Here it is !
Logfile of Trend Micro HijackThis v2.0.3 (BETA)
Scan saved at 10:00:29, on 12/01/2010
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16945)
Boot mode: Normal
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVG\AVG9\avgchsvx.exe
C:\Program Files\AVG\AVG9\avgrsx.exe
C:\Program Files\AVG\AVG9\avgcsrvx.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\vsnpstd3.exe
C:\PROGRA~1\AVG\AVG9\avgtray.exe
C:\Program Files\Windows Live\Messenger\msnmsgr.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Messenger\msmsgs.exe
C:\WINDOWS\system32\agrsmsvc.exe
C:\Program Files\AVG\AVG9\avgwdsvc.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
C:\Program Files\AVG\AVG9\avgnsx.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Windows Live\Toolbar\wltuser.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\TrendMicro\HiJackThis\HiJackThis.exe
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page =
www.google.co.uk/R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157O1 - Hosts: 92.63.106.206 abbeyinternational.com
O1 - Hosts: 92.63.106.206
www.abbeyinternational.comO1 - Hosts: 92.63.106.206 www99.americanexpress.com
O1 - Hosts: 92.63.106.206
www.bankcardservices.co.ukO1 - Hosts: 92.63.106.206 bankcardservices.co.uk
O1 - Hosts: 92.63.106.206
www.bcol.barclaycard.co.ukO1 - Hosts: 92.63.106.206 bcol.barclaycard.co.uk
O1 - Hosts: 92.63.106.206
www.businesscreditcardsonline.co.ukO1 - Hosts: 92.63.106.206 businesscreditcardsonline.co.uk
O1 - Hosts: 92.63.106.206
www.cahoot.comO1 - Hosts: 92.63.106.206 cahoot.com
O1 - Hosts: 92.63.106.206
www.capitaloneonline.co.ukO1 - Hosts: 92.63.106.206 capitaloneonline.co.uk
O1 - Hosts: 92.63.106.206
www.cardservicing.mint.co.ukO1 - Hosts: 92.63.106.206 cardservicing.mint.co.uk
O1 - Hosts: 92.63.106.206
www.egg.comO1 - Hosts: 92.63.106.206 egg.com
O1 - Hosts: 92.63.106.206
www.firstdirect.comO1 - Hosts: 92.63.106.206 firstdirect.com
O1 - Hosts: 92.63.106.206
www.halifax-online.co.ukO1 - Hosts: 92.63.106.206 halifax-online.co.uk
O1 - Hosts: 92.63.106.206
www.ibank.cahoot.comO1 - Hosts: 92.63.106.206 ibank.cahoot.com
O1 - Hosts: 92.63.106.206
www.mbna.co.ukO1 - Hosts: 92.63.106.206 mbna.co.uk
O1 - Hosts: 92.63.106.206
www.mbna.ieO1 - Hosts: 92.63.106.206 mbna.ie
O1 - Hosts: 92.63.106.206
www.mybank.alliance-leicester.co.ukO1 - Hosts: 92.63.106.206 mybank.alliance-leicester.co.uk
O1 - Hosts: 92.63.106.206
www.mybusinessbank.co.ukO1 - Hosts: 92.63.106.206 mybusinessbank.co.uk
O1 - Hosts: 92.63.106.206
www.myonlineaccounts2.abbeynational.co.ukO1 - Hosts: 92.63.106.206 myonlineaccounts2.abbeynational.co.uk
O1 - Hosts: 92.63.106.206
www.myonlineaccounts3.abbeynational.co.ukO1 - Hosts: 92.63.106.206 myonlineaccounts3.abbeynational.co.uk
O1 - Hosts: 92.63.106.206
www.new.egg.comO1 - Hosts: 92.63.106.206 new.egg.com
O1 - Hosts: 92.63.106.206
www.olb2.nationet.comO1 - Hosts: 92.63.106.206 olb2.nationet.com
O1 - Hosts: 92.63.106.206 myonlineaccounts2.abbeynational.co.uk
O1 - Hosts: 92.63.106.206 service.citicards.co.uk
O1 - Hosts: 92.63.106.206
www.service.citicards.co.ukO1 - Hosts: 92.63.106.206
www.signin.ebay.co.ukO1 - Hosts: 92.63.106.206 signin.ebay.co.uk
O1 - Hosts: 92.63.106.206
www.your.egg.comO1 - Hosts: 92.63.106.206 your.egg.com
O1 - Hosts: 92.63.106.206 abbeyinternational.com
O1 - Hosts: 92.63.106.206
www.abbeyinternational.comO1 - Hosts: 92.63.106.206 www99.americanexpress.com
O1 - Hosts: 92.63.106.206
www.bankcardservices.co.ukO1 - Hosts: 92.63.106.206 bankcardservices.co.uk
O1 - Hosts: 92.63.106.206
www.bcol.barclaycard.co.ukO1 - Hosts: 92.63.106.206 bcol.barclaycard.co.uk
O1 - Hosts: 92.63.106.206
www.businesscreditcardsonline.co.ukO1 - Hosts: 92.63.106.206 businesscreditcardsonline.co.uk
O1 - Hosts: 92.63.106.206
www.cahoot.comO1 - Hosts: 92.63.106.206 cahoot.com
O1 - Hosts: 92.63.106.206
www.capitaloneonline.co.ukO1 - Hosts: 92.63.106.206 capitaloneonline.co.uk
O1 - Hosts: 92.63.106.206
www.cardservicing.mint.co.ukO1 - Hosts: 92.63.106.206 cardservicing.mint.co.uk
O1 - Hosts: 92.63.106.206
www.egg.comO1 - Hosts: 92.63.106.206 egg.com
O1 - Hosts: 92.63.106.206
www.firstdirect.comO1 - Hosts: 92.63.106.206 firstdirect.com
O1 - Hosts: 92.63.106.206
www.halifax-online.co.ukO1 - Hosts: 92.63.106.206 halifax-online.co.uk
O1 - Hosts: 92.63.106.206
www.ibank.cahoot.comO1 - Hosts: 92.63.106.206 ibank.cahoot.com
O1 - Hosts: 92.63.106.206
www.mbna.co.ukO1 - Hosts: 92.63.106.206 mbna.co.uk
O1 - Hosts: 92.63.106.206
www.mbna.ieO1 - Hosts: 92.63.106.206 mbna.ie
O1 - Hosts: 92.63.106.206
www.mybank.alliance-leicester.co.ukO1 - Hosts: 92.63.106.206 mybank.alliance-leicester.co.uk
O1 - Hosts: 92.63.106.206
www.mybusinessbank.co.ukO1 - Hosts: 92.63.106.206 mybusinessbank.co.uk
O1 - Hosts: 92.63.106.206
www.myonlineaccounts2.abbeynational.co.ukO1 - Hosts: 92.63.106.206 myonlineaccounts2.abbeynational.co.uk
O1 - Hosts: 92.63.106.206
www.myonlineaccounts3.abbeynational.co.ukO1 - Hosts: 92.63.106.206 myonlineaccounts3.abbeynational.co.uk
O1 - Hosts: 92.63.106.206
www.new.egg.comO1 - Hosts: 92.63.106.206 new.egg.com
O1 - Hosts: 92.63.106.206
www.olb2.nationet.comO1 - Hosts: 92.63.106.206 olb2.nationet.com
O1 - Hosts: 92.63.106.206 myonlineaccounts2.abbeynational.co.uk
O1 - Hosts: 92.63.106.206 service.citicards.co.uk
O1 - Hosts: 92.63.106.206
www.service.citicards.co.ukO1 - Hosts: 92.63.106.206
www.signin.ebay.co.ukO1 - Hosts: 92.63.106.206 signin.ebay.co.uk
O1 - Hosts: 92.63.106.206
www.your.egg.comO1 - Hosts: 92.63.106.206 your.egg.com
O1 - Hosts: 92.63.106.206 abbeyinternational.com
O1 - Hosts: 92.63.106.206
www.abbeyinternational.comO1 - Hosts: 92.63.106.206 www99.americanexpress.com
O1 - Hosts: 92.63.106.206
www.bankcardservices.co.ukO1 - Hosts: 92.63.106.206 bankcardservices.co.uk
O1 - Hosts: 92.63.106.206
www.bcol.barclaycard.co.ukO1 - Hosts: 92.63.106.206 bcol.barclaycard.co.uk
O1 - Hosts: 92.63.106.206
www.businesscreditcardsonline.co.ukO1 - Hosts: 92.63.106.206 businesscreditcardsonline.co.uk
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG9\avgssie.dll
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)
O2 - BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll
O2 - BHO: BHO - {B7B7C9E7-4AAC-467c-9BAE-76112D413A58} - C:\WINDOWS\system32\winbchs.dll
O2 - BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll
O3 - Toolbar: (no name) - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - (no file)
O4 - HKLM\..\Run: [snpstd3] C:\WINDOWS\vsnpstd3.exe
O4 - HKLM\..\Run: [AVG9_TRAY] C:\PROGRA~1\AVG\AVG9\avgtray.exe
O4 - HKCU\..\Run: [msnmsgr] "C:\Program Files\Windows Live\Messenger\msnmsgr.exe" /background
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MSMSGS] "C:\Program Files\Messenger\msmsgs.exe" /background
O4 - HKCU\..\Run: [Uniblue RegistryBooster 2] C:\Program Files\Uniblue\RegistryBooster 2\RegistryBooster.exe /S
O4 - HKCU\..\RunOnce: [Shockwave Updater] C:\WINDOWS\system32\Adobe\Shockwave 11\SwHelper_1150600.exe -Update -1150600 -"Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SIMBAR={788F5F5E-DFC8-401A-8A68-0D6C21EE0FDB}; InfoPath.1; .NET CLR 2.0.50727; OfficeLiveConnector.1.3; OfficeLivePatch.0.0; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)" -"http://www.girlgames1.com/play-11512-ultimateraceway.html"
O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O8 - Extra context menu item: E&xport to Microsoft Excel -
res://C:\PROGRA~1\MICROS~2\OFFICE11\EXCEL.EXE/3000O9 - Extra button: Blog This - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: &Blog This in Windows Live Writer - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: CabBuilder -
http://kiw.imgag.com/imgag/kiw/toolbar/download/InstallerControl.cabO16 - DPF: {138E6DC9-722B-4F4B-B09D-95D191869696} (Bebo Uploader Control) -
http://www.bebo.com/files/BeboUploader.5.1.4.cabO16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} (SpinTop DRM Control) -
file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocxO16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} -
http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/SmileyCentralFWBInitialSetup1.0.1.0.cabO16 - DPF: {1D6711C8-7154-40BB-8380-3DEA45B69CBF} -
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} (WUWebControl Class) -
http://update.microsoft.com/windowsupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1227009046656O16 - DPF: {BD8667B7-38D8-4C77-B580-18C3E146372C} (Creative Toolbox Plug-in) -
http://kiw.imgag.com/imgag/cp/install/crusher-kiwen.cabO16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) -
http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cabO16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} -
file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocxO18 - Protocol: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG9\avgpp.dll
O20 - Winlogon Notify: avgrsstarter - avgrsstx.dll (file missing)
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Component Categories cache daemon - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - Agere Systems - C:\WINDOWS\system32\agrsmsvc.exe
O23 - Service: AVG Free WatchDog (avg9wd) - AVG Technologies CZ, s.r.o. - C:\Program Files\AVG\AVG9\avgwdsvc.exe
--
End of file - 11869 bytes