOWS\\system32\\services.exe
C:\\WINDOWS\\system32\\lsass.exe
C:\\WINDOWS\\system32\
vsvc32.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\WINDOWS\\System32\\svchost.exe
C:\\WINDOWS\\system32\\spoolsv.exe
C:\\WINDOWS\\Explorer.EXE
C:\\WINDOWS\\system32\\RUNDLL32.EXE
C:\\Program Files\\AGI\\common\\win32\\PythonService.exe
C:\\WINDOWS\\RTHDCPL.EXE
C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe
C:\\Program Files\\Kiwee Toolbar\\2.9.201\\kwtbaim.exe
C:\\PROGRA~1\\AVG\\AVG8\\avgwdsvc.exe
C:\\WINDOWS\\system32\\svchost.exe
C:\\PROGRA~1\\AVG\\AVG8\\avgemc.exe
C:\\PROGRA~1\\AVG\\AVG8\\avgrsx.exe
C:\\PROGRA~1\\AVG\\AVG8\\avgnsx.exe
C:\\Program Files\\AVG\\AVG8\\avgcsrvx.exe
C:\\Program Files\\Mozilla Firefox\\firefox.exe
C:\\Program Files\\MSN Messenger\\msnmsgr.exe
C:\\Program Files\\MSN Messenger\\usnsvc.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe

R3 - URLSearchHook: AGSearchHook Class - {0BC6E3FA-78EF-4886-842C-5A1258C4455A} - C:\\Program Files\\AGI\\common\\agcutils.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\\Program Files\\AVG\\AVG8\\avgssie.dll
O2 - BHO: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\\Program Files\\Kiwee Toolbar\\2.9.201\\KiweeIEToolbar.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O3 - Toolbar: Kiwee Toolbar - {6638A9DE-0745-4292-8A2E-AE530E7B9B3F} - C:\\Program Files\\Kiwee Toolbar\\2.9.201\\KiweeIEToolbar.dll
O4 - HKLM\\..\\Run: [nwiz] nwiz.exe /install
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\WINDOWS\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\\..\\Run: [Alcmtr] ALCMTR.EXE
O4 - HKLM\\..\\Run: [AVG8_TRAY] C:\\PROGRA~1\\AVG\\AVG8\\avgtray.exe
O4 - HKLM\\..\\Run: [KiweeHook] "C:\\Program Files\\Kiwee Toolbar\\2.9.201\\kwtbaim.exe"
O4 - Startup: Shortcut to taskmgr.lnk = C:\\WINDOWS\\system32\askmgr.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\\Program Files\\Messenger\\msmsgs.exe
O16 - DPF: CabBuilder - http://kiw.imgag.com/imgag/kiw/toolb...lerControl.cab
O18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\\Program Files\\AVG\\AVG8\\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - C:\\WINDOWS\\SYSTEM32\\avgrsstx.dll
O23 - Service: AG Windows Service (AGWinService) - Unknown owner - C:\\Program Files\\AGI\\common\\win32\\PythonService.exe
O23 - Service: AVG Free8 E-mail Scanner (avg8emc) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgemc.exe
O23 - Service: AVG Free8 WatchDog (avg8wd) - AVG Technologies CZ, s.r.o. - C:\\PROGRA~1\\AVG\\AVG8\\avgwdsvc.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\\WINDOWS\\system32\
vsvc32.exe

--
End of file - 3210 bytes
 

·
Registered
Joined
·
638 Posts
Your results looked O.K.Just a few minor things.
Go here to paste your output into the analyzer and it will show what's what.

http://www.hijackthis.de/

This came back as possibly nasty.

C:\\Program Files\\AGI\\common\\win32\\PythonService.exe
Neutral

Possibly nasty! According to our database this process runs normally in c:\\programme\\plone 2\\zope\\bin\\! Check if you know this process and arrange a viruscheck where required. Python Language Interpreter service
 
1 - 3 of 3 Posts
This is an older thread, you may not receive a response, and could be reviving an old thread. Please consider creating a new thread.
Top