Here Goes.
VundoFix V6.3.19
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Scan started at 3:00:15 PM 4/14/2007
Listing files found while scanning....
C:\WINDOWS\system32\awajjsfn.dll
C:\WINDOWS\system32\bhpaqtua.dll
C:\WINDOWS\system32\bmeoohmb.dll
C:\WINDOWS\system32\dxfjivuj.dll
C:\WINDOWS\system32\egtcrijt.ini
C:\WINDOWS\system32\fbrhljwa.dll
C:\WINDOWS\system32\flnyohhv.dll
C:\WINDOWS\system32\hktdkwpm.dll
C:\WINDOWS\system32\jlnmp.ini
C:\WINDOWS\system32\jlqhgoan.dll
C:\WINDOWS\system32\jwjnmwoy.dll
C:\WINDOWS\system32\nrsditfy.dll
C:\WINDOWS\system32\oowhxkao.dll
C:\WINDOWS\system32\oqbisdox.dll
C:\WINDOWS\system32\owurnaam.dll
C:\WINDOWS\system32\pmnlj.dll
C:\WINDOWS\system32\prqss.bak1
C:\WINDOWS\system32\prqss.bak2
C:\WINDOWS\system32\prqss.ini
C:\WINDOWS\system32\prqss.ini2
C:\WINDOWS\system32\prqss.tmp
C:\WINDOWS\system32\qgfvusuj.dll
C:\WINDOWS\system32\rabpjtvk.dll
C:\WINDOWS\system32\ssqrp.dll
C:\WINDOWS\system32\tjirctge.dll
C:\WINDOWS\system32\vmrvyaip.dll
C:\WINDOWS\system32\vynhtlom.dll
C:\WINDOWS\system32\wtgqvsgl.dll
C:\WINDOWS\system32\xerkrtvo.dll
Beginning removal...
Attempting to delete C:\WINDOWS\system32\awajjsfn.dll
C:\WINDOWS\system32\awajjsfn.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bhpaqtua.dll
C:\WINDOWS\system32\bhpaqtua.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\bmeoohmb.dll
C:\WINDOWS\system32\bmeoohmb.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\dxfjivuj.dll
C:\WINDOWS\system32\dxfjivuj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\egtcrijt.ini
C:\WINDOWS\system32\egtcrijt.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\fbrhljwa.dll
C:\WINDOWS\system32\fbrhljwa.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\flnyohhv.dll
C:\WINDOWS\system32\flnyohhv.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\hktdkwpm.dll
C:\WINDOWS\system32\hktdkwpm.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jlnmp.ini
C:\WINDOWS\system32\jlnmp.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\jlqhgoan.dll
C:\WINDOWS\system32\jlqhgoan.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\jwjnmwoy.dll
C:\WINDOWS\system32\jwjnmwoy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\nrsditfy.dll
C:\WINDOWS\system32\nrsditfy.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\oowhxkao.dll
C:\WINDOWS\system32\oowhxkao.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\oqbisdox.dll
C:\WINDOWS\system32\oqbisdox.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\owurnaam.dll
C:\WINDOWS\system32\owurnaam.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\pmnlj.dll
C:\WINDOWS\system32\pmnlj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\prqss.bak1
C:\WINDOWS\system32\prqss.bak1 Has been deleted!
Attempting to delete C:\WINDOWS\system32\prqss.bak2
C:\WINDOWS\system32\prqss.bak2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\prqss.ini
C:\WINDOWS\system32\prqss.ini Has been deleted!
Attempting to delete C:\WINDOWS\system32\prqss.ini2
C:\WINDOWS\system32\prqss.ini2 Has been deleted!
Attempting to delete C:\WINDOWS\system32\prqss.tmp
C:\WINDOWS\system32\prqss.tmp Has been deleted!
Attempting to delete C:\WINDOWS\system32\qgfvusuj.dll
C:\WINDOWS\system32\qgfvusuj.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\rabpjtvk.dll
C:\WINDOWS\system32\rabpjtvk.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\ssqrp.dll
C:\WINDOWS\system32\ssqrp.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\tjirctge.dll
C:\WINDOWS\system32\tjirctge.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vmrvyaip.dll
C:\WINDOWS\system32\vmrvyaip.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\vynhtlom.dll
C:\WINDOWS\system32\vynhtlom.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\wtgqvsgl.dll
C:\WINDOWS\system32\wtgqvsgl.dll Has been deleted!
Attempting to delete C:\WINDOWS\system32\xerkrtvo.dll
C:\WINDOWS\system32\xerkrtvo.dll Has been deleted!
Performing Repairs to the registry.
Done!
VundoFix V6.3.19
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Scan started at 3:09:04 PM 4/14/2007
Listing files found while scanning....
No infected files were found.
VundoFix V6.3.19
Checking Java version...
Java version is 1.4.2.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.3
Old versions of java are exploitable and should be removed.
Java version is 1.5.0.9
Old versions of java are exploitable and should be removed.
Scan started at 4:41:04 PM 4/14/2007
Listing files found while scanning....
No infected files were found.
~~~~~
SUPERAntiSpyware Scan Log
Generated 04/14/2007 at 04:36 PM
Application Version : 3.6.1000
Core Rules Database Version : 3219
Trace Rules Database Version: 1229
Scan type : Complete Scan
Total Scan Time : 01:17:34
Memory items scanned : 510
Memory threats detected : 1
Registry items scanned : 6049
Registry threats detected : 17
File items scanned : 114368
File threats detected : 136
Trojan.Downloader-CREW
C:\WINDOWS\SYSTEM32\BNQQMBVK.DLL
C:\WINDOWS\SYSTEM32\BNQQMBVK.DLL
HKLM\Software\Classes\CLSID\{5D3DB85B-6747-4F19-9BAC-AD8D61D3CCD5}
HKCR\CLSID\{5D3DB85B-6747-4F19-9BAC-AD8D61D3CCD5}
HKCR\CLSID\{5D3DB85B-6747-4F19-9BAC-AD8D61D3CCD5}\InprocServer32
HKCR\CLSID\{5D3DB85B-6747-4F19-9BAC-AD8D61D3CCD5}\InprocServer32#ThreadingModel
HKLM\Software\Classes\CLSID\{85B984EE-AAB0-40E4-934C-2EB1C4FB2C57}
HKCR\CLSID\{85B984EE-AAB0-40E4-934C-2EB1C4FB2C57}
HKCR\CLSID\{85B984EE-AAB0-40E4-934C-2EB1C4FB2C57}\InprocServer32
HKCR\CLSID\{85B984EE-AAB0-40E4-934C-2EB1C4FB2C57}\InprocServer32#ThreadingModel
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{5D3DB85B-6747-4F19-9BAC-AD8D61D3CCD5}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{85B984EE-AAB0-40E4-934C-2EB1C4FB2C57}
C:\WINDOWS\SYSTEM32\BUTCTVAA.DLL
C:\WINDOWS\SYSTEM32\BXOMHJXO.DLL
C:\WINDOWS\SYSTEM32\FJRGBJTQ.DLL
C:\WINDOWS\SYSTEM32\KAQYDABG.DLL
C:\WINDOWS\SYSTEM32\KQSMXIGF.DLL
C:\WINDOWS\SYSTEM32\MDAGQWCE.DLL
C:\WINDOWS\SYSTEM32\SDQRSRHP.DLL
C:\WINDOWS\SYSTEM32\UJAMWNMA.DLL
Adware.Vundo Variant
HKLM\Software\Classes\CLSID\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}
HKCR\CLSID\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}
HKCR\CLSID\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}\InprocServer32
HKCR\CLSID\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}\InprocServer32#ThreadingModel
C:\WINDOWS\SYSTEM32\LJJKJJK.DLL
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks#{ A782E194-EA97-4F2A-99C1-8EB42A0B519E}
HKCR\CLSID\{A782E194-EA97-4F2A-99C1-8EB42A0B519E}
Adware.Tracking Cookie
C:\Documents and Settings\Savior\Cookies\savior@doubleclick[1].txt
C:\Documents and Settings\Savior\Cookies\savior@atdmt[2].txt
C:\Documents and Settings\Savior\Cookies\savior@lynxtrack[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.glispa[2].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.pointroll[1].txt
C:\Documents and Settings\Savior\Cookies\savior@cpvfeed[2].txt
C:\Documents and Settings\Savior\Cookies\savior@adopt.euroclick[2].txt
C:\Documents and Settings\Savior\Cookies\savior@2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@revsci[2].txt
C:\Documents and Settings\Savior\Cookies\savior@zedo[1].txt
C:\Documents and Settings\Savior\Cookies\savior@advertising[2].txt
C:\Documents and Settings\Savior\Cookies\savior@statse.webtrendslive[2].txt
C:\Documents and Settings\Savior\Cookies\savior@azoogleads[1].txt
C:\Documents and Settings\Savior\Cookies\savior@overture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@precisionclick[2].txt
C:\Documents and Settings\Savior\Cookies\savior@mediaplex[2].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.tripod.lycos[2].txt
C:\Documents and Settings\Savior\Cookies\savior@marketlive.122.2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfk4wgcjifp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@oceanencounter[1].txt
C:\Documents and Settings\Savior\Cookies\savior@adcache.bargaintraderonline[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjliohcpkbo.stats.esomniture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.as4x.tmcs.ticketmaster[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.revsci[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wgmiekazaho.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@doubleclick.hertz[1].txt
C:\Documents and Settings\Savior\Cookies\savior@reztrack[1].txt
C:\Documents and Settings\Savior\Cookies\savior@cnn.122.2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6whmiwoczifo.stats.esomniture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ad.zanox[1].txt
C:\Documents and Settings\Savior\Cookies\savior@roiservice[1].txt
C:\Documents and Settings\Savior\Cookies\savior@4.adbrite[2].txt
C:\Documents and Settings\Savior\Cookies\savior@log[1].txt
C:\Documents and Settings\Savior\Cookies\savior@adserving.autotrader[1].txt
C:\Documents and Settings\Savior\Cookies\savior@mymedia.myfoxdc[2].txt
C:\Documents and Settings\Savior\Cookies\savior@perf.overture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfmisicjcdp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@interclick[1].txt
C:\Documents and Settings\Savior\Cookies\savior@adserver.bonsaitalk[2].txt
C:\Documents and Settings\Savior\Cookies\savior@tradedoubler[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjmigkcjofp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@netgear.122.2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[9].txt
C:\Documents and Settings\Savior\Cookies\savior@www.ticketsnow[2].txt
C:\Documents and Settings\Savior\Cookies\savior@nordictrack[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ehg-maniatv.hitbox[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6whk4wgc5slo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@stats.drivecleaner[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[6].txt
C:\Documents and Settings\Savior\Cookies\savior@40715998[2].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.traderonline[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ticketsnow[1].txt
C:\Documents and Settings\Savior\Cookies\savior@clickforlessons[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjliomczefo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfl4gjcjggo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.nordictrack[2].txt
C:\Documents and Settings\Savior\Cookies\savior@warlog[2].txt
C:\Documents and Settings\Savior\Cookies\savior@dcswooebsl81mka3xdp0enj6q_1v2p[2].txt
C:\Documents and Settings\Savior\Cookies\savior@vmix.adbureau[1].txt
C:\Documents and Settings\Savior\Cookies\savior@atwola[1].txt
C:\Documents and Settings\Savior\Cookies\savior@indiads[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.snakebytewarez[2].txt
C:\Documents and Settings\Savior\Cookies\savior@count4.exitexchange[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjk4kidpmao.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfloemcpsap.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@temptats.sitetracker[1].txt
C:\Documents and Settings\Savior\Cookies\savior@store.primediamags[1].txt
C:\Documents and Settings\Savior\Cookies\savior@aff.primaryads[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjliogcpkho.stats.esomniture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@vhost.oddcast[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfligoazkdp.stats.esomniture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@tremor.adbureau[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.xctrk[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.clickforlessons[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[5].txt
C:\Documents and Settings\Savior\Cookies\savior@count2.exitexchange[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wamyqmcpgdp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@goclick[2].txt
C:\Documents and Settings\Savior\Cookies\savior@partner2profit[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ehg-vmixmediainc.hitbox[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.onlineemedia[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[10].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[4].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjmyukdpkdo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@microsoftwga.112.2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[11].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjkoqjdzwbp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@adlegend[2].txt
C:\Documents and Settings\Savior\Cookies\savior@media.adrevolver[2].txt
C:\Documents and Settings\Savior\Cookies\savior@bluestreak[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfkisldpogq.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@ads.addynamix[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjk4knajmdp.stats.esomniture[1].txt
C:\Documents and Settings\Savior\Cookies\savior@mediamgr.ugo[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ad.doubleclick[1].txt
C:\Documents and Settings\Savior\Cookies\savior@stats.privacyprotector[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.onlineemedia[2].txt
C:\Documents and Settings\Savior\Cookies\savior@toplist[1].txt
C:\Documents and Settings\Savior\Cookies\savior@count1.exitexchange[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[2].txt
C:\Documents and Settings\Savior\Cookies\savior@server.iad.liveperson[2].txt
C:\Documents and Settings\Savior\Cookies\savior@indextools[2].txt
C:\Documents and Settings\Savior\Cookies\savior@adserver.ociomedia[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6whloendjsbo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@ads2.drivelinemedia[2].txt
C:\Documents and Settings\Savior\Cookies\savior@hertz.122.2o7[1].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6whmyumdziap.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@sales.liveperson[2].txt
C:\Documents and Settings\Savior\Cookies\savior@server.iad.liveperson[1].txt
C:\Documents and Settings\Savior\Cookies\savior@keywordmax[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.clicksmart[1].txt
C:\Documents and Settings\Savior\Cookies\savior@ctxtad.tribalfusion[1].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[7].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wbk4andjchq.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wfloqpdjafo.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6whkiulcpslq.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@e-2dj6wjmiahcpekp.stats.esomniture[2].txt
C:\Documents and Settings\Savior\Cookies\savior@www.googleadservices[8].txt
C:\Documents and Settings\Savior\Cookies\savior@CAAPTWTZ.txt
C:\Documents and Settings\Savior\Cookies\savior@ehg-newegg.hitbox[2].txt
Adware.Need2Find
C:\PROGRAM FILES\MOZILLA FIREFOX\PLUGINS\NPND2FN.DLL
Trojan.Unknown Origin
C:\PROGRAM FILES\PLAYONLINE\SQUAREENIX\FINAL FANTASY XI\SIGNATURE.DAT
Trojan.Downloader-Gen/LIB
C:\VUNDOFIX BACKUPS\BMEOOHMB.DLL.BAD
C:\VUNDOFIX BACKUPS\OOWHXKAO.DLL.BAD
C:\VUNDOFIX BACKUPS\OWURNAAM.DLL.BAD
~~~~~~
Logfile of HijackThis v1.99.1
Scan saved at 4:46:19 PM, on 4/14/2007
Platform: Windows XP SP2 (WinNT 5.01.2600)
MSIE: Internet Explorer v7.00 (7.00.6000.16414)
Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\Ati2evxx.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
C:\WINDOWS\system32\CTsvcCDA.exe
C:\WINDOWS\eHome\ehRecvr.exe
C:\WINDOWS\eHome\ehSched.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
C:\WINDOWS\system32\HPZipm12.exe
C:\WINDOWS\system32\svchost.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
C:\WINDOWS\Explorer.EXE
C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
C:\WINDOWS\ehome\ehtray.exe
C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe
C:\WINDOWS\stsystra.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
C:\Program Files\Dell\Media Experience\DMXLauncher.exe
C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe
C:\WINDOWS\system32\dllhost.exe
C:\Program Files\Creative\VoiceCenter\AndreaVC.exe
C:\WINDOWS\eHome\ehmsas.exe
C:\PROGRA~1\TRENDM~1\INTERN~1\PccGuide.exe
C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
C:\WINDOWS\System32\DLA\DLACTRLW.EXE
C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe
C:\PROGRA~1\COMMON~1\PCSuite\Services\SERVIC~1.EXE
C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe
C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Electronic Arts\EA Link\Core.exe
C:\Program Files\DellSupport\DSAgnt.exe
C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\WINDOWS\system32\msiexec.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Program Files\Hijackthis\HijackThis.exe
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Window Title = Microsoft Internet Explorer presented by Comcast
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = :0
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: (no name) - {53707962-6F74-2D53-2644-206D7942484F} - C:\PROGRA~1\SPYBOT~1\SDHelper.dll
O2 - BHO: DriveLetterAccess - {5CA3D70E-1895-11CF-8E15-001234567890} - C:\WINDOWS\System32\DLA\DLASHX_W.DLL
O2 - BHO: (no name) - {67C55A8D-E808-4caa-9EA7-F77102DE0BB6} - C:\WINDOWS\system32\owurnaam.dll (file missing)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\program files\google\googletoolbar1.dll
O2 - BHO: (no name) - {D4F0B8B2-8FE8-4CFC-B19F-4A3280D463EF} - C:\WINDOWS\system32\ssqrp.dll (file missing)
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\program files\google\googletoolbar1.dll
O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Java\jre1.6.0_01\bin\jusched.exe"
O4 - HKLM\..\Run: [SigmatelSysTrayApp] stsystra.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [ATIPTA] "C:\Program Files\ATI Technologies\ATI Control Panel\atiptaxx.exe"
O4 - HKLM\..\Run: [DMXLauncher] C:\Program Files\Dell\Media Experience\DMXLauncher.exe
O4 - HKLM\..\Run: [CTSysVol] C:\Program Files\Creative\SBAudigy\Surround Mixer\CTSysVol.exe /r
O4 - HKLM\..\Run: [UpdReg] C:\WINDOWS\UpdReg.EXE
O4 - HKLM\..\Run: [VoiceCenter] "C:\Program Files\Creative\VoiceCenter\AndreaVC.exe" /tray
O4 - HKLM\..\Run: [ISUSPM Startup] "C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe" -startup
O4 - HKLM\..\Run: [ISUSScheduler] "C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe" -start
O4 - HKLM\..\Run: [pccguide.exe] "C:\Program Files\Trend Micro\Internet Security 12\pccguide.exe"
O4 - HKLM\..\Run: [DLA] C:\WINDOWS\System32\DLA\DLACTRLW.EXE
O4 - HKLM\..\Run: [DataLayer] C:\Program Files\Common Files\PCSuite\DataLayer\DataLayer.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\qttask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
O4 - HKLM\..\Run: [!AVG Anti-Spyware] "C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\avgas.exe" /minimized
O4 - HKCU\..\Run: [ModemOnHold] C:\Program Files\NetWaiting\netWaiting.exe
O4 - HKCU\..\Run: [SetDefaultMIDI] MIDIDef.exe
O4 - HKCU\..\Run: [Creative Detector] "C:\Program Files\Creative\MediaSource\Detector\CTDetect.exe" /R
O4 - HKCU\..\Run: [OE_OEM] "C:\Program Files\Trend Micro\Internet Security 12\TMAS_OE\TMAS_OEMon.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [MsnMsgr] "C:\Program Files\MSN Messenger\MsnMsgr.Exe" /background
O4 - HKCU\..\Run: [EA Core] "C:\Program Files\Electronic Arts\EA Link\Core.exe" -silent
O4 - HKCU\..\Run: [DellSupport] "C:\Program Files\DellSupport\DSAgnt.exe" /startup
O4 - HKCU\..\Run: [swg] C:\Program Files\Google\GoogleToolbarNotifier\1.2.1128.5462\GoogleToolbarNotifier.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: Adobe Reader Speed Launch.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
O4 - Global Startup: Adobe Reader Synchronizer.lnk = C:\Program Files\Adobe\Reader 8.0\Reader\AdobeCollabSync.exe
O4 - Global Startup: Digital Line Detect.lnk = ?
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O4 - Global Startup: HP Photosmart Premier Fast Start.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqthb08.exe
O8 - Extra context menu item: &Search -
http://kl.bar.need2find.com/KL/menusearch.html?p=KL
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra 'Tools' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\Program Files\Java\jre1.6.0_01\bin\ssv.dll
O9 - Extra button: (no name) - {CD67F990-D8E9-11d2-98FE-00C0F0318AFE} - (no file)
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe (file missing)
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (file missing)
O11 - Options group: [INTERNATIONAL] International*
O16 - DPF: RaptisoftGameLoader -
http://www.miniclip.com/haphazard/ra...gameloader.cab
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} (MSN Photo Upload Tool) -
http://gfx2.mail.live.com/mail/w1/re...s/MSNPUpld.cab
O16 - DPF: {87BE3784-6977-4E84-AA08-55A96B9CEAC5} (Bl_camera Control) -
http://74.132.232.122/bl_camera.cab
O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.dll
O20 - Winlogon Notify: ljjkjjk - ljjkjjk.dll (file missing)
O20 - Winlogon Notify: WgaLogon - C:\WINDOWS\SYSTEM32\WgaLogon.dll
O23 - Service: Adobe LM Service - Unknown owner - C:\Program Files\Common Files\Adobe Systems Shared\Service\Adobelmsvc.exe
O23 - Service: Ati HotKey Poller - ATI Technologies Inc. - C:\WINDOWS\system32\Ati2evxx.exe
O23 - Service: AVG Anti-Spyware Guard - Anti-Malware Development a.s. - C:\Program Files\Grisoft\AVG Anti-Spyware 7.5\guard.exe
O23 - Service: Creative Labs Licensing Service - Creative Labs - C:\Program Files\Common Files\Creative Labs Shared\Service\CreativeLicensing.exe
O23 - Service: Creative Service for CDROM Access - Creative Technology Ltd - C:\WINDOWS\system32\CTsvcCDA.exe
O23 - Service: DSBrokerService - Unknown owner - C:\Program Files\DellSupport\brkrsvc.exe
O23 - Service: Intel® Quick Resume Technology Drivers (ELService) - Intel Corporation - C:\Program Files\Intel\IntelDH\Intel(R) Quick Resume Technology\ELService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMon) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\iaantmon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: mental ray 3.5 Satellite (32-bit) (mi-raysat_3dsmax9_32) - Unknown owner - C:\Program Files\Autodesk\3ds Max 9\mentalray\satellite\raysat_3dsmax9_32server.exe (file missing)
O23 - Service: Intel NCS NetService (NetSvc) - Intel(R) Corporation - C:\Program Files\Intel\PROSetWired\NCS\Sync\NetSvc.exe
O23 - Service: Trend Micro Central Control Component (PcCtlCom) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\PcCtlCom.exe
O23 - Service: Pml Driver HPZ12 - HP - C:\WINDOWS\system32\HPZipm12.exe
O23 - Service: Trend Micro Real-time Service (Tmntsrv) - Trend Micro Incorporated. - C:\PROGRA~1\TRENDM~1\INTERN~1\Tmntsrv.exe
O23 - Service: Trend Micro Personal Firewall (TmPfw) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\TmPfw.exe
O23 - Service: Trend Micro Proxy Service (tmproxy) - Trend Micro Inc. - C:\PROGRA~1\TRENDM~1\INTERN~1\tmproxy.exe
Thanks again.
Login 
Search 
Facebook
Twitter
TechGuy.tv
TSG Mobile